asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: asmir:650c50889ea1f1de8dd426af492409defcb60d47
Branches Tags
asmir:master asmir:nftables_transition asmir:gitea_typst asmir:magento2
..
compare: asmir:master
Branches Tags
asmir:master asmir:nftables_transition asmir:gitea_typst asmir:magento2

74 Commits
650c50889e ... master

Author SHA1 Message Date
Asmir A
80b587e7fd nixy: enable etc overlay and nixos-init; set initial user pass 2025-12-02 16:38:31 +01:00
Asmir A
c28eac7e5e magpie: update config for 25.11 2025-12-01 17:44:05 +01:00
Asmir A
94ed73d865 nixy: temp disable nixos-init 2025-12-01 17:28:26 +01:00
Asmir A
5a8b310ac7 home/packages: update pkg names, temp disable jellyfin-media-player 2025-12-01 17:27:23 +01:00
Asmir A
5604d83743 packages: remove nix-xilinx, update package names 2025-12-01 17:26:32 +01:00
Asmir A
e27772c045 nixy/home: update git syntax, update pkg names 2025-12-01 17:24:56 +01:00
Asmir A
59d66d327d nixos: 25.05 -> 25.11 2025-12-01 17:24:06 +01:00
Asmir A
b829904e5d home/zsh: change source to pkgs.oh-my-zsh 2025-12-01 17:19:35 +01:00
Asmir A
2e89da4e3b home/zsh: update pure prompt 2025-12-01 16:47:04 +01:00
Asmir A
86642401b0 home/zsh: fix fast-syntax-higlighting path 2025-12-01 16:22:11 +01:00
Asmir A
9b91a96a73 home/zsh: use new options for zshopt 2025-12-01 16:05:58 +01:00
Asmir A
63597639c9 nixy: update syntax for 25.11, add userborn service 2025-12-01 14:13:13 +01:00
Asmir A
262afbacee meta: format 2025-10-25 19:22:04 +02:00
Asmir A
881080ffd2 nixy/home/mpv: add scripts uosc and autosubsync with keybinds 2025-10-25 19:21:50 +02:00
Asmir A
bc3c1f4a2c home/nixy: add adwaita cursor theme 2025-10-25 19:21:06 +02:00
Asmir A
ce7808f193 mediabox/home_packages: remove peerflix 2025-10-15 17:02:41 +02:00
Asmir A
426203082a blue/home_packages: remove peerflix 2025-10-15 17:02:14 +02:00
Asmir A
b1746a6756 nixy: enable zram swap, switch to linux latest, add user to plugdev group 2025-10-15 17:01:21 +02:00
Asmir A
5796eef05a nixy/home_packages: remove peerflix 2025-10-15 17:00:16 +02:00
Asmir A
a5cf31c5b4 flake: update 2025-09-03 20:40:00 +02:00
Asmir A
a9cf86654f nixy/batteryNotifier: change notification tresholds 2025-09-03 20:39:27 +02:00
Asmir A
8c14099721 magpie/nixos-mail-server: update config 2025-08-30 10:51:26 +02:00
Asmir A
95956ba48b nixy/tlp: est start/stop batt charge thresholds 2025-08-30 10:28:25 +02:00
Asmir A
82e45af049 nixy/kernel: set hardened kern ver and add unprivileged_userns_clone needed for chromium 2025-08-30 10:27:56 +02:00
Asmir A
9b58967454 nixy/hw: set amdgpu gtt size to 2048MB 2025-08-30 10:26:53 +02:00
Asmir A
55db262fe8 nixy/home_packages: add qucs-s, radeontop; remove zeal-qt6 2025-08-29 18:27:22 +02:00
Asmir A
bab0730413 magpie: add srv specific misc settings 2025-08-22 16:50:11 +02:00
Asmir A
dca8ae047b Merge branch 'modularize_home-manager' 2025-08-13 23:14:32 +02:00
Asmir A
f7f8f826a9 flake: update 2025-07-29 13:31:55 +02:00
Asmir A
577584dc92 switch to latest kernel, try to fix screen fragments with multimonitor 2025-07-29 13:30:49 +02:00
Asmir A
891208210d mediabox/packages: add freetube, stremio 2025-06-08 19:54:42 +02:00
Asmir A
f23a5f05d7 common/packages: add virt keyboards 2025-06-08 19:53:50 +02:00
Asmir A
e105f9f7c2 mediabox: allow root ssh login 2025-06-08 18:35:19 +02:00
Asmir A
2ea0ef0467 mediabox/home: remove unneeded packages 2025-06-08 17:57:44 +02:00
Asmir A
a1ca2cf06e all/home: fix package path 2025-06-08 17:54:15 +02:00
Asmir A
93c3211c4d mediabox: add nix trusted user 2025-06-08 17:53:33 +02:00
Asmir A
64ba2b7193 all/home: separate home-manager config per host 2025-06-08 17:42:54 +02:00
Asmir A
55ab5a06eb flake: update 2025-06-08 17:37:58 +02:00
Asmir A
b453f835a2 Merge branch 'plasma_bigscreen' 2025-06-08 17:37:33 +02:00
Asmir A
59680e948c Revert "enable plasma" 
This reverts commit 8ef4d1145f.
 2025-06-08 17:36:42 +02:00
Asmir A
f7f87e1951 mediabox: update, switch to plasma_bigscreen 2025-06-08 17:36:24 +02:00
Asmir A
7e3dbe0a70 nixy/systemd: fix vconsole setup service 2025-06-08 14:37:18 +02:00
Asmir A
8ef4d1145f enable plasma 2025-06-06 20:25:31 +02:00
Asmir A
6e32ea5dee nixos: 24.11 -> 25.05 2025-05-25 20:52:16 +02:00
Asmir A
e6e1ed7618 nixos: 24.11 -> 25.05 2025-05-25 20:51:54 +02:00
Asmir A
9b73aabd3c nixy: enable switchNg; disable nix-ld 2025-05-25 20:50:57 +02:00
Asmir A
3380128587 magpie/wireguard: remove hooks with bad nft syntax 2025-05-25 20:50:30 +02:00
Asmir A
a64d8bfdc9 home/zsh: update for new 25.05 syntax 2025-05-25 20:49:47 +02:00
Asmir A
b86aa2cd0c home/sway: switch to viber from nixpkgs 2025-05-25 20:49:20 +02:00
Asmir A
266a5ef3f2 home/packages: rename for 25.05; remove custom viber package 2025-05-25 20:48:30 +02:00
Asmir A
250eb6f2e2 home/qutebrowser: temporary disable firejail 2025-05-25 20:47:55 +02:00
Asmir A
bc722d1df4 home/mpv: remove yt-dlp args 2025-05-25 20:47:19 +02:00
Asmir A
431d1659a4 home/swaylock: update locker script 2025-05-24 11:02:50 +02:00
Asmir A
a50ae21c82 home/kanshi: fix monitor positions -- needed for wine bug 2025-05-11 18:33:49 +02:00
Asmir A
e0af8b8607 magpie/firewall: fix nftables flag 2025-05-08 12:03:39 +02:00
Asmir A
a9a8fd5554 home/packages: add script to update nixos with low cpu and disk prio 2025-03-31 11:32:55 +02:00
Asmir A
101f58720c home/i3status-rust: add kbd cycle script on click 2025-03-26 17:02:54 +01:00
Asmir A
79289167b1 home/i3status-rs: update refresh script for swayidle 2025-03-24 10:30:36 +01:00
Asmir A
95da63a217 home/swayidle: send SIGUSR2 instead SIGUSR1 to i3status-rs on wakeup 2025-03-19 21:53:55 +01:00
Asmir A
460f49e4b3 home/i3status-rs: add net interface block 2025-03-19 14:50:44 +01:00
Asmir A
65911327f3 home/i3status-rs: add if_command to net blocks to chech for iface presence 2025-03-19 12:48:26 +01:00
Asmir A
edec22570d home_packages: add ark 2025-03-19 12:47:55 +01:00
Asmir A
62e54fdadf flake: update 2025-03-10 14:59:29 +01:00
Asmir A
f5a1f5d396 nixy: add pw keybindings, disable waydroid 2025-03-10 14:32:12 +01:00
Asmir A
a624cbcfd1 magpie/networking: iptables -> nftables 2025-02-10 15:15:44 +01:00
Asmir A
f7246dc661 home/kanshi: add display positions for docked profile 2025-02-05 11:56:19 +01:00
Asmir A
5fc1e89975 home/swayidle: update lock script 2025-02-05 11:55:41 +01:00
Asmir A
071ee11601 flake: update 2025-02-04 16:02:37 +01:00
Asmir A
e4b6972c36 home/zsh: add full /nix/store path to aliases and shell script executables 2025-02-04 15:19:12 +01:00
Asmir A
cc95668f6d home/zsh: export pwd using osc7 2025-02-04 14:31:09 +01:00
Asmir A
9f1d4c2bfe home: add wayland-pipewire-idle-inhibit service 2025-02-04 12:53:49 +01:00
Asmir A
466ab42ee8 common/packages: add aria2 2025-01-26 14:10:24 +01:00
Asmir A
fd7b458be1 flake: update 2025-01-25 14:44:02 +01:00
Asmir A
ac5ab2d85d Revert "nixy: switch to default nixos kernel" 
This reverts commit 350bcfed05.
 2025-01-25 14:43:37 +01:00
17 changed files with 1455 additions and 521 deletions
Expand all files Collapse all files

