Compare commits

..

28 commits

Author SHA1 Message Date
Bruno BELANYI d2e9f300ce fixup! WIP: nixos: system: add persist
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-10-03 13:20:42 +00:00
Bruno BELANYI a9a1028164 WIP: add notes for missing persistence/backup
All checks were successful
ci/woodpecker/push/check Pipeline was successful
TODO:
* Look at for more inspiration https://github.com/nix-community/impermanence/pull/108
* Do home-manager
* Common files https://github.com/nix-community/impermanence/issues/10
2024-07-02 16:36:35 +00:00
Bruno BELANYI 3150f9bf22 nixos: services: quassel: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI c0c8e65c22 nixos: services: pirate: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI b51799218d nixos: services: monitoring: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 238a31e98d nixos: services: nginx: persist SSL certificates 2024-07-02 16:36:35 +00:00
Bruno BELANYI e1d5f7ce8e nixos: services: transmission: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 3a5781ba4b nixos: services: sabnzbd: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI cd8f0c3c7f nixos: services: rss-bridge: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 357276bfb7 nixos: services: podgrab: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI e2bb819b74 nixos: services: nextcloud: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI db03432cea nixos: services: navidrome: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 6290554b90 nixos: services: lohr: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 4e50e84148 nixos: services: jellyfin: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI ef57bac9d6 nixos: services: indexers: persist data 2024-07-02 16:36:35 +00:00
Bruno BELANYI 7bd66dcafe nixos: services: postgresql: persist data 2024-07-02 16:32:19 +00:00
Bruno BELANYI 2299ef237c nixos: services: postgresql-backup: persist data 2024-07-02 16:32:19 +00:00
Bruno BELANYI c0dc0b2a54 nixos: services: paperless: persist data 2024-07-02 16:32:19 +00:00
Bruno BELANYI 61a6208087 nixos: services: matrix: persist data 2024-07-02 16:32:18 +00:00
Bruno BELANYI 464ce18c2f nixos: services: forgejo: persist repositories 2024-07-02 16:32:12 +00:00
Bruno BELANYI 2e0d3751e9 nixos: services: gitea: persist repositories 2024-07-02 16:32:12 +00:00
Bruno BELANYI 830a687554 nixos: services: calibre-web: persist library 2024-07-02 16:23:41 +00:00
Bruno BELANYI 1686f620a0 nixos: services: blog: persist website data 2024-07-02 16:23:41 +00:00
Bruno BELANYI dc9efaef58 nixos: hardware: bluetooth: persist connections 2024-07-02 16:23:41 +00:00
Bruno BELANYI 8b6621905c nixos: hardware: netowrking persist connections 2024-07-02 16:23:41 +00:00
Bruno BELANYI dd92c987b3 nixos: services: ssh-server: persist host keys 2024-07-02 16:23:41 +00:00
Bruno BELANYI 605934d230 WIP: nixos: system: add persist
This is the module that takes care of configuring impermanence at the
system level.

WIP:
    * address FIXMEs
    * activate home-manager persistence?
        * set `programs.fuse.userAllowOther = true;` ?
    * point `age` to persisted paths [1] ?
    * make sure all services and modules are persisted correctly...

[1]: b1d18d25b8
2024-07-02 16:23:41 +00:00
Bruno BELANYI 715cfdffee flake: add 'impermanence' 2024-07-02 16:23:41 +00:00
82 changed files with 483 additions and 923 deletions

View file

@ -14,11 +14,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1723293904, "lastModified": 1718371084,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "rev": "3a56735779db467538fb2e577eda28a9daacaca6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -73,11 +73,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730504689, "lastModified": 1717285511,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90", "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -94,11 +94,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1726560853, "lastModified": 1710146030,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -136,11 +136,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730837930, "lastModified": 1719438532,
"narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "narHash": "sha256-/Vmso2ZMoFE3M7d1MRsQ2K5sR8CVKnrM6t1ys9Xjpz4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "rev": "1a4f12ae0bda877ec4099b429cf439aad897d7e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -168,11 +168,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1730785428, "lastModified": 1719254875,
"narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -184,11 +184,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1730885145, "lastModified": 1719564461,
"narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", "narHash": "sha256-wCFs1sf1tPoV3nCG5N5KaakAKm88FyzN6pRdOsOqNZg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", "rev": "7369862c4a8f293f6fde79044369dad7dfc04798",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -210,11 +210,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730814269, "lastModified": 1719259945,
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "d70155fdc00df4628446352fc58adc640cd705c2", "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg xRtF3XVc7yPicAV/E4U7mn0itvD0h1BWBTjwunuoe2E
OkB9sjGB3ulH4Feuyj3Ed0DBG4+mghW/Qpum9oXL/8c
-> ssh-ed25519 jPowng 1r8drqhz1yZdTq0Kvqya+ArU1C2fkN7Gg9LiWWfeUFg
cjbxntVwHvqLaJpiKs/Y8ojeb6e3/cLFcsoeuoobfFg
--- B1qA2PylJBrdZxZtCzlU2kRPvxLM+IrXTvR+ERxVtTY
"W9<57>Äbg¸©~Ì/áÕb4ãÕ†ú³ÜÔIÊ
Û}ð §ËÅË-³²ªNó±”ÑC7vWœbºØ?¦8=œÉwÆB ÃUpJClï²OÈ™³œnOÁ\

View file

@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg VYlHgHSLpfKb5bn1XA3aCpfX7M23DgbraLxxOfo9PDk
Rj+mDvAsWX3WwpuhTrOubmo17j/aud5+P87df5bosBA
-> ssh-ed25519 jPowng o9ZFaYrITZ6DjWw07Vk/+TkuU187/ytlEK4sw7G32G4
zmxlpDvDDEgQFqBVARXeX1ABhvfJ4uAHfa6mIxXzjAY
--- k/d9FWW8/OSo8EllwOBV74pZyX918u54jEljGk3ATUc
ü4+ø2{hE7!Ò­GA`×<>_@Íß—´¡R_ý§6J„ñL4v,6%ô‡øó#^® Ù¹ åB­§OøF|7ܽÉL]œÙj
BþóÛ¾éaòs]xS<78>Î pbÞo#¬J1QŸ=t}5Õ>Oï{+¼. M"7e»yý÷—

View file

@ -48,6 +48,9 @@ in
owner = "matrix-synapse"; owner = "matrix-synapse";
publicKeys = all; publicKeys = all;
}; };
"matrix/sliding-sync-secret.age" = {
publicKeys = all;
};
"mealie/mail.age" = { "mealie/mail.age" = {
publicKeys = all; publicKeys = all;
@ -74,24 +77,13 @@ in
"paperless/password.age".publicKeys = all; "paperless/password.age".publicKeys = all;
"paperless/secret-key.age".publicKeys = all; "paperless/secret-key.age".publicKeys = all;
"pdf-edit/login.age".publicKeys = all;
"podgrab/password.age".publicKeys = all; "podgrab/password.age".publicKeys = all;
"pyload/credentials.age".publicKeys = all; "pyload/credentials.age".publicKeys = all;
"sso/auth-key.age" = { "sso/auth-key.age".publicKeys = all;
owner = "nginx-sso"; "sso/ambroisie/password-hash.age".publicKeys = all;
publicKeys = all; "sso/ambroisie/totp-secret.age".publicKeys = all;
};
"sso/ambroisie/password-hash.age" = {
owner = "nginx-sso";
publicKeys = all;
};
"sso/ambroisie/totp-secret.age" = {
owner = "nginx-sso";
publicKeys = all;
};
"tandoor-recipes/secret-key.age".publicKeys = all; "tandoor-recipes/secret-key.age".publicKeys = all;

View file

@ -69,6 +69,9 @@ in
mailConfigFile = secrets."matrix/mail".path; mailConfigFile = secrets."matrix/mail".path;
# Only necessary when doing the initial registration # Only necessary when doing the initial registration
secretFile = secrets."matrix/secret".path; secretFile = secrets."matrix/secret".path;
slidingSync = {
secretFile = secrets."matrix/sliding-sync-secret".path;
};
}; };
mealie = { mealie = {
enable = true; enable = true;
@ -124,10 +127,20 @@ in
passwordFile = secrets."paperless/password".path; passwordFile = secrets."paperless/password".path;
secretKeyFile = secrets."paperless/secret-key".path; secretKeyFile = secrets."paperless/secret-key".path;
}; };
# Sometimes, editing PDFs is useful # The whole *arr software suite
pdf-edit = { pirate = {
enable = true; enable = true;
loginFile = secrets."pdf-edit/login".path; # ... But not Lidarr because I don't care for music that much
lidarr = {
enable = false;
};
};
# Podcast automatic downloader
podgrab = {
enable = true;
passwordFile = secrets."podgrab/password".path;
dataDir = "/data/media/podcasts";
port = 9598;
}; };
# Regular backups # Regular backups
postgresql-backup.enable = true; postgresql-backup.enable = true;
@ -139,15 +152,7 @@ in
rss-bridge.enable = true; rss-bridge.enable = true;
# Usenet client # Usenet client
sabnzbd.enable = true; sabnzbd.enable = true;
# The whole *arr software suite # Because I stilll need to play sysadmin
servarr = {
enable = true;
# ... But not Lidarr because I don't care for music that much
lidarr = {
enable = false;
};
};
# Because I still need to play sysadmin
ssh-server.enable = true; ssh-server.enable = true;
# Recipe manager # Recipe manager
tandoor-recipes = { tandoor-recipes = {

