From c8b5b1586cf466b1b63bf82d739ff47b96bf42ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Feb 2024 17:16:43 +0100 Subject: [PATCH 001/485] flake: bump inputs And remove the now-redundant overlay to fix a flaky `tandoor-recipes` test. --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ae79c1a9..4773d30d 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1706955260, - "narHash": "sha256-W3y0j77IDVbmbajudHoUr46RpswujUCl+D5Vru53UsI=", + "lastModified": 1707175763, + "narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=", "owner": "nix-community", "repo": "home-manager", - "rev": "880d9bc2110f7cae59698f715b8ca42cdc53670c", + "rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1706732774, - "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=", + "lastModified": 1707092692, + "narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d", + "rev": "faf912b086576fd1a15fca610166c98d47bc667e", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1706978646, - "narHash": "sha256-XEFktO8Ba41zKawf1Uf6FKIR1x0ShuoSddYXU4PQbx8=", + "lastModified": 1707234300, + "narHash": "sha256-D+LdA8g0Tq+KE9EmJMmn8EGRO5jZ2nLe/W0Fr5EIsdg=", "owner": "nix-community", "repo": "NUR", - "rev": "66d6b7b355f3b10ea4140f8b85b2e274c24d442a", + "rev": "59fceae769455455ef44c1dfb63bbae1ecddc41d", "type": "github" }, "original": { From 1a7223a5e52623b9d9982783202a6f92458bbe1d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Feb 2024 17:25:03 +0100 Subject: [PATCH 002/485] overlays: remove 'tandoor-recipes-failing-test' This is now redundant, the nixpkgs bump provided an updated package which builds successfully. This reverts commit 473be47b29843ae6125296bbf2ea7ea36acc110b. --- overlays/tandoor-recipes-failing-test/default.nix | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 overlays/tandoor-recipes-failing-test/default.nix diff --git a/overlays/tandoor-recipes-failing-test/default.nix b/overlays/tandoor-recipes-failing-test/default.nix deleted file mode 100644 index 43755acc..00000000 --- a/overlays/tandoor-recipes-failing-test/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -_self: super: -{ - tandoor-recipes = super.tandoor-recipes.overridePythonAttrs (oa: { - disabledTests = (oa.disabledTests or [ ]) ++ [ - "test_search_count" - "test_url_import_regex_replace" - ]; - }); -} From 091424cb14871190e8a2a9d8b5dc301d73aaf2fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 11:49:42 +0000 Subject: [PATCH 003/485] overlays: gruvbox-nvim-better-diff: simplify --- .../gruvbox-nvim-better-diff/generated.nix | 24 ++++--------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/overlays/gruvbox-nvim-better-diff/generated.nix b/overlays/gruvbox-nvim-better-diff/generated.nix index 50ea4ad4..82a18c2a 100644 --- a/overlays/gruvbox-nvim-better-diff/generated.nix +++ b/overlays/gruvbox-nvim-better-diff/generated.nix @@ -1,24 +1,10 @@ -{ vimUtils, fetchFromGitHub }: +{ ... }: -_final: _prev: { - gruvbox-nvim = vimUtils.buildVimPlugin { - pname = "gruvbox.nvim"; - version = "2023-10-07"; - - src = fetchFromGitHub { - owner = "ellisonleao"; - repo = "gruvbox.nvim"; - rev = "477c62493c82684ed510c4f70eaf83802e398898"; - sha256 = "0250c24c6n6yri48l288irdawhqs16qna3y74rdkgjd2jvh66vdm"; - }; - - patches = [ +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ # Inspired by https://github.com/ellisonleao/gruvbox.nvim/pull/291 ./colours.patch ]; - - meta = { - homepage = "https://github.com/ellisonleao/gruvbox.nvim/"; - }; - }; + }); } From 9b2963cb8c63c0aff2ca30b0897befc4a21d5bee Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 11:50:42 +0000 Subject: [PATCH 004/485] overlays: add gruvbox-nvim-treesitter-fix The version in nixpkgs is not up-to-date with regards to the nvim-treesitter breaking changes that were recently introduced. --- overlays/gruvbox-nvim-treesitter-fix/default.nix | 4 ++++ overlays/gruvbox-nvim-treesitter-fix/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/gruvbox-nvim-treesitter-fix/default.nix create mode 100644 overlays/gruvbox-nvim-treesitter-fix/generated.nix diff --git a/overlays/gruvbox-nvim-treesitter-fix/default.nix b/overlays/gruvbox-nvim-treesitter-fix/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/gruvbox-nvim-treesitter-fix/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/gruvbox-nvim-treesitter-fix/generated.nix b/overlays/gruvbox-nvim-treesitter-fix/generated.nix new file mode 100644 index 00000000..5a18d623 --- /dev/null +++ b/overlays/gruvbox-nvim-treesitter-fix/generated.nix @@ -0,0 +1,14 @@ +{ fetchFromGitHub }: + +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (_: { + version = "2024-01-29"; + + src = fetchFromGitHub { + owner = "ellisonleao"; + repo = "gruvbox.nvim"; + rev = "6e4027ae957cddf7b193adfaec4a8f9e03b4555f"; + sha256 = "sha256-jWnrRy/PT7D0UcPGL+XTbKHWvS0ixvbyqPtTzG9HY84="; + }; + }); +} From 0650c1f15958e9510b67f51ce1cfe57f4bff94e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 19:44:51 +0000 Subject: [PATCH 005/485] home: xdg: fix sort order --- modules/home/xdg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 3bba198c..3aa43bd4 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -48,8 +48,8 @@ in LESSHISTFILE = "${dataHome}/less/history"; LESSKEY = "${configHome}/less/lesskey"; PSQL_HISTORY = "${dataHome}/psql_history"; - REPO_CONFIG_DIR = "${configHome}/repo"; REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; + REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; }; } From 7a03ce201268ebe924b42439a19a51988f5a625e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 19:45:32 +0000 Subject: [PATCH 006/485] home: xdg: add python configuration It looks like 3.13 finally brought a way to change the history location through `PYTHON_HISTORY`. --- modules/home/xdg/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 3aa43bd4..6e49aa1b 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -48,6 +48,9 @@ in LESSHISTFILE = "${dataHome}/less/history"; LESSKEY = "${configHome}/less/lesskey"; PSQL_HISTORY = "${dataHome}/psql_history"; + PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; + PYTHONUSERBASE = "${dataHome}/python/"; + PYTHON_HISTORY = "${stateHome}/python/history"; REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; From c68574b7450ccff6fa60d79841bb39de577e1f0c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 20:17:46 +0000 Subject: [PATCH 007/485] home: add wget This is mostly so that I can add the XDG-compliant configuration. --- modules/home/default.nix | 1 + modules/home/wget/default.nix | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 modules/home/wget/default.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index 4dcfc358..c8183cfd 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -39,6 +39,7 @@ ./tmux ./udiskie ./vim + ./wget ./wm ./x ./xdg diff --git a/modules/home/wget/default.nix b/modules/home/wget/default.nix new file mode 100644 index 00000000..32c13c0d --- /dev/null +++ b/modules/home/wget/default.nix @@ -0,0 +1,26 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.my.home.wget; +in +{ + options.my.home.wget = with lib; { + enable = my.mkDisableOption "wget configuration"; + + package = mkPackageOption pkgs "wget" { }; + }; + + config = lib.mkIf cfg.enable { + home.packages = [ + cfg.package + ]; + + + home.sessionVariables = lib.mkIf cfg.enable { + WGETRC = "${config.xdg.configHome}/wgetrc"; + }; + + xdg.configFile."wgetrc".text = '' + hsts-file = ${config.xdg.dataHome}/wget-hsts + ''; + }; +} From 2e5899b22eda2561c332daa91cc375b2cb5fcfe9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Apr 2023 21:00:36 +0100 Subject: [PATCH 008/485] WIP --- modules/home/nix/default.nix | 4 ++++ modules/nixos/system/nix/default.nix | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index 9ccbdc5e..8e777da0 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -48,7 +48,11 @@ in nix = { package = lib.mkDefault pkgs.nix; # NixOS module sets it unconditionally + # FIXME: waiting on https://github.com/nix-community/home-manager/pull/3876 settings = { + # I like XDG-compliance + use-xdg-base-directories = true; + experimental-features = [ "nix-command" "flakes" ]; }; }; diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index 47d64995..365e84fc 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -54,7 +54,12 @@ in nix = { package = pkgs.nix; + # FIXME: waiting on https://github.com/NixOS/nixpkgs/pull/146515 + # FIXME: look at https://github.com/SuperSandro2000/nixos-modules/blob/master/modules/nix.nix settings = { + # I like XDG-compliance + use-xdg-base-directories = true; + experimental-features = [ "nix-command" "flakes" ]; }; }; From 0b74332e9c500967bf748ca4c14e89b322d22096 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Feb 2024 17:16:43 +0100 Subject: [PATCH 009/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ae79c1a9..4773d30d 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1706955260, - "narHash": "sha256-W3y0j77IDVbmbajudHoUr46RpswujUCl+D5Vru53UsI=", + "lastModified": 1707175763, + "narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=", "owner": "nix-community", "repo": "home-manager", - "rev": "880d9bc2110f7cae59698f715b8ca42cdc53670c", + "rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1706732774, - "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=", + "lastModified": 1707092692, + "narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d", + "rev": "faf912b086576fd1a15fca610166c98d47bc667e", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1706978646, - "narHash": "sha256-XEFktO8Ba41zKawf1Uf6FKIR1x0ShuoSddYXU4PQbx8=", + "lastModified": 1707234300, + "narHash": "sha256-D+LdA8g0Tq+KE9EmJMmn8EGRO5jZ2nLe/W0Fr5EIsdg=", "owner": "nix-community", "repo": "NUR", - "rev": "66d6b7b355f3b10ea4140f8b85b2e274c24d442a", + "rev": "59fceae769455455ef44c1dfb63bbae1ecddc41d", "type": "github" }, "original": { From 8c03bff1cf8531f2afc5c81556361479ab4391ab Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Feb 2024 17:25:03 +0100 Subject: [PATCH 010/485] overlays: remove 'tandoor-recipes-failing-test' This is now redundant, the nixpkgs bump provided an updated package which builds successfully. This reverts commit 473be47b29843ae6125296bbf2ea7ea36acc110b. --- overlays/tandoor-recipes-failing-test/default.nix | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 overlays/tandoor-recipes-failing-test/default.nix diff --git a/overlays/tandoor-recipes-failing-test/default.nix b/overlays/tandoor-recipes-failing-test/default.nix deleted file mode 100644 index 43755acc..00000000 --- a/overlays/tandoor-recipes-failing-test/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -_self: super: -{ - tandoor-recipes = super.tandoor-recipes.overridePythonAttrs (oa: { - disabledTests = (oa.disabledTests or [ ]) ++ [ - "test_search_count" - "test_url_import_regex_replace" - ]; - }); -} From 9e0930aca4fb0ae40c40c5cd932962e832d0ee0a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 11:49:42 +0000 Subject: [PATCH 011/485] overlays: gruvbox-nvim-better-diff: simplify --- .../gruvbox-nvim-better-diff/generated.nix | 24 ++++--------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/overlays/gruvbox-nvim-better-diff/generated.nix b/overlays/gruvbox-nvim-better-diff/generated.nix index 50ea4ad4..82a18c2a 100644 --- a/overlays/gruvbox-nvim-better-diff/generated.nix +++ b/overlays/gruvbox-nvim-better-diff/generated.nix @@ -1,24 +1,10 @@ -{ vimUtils, fetchFromGitHub }: +{ ... }: -_final: _prev: { - gruvbox-nvim = vimUtils.buildVimPlugin { - pname = "gruvbox.nvim"; - version = "2023-10-07"; - - src = fetchFromGitHub { - owner = "ellisonleao"; - repo = "gruvbox.nvim"; - rev = "477c62493c82684ed510c4f70eaf83802e398898"; - sha256 = "0250c24c6n6yri48l288irdawhqs16qna3y74rdkgjd2jvh66vdm"; - }; - - patches = [ +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ # Inspired by https://github.com/ellisonleao/gruvbox.nvim/pull/291 ./colours.patch ]; - - meta = { - homepage = "https://github.com/ellisonleao/gruvbox.nvim/"; - }; - }; + }); } From d6eceea08a12b09ebcf6396402f6f5242242c667 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 11:50:42 +0000 Subject: [PATCH 012/485] overlays: add gruvbox-nvim-treesitter-fix The version in nixpkgs is not up-to-date with regards to the nvim-treesitter breaking changes that were recently introduced. --- overlays/gruvbox-nvim-treesitter-fix/default.nix | 4 ++++ overlays/gruvbox-nvim-treesitter-fix/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/gruvbox-nvim-treesitter-fix/default.nix create mode 100644 overlays/gruvbox-nvim-treesitter-fix/generated.nix diff --git a/overlays/gruvbox-nvim-treesitter-fix/default.nix b/overlays/gruvbox-nvim-treesitter-fix/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/gruvbox-nvim-treesitter-fix/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/gruvbox-nvim-treesitter-fix/generated.nix b/overlays/gruvbox-nvim-treesitter-fix/generated.nix new file mode 100644 index 00000000..5a18d623 --- /dev/null +++ b/overlays/gruvbox-nvim-treesitter-fix/generated.nix @@ -0,0 +1,14 @@ +{ fetchFromGitHub }: + +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (_: { + version = "2024-01-29"; + + src = fetchFromGitHub { + owner = "ellisonleao"; + repo = "gruvbox.nvim"; + rev = "6e4027ae957cddf7b193adfaec4a8f9e03b4555f"; + sha256 = "sha256-jWnrRy/PT7D0UcPGL+XTbKHWvS0ixvbyqPtTzG9HY84="; + }; + }); +} From f4c4a485d60fff68a95e423a6888e31b15cb32db Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 19:44:51 +0000 Subject: [PATCH 013/485] home: xdg: fix sort order --- modules/home/xdg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 3bba198c..3aa43bd4 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -48,8 +48,8 @@ in LESSHISTFILE = "${dataHome}/less/history"; LESSKEY = "${configHome}/less/lesskey"; PSQL_HISTORY = "${dataHome}/psql_history"; - REPO_CONFIG_DIR = "${configHome}/repo"; REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; + REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; }; } From cb97b0dbdef8cbeb5a088c5fb373b1c7037371b1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 19:45:32 +0000 Subject: [PATCH 014/485] home: xdg: add python configuration It looks like 3.13 finally brought a way to change the history location through `PYTHON_HISTORY`. --- modules/home/xdg/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 3aa43bd4..6e49aa1b 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -48,6 +48,9 @@ in LESSHISTFILE = "${dataHome}/less/history"; LESSKEY = "${configHome}/less/lesskey"; PSQL_HISTORY = "${dataHome}/psql_history"; + PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; + PYTHONUSERBASE = "${dataHome}/python/"; + PYTHON_HISTORY = "${stateHome}/python/history"; REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; From 9d9dba2cc224e39f492d9d9e33bde2fecaf65937 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Feb 2024 20:17:46 +0000 Subject: [PATCH 015/485] home: add wget This is mostly so that I can add the XDG-compliant configuration. --- modules/home/default.nix | 1 + modules/home/wget/default.nix | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 modules/home/wget/default.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index 4dcfc358..c8183cfd 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -39,6 +39,7 @@ ./tmux ./udiskie ./vim + ./wget ./wm ./x ./xdg diff --git a/modules/home/wget/default.nix b/modules/home/wget/default.nix new file mode 100644 index 00000000..32c13c0d --- /dev/null +++ b/modules/home/wget/default.nix @@ -0,0 +1,26 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.my.home.wget; +in +{ + options.my.home.wget = with lib; { + enable = my.mkDisableOption "wget configuration"; + + package = mkPackageOption pkgs "wget" { }; + }; + + config = lib.mkIf cfg.enable { + home.packages = [ + cfg.package + ]; + + + home.sessionVariables = lib.mkIf cfg.enable { + WGETRC = "${config.xdg.configHome}/wgetrc"; + }; + + xdg.configFile."wgetrc".text = '' + hsts-file = ${config.xdg.dataHome}/wget-hsts + ''; + }; +} From b0aee235cdc2fc7a22aef2ee423a90849336fc5d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 8 Feb 2024 14:40:48 +0000 Subject: [PATCH 016/485] home: xdg: add 'GRADLE_USER_HOME' --- modules/home/xdg/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 6e49aa1b..aac50582 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -43,6 +43,7 @@ in CARGO_HOME = "${dataHome}/cargo"; DOCKER_CONFIG = "${configHome}/docker"; GDBHISTFILE = "${dataHome}/gdb/gdb_history"; + GRADLE_USER_HOME = "${dataHome}/gradle"; HISTFILE = "${dataHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; LESSHISTFILE = "${dataHome}/less/history"; From 5e3bc5a8c99968b4c238b824e5013b289b6af30e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 11 Feb 2024 12:38:30 +0100 Subject: [PATCH 017/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 4773d30d..33d37407 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1707175763, - "narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=", + "lastModified": 1707607386, + "narHash": "sha256-hj/RgQMTvCWQVInkZwiMMieumkfOjHXhtWhfuXHop/8=", "owner": "nix-community", "repo": "home-manager", - "rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80", + "rev": "bfd0ae29a86eff4603098683b516c67e22184511", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1707092692, - "narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=", + "lastModified": 1707546158, + "narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "faf912b086576fd1a15fca610166c98d47bc667e", + "rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1707234300, - "narHash": "sha256-D+LdA8g0Tq+KE9EmJMmn8EGRO5jZ2nLe/W0Fr5EIsdg=", + "lastModified": 1707648276, + "narHash": "sha256-KOU9ae22fglOXsOHCGYW25iFXnfnz2fSrUy75qfDyuA=", "owner": "nix-community", "repo": "NUR", - "rev": "59fceae769455455ef44c1dfb63bbae1ecddc41d", + "rev": "c7fa9c6c3becdb8a330bf1202e009494a381ef32", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1706424699, - "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", + "lastModified": 1707297608, + "narHash": "sha256-ADjo/5VySGlvtCW3qR+vdFF4xM9kJFlRDqcC9ZGI8EA=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", + "rev": "0db2e67ee49910adfa13010e7f012149660af7f0", "type": "github" }, "original": { From 7f1706999856e136c65ebf0c4608fc3c65862a1a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Feb 2024 11:39:13 +0000 Subject: [PATCH 018/485] home: nix: rename 'inputs' options This mirrors the changes made to the NixOS module. --- modules/home/nix/default.nix | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index 9ccbdc5e..d734fbd5 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -12,7 +12,7 @@ let # Use pinned nixpkgs when using `nix run pkgs#` pkgs = inputs.nixpkgs; } - (lib.optionalAttrs cfg.overrideNixpkgs { + (lib.optionalAttrs cfg.inputs.overrideNixpkgs { # ... And with `nix run nixpkgs#` nixpkgs = inputs.nixpkgs; }) @@ -22,20 +22,22 @@ in options.my.home.nix = with lib; { enable = my.mkDisableOption "nix configuration"; - linkInputs = my.mkDisableOption "link inputs to `$XDG_CONFIG_HOME/nix/inputs`"; + inputs = { + link = my.mkDisableOption "link inputs to `/etc/nix/inputs/`"; - addToRegistry = my.mkDisableOption "add inputs and self to registry"; + addToRegistry = my.mkDisableOption "add inputs and self to registry"; - addToNixPath = my.mkDisableOption "add inputs and self to nix path"; + addToNixPath = my.mkDisableOption "add inputs and self to nix path"; - overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version"; + overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version"; + }; }; config = lib.mkIf cfg.enable (lib.mkMerge [ { assertions = [ { - assertion = cfg.addToNixPath -> cfg.linkInputs; + assertion = cfg.inputs.addToNixPath -> cfg.inputs.link; message = '' enabling `my.home.nix.addToNixPath` needs to have `my.home.nix.linkInputs = true` @@ -54,7 +56,7 @@ in }; } - (lib.mkIf cfg.addToRegistry { + (lib.mkIf cfg.inputs.addToRegistry { nix.registry = let makeEntry = v: { flake = v; }; @@ -63,7 +65,7 @@ in makeEntries channels; }) - (lib.mkIf cfg.linkInputs { + (lib.mkIf cfg.inputs.link { xdg.configFile = let makeLink = n: v: { @@ -75,7 +77,7 @@ in makeLinks channels; }) - (lib.mkIf cfg.addToNixPath { + (lib.mkIf cfg.inputs.addToNixPath { home.sessionVariables.NIX_PATH = "${config.xdg.configHome}/nix/inputs\${NIX_PATH:+:$NIX_PATH}"; }) ]); From 0bb2be6b87ad84e197b2be03514f59d4bd7b11ed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Feb 2024 11:40:09 +0000 Subject: [PATCH 019/485] home: nix: add 'cache.selfHosted' Once again mirroring the NixOS module changes that I forgot to port over. --- modules/home/nix/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index d734fbd5..07606bb3 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -22,6 +22,10 @@ in options.my.home.nix = with lib; { enable = my.mkDisableOption "nix configuration"; + cache = { + selfHosted = my.mkDisableOption "self-hosted cache"; + }; + inputs = { link = my.mkDisableOption "link inputs to `/etc/nix/inputs/`"; @@ -56,6 +60,22 @@ in }; } + (lib.mkIf cfg.cache.selfHosted { + nix = { + settings = { + # The NixOS module adds the official Hydra cache by default + # No need to use `extra-*` options. + substituters = [ + "https://cache.belanyi.fr/" + ]; + + trusted-public-keys = [ + "cache.belanyi.fr:LPhrTqufwfxTceg1nRWueDWf7/2zSVY9K00pq2UI7tw=" + ]; + }; + }; + }) + (lib.mkIf cfg.inputs.addToRegistry { nix.registry = let From c9969775da97b656c5227ec811f51abba52a5550 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Feb 2024 14:18:44 +0000 Subject: [PATCH 020/485] nixos: services: backup: add essential files --- modules/nixos/services/backup/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/nixos/services/backup/default.nix b/modules/nixos/services/backup/default.nix index ff0fc7fb..8aeeae19 100644 --- a/modules/nixos/services/backup/default.nix +++ b/modules/nixos/services/backup/default.nix @@ -89,6 +89,16 @@ in }; config = lib.mkIf cfg.enable { + # Essential files which should always be backed up + my.services.backup.paths = lib.flatten [ + # Should be unique to a given host, used by some software (e.g: ZFS) + "/etc/machine-id" + # Contains the UID/GID map, and other useful state + "/var/lib/nixos" + # SSH host keys (and public keys for convenience) + (builtins.map (key: [ key.path "${key.path}.pub" ]) config.services.openssh.hostKeys) + ]; + services.restic.backups.backblaze = { # Take care of included and excluded files paths = cfg.paths; From 521522e4e9163d66b5e6b42231d98e39b633a2a3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 13 Aug 2023 15:59:25 +0100 Subject: [PATCH 021/485] home: zsh: use 'mkMerge' This will make adding modular configuration easier. --- modules/home/zsh/default.nix | 138 ++++++++++++++++++----------------- 1 file changed, 70 insertions(+), 68 deletions(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 4cadb573..2821f28e 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -17,79 +17,81 @@ in launchTmux = mkEnableOption "auto launch tmux at shell start"; }; - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - zsh-completions - ]; - - programs.zsh = { - enable = true; - dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME - enableCompletion = true; - - history = { - size = 500000; - save = 500000; - extended = true; - expireDuplicatesFirst = true; - ignoreSpace = true; - ignoreDups = true; - share = false; - path = "${config.xdg.dataHome}/zsh/zsh_history"; - }; - - plugins = [ - { - name = "fast-syntax-highlighting"; - file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; - src = pkgs.zsh-fast-syntax-highlighting; - } - { - name = "agkozak-zsh-prompt"; - file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh"; - src = pkgs.agkozak-zsh-prompt; - } + config = lib.mkIf cfg.enable (lib.mkMerge [ + { + home.packages = with pkgs; [ + zsh-completions ]; - # Modal editing is life, but CLI benefits from emacs gymnastics - defaultKeymap = "emacs"; + programs.zsh = { + enable = true; + dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME + enableCompletion = true; - # Make those happen early to avoid doing double the work - initExtraFirst = '' - ${ - lib.optionalString cfg.launchTmux '' - # Launch tmux unless already inside one - if [ -z "$TMUX" ]; then - exec tmux new-session - fi - '' - } - ''; + history = { + size = 500000; + save = 500000; + extended = true; + expireDuplicatesFirst = true; + ignoreSpace = true; + ignoreDups = true; + share = false; + path = "${config.xdg.dataHome}/zsh/zsh_history"; + }; - initExtra = '' - source ${./completion-styles.zsh} - source ${./extra-mappings.zsh} - source ${./options.zsh} + plugins = [ + { + name = "fast-syntax-highlighting"; + file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; + src = pkgs.zsh-fast-syntax-highlighting; + } + { + name = "agkozak-zsh-prompt"; + file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh"; + src = pkgs.agkozak-zsh-prompt; + } + ]; - # Source local configuration - if [ -f "$ZDOTDIR/zshrc.local" ]; then - source "$ZDOTDIR/zshrc.local" - fi - ''; + # Modal editing is life, but CLI benefits from emacs gymnastics + defaultKeymap = "emacs"; - localVariables = { - # I like having the full path - AGKOZAK_PROMPT_DIRTRIM = 0; - # Because I *am* from EPITA - AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ]; - # Easy on the eyes - AGKOZAK_COLORS_BRANCH_STATUS = "magenta"; - # I don't like moving my eyes - AGKOZAK_LEFT_PROMPT_ONLY = 1; + # Make those happen early to avoid doing double the work + initExtraFirst = '' + ${ + lib.optionalString cfg.launchTmux '' + # Launch tmux unless already inside one + if [ -z "$TMUX" ]; then + exec tmux new-session + fi + '' + } + ''; + + initExtra = '' + source ${./completion-styles.zsh} + source ${./extra-mappings.zsh} + source ${./options.zsh} + + # Source local configuration + if [ -f "$ZDOTDIR/zshrc.local" ]; then + source "$ZDOTDIR/zshrc.local" + fi + ''; + + localVariables = { + # I like having the full path + AGKOZAK_PROMPT_DIRTRIM = 0; + # Because I *am* from EPITA + AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ]; + # Easy on the eyes + AGKOZAK_COLORS_BRANCH_STATUS = "magenta"; + # I don't like moving my eyes + AGKOZAK_LEFT_PROMPT_ONLY = 1; + }; + + # Enable VTE integration + enableVteIntegration = true; }; - - # Enable VTE integration - enableVteIntegration = true; - }; - }; + } + ]); } From c89dec2a38f403cc2b27997493034d05258b3e0f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 13 Aug 2023 16:05:27 +0100 Subject: [PATCH 022/485] home: zsh: enforce order of 'initExtra{First,}' In case I want to add more values to those options, I still want the _main_ values to be ordered before/after. --- modules/home/zsh/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 2821f28e..987f3b8c 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -56,7 +56,7 @@ in defaultKeymap = "emacs"; # Make those happen early to avoid doing double the work - initExtraFirst = '' + initExtraFirst = lib.mkBefore '' ${ lib.optionalString cfg.launchTmux '' # Launch tmux unless already inside one @@ -67,7 +67,7 @@ in } ''; - initExtra = '' + initExtra = lib.mkAfter '' source ${./completion-styles.zsh} source ${./extra-mappings.zsh} source ${./options.zsh} From d6c29481351d6e1de30055c8b50ea5abbe3f310c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 13 Aug 2023 16:19:47 +0100 Subject: [PATCH 023/485] home: zsh: add 'zsh-done' --- modules/home/zsh/default.nix | 40 ++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 987f3b8c..d9831164 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -15,6 +15,16 @@ in enable = my.mkDisableOption "zsh configuration"; launchTmux = mkEnableOption "auto launch tmux at shell start"; + + notify = { + enable = mkEnableOption "zsh-done notification"; + + ssh = { + enable = mkEnableOption "notify through SSH/non-graphical connections"; + + useOsc777 = lib.my.mkDisableOption "use OSC-777 for notifications"; + }; + }; }; config = lib.mkIf cfg.enable (lib.mkMerge [ @@ -93,5 +103,35 @@ in enableVteIntegration = true; }; } + + (lib.mkIf cfg.notify.enable { + programs.zsh = { + plugins = [ + { + name = "zsh-done"; + file = "share/zsh/site-functions/done.plugin.zsh"; + src = pkgs.ambroisie.zsh-done; + } + ]; + + # `localVariables` values don't get merged correctly due to their type, + # don't use `mkIf` + localVariables = { } + # Enable `zsh-done` through SSH, if configured + // lib.optionalAttrs cfg.notify.ssh.enable { DONE_ALLOW_NONGRAPHICAL = 1; } + ; + + # Use OSC-777 to send the notification through SSH + initExtra = lib.mkIf cfg.notify.ssh.useOsc777 '' + done_send_notification() { + local exit_status="$1" + local title="$2" + local message="$3" + + ${lib.getExe pkgs.ambroisie.osc777} "$title" "$message" + } + ''; + }; + }) ]); } From 8b07ff5bbe6bf4078ff8e4a1d356e8de735d505d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Feb 2024 21:22:19 +0000 Subject: [PATCH 024/485] homes: bazin: enable zsh notifications --- hosts/homes/ambroisie@bazin/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/hosts/homes/ambroisie@bazin/default.nix b/hosts/homes/ambroisie@bazin/default.nix index a969d8a0..c71e07c7 100644 --- a/hosts/homes/ambroisie@bazin/default.nix +++ b/hosts/homes/ambroisie@bazin/default.nix @@ -21,5 +21,17 @@ package = pkgs.emptyDirectory; }; }; + + zsh = { + notify = { + enable = true; + + ssh = { + enable = true; + # `notify-send` is proxied to the ChromeOS layer + useOsc777 = false; + }; + }; + }; }; } From 08f31c088ba2b2682210a1e2de4aa7f412858fc8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Feb 2024 14:34:12 +0000 Subject: [PATCH 025/485] home: atuin: explicitly set 'enter_accept' --- modules/home/atuin/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index 19a6fb9a..b8973ccc 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -25,6 +25,8 @@ in search_mode = "skim"; # Show long command lines at the bottom show_preview = true; + # I like being able to edit my commands + enter_accept = false; }; }; }; From 3c79a373e4744fc57497fedc9990efac6a0ae53b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 15 Feb 2024 16:32:37 +0000 Subject: [PATCH 026/485] pkgs: zsh-done: 0.1.0 -> 0.1.1 --- pkgs/zsh-done/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/zsh-done/default.nix b/pkgs/zsh-done/default.nix index bddc6c11..bdb6af36 100644 --- a/pkgs/zsh-done/default.nix +++ b/pkgs/zsh-done/default.nix @@ -2,13 +2,13 @@ stdenvNoCC.mkDerivation rec { pname = "zsh-done"; - version = "0.1.0"; + version = "0.1.1"; src = fetchFromGitHub { owner = "ambroisie"; repo = "zsh-done"; rev = "v${version}"; - hash = "sha256-DC7urJDXPP9vBYABrJF5KZ4HfMbrpHIVogSmEB8PWLA="; + hash = "sha256-dyhPhoMrAfDWtrBX5TA+B3G7QZ7gBhoDGNOEqGsCBQU="; }; dontConfigure = true; From a0dde6f27437c8e52c4f72187d8d3899cd90e30f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 15 Feb 2024 16:33:27 +0000 Subject: [PATCH 027/485] home: zsh: add notification exclusion list --- modules/home/zsh/default.nix | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index d9831164..5bfeaee6 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -19,6 +19,27 @@ in notify = { enable = mkEnableOption "zsh-done notification"; + exclude = mkOption { + type = with types; listOf str; + default = [ + "direnv reload" + "fg" + "git (?!push|pull|fetch)" + "htop" + "less" + "man" + "nvim" + "tail -f" + "tmux" + "vim" + ]; + example = [ "command --long-running-option" ]; + description = '' + List of exclusions which should not be create a notification. Accepts + Perl regexes (implicitly anchored with `^\s*`). + ''; + }; + ssh = { enable = mkEnableOption "notify through SSH/non-graphical connections"; @@ -116,10 +137,17 @@ in # `localVariables` values don't get merged correctly due to their type, # don't use `mkIf` - localVariables = { } - # Enable `zsh-done` through SSH, if configured - // lib.optionalAttrs cfg.notify.ssh.enable { DONE_ALLOW_NONGRAPHICAL = 1; } - ; + localVariables = { + DONE_EXCLUDE = + let + joined = lib.concatMapStringsSep "|" (c: "(${c})") cfg.notify.exclude; + in + ''^\s*(${joined})''; + } + # Enable `zsh-done` through SSH, if configured + // lib.optionalAttrs cfg.notify.ssh.enable { + DONE_ALLOW_NONGRAPHICAL = 1; + }; # Use OSC-777 to send the notification through SSH initExtra = lib.mkIf cfg.notify.ssh.useOsc777 '' From b2a199c9a02c164f93ecf50e41077dbc3744c2bc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 15 Feb 2024 16:58:54 +0000 Subject: [PATCH 028/485] home: nix: fix cache configuration Copy-paste is bad kids, the home-manager module does *not* do the same as NixOS. I was rebuilding the world, since this was overriding the official Hydra cache... --- modules/home/nix/default.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index 07606bb3..0934189a 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -63,13 +63,11 @@ in (lib.mkIf cfg.cache.selfHosted { nix = { settings = { - # The NixOS module adds the official Hydra cache by default - # No need to use `extra-*` options. - substituters = [ + extra-substituters = [ "https://cache.belanyi.fr/" ]; - trusted-public-keys = [ + extra-trusted-public-keys = [ "cache.belanyi.fr:LPhrTqufwfxTceg1nRWueDWf7/2zSVY9K00pq2UI7tw=" ]; }; From c5e5bee206097db2046496fabff009f9673a99c0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 16 Feb 2024 19:04:49 +0000 Subject: [PATCH 029/485] home: git: enable 'rerere' How did I not already have it enabled? --- modules/home/git/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index 9c10257e..1bb22159 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -148,6 +148,10 @@ in autoStash = true; }; + rerere = { + enabled = true; + }; + url = { "git@git.belanyi.fr:" = { insteadOf = "https://git.belanyi.fr/"; From 7e361aff9dd40ea4a9b3cae63c58390d2b6a9c31 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 16 Feb 2024 22:44:24 +0000 Subject: [PATCH 030/485] templates: c++-cmake: fix formatting --- templates/c++-cmake/tests/unit/CMakeLists.txt | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/templates/c++-cmake/tests/unit/CMakeLists.txt b/templates/c++-cmake/tests/unit/CMakeLists.txt index bb94448a..266e3e31 100644 --- a/templates/c++-cmake/tests/unit/CMakeLists.txt +++ b/templates/c++-cmake/tests/unit/CMakeLists.txt @@ -1,15 +1,15 @@ find_package(GTest) -if (${GTest_FOUND}) -include(GoogleTest) +if(${GTest_FOUND}) + include(GoogleTest) -add_executable(dummy_test dummy_test.cc) -target_link_libraries(dummy_test PRIVATE common_options) + add_executable(dummy_test dummy_test.cc) + target_link_libraries(dummy_test PRIVATE common_options) -target_link_libraries(dummy_test PRIVATE - GTest::gtest - GTest::gtest_main -) + target_link_libraries(dummy_test PRIVATE + GTest::gtest + GTest::gtest_main + ) -gtest_discover_tests(dummy_test) -endif (${GTest_FOUND}) + gtest_discover_tests(dummy_test) +endif() From 5d38d94da6768c8fd0f3a4ab1263f10cdb2bde48 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 16 Feb 2024 22:56:44 +0000 Subject: [PATCH 031/485] templates: use 'backend' CI label --- templates/c++-cmake/.woodpecker/check.yml | 2 +- templates/c++-meson/.woodpecker/check.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/c++-cmake/.woodpecker/check.yml b/templates/c++-cmake/.woodpecker/check.yml index 628e491e..aff6e848 100644 --- a/templates/c++-cmake/.woodpecker/check.yml +++ b/templates/c++-cmake/.woodpecker/check.yml @@ -1,5 +1,5 @@ labels: - type: exec + backend: local steps: - name: nix flake check diff --git a/templates/c++-meson/.woodpecker/check.yml b/templates/c++-meson/.woodpecker/check.yml index 628e491e..aff6e848 100644 --- a/templates/c++-meson/.woodpecker/check.yml +++ b/templates/c++-meson/.woodpecker/check.yml @@ -1,5 +1,5 @@ labels: - type: exec + backend: local steps: - name: nix flake check From 65394711863dd75bbd5167ac4455787b05fe435f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 16 Feb 2024 23:00:57 +0000 Subject: [PATCH 032/485] templates: use explicit 'pre-commit check' CI step --- templates/c++-cmake/.woodpecker/check.yml | 5 +++++ templates/c++-meson/.woodpecker/check.