24
common/packages.nix
View File

@@ -1,21 +1,24 @@
{
pkgs,
nix-xilinx,
system,
...
{ pkgs
, system
, ...
}:
{
environment.systemPackages =
with pkgs;
[
onboard
maliit-keyboard
maliit-framework
wvkbd
acpi
aria2
binutils
binwalk
bluez
bluez-tools
btop
busybox
curlHTTP3
curl
dfu-util
dhcpcd
direnv
@@ -93,12 +96,5 @@
xfsprogs
zip
z-lua
]
++ (with nix-xilinx.packages.${system}; [
vivado
vitis
vitis_hls
model_composer
xilinx-shell
]);
];
}

173
flake.lock generated
View File

@@ -35,11 +35,11 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
@@ -48,37 +48,51 @@
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"git-hooks": {
"inputs": {
"systems": "systems"
"flake-compat": [
"simple-nixos-mailserver",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"simple-nixos-mailserver",
"nixpkgs"
]
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"lastModified": 1763988335,
"narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"simple-nixos-mailserver",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
@@ -89,16 +103,16 @@
]
},
"locked": {
"lastModified": 1736373539,
"narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",
"lastModified": 1764536451,
"narHash": "sha256-BgtcUkBfItu9/yU14IgUaj4rYOanTOUZjUfBP20/ZB4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "bd65bc3cde04c16755955630b344bc9e35272c56",
"rev": "3fdd076e08049a9c7a83149b270440d9787d2df5",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
@@ -126,35 +140,20 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1736200483,
"narHash": "sha256-JO+lFN2HsCwSLMUWXHeOad6QUxOuwe9UOAF/iSl1J4I=",
"lastModified": 1764522689,
"narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3f0a8ac25fb674611b98089ca3a5dd6480175751",
"rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-24_11": {
"locked": {
"lastModified": 1734083684,
"narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.11",
"type": "indirect"
}
},
"nvim": {
"inputs": {
"nixpkgs": [
@@ -162,11 +161,11 @@
]
},
"locked": {
"lastModified": 1736528609,
"narHash": "sha256-p0tYmTVnnFghamXEXD4w/lldCi604zIWDV4Ol9ubQ5g=",
"lastModified": 1764594740,
"narHash": "sha256-YLyM7w1j7BcOK9F+L7x7iY9wfOzPfcIBWW9LeU9Wzoo=",
"ref": "refs/heads/master",
"rev": "8245a48cc75cc74dea1b3ca89cb58f24f8e14f85",
"revCount": 42,
"rev": "878c87430f5e3c109f183a1822988b1c32413131",
"revCount": 51,
"type": "git",
"url": "https://git.project-cloud.net/asmir/nvim_flake"
},
@@ -175,28 +174,6 @@
"url": "https://git.project-cloud.net/asmir/nvim_flake"
}
},
"peerix": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1684706914,
"narHash": "sha256-pBlTtsC28e/5MUTe4NWeNNOc/4Kf6EzGQGppQEQ/ioo=",
"owner": "asmir.abdulahovic",
"repo": "peerix",
"rev": "8fdbbd0039240e05b4f93bbd5b454d5643e8a8d1",
"type": "gitlab"
},
"original": {
"owner": "asmir.abdulahovic",
"repo": "peerix",
"type": "gitlab"
}
},
"project-cloud": {
"inputs": {
"nixpkgs": [
@@ -225,7 +202,6 @@
"nix-xilinx": "nix-xilinx",
"nixpkgs": "nixpkgs",
"nvim": "nvim",
"peerix": "peerix",
"project-cloud": "project-cloud",
"simple-nixos-mailserver": "simple-nixos-mailserver",
"sops-nix": "sops-nix",
@@ -236,18 +212,18 @@
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_2",
"git-hooks": "git-hooks",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-24_11": "nixpkgs-24_11"
]
},
"locked": {
"lastModified": 1735230346,
"narHash": "sha256-zgR8NTiNDPVNrfaiOlB9yHSmCqFDo7Ks2IavaJ2dZo4=",
"lastModified": 1764381008,
"narHash": "sha256-s+/BuhPPSJHpPRcylqfW+3UFyYsHjAhKdtPSxusYn0U=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "dc0569066e79ae96184541da6fa28f35a33fbf7b",
"rev": "76bd7a85e78a9b8295782a9cf719ec3489d8eb55",
"type": "gitlab"
},
"original": {
@@ -263,11 +239,11 @@
]
},
"locked": {
"lastModified": 1736515725,
"narHash": "sha256-4P99yL8vGehwzytkpP87eklBePt6aqeEC5JFsIzhfUs=",
"lastModified": 1764483358,
"narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "f214c1b76c347a4e9c8fb68c73d4293a6820d125",
"rev": "5aca6ff67264321d47856a2ed183729271107c9c",
"type": "github"
},
"original": {
@@ -296,21 +272,6 @@
"url": "https://git.project-cloud.net/asmir/swaysw"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"theme_anemone": {
"flake": false,
"locked": {
@@ -350,11 +311,11 @@
]
},
"locked": {
"lastModified": 1721120316,
"narHash": "sha256-CaAMnU6LKqJrsZmR9k0/2brpULnAekpgG5S0BjtFhaQ=",
"lastModified": 1764579633,
"narHash": "sha256-gOD5RMHOB9Fw4T3nk2a95YdU0J24QU3uWUiZVIQza64=",
"ref": "refs/heads/master",
"rev": "8a7923bd4e5d36b186408d5432568a91ac67b695",
"revCount": 21,
"rev": "b0707744e2b4a077e759145cdbfa8d8d1017e732",
"revCount": 25,
"type": "git",
"url": "https://git.project-cloud.net/asmir/zremap"
},

64
flake.nix
View File

@@ -2,18 +2,13 @@
description = "NixOS configuration";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nix-xilinx = {
url = "gitlab:asmir.abdulahovic/nix-xilinx";
inputs.nixpkgs.follows = "nixpkgs";
};
peerix = {
url = "gitlab:asmir.abdulahovic/peerix";
inputs.nixpkgs.follows = "nixpkgs";
};
zremap = {
url = "git+https://git.project-cloud.net/asmir/zremap";
inputs.nixpkgs.follows = "nixpkgs";
@@ -35,7 +30,7 @@
};
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -51,24 +46,22 @@
};
outputs =
inputs@{
home-manager,
nixpkgs,
nix-xilinx,
nvim,
peerix,
project-cloud,
simple-nixos-mailserver,
sops-nix,
swaysw,
zremap,
...
inputs@{ home-manager
, nixpkgs
, nix-xilinx
, nvim
, project-cloud
, simple-nixos-mailserver
, sops-nix
, swaysw
, zremap
, ...
}:
let
pkgs = nixpkgs.legacyPackages.x86_64-linux.pkgs;
in
{
nixosConfigurations = rec {
nixosConfigurations = {
nixy = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [
@@ -84,22 +77,10 @@
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.akill = import ./home/home.nix;
home-manager.users.akill = import ./home/nixy/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; };
home-manager.backupFileExtension = "home_backup";
}
peerix.nixosModules.peerix
{
services.peerix = {
enable = true;
globalCacheTTL = 10;
package = peerix.packages.x86_64-linux.peerix;
openFirewall = true; # UDP/12304
privateKeyFile = nixy.config.sops.secrets."peerix/private".path;
publicKeyFile = ./nixy/peerix-public;
publicKey = "peerix-mediabox:UDgG3xdQYv7bmx2l4ZPNRPJtp2zMmY++H/fnGeJ9BQw=";
};
}
];
};
@@ -119,21 +100,9 @@
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.akill = import ./home/home.nix;
home-manager.users.akill = import ./home/mediabox/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; };
}
peerix.nixosModules.peerix
{
services.peerix = {
enable = true;
globalCacheTTL = 10;
package = peerix.packages.x86_64-linux.peerix;
openFirewall = true; # UDP/12304
privateKeyFile = mediabox.config.sops.secrets."peerix/private".path;
publicKeyFile = ./mediabox/peerix-public;
publicKey = "peerix-nixy:8THqS0R2zWF/47ai0RFmqJnieYTZ1jaWOD9tnzpvA6s=";
};
}
];
};
@@ -150,11 +119,12 @@
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.akill = import ./home/home.nix;
home-manager.users.akill = import ./home/blue/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; };
}
];
};
magpie = nixpkgs.lib.nixosSystem rec {
system = "aarch64-linux";
modules = [