View file

@ -1,19 +1,15 @@
{ config, lib, pkgs, ... }: { config, lib, ... }:
let let
cfg = config.my.home.atuin; cfg = config.my.home.atuin;
in in
{ {
options.my.home.atuin = with lib; { options.my.home.atuin = with lib; {
enable = my.mkDisableOption "atuin configuration"; enable = my.mkDisableOption "atuin configuration";
# I want the full experience by default
package = mkPackageOption pkgs "atuin" { };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.atuin = { programs.atuin = {
enable = true; enable = true;
inherit (cfg) package;
flags = [ flags = [
# I *despise* this hijacking of the up key, even though I use Ctrl-p # I *despise* this hijacking of the up key, even though I use Ctrl-p

View file

@ -5,13 +5,11 @@ in
{ {
options.my.home.calibre = with lib; { options.my.home.calibre = with lib; {
enable = mkEnableOption "calibre configuration"; enable = mkEnableOption "calibre configuration";
package = mkPackageOption pkgs "calibre" { };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
cfg.package calibre
]; ];
}; };
} }

View file

@ -1,4 +1,4 @@
# shellcheck shell=bash #shellcheck shell=bash
# shellcheck disable=2155 # shellcheck disable=2155
use_android() { use_android() {
@ -32,16 +32,10 @@ use_android() {
-b|--build-tools) -b|--build-tools)
build_tools_version="$2" build_tools_version="$2"
shift 2 shift 2
if ! [ -e "$ANDROID_HOME/build-tools/$build_tools_version" ]; then
log_error "use_android: build-tools version '$build_tools_version' does not exist"
fi
;; ;;
-n|--ndk) -n|--ndk)
ndk_version="$2" ndk_version="$2"
shift 2 shift 2
if ! [ -e "$ANDROID_HOME/ndk/$ndk_version" ]; then
log_error "use_android: NDK version '$ndk_version' does not exist"
fi
;; ;;
--) --)
shift shift

View file

@ -1,4 +1,4 @@
# shellcheck shell=bash #shellcheck shell=bash
use_pkgs() { use_pkgs() {
if ! has nix; then if ! has nix; then

View file

@ -1,4 +1,4 @@
# shellcheck shell=bash #shellcheck shell=bash
layout_postgres() { layout_postgres() {
if ! has postgres || ! has initdb; then if ! has postgres || ! has initdb; then

View file

@ -1,4 +1,4 @@
# shellcheck shell=bash #shellcheck shell=bash
layout_poetry() { layout_poetry() {
if ! has poetry; then if ! has poetry; then
@ -9,12 +9,12 @@ layout_poetry() {
if [[ ! -f pyproject.toml ]]; then if [[ ! -f pyproject.toml ]]; then
# shellcheck disable=2016 # shellcheck disable=2016
log_error 'layout_poetry: no pyproject.toml found. Use `poetry init` to create one first' log_error 'layout_poetry: no pyproject.toml found. Use `poetry new` or `poetry init` to create one first'
return 1 return 1
fi fi
# create venv if it doesn't exist # create venv if it doesn't exist
poetry run -q -- true poetry run true
# shellcheck disable=2155 # shellcheck disable=2155
export VIRTUAL_ENV=$(poetry env info --path) export VIRTUAL_ENV=$(poetry env info --path)
@ -23,34 +23,3 @@ layout_poetry() {
watch_file pyproject.toml watch_file pyproject.toml
watch_file poetry.lock watch_file poetry.lock
} }
layout_uv() {
if ! has uv; then
# shellcheck disable=2016
log_error 'layout_uv: `uv` is not in PATH'
return 1
fi
if [[ ! -f pyproject.toml ]]; then
# shellcheck disable=2016
log_error 'layout_uv: no pyproject.toml found. Use `uv init` to create one first'
return 1
fi
local default_venv="$PWD/.venv"
: "${VIRTUAL_ENV:=$default_venv}"
# Use non-default venv path if required
if [ "$VIRTUAL_ENV" != "$default_venv" ]; then
export UV_PROJECT_ENVIRONMENT="$VIRTUAL_ENV"
fi
# create venv if it doesn't exist
uv venv -q
export VIRTUAL_ENV
export UV_ACTIVE=1
PATH_add "$VIRTUAL_ENV/bin"
watch_file pyproject.toml
watch_file uv.lock
}

View file

@ -7,13 +7,11 @@ in
{ {
options.my.home.discord = with lib; { options.my.home.discord = with lib; {
enable = mkEnableOption "discord configuration"; enable = mkEnableOption "discord configuration";
package = mkPackageOption pkgs "discord" { };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
cfg.package discord
]; ];
xdg.configFile."discord/settings.json".source = xdg.configFile."discord/settings.json".source =

View file

@ -4,7 +4,7 @@
" Use dark color scheme " Use dark color scheme
colorscheme dark colorscheme dark
" Make tridactyl open Vim in my preferred terminal " Make tridactyl open Vim in my prefered terminal
set editorcmd @editorcmd@ set editorcmd @editorcmd@
" Remove editor file after use " Remove editor file after use

View file

@ -6,28 +6,33 @@ in
options.my.home.gdb = with lib; { options.my.home.gdb = with lib; {
enable = my.mkDisableOption "gdb configuration"; enable = my.mkDisableOption "gdb configuration";
package = mkPackageOption pkgs "gdb" { };
rr = { rr = {
enable = my.mkDisableOption "rr configuration"; enable = my.mkDisableOption "rr configuration";
package = mkPackageOption pkgs "rr" { }; package = mkOption {
type = types.package;
default = pkgs.rr;
defaultText = literalExample "pkgs.rr";
description = ''
Package providing rr
'';
};
}; };
}; };
config = lib.mkIf cfg.enable (lib.mkMerge [ config = lib.mkIf cfg.enable (lib.mkMerge [
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
cfg.package gdb
]; ];
xdg = { xdg = {
configFile."gdb/gdbinit".source = ./gdbinit; configFile."gdb/gdbinit".source = ./gdbinit;
stateFile."gdb/.keep".text = ""; dataFile. "gdb/.keep".text = "";
}; };
home.sessionVariables = { home.sessionVariables = {
GDBHISTFILE = "${config.xdg.stateHome}/gdb/gdb_history"; GDBHISTFILE = "${config.xdg.dataHome}/gdb/gdb_history";
}; };
} }

View file

@ -21,12 +21,12 @@ in
}; };
iconTheme = { iconTheme = {
package = pkgs.gnome-themes-extra; package = pkgs.gnome.gnome-themes-extra;
name = "Adwaita"; name = "Adwaita";
}; };
theme = { theme = {
package = pkgs.gnome-themes-extra; package = pkgs.gnome.gnome-themes-extra;
name = "Adwaita"; name = "Adwaita";
}; };
}; };

View file

@ -58,7 +58,7 @@ in
{ {
config.accounts.email.accounts = { config.accounts.email.accounts = {
personal = lib.mkMerge [ personal = lib.mkMerge [
# Common configuration # Common configuraton
(mkConfig { (mkConfig {
domain = "belanyi.fr"; domain = "belanyi.fr";
address = "bruno"; address = "bruno";
@ -70,7 +70,7 @@ in
]; ];
gmail = lib.mkMerge [ gmail = lib.mkMerge [
# Common configuration # Common configuraton
(mkConfig { (mkConfig {
domain = "gmail.com"; domain = "gmail.com";
address = "brunobelanyi"; address = "brunobelanyi";

View file

@ -22,10 +22,6 @@ in
options.my.home.nix = with lib; { options.my.home.nix = with lib; {
enable = my.mkDisableOption "nix configuration"; enable = my.mkDisableOption "nix configuration";
gc = {
enable = my.mkDisableOption "nix GC configuration";
};
cache = { cache = {
selfHosted = my.mkDisableOption "self-hosted cache"; selfHosted = my.mkDisableOption "self-hosted cache";
}; };
@ -64,22 +60,6 @@ in
}; };
} }
(lib.mkIf cfg.gc.enable {
nix.gc = {
automatic = true;
# Every week, with some wiggle room
frequency = "weekly";
randomizedDelaySec = "10min";
# Use a persistent timer for e.g: laptops
persistent = true;
# Delete old profiles automatically after 15 days
options = "--delete-older-than 15d";
};
})
(lib.mkIf cfg.cache.selfHosted { (lib.mkIf cfg.cache.selfHosted {
nix = { nix = {
settings = { settings = {

View file

@ -13,8 +13,8 @@ in
]; ];
home.sessionVariables = { home.sessionVariables = {
GITHUB_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; GITHUB_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})'';
GITHUB_API_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; GITHUB_API_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})'';
}; };
}; };
} }

View file

@ -15,7 +15,7 @@ in
# Clear the screen on start and exit # Clear the screen on start and exit
LESS = "-R -+X -c"; LESS = "-R -+X -c";
# Better XDG compliance # Better XDG compliance
LESSHISTFILE = "${config.xdg.stateHome}/less/history"; LESSHISTFILE = "${config.xdg.dataHome}/less/history";
LESSKEY = "${config.xdg.configHome}/less/lesskey"; LESSKEY = "${config.xdg.configHome}/less/lesskey";
}; };
}; };

View file

@ -30,7 +30,7 @@ in
}); });
default = { ${config.my.home.terminal.program} = { }; }; default = { ${config.my.home.terminal.program} = { }; };
defaultText = literalExpression '' defaultText = litteralExpression ''
{ ''${config.my.home.terminal.program} = { }; }; { ''${config.my.home.terminal.program} = { }; };
''; '';
example = { xterm-256color = { }; }; example = { xterm-256color = { }; };

View file

@ -0,0 +1,6 @@
" Create the `b:undo_ftplugin` variable if it doesn't exist
call ftplugined#check_undo_ft()
" Don't show Netrw in buffer list
setlocal bufhidden=delete
let b:undo_ftplugin='|setlocal bufhidden<'

View file

@ -0,0 +1,7 @@
local wk = require("which-key")
local keys = {
["<leader>"] = { "<cmd>nohls<CR>", "Clear search highlight" },
}
wk.register(keys, { prefix = "<leader>" })

