asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: asmir:master
Branches Tags
asmir:master
asmir:nftables_transition
asmir:gitea_typst
asmir:magento2
..
compare: asmir:nftables_transition
Branches Tags
asmir:master
asmir:nftables_transition
asmir:gitea_typst
asmir:magento2

No commits in common. "master" and "nftables_transition" have entirely different histories.
master ... nftables_t

10 changed files with 389 additions and 379 deletions
Show Stats Expand all files Collapse all files

150
flake.lock generated
View File

@ -35,11 +35,11 @@
"flake-compat_2": { "flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747046372, "lastModified": 1673956053,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -48,51 +48,37 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": { "flake-compat_3": {
"inputs": { "flake": false,
"flake-compat": [
"simple-nixos-mailserver",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"simple-nixos-mailserver",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1742649964, "lastModified": 1696426674,
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "cachix", "owner": "edolstra",
"repo": "git-hooks.nix", "repo": "flake-compat",
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "cachix", "owner": "edolstra",
"repo": "git-hooks.nix", "repo": "flake-compat",
"type": "github" "type": "github"
} }
}, },
"gitignore": { "flake-utils": {
"inputs": { "inputs": {
"nixpkgs": [ "systems": "systems"
"simple-nixos-mailserver",
"git-hooks",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1709087332, "lastModified": 1681202837,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "hercules-ci", "owner": "numtide",
"repo": "gitignore.nix", "repo": "flake-utils",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "hercules-ci", "owner": "numtide",
"repo": "gitignore.nix", "repo": "flake-utils",
"type": "github" "type": "github"
} }
}, },
@ -103,16 +89,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748226808, "lastModified": 1736373539,
"narHash": "sha256-GaBRgxjWO1bAQa8P2+FDxG4ANBVhjnSjBms096qQdxo=", "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "83665c39fa688bd6a1f7c43cf7997a70f6a109f9", "rev": "bd65bc3cde04c16755955630b344bc9e35272c56",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05", "ref": "release-24.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -140,34 +126,33 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1748162331, "lastModified": 1738574474,
"narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-25.05", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-25_05": { "nixpkgs-24_11": {
"locked": { "locked": {
"lastModified": 1747610100, "lastModified": 1734083684,
"narHash": "sha256-rpR5ZPMkWzcnCcYYo3lScqfuzEw5Uyfh+R0EKZfroAc=", "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ca49c4304acf0973078db0a9d200fd2bae75676d", "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "id": "nixpkgs",
"ref": "nixos-25.05", "ref": "nixos-24.11",
"repo": "nixpkgs", "type": "indirect"
"type": "github"
} }
}, },
"nvim": { "nvim": {
@ -177,11 +162,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748077877, "lastModified": 1736528609,
"narHash": "sha256-sxWrjcRygvs7Fz9gxjSm54ul8+NtU29V+PLAPR6ZfY0=", "narHash": "sha256-p0tYmTVnnFghamXEXD4w/lldCi604zIWDV4Ol9ubQ5g=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "b23265403c87af272c74cda484a840b0f22306f5", "rev": "8245a48cc75cc74dea1b3ca89cb58f24f8e14f85",
"revCount": 43, "revCount": 42,
"type": "git", "type": "git",
"url": "https://git.project-cloud.net/asmir/nvim_flake" "url": "https://git.project-cloud.net/asmir/nvim_flake"
}, },
@ -190,6 +175,28 @@
"url": "https://git.project-cloud.net/asmir/nvim_flake" "url": "https://git.project-cloud.net/asmir/nvim_flake"
} }
}, },
"peerix": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1684706914,
"narHash": "sha256-pBlTtsC28e/5MUTe4NWeNNOc/4Kf6EzGQGppQEQ/ioo=",
"owner": "asmir.abdulahovic",
"repo": "peerix",
"rev": "8fdbbd0039240e05b4f93bbd5b454d5643e8a8d1",
"type": "gitlab"
},
"original": {
"owner": "asmir.abdulahovic",
"repo": "peerix",
"type": "gitlab"
}
},
"project-cloud": { "project-cloud": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -218,6 +225,7 @@
"nix-xilinx": "nix-xilinx", "nix-xilinx": "nix-xilinx",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nvim": "nvim", "nvim": "nvim",
"peerix": "peerix",
"project-cloud": "project-cloud", "project-cloud": "project-cloud",
"simple-nixos-mailserver": "simple-nixos-mailserver", "simple-nixos-mailserver": "simple-nixos-mailserver",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
@ -228,19 +236,18 @@
"simple-nixos-mailserver": { "simple-nixos-mailserver": {
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_3",
"git-hooks": "git-hooks",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-25_05": "nixpkgs-25_05" "nixpkgs-24_11": "nixpkgs-24_11"
}, },
"locked": { "locked": {
"lastModified": 1747965231, "lastModified": 1737736848,
"narHash": "sha256-BW3ktviEhfCN/z3+kEyzpDKAI8qFTwO7+S0NVA0C90o=", "narHash": "sha256-VrUfCXBXYV+YmQ2OvVTeML9EnmaPRtH+POrNIcJp6yo=",
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"rev": "53007af63fade28853408370c4c600a63dd97f41", "rev": "6b425d13f5a9d73cb63973d3609acacef4d1e261",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -256,11 +263,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1747603214, "lastModified": 1738291974,
"narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -289,6 +296,21 @@
"url": "https://git.project-cloud.net/asmir/swaysw" "url": "https://git.project-cloud.net/asmir/swaysw"
} }
}, },
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"theme_anemone": { "theme_anemone": {
"flake": false, "flake": false,
"locked": { "locked": {