66
home/home.nix → home/blue/home.nix
View File

@@ -10,12 +10,12 @@ let
in
{
imports = [
./zsh.nix
./i3status-rust.nix
./sway.nix
./i3.nix
../common/zsh.nix
../common/i3status-rust.nix
../common/sway.nix
../common/i3.nix
./home_packages.nix
./whatsapp-for-linux.nix
../common/whatsapp-for-linux.nix
];
home.stateVersion = "22.11";
@@ -86,7 +86,9 @@ in
hwdec = "auto";
vo = "gpu-next";
ao = "pipewire";
script-opts-set = "ytdl_hook-ytdl_path=yt-dlp,sponsorblock-local_database=no,sponsorblock-skip_categories=[sponsor,intro,selfpromo]";
osd-bar = "no";
border = "no";
script-opts-set = "";
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
};
@@ -160,7 +162,6 @@ in
qutebrowser = {
enable = true;
package = qutebrowser_firejail;
keyBindings = {
normal = {
"j" = "scroll-px 0 25";
@@ -251,12 +252,26 @@ in
swayidle =
let
locker = pkgs.writeShellScriptBin "swaylock_fancy" ''
TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg)
${lib.getExe pkgs.grim} -t ppm - | ${pkgs.imagemagick}/bin/convert - -blur 0x12 "$TMP_FILE"
${lib.getExe pkgs.swaylock} -f -i "$TMP_FILE"
${pkgs.coreutils}/bin/rm "$TMP_FILE"
ALL_IMGS=""
LOCK_ARGS=""
for OUTPUT in $(${pkgs.sway}/bin/swaymsg -t get_outputs | ${lib.getExe pkgs.jq} -r '.[].name')
do
TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg)
${lib.getExe pkgs.grim} -t ppm -o $OUTPUT - | \
${lib.getExe pkgs.ffmpeg} -y -loglevel 0 -i - -vframes 1 -vf "boxblur=10" "$TMP_FILE"
LOCK_ARGS="$LOCK_ARGS --image $OUTPUT:$TMP_FILE"
ALL_IMGS="$ALL_IMGS $TMP_FILE"
done
${lib.getExe pkgs.swaylock} -f $LOCK_ARGS
${pkgs.coreutils}/bin/shred $ALL_IMGS
${pkgs.coreutils}/bin/rm $ALL_IMGS
'';
in
/*
refresh_i3status = pkgs.writeShellScriptBin "refresh_i3status" ''
${pkgs.coreutils}/bin/sleep 1 && ${pkgs.procps}/bin/pkill -USR1 i3status-rs
'';
*/
{
enable = true;
events = [
@@ -268,10 +283,12 @@ in
event = "lock";
command = "${locker}/bin/swaylock_fancy";
}
{
event = "after-resume";
command = "${pkgs.procps}/bin/pkill -USR1 i3status-rs";
}
/*
{
event = "after-resume";
command = "${refresh_i3status}/bin/refresh_i3status";
}
*/
];
timeouts = [
{
@@ -298,14 +315,17 @@ in
profile.outputs = [
{
criteria = "eDP-1";
position = "0,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026536";
mode = "1920x1080@74.973Hz";
position = "1920,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026535";
mode = "1920x1080@74.973Hz";
position = "3840,0";
}
];
}
@@ -315,19 +335,17 @@ in
systemd.user = {
services = {
/*
himalaya = {
Unit.Description = "Himalaya new messages notifier";
wayland-pipewire-idle-inhibit = {
Unit.Description = "inhibit sleep while audio output is active";
Service = {
ExecStart = "himalaya notify";
Restart = "always";
RestartSec = 10;
ExecStart = "${lib.getExe pkgs.wayland-pipewire-idle-inhibit}";
Restart = "always";
RestartSec = 10;
};
Install = {
WantedBy = [ "multi-user.target" ];
WantedBy = [ "graphical-session.target" ];
};
};
*/
};
};
};
}

21
home/home_packages.nix → home/blue/home_packages.nix
View File

@@ -15,6 +15,11 @@ let
chromium_stackfield = pkgs.writeShellScriptBin "chromium_stackfield" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/
'';
nixy_switch = pkgs.writeShellScriptBin "nixy_switch" ''
${pkgs.util-linux}/bin/ionice -c 3 -- \
${pkgs.coreutils}/bin/nice -n 20 -- \
${lib.getExe pkgs.nixos-rebuild} --flake ./#nixy switch
'';
qcad = pkgs.writeShellScriptBin "qcad" ''
QT_QPA_PLATFORM=xcb ${lib.getExe pkgs.qcad} $@
'';
@@ -28,7 +33,7 @@ let
'';
wrap_sh =
let
bubblewrap = pkgs.callPackage ../packages/bubblewrap/default.nix { };
bubblewrap = pkgs.callPackage ../../packages/bubblewrap/default.nix { };
in
pkgs.writeShellScriptBin "wrap.sh" ''
if ${pkgs.coreutils-full}/bin/test $# -ne 1; then
@@ -58,9 +63,10 @@ in
cached-nix-shell
caddy
cargo
ungoogled-chromium
cmake
compsize
kdePackages.ark
ungoogled-chromium
# cura
deluge
dfu-util
@@ -86,7 +92,7 @@ in
imv
inkscape
jellyfin-media-player
kdenlive
kdePackages.kdenlive
kicad
kodi-wayland
krita
@@ -104,7 +110,6 @@ in
nix-init
nixpkgs-fmt
nix-prefetch-git
nodePackages.peerflix
nom
openems
openocd
@@ -130,7 +135,6 @@ in
screen
seer
sioyek
skypeforlinux
slurp
steam-run
stm32cubemx
@@ -143,6 +147,7 @@ in
thunderbird
typst
upx
viber
waybar
wdisplays
weechat
@@ -165,13 +170,13 @@ in
chromium_discord
chromium_stackfield
chromium_teams
nixy_switch
qcad
ssh_proxy
wrap_sh
qcad
]
++ [
inputs.swaysw.packages.${system}.swaysw
(pkgs.callPackage ../packages/viber/default.nix { })
(pkgs.callPackage ../packages/bubblewrap/default.nix { })
(pkgs.callPackage ../../packages/bubblewrap/default.nix { })
];
}

0
home/i3.nix → home/common/i3.nix
View File

32
home/i3status-rust.nix → home/common/i3status-rust.nix
View File

@@ -1,4 +1,14 @@
{ ... }:
{ pkgs, ... }:
let
kbd_switch = pkgs.writeShellScriptBin "kbd_switch" ''
declare -A -r KBD_CYCLE_MAP=(
["English (US)"]="de"
["German"]="ba"
)
LAYOUT="$(${pkgs.sway}/bin/swaymsg -t get_inputs -r | ${pkgs.jq}/bin/jq -r 'map(select(.type == "keyboard")).[0].xkb_layout_names.[]')"
swaymsg input "*" xkb_layout ''${KBD_CYCLE_MAP["$LAYOUT"]:-"us"}
'';
in
{
programs.i3status-rust = {
bars.top = {
@@ -12,6 +22,16 @@
};
blocks = [
{
block = "keyboard_layout";
driver = "sway";
click = [
{
cmd = "${kbd_switch}/bin/kbd_switch";
button = "left";
}
];
}
{
block = "battery";
interval = 10;
@@ -36,20 +56,30 @@
{
block = "net";
device = "wlan0";
if_command = "ip link show wlan0";
interval = 2;
}
{
block = "net";
device = "enp5s0";
if_command = "ip link show enp5s0";
interval = 2;
}
{
block = "net";
device = "enp7s0f3u1u1";
if_command = "ip link show enp7s0f3u1u1";
interval = 2;
}
{
block = "net";
device = "enp7s0f4u1u1";
if_command = "ip link show enp7s0f4u1u1";
interval = 2;
}
{
block = "net";
if_command = "ip link show eno1";
device = "eno1";
interval = 2;
}

3
home/sway.nix → home/common/sway.nix
View File

@@ -17,7 +17,6 @@ let
${lib.getExe pkgs.grim} -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy
'';
swaysw = inputs.swaysw.packages.${system}.swaysw;
viber = pkgs.callPackage ../packages/viber/default.nix { };
term = "${pkgs.foot}/bin/footclient";
in
{
@@ -146,7 +145,7 @@ in
"Mod4+j" =
"exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}";
"Mod4+h" =
"exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${viber}/bin/viber";
"exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${pkgs.viber}/bin/viber";
"Mod4+y" =
''exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}'';
"Mod4+p" = "exec ${lib.getExe pkgs.tessen} -a copy";