View file

@ -0,0 +1,15 @@
local wk = require("which-key")
local telescope_builtin = require("telescope.builtin")
local keys = {
f = {
name = "Fuzzy finder",
b = { telescope_builtin.buffers, "Open buffers" },
f = { telescope_builtin.git_files, "Git tracked files" },
F = { telescope_builtin.find_files, "Files" },
g = { telescope_builtin.live_grep, "Grep string" },
G = { telescope_builtin.grep_string, "Grep string under cursor" },
},
}
wk.register(keys, { prefix = "<leader>" })

View file

@ -0,0 +1,30 @@
local wk = require("which-key")
local motions = {
["]m"] = "Next method start",
["]M"] = "Next method end",
["]S"] = "Next statement start",
["]]"] = "Next class start",
["]["] = "Next class end",
["[m"] = "Previous method start",
["[M"] = "Previous method end",
["[S"] = "Previous statement start",
["[["] = "Previous class start",
["[]"] = "Previous class end",
}
local objects = {
["aa"] = "a parameter",
["ia"] = "inner parameter",
["ab"] = "a block",
["ib"] = "inner block",
["ac"] = "a class",
["ic"] = "inner class",
["af"] = "a function",
["if"] = "inner function",
["ak"] = "a comment",
["aS"] = "a statement",
}
wk.register(motions, { mode = "n" })
wk.register(objects, { mode = "o" })

View file

@ -3,124 +3,126 @@ local wk = require("which-key")
local lsp = require("ambroisie.lsp") local lsp = require("ambroisie.lsp")
local keys = { local keys = {
-- Previous -- Edition and navigation mappins
{ "[", group = "Previous" }, ["["] = {
-- Edition and navigation mappings name = "Previous",
{ "[<space>", desc = "Insert blank line above" }, ["<space>"] = "Insert blank line above",
{ "[<C-L>", desc = "Previous location list file" }, ["<C-L>"] = "Previous location list file",
{ "[<C-Q>", desc = "Previous quickfix list file" }, ["<C-Q>"] = "Previous quickfix list file",
{ "[<C-T>", desc = "Previous tag in preview window" }, ["<C-T>"] = "Previous tag in preview window",
{ "[a", desc = "Previous argument" }, a = "Previous argument",
{ "[A", desc = "First argument" }, A = "First argument",
{ "[b", desc = "Previous buffer" }, b = "Previous buffer",
{ "[B", desc = "First buffer" }, B = "First buffer",
{ "[e", desc = "Exchange previous line" }, e = "Exchange previous line",
{ "[f", desc = "Previous file in directory" }, f = "Previous file in directory",
{ "[l", desc = "Previous location list entry" }, l = "Previous location list entry",
{ "[L", desc = "First Location list entry" }, L = "First Location list entry",
{ "[n", desc = "Previous conflict marker/diff hunk" }, n = "Previous conflict marker/diff hunk",
{ "[p", desc = "Paste line above" }, p = "Paste line above",
{ "[P", desc = "Paste line above" }, P = "Paste line above",
{ "[q", desc = "Previous quickfix list entry" }, q = "Previous quickfix list entry",
{ "[Q", desc = "First quickfix list entry" }, Q = "First quickfix list entry",
{ "[t", desc = "Previous matching tag" }, t = "Previous matching tag",
{ "[T", desc = "First matching tag" }, T = "First matching tag",
{ "[z", desc = "Previous fold" }, z = "Previous fold",
-- Encoding -- Encoding
{ "[C", desc = "C string encode" }, C = "C string encode",
{ "[u", desc = "URL encode" }, u = "URL encode",
{ "[x", desc = "XML encode" }, x = "XML encode",
{ "[y", desc = "C string encode" }, y = "C string encode",
-- Custom -- Custom
{ "[d", lsp.goto_prev_diagnostic, desc = "Previous diagnostic" }, d = { lsp.goto_prev_diagnostic, "Previous diagnostic" },
},
-- Next ["]"] = {
{ "]", group = "Next" }, name = "Next",
-- Edition and navigation mappings ["<space>"] = "Insert blank line below",
{ "]<space>", desc = "Insert blank line below" }, ["<C-L>"] = "Next location list file",
{ "]<C-L>", desc = "Next location list file" }, ["<C-Q>"] = "Next quickfix list file",
{ "]<C-Q>", desc = "Next quickfix list file" }, ["<C-T>"] = "Next tag in preview window",
{ "]<C-T>", desc = "Next tag in preview window" }, a = "Next argument",
{ "]a", desc = "Next argument" }, A = "Last argument",
{ "]A", desc = "Last argument" }, b = "Next buffer",
{ "]b", desc = "Next buffer" }, B = "Last buffer",
{ "]B", desc = "Last buffer" }, e = "Exchange next line",
{ "]e", desc = "Exchange next line" }, f = "Next file in directory",
{ "]f", desc = "Next file in directory" }, l = "Next location list entry",
{ "]l", desc = "Next location list entry" }, L = "Last Location list entry",
{ "]L", desc = "Last Location list entry" }, n = "Next conflict marker/diff hunk",
{ "]n", desc = "Next conflict marker/diff hunk" }, p = "Paste line below",
{ "]p", desc = "Paste line below" }, P = "Paste line below",
{ "]P", desc = "Paste line below" }, q = "Next quickfix list entry",
{ "]q", desc = "Next quickfix list entry" }, Q = "Last quickfix list entry",
{ "]Q", desc = "Last quickfix list entry" }, t = "Next matching tag",
{ "]t", desc = "Next matching tag" }, T = "Last matching tag",
{ "]T", desc = "Last matching tag" }, z = "Next fold",
{ "]z", desc = "Next fold" },
-- Decoding -- Decoding
{ "]C", desc = "C string decode" }, C = "C string decode",
{ "]u", desc = "URL decode" }, u = "URL decode",
{ "]x", desc = "XML decode" }, x = "XML decode",
{ "]y", desc = "C string decode" }, y = "C string decode",
-- Custom -- Custom
{ "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" }, d = { lsp.goto_next_diagnostic, "Next diagnostic" },
},
-- Enable option -- Option mappings
{ "[o", group = "Enable option" }, ["[o"] = {
{ "[ob", desc = "Light background" }, name = "Enable option",
{ "[oc", desc = "Cursor line" }, b = "Light background",
{ "[od", desc = "Diff" }, c = "Cursor line",
{ "[of", "<cmd>FormatEnable<CR>", desc = "LSP Formatting" }, d = "Diff",
{ "[oh", desc = "Search high-lighting" }, f = { "<cmd>FormatEnable<CR>", "LSP Formatting" },
{ "[oi", desc = "Case insensitive search" }, h = "Search high-lighting",
{ "[ol", desc = "List mode" }, i = "Case insensitive search",
{ "[on", desc = "Line numbers" }, l = "List mode",
{ "[or", desc = "Relative line numbers" }, n = "Line numbers",
{ "[op", "<cmd>lwindow<CR>", desc = "Location list" }, r = "Relative line numbers",
{ "[oq", "<cmd>cwindow<CR>", desc = "Quickfix list" }, p = { "<cmd>lwindow<CR>", "Location list" },
{ "[ou", desc = "Cursor column" }, q = { "<cmd>cwindow<CR>", "Quickfix list" },
{ "[ov", desc = "Virtual editing" }, u = "Cursor column",
{ "[ow", desc = "Text wrapping" }, v = "Virtual editing",
{ "[ox", desc = "Cursor line and column" }, w = "Text wrapping",
{ "[oz", desc = "Spell checking" }, x = "Cursor line and column",
z = "Spell checking",
-- Disable option },
{ "]o", group = "Disable option" }, ["]o"] = {
{ "]ob", desc = "Light background" }, name = "Option off",
{ "]oc", desc = "Cursor line" }, b = "Light background",
{ "]od", desc = "Diff" }, c = "Cursor line",
{ "]of", "<cmd>FormatDisable<CR>", desc = "LSP Formatting" }, d = "Diff",
{ "]oh", desc = "Search high-lighting" }, f = { "<cmd>FormatDisable<CR>", "LSP Formatting" },
{ "]oi", desc = "Case insensitive search" }, h = "Search high-lighting",
{ "]ol", desc = "List mode" }, i = "Case insensitive search",
{ "]on", desc = "Line numbers" }, l = "List mode",
{ "]op", "<cmd>lclose<CR>", desc = "Location list" }, n = "Line numbers",
{ "]oq", "<cmd>cclose<CR>", desc = "Quickfix list" }, p = { "<cmd>lclose<CR>", "Location list" },
{ "]or", desc = "Relative line numbers" }, q = { "<cmd>cclose<CR>", "Quickfix list" },
{ "]ou", desc = "Cursor column" }, r = "Relative line numbers",
{ "]ov", desc = "Virtual editing" }, u = "Cursor column",
{ "]ow", desc = "Text wrapping" }, v = "Virtual editing",
{ "]ox", desc = "Cursor line and column" }, w = "Text wrapping",
{ "]oz", desc = "Spell checking" }, x = "Cursor line and column",
z = "Spell checking",
-- Toggle option },
{ "yo", group = "Toggle option" }, ["yo"] = {
{ "yob", desc = "Light background" }, name = "Option toggle",
{ "yoc", desc = "Cursor line" }, b = "Light background",
{ "yod", desc = "Diff" }, c = "Cursor line",
{ "yof", "<cmd>FormatToggle<CR>", desc = "LSP Formatting" }, d = "Diff",
{ "yoh", desc = "Search high-lighting" }, f = { "<cmd>FormatToggle<CR>", "LSP Formatting" },
{ "yoi", desc = "Case insensitive search" }, h = "Search high-lighting",
{ "yol", desc = "List mode" }, i = "Case insensitive search",
{ "yon", desc = "Line numbers" }, l = "List mode",
{ "yop", "<Plug>(qf_loc_toggle)", desc = "Location list" }, n = "Line numbers",
{ "yoq", "<Plug>(qf_qf_toggle)", desc = "Quickfix list" }, p = { "<Plug>(qf_loc_toggle)", "Location list" },
{ "yor", desc = "Relative line numbers" }, q = { "<Plug>(qf_qf_toggle)", "Quickfix list" },
{ "you", desc = "Cursor column" }, r = "Relative line numbers",
{ "yov", desc = "Virtual editing" }, u = "Cursor column",
{ "yow", desc = "Text wrapping" }, v = "Virtual editing",
{ "yox", desc = "Cursor line and column" }, w = "Text wrapping",
{ "yoz", desc = "Spell checking" }, x = "Cursor line and column",
z = "Spell checking",
},
} }
wk.add(keys) wk.register(keys)