34
flake.nix
View File

@ -2,13 +2,18 @@
description = "NixOS configuration"; description = "NixOS configuration";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nix-xilinx = { nix-xilinx = {
url = "gitlab:asmir.abdulahovic/nix-xilinx"; url = "gitlab:asmir.abdulahovic/nix-xilinx";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
peerix = {
url = "gitlab:asmir.abdulahovic/peerix";
inputs.nixpkgs.follows = "nixpkgs";
};
zremap = { zremap = {
url = "git+https://git.project-cloud.net/asmir/zremap"; url = "git+https://git.project-cloud.net/asmir/zremap";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -30,7 +35,7 @@
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
@ -51,6 +56,7 @@
nixpkgs, nixpkgs,
nix-xilinx, nix-xilinx,
nvim, nvim,
peerix,
project-cloud, project-cloud,
simple-nixos-mailserver, simple-nixos-mailserver,
sops-nix, sops-nix,
@ -82,6 +88,18 @@
home-manager.extraSpecialArgs = { inherit inputs system; }; home-manager.extraSpecialArgs = { inherit inputs system; };
home-manager.backupFileExtension = "home_backup"; home-manager.backupFileExtension = "home_backup";
} }
peerix.nixosModules.peerix
{
services.peerix = {
enable = true;
globalCacheTTL = 10;
package = peerix.packages.x86_64-linux.peerix;
openFirewall = true; # UDP/12304
privateKeyFile = nixy.config.sops.secrets."peerix/private".path;
publicKeyFile = ./nixy/peerix-public;
publicKey = "peerix-mediabox:UDgG3xdQYv7bmx2l4ZPNRPJtp2zMmY++H/fnGeJ9BQw=";
};
}
]; ];
}; };
@ -104,6 +122,18 @@
home-manager.users.akill = import ./home/home.nix; home-manager.users.akill = import ./home/home.nix;
home-manager.extraSpecialArgs = { inherit inputs system; }; home-manager.extraSpecialArgs = { inherit inputs system; };
} }
peerix.nixosModules.peerix
{
services.peerix = {
enable = true;
globalCacheTTL = 10;
package = peerix.packages.x86_64-linux.peerix;
openFirewall = true; # UDP/12304
privateKeyFile = mediabox.config.sops.secrets."peerix/private".path;
publicKeyFile = ./mediabox/peerix-public;
publicKey = "peerix-nixy:8THqS0R2zWF/47ai0RFmqJnieYTZ1jaWOD9tnzpvA6s=";
};
}
]; ];
}; };