0
home/whatsapp-for-linux.nix → home/common/whatsapp-for-linux.nix
View File

62
home/zsh.nix → home/common/zsh.nix
View File

@@ -1,5 +1,10 @@
{ pkgs, ... }:
{ pkgs, lib, ... }:
{
home.sessionVariables = {
/*ZDOTDIR = "\"$HOME/\".config/zsh";*/
/*HISTFILE = "\"$XDG_STATE_HOME\"/zsh/history";*/
};
programs.z-lua = {
enableAliases = true;
enableZshIntegration = true;
@@ -9,15 +14,25 @@
autocd = true;
enableCompletion = false;
defaultKeymap = "viins";
/* dotDir = "\"$XDG_CONFIG_HOME\"/zsh"; */
setOptions = [
"c_bases"
"completealiases"
"completeinword"
"nobeep"
"nopromptcr"
"notify"
];
shellAliases = {
cfind = "cscope -C -R -L1";
cfind = "${pkgs.cscope}/bin/cscope -C -R -L1";
chmod = "chmod -v";
chown = "chown -v";
cp = "cp -v";
rm = "rm -v";
ip = "ip --color=auto";
f = "''$(pay-respects zsh)";
f = "''$(${lib.getExe pkgs.pay-respects} zsh)";
};
history = {
@@ -43,8 +58,8 @@
src = pkgs.fetchFromGitHub {
owner = "sindresorhus";
repo = "pure";
rev = "92b8e9057988566b37ff695e70e2e9bbeb7196c8";
hash = "sha256-TbOrnhLHgOvcfsgmL0l3bWY33yLIhG1KSi4ITIPq1+A=";
rev = "54bd501c802283dee0940457da6eb3e642bd1453";
hash = "sha256-AZSxP2g6BWoxyiSQH7yzbbbfGcwD8jgnXPPfcYwJUL0=";
};
file = "pure.plugin.zsh";
}
@@ -55,48 +70,45 @@
}
{
name = "zsh-sudo";
src = pkgs.fetchFromGitHub {
owner = "hcgraf";
repo = "zsh-sudo";
rev = "d8084def6bb1bde2482e7aa636743f40c69d9b32";
sha256 = "1dpm51w3wjxil8sxqw4qxim5kmf6afmkwz1yfhldpdlqm7rfwpi3";
};
file = "sudo.plugin.zsh";
src = pkgs.oh-my-zsh;
file = "share/oh-my-zsh/plugins/sudo/sudo.plugin.zsh";
}
{
name = "zsh-fast-syntax-highlighting";
src = pkgs.zsh-fast-syntax-highlighting;
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
file = "share/zsh/plugins/fast-syntax-highlighting/fast-syntax-highlighting.plugin.zsh";
}
];
envExtra = '''';
initExtra = ''
initContent = ''
# binds
bindkey '^K' fzf-file-widget
# options
setopt nobeep
setopt nopromptcr
setopt c_bases
setopt completeinword
setopt completealiases
setopt notify
#
RPS1=""
#
function chpwd() {
ls;
}
function osc7-pwd() {
emulate -L zsh # also sets localoptions for us
setopt extendedglob
local LC_ALL=C
printf '\e]7;file://%s%s\e\' $HOST ''${PWD//(#m)([^@-Za-z&-;_~])/%''${(l:2::0:)''$(([##16]#MATCH))}}
}
function chpwd-osc7-pwd() {
(( ZSH_SUBSHELL )) || osc7-pwd
}
add-zsh-hook -Uz chpwd chpwd-osc7-pwd
eval "$(direnv hook zsh)"
zstyle ':completion:*' matcher-list 'm:{a-z}={A-Za-z}'
if [[ -n "$PS1" ]] && [[ -z "$TMUX" ]] && [[ -n "$SSH_CONNECTION" ]]; then
TMUX_EXE="${pkgs.tmux}/bin/tmux"
TMUX_EXE="${lib.getExe pkgs.tmux}"
systemd-run --scope --user $TMUX_EXE attach-session -t $USER || systemd-run --scope --user $TMUX_EXE new-session -s $USER
fi

348
home/mediabox/home.nix Normal file
View File

@@ -0,0 +1,348 @@
{
lib,
pkgs,
...
}:
let
qutebrowser_firejail = pkgs.writeShellScriptBin "qutebrowser" ''
firejail -- ${lib.getExe pkgs.qutebrowser} "$@"
'';
in
{
imports = [
../common/zsh.nix
./home_packages.nix
../common/whatsapp-for-linux.nix
];
home.stateVersion = "22.11";
home.username = "akill";
home.homeDirectory = "/home/akill";
xdg.enable = true;
xdg.mimeApps = {
enable = true;
defaultApplications = {
"application/pdf" = "sioyek.desktop";
"default-web-browser" = "org.qutebrowser.qutebrowser.desktop";
"text/html" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop";
};
};
fonts.fontconfig.enable = true;
home.sessionVariables = rec {
BROWSER = lib.getExe qutebrowser_firejail;
DEFAULT_BROWSER = "${BROWSER}";
EDITOR = "nvim";
_JAVA_AWT_WM_NONREPARENTING = "1";
MOZ_ENABLE_WAYLAND = "1";
NIXOS_OZONE_WL = "1";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
SUDO_EDITOR = "nvim";
WLR_RENDERER = "vulkan";
};
wayland.windowManager.sway = {
enable = false;
};
programs = {
home-manager.enable = true;
librewolf = {
enable = true;
package = pkgs.librewolf-wayland;
settings = {
"webgl.disable" = true;
"middlemouse.paste" = false;
};
};
tmux = {
enable = true;
clock24 = true;
keyMode = "vi";
terminal = "screen-256color";
plugins = with pkgs.tmuxPlugins; [
sysstat
net-speed
gruvbox
];
};
mpv = {
enable = true;
config = {
slang = "eng,en";
alang = "eng,en";
hwdec = "auto";
vo = "gpu-next";
ao = "pipewire";
osd-bar = "no";
border = "no";
script-opts-set = "";
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
};
bindings = {
WHEEL_UP = "ignore";
WHEEL_DOWN = "ignore";
WHEEL_LEFT = "ignore";
WHEEL_RIGHT = "ignore";
};
};
alacritty = {
enable = true;
settings = {
font = {
normal.family = "JetBrainsMono";
italic.family = "JetBrainsMono";
bold.family = "JetBrainsMono";
bold_italic.family = "JetBrainsMono";
size = 14.0;
};
selection = {
text = "0xcfcfc2";
background = "0x232629";
normal = {
black = "0x1c1b19";
red = "0xef2f27";
green = "0x519f50";
yellow = "0xfbb829";
blue = "0x2c78bf";
magenta = "0xe02c6d";
cyan = "0x0aaeb3";
white = "0x918175";
};
bright = {
black = "0x2D2C29";
red = "0xf75341";
green = "0x98bc37";
yellow = "0xfed06e";
blue = "0x68A8E4";
magenta = "0xff5c8f";
cyan = "0x53fde9";
white = "0xfce8c3";
};
};
};
};
rofi = {
enable = true;
theme = "gruvbox-dark";
};
foot = {
enable = true;
server.enable = true;
settings = {
main = {
font = "JetBrainsMono:size=10";
dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
qutebrowser = {
enable = true;
keyBindings = {
normal = {
"j" = "scroll-px 0 25";
"k" = "scroll-px 0 -25";
"u" = "undo --window";
";v" = "hint links spawn mpv {hint-url}";
};
};
settings = {
content.notifications.enabled = false;
content.pdfjs = true;
content.webgl = false;
fonts.completion.category = "14pt monospace";
fonts.completion.entry = "14pt monospace";
fonts.contextmenu = "14pt monospace";
fonts.debug_console = "14pt monospace";
fonts.downloads = "14pt monospace";
fonts.hints = "14pt monospace";
fonts.keyhint = "14pt monospace";
fonts.messages.info = "14pt monospace";
fonts.prompts = "14pt monospace";
fonts.statusbar = "14pt monospace";
hints.chars = "1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik9ol0p";
tabs.last_close = "close";
tabs.position = "left";
tabs.show = "multiple";
tabs.tabs_are_windows = true;
tabs.width = "12%";
zoom.default = "125%";
};
};
git = {
enable = true;
userName = "Asmir A";
userEmail = "asmir.abdulahovic@gmail.com";
extraConfig = {
init.defaultBranch = "master";
pull = {
rebase = true;
};
credential = {
helper = "store";
};
};
signing.key = "020C42B7A9ABA3E2";
signing.signByDefault = true;
};
obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
obs-vkcapture
input-overlay
obs-multi-rtmp
obs-pipewire-audio-capture
wlrobs
obs-vaapi
];
};
i3status-rust.enable = false;
z-lua.enable = true;
zsh.enable = true;
};
services = {
lorri.enable = false;
mako.enable = true;
cliphist.enable = true;
gammastep = {
enable = true;
latitude = "44.53";
longitude = "18.67";
temperature.day = 5500;
temperature.night = 2900;
};
gnome-keyring.enable = true;
gpg-agent = {
enable = true;
defaultCacheTtl = 1800;
enableSshSupport = true;
};
swayidle =
let
locker = pkgs.writeShellScriptBin "swaylock_fancy" ''
ALL_IMGS=""
LOCK_ARGS=""
for OUTPUT in $(${pkgs.sway}/bin/swaymsg -t get_outputs | ${lib.getExe pkgs.jq} -r '.[].name')
do
TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg)
${lib.getExe pkgs.grim} -t ppm -o $OUTPUT - | \
${lib.getExe pkgs.ffmpeg} -y -loglevel 0 -i - -vframes 1 -vf "boxblur=10" "$TMP_FILE"
LOCK_ARGS="$LOCK_ARGS --image $OUTPUT:$TMP_FILE"
ALL_IMGS="$ALL_IMGS $TMP_FILE"
done
${lib.getExe pkgs.swaylock} -f $LOCK_ARGS
${pkgs.coreutils}/bin/shred $ALL_IMGS
${pkgs.coreutils}/bin/rm $ALL_IMGS
'';
in
/*
refresh_i3status = pkgs.writeShellScriptBin "refresh_i3status" ''
${pkgs.coreutils}/bin/sleep 1 && ${pkgs.procps}/bin/pkill -USR1 i3status-rs
'';
*/
{
enable = false;
events = [
{
event = "before-sleep";
command = "${locker}/bin/swaylock_fancy";
}
{
event = "lock";
command = "${locker}/bin/swaylock_fancy";
}
/*
{
event = "after-resume";
command = "${refresh_i3status}/bin/refresh_i3status";
}
*/
];
timeouts = [
{
timeout = 15 * 60;
command = "${locker}/bin/swaylock_fancy";
}
];
};
kanshi = {
enable = false;
settings = [
{
profile.name = "undocked";
profile.outputs = [
{
criteria = "eDP-1";
}
];
}
{
profile.name = "docked";
profile.outputs = [
{
criteria = "eDP-1";
position = "0,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026536";
mode = "1920x1080@74.973Hz";
position = "1920,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026535";
mode = "1920x1080@74.973Hz";
position = "3840,0";
}
];
}
];
};
};
systemd.user = {
services = {
wayland-pipewire-idle-inhibit = {
Unit.Description = "inhibit sleep while audio output is active";
Service = {
ExecStart = "${lib.getExe pkgs.wayland-pipewire-idle-inhibit}";
Restart = "always";
RestartSec = 10;
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
};
};
};
}