View file

@ -1,5 +0,0 @@
; extends
; I want to the line added/removed markers to be the correct color
"+" @diff.plus
"-" @diff.minus

View file

@ -46,9 +46,14 @@ in
vim-repeat # Enanche '.' for plugins vim-repeat # Enanche '.' for plugins
vim-rsi # Readline mappings vim-rsi # Readline mappings
vim-unimpaired # Some ex command mappings vim-unimpaired # Some ex command mappings
vim-vinegar # Better netrw
# Languages # Languages
rust-vim
vim-beancount vim-beancount
vim-jsonnet
vim-nix
vim-toml
# General enhancements # General enhancements
vim-qf # Better quick-fix list vim-qf # Better quick-fix list
@ -80,7 +85,6 @@ in
dressing-nvim # Integrate native UI hooks with Telescope etc... dressing-nvim # Integrate native UI hooks with Telescope etc...
gitsigns-nvim # Fast git UI integration gitsigns-nvim # Fast git UI integration
nvim-surround # Deal with pairs, now in Lua nvim-surround # Deal with pairs, now in Lua
oil-nvim # Better alternative to NetrW
telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm
telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions
telescope-nvim # Fuzzy finder interface telescope-nvim # Fuzzy finder interface
@ -100,9 +104,6 @@ in
# Shell # Shell
bash-language-server bash-language-server
shfmt shfmt
# Generic
typos-lsp
]; ];
}; };

View file

@ -1,4 +1,4 @@
" Basic configuration {{{ " Basic configuraion {{{
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
" Use UTF-8 " Use UTF-8
set encoding=utf-8 set encoding=utf-8
@ -38,10 +38,10 @@ set tabstop=8
" File parameters {{{ " File parameters {{{
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
" Disable swap files " Disable backups, we have source control for that
set nobackup
" Disable swapfiles too
set noswapfile set noswapfile
" Enable undo files
set undofile
" }}} " }}}
" UI and UX parameters {{{ " UI and UX parameters {{{
@ -100,13 +100,7 @@ gruvbox.setup({
DiffChange = { fg = colors.aqua, bg = "NONE" }, DiffChange = { fg = colors.aqua, bg = "NONE" },
DiffDelete = { fg = colors.red, bg = "NONE" }, DiffDelete = { fg = colors.red, bg = "NONE" },
DiffText = { fg = colors.yellow, bg = colors.bg0 }, DiffText = { fg = colors.yellow, bg = colors.bg0 },
-- Directories "pop" better in blue }
Directory = { link = "GruvboxBlueBold" },
},
italic = {
-- Comments should not be italic, for e.g: box drawing
comments = false,
},
}) })
EOF EOF
" Use my preferred colorscheme " Use my preferred colorscheme

View file

@ -42,7 +42,7 @@ end
--- shared LSP configuration callback --- shared LSP configuration callback
--- @param client native client configuration --- @param client native client configuration
--- @param bufnr int? buffer number of the attached client --- @param bufnr int? buffer number of the attched client
M.on_attach = function(client, bufnr) M.on_attach = function(client, bufnr)
-- Format on save -- Format on save
lsp_format.on_attach(client, bufnr) lsp_format.on_attach(client, bufnr)
@ -87,30 +87,31 @@ M.on_attach = function(client, bufnr)
end end
local keys = { local keys = {
buffer = bufnr, K = { vim.lsp.buf.hover, "Show symbol information" },
-- LSP navigation ["<C-k>"] = { vim.lsp.buf.signature_help, "Show signature information" },
{ "K", vim.lsp.buf.hover, desc = "Show symbol information" }, ["gd"] = { vim.lsp.buf.definition, "Go to definition" },
{ "<C-k>", vim.lsp.buf.signature_help, desc = "Show signature information" }, ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" },
{ "gd", vim.lsp.buf.definition, desc = "Go to definition" }, ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" },
{ "gD", vim.lsp.buf.declaration, desc = "Go to declaration" }, ["gr"] = { vim.lsp.buf.references, "List all references" },
{ "gi", vim.lsp.buf.implementation, desc = "Go to implementation" },
{ "gr", vim.lsp.buf.references, desc = "List all references" }, ["<leader>c"] = {
-- Code name = "Code",
{ "<leader>c", group = "Code" }, a = { vim.lsp.buf.code_action, "Code actions" },
{ "<leader>ca", vim.lsp.buf.code_action, desc = "Code actions" }, d = { cycle_diagnostics_display, "Cycle diagnostics display" },
{ "<leader>cd", cycle_diagnostics_display, desc = "Cycle diagnostics display" }, D = { show_buffer_diagnostics, "Show buffer diagnostics" },
{ "<leader>cD", show_buffer_diagnostics, desc = "Show buffer diagnostics" }, r = { vim.lsp.buf.rename, "Rename symbol" },
{ "<leader>cr", vim.lsp.buf.rename, desc = "Rename symbol" }, s = { vim.lsp.buf.signature_help, "Show signature" },
{ "<leader>cs", vim.lsp.buf.signature_help, desc = "Show signature" }, t = { vim.lsp.buf.type_definition, "Go to type definition" },
{ "<leader>ct", vim.lsp.buf.type_definition, desc = "Go to type definition" }, w = {
-- Workspace name = "Workspace",
{ "<leader>cw", group = "Workspace" }, a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" },
{ "<leader>cwa", vim.lsp.buf.add_workspace_folder, desc = "Add folder to workspace" }, l = { list_workspace_folders, "List folders in workspace" },
{ "<leader>cwl", list_workspace_folders, desc = "List folders in workspace" }, r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" },
{ "<leader>cwr", vim.lsp.buf.remove_workspace_folder, desc = "Remove folder from workspace" }, },
},
} }
wk.add(keys) wk.register(keys, { buffer = bufnr })
end end
return M return M

View file

@ -48,22 +48,4 @@ M.list_lsp_clients = function(bufnr)
return names return names
end end
--- partially apply a function with given arguments
M.partial = function(f, ...)
local a = { ... }
local a_len = select("#", ...)
return function(...)
local tmp = { ... }
local tmp_len = select("#", ...)
-- Merge arg lists
for i = 1, tmp_len do
a[a_len + i] = tmp[i]
end
return f(unpack(a, 1, a_len + tmp_len))
end
end
return M return M

View file

@ -7,28 +7,17 @@ local numbertoggle = vim.api.nvim_create_augroup("numbertoggle", { clear = true
vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "InsertLeave", "WinEnter" }, { vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "InsertLeave", "WinEnter" }, {
pattern = "*", pattern = "*",
group = numbertoggle, group = numbertoggle,
callback = function() command = "if &nu | setlocal rnu | endif",
if vim.opt.number:get() then
vim.opt.relativenumber = true
end
end,
}) })
vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" }, { vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" }, {
pattern = "*", pattern = "*",
group = numbertoggle, group = numbertoggle,
callback = function() command = "if &nu | setlocal nornu | endif",
if vim.opt.number:get() then
vim.opt.relativenumber = false
end
end,
}) })
-- Never show the sign column in a terminal buffer -- Never show the sign column in a terminal buffer
vim.api.nvim_create_autocmd({ "TermOpen" }, { vim.api.nvim_create_autocmd({ "TermOpen" }, {
pattern = "*", pattern = "*",
group = numbertoggle, group = numbertoggle,
callback = function() command = "setlocal nonu nornu",
vim.opt.number = false
vim.opt.relativenumber = false
end,
}) })