36
home/home.nix
View File

@ -86,9 +86,7 @@ in
hwdec = "auto"; hwdec = "auto";
vo = "gpu-next"; vo = "gpu-next";
ao = "pipewire"; ao = "pipewire";
osd-bar = "no"; script-opts-set = "ytdl_hook-ytdl_path=yt-dlp,sponsorblock-local_database=no,sponsorblock-skip_categories=[sponsor,intro,selfpromo]";
border = "no";
script-opts-set = "";
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best"; ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
}; };
@ -162,6 +160,7 @@ in
qutebrowser = { qutebrowser = {
enable = true; enable = true;
package = qutebrowser_firejail;
keyBindings = { keyBindings = {
normal = { normal = {
"j" = "scroll-px 0 25"; "j" = "scroll-px 0 25";
@ -252,26 +251,13 @@ in
swayidle = swayidle =
let let
locker = pkgs.writeShellScriptBin "swaylock_fancy" '' locker = pkgs.writeShellScriptBin "swaylock_fancy" ''
ALL_IMGS=""
LOCK_ARGS=""
for OUTPUT in $(${pkgs.sway}/bin/swaymsg -t get_outputs | ${lib.getExe pkgs.jq} -r '.[].name')
do
TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg) TMP_FILE=$(${pkgs.coreutils}/bin/mktemp /tmp/.swaylock_ss_XXXXXX.jpg)
${lib.getExe pkgs.grim} -t ppm -o $OUTPUT - | \ ${lib.getExe pkgs.grim} -t ppm - | ${pkgs.imagemagick}/bin/convert - -blur 0x12 "$TMP_FILE"
${lib.getExe pkgs.ffmpeg} -y -loglevel 0 -i - -vframes 1 -vf "boxblur=10" "$TMP_FILE" ${lib.getExe pkgs.swaylock} -f -i "$TMP_FILE"
LOCK_ARGS="$LOCK_ARGS --image $OUTPUT:$TMP_FILE" ${pkgs.coreutils}/bin/shred "$TMP_FILE"
ALL_IMGS="$ALL_IMGS $TMP_FILE" ${pkgs.coreutils}/bin/rm "$TMP_FILE"
done
${lib.getExe pkgs.swaylock} -f $LOCK_ARGS
${pkgs.coreutils}/bin/shred $ALL_IMGS
${pkgs.coreutils}/bin/rm $ALL_IMGS
''; '';
in in
/*
refresh_i3status = pkgs.writeShellScriptBin "refresh_i3status" ''
${pkgs.coreutils}/bin/sleep 1 && ${pkgs.procps}/bin/pkill -USR1 i3status-rs
'';
*/
{ {
enable = true; enable = true;
events = [ events = [
@ -283,12 +269,10 @@ in
event = "lock"; event = "lock";
command = "${locker}/bin/swaylock_fancy"; command = "${locker}/bin/swaylock_fancy";
} }
/*
{ {
event = "after-resume"; event = "after-resume";
command = "${refresh_i3status}/bin/refresh_i3status"; command = "${pkgs.procps}/bin/pkill -USR1 i3status-rs";
} }
*/
]; ];
timeouts = [ timeouts = [
{ {
@ -315,17 +299,17 @@ in
profile.outputs = [ profile.outputs = [
{ {
criteria = "eDP-1"; criteria = "eDP-1";
position = "0,0"; position = "3840,0";
} }
{ {
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026536"; criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026536";
mode = "1920x1080@74.973Hz"; mode = "1920x1080@74.973Hz";
position = "1920,0"; position = "5760,0";
} }
{ {
criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026535"; criteria = "Philips Consumer Electronics Company PHL 272S1 UHB2347026535";
mode = "1920x1080@74.973Hz"; mode = "1920x1080@74.973Hz";
position = "3840,0"; position = "7680,0";
} }
]; ];
} }