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/templates/c++-cmake/.woodpecker/check.yml b/templates/c++-cmake/.woodpecker/check.yml index aff6e848..9135f7b0 100644 --- a/templates/c++-cmake/.woodpecker/check.yml +++ b/templates/c++-cmake/.woodpecker/check.yml @@ -2,6 +2,11 @@ labels: backend: local steps: +- name: pre-commit check + image: bash + commands: + - nix develop --command pre-commit run --all + - name: nix flake check image: bash commands: diff --git a/templates/c++-meson/.woodpecker/check.yml b/templates/c++-meson/.woodpecker/check.yml index aff6e848..9135f7b0 100644 --- a/templates/c++-meson/.woodpecker/check.yml +++ b/templates/c++-meson/.woodpecker/check.yml @@ -2,6 +2,11 @@ labels: backend: local steps: +- name: pre-commit check + image: bash + commands: + - nix develop --command pre-commit run --all + - name: nix flake check image: bash commands: From eb668525f8e977dd972af075ab8801921d914ffc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 23 Feb 2024 13:14:09 +0000 Subject: [PATCH 033/485] home: zsh: ignore more commands for notification --- modules/home/zsh/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 5bfeaee6..a2773669 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -22,6 +22,7 @@ in exclude = mkOption { type = with types; listOf str; default = [ + "delta" "direnv reload" "fg" "git (?!push|pull|fetch)" From f9cdff8c138e941720850487f90c6aa06878bbaa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 23 Feb 2024 13:28:48 +0000 Subject: [PATCH 034/485] hosts: homes: bazin: ignore interactive adb shells --- hosts/homes/ambroisie@bazin/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hosts/homes/ambroisie@bazin/default.nix b/hosts/homes/ambroisie@bazin/default.nix index c71e07c7..a65a6260 100644 --- a/hosts/homes/ambroisie@bazin/default.nix +++ b/hosts/homes/ambroisie@bazin/default.nix @@ -1,5 +1,5 @@ # Google Laptop configuration -{ lib, pkgs, ... }: +{ lib, options, pkgs, ... }: { services.gpg-agent.enable = lib.mkForce false; @@ -26,6 +26,10 @@ notify = { enable = true; + exclude = options.my.home.zsh.notify.exclude.default ++ [ + "adb shell$" # Only interactive shell sessions + ]; + ssh = { enable = true; # `notify-send` is proxied to the ChromeOS layer From b9b47fffd6cab923fd37bad5fddacfad8f7a1a74 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Feb 2024 12:06:58 +0000 Subject: [PATCH 035/485] flake: bump inputs Fix the pyLoad user/group option that I added upstream [1]. Fix an evaluation error due to Pipewire changes [2]. [1]: https://github.com/NixOS/nixpkgs/pull/287304 [2]: https://github.com/NixOS/nixpkgs/pull/282377 --- flake.lock | 36 ++++++++++---------- modules/nixos/hardware/bluetooth/default.nix | 8 ++--- modules/nixos/services/pyload/default.nix | 23 ++----------- 3 files changed, 24 insertions(+), 43 deletions(-) diff --git a/flake.lock b/flake.lock index 33d37407..cd0b2de9 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1703433843, - "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=", + "lastModified": 1707830867, + "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", "owner": "ryantm", "repo": "agenix", - "rev": "417caa847f9383e111d1397039c9d4337d024bf0", + "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", "type": "github" }, "original": { @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1707607386, - "narHash": "sha256-hj/RgQMTvCWQVInkZwiMMieumkfOjHXhtWhfuXHop/8=", + "lastModified": 1709204054, + "narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", "owner": "nix-community", "repo": "home-manager", - "rev": "bfd0ae29a86eff4603098683b516c67e22184511", + "rev": "2f3367769a93b226c467551315e9e270c3f78b15", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1707546158, - "narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=", + "lastModified": 1709150264, + "narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0", + "rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1707648276, - "narHash": "sha256-KOU9ae22fglOXsOHCGYW25iFXnfnz2fSrUy75qfDyuA=", + "lastModified": 1709206595, + "narHash": "sha256-lBU/gE7DiJCNkJGPVUms0zA0hxzDVgENIXfebj1oeLc=", "owner": "nix-community", "repo": "NUR", - "rev": "c7fa9c6c3becdb8a330bf1202e009494a381ef32", + "rev": "fbe8df1c13fd8e63e35c2c4654104661eb1fbbed", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1707297608, - "narHash": "sha256-ADjo/5VySGlvtCW3qR+vdFF4xM9kJFlRDqcC9ZGI8EA=", + "lastModified": 1708018599, + "narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "0db2e67ee49910adfa13010e7f012149660af7f0", + "rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431", "type": "github" }, "original": { diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth/default.nix index 2d840f92..c019b31e 100644 --- a/modules/nixos/hardware/bluetooth/default.nix +++ b/modules/nixos/hardware/bluetooth/default.nix @@ -25,8 +25,8 @@ in package = pkgs.pulseaudioFull; }; - environment.etc = { - "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' + services.pipewire.wireplumber.configPackages = [ + (pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" '' bluez_monitor.properties = { -- SBC XQ provides better audio ["bluez5.enable-sbc-xq"] = true, @@ -40,8 +40,8 @@ in -- FIXME: Some devices may now support both hsp_ag and hfp_ag ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" } - ''; - }; + '') + ]; }) # Support for A2DP audio profile diff --git a/modules/nixos/services/pyload/default.nix b/modules/nixos/services/pyload/default.nix index 40bf12df..88889bf8 100644 --- a/modules/nixos/services/pyload/default.nix +++ b/modules/nixos/services/pyload/default.nix @@ -39,31 +39,12 @@ in downloadDirectory port ; - }; - # Use pyload user/media group when downloading files - systemd.services.pyload = { - serviceConfig = { - User = lib.mkForce "pyload"; - Group = lib.mkForce "media"; - DynamicUser = lib.mkForce false; - }; - }; - - # And make sure the download directory has the correct owners - systemd.tmpfiles.settings.pyload = { - ${cfg.downloadDirectory}.d = { - user = "pyload"; - group = "media"; - }; - }; - - # Set-up pyload user and media group - users.users.pyload = { - isSystemUser = true; + # Use media group when downloading files group = "media"; }; + # Set-up media group users.groups.media = { }; my.services.nginx.virtualHosts = { From 56c0c28b02acc493ae028ebca5d77cc3a455ba81 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 1 Mar 2024 17:20:44 +0000 Subject: [PATCH 036/485] hosts: nixos: porthos: home: disable cache Same reason as the system-wide configuration... --- hosts/nixos/porthos/home.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hosts/nixos/porthos/home.nix b/hosts/nixos/porthos/home.nix index 90aa0ec3..1de3565d 100644 --- a/hosts/nixos/porthos/home.nix +++ b/hosts/nixos/porthos/home.nix @@ -1,6 +1,13 @@ { ... }: { my.home = { + nix = { + cache = { + # This server is the one serving the cache, don't try to query it + selfHosted = false; + }; + }; + # Allow using 24bit color when SSH-ing from various clients tmux.trueColorTerminals = [ # My usual terminal, e.g: on laptop From 4d25609b26633b6ccf3994162ca74cc179d6fbc6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 1 Mar 2024 20:48:44 +0000 Subject: [PATCH 037/485] nixos: system: nix: expand trusted users --- modules/nixos/system/nix/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index 47d64995..ad135390 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -56,6 +56,8 @@ in settings = { experimental-features = [ "nix-command" "flakes" ]; + # Trusted users are equivalent to root, and might as well allow wheel + trusted-users = [ "root" "@wheel" ]; }; }; } From a3afafd9e05958f6cf6368d10a36717562d3d99c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 2 Mar 2024 12:48:08 +0100 Subject: [PATCH 038/485] nixos: services: add mealie --- modules/nixos/services/default.nix | 1 + modules/nixos/services/mealie/default.nix | 72 +++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 modules/nixos/services/mealie/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 67504da0..90dd3e18 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -16,6 +16,7 @@ ./jellyfin ./lohr ./matrix + ./mealie ./miniflux ./monitoring ./navidrome diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix new file mode 100644 index 00000000..ebbebb20 --- /dev/null +++ b/modules/nixos/services/mealie/default.nix @@ -0,0 +1,72 @@ +{ config, lib, ... }: +let + cfg = config.my.services.mealie; +in +{ + options.my.services.mealie = with lib; { + enable = mkEnableOption "Mealie service"; + + port = mkOption { + type = types.port; + default = 4537; + example = 8080; + description = "Internal port for webui"; + }; + + credentialsFile = mkOption { + type = types.str; + example = "/var/lib/mealie/credentials.env"; + description = '' + Configuration file for secrets. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + services.mealie = { + enable = true; + inherit (cfg) port credentialsFile; + + settings = { + # Basic settings + BASE_URL = "https://mealie.${config.networking.domain}"; + TZ = config.time.timeZone; + ALLOw_SIGNUP = "false"; + + # Use PostgreSQL + DB_ENGINE = "postgres"; + POSTGRES_USER = "mealie"; + POSTGRES_PASSWORD = ""; + POSTGRES_SERVER = "/run/postgresql"; + # Pydantic and/or mealie doesn't handle the URI correctly, hijack it + # with query parameters... + POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; + }; + }; + + systemd.services = { + mealie = { + after = [ "postgresql.service" ]; + requires = [ "postgresql.service" ]; + }; + }; + + # Set-up database + services.postgresql = { + enable = true; + ensureDatabases = [ "mealie" ]; + ensureUsers = [ + { + name = "mealie"; + ensureDBOwnership = true; + } + ]; + }; + + my.services.nginx.virtualHosts = { + mealie = { + inherit (cfg) port; + }; + }; + }; +} From 380933e69b83c7662ec97510e6ab52eef5aad159 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 2 Mar 2024 12:48:42 +0100 Subject: [PATCH 039/485] hosts: nixos: porthos: secrets: add mealie mail --- hosts/nixos/porthos/secrets/mealie/mail.age | Bin 0 -> 516 bytes hosts/nixos/porthos/secrets/secrets.nix | 4 ++++ 2 files changed, 4 insertions(+) create mode 100644 hosts/nixos/porthos/secrets/mealie/mail.age diff --git a/hosts/nixos/porthos/secrets/mealie/mail.age b/hosts/nixos/porthos/secrets/mealie/mail.age new file mode 100644 index 0000000000000000000000000000000000000000..b7348ae2a09fbf001f2354936f2df7112ed29c5d GIT binary patch literal 516 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;-r;FpNkx zarH6C4=*q_$PdV^^3Mw|@riKHk4g%!N(}Th2nj4s%`D4z_vA|Vjm#?Yc6Kawb16$J zHgpMbuQV?X$qdP?NH(nUEHMiz3v|v%EG_k{Oh&gYDdN{xo*F+wSMJ%o+)34Qd+m$Y#mNF2nAzMs+zmCZ z&HkO;SFQHv_}4?xM|;~Qq<<+mA+_rmgEqgD?OD!_Kj9&@^Z#_{x_13#%22y&^)Az0 zYmp+WBU25pX>QpU{}mgV3oV+S%QPoCC#oAvx+|#8!d`zx;7Rp8zG&tf!rQZWpU(F6 z*?IH(%8v^^9AYf7@Y(wF|K9|0riHO=+L2#*-Y>sV+qFDQonOmAkHPHSX2-s*GY_7d zy}Kc*<3{?G)01B=%sMEVsJ$zXk89V>r5C0>cJT~bmUFSQxxVDqmm3`kZ;j%20{|t3 B%@+Uw literal 0 HcmV?d00001 diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index 43a9b352..3545e3a6 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -41,6 +41,10 @@ in publicKeys = all; }; + "mealie/mail.age" = { + publicKeys = all; + }; + "miniflux/credentials.age".publicKeys = all; "monitoring/password.age" = { From 7f0a889ccd1cf1139fe7c9327dd1821ed884b116 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 2 Mar 2024 12:48:59 +0100 Subject: [PATCH 040/485] hosts: nixos: porthos: services: enable mealie --- hosts/nixos/porthos/services.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 2486752b..c3ffa391 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -68,6 +68,10 @@ in secretFile = secrets."matrix/sliding-sync-secret".path; }; }; + mealie = { + enable = true; + credentialsFile = secrets."mealie/mail".path; + }; miniflux = { enable = true; credentialsFiles = secrets."miniflux/credentials".path; From 6bef924513a1e72243808ab4d8277cb65aa68047 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Mar 2024 11:44:49 +0000 Subject: [PATCH 041/485] overlays: remove gruvbox-nvim-treesitter-fix Not needed anymore. This reverts commit d6eceea08a12b09ebcf6396402f6f5242242c667. --- overlays/gruvbox-nvim-treesitter-fix/default.nix | 4 ---- overlays/gruvbox-nvim-treesitter-fix/generated.nix | 14 -------------- 2 files changed, 18 deletions(-) delete mode 100644 overlays/gruvbox-nvim-treesitter-fix/default.nix delete mode 100644 overlays/gruvbox-nvim-treesitter-fix/generated.nix diff --git a/overlays/gruvbox-nvim-treesitter-fix/default.nix b/overlays/gruvbox-nvim-treesitter-fix/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/gruvbox-nvim-treesitter-fix/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/gruvbox-nvim-treesitter-fix/generated.nix b/overlays/gruvbox-nvim-treesitter-fix/generated.nix deleted file mode 100644 index 5a18d623..00000000 --- a/overlays/gruvbox-nvim-treesitter-fix/generated.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ fetchFromGitHub }: - -_final: prev: { - gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (_: { - version = "2024-01-29"; - - src = fetchFromGitHub { - owner = "ellisonleao"; - repo = "gruvbox.nvim"; - rev = "6e4027ae957cddf7b193adfaec4a8f9e03b4555f"; - sha256 = "sha256-jWnrRy/PT7D0UcPGL+XTbKHWvS0ixvbyqPtTzG9HY84="; - }; - }); -} From ed15e62e1d390d46f18565a02266c9021ec09075 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 12:44:08 +0000 Subject: [PATCH 042/485] nixos: services: gitea: use 'git' group --- modules/nixos/services/gitea/default.