View file

@ -1,75 +1,58 @@
local gitsigns = require("gitsigns") local gitsigns = require("gitsigns")
local utils = require("ambroisie.utils")
local wk = require("which-key") local wk = require("which-key")
--- Transform `f` into a function which acts on the current visual selection
local function make_visual(f)
return function()
local first = vim.fn.line("v")
local last = vim.fn.line(".")
f({ first, last })
end
end
local function nav_hunk(dir)
if vim.wo.diff then
local map = {
prev = "[c",
next = "]c",
}
vim.cmd.normal({ map[dir], bang = true })
else
gitsigns.nav_hunk(dir)
end
end
gitsigns.setup({ gitsigns.setup({
current_line_blame_opts = { current_line_blame_opts = {
-- Show the blame quickly -- Show the blame quickly
delay = 100, delay = 100,
}, },
-- Work-around for https://github.com/lewis6991/gitsigns.nvim/issues/929
signs_staged_enable = false,
}) })
local keys = { local keys = {
-- Navigation -- Navigation
{ "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" }, ["[c"] = { "&diff ? '[c' : '<cmd>Gitsigns prev_hunk<CR>'", "Previous hunk/diff", expr = true },
{ "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" }, ["]c"] = { "&diff ? ']c' : '<cmd>Gitsigns next_hunk<CR>'", "Next hunk/diff", expr = true },
-- Commands -- Commands
{ "<leader>g", group = "Git" }, ["<leader>g"] = {
{ "<leader>gb", gitsigns.toggle_current_line_blame, desc = "Toggle blame virtual text" }, name = "Git",
{ "<leader>gd", gitsigns.diffthis, desc = "Diff buffer" }, -- Actions
{ "<leader>gD", utils.partial(gitsigns.diffthis, "~"), desc = "Diff buffer against last commit" }, b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" },
{ "<leader>gg", "<cmd>Git<CR>", desc = "Git status" }, d = { gitsigns.diffthis, "Diff buffer" },
{ "<leader>gh", gitsigns.toggle_deleted, desc = "Show deleted hunks" }, -- stylua: ignore
{ "<leader>gL", "<cmd>:sp<CR><C-w>T:Gllog --follow -- %:p<CR>", desc = "Current buffer log" }, D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" },
{ "<leader>gm", "<Plug>(git-messenger)", desc = "Current line blame" }, g = { "<cmd>Git<CR>", "Git status" },
{ "<leader>gp", gitsigns.preview_hunk, desc = "Preview hunk" }, h = { gitsigns.toggle_deleted, "Show deleted hunks" },
{ "<leader>gr", gitsigns.reset_hunk, desc = "Restore hunk" }, L = { "<cmd>:sp<CR><C-w>T:Gllog --follow -- %:p<CR>", "Current buffer log" },
{ "<leader>gR", gitsigns.reset_buffer, desc = "Restore buffer" }, m = { "<Plug>(git-messenger)", "Current line blame" },
{ "<leader>gs", gitsigns.stage_hunk, desc = "Stage hunk" }, p = { gitsigns.preview_hunk, "Preview hunk" },
{ "<leader>gS", gitsigns.stage_buffer, desc = "Stage buffer" }, r = { gitsigns.reset_hunk, "Restore hunk" },
{ "<leader>gu", gitsigns.undo_stage_hunk, desc = "Undo stage hunk" }, R = { gitsigns.reset_buffer, "Restore buffer" },
{ "<leader>g[", utils.partial(gitsigns.nav_hunk, "prev"), desc = "Previous hunk" }, s = { gitsigns.stage_hunk, "Stage hunk" },
{ "<leader>g]", utils.partial(gitsigns.nav_hunk, "next"), desc = "Next hunk" }, S = { gitsigns.stage_buffer, "Stage buffer" },
u = { gitsigns.undo_stage_hunk, "Undo stage hunk" },
["["] = { gitsigns.prev_hunk, "Previous hunk" },
["]"] = { gitsigns.next_hunk, "Next hunk" },
},
} }
local objects = { local objects = {
mode = "o", ["ih"] = { gitsigns.select_hunk, "Git hunk" },
{ "ih", gitsigns.select_hunk, desc = "Git hunk" },
}
-- Visual
local visual = {
mode = { "x" },
{ "ih", gitsigns.select_hunk, desc = "Git hunk" },
{ "<leader>g", group = "Git" },
{ "<leader>gp", gitsigns.preview_hunk, desc = "Preview selection" },
{ "<leader>gr", make_visual(gitsigns.reset_hunk), desc = "Restore selection" },
{ "<leader>gs", make_visual(gitsigns.stage_hunk), desc = "Stage selection" },
{ "<leader>gu", gitsigns.undo_stage_hunk, desc = "Undo stage selection" },
} }
wk.add(keys) local visual = {
wk.add(objects) ["ih"] = { gitsigns.select_hunk, "Git hunk" },
wk.add(visual)
-- Only the actual command can make use of the visual selection...
["<leader>g"] = {
name = "Git",
p = { ":Gitsigns preview_hunk<CR>", "Preview selection" },
r = { ":Gitsigns reset_hunk<CR>", "Restore selection" },
s = { ":Gitsigns stage_hunk<CR>", "Stage selection" },
u = { ":Gitsigns undo_stage_hunk<CR>", "Undo stage selection" },
},
}
wk.register(keys, { buffer = bufnr })
wk.register(objects, { buffer = bufnr, mode = "o" })
wk.register(visual, { buffer = bufnr, mode = "x" })

View file

@ -84,11 +84,3 @@ if utils.is_executable("starpls") then
on_attach = lsp.on_attach, on_attach = lsp.on_attach,
}) })
end end
-- Generic
if utils.is_executable("typos-lsp") then
lspconfig.typos_lsp.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
end

View file

@ -1,34 +0,0 @@
local oil = require("oil")
local wk = require("which-key")
local detail = false
oil.setup({
view_options = {
-- Show files and directories that start with "." by default
show_hidden = true,
-- But never '..'
is_always_hidden = function(name, bufnr)
return name == ".."
end,
},
keymaps = {
["gd"] = {
desc = "Toggle file detail view",
callback = function()
detail = not detail
if detail then
oil.set_columns({ "icon", "permissions", "size", "mtime" })
else
oil.set_columns({ "icon" })
end
end,
},
},
})
local keys = {
{ "-", oil.open, desc = "Open parent directory" },
}
wk.add(keys)

View file

@ -1,6 +1,4 @@
local telescope = require("telescope") local telescope = require("telescope")
local telescope_builtin = require("telescope.builtin")
local wk = require("which-key")
telescope.setup({ telescope.setup({
defaults = { defaults = {
@ -24,14 +22,3 @@ telescope.setup({
telescope.load_extension("fzf") telescope.load_extension("fzf")
telescope.load_extension("lsp_handlers") telescope.load_extension("lsp_handlers")
local keys = {
{ "<leader>f", group = "Fuzzy finder" },
{ "<leader>fb", telescope_builtin.buffers, desc = "Open buffers" },
{ "<leader>ff", telescope_builtin.git_files, desc = "Git tracked files" },
{ "<leader>fF", telescope_builtin.find_files, desc = "Files" },
{ "<leader>fg", telescope_builtin.live_grep, desc = "Grep string" },
{ "<leader>fG", telescope_builtin.grep_string, desc = "Grep string under cursor" },
}
wk.add(keys)

View file

@ -1,5 +1,4 @@
local ts_config = require("nvim-treesitter.configs") local ts_config = require("nvim-treesitter.configs")
ts_config.setup({ ts_config.setup({
highlight = { highlight = {
enable = true, enable = true,
@ -15,16 +14,16 @@ ts_config.setup({
-- Jump to matching text objects -- Jump to matching text objects
lookahead = true, lookahead = true,
keymaps = { keymaps = {
["aa"] = { query = "@parameter.outer", desc = "a parameter" }, ["aa"] = "@parameter.outer",
["ia"] = { query = "@parameter.inner", desc = "inner parameter" }, ["ia"] = "@parameter.inner",
["ab"] = { query = "@block.outer", desc = "a block" }, ["ab"] = "@block.outer",
["ib"] = { query = "@block.inner", desc = "inner block" }, ["ib"] = "@block.inner",
["ac"] = { query = "@class.outer", desc = "a class" }, ["ac"] = "@class.outer",
["ic"] = { query = "@class.inner", desc = "inner class" }, ["ic"] = "@class.inner",
["af"] = { query = "@function.outer", desc = "a function" }, ["af"] = "@function.outer",
["if"] = { query = "@function.inner", desc = "inner function" }, ["if"] = "@function.inner",
["ak"] = { query = "@comment.outer", desc = "a comment" }, ["ak"] = "@comment.outer",
["aS"] = { query = "@statement.outer", desc = "a statement" }, ["aS"] = "@statement.outer",
}, },
}, },
move = { move = {
@ -32,22 +31,22 @@ ts_config.setup({
-- Add to jump list -- Add to jump list
set_jumps = true, set_jumps = true,
goto_next_start = { goto_next_start = {
["]m"] = { query = "@function.outer", desc = "Next method start" }, ["]m"] = "@function.outer",
["]S"] = { query = "@statement.outer", desc = "Next statement start" }, ["]S"] = "@statement.outer",
["]]"] = { query = "@class.outer", desc = "Next class start" }, ["]]"] = "@class.outer",
}, },
goto_next_end = { goto_next_end = {
["]M"] = { query = "@function.outer", desc = "Next method end" }, ["]M"] = "@function.outer",
["]["] = { query = "@class.outer", desc = "Next class end" }, ["]["] = "@class.outer",
}, },
goto_previous_start = { goto_previous_start = {
["[m"] = { query = "@function.outer", desc = "Previous method start" }, ["[m"] = "@function.outer",
["[S"] = { query = "@statement.outer", desc = "Previous statement start" }, ["[S"] = "@statement.outer",
["[["] = { query = "@class.outer", desc = "Previous class start" }, ["[["] = "@class.outer",
}, },
goto_previous_end = { goto_previous_end = {
["[M"] = { query = "@function.outer", desc = "Previous method end" }, ["[M"] = "@function.outer",
["[]"] = { query = "@class.outer", desc = "Previous class end" }, ["[]"] = "@class.outer",
}, },
}, },
}, },

View file

@ -1,33 +1,2 @@
local wk = require("which-key") local wk = require("which-key")
wk.setup({ wk.setup()
icons = {
-- I don't like icons
mappings = false,
breadcrumb = "»",
separator = "",
group = "+",
ellipsis = "",
keys = {
Up = "",
Down = "",
Left = "",
Right = "",
C = "<C>",
M = "<M>",
D = "<D>",
S = "<S>",
CR = "<CR>",
Esc = "<Esc> ",
NL = "<NL>",
BS = "<BS>",
Space = "<space>",
Tab = "<Tab> ",
},
},
})
local keys = {
{ "<leader><leader>", vim.cmd.nohlsearch, desc = "Clear search highlight" },
}
wk.add(keys)