16
home/home_packages.nix
View File

@ -15,11 +15,6 @@ let
chromium_stackfield = pkgs.writeShellScriptBin "chromium_stackfield" '' chromium_stackfield = pkgs.writeShellScriptBin "chromium_stackfield" ''
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/ ${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/
''; '';
nixy_switch = pkgs.writeShellScriptBin "nixy_switch" ''
${pkgs.util-linux}/bin/ionice -c 3 -- \
${pkgs.coreutils}/bin/nice -n 20 -- \
${lib.getExe pkgs.nixos-rebuild} --flake ./#nixy switch
'';
qcad = pkgs.writeShellScriptBin "qcad" '' qcad = pkgs.writeShellScriptBin "qcad" ''
QT_QPA_PLATFORM=xcb ${lib.getExe pkgs.qcad} $@ QT_QPA_PLATFORM=xcb ${lib.getExe pkgs.qcad} $@
''; '';
@ -63,10 +58,9 @@ in
cached-nix-shell cached-nix-shell
caddy caddy
cargo cargo
ungoogled-chromium
cmake cmake
compsize compsize
kdePackages.ark
ungoogled-chromium
# cura # cura
deluge deluge
dfu-util dfu-util
@ -92,7 +86,7 @@ in
imv imv
inkscape inkscape
jellyfin-media-player jellyfin-media-player
kdePackages.kdenlive kdenlive
kicad kicad
kodi-wayland kodi-wayland
krita krita
@ -136,6 +130,7 @@ in
screen screen
seer seer
sioyek sioyek
skypeforlinux
slurp slurp
steam-run steam-run
stm32cubemx stm32cubemx
@ -148,7 +143,6 @@ in
thunderbird thunderbird
typst typst
upx upx
viber
waybar waybar
wdisplays wdisplays
weechat weechat
@ -171,13 +165,13 @@ in
chromium_discord chromium_discord
chromium_stackfield chromium_stackfield
chromium_teams chromium_teams
nixy_switch
qcad
ssh_proxy ssh_proxy
wrap_sh wrap_sh
qcad
] ]
++ [ ++ [
inputs.swaysw.packages.${system}.swaysw inputs.swaysw.packages.${system}.swaysw
(pkgs.callPackage ../packages/viber/default.nix { })
(pkgs.callPackage ../packages/bubblewrap/default.nix { }) (pkgs.callPackage ../packages/bubblewrap/default.nix { })
]; ];
} }

32
home/i3status-rust.nix
View File

@ -1,14 +1,4 @@
{ pkgs, ... }: { ... }:
let
kbd_switch = pkgs.writeShellScriptBin "kbd_switch" ''
declare -A -r KBD_CYCLE_MAP=(
["English (US)"]="de"
["German"]="ba"
)
LAYOUT="$(${pkgs.sway}/bin/swaymsg -t get_inputs -r | ${pkgs.jq}/bin/jq -r 'map(select(.type == "keyboard")).[0].xkb_layout_names.[]')"
swaymsg input "*" xkb_layout ''${KBD_CYCLE_MAP["$LAYOUT"]:-"us"}
'';
in
{ {
programs.i3status-rust = { programs.i3status-rust = {
bars.top = { bars.top = {
@ -22,16 +12,6 @@ in
}; };
blocks = [ blocks = [
{
block = "keyboard_layout";
driver = "sway";
click = [
{
cmd = "${kbd_switch}/bin/kbd_switch";
button = "left";
}
];
}
{ {
block = "battery"; block = "battery";
interval = 10; interval = 10;
@ -56,30 +36,20 @@ in
{ {
block = "net"; block = "net";
device = "wlan0"; device = "wlan0";
if_command = "ip link show wlan0";
interval = 2; interval = 2;
} }
{ {
block = "net"; block = "net";
device = "enp5s0"; device = "enp5s0";
if_command = "ip link show enp5s0";
interval = 2; interval = 2;
} }
{ {
block = "net"; block = "net";
device = "enp7s0f3u1u1"; device = "enp7s0f3u1u1";
if_command = "ip link show enp7s0f3u1u1";
interval = 2; interval = 2;
} }
{ {
block = "net"; block = "net";
device = "enp7s0f4u1u1";
if_command = "ip link show enp7s0f4u1u1";
interval = 2;
}
{
block = "net";
if_command = "ip link show eno1";
device = "eno1"; device = "eno1";
interval = 2; interval = 2;
} }

3
home/sway.nix
View File

@ -17,6 +17,7 @@ let
${lib.getExe pkgs.grim} -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy ${lib.getExe pkgs.grim} -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy
''; '';
swaysw = inputs.swaysw.packages.${system}.swaysw; swaysw = inputs.swaysw.packages.${system}.swaysw;
viber = pkgs.callPackage ../packages/viber/default.nix { };
term = "${pkgs.foot}/bin/footclient"; term = "${pkgs.foot}/bin/footclient";
in in
{ {
@ -145,7 +146,7 @@ in
"Mod4+j" = "Mod4+j" =
"exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}"; "exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}";
"Mod4+h" = "Mod4+h" =
"exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${pkgs.viber}/bin/viber"; "exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${viber}/bin/viber";
"Mod4+y" = "Mod4+y" =
''exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}''; ''exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}'';
"Mod4+p" = "exec ${lib.getExe pkgs.tessen} -a copy"; "Mod4+p" = "exec ${lib.getExe pkgs.tessen} -a copy";