58
home/mediabox/home_packages.nix Normal file
View File

@@ -0,0 +1,58 @@
{ lib
, pkgs
, ...
}:
let
chromium_discord = pkgs.writeShellScriptBin "chromium_discord" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://discordapp.com/channels/@me
'';
in
{
home.packages =
with pkgs;
[
cached-nix-shell
deluge
dualsensectl
ffmpeg-full
firefox
freetube
imv
inkscape
jellyfin-media-player
kodi-wayland
libnotify
libreoffice-qt6-fresh
libva-utils
nixpkgs-fmt
nix-prefetch-git
pandoc
paraview
pass-wayland
pavucontrol
pay-respects
pirate-get
poppler_utils
pulsemixer
pwvucontrol
python3
remmina
rtorrent
sioyek
steam-run
stremio
swayimg
tessen
ungoogled-chromium
wdisplays
wine
wl-clipboard
wlr-randr
wofi
yt-dlp
zathura
]
++ [
chromium_discord
];
}

363
home/nixy/home.nix Normal file
View File

@@ -0,0 +1,363 @@
{ lib
, pkgs
, ...
}:
let
qutebrowser_firejail = pkgs.writeShellScriptBin "qutebrowser" ''
firejail -- ${lib.getExe pkgs.qutebrowser} "$@"
'';
in
{
imports = [
../common/zsh.nix
../common/i3status-rust.nix
../common/sway.nix
../common/i3.nix
./home_packages.nix
../common/whatsapp-for-linux.nix
];
home.stateVersion = "22.11";
home.username = "akill";
home.homeDirectory = "/home/akill";
xdg.enable = true;
xdg.mimeApps = {
enable = true;
defaultApplications = {
"application/pdf" = "sioyek.desktop";
"default-web-browser" = "org.qutebrowser.qutebrowser.desktop";
"text/html" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop";
};
};
fonts.fontconfig.enable = true;
home.sessionVariables = rec {
BROWSER = lib.getExe qutebrowser_firejail;
DEFAULT_BROWSER = "${BROWSER}";
EDITOR = "nvim";
_JAVA_AWT_WM_NONREPARENTING = "1";
MOZ_ENABLE_WAYLAND = "1";
NIXOS_OZONE_WL = "1";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
SUDO_EDITOR = "nvim";
WLR_RENDERER = "vulkan";
};
home.pointerCursor = {
package = pkgs.adwaita-icon-theme;
name = "Adwaita";
size = 38;
};
wayland.windowManager.sway = {
enable = true;
};
programs = {
home-manager.enable = true;
librewolf = {
enable = true;
settings = {
"webgl.disable" = true;
"middlemouse.paste" = false;
};
};
tmux = {
enable = true;
clock24 = true;
keyMode = "vi";
terminal = "screen-256color";
plugins = with pkgs.tmuxPlugins; [
sysstat
net-speed
gruvbox
];
};
mpv = {
enable = true;
scripts = [
pkgs.mpvScripts.uosc
pkgs.mpvScripts.autosubsync-mpv
];
config = {
osc = "no";
osd-bar = "no";
border = "no";
slang = "eng,en";
alang = "eng,en";
hwdec = "auto";
vo = "gpu-next";
ao = "pipewire";
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
};
bindings = {
"s" = "script-binding uosc/subtitles";
"a" = "script-binding uosc/audio";
WHEEL_UP = "ignore";
WHEEL_DOWN = "ignore";
WHEEL_LEFT = "ignore";
WHEEL_RIGHT = "ignore";
};
};
alacritty = {
enable = true;
settings = {
font = {
normal.family = "JetBrainsMono";
italic.family = "JetBrainsMono";
bold.family = "JetBrainsMono";
bold_italic.family = "JetBrainsMono";
size = 14.0;
};
selection = {
text = "0xcfcfc2";
background = "0x232629";
normal = {
black = "0x1c1b19";
red = "0xef2f27";
green = "0x519f50";
yellow = "0xfbb829";
blue = "0x2c78bf";
magenta = "0xe02c6d";
cyan = "0x0aaeb3";
white = "0x918175";
};
bright = {
black = "0x2D2C29";
red = "0xf75341";
green = "0x98bc37";
yellow = "0xfed06e";
blue = "0x68A8E4";
magenta = "0xff5c8f";
cyan = "0x53fde9";
white = "0xfce8c3";
};
};
};
};
rofi = {
enable = true;
theme = "gruvbox-dark";
};
foot = {
enable = true;
server.enable = true;
settings = {
main = {
font = "JetBrainsMono:size=10";
dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
qutebrowser = {
enable = true;
keyBindings = {
normal = {
"j" = "scroll-px 0 25";
"k" = "scroll-px 0 -25";
"u" = "undo --window";
";v" = "hint links spawn mpv {hint-url}";
};
};
settings = {
content.notifications.enabled = false;
content.pdfjs = true;
content.webgl = false;
fonts.completion.category = "14pt monospace";
fonts.completion.entry = "14pt monospace";
fonts.contextmenu = "14pt monospace";
fonts.debug_console = "14pt monospace";
fonts.downloads = "14pt monospace";
fonts.hints = "14pt monospace";
fonts.keyhint = "14pt monospace";
fonts.messages.info = "14pt monospace";
fonts.prompts = "14pt monospace";
fonts.statusbar = "14pt monospace";
hints.chars = "1qaz2wsx3edc4rfv5tgb6yhn7ujm8ik9ol0p";
tabs.last_close = "close";
tabs.position = "left";
tabs.show = "multiple";
tabs.tabs_are_windows = true;
tabs.width = "12%";
zoom.default = "125%";
};
};
git = {
enable = true;
settings = {
user = {
name = "Asmir A";
email = "asmir.abdulahovic@gmail.com";
};
init.defaultBranch = "master";
pull = {
rebase = true;
};
credential = {
helper = "store";
};
};
signing.key = "020C42B7A9ABA3E2";
signing.signByDefault = true;
};
obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
obs-vkcapture
input-overlay
obs-multi-rtmp
obs-pipewire-audio-capture
wlrobs
obs-vaapi
];
};
i3status-rust.enable = true;
z-lua.enable = true;
zsh.enable = true;
};
services = {
lorri.enable = false;
mako.enable = true;
cliphist.enable = true;
gammastep = {
enable = true;
latitude = "44.53";
longitude = "18.67";
temperature.day = 5500;
temperature.night = 2900;
};
gnome-keyring.enable = true;
gpg-agent = {
enable = true;
defaultCacheTtl = 1800;
enableSshSupport = true;
};
swayidle =
let
locker = pkgs.writeShellScriptBin "swaylock_fancy" ''
ALL_IMGS=""
LOCK_ARGS=""
for OUTPUT in $(${pkgs.sway}/bin/swaymsg -t get_outputs | ${lib.getExe pkgs.jq} -r '.[].name')
do
TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg)
${lib.getExe pkgs.grim} -t ppm -o $OUTPUT - | \
${lib.getExe pkgs.ffmpeg} -y -loglevel 0 -i - -vframes 1 -vf "boxblur=10" "$TMP_FILE"
LOCK_ARGS="$LOCK_ARGS --image $OUTPUT:$TMP_FILE"
ALL_IMGS="$ALL_IMGS $TMP_FILE"
done
${lib.getExe pkgs.swaylock} -f $LOCK_ARGS
${pkgs.coreutils}/bin/shred $ALL_IMGS
${pkgs.coreutils}/bin/rm $ALL_IMGS
'';
in
/*
refresh_i3status = pkgs.writeShellScriptBin "refresh_i3status" ''
${pkgs.coreutils}/bin/sleep 1 && ${pkgs.procps}/bin/pkill -USR1 i3status-rs
'';
*/
{
enable = true;
events = [
{
event = "before-sleep";
command = "${locker}/bin/swaylock_fancy";
}
{
event = "lock";
command = "${locker}/bin/swaylock_fancy";
}
/*
{
event = "after-resume";
command = "${refresh_i3status}/bin/refresh_i3status";
}
*/
];
timeouts = [
{
timeout = 15 * 60;
command = "${locker}/bin/swaylock_fancy";
}
];
};
kanshi = {
enable = true;
settings = [
{
profile.name = "undocked";
profile.outputs = [
{
criteria = "eDP-1";
}
];
}
{
profile.name = "docked";
profile.outputs = [
{
criteria = "eDP-1";
position = "0,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026536";
mode = "1920x1080@74.973Hz";
position = "1920,0";
}
{
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026535";
mode = "1920x1080@74.973Hz";
position = "3840,0";
}
];
}
];
};
};
systemd.user = {
services = {
wayland-pipewire-idle-inhibit = {
Unit.Description = "inhibit sleep while audio output is active";
Service = {
ExecStart = "${lib.getExe pkgs.wayland-pipewire-idle-inhibit}";
Restart = "always";
RestartSec = 10;
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
};
};
};
}