View file

@ -4,23 +4,17 @@ local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true })
vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, { vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, {
pattern = "*", pattern = "*",
group = signtoggle, group = signtoggle,
callback = function() command = "setlocal signcolumn=yes",
vim.opt.signcolumn = "yes"
end,
}) })
vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, {
pattern = "*", pattern = "*",
group = signtoggle, group = signtoggle,
callback = function() command = "setlocal signcolumn=yes",
vim.opt.signcolumn = "no"
end,
}) })
-- Never show the sign column in a terminal buffer -- Never show the sign column in a terminal buffer
vim.api.nvim_create_autocmd({ "TermOpen" }, { vim.api.nvim_create_autocmd({ "TermOpen" }, {
pattern = "*", pattern = "*",
group = signtoggle, group = signtoggle,
callback = function() command = "setlocal signcolumn=no",
vim.opt.signcolumn = "no"
end,
}) })

View file

@ -20,7 +20,7 @@ in
}; };
xdg.configFile."wgetrc".text = '' xdg.configFile."wgetrc".text = ''
hsts-file = ${config.xdg.stateHome}/wget-hsts hsts-file = ${config.xdg.dataHome}/wget-hsts
''; '';
}; };
} }

View file

@ -58,7 +58,7 @@ in
service = "some-service-name"; service = "some-service-name";
} }
]; ];
description = "list of block configurations, merged with the defaults"; description = "list of block configurations, merged with the defauls";
}; };
}; };
}; };

View file

@ -371,7 +371,8 @@ in
}; };
startup = [ startup = [
# NOTE: rely on systemd user services instead... # FIXME
# { commdand; always; notification; }
]; ];
window = { window = {

View file

@ -2,7 +2,7 @@
let let
cfg = config.my.home.wm.screen-lock; cfg = config.my.home.wm.screen-lock;
notificationCmd = notficationCmd =
let let
duration = toString (cfg.notify.delay * 1000); duration = toString (cfg.notify.delay * 1000);
notifyCmd = "${lib.getExe pkgs.libnotify} -u critical -t ${duration}"; notifyCmd = "${lib.getExe pkgs.libnotify} -u critical -t ${duration}";
@ -48,7 +48,7 @@ in
"-notify" "-notify"
"${toString cfg.notify.delay}" "${toString cfg.notify.delay}"
"-notifier" "-notifier"
notificationCmd notficationCmd
]; ];
}; };
}; };

View file

@ -11,7 +11,7 @@ in
enable = true; enable = true;
# File types # File types
mime.enable = true; mime.enable = true;
# File associations # File associatons
mimeApps = { mimeApps = {
enable = true; enable = true;
}; };
@ -34,9 +34,6 @@ in
"gdb/.keep".text = ""; "gdb/.keep".text = "";
"tig/.keep".text = ""; "tig/.keep".text = "";
}; };
stateFile = {
"python/.keep".text = "";
};
}; };
# I want a tidier home # I want a tidier home
@ -46,13 +43,13 @@ in
CARGO_HOME = "${dataHome}/cargo"; CARGO_HOME = "${dataHome}/cargo";
DOCKER_CONFIG = "${configHome}/docker"; DOCKER_CONFIG = "${configHome}/docker";
GRADLE_USER_HOME = "${dataHome}/gradle"; GRADLE_USER_HOME = "${dataHome}/gradle";
HISTFILE = "${stateHome}/bash/history"; HISTFILE = "${dataHome}/bash/history";
INPUTRC = "${configHome}/readline/inputrc"; INPUTRC = "${configHome}/readline/inputrc";
PSQL_HISTORY = "${stateHome}/psql_history"; PSQL_HISTORY = "${dataHome}/psql_history";
PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; PYTHONPYCACHEPREFIX = "${cacheHome}/python/";
PYTHONUSERBASE = "${dataHome}/python/"; PYTHONUSERBASE = "${dataHome}/python/";
PYTHON_HISTORY = "${stateHome}/python/history"; PYTHON_HISTORY = "${stateHome}/python/history";
REDISCLI_HISTFILE = "${stateHome}/redis/rediscli_history"; REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history";
REPO_CONFIG_DIR = "${configHome}/repo"; REPO_CONFIG_DIR = "${configHome}/repo";
XCOMPOSECACHE = "${dataHome}/X11/xcompose"; XCOMPOSECACHE = "${dataHome}/X11/xcompose";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java"; _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java";

View file

@ -68,7 +68,7 @@ in
ignoreSpace = true; ignoreSpace = true;
ignoreDups = true; ignoreDups = true;
share = false; share = false;
path = "${config.xdg.stateHome}/zsh/zsh_history"; path = "${config.xdg.dataHome}/zsh/zsh_history";
}; };
plugins = [ plugins = [

View file

@ -12,7 +12,7 @@ setopt rc_quotes
setopt auto_resume setopt auto_resume
# Show history expansion before running a command # Show history expansion before running a command
setopt hist_verify setopt hist_verify
# Append commands to history as they are executed # Append commands to history as they are exectuted
setopt inc_append_history_time setopt inc_append_history_time
# Remove useless whitespace from commands # Remove useless whitespace from commands
setopt hist_reduce_blanks setopt hist_reduce_blanks

View file

@ -11,7 +11,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services.xserver = { services.xserver = {
# This section must be *after* the one configured by `libinput` # This section must be *after* the one configured by `libinput`
# for the `ScrollMethod` configuration to not be overridden # for the `ScrollMethod` configuration to not be overriden
inputClassSections = lib.mkAfter [ inputClassSections = lib.mkAfter [
# MX Ergo # MX Ergo
'' ''

View file

@ -1,4 +1,4 @@
# Configuration that spans across system and home, or are almagations of modules # Configuration that spans accross system and home, or are almagations of modules
{ ... }: { ... }:
{ {
imports = [ imports = [

View file

@ -71,8 +71,7 @@ in
}; };
}; };
# FIXME: persistence?
# NOTE: unfortunately aria2 does not log connection failures for fail2ban # NOTE: unfortunately aria2 does not log connection failures for fail2ban
# FIXME: persistence?
}; };
} }

View file

@ -37,21 +37,5 @@ in
}; };
# FIXME: persistence? # FIXME: persistence?
services.fail2ban.jails = {
audiobookshelf = ''
enabled = true
filter = audiobookshelf
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/audiobookshelf.conf".text = ''
[Definition]
failregex = ^.*ERROR: \[Auth\] Failed login attempt for username ".*" from ip <ADDR>
journalmatch = _SYSTEMD_UNIT=audiobookshelf.service
'';
};
}; };
} }

View file

@ -16,7 +16,6 @@
./grocy ./grocy
./indexers ./indexers
./jellyfin ./jellyfin
./komga
./lohr ./lohr
./matrix ./matrix
./mealie ./mealie
@ -27,7 +26,7 @@
./nginx ./nginx
./nix-cache ./nix-cache
./paperless ./paperless
./pdf-edit ./pirate
./podgrab ./podgrab
./postgresql ./postgresql
./postgresql-backup ./postgresql-backup
@ -35,7 +34,6 @@
./quassel ./quassel
./rss-bridge ./rss-bridge
./sabnzbd ./sabnzbd
./servarr
./ssh-server ./ssh-server
./tandoor-recipes ./tandoor-recipes
./tlp ./tlp

View file

@ -29,7 +29,5 @@ in
}; };
# FIXME: persistence? # FIXME: persistence?
# NOTE: unfortunately flood does not log connection failures for fail2ban
}; };
} }

View file

@ -1,4 +1,4 @@
# A low-resource, full-featured git forge. # A low-ressource, full-featured git forge.
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.my.services.forgejo; cfg = config.my.services.forgejo;

View file

@ -1,4 +1,4 @@
# A low-resource, full-featured git forge. # A low-ressource, full-featured git forge.
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.my.services.gitea; cfg = config.my.services.gitea;

View file

@ -39,7 +39,5 @@ in
# FIXME: backup # FIXME: backup
# FIXME: persistence # FIXME: persistence
# NOTE: unfortunately grocy does not log connection failures for fail2ban
}; };
} }

View file

@ -45,21 +45,5 @@ in
my.system.persist.directories = [ my.system.persist.directories = [
"/var/lib/${config.systemd.services.jellyfin.serviceConfig.StateDirectory}" "/var/lib/${config.systemd.services.jellyfin.serviceConfig.StateDirectory}"
]; ];
services.fail2ban.jails = {
jellyfin = ''
enabled = true
filter = jellyfin
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/jellyfin.conf".text = ''
[Definition]
failregex = ^.*Authentication request for .* has been denied \(IP: "?<ADDR>"?\)\.
journalmatch = _SYSTEMD_UNIT=jellyfin.service
'';
};
}; };
} }

View file

@ -1,55 +0,0 @@
# A Comics/Manga media server
{ config, lib, ... }:
let
cfg = config.my.services.komga;
in
{
options.my.services.komga = with lib; {
enable = mkEnableOption "Komga comics server";
port = mkOption {
type = types.port;
default = 4584;
example = 8080;
description = "Internal port for webui";
};
};
config = lib.mkIf cfg.enable {
services.komga = {
enable = true;
inherit (cfg) port;
group = "media";
};
systemd.services.komga.environment = {
LOGGING_LEVEL_ORG_GOTSON_KOMGA = "DEBUG"; # Needed for fail2ban
};
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = {
komga = {
inherit (cfg) port;
};
};
services.fail2ban.jails = {
komga = ''
enabled = true
filter = komga
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/komga.conf".text = ''
[Definition]
failregex = ^.* ip=<HOST>,.*Bad credentials.*$
journalmatch = _SYSTEMD_UNIT=komga.service
'';
};
};
}