2
home/zsh.nix
View File

@ -72,7 +72,7 @@
envExtra = ''''; envExtra = '''';
initContent = '' initExtra = ''
# binds # binds
bindkey '^K' fzf-file-widget bindkey '^K' fzf-file-widget

14
magpie/configuration.nix
View File

@ -333,8 +333,8 @@
}; };
networking.hostName = "magpie"; networking.hostName = "magpie";
networking.nftables.enable = true;
networking.firewall = { networking.firewall = {
nftables.enable = true;
enable = true; enable = true;
allowedTCPPorts = [ allowedTCPPorts = [
80 80
@ -366,13 +366,13 @@
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN # This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
#postSetup = '' postSetup = ''
# ${pkgs.nftables}/bin/nft add rule ip nat POSTROUTING oifname "eth0" ip saddr 10.100.0.0/24 counter masquerade ${pkgs.nftables}/bin/nft add rule ip nat POSTROUTING oifname "eth0" ip saddr 10.100.0.0/24 counter masquerade
#''; '';
# This undoes the above command, TODO fix command below to be more specific # This undoes the above command, TODO fix command below to be more specific
#postShutdown = '' postShutdown = ''
# ${pkgs.nftables}/bin/nft flush table ip nat ${pkgs.nftables}/bin/nft flush table ip nat
#''; '';
privateKeyFile = config.sops.secrets."wg_privkey".path; privateKeyFile = config.sops.secrets."wg_privkey".path;
peers = [ peers = [