183
home/nixy/home_packages.nix Normal file
View File

@@ -0,0 +1,183 @@
{
lib,
pkgs,
inputs,
system,
...
}:
let
chromium_teams = pkgs.writeShellScriptBin "chromium_teams" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://teams.microsoft.com/
'';
chromium_discord = pkgs.writeShellScriptBin "chromium_discord" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://discordapp.com/channels/@me
'';
chromium_stackfield = pkgs.writeShellScriptBin "chromium_stackfield" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/
'';
nixy_switch = pkgs.writeShellScriptBin "nixy_switch" ''
${pkgs.util-linux}/bin/ionice -c 3 -- \
${pkgs.coreutils}/bin/nice -n 20 -- \
${lib.getExe pkgs.nixos-rebuild} --flake ./#nixy switch
'';
qcad = pkgs.writeShellScriptBin "qcad" ''
QT_QPA_PLATFORM=xcb ${lib.getExe pkgs.qcad} $@
'';
ssh_proxy = pkgs.writeShellScriptBin "ssh_proxy" ''
if ${pkgs.coreutils}/bin/test $# -ne 1; then
echo "Usage: $0 <user>@<ssh_host>"
exit
fi
PROXY_PORT="1337"
${lib.getExe pkgs.openssh} -D "$PROXY_PORT" -q -N "$@"
'';
wrap_sh =
let
bubblewrap = pkgs.callPackage ../../packages/bubblewrap/default.nix { };
in
pkgs.writeShellScriptBin "wrap.sh" ''
if ${pkgs.coreutils-full}/bin/test $# -ne 1; then
echo "Usage: $0 <directory>"
exit
fi
FULL_PATH=$(${pkgs.coreutils-full}/bin/realpath "$1")
BUBBLEWRAP_DIR="$1" ${bubblewrap}/bin/bwrap \
--bind / / \
--dev /dev \
--overlay-src "$FULL_PATH" \
--tmp-overlay "$FULL_PATH" \
"$SHELL"
'';
in
{
home.packages =
with pkgs;
[
anydesk
appimage-run
arp-scan
birdtray
blackmagic
blender
btop
cached-nix-shell
caddy
cargo
cmake
compsize
kdePackages.ark
ungoogled-chromium
cura-appimage
deluge
dfu-util
discord
dmenu-wayland
drawio
dualsensectl
ffmpeg-full
firefox
freecad
gcc
gdb
ghostscript
glab
glaxnimate
gnumake
go
grim
heimdall
hyperfine
icestorm
imagemagick
imv
inkscape
#jellyfin-media-player
kdePackages.kdenlive
kicad
kodi-wayland
krita
libnotify
libreoffice-qt6-fresh
libva-utils
perf
lsix
lsix
mediainfo
ncdu
neovide
nextpnr
ngspice
nix-init
nixpkgs-fmt
nix-prefetch-git
nom
openems
openocd
openscad
pandoc
#paraview
pass-wayland
patchelf
pavucontrol
pay-respects
pirate-get
poppler-utils
powertop
pulsemixer
pwvucontrol
python3
python3Packages.west
qucs-s
radeontop
remmina
river-classic
rizin
rtorrent
sbcl
screen
seer
sioyek
slurp
steam-run
stm32cubemx
swayimg
tea
teams-for-linux
tectonic
tessen
texlive.combined.scheme-full
thunderbird
typst
upx
viber
waybar
wdisplays
weechat
wasistlos
wine
wireshark
wl-clipboard
wlr-randr
wofi
x2goclient
yewtube
yosys
yt-dlp
zapzap
zathura
zig
]
++ [
chromium_discord
chromium_stackfield
chromium_teams
nixy_switch
qcad
ssh_proxy
wrap_sh
]
++ [
inputs.swaysw.packages.${system}.swaysw
(pkgs.callPackage ../../packages/bubblewrap/default.nix { })
];
}

97
magpie/configuration.nix
View File

@@ -1,11 +1,10 @@
{
config,
pkgs,
lib,
project-cloud,
nvim,
system,
...
{ config
, pkgs
, lib
, project-cloud
, nvim
, system
, ...
}:
{
imports = [ ];
@@ -15,10 +14,6 @@
"nix-command"
"flakes"
];
system.switch = {
enable = false;
enableNg = true;
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
@@ -80,14 +75,23 @@
programs.mosh.enable = true;
/* Srv settings found on SrvOS */
fonts.fontconfig.enable = lib.mkDefault false;
xdg.autostart.enable = lib.mkDefault false;
xdg.icons.enable = lib.mkDefault false;
xdg.menus.enable = lib.mkDefault false;
xdg.mime.enable = lib.mkDefault false;
xdg.sounds.enable = lib.mkDefault false;
mailserver = {
enable = true;
debug = false;
debug.all = false;
fqdn = "mail.project-cloud.net";
domains = [ "project-cloud.net" ];
enableSubmissionSsl = true;
enableImap = false;
enableImapSsl = true;
stateVersion = 3;
# A list of all login accounts. To create the password hashes, use
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
@@ -105,7 +109,7 @@
};
services.journald.extraConfig = ''SystemMaxUse=50M '';
services.logind.extraConfig = ''KillUserProcesses=yes '';
services.logind.settings.Login = { KillUserProcesses = true; };
services.openssh.settings.PermitRootLogin = "prohibit-password";
services.openssh.enable = true;
services.openssh.listenAddresses = [
@@ -114,7 +118,11 @@
port = 22;
}
];
services.opendkim.enable = true;
services.opendkim = {
enable = true;
selector = "mail";
};
services.miniflux = {
enable = false;
@@ -165,7 +173,6 @@
services.nginx = {
enable = true;
package = pkgs.nginxQuic;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
@@ -289,12 +296,6 @@
startAt = "daily";
};
services.seafile = {
enable = false;
initialAdminPassword = "admin";
adminEmail = "asmir.abdulahovic" + "@" + "gmail.com";
};
# needed for sendmail mail functionality
users.users.gitea.extraGroups = [ "postdrop" ];
systemd.services.gitea.serviceConfig = {
@@ -333,24 +334,28 @@
};
networking.hostName = "magpie";
networking.nftables.enable = true;
networking.firewall = {
enable = true;
allowedTCPPorts = [
80
443
587
2049
]; # http, mail, mail, nfs
allowedUDPPorts = [
443
51820
]; # mail, wireguard
allowPing = true;
logRefusedConnections = lib.mkDefault false;
};
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [
80
443
587
2049
]; # http, mail, mail, nfs
networking.firewall.allowedUDPPorts = [
443
51820
]; # mail, wireguard
networking.firewall.allowPing = true;
networking.firewall.logRefusedConnections = lib.mkDefault false;
networking.nat.enable = true;
networking.nat.externalInterface = "enp1s0";
networking.nat.internalInterfaces = [ "wg0" ];
networking.nat = {
enable = true;
externalInterface = "enp1s0";
internalInterfaces = [ "wg0" ];
};
networking.networkmanager.enable = true;
networking.wireless.enable = false;
@@ -362,13 +367,13 @@
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
# This undoes the above command
postShutdown = ''
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
#postSetup = ''
# ${pkgs.nftables}/bin/nft add rule ip nat POSTROUTING oifname "eth0" ip saddr 10.100.0.0/24 counter masquerade
#'';
# This undoes the above command, TODO fix command below to be more specific
#postShutdown = ''
# ${pkgs.nftables}/bin/nft flush table ip nat
#'';
privateKeyFile = config.sops.secrets."wg_privkey".path;
peers = [