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 4a8a3bbf..e7f39a5d 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -58,6 +58,8 @@ in appName = "Ambroisie's forge"; user = "git"; + group = "git"; + lfs.enable = true; useWizard = false; @@ -107,11 +109,6 @@ in home = config.services.gitea.stateDir; useDefaultShell = true; group = "git"; - - # The service for gitea seems to hardcode the group as - # gitea, so, uh, just in case? - extraGroups = [ "gitea" ]; - isSystemUser = true; }; users.groups.git = { }; From 40d1b3983700b1b1fa1899679e94dc9bc80fc65b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 14:16:22 +0000 Subject: [PATCH 043/485] nixos: services: gitea: update mail configuration --- hosts/nixos/porthos/services.nix | 2 +- modules/nixos/services/gitea/default.nix | 26 ++++++++++++------------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index c3ffa391..c872160c 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -41,7 +41,7 @@ in enable = true; mail = { enable = true; - host = "smtp.migadu.com:465"; + host = "smtp.migadu.com"; user = lib.my.mkMailAddress "gitea" "belanyi.fr"; passwordFile = secrets."gitea/mail-password".path; }; diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index e7f39a5d..6185a222 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -18,9 +18,15 @@ in }; host = mkOption { type = types.str; - example = "smtp.example.com:465"; + example = "smtp.example.com"; description = "Host for the mail account"; }; + port = mkOption { + type = types.port; + default = 465; + example = 587; + description = "Port for the mail account"; + }; user = mkOption { type = types.str; example = "gitea@example.com"; @@ -31,17 +37,11 @@ in example = "/run/secrets/gitea-mail-password.txt"; description = "Password for the mail account"; }; - type = mkOption { + protocol = mkOption { type = types.str; - default = "smtp"; + default = "smtps"; example = "smtp"; - description = "Password for the mail account"; - }; - tls = mkOption { - type = types.bool; - default = true; - example = false; - description = "Use TLS for connection"; + description = "Protocol for connection"; }; }; }; @@ -86,11 +86,11 @@ in mailer = lib.mkIf cfg.mail.enable { ENABLED = true; - HOST = cfg.mail.host; + SMTP_ADDR = cfg.mail.host; + SMTP_PORT = cfg.mail.port; FROM = cfg.mail.user; USER = cfg.mail.user; - MAILER_TYPE = cfg.mail.type; - IS_TLS_ENABLED = cfg.mail.tls; + PROTOCOL = cfg.mail.protocol; }; service = { From d423a03663ccabde691f2b59b34ed1be756c0eed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 14:20:57 +0000 Subject: [PATCH 044/485] nixos: services: gitea: fix mail 'FROM' address --- modules/nixos/services/gitea/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 6185a222..212f59c9 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -88,7 +88,7 @@ in ENABLED = true; SMTP_ADDR = cfg.mail.host; SMTP_PORT = cfg.mail.port; - FROM = cfg.mail.user; + FROM = "Gitea <${cfg.mail.user}>"; USER = cfg.mail.user; PROTOCOL = cfg.mail.protocol; }; From 6a47703c08ebeed4b3f62f5db9844f87eb955ded Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 21:15:57 +0000 Subject: [PATCH 045/485] pkgs: add digestpp --- pkgs/default.nix | 2 ++ pkgs/digestpp/default.nix | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 pkgs/digestpp/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 6b7fce11..94f3440f 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -10,6 +10,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { diff-flake = pkgs.callPackage ./diff-flake { }; + digestpp = pkgs.callPackage ./digestpp { }; + dragger = pkgs.callPackage ./dragger { }; drone-rsync = pkgs.callPackage ./drone-rsync { }; diff --git a/pkgs/digestpp/default.nix b/pkgs/digestpp/default.nix new file mode 100644 index 00000000..2fd90db0 --- /dev/null +++ b/pkgs/digestpp/default.nix @@ -0,0 +1,31 @@ +{ lib +, fetchFromGitHub +, stdenv +}: +stdenv.mkDerivation { + pname = "digestpp"; + version = "0-unstable-2023-11-07"; + + src = fetchFromGitHub { + owner = "kerukuro"; + repo = "digestpp"; + rev = "ebb699402c244e22c3aff61d2239bcb2e87b8ef8"; + hash = "sha256-9X/P7DgZB6bSYjQWRli4iAXEFjhmACOVv3EYQrXuH5c="; + }; + + installPhase = '' + runHook preInstall + + mkdir -p $out/include/digestpp + cp -r *.hpp algorithm/ detail/ $out/include/digestpp + + runHook postInstall + ''; + + meta = with lib; { + description = "C++11 header-only message digest library"; + homepage = "https://github.com/kerukuro/digestpp"; + license = licenses.unlicense; + maintainers = with maintainers; [ ambroisie ]; + }; +} From ef882a52673bf3b7a7c4f4658624183c760e8b18 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 21:16:10 +0000 Subject: [PATCH 046/485] pkgs: add sqlite_orm --- pkgs/default.nix | 2 ++ pkgs/sqlite_orm/default.nix | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 pkgs/sqlite_orm/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 94f3440f..ddd0b024 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -28,6 +28,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { rbw-pass = pkgs.callPackage ./rbw-pass { }; + sqlite_orm = pkgs.callPackage ./sqlite_orm { }; + unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; zsh-done = pkgs.callPackage ./zsh-done { }; diff --git a/pkgs/sqlite_orm/default.nix b/pkgs/sqlite_orm/default.nix new file mode 100644 index 00000000..3891eee1 --- /dev/null +++ b/pkgs/sqlite_orm/default.nix @@ -0,0 +1,32 @@ +{ lib +, cmake +, fetchFromGitHub +, sqlite +, stdenv +}: +stdenv.mkDerivation (finalAttrs: { + pname = "sqlite_orm"; + version = "1.8.2"; + + src = fetchFromGitHub { + owner = "fnc12"; + repo = "sqlite_orm"; + rev = "v${finalAttrs.version}"; + hash = "sha256-KqphGFcnR1Y11KqL7sxODSv7lEvcURdF6kLd3cg84kc="; + }; + + nativeBuildInputs = [ + cmake + ]; + + propagatedBuildInputs = [ + sqlite + ]; + + meta = with lib; { + description = "Light header only SQLite ORM"; + homepage = "https://sqliteorm.com/"; + license = licenses.agpl3Only; # MIT license is commercial + maintainers = with maintainers; [ ambroisie ]; + }; +}) From 84fea2f6771907a7b84cee07030fc3645a3c5dd3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 21:16:34 +0000 Subject: [PATCH 047/485] pkgs: add bt-migrate --- pkgs/bt-migrate/default.nix | 61 +++++++++++++++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 2 files changed, 63 insertions(+) create mode 100644 pkgs/bt-migrate/default.nix diff --git a/pkgs/bt-migrate/default.nix b/pkgs/bt-migrate/default.nix new file mode 100644 index 00000000..df99c554 --- /dev/null +++ b/pkgs/bt-migrate/default.nix @@ -0,0 +1,61 @@ +{ lib +, boost +, cmake +, cxxopts +, digestpp +, fetchFromGitHub +, fmt +, jsoncons +, pugixml +, sqlite_orm +, stdenv +}: +stdenv.mkDerivation { + pname = "bt-migrate"; + version = "0-unstable-2023-08-17"; + + src = fetchFromGitHub { + owner = "mikedld"; + repo = "bt-migrate"; + rev = "e15a489c0c76f98355586ebbee08223af4e9bf50"; + hash = "sha256-kA6yxhbIh3ThmgF8Zyoe3I79giLVmdNr9IIrw5Xx4s0="; + }; + + nativeBuildInputs = [ + cmake + ]; + + buildInputs = [ + boost + cxxopts + fmt + jsoncons + pugixml + sqlite_orm + ]; + + cmakeFlags = [ + (lib.strings.cmakeBool "USE_VCPKG" false) + # NOTE: digestpp does not have proper CMake packaging (yet?) + (lib.strings.cmakeBool "USE_FETCHCONTENT" true) + (lib.strings.cmakeFeature "FETCHCONTENT_SOURCE_DIR_DIGESTPP" "${digestpp}/include/digestpp") + ]; + + # NOTE: no install target in CMake... + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + cp BtMigrate $out/bin + + runHook postInstall + ''; + + meta = with lib; { + description = "Torrent state migration tool"; + homepage = "https://github.com/mikedld/bt-migrate"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ ambroisie ]; + mainProgram = "BtMigrate"; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index ddd0b024..e82a90c4 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,7 @@ { pkgs }: pkgs.lib.makeScope pkgs.newScope (pkgs: { + bt-migrate = pkgs.callPackage ./bt-migrate { }; + bw-pass = pkgs.callPackage ./bw-pass { }; change-audio = pkgs.callPackage ./change-audio { }; From a4e742bf5541967ee08954ab12f02a29633f8eb8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 21:45:18 +0000 Subject: [PATCH 048/485] nixos: services: blog: fix catch-all redirection Don't use a hard-coded address... --- modules/nixos/services/blog/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/blog/default.nix b/modules/nixos/services/blog/default.nix index 3e68df25..e4d2d42f 100644 --- a/modules/nixos/services/blog/default.nix +++ b/modules/nixos/services/blog/default.nix @@ -35,7 +35,7 @@ in useACMEHost = domain; default = true; - locations."/".return = "302 https://belanyi.fr$request_uri"; + locations."/".return = "302 https://${domain}$request_uri"; }; }; From 97cc08d199977b5dca863c6c3963a9f3f1708be1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 7 Mar 2024 11:32:28 +0000 Subject: [PATCH 049/485] flake: use explicit 'systems' input --- flake/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake/default.nix b/flake/default.nix index 65102e15..5e52025e 100644 --- a/flake/default.nix +++ b/flake/default.nix @@ -1,9 +1,9 @@ { flake-parts -, futils +, systems , ... } @ inputs: let - mySystems = futils.lib.defaultSystems; + mySystems = import systems; in flake-parts.lib.mkFlake { inherit inputs; } { systems = mySystems; From 742b4c39a277b32d5f8afd0150457c953d09842a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 7 Mar 2024 15:42:58 +0000 Subject: [PATCH 050/485] home: tmux: migrate to 'terminalFeatures' There are other terminal capabilities I want to override in tmux, so let's make this type more extensible. --- hosts/homes/ambroisie@bazin/default.nix | 6 ++-- hosts/homes/ambroisie@mousqueton/default.nix | 6 ++-- hosts/nixos/porthos/home.nix | 8 ++--- modules/home/tmux/default.nix | 35 ++++++++++++-------- 4 files changed, 33 insertions(+), 22 deletions(-) diff --git a/hosts/homes/ambroisie@bazin/default.nix b/hosts/homes/ambroisie@bazin/default.nix index a65a6260..f52fbce5 100644 --- a/hosts/homes/ambroisie@bazin/default.nix +++ b/hosts/homes/ambroisie@bazin/default.nix @@ -12,8 +12,10 @@ # I use scripts that use the passthrough sequence often on this host enablePassthrough = true; - # HTerm uses `xterm-256color` as its `$TERM`, so use that here - trueColorTerminals = [ "xterm-256color" ]; + terminalFeatures = { + # HTerm uses `xterm-256color` as its `$TERM`, so use that here + xterm-256color = { }; + }; }; ssh = { diff --git a/hosts/homes/ambroisie@mousqueton/default.nix b/hosts/homes/ambroisie@mousqueton/default.nix index 5c0a9634..44e62e68 100644 --- a/hosts/homes/ambroisie@mousqueton/default.nix +++ b/hosts/homes/ambroisie@mousqueton/default.nix @@ -15,8 +15,10 @@ # I use scripts that use the passthrough sequence often on this host enablePassthrough = true; - # HTerm uses `xterm-256color` as its `$TERM`, so use that here - trueColorTerminals = [ "xterm-256color" ]; + terminalFeatures = { + # HTerm uses `xterm-256color` as its `$TERM`, so use that here + xterm-256color = { }; + }; }; }; } diff --git a/hosts/nixos/porthos/home.nix b/hosts/nixos/porthos/home.nix index 1de3565d..c2c858b2 100644 --- a/hosts/nixos/porthos/home.nix +++ b/hosts/nixos/porthos/home.nix @@ -8,11 +8,11 @@ }; }; - # Allow using 24bit color when SSH-ing from various clients - tmux.trueColorTerminals = [ + # Allow using extended features when SSH-ing from various clients + tmux.terminalFeatures = { # My usual terminal, e.g: on laptop - "alacritty" - ]; + alacritty = { }; + }; # Always start a tmux session when opening a shell session zsh.launchTmux = true; diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 08aeb55b..76e18ca0 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -5,6 +5,14 @@ let config.my.home.x.enable (config.my.home.wm.windowManager != null) ]; + + mkTerminalFlags = opt: flag: + let + mkFlag = term: ''set -as terminal-features ",${term}:${flag}"''; + enabledTerminals = lib.filterAttrs (_: v: v.