413
mediabox/configuration.nix
View File

@ -1,22 +1,19 @@
{ config # Edit this configuration file to define what should be installed on
, nvim # your system. Help is available in the configuration.nix(5) man page
, pkgs # and in the NixOS manual (accessible by running nixos-help).
, system {
, zremap config,
, ... pkgs,
zremap,
system,
nvim,
...
}: }:
let
USER = "akill";
in
{ {
imports = [ ]; imports = [ ];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
system.autoUpgrade.enable = false; system.autoUpgrade.enable = false;
system.switch = {
enable = true;
enableNg = true;
};
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets."peerix/private" = { sops.secrets."peerix/private" = {
@ -77,35 +74,29 @@ in
readOnlyNixStore = true; readOnlyNixStore = true;
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
tmp.useTmpfs = true; tmp.useTmpfs = true;
tmp.tmpfsSize = "80%";
}; };
security = { security = {
rtkit.enable = true; rtkit.enable = true;
allowSimultaneousMultithreading = true; acme = {
sudo.enable = true; acceptTerms = true;
doas.enable = true; defaults.email = "aasmir@gmx.com";
doas.extraRules = [ };
{
users = [ USER ];
keepEnv = true;
persist = true;
}
];
}; };
powerManagement = { powerManagement = {
enable = true; enable = true;
cpuFreqGovernor = "ondemand";
}; };
networking = { networking = {
nftables.enable = true;
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ allowedTCPPorts = [
80 80
443 443
51820 51820
8020
]; ];
}; };
@ -120,16 +111,14 @@ in
"::1" "::1"
]; ];
dhcpcd.extraConfig = "nohook resolv.conf"; dhcpcd.extraConfig = "nohook resolv.conf";
networkmanager.dns = "none";
extraHosts = '' extraHosts = ''
192.168.1.173 nixy.lan 192.168.1.173 nixy.lan
192.168.88.171 jellyfin.mediabox.lan 192.168.88.171 jellyfin.mediabox.lan
192.168.88.171 jellyseerr.mediabox.lan
192.168.88.171 mediabox.lan 192.168.88.171 mediabox.lan
192.168.88.171 qbittorrent.mediabox.lan 192.168.88.171 qbittorrent.mediabox.lan
192.168.88.1 router.lan 192.168.88.1 router.lan
192.168.88.231 workstation.lan 192.168.88.231 workstation.lan
192.168.88.121 ender.lan
''; '';
wireguard.interfaces = { wireguard.interfaces = {
@ -160,47 +149,44 @@ in
}; };
}; };
programs = { programs.gnupg.agent = {
steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = false;
localNetworkGameTransfers.openFirewall = true;
};
gnupg.agent = {
enable = true; enable = true;
enableSSHSupport = true; enableSSHSupport = true;
}; };
appimage = { programs.zsh.enable = true;
enable = true; programs.light.enable = true;
binfmt = true; programs.firejail.enable = true;
}; programs.adb.enable = false;
nix-ld = { programs.wireshark.enable = true;
enable = false; programs.sway.enable = true;
libraries = with pkgs; [
stdenv.cc.cc.lib
zlib
];
};
zsh.enable = true;
firejail.enable = true;
};
# List services that you want to enable: # List services that you want to enable:
systemd = { systemd = {
services = { services = {
"zremap@" = { "macchanger-wireless" = {
enable = true; after = [ "sys-subsystem-net-devices-wlp3s0.device" ];
restartIfChanged = true; before = [ "network-pre.target" ];
bindsTo = [ "sys-subsystem-net-devices-wlp3s0.device" ];
description = "Changes MAC of my wireless interface for privacy reasons";
stopIfChanged = false;
wantedBy = [ "multi-user.target" ];
wants = [ "network-pre.target" ];
script = ''
${pkgs.macchanger}/bin/macchanger -e wlp3s0 || true
'';
serviceConfig.Type = "oneshot";
};
"zremap" = {
description = "Intercepts keyboard udev events";
wants = [ "systemd-udevd.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Nice = -20; serviceConfig.Nice = -20;
unitConfig = { script = ''
Description = "zremap on %I"; sleep 1
ConditionPathExists = "%I"; ${zremap.defaultPackage.${system}}/bin/zremap \
}; /dev/input/by-path/platform-i8042-serio-0-event-kbd
serviceConfig = { '';
Type = "simple";
ExecStart = "${zremap.defaultPackage.${system}}/bin/zremap %I";
};
}; };
"wakeonlan" = { "wakeonlan" = {
@ -216,21 +202,27 @@ in
"shutdown.target" "shutdown.target"
]; ];
}; };
};
coredump.enable = false; /*
extraConfig = '' "cpu_setting" = {
DefaultTimeoutStartSec=30s description = "Enable turboot boost and undervolt cpu after suspend";
DefaultTimeoutStopSec=30s wantedBy = ["post-resume.target" "multi-user.target"];
after = ["post-resume.target"];
script = ''
echo 1 > /sys/devices/system/cpu/intel_pstate/no_turbo
echo 0 > /sys/devices/system/cpu/intel_pstate/no_turbo
${pkgs.undervolt}/bin/undervolt --core -105 --cache -105 --uncore -105 --gpu -15 -p1 47 28 -p2 57 0.0025
''; '';
serviceConfig.Type = "oneshot";
};
*/
};
}; };
services = { services = {
acpid.enable = true; acpid.enable = true;
btrfs.autoScrub.enable = true; btrfs.autoScrub.enable = true;
dbus.enable = true; dbus.enable = true;
dbus.implementation = "broker";
envfs.enable = true;
fstrim.enable = true; fstrim.enable = true;
fwupd.enable = true; fwupd.enable = true;
ntp.enable = true; ntp.enable = true;
@ -248,13 +240,13 @@ in
}; };
jellyfin = { jellyfin = {
enable = false; enable = true;
user = "akill"; user = "akill";
openFirewall = true; openFirewall = true;
}; };
jellyseerr = { jellyseerr = {
enable = false; enable = true;
openFirewall = true; openFirewall = true;
}; };
@ -265,105 +257,58 @@ in
pulse.enable = true; pulse.enable = true;
}; };
avahi = { deluge = {
enable = false; enable = false;
nssmdns4 = false; user = "akill";
openFirewall = true; openFirewall = true;
}; dataDir = "/home/akill/.config/deluge";