353
mediabox/configuration.nix
View File

@@ -1,19 +1,22 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
zremap,
system,
nvim,
...
{ config
, nvim
, pkgs
, system
, zremap
, ...
}:
let
USER = "akill";
in
{
imports = [ ];
system.stateVersion = "23.05";
system.autoUpgrade.enable = false;
system.switch = {
enable = true;
enableNg = true;
};
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets."peerix/private" = {
@@ -41,6 +44,7 @@
"nix-command"
"flakes"
];
trusted-users = [ "akill" "root" ];
};
};
@@ -74,29 +78,35 @@
readOnlyNixStore = true;
supportedFilesystems = [ "btrfs" ];
tmp.useTmpfs = true;
tmp.tmpfsSize = "80%";
};
security = {
rtkit.enable = true;
acme = {
acceptTerms = true;
defaults.email = "aasmir@gmx.com";
};
allowSimultaneousMultithreading = true;
sudo.enable = true;
doas.enable = true;
doas.extraRules = [
{
users = [ USER ];
keepEnv = true;
persist = true;
}
];
};
powerManagement = {
enable = true;
cpuFreqGovernor = "ondemand";
};
networking = {
nftables.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
80
443
51820
8020
];
};
@@ -111,14 +121,16 @@
"::1"
];
dhcpcd.extraConfig = "nohook resolv.conf";
networkmanager.dns = "none";
extraHosts = ''
192.168.1.173 nixy.lan
192.168.88.171 jellyfin.mediabox.lan
192.168.88.171 jellyseerr.mediabox.lan
192.168.88.171 mediabox.lan
192.168.88.171 qbittorrent.mediabox.lan
192.168.88.1 router.lan
192.168.88.231 workstation.lan
192.168.88.121 ender.lan
'';
wireguard.interfaces = {
@@ -149,44 +161,47 @@
};
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
programs = {
steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = false;
localNetworkGameTransfers.openFirewall = true;
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
appimage = {
enable = true;
binfmt = true;
};
nix-ld = {
enable = false;
libraries = with pkgs; [
stdenv.cc.cc.lib
zlib
];
};
zsh.enable = true;
firejail.enable = true;
};
programs.zsh.enable = true;
programs.light.enable = true;
programs.firejail.enable = true;
programs.adb.enable = false;
programs.wireshark.enable = true;
programs.sway.enable = true;
# List services that you want to enable:
systemd = {
services = {
"macchanger-wireless" = {
after = [ "sys-subsystem-net-devices-wlp3s0.device" ];
before = [ "network-pre.target" ];
bindsTo = [ "sys-subsystem-net-devices-wlp3s0.device" ];
description = "Changes MAC of my wireless interface for privacy reasons";
stopIfChanged = false;
wantedBy = [ "multi-user.target" ];
wants = [ "network-pre.target" ];
script = ''
${pkgs.macchanger}/bin/macchanger -e wlp3s0 || true
'';
serviceConfig.Type = "oneshot";
};
"zremap" = {
description = "Intercepts keyboard udev events";
wants = [ "systemd-udevd.service" ];
wantedBy = [ "multi-user.target" ];
"zremap@" = {
enable = true;
restartIfChanged = true;
serviceConfig.Nice = -20;
script = ''
sleep 1
${zremap.defaultPackage.${system}}/bin/zremap \
/dev/input/by-path/platform-i8042-serio-0-event-kbd
'';
unitConfig = {
Description = "zremap on %I";
ConditionPathExists = "%I";
};
serviceConfig = {
Type = "simple";
ExecStart = "${zremap.defaultPackage.${system}}/bin/zremap %I";
};
};
"wakeonlan" = {
@@ -202,31 +217,26 @@
"shutdown.target"
];
};
/*
"cpu_setting" = {
description = "Enable turboot boost and undervolt cpu after suspend";
wantedBy = ["post-resume.target" "multi-user.target"];
after = ["post-resume.target"];
script = ''
echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo
echo 0 > /sys/devices/system/cpu/intel_pstate/no_turbo
${pkgs.undervolt}/bin/undervolt --core -105 --cache -105 --uncore -105 --gpu -15 -p1 47 28 -p2 57 0.0025
'';
serviceConfig.Type = "oneshot";
};
*/
};
coredump.enable = false;
extraConfig = ''
DefaultTimeoutStartSec=30s
DefaultTimeoutStopSec=30s
'';
};
services = {
acpid.enable = true;
btrfs.autoScrub.enable = true;
dbus.enable = true;
dbus.implementation = "broker";
envfs.enable = true;
fstrim.enable = true;
fwupd.enable = true;
ntp.enable = true;
openssh.enable = true;
openssh.settings.PermitRootLogin = "yes";
thinkfan.enable = false;
xrdp = {
@@ -240,13 +250,13 @@
};
jellyfin = {
enable = true;
enable = false;
user = "akill";
openFirewall = true;
};
jellyseerr = {
enable = true;
enable = false;
openFirewall = true;
};
@@ -257,144 +267,95 @@
pulse.enable = true;
};
deluge = {
avahi = {
enable = false;
user = "akill";
nssmdns4 = false;
openFirewall = true;
dataDir = "/home/akill/.config/deluge";
web = {
enable = true;
openFirewall = false;
};
config = {
download_location = "/media";
allow_remote = true;
daemon_port = 58846;
};
};
transmission = {
enable = false;
openFirewall = true;
settings = {
rpc-whitelist = "192.168.88.*";
download-dir = "/media";
};
};
qbittorrent = {
enable = true;
user = "akill";
openFirewall = true;
dataDir = "/home/akill/.config/qbittorrent";
port = 8081;
};
nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."deluge.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8112/";
};
virtualHosts."qbittorrent.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8081/";
};
virtualHosts."jellyfin.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8096/";
};
virtualHosts."jellyseerr.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:5055/";
};
};
journald.extraConfig = ''
SystemMaxUse=50M
'';
logind.extraConfig = ''
KillUserProcesses=yes
'';
libinput.enable = true;
xserver = {
enable = true;
libinput.enable = true;
dpi = 144;
desktopManager.xterm.enable = false;
displayManager.lightdm.enable = false;
displayManager.defaultSession = "none+icewm";
windowManager.icewm.enable = true;
desktopManager.plasma5.bigscreen.enable = true;
#desktopManager.plasma6.enable = true;
displayManager = {
lightdm.enable = false;
startx.enable = true;
sddm.enable = true;
sddm.wayland.enable = true;
};
windowManager.i3.enable = false;
};
udev.packages = [ ];
udev = {
packages = [ ];
extraRules = ''
#zremap on new keyboard
ACTION=="add", SUBSYSTEM=="input", ATTRS{phys}!="", KERNEL=="event[0-9]*", ENV{ID_INPUT_KEY}=="1", ENV{ID_INPUT_KEYBOARD}=="1", TAG+="systemd", ENV{SYSTEMD_WANTS}+="zremap@$env{DEVNAME}.service"
'';
};
tlp = {
enable = true;
settings = { };
enable = false;
};
batteryNotifier = {
enable = false;
notifyCapacity = 20;
suspendCapacity = 10;
};
actkbd = {
enable = true;
bindings = [
{
keys = [ 121 ];
keys = [ 115 ];
events = [ "key" ];
command = "${pkgs.alsaUtils}/bin/amixer -q set Master toggle";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+";
}
{
keys = [ 122 ];
keys = [ 114 ];
events = [
"key"
"rep"
];
command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}- unmute";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-";
}
{
keys = [ 123 ];
keys = [ 113 ];
events = [
"key"
"rep"
];
command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}+ unmute";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
}
{
keys = [ 224 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/light -U 5";
command = "${pkgs.light}/bin/light -U 5";
}
{
keys = [ 225 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/light -A 5";
command = "${pkgs.light}/bin/light -A 5";
}
];
};
mpd = {
musicDirectory = "/home/mpd/music";
enable = false;
extraConfig = ''
audio_output {
type "pulse"
name "pulsee srv"
server "127.0.0.1"
}
'';
};
batteryNotifier = {
enable = true;
notifyCapacity = 20;
suspendCapacity = 10;
};
dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
require_nolog = true;
require_nofilter = true;
http3 = true;
sources.public-resolvers = {
urls = [
@@ -406,33 +367,62 @@
};
};
};
journald.extraConfig = ''
SystemMaxUse=50M
'';
logind.extraConfig = ''
KillUserProcesses=yes
'';
};
fonts.packages = with pkgs; [
dina-font
fira-code
fira-code-symbols
font-awesome
font-awesome_4
iosevka
jetbrains-mono
liberation_ttf
proggyfonts
siji
];
fonts = {
fontconfig = {
cache32Bit = true;
allowBitmaps = true;
useEmbeddedBitmaps = true;
defaultFonts = {
monospace = [ "JetBrainsMono" ];
};
};
packages = with pkgs; [
dejavu_fonts
dina-font
fira-code
fira-code-symbols
font-awesome_6
inconsolata
iosevka
jetbrains-mono
liberation_ttf
libertine
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
noto-fonts-emoji
proggyfonts
siji
terminus_font
terminus_font_ttf
ubuntu_font_family
vistafonts
];
};
virtualisation = {
podman = {
enable = true;
enable = false;
autoPrune.enable = true;
dockerCompat = true;
};
};
sound.enable = true;
hardware = {
bluetooth = {
enable = false;
enable = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
@@ -440,14 +430,9 @@
};
};
opengl = {
graphics = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
];
extraPackages = [ ];
};
};
@@ -456,18 +441,14 @@
algorithm = "zstd";
};
users.users.akill = {
users.users.${USER} = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"wireshark"
"wheel"
"kvm"
"tty"
"audio"
"sound"
"adbusers"
"transmission"
];
openssh.authorizedKeys.keys = [
(builtins.readFile ../nixy/ssh_pubkey)
@@ -478,14 +459,10 @@
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"wireshark"
"wheel"
"kvm"
"tty"
"audio"
"sound"
"adbusers"
"transmission"
];
};