${opt}) cfg.terminalFeatures; + terminals = lib.attrNames enabledTerminals; + in + lib.concatMapStringsSep "\n" mkFlag terminals; in { options.my.home.tmux = with lib; { @@ -12,16 +20,20 @@ in enablePassthrough = mkEnableOption "tmux DCS passthrough sequence"; - trueColorTerminals = mkOption { - type = with types; listOf str; - default = lib.my.nullableToList config.my.home.terminal.program; - defaultText = '' - `[ config.my.home.terminal.program ]` if it is non-null, otherwise an - empty list. + terminalFeatures = mkOption { + type = with types; attrsOf (submodule { + options = { + trueColor = my.mkDisableOption "24-bit (RGB) color support"; + }; + }); + + default = { ${config.my.home.terminal.program} = { }; }; + defaultText = litteralExpression '' + { ''${config.my.home.terminal.program} = { }; }; ''; - example = [ "xterm-256color" ]; + example = { xterm-256color = { }; }; description = '' - $TERM values which should be considered to always support 24-bit color. + $TERM values which should be considered to have additional features. ''; }; }; @@ -90,12 +102,7 @@ in } # Force 24-bit color for each relevant $TERM - ${ - let - mkTcFlag = term: ''set -as terminal-features ",${term}:RGB"''; - in - lib.concatMapStringsSep "\n" mkTcFlag cfg.trueColorTerminals - } + ${mkTerminalFlags "trueColor" "RGB"} ''; }; } From 22139bd69f20911fb83aa7ab26ed6afd4974e771 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 7 Mar 2024 15:44:17 +0000 Subject: [PATCH 051/485] home: tmux: add hyperlinks support Somewhat unfortunate that those have to be enabled by force, but easy enough to support. --- modules/home/tmux/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 76e18ca0..61cf2ec7 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -23,6 +23,8 @@ in terminalFeatures = mkOption { type = with types; attrsOf (submodule { options = { + hyperlinks = my.mkDisableOption "hyperlinks through OSC8"; + trueColor = my.mkDisableOption "24-bit (RGB) color support"; }; }); @@ -101,6 +103,8 @@ in '' } + # Force OSC8 hyperlinks for each relevant $TERM + ${mkTerminalFlags "hyperlinks" "hyperlinks"} # Force 24-bit color for each relevant $TERM ${mkTerminalFlags "trueColor" "RGB"} ''; From 8591fb8b3571899efcb4a850216a0b8bc5942435 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Mar 2024 12:56:19 +0000 Subject: [PATCH 052/485] home: tmux: expand history limit --- modules/home/tmux/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 61cf2ec7..501b9540 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -46,7 +46,7 @@ in keyMode = "vi"; # Home-row keys and other niceties clock24 = true; # I'm one of those heathens escapeTime = 0; # Let vim do its thing instead - historyLimit = 50000; # Bigger buffer + historyLimit = 100000; # Bigger buffer terminal = "tmux-256color"; # I want accurate termcap info plugins = with pkgs.tmuxPlugins; [ From c1ffe096312ca96aca76b07fa0db465d44331778 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 12:32:40 +0000 Subject: [PATCH 053/485] nixos: services: add forgejo --- modules/nixos/services/default.nix | 1 + modules/nixos/services/forgejo/default.nix | 162 +++++++++++++++++++++ 2 files changed, 163 insertions(+) create mode 100644 modules/nixos/services/forgejo/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 90dd3e18..3b32d062 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -10,6 +10,7 @@ ./drone ./fail2ban ./flood + ./forgejo ./gitea ./grocy ./indexers diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix new file mode 100644 index 00000000..0f3dfc59 --- /dev/null +++ b/modules/nixos/services/forgejo/default.nix @@ -0,0 +1,162 @@ +# A low-ressource, full-featured git forge. +{ config, lib, ... }: +let + cfg = config.my.services.forgejo; +in +{ + options.my.services.forgejo = with lib; { + enable = mkEnableOption "Forgejo"; + port = mkOption { + type = types.port; + default = 3042; + example = 8080; + description = "Internal port"; + }; + mail = { + enable = mkEnableOption { + description = "mailer configuration"; + }; + host = mkOption { + type = types.str; + example = "smtp.example.com"; + description = "Host for the mail account"; + }; + port = mkOption { + type = types.port; + default = 465; + example = 587; + description = "Port for the mail account"; + }; + user = mkOption { + type = types.str; + example = "forgejo@example.com"; + description = "User for the mail account"; + }; + passwordFile = mkOption { + type = types.str; + example = "/run/secrets/forgejo-mail-password.txt"; + description = "Password for the mail account"; + }; + protocol = mkOption { + type = types.str; + default = "smtps"; + example = "smtp"; + description = "Protocol for connection"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = cfg.enable -> !config.my.services.gitea.enable; + message = '' + `config.my.services.forgejo` is incompatible with + `config.my.services.gitea`. + ''; + } + ]; + + services.forgejo = + let + inherit (config.networking) domain; + forgejoDomain = "git.${domain}"; + in + { + enable = true; + + user = "git"; + group = "git"; + + lfs.enable = true; + + useWizard = false; + + database = { + type = "postgres"; # Automatic setup + user = "git"; # User needs to be the same as forgejo user + name = "git"; # Name must be the same as user for `ensureDBOwnership` + }; + + # NixOS module uses `forgejo dump` to backup repositories and the database, + # but it produces a single .zip file that's not very backup friendly. + # I configure my backup system manually below. + dump.enable = false; + + mailerPasswordFile = lib.mkIf cfg.mail.enable cfg.mail.passwordFile; + + settings = { + DEFAULT = { + APP_NAME = "Ambroisie's forge"; + }; + + server = { + HTTP_PORT = cfg.port; + DOMAIN = forgejoDomain; + ROOT_URL = "https://${forgejoDomain}"; + }; + + mailer = lib.mkIf cfg.mail.enable { + ENABLED = true; + SMTP_ADDR = cfg.mail.host; + SMTP_PORT = cfg.mail.port; + FROM = "Forgejo <${cfg.mail.user}>"; + USER = cfg.mail.user; + PROTOCOL = cfg.mail.protocol; + }; + + service = { + DISABLE_REGISTRATION = true; + }; + + session = { + # only send cookies via HTTPS + COOKIE_SECURE = true; + }; + }; + }; + + users.users.git = { + description = "Forgejo Service"; + home = config.services.forgejo.stateDir; + useDefaultShell = true; + group = "git"; + isSystemUser = true; + }; + users.groups.git = { }; + + my.services.nginx.virtualHosts = { + # Proxy to Forgejo + git = { + inherit (cfg) port; + }; + # Redirect `forgejo.` to actual forge subdomain + forgejo = { + redirect = config.services.forgejo.settings.server.ROOT_URL; + }; + }; + + my.services.backup = { + paths = [ + config.services.forgejo.lfs.contentDir + config.services.forgejo.repositoryRoot + ]; + }; + + services.fail2ban.jails = { + forgejo = '' + enabled = true + filter = forgejo + action = iptables-allports + ''; + }; + + environment.etc = { + "fail2ban/filter.d/forgejo.conf".text = '' + [Definition] + failregex = ^.*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from $ + journalmatch = _SYSTEMD_UNIT=forgejo.service + ''; + }; + }; +} From b41fd9e48ecc27f79757f014272c2c190e0c7d9b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 12:32:40 +0000 Subject: [PATCH 054/485] hosts: nixos: porthos: secrets: add forgejo mail --- hosts/nixos/porthos/secrets/forgejo/mail-password.age | 10 ++++++++++ hosts/nixos/porthos/secrets/secrets.nix | 5 +++++ 2 files changed, 15 insertions(+) create mode 100644 hosts/nixos/porthos/secrets/forgejo/mail-password.age diff --git a/hosts/nixos/porthos/secrets/forgejo/mail-password.age b/hosts/nixos/porthos/secrets/forgejo/mail-password.age new file mode 100644 index 00000000..67ef695c --- /dev/null +++ b/hosts/nixos/porthos/secrets/forgejo/mail-password.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg Lhgx43wR8PtAMf5v1eJxKlUBSAoOLdOOn/QaQrwF8zA +jfUCpgNzkHCNTWCqtErDaLMmg1Oy+s9zUra1JLCi+J4 +-> ssh-ed25519 jPowng kSeQ/SmMrzd8ByVu3YHWeZyKmqFZvQSBnDunkB8e6wc +WRmnfrV5xcRXA9t0ZXx6YvbRl0sX4PTrw63VVKX4Ei4 +--- a+LLM1gP9g1AbUapbeeKaS4cEcRBmPo3MHU2DSWTAds +Ò,FÜÒ6”â⬘ ixÌ°Øe| « +² +ÌÏœ,{† ˆõvª!–†‰zÜ$P;ãé©TØÆÉKW + qGô \ No newline at end of file diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index 3545e3a6..bea380c1 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -21,6 +21,11 @@ in "drone/secret.age".publicKeys = all; "drone/ssh/private-key.age".publicKeys = all; + "forgejo/mail-password.age" = { + owner = "git"; + publicKeys = all; + }; + "gitea/mail-password.age" = { owner = "git"; publicKeys = all; From f3207468f979d5bffc42e131152d33bff6d8548c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Mar 2024 13:34:38 +0100 Subject: [PATCH 055/485] nixos: services: woodpecker: configurable forge --- modules/nixos/services/woodpecker/default.nix | 6 ++++++ modules/nixos/services/woodpecker/server/default.nix | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/woodpecker/default.nix b/modules/nixos/services/woodpecker/default.nix index 34ffca64..8fa692e3 100644 --- a/modules/nixos/services/woodpecker/default.nix +++ b/modules/nixos/services/woodpecker/default.nix @@ -8,6 +8,12 @@ options.my.services.woodpecker = with lib; { enable = mkEnableOption "Woodpecker CI"; + forge = mkOption { + type = types.enum [ "gitea" "forgejo" ]; + default = "gitea"; + example = "forgejo"; + description = "Which Forge to connect to"; + }; runners = mkOption { type = with types; listOf (enum [ "exec" "docker" ]); default = [ ]; diff --git a/modules/nixos/services/woodpecker/server/default.nix b/modules/nixos/services/woodpecker/server/default.nix index f02a5c54..adf533e8 100644 --- a/modules/nixos/services/woodpecker/server/default.nix +++ b/modules/nixos/services/woodpecker/server/default.nix @@ -17,7 +17,7 @@ in WOODPECKER_GRPC_ADDR = ":${toString cfg.rpcPort}"; WOODPECKER_GITEA = "true"; - WOODPECKER_GITEA_URL = config.services.gitea.settings.server.ROOT_URL; + WOODPECKER_GITEA_URL = config.services.${cfg.forge}.settings.server.ROOT_URL; WOODPECKER_LOG_LEVEL = "debug"; }; From 0f33dbd5c24440fd243725fd96f8081ad66750d8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 12:32:40 +0000 Subject: [PATCH 056/485] hosts: nixos: porthos: switch to forgejo This required a quick rename to migrate from one to the other. --- hosts/nixos/porthos/services.nix | 8 ++++---- modules/nixos/services/woodpecker/default.nix | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index c872160c..a67ae3b3 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -36,14 +36,14 @@ in flood = { enable = true; }; - # Gitea forge - gitea = { + # Forgejo forge + forgejo = { enable = true; mail = { enable = true; host = "smtp.migadu.com"; - user = lib.my.mkMailAddress "gitea" "belanyi.fr"; - passwordFile = secrets."gitea/mail-password".path; + user = lib.my.mkMailAddress "forgejo" "belanyi.fr"; + passwordFile = secrets."forgejo/mail-password".path; }; }; # Meta-indexers diff --git a/modules/nixos/services/woodpecker/default.nix b/modules/nixos/services/woodpecker/default.nix index 8fa692e3..012eaaea 100644 --- a/modules/nixos/services/woodpecker/default.nix +++ b/modules/nixos/services/woodpecker/default.nix @@ -10,8 +10,8 @@ enable = mkEnableOption "Woodpecker CI"; forge = mkOption { type = types.enum [ "gitea" "forgejo" ]; - default = "gitea"; - example = "forgejo"; + default = "forgejo"; + example = "gitea"; description = "Which Forge to connect to"; }; runners = mkOption { From 5d3160fb0de293fbc100f511be6d1034fdd91877 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Mar 2024 00:45:31 +0100 Subject: [PATCH 057/485] hosts: nixos: porthos: migrate to new host OVH/Kimsufi are deprecating my current server by the end of the year. So let's migrate to a new host. This was more painful than initially planned, OVH introduced a change to their rescue system which messes with the NixOS installation [1]. In the end I used a kexec image [2] to run the installation. [1]: https://github.com/NixOS/nix/issues/7790 [2]: https://github.com/nix-community/nixos-images --- hosts/nixos/porthos/boot.nix | 11 ++++---- hosts/nixos/porthos/default.nix | 8 +----- hosts/nixos/porthos/hardware.nix | 13 +++++++-- hosts/nixos/porthos/install.sh | 29 ++++++++++++++------ hosts/nixos/porthos/networking.nix | 29 ++++++-------------- modules/home/ssh/default.nix | 2 +- modules/nixos/services/wireguard/default.nix | 2 +- 7 files changed, 48 insertions(+), 46 deletions(-) diff --git a/hosts/nixos/porthos/boot.nix b/hosts/nixos/porthos/boot.nix index fbc5db7b..461e969e 100644 --- a/hosts/nixos/porthos/boot.nix +++ b/hosts/nixos/porthos/boot.nix @@ -3,15 +3,14 @@ { boot = { - # Use the GRUB 2 boot loader. - loader.grub = { - enable = true; - # Define on which hard drive you want to install Grub. - device = "/dev/disk/by-id/ata-HGST_HUS724020ALA640_PN2181P6J58M1P"; + # Use the systemd-boot EFI boot loader. + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; }; initrd = { - availableKernelModules = [ "uhci_hcd" "ahci" "usbhid" ]; + availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "usbhid" "sd_mod" ]; kernelModules = [ "dm-snapshot" ]; }; diff --git a/hosts/nixos/porthos/default.nix b/hosts/nixos/porthos/default.nix index 2dea899b..bd1bdb1f 100644 --- a/hosts/nixos/porthos/default.nix +++ b/hosts/nixos/porthos/default.nix @@ -16,11 +16,5 @@ # Set your time zone. time.timeZone = "Europe/Paris"; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/nixos/porthos/hardware.nix b/hosts/nixos/porthos/hardware.nix index 5a6e0d78..2172c5cb 100644 --- a/hosts/nixos/porthos/hardware.nix +++ b/hosts/nixos/porthos/hardware.nix @@ -1,5 +1,5 @@ # Hardware configuration -{ lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ @@ -11,9 +11,18 @@ fsType = "ext4"; }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + swapDevices = [ { device = "/dev/disk/by-label/swap"; } ]; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + my.hardware = { + firmware = { + cpuFlavor = "intel"; + }; + }; } diff --git a/hosts/nixos/porthos/install.sh b/hosts/nixos/porthos/install.sh index 8edc1754..e6ba0aad 100644 --- a/hosts/nixos/porthos/install.sh +++ b/hosts/nixos/porthos/install.sh @@ -3,7 +3,7 @@ SWAP_SIZE=16GiB parted /dev/sda --script -- \ - mklabel msdos \ + mklabel gpt \ mkpart primary 512MiB -$SWAP_SIZE \ mkpart primary linux-swap -$SWAP_SIZE 100% \ mkpart ESP fat32 1MiB 512MiB \ @@ -11,14 +11,24 @@ parted /dev/sda --script -- \ parted /dev/sdb --script -- \ mklabel gpt \ - mkpart primary 0MiB 100% + mkpart primary 0% 100% +parted /dev/sdc --script -- \ + mklabel gpt \ + mkpart primary 0% 100% +parted /dev/sdd --script -- \ + mklabel gpt \ + mkpart primary 0% 100% mkfs.ext4 -L media1 /dev/sda1 mkfs.ext4 -L media2 /dev/sdb1 +mkfs.ext4 -L media3 /dev/sdc1 +mkfs.ext4 -L media4 /dev/sdd1 pvcreate /dev/sda1 pvcreate /dev/sdb1 -vgcreate lvm /dev/sda1 /dev/sdb1 +pvcreate /dev/sdc1 +pvcreate /dev/sdd1 +vgcreate lvm /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1 lvcreate -l 100%FREE -n media lvm mkfs.ext4 -L nixos /dev/mapper/lvm-media @@ -27,17 +37,17 @@ mkfs.fat -F 32 -n boot /dev/sda3 mount /dev/disk/by-label/nixos /mnt swapon /dev/sda2 +mkdir -p /mnt/boot +mount /dev/disk/by-label/boot /mnt/boot apt install sudo useradd -m -G sudo setupuser -# shellcheck disable=2117 -su setupuser cat << EOF # Run the following commands as setup user -curl -L https://nixos.org/nix/install | sh -. $HOME/.nix-profile/etc/profile.d/nix.sh -nix-channel --add https://nixos.org/channels/nixos-20.09 nixpkgs +curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install +. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh +nix profile install nixpkgs#nixos-install-tools sudo "$(which nixos-generate-config)" --root /mnt # Change uuids to labels @@ -54,3 +64,6 @@ git crypt unlock nixos-install --root /mnt --flake '.#' EOF + +# shellcheck disable=2117 +su setupuser diff --git a/hosts/nixos/porthos/networking.nix b/hosts/nixos/porthos/networking.nix index 1e2c9cd9..717652bf 100644 --- a/hosts/nixos/porthos/networking.nix +++ b/hosts/nixos/porthos/networking.nix @@ -6,30 +6,17 @@ hostName = "porthos"; # Define your hostname. domain = "belanyi.fr"; # Define your domain. - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - useDHCP = false; - + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + useDHCP = true; interfaces = { - bond0.useDHCP = true; - bonding_masters.useDHCP = true; - dummy0.useDHCP = true; - erspan0.useDHCP = true; - eth0.useDHCP = true; - eth1.useDHCP = true; - gre0.useDHCP = true; - gretap0.useDHCP = true; - ifb0.useDHCP = true; - ifb1.useDHCP = true; - ip6tnl0.useDHCP = true; - sit0.useDHCP = true; - teql0.useDHCP = true; - tunl0.useDHCP = true; + eno1.useDHCP = true; + eno2.useDHCP = true; }; }; # Which interface is used to connect to the internet - my.hardware.networking.externalInterface = "eth0"; + my.hardware.networking.externalInterface = "eno1"; } diff --git a/modules/home/ssh/default.nix b/modules/home/ssh/default.nix index 674cf6a8..748b1957 100644 --- a/modules/home/ssh/default.nix +++ b/modules/home/ssh/default.nix @@ -49,7 +49,7 @@ in }; porthos = { - hostname = "91.121.177.163"; + hostname = "37.187.146.15"; identityFile = "~/.ssh/shared_rsa"; user = "ambroisie"; }; diff --git a/modules/nixos/services/wireguard/default.nix b/modules/nixos/services/wireguard/default.nix index 26e54e08..a76e424f 100644 --- a/modules/nixos/services/wireguard/default.nix +++ b/modules/nixos/services/wireguard/default.nix @@ -13,7 +13,7 @@ let porthos = { clientNum = 1; publicKey = "PLdgsizztddri0LYtjuNHr5r2E8D+yI+gM8cm5WDfHQ="; - externalIp = "91.121.177.163"; + externalIp = "37.187.146.15"; }; # "Clients" From 6140e1c8f926eced8867c71b18cdefa0f8a22f7a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Mar 2024 22:00:17 +0100 Subject: [PATCH 058/485] nixos: services: lohr: migrate to tmpfiles This is better than a custom script. --- modules/nixos/services/lohr/default.nix | 34 ++++++++++++++----------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/modules/nixos/services/lohr/default.nix b/modules/nixos/services/lohr/default.nix index dd4eea8b..21aadbac 100644 --- a/modules/nixos/services/lohr/default.nix +++ b/modules/nixos/services/lohr/default.nix @@ -59,21 +59,6 @@ in "LOHR_HOME=${lohrHome}" "LOHR_CONFIG=" ]; - ExecStartPre = lib.mkIf (cfg.sshKeyFile != null) ''+${ - pkgs.writeScript "copy-ssh-key" '' - #!${pkgs.bash}/bin/bash - # Ensure the key is not there - mkdir -p '${lohrHome}/.ssh' - rm -f '${lohrHome}/.ssh/id_ed25519' - - # Move the key into place - cp ${cfg.sshKeyFile} '${lohrHome}/.ssh/id_ed25519' - - # Fix permissions - chown -R lohr:lohr '${lohrHome}/.ssh' - chmod -R 0700 '${lohrHome}/.ssh' - '' - }''; ExecStart = let configFile = settingsFormat.generate "lohr-config.yaml" cfg.setting; @@ -103,5 +88,24 @@ in inherit (cfg) port; }; }; + + # SSH key provisioning + systemd.tmpfiles.settings."10-lohr" = lib.mkIf (cfg.sshKeyFile != null) { + "${lohrHome}/.ssh" = { + d = { + user = "lohr"; + group = "lohr"; + mode = "0700"; + }; + }; + "${lohrHome}/.ssh/id_ed25519" = { + "f+" = { + user = "lohr"; + group = "lohr"; + mode = "0700"; + argument = cfg.sshKeyFile; + }; + }; + }; }; } From 08f4175412cc2257f3a30db51e310f4208009560 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 11:52:42 +0000 Subject: [PATCH 059/485] overlays: add none-ls-shellcheck-nvim --- overlays/none-ls-shellcheck-nvim/default.nix | 4 ++++ overlays/none-ls-shellcheck-nvim/generated.nix | 15 +++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 overlays/none-ls-shellcheck-nvim/default.nix create mode 100644 overlays/none-ls-shellcheck-nvim/generated.nix diff --git a/overlays/none-ls-shellcheck-nvim/default.nix b/overlays/none-ls-shellcheck-nvim/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/none-ls-shellcheck-nvim/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/none-ls-shellcheck-nvim/generated.nix b/overlays/none-ls-shellcheck-nvim/generated.nix new file mode 100644 index 00000000..ee93a886 --- /dev/null +++ b/overlays/none-ls-shellcheck-nvim/generated.nix @@ -0,0 +1,15 @@ +{ vimUtils, fetchFromGitHub }: +_final: _prev: +{ + none-ls-shellcheck-nvim = vimUtils.buildVimPlugin { + pname = "none-ls-shellcheck.nvim"; + version = "2024-02-28"; + src = fetchFromGitHub { + owner = "gbprod"; + repo = "none-ls-shellcheck.nvim"; + rev = "1eed283a7ede771b522a0a9f30bb604f02f51d64"; + sha256 = "1hs0q9a0xwyqml0bfmplk89f1dk4nyg6aapfarnx44zqiw1183kn"; + }; + meta.homepage = "https://github.com/gbprod/none-ls-shellcheck.nvim/"; + }; +} From 30247ce3a07a8d804fa471dc69f4c1186a40421e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 11:53:19 +0000 Subject: [PATCH 060/485] home: vim: null-ls: fix deprecated builtins `none-ls` deprecated a lot of unmaintained builtins, or ones that they find has been replaced by a compete LSP server. This removes those deprecated builtins, or uses a shim until I migrate to the relevant LSP configuration (for `bash-language-server`). --- modules/home/vim/default.nix | 1 + modules/home/vim/plugin/settings/null-ls.lua | 26 +++----------------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 871bf40f..3e1aee45 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -68,6 +68,7 @@ in lsp-format-nvim # Simplified formatting configuration lsp_lines-nvim # Show diagnostics *over* regions none-ls-nvim # LSP integration for linters and formatters + none-ls-shellcheck-nvim # shellcheck shim for none-ls nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects nvim-ts-context-commentstring # Comment string in nested language blocks diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 0eaa55cc..99151943 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -28,14 +28,6 @@ null_ls.register({ }), }) --- Haskell -null_ls.register({ - null_ls.builtins.formatting.brittany.with({ - -- Only used if available - condition = utils.is_executable_condition("brittany"), - }), -}) - -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ @@ -50,16 +42,6 @@ null_ls.register({ -- Python null_ls.register({ - null_ls.builtins.diagnostics.flake8.with({ - -- Only used if available, but prefer pflake8 if available - condition = function() - return utils.is_executable("flake8") and not utils.is_executable("pflake8") - end, - }), - null_ls.builtins.diagnostics.pyproject_flake8.with({ - -- Only used if available - condition = utils.is_executable_condition("pflake8"), - }), null_ls.builtins.diagnostics.mypy.with({ -- Only used if available condition = utils.is_executable_condition("mypy"), @@ -81,13 +63,13 @@ null_ls.register({ -- Shell (non-POSIX) null_ls.register({ - null_ls.builtins.code_actions.shellcheck.with({ + require("none-ls-shellcheck.diagnostics").with({ -- Restrict to bash and zsh filetypes = { "bash", "zsh" }, -- Only used if available condition = utils.is_executable_condition("shellcheck"), }), - null_ls.builtins.diagnostics.shellcheck.with({ + require("none-ls-shellcheck.code_actions").with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect @@ -110,13 +92,13 @@ null_ls.register({ -- Shell (POSIX) null_ls.register({ - null_ls.builtins.code_actions.shellcheck.with({ + require("none-ls-shellcheck.diagnostics").with({ -- Restrict to POSIX sh filetypes = { "sh" }, -- Only used if available condition = utils.is_executable_condition("shellcheck"), }), - null_ls.builtins.diagnostics.shellcheck.with({ + require("none-ls-shellcheck.code_actions").with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test From f13a6fb023bf16954531e27aea752a2d24a18fbd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:01:15 +0000 Subject: [PATCH 061/485] home: vim: lspconfig: add 'ruff-lsp' Since everybody is moving towards using it instead of other linters... --- modules/home/vim/plugin/settings/lspconfig.lua | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 794a765c..7b2d95f7 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -52,6 +52,13 @@ if utils.is_executable("pyright") then }) end +if utils.is_executable("ruff-lsp") then + lspconfig.ruff_lsp.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end + -- Rust if utils.is_executable("rust-analyzer") then lspconfig.rust_analyzer.setup({ From 7a3e64f814c9be720eb5e638c5a7d63cd9b5537d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:04:38 +0000 Subject: [PATCH 062/485] home: vim: lspconfig: add 'hls' If I ever end up actually learning it... --- modules/home/vim/plugin/settings/lspconfig.lua | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 7b2d95f7..178898a1 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -29,6 +29,14 @@ if utils.is_executable("clangd") then }) end +-- Haskell +if utils.is_executable("haskell-language-server-wrapper") then + lspconfig.hls.