web = {
libinput.enable = true;
xserver = {
enable = true; enable = true;
dpi = 144; openFirewall = false;
desktopManager.xterm.enable = false; };
desktopManager.plasma5.bigscreen.enable = true; config = {
#desktopManager.plasma6.enable = true; download_location = "/media";
displayManager = { allow_remote = true;
lightdm.enable = false; daemon_port = 58846;
startx.enable = true;
sddm.enable = true;
sddm.wayland.enable = true;
}; };
windowManager.i3.enable = false;
}; };
udev = { transmission = {
packages = [ ];
extraRules = ''
#zremap on new keyboard
ACTION=="add", SUBSYSTEM=="input", ATTRS{phys}!="", KERNEL=="event[0-9]*", ENV{ID_INPUT_KEY}=="1", ENV{ID_INPUT_KEYBOARD}=="1", TAG+="systemd", ENV{SYSTEMD_WANTS}+="zremap@$env{DEVNAME}.service"
'';
};
tlp = {
enable = false; enable = false;
}; openFirewall = true;
batteryNotifier = {
enable = false;
notifyCapacity = 20;
suspendCapacity = 10;
};
actkbd = {
enable = true;
bindings = [
{
keys = [ 115 ];
events = [ "key" ];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+";
}
{
keys = [ 114 ];
events = [
"key"
"rep"
];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-";
}
{
keys = [ 113 ];
events = [
"key"
"rep"
];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
}
{
keys = [ 224 ];
events = [ "key" ];
command = "${pkgs.light}/bin/light -U 5";
}
{
keys = [ 225 ];
events = [ "key" ];
command = "${pkgs.light}/bin/light -A 5";
}
];
};
dnscrypt-proxy2 = {
enable = true;
settings = { settings = {
ipv6_servers = true; rpc-whitelist = "192.168.88.*";
require_dnssec = true; download-dir = "/media";
require_nolog = true;
require_nofilter = true;
http3 = true;
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
}; };
}; };
qbittorrent = {
enable = true;
user = "akill";
openFirewall = true;
dataDir = "/home/akill/.config/qbittorrent";
port = 8081;
};
nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."deluge.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8112/";
};
virtualHosts."qbittorrent.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8081/";
};
virtualHosts."jellyfin.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:8096/";
};
virtualHosts."jellyseerr.mediabox.lan" = {
locations."/".proxyPass = "http://localhost:5055/";
};
}; };
journald.extraConfig = '' journald.extraConfig = ''
@ -374,53 +319,120 @@ in
KillUserProcesses=yes KillUserProcesses=yes
''; '';
xserver = {
enable = true;
libinput.enable = true;
desktopManager.xterm.enable = false;
displayManager.lightdm.enable = false;
displayManager.defaultSession = "none+icewm";
windowManager.icewm.enable = true;
}; };
fonts = { udev.packages = [ ];
fontconfig = {
cache32Bit = true; tlp = {
allowBitmaps = true; enable = true;
useEmbeddedBitmaps = true; settings = { };
defaultFonts = {
monospace = [ "JetBrainsMono" ];
};
}; };
packages = with pkgs; [ actkbd = {
dejavu_fonts enable = true;
dina-font bindings = [
fira-code {
fira-code-symbols keys = [ 121 ];
font-awesome_6 events = [ "key" ];
inconsolata command = "${pkgs.alsaUtils}/bin/amixer -q set Master toggle";
iosevka }
jetbrains-mono {
liberation_ttf keys = [ 122 ];
libertine events = [
noto-fonts "key"
noto-fonts-cjk-sans "rep"
noto-fonts-color-emoji ];
noto-fonts-emoji command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}- unmute";
proggyfonts }
siji {
terminus_font keys = [ 123 ];
terminus_font_ttf events = [
ubuntu_font_family "key"
vistafonts "rep"
];
command = "${pkgs.alsaUtils}/bin/amixer -q set Master ${config.sound.mediaKeys.volumeStep}+ unmute";
}
{
keys = [ 224 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/light -U 5";
}
{
keys = [ 225 ];
events = [ "key" ];
command = "/run/current-system/sw/bin/light -A 5";
}
]; ];
}; };
mpd = {
musicDirectory = "/home/mpd/music";
enable = false;
extraConfig = ''
audio_output {
type "pulse"
name "pulsee srv"
server "127.0.0.1"
}
'';
};
batteryNotifier = {
enable = true;
notifyCapacity = 20;
suspendCapacity = 10;
};
dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
};
};
};
fonts.packages = with pkgs; [
dina-font
fira-code
fira-code-symbols
font-awesome
font-awesome_4
iosevka
jetbrains-mono
liberation_ttf
proggyfonts
siji
];
virtualisation = { virtualisation = {
podman = { podman = {
enable = false; enable = true;
autoPrune.enable = true;
dockerCompat = true; dockerCompat = true;
}; };
}; };
sound.enable = true;
hardware = { hardware = {
bluetooth = { bluetooth = {
enable = true; enable = false;
settings = { settings = {
General = { General = {
Enable = "Source,Sink,Media,Socket"; Enable = "Source,Sink,Media,Socket";
@ -428,9 +440,14 @@ in
}; };
}; };
graphics = { opengl = {
enable = true; enable = true;
extraPackages = [ ]; driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
];
}; };
}; };
@ -439,14 +456,18 @@ in
algorithm = "zstd"; algorithm = "zstd";
}; };
users.users.${USER} = { users.users.akill = {
isNormalUser = true; isNormalUser = true;
shell = pkgs.zsh; shell = pkgs.zsh;
extraGroups = [ extraGroups = [
"wireshark"
"wheel" "wheel"
"kvm"
"tty" "tty"
"audio" "audio"
"sound" "sound"
"adbusers"
"transmission"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
(builtins.readFile ../nixy/ssh_pubkey) (builtins.readFile ../nixy/ssh_pubkey)
@ -457,10 +478,14 @@ in
isNormalUser = true; isNormalUser = true;
shell = pkgs.zsh; shell = pkgs.zsh;
extraGroups = [ extraGroups = [
"wireshark"
"wheel" "wheel"
"kvm"
"tty" "tty"
"audio" "audio"
"sound" "sound"
"adbusers"
"transmission"
]; ];
}; };