View file

@ -26,6 +26,21 @@ in
description = "Shared secret to register users"; description = "Shared secret to register users";
}; };
slidingSync = {
port = mkOption {
type = types.port;
default = 8009;
example = 8084;
description = "Port used by sliding sync server";
};
secretFile = mkOption {
type = types.str;
example = "/var/lib/matrix/sliding-sync-secret-file.env";
description = "Secret file which contains SYNCV3_SECRET definition";
};
};
mailConfigFile = mkOption { mailConfigFile = mkOption {
type = types.str; type = types.str;
example = "/var/lib/matrix/email-config.yaml"; example = "/var/lib/matrix/email-config.yaml";
@ -91,6 +106,17 @@ in
] ++ lib.optional (cfg.secretFile != null) cfg.secretFile; ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
}; };
services.matrix-sliding-sync = {
enable = true;
settings = {
SYNCV3_SERVER = "https://${matrixDomain}";
SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}";
};
environmentFile = cfg.slidingSync.secretFile;
};
my.services.nginx.virtualHosts = { my.services.nginx.virtualHosts = {
# Element Web app deployment # Element Web app deployment
chat = { chat = {
@ -104,6 +130,9 @@ in
"m.identity_server" = { "m.identity_server" = {
"base_url" = "https://vector.im"; "base_url" = "https://vector.im";
}; };
"org.matrix.msc3575.proxy" = {
"url" = "https://matrix-sync.${domain}";
};
}; };
showLabsSettings = true; showLabsSettings = true;
defaultCountryCode = "FR"; # cocorico defaultCountryCode = "FR"; # cocorico
@ -123,6 +152,10 @@ in
matrix-client = { matrix-client = {
port = clientPort.private; port = clientPort.private;
}; };
# Sliding sync
matrix-sync = {
inherit (cfg.slidingSync) port;
};
}; };
# Those are too complicated to use my wrapper... # Those are too complicated to use my wrapper...
@ -145,6 +178,11 @@ in
"/_matrix" = proxyToClientPort; "/_matrix" = proxyToClientPort;
"/_synapse/client" = proxyToClientPort; "/_synapse/client" = proxyToClientPort;
# Sliding sync
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://${config.services.matrix-sliding-sync.settings.SYNCV3_BINDADDR}";
};
}; };
listen = [ listen = [
@ -190,6 +228,7 @@ in
client = { client = {
"m.homeserver" = { "base_url" = "https://${matrixDomain}"; }; "m.homeserver" = { "base_url" = "https://${matrixDomain}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; }; "m.identity_server" = { "base_url" = "https://vector.im"; };
"org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; };
}; };
# ACAO required to allow element-web on any URL to request this json file # ACAO required to allow element-web on any URL to request this json file
in in

View file

@ -74,21 +74,5 @@ in
# FIXME: backup # FIXME: backup
# FIXME: persistence # FIXME: persistence
services.fail2ban.jails = {
mealie = ''
enabled = true
filter = mealie
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/mealie.conf".text = ''
[Definition]
failregex = ^.*ERROR.*Incorrect username or password from <HOST>
journalmatch = _SYSTEMD_UNIT=mealie.service
'';
};
}; };
} }

View file

@ -51,21 +51,5 @@ in
# FIXME: backup # FIXME: backup
# FIXME: persistence # FIXME: persistence
services.fail2ban.jails = {
miniflux = ''
enabled = true
filter = miniflux
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/miniflux.conf".text = ''
[Definition]
failregex = ^.*msg="[^"]*(Incorrect|Invalid) username or password[^"]*".*client_ip=<ADDR>
journalmatch = _SYSTEMD_UNIT=miniflux.service
'';
};
}; };
} }

View file

@ -56,21 +56,5 @@ in
my.system.persist.directories = [ my.system.persist.directories = [
"/var/lib/${config.systemd.services.navidrome.serviceConfig.StateDirectory}" "/var/lib/${config.systemd.services.navidrome.serviceConfig.StateDirectory}"
]; ];
services.fail2ban.jails = {
navidrome = ''
enabled = true
filter = navidrome
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/navidrome.conf".text = ''
[Definition]
failregex = ^.*msg="Unsuccessful login".*X-Real-Ip:\[<HOST>\]
journalmatch = _SYSTEMD_UNIT=navidrome.service
'';
};
}; };
} }

View file

@ -31,7 +31,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud30; package = pkgs.nextcloud29;
hostName = "nextcloud.${config.networking.domain}"; hostName = "nextcloud.${config.networking.domain}";
home = "/var/lib/nextcloud"; home = "/var/lib/nextcloud";
maxUploadSize = cfg.maxSize; maxUploadSize = cfg.maxSize;
@ -92,25 +92,5 @@ in
config.services.nextcloud.home config.services.nextcloud.home
config.services.nextcloud.datadir config.services.nextcloud.datadir
]; ];
services.fail2ban.jails = {
nextcloud = ''
enabled = true
filter = nextcloud
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/nextcloud.conf".text = ''
[Definition]
_groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
'';
};
}; };
} }

View file

@ -59,12 +59,14 @@ let
extraConfig = mkOption { extraConfig = mkOption {
type = types.attrs; # FIXME: forward type of virtualHosts type = types.attrs; # FIXME: forward type of virtualHosts
example = { example = litteralExample ''
{
locations."/socket" = { locations."/socket" = {
proxyPass = "http://127.0.0.1:8096/"; proxyPass = "http://127.0.0.1:8096/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; }
'';
default = { }; default = { };
description = '' description = ''
Any extra configuration that should be applied to this virtual host. Any extra configuration that should be applied to this virtual host.
@ -98,7 +100,8 @@ in
virtualHosts = mkOption { virtualHosts = mkOption {
type = types.attrsOf virtualHostOption; type = types.attrsOf virtualHostOption;
default = { }; default = { };
example = { example = litteralExample ''
{
gitea = { gitea = {
subdomain = "git"; subdomain = "git";
port = 8080; port = 8080;
@ -115,7 +118,8 @@ in
}; };
}; };
}; };
}; }
'';
description = '' description = ''
List of virtual hosts to set-up using default settings. List of virtual hosts to set-up using default settings.
''; '';
@ -159,21 +163,25 @@ in
}; };
}; };
}); });
example = { example = litteralExample ''
{
alice = { alice = {
passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt";
totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt";
}; };
}; }
'';
description = "Definition of users"; description = "Definition of users";
}; };
groups = mkOption { groups = mkOption {
type = with types; attrsOf (listOf str); type = with types; attrsOf (listOf str);
example = { example = litteralExample ''
{
root = [ "alice" ]; root = [ "alice" ];
users = [ "alice" "bob" ]; users = [ "alice" "bob" ];
}; }
'';
description = "Groups of users"; description = "Groups of users";
}; };
}; };

View file

@ -59,10 +59,15 @@ in
StateDirectory = "nginx-sso"; StateDirectory = "nginx-sso";
WorkingDirectory = "/var/lib/nginx-sso"; WorkingDirectory = "/var/lib/nginx-sso";
# The files to be merged might not have the correct permissions # The files to be merged might not have the correct permissions
ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' ExecStartPre = ''+${pkgs.writeShellScript "merge-nginx-sso-config" ''
rm -f '${confPath}' rm -f '${confPath}'
${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath}
'';
# Fix permissions
chown nginx-sso:nginx-sso ${confPath}
chmod 0600 ${confPath}
''
}'';
ExecStart = lib.mkForce '' ExecStart = lib.mkForce ''
${lib.getExe pkg} \ ${lib.getExe pkg} \
--config ${confPath} \ --config ${confPath} \

View file

@ -40,7 +40,7 @@ in
inherit (cfg) priority; inherit (cfg) priority;
}; };
signKeyPaths = [ cfg.secretKeyFile ]; signKeyPath = cfg.secretKeyFile;
}; };
my.services.nginx.virtualHosts = { my.services.nginx.virtualHosts = {

View file

@ -1,73 +0,0 @@
{ config, lib, ... }:
let
cfg = config.my.services.pdf-edit;
in
{
options.my.services.pdf-edit = with lib; {
enable = mkEnableOption "PDF edition service";
port = mkOption {
type = types.port;
default = 8089;
example = 8080;
description = "Internal port for webui";
};
loginFile = mkOption {
type = types.str;
example = "/run/secrets/pdf-edit/login.env";
description = ''
`SECURITY_INITIALLOGIN_USERNAME` and `SECURITY_INITIALLOGIN_PASSWORD`
defined in the format of 'EnvironmentFile' (see `systemd.exec(5)`).
'';
};
};
config = lib.mkIf cfg.enable {
services.stirling-pdf = lib.mkIf cfg.enable {
enable = true;
environment = {
SERVER_PORT = cfg.port;
SECURITY_CSRFDISABLED = "false";
SYSTEM_SHOWUPDATE = "false"; # We don't care about update notifications
INSTALL_BOOK_AND_ADVANCED_HTML_OPS = "true"; # Installed by the module
SECURITY_ENABLELOGIN = "true";
SECURITY_LOGINATTEMPTCOUNT = "-1"; # Rely on fail2ban instead
};
environmentFiles = [ cfg.loginFile ];
};
my.services.nginx.virtualHosts = {
pdf-edit = {
inherit (cfg) port;
extraConfig = {
# Allow upload of PDF files up to 1G
locations."/".extraConfig = ''
client_max_body_size 1G;
'';
};
};
};
services.fail2ban.jails = {
stirling-pdf = ''
enabled = true
filter = stirling-pdf
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/stirling-pdf.conf".text = ''
[Definition]
failregex = ^.*Failed login attempt from IP: <HOST>$
journalmatch = _SYSTEMD_UNIT=stirling-pdf.service
'';
};
};
}