129
nixy/configuration.nix
View File

@@ -1,23 +1,21 @@
{
config,
nix-xilinx,
nvim,
pkgs,
system,
zremap,
...
{ config
, nvim
, pkgs
, system
, zremap
, ...
}:
let
USER = "akill";
USER = "akill";
in
{
imports = [ ];
system.stateVersion = "23.05";
system.autoUpgrade.enable = false;
system.switch = {
enable = false;
enableNg = true;
system = {
stateVersion = "23.05";
autoUpgrade.enable = false;
etc.overlay.enable = true;
nixos-init.enable = true;
};
sops = {
@@ -87,10 +85,14 @@ in
kernelParams = [
"psmouse.synaptics_intertouch=0"
"mem_sleep_default=deep"
"amdgpu.sg_display=0"
"amdgpu.gttsize=2048"
];
kernelPackages = pkgs.linuxPackages_latest;
kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
"kernel.unprivileged_userns_clone" = "1"; /* Needed with harderned kernel */
};
loader.efi.canTouchEfiVariables = true;
loader.systemd-boot = {
@@ -98,7 +100,7 @@ in
enable = true;
memtest86.enable = true;
};
readOnlyNixStore = true;
nixStoreMountOpts = [ "ro" ];
supportedFilesystems = [
"xfs"
];
@@ -202,7 +204,6 @@ in
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [
nix-xilinx.overlay
nvim.overlays.${system}.overlay
];
environment = {
@@ -235,6 +236,13 @@ in
enable = true;
binfmt = true;
};
nix-ld = {
enable = false;
libraries = with pkgs; [
stdenv.cc.cc.lib
zlib
];
};
zsh.enable = true;
firejail.enable = true;
adb.enable = true;
@@ -246,7 +254,15 @@ in
# List services that you want to enable:
systemd = {
#sysusers.enable = true;
services = {
# Fix issue where systemd-vconsole-setup failes to find keymap
systemd-vconsole-setup = {
unitConfig = {
After = "local-fs.target";
};
};
"zremap@" = {
enable = true;
restartIfChanged = true;
@@ -276,9 +292,9 @@ in
description = "wg network interface";
bindsTo = [ "netns@wg.service" ];
requires = [ "network-online.target" ];
wants = [ "dnscrypt-proxy2_proton.service" ];
wants = [ "dnscrypt-proxy_proton.service" ];
after = [ "netns@wg.service" ];
before = [ "dnscrypt-proxy2_proton.service" ];
before = [ "dnscrypt-proxy_proton.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
@@ -308,7 +324,7 @@ in
};
};
"dnscrypt-proxy2_proton" = {
"dnscrypt-proxy_proton" = {
description = "DNSCrypt-proxy client proton";
wants = [
"network-online.target"
@@ -321,7 +337,7 @@ in
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
CacheDirectory = "dnscrypt-proxy";
DynamicUser = true;
ExecStart = "${pkgs.dnscrypt-proxy}/bin/dnscrypt-proxy -config ${config.services.dnscrypt-proxy2.configFile}";
ExecStart = "${pkgs.dnscrypt-proxy}/bin/dnscrypt-proxy -config ${config.services.dnscrypt-proxy.configFile}";
LockPersonality = true;
LogsDirectory = "dnscrypt-proxy";
MemoryDenyWriteExecute = true;
@@ -361,21 +377,23 @@ in
};
coredump.enable = false;
extraConfig = ''
DefaultTimeoutStartSec=30s
DefaultTimeoutStopSec=30s
'';
settings.Manager = {
DefaultTimeoutStartSec = "30s";
DefaultTimeoutStopSec = "30s";
};
};
services = {
acpid.enable = true;
dbus.enable = true;
dbus.implementation = "broker";
envfs.enable = true;
fstrim.enable = true;
fwupd.enable = true;
ntp.enable = true;
openssh.enable = true;
printing.enable = true;
userborn.enable = true;
pipewire = {
enable = true;
@@ -425,21 +443,25 @@ in
tlp = {
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 70;
STOP_CHARGE_THRESH_BAT0 = 86;
};
};
batteryNotifier = {
enable = true;
notifyCapacity = 20;
suspendCapacity = 10;
notifyCapacity = 12;
suspendCapacity = 5;
};
actkbd = {
enable = true;
bindings = [
{
keys = [ 113 ];
keys = [ 115 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master toggle'";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+";
}
{
@@ -448,16 +470,16 @@ in
"key"
"rep"
];
command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master 5%- unmute'";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-";
}
{
keys = [ 115 ];
keys = [ 113 ];
events = [
"key"
"rep"
];
command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master 5%+ unmute'";
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
}
{
@@ -474,7 +496,7 @@ in
];
};
dnscrypt-proxy2 = {
dnscrypt-proxy = {
enable = true;
settings = {
ipv6_servers = true;
@@ -533,26 +555,10 @@ in
SystemMaxUse=50M
'';
logind.extraConfig = ''
KillUserProcesses=yes
'';
seafile = {
enable = false;
initialAdminPassword = "admin";
adminEmail = "asmir.abdulahovic@gmail.com";
ccnetSettings = {
General = {
SERVICE_URL = "http://127.0.0.1:8020";
};
};
seafileSettings = {
fileserver = {
host = "0.0.0.0";
port = 8082;
};
};
logind.settings.Login = {
KillUserProcesses = true;
};
};
fonts = {
@@ -579,17 +585,17 @@ in
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
noto-fonts-emoji
proggyfonts
siji
terminus_font
terminus_font_ttf
ubuntu_font_family
vistafonts
ubuntu-classic
vista-fonts
];
};
virtualisation = {
waydroid.enable = false;
libvirtd = {
enable = true;
allowedBridges = [
@@ -616,6 +622,7 @@ in
enable = true;
settings = {
General = {
Experimental = true;
Enable = "Source,Sink,Media,Socket";
};
};
@@ -629,22 +636,24 @@ in
};
zramSwap = {
enable = false;
enable = true;
algorithm = "zstd";
};
users.users.${USER} = {
isNormalUser = true;
initialHashedPassword = "$y$j9T$XGffGsmN/u.wO5wZ.cBml/$9iCw3eWY0GSUH/aA8ESCAxKeTCAMqY21XQF7b5ujxD6";
shell = pkgs.zsh;
extraGroups = [
"wireshark"
"kvm"
"tty"
"audio"
"sound"
"adbusers"
"audio"
"dialout"
"kvm"
"plugdev"
"sound"
"tty"
"wheel"
"wireshark"
];
};
}