46
nixy/configuration.nix
View File

@ -1,10 +1,11 @@
{ config {
, nix-xilinx config,
, nvim nix-xilinx,
, pkgs nvim,
, system pkgs,
, zremap system,
, ... zremap,
...
}: }:
let let
USER = "akill"; USER = "akill";
@ -15,7 +16,7 @@ in
system.stateVersion = "23.05"; system.stateVersion = "23.05";
system.autoUpgrade.enable = false; system.autoUpgrade.enable = false;
system.switch = { system.switch = {
enable = true; enable = false;
enableNg = true; enableNg = true;
}; };
@ -87,7 +88,7 @@ in
"psmouse.synaptics_intertouch=0" "psmouse.synaptics_intertouch=0"
"mem_sleep_default=deep" "mem_sleep_default=deep"
]; ];
#kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
kernel.sysctl = { kernel.sysctl = {
"net.core.default_qdisc" = "fq"; "net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr"; "net.ipv4.tcp_congestion_control" = "bbr";
@ -235,13 +236,6 @@ in
enable = true; enable = true;
binfmt = true; binfmt = true;
}; };
nix-ld = {
enable = false;
libraries = with pkgs; [
stdenv.cc.cc.lib
zlib
];
};
zsh.enable = true; zsh.enable = true;
firejail.enable = true; firejail.enable = true;
adb.enable = true; adb.enable = true;
@ -254,14 +248,6 @@ in
# List services that you want to enable: # List services that you want to enable:
systemd = { systemd = {
services = { services = {
# Fix issue where systemd-vconsole-setup failes to find keymap
systemd-vconsole-setup = {
unitConfig = {
After = "local-fs.target";
};
};
"zremap@" = { "zremap@" = {
enable = true; enable = true;
restartIfChanged = true; restartIfChanged = true;
@ -386,7 +372,6 @@ in
acpid.enable = true; acpid.enable = true;
dbus.enable = true; dbus.enable = true;
dbus.implementation = "broker"; dbus.implementation = "broker";
envfs.enable = true;
fstrim.enable = true; fstrim.enable = true;
fwupd.enable = true; fwupd.enable = true;
ntp.enable = true; ntp.enable = true;
@ -453,9 +438,9 @@ in
enable = true; enable = true;
bindings = [ bindings = [
{ {
keys = [ 115 ]; keys = [ 113 ];
events = [ "key" ]; events = [ "key" ];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"; command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master toggle'";
} }
{ {
@ -464,16 +449,16 @@ in
"key" "key"
"rep" "rep"
]; ];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"; command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master 5%- unmute'";
} }
{ {
keys = [ 113 ]; keys = [ 115 ];
events = [ events = [
"key" "key"
"rep" "rep"
]; ];
command = "XDG_RUNTIME_DIR=/run/user/$(id -u ${USER}) ${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; command = "/run/current-system/sw/bin/runuser -l ${USER} -c 'amixer -q set Master 5%+ unmute'";
} }
{ {
@ -606,7 +591,6 @@ in
}; };
virtualisation = { virtualisation = {
waydroid.enable = false;
libvirtd = { libvirtd = {
enable = true; enable = true;
allowedBridges = [ allowedBridges = [