View file

@ -4,13 +4,12 @@
# [1]: https://youtu.be/I26Ql-uX6AM # [1]: https://youtu.be/I26Ql-uX6AM
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.my.services.servarr; cfg = config.my.services.pirate;
ports = { ports = {
bazarr = 6767; bazarr = 6767;
lidarr = 8686; lidarr = 8686;
radarr = 7878; radarr = 7878;
readarr = 8787;
sonarr = 8989; sonarr = 8989;
}; };
@ -58,7 +57,7 @@ let
]); ]);
in in
{ {
options.my.services.servarr = { options.my.services.pirate = {
enable = lib.mkEnableOption "Media automation"; enable = lib.mkEnableOption "Media automation";
bazarr = { bazarr = {
@ -73,10 +72,6 @@ in
enable = lib.my.mkDisableOption "Radarr"; enable = lib.my.mkDisableOption "Radarr";
}; };
readarr = {
enable = lib.my.mkDisableOption "Readarr";
};
sonarr = { sonarr = {
enable = lib.my.mkDisableOption "Sonarr"; enable = lib.my.mkDisableOption "Sonarr";
}; };
@ -95,9 +90,6 @@ in
# Radarr for movies # Radarr for movies
(mkFullConfig "radarr") (mkFullConfig "radarr")
(mkFail2Ban "radarr") (mkFail2Ban "radarr")
# Readarr for books
(mkFullConfig "readarr")
(mkFail2Ban "readarr")
# Sonarr for shows # Sonarr for shows
(mkFullConfig "sonarr") (mkFullConfig "sonarr")
(mkFail2Ban "sonarr") (mkFail2Ban "sonarr")

View file

@ -13,7 +13,7 @@ in
example = "/run/secrets/password.env"; example = "/run/secrets/password.env";
description = '' description = ''
The path to a file containing the PASSWORD environment variable The path to a file containing the PASSWORD environment variable
definition for Podgrab's authentication. definition for Podgrab's authentification.
''; '';
}; };

View file

@ -53,9 +53,8 @@ in
}; };
}; };
# FIXME: fail2ban
# FIXME: backup # FIXME: backup
# FIXME: persistence # FIXME: persistence
# FIXME: fail2ban
}; };
} }

View file

@ -85,7 +85,5 @@ in
# FIXME: backup # FIXME: backup
# FIXME: persistence # FIXME: persistence
# NOTE: unfortunately tandoor-recipes does not log connection failures for fail2ban
}; };
} }

View file

@ -94,7 +94,5 @@ in
my.system.persist.directories = [ my.system.persist.directories = [
config.services.transmission.home config.services.transmission.home
]; ];
# NOTE: unfortunately transmission does not log connection failures for fail2ban
}; };
} }

View file

@ -41,7 +41,7 @@ in
service = { service = {
# Only allow registration of users through the CLI # Only allow registration of users through the CLI
enableregistration = false; enableregistration = false;
# Use the host's timezone # Ues the host's timezone
timezone = config.time.timeZone; timezone = config.time.timeZone;
# Use UNIX socket for serving the API # Use UNIX socket for serving the API
unixsocket = socketPath; unixsocket = socketPath;
@ -101,7 +101,5 @@ in
}; };
# FIXME: persistence # FIXME: persistence
# NOTE: unfortunately vikunja does not log connection failures for fail2ban
}; };
} }

View file

@ -206,7 +206,7 @@ in
]; ];
} }
# Additional interface is only used to get access to "LAN" from wireguard # Additional inteface is only used to get access to "LAN" from wireguard
(lib.mkIf cfg.internal.enable { (lib.mkIf cfg.internal.enable {
networking.wg-quick.interfaces."${cfg.internal.name}" = mkInterface [ networking.wg-quick.interfaces."${cfg.internal.name}" = mkInterface [
"${cfg.net.v4.subnet}.0/${toString cfg.net.v4.mask}" "${cfg.net.v4.subnet}.0/${toString cfg.net.v4.mask}"

View file

@ -23,9 +23,5 @@ in
]; ];
}; };
}; };
my.system.persist.directories = [
"/var/lib/docker"
];
}; };
} }

View file

@ -22,10 +22,6 @@ in
options.my.system.nix = with lib; { options.my.system.nix = with lib; {
enable = my.mkDisableOption "nix configuration"; enable = my.mkDisableOption "nix configuration";
gc = {
enable = my.mkDisableOption "nix GC configuration";
};
cache = { cache = {
selfHosted = my.mkDisableOption "self-hosted cache"; selfHosted = my.mkDisableOption "self-hosted cache";
}; };
@ -66,22 +62,6 @@ in
}; };
} }
(lib.mkIf cfg.gc.enable {
nix.gc = {
automatic = true;
# Every week, with some wiggle room
dates = "weekly";
randomizedDelaySec = "10min";
# Use a persistent timer for e.g: laptops
persistent = true;
# Delete old profiles automatically after 15 days
options = "--delete-older-than 15d";
};
})
(lib.mkIf cfg.cache.selfHosted { (lib.mkIf cfg.cache.selfHosted {
nix = { nix = {
settings = { settings = {

View file

@ -14,14 +14,12 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim
wget wget
]; ];
programs = { programs = {
vim = { vim.defaultEditor = true; # Modal editing is life
enable = true;
defaultEditor = true; # Modal editing is life
};
zsh = { zsh = {
enable = true; # Use integrations enable = true; # Use integrations

View file

@ -58,6 +58,10 @@ in
"/var/lib/nixos" "/var/lib/nixos"
"/var/lib/systemd/coredump" "/var/lib/systemd/coredump"
] ]
++ (lib.optionals config.virtualisation.docker.enable [
"/var/lib/docker"
])
# FIXME: podman
++ cfg.directories ++ cfg.directories
; ;
}; };

View file

@ -44,9 +44,5 @@ in
]; ];
}; };
}; };
my.system.persist.directories = [
"/var/lib/containers"
];
}; };
} }

View file

@ -1,14 +0,0 @@
self: prev:
{
transmission_4 = prev.transmission_4.overrideAttrs (_: {
version = "4.0.5";
src = self.fetchFromGitHub {
owner = "transmission";
repo = "transmission";
rev = "4.0.5";
hash = "sha256-gd1LGAhMuSyC/19wxkoE2mqVozjGPfupIPGojKY0Hn4=";
fetchSubmodules = true;
};
});
}

View file

@ -1,47 +0,0 @@
{ lib
, fetchFromGitHub
, python3Packages
, withTeXLive ? true
, texliveSmall
}:
python3Packages.buildPythonApplication rec {
pname = "cgt-calc";
version = "1.13.0";
pyproject = true;
src = fetchFromGitHub {
owner = "KapJI";
repo = "capital-gains-calculator";
rev = "v${version}";
hash = "sha256-y/Y05wG89nccXyxfjqazyPJhd8dOkfwRJre+Rzx97Hw=";
};
build-system = with python3Packages; [
poetry-core
];
dependencies = with python3Packages; [
defusedxml
jinja2
pandas
requests
types-requests
yfinance
];
makeWrapperArgs = lib.optionals withTeXLive [
"--prefix"
"PATH"
":"
"${lib.getBin texliveSmall}/bin"
];
meta = with lib; {
description = "UK capital gains tax calculator";
homepage = "https://github.com/KapJI/capital-gains-calculator";
license = with licenses; [ mit ];
mainProgram = "cgt-calc";
maintainers = with maintainers; [ ambroisie ];
platforms = platforms.unix;
};
}

View file

@ -2,8 +2,6 @@
pkgs.lib.makeScope pkgs.newScope (pkgs: { pkgs.lib.makeScope pkgs.newScope (pkgs: {
bw-pass = pkgs.callPackage ./bw-pass { }; bw-pass = pkgs.callPackage ./bw-pass { };
cgt-calc = pkgs.callPackage ./cgt-calc { };
change-audio = pkgs.callPackage ./change-audio { }; change-audio = pkgs.callPackage ./change-audio { };
change-backlight = pkgs.callPackage ./change-backlight { }; change-backlight = pkgs.callPackage ./change-backlight { };

View file

@ -1,16 +1,16 @@
{ lib, fetchFromGitHub, rustPlatform }: { lib, fetchFromGitHub, rustPlatform }:
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "lohr"; pname = "lohr";
version = "0.4.6"; version = "0.4.5";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "alarsyo"; owner = "alarsyo";
repo = "lohr"; repo = "lohr";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; hash = "sha256-p6E/r+OxFTpxDpOKSlacOxvRLfHSKg1mHNAfTytfqDY=";
}; };
cargoHash = "sha256-EUhyrhPe+mUgMmm4o+bxRIiSNReJRfw+/O1fPr8r7lo="; cargoHash = "sha256-hext0S0o9D9pN9epzXtD5dwAYMPCLpBBOBT4FX0mTMk=";
meta = with lib; { meta = with lib; {
description = "Git mirroring daemon"; description = "Git mirroring daemon";

View file

@ -1,7 +1,7 @@
{ lib, gawk, stdenvNoCC, stevenblack-blocklist }: { lib, gawk, stdenvNoCC, stevenblack-blocklist }:
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "unbound-zones-adblock"; name = "unbound-zones-adblock";
inherit (stevenblack-blocklist) version; version = stevenblack-blocklist.rev;
src = stevenblack-blocklist; src = stevenblack-blocklist;
@ -30,7 +30,7 @@ stdenvNoCC.mkDerivation {
description = "Unified host lists, ready to be used by unbound"; description = "Unified host lists, ready to be used by unbound";
longDescription = '' longDescription = ''
This is a simple derivation based on StevenBlack's unified hosts list. This is a simple derivation based on StevenBlack's unified hosts list.
The files have been modified for easy use with unbound. The files have been modified for easy use wih unbound.
''; '';
homepage = "https://github.com/StevenBlack/hosts"; homepage = "https://github.com/StevenBlack/hosts";
license = licenses.mit; license = licenses.mit;