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end + -- Nix if utils.is_executable("nil") then lspconfig.nil_ls.setup({ From dc27b5991220a1d019c339686af484f396660025 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:20:53 +0000 Subject: [PATCH 063/485] home: vim: lspconfig: migrate to 'bashls' Since `none-ls` has removed their `shellcheck` built-in. This actually makes the diagnostics more robust to POSIX/non-POSIX scripts (the LSP server detects it at runtime, which is more robust than the `ftdetect` scripts). Nice bonus: the shellcheck code is shown in the diagnostics message without any configuration! I'm not sure if I can configure `avoid-nullary-conditions` -- though it seems like this check is broken at the moment (I couldn't get it to trigger during my tests). --- modules/home/vim/default.nix | 3 +- .../home/vim/plugin/settings/lspconfig.lua | 9 ++++++ modules/home/vim/plugin/settings/null-ls.lua | 32 ------------------- 3 files changed, 10 insertions(+), 34 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 3e1aee45..07711cc5 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -68,7 +68,6 @@ in lsp-format-nvim # Simplified formatting configuration lsp_lines-nvim # Show diagnostics *over* regions none-ls-nvim # LSP integration for linters and formatters - none-ls-shellcheck-nvim # shellcheck shim for none-ls nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects nvim-ts-context-commentstring # Comment string in nested language blocks @@ -106,7 +105,7 @@ in nixpkgs-fmt # Shell - shellcheck + nodePackages.bash-language-server shfmt ]; }; diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 178898a1..c2de2eaf 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -74,3 +74,12 @@ if utils.is_executable("rust-analyzer") then on_attach = lsp.on_attach, }) end + +-- Shell +if utils.is_executable("bash-language-server") then + lspconfig.bashls.setup({ + filetypes = { "bash", "sh", "zsh" }, + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 99151943..c372751e 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -63,22 +63,6 @@ null_ls.register({ -- Shell (non-POSIX) null_ls.register({ - require("none-ls-shellcheck.diagnostics").with({ - -- Restrict to bash and zsh - filetypes = { "bash", "zsh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - require("none-ls-shellcheck.code_actions").with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test, use bash dialect - extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, - -- Restrict to bash and zsh - filetypes = { "bash", "zsh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use bash dialect @@ -92,22 +76,6 @@ null_ls.register({ -- Shell (POSIX) null_ls.register({ - require("none-ls-shellcheck.diagnostics").with({ - -- Restrict to POSIX sh - filetypes = { "sh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - require("none-ls-shellcheck.code_actions").with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test - extra_args = { "-o", "avoid-nullary-conditions" }, - -- Restrict to POSIX sh - filetypes = { "sh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use POSIX From 9749f0aa28dc945125066aaf47cb6066237ce6f6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:29:34 +0000 Subject: [PATCH 064/485] overlays: remove none-ls-shellcheck-nvim --- overlays/none-ls-shellcheck-nvim/default.nix | 4 ---- overlays/none-ls-shellcheck-nvim/generated.nix | 15 --------------- 2 files changed, 19 deletions(-) delete mode 100644 overlays/none-ls-shellcheck-nvim/default.nix delete mode 100644 overlays/none-ls-shellcheck-nvim/generated.nix diff --git a/overlays/none-ls-shellcheck-nvim/default.nix b/overlays/none-ls-shellcheck-nvim/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/none-ls-shellcheck-nvim/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/none-ls-shellcheck-nvim/generated.nix b/overlays/none-ls-shellcheck-nvim/generated.nix deleted file mode 100644 index ee93a886..00000000 --- a/overlays/none-ls-shellcheck-nvim/generated.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ vimUtils, fetchFromGitHub }: -_final: _prev: -{ - none-ls-shellcheck-nvim = vimUtils.buildVimPlugin { - pname = "none-ls-shellcheck.nvim"; - version = "2024-02-28"; - src = fetchFromGitHub { - owner = "gbprod"; - repo = "none-ls-shellcheck.nvim"; - rev = "1eed283a7ede771b522a0a9f30bb604f02f51d64"; - sha256 = "1hs0q9a0xwyqml0bfmplk89f1dk4nyg6aapfarnx44zqiw1183kn"; - }; - meta.homepage = "https://github.com/gbprod/none-ls-shellcheck.nvim/"; - }; -} From b2dc051e6ad854c26784174c5b7823ebc9dbaec0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Mar 2024 21:49:12 +0100 Subject: [PATCH 065/485] flake: bump inputs And fix the breaking changes in Vikunja (which actually make my configuration simpler). --- flake.lock | 24 +++++++++++----------- modules/nixos/services/vikunja/default.nix | 23 ++------------------- 2 files changed, 14 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index cd0b2de9..ce8318f1 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1706830856, - "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1709204054, - "narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", + "lastModified": 1709988192, + "narHash": "sha256-qxwIkl85P0I1/EyTT+NJwzbXdOv86vgZxcv4UKicjK8=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f3367769a93b226c467551315e9e270c3f78b15", + "rev": "b0b0c3d94345050a7f86d1ebc6c56eea4389d030", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1709150264, - "narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", + "lastModified": 1709703039, + "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", + "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1709206595, - "narHash": "sha256-lBU/gE7DiJCNkJGPVUms0zA0hxzDVgENIXfebj1oeLc=", + "lastModified": 1710013455, + "narHash": "sha256-qzOpU4APTso6JLA+/F4zlO/yL8++n/CsUpmxbQAsy/4=", "owner": "nix-community", "repo": "NUR", - "rev": "fbe8df1c13fd8e63e35c2c4654104661eb1fbbed", + "rev": "cf1e9b0e085368cc489c765f285f1d07c2ec8d36", "type": "github" }, "original": { diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 9767d00e..6e7700f8 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -30,8 +30,6 @@ in frontendScheme = "https"; frontendHostname = vikunjaDomain; - setupNginx = false; - database = { type = "postgres"; user = "vikunja"; @@ -61,28 +59,11 @@ in # This is a weird setup my.services.nginx.virtualHosts = { ${subdomain} = { - # Serve the root for the web-ui - root = config.services.vikunja.package-frontend; - - extraConfig = { - locations = { - "/" = { - tryFiles = "try_files $uri $uri/ /"; - }; - - # Serve the API through a UNIX socket - "~* ^/(api|dav|\\.well-known)/" = { - proxyPass = "http://unix:${socketPath}"; - extraConfig = '' - client_max_body_size 20M; - ''; - }; - }; - }; + socket = socketPath; }; }; - systemd.services.vikunja-api = { + systemd.services.vikunja = { serviceConfig = { # Use a system user to simplify using the CLI DynamicUser = lib.mkForce false; From 276cc7e5f2dcdfe2929128323501b261bcb5b455 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 13:53:11 +0000 Subject: [PATCH 066/485] home: xdg: add '_JAVA_OPTIONS' --- modules/home/xdg/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index aac50582..b7ba32ba 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -55,5 +55,6 @@ in REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; + _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java"; }; } From 3fb758028ca02108451e9cad3fb00d6ced482215 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 14:48:14 +0000 Subject: [PATCH 067/485] home: vim: lspconfig: remove 'rnix-lsp' It's been abandoned, `nil` is a better language server nowadays. --- modules/home/vim/plugin/settings/lspconfig.lua | 7 ------- modules/home/vim/plugin/settings/null-ls.lua | 6 ++---- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index c2de2eaf..628eab97 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -45,13 +45,6 @@ if utils.is_executable("nil") then }) end -if utils.is_executable("rnix-lsp") then - lspconfig.rnix.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) -end - -- Python if utils.is_executable("pyright") then lspconfig.pyright.setup({ diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index c372751e..50d12e02 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -31,11 +31,9 @@ null_ls.register({ -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ - -- Only used if available, but prefer rnix if available + -- Only used if available, but prefer LSP if available condition = function() - return utils.is_executable("nixpkgs-fmt") - and not utils.is_executable("rnix-lsp") - and not utils.is_executable("nil") + return utils.is_executable("nixpkgs-fmt") and not utils.is_executable("nil") end, }), }) From f06e99d95b3ddce679c7569f580d6d2d433ce27f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 18:10:13 +0000 Subject: [PATCH 068/485] home: xdg: move 'less' variables to their module --- modules/home/pager/default.nix | 1 + modules/home/xdg/default.nix | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/home/pager/default.nix b/modules/home/pager/default.nix index aa725873..e304097f 100644 --- a/modules/home/pager/default.nix +++ b/modules/home/pager/default.nix @@ -16,6 +16,7 @@ in LESS = "-R -+X -c"; # Better XDG compliance LESSHISTFILE = "${config.xdg.dataHome}/less/history"; + LESSKEY = "${config.xdg.configHome}/less/lesskey"; }; }; } diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index b7ba32ba..8b01696e 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -46,8 +46,6 @@ in GRADLE_USER_HOME = "${dataHome}/gradle"; HISTFILE = "${dataHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; - LESSHISTFILE = "${dataHome}/less/history"; - LESSKEY = "${configHome}/less/lesskey"; PSQL_HISTORY = "${dataHome}/psql_history"; PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; PYTHONUSERBASE = "${dataHome}/python/"; From b24d299f7090348053e7b79307bc501b2d54a0e9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 18:13:41 +0000 Subject: [PATCH 069/485] home: xdg: move 'gdb' variables to their module --- modules/home/gdb/default.nix | 9 ++++++++- modules/home/xdg/default.nix | 1 - 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index ab519380..fe8eb699 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -26,7 +26,14 @@ in gdb ]; - xdg.configFile."gdb/gdbinit".source = ./gdbinit; + xdg = { + configFile."gdb/gdbinit".source = ./gdbinit; + dataFile. "gdb/.keep".text = ""; + }; + + home.sessionVariables = { + GDBHISTFILE = "${config.xdg.dataHome}/gdb/gdb_history"; + }; } (lib.mkIf cfg.rr.enable { diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 8b01696e..fb2668c6 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -42,7 +42,6 @@ in ANDROID_USER_HOME = "${configHome}/android"; CARGO_HOME = "${dataHome}/cargo"; DOCKER_CONFIG = "${configHome}/docker"; - GDBHISTFILE = "${dataHome}/gdb/gdb_history"; GRADLE_USER_HOME = "${dataHome}/gradle"; HISTFILE = "${dataHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; From 07eca729f58e244702f953dcd98e0544d36a0bb1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 11:31:16 +0000 Subject: [PATCH 070/485] home: vim: null-ls: fix 'nixpkgs-fmt' condition I haven't configured `nil` to format anything. And I don't really care to, this is good enough for me. --- modules/home/vim/plugin/settings/null-ls.lua | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 50d12e02..e7265c7e 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -31,10 +31,8 @@ null_ls.register({ -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ - -- Only used if available, but prefer LSP if available - condition = function() - return utils.is_executable("nixpkgs-fmt") and not utils.is_executable("nil") - end, + -- Only used if available + condition = utils.is_executable_condition("nixpkgs-fmt"), }), }) From 4a8981c7b493ad49878c1b6606dccc99244a0a6f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 12:30:36 +0000 Subject: [PATCH 071/485] home: vim: lua: utils: fix documentation --- modules/home/vim/lua/ambroisie/utils.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 418e0d11..7807e718 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -15,7 +15,7 @@ end --- return a function that checks if a given command is executable --- @param cmd string? command to check ---- @return fun(cmd: string): boolean executable +--- @return fun(): boolean executable M.is_executable_condition = function(cmd) return function() return M.is_executable(cmd) From 56e158f5c52d4333e7c1a3ddc3e2a34dc0aa40ae Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 12:30:36 +0000 Subject: [PATCH 072/485] home: vim: lua: utils: fix deprecated function --- modules/home/vim/lua/ambroisie/utils.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 7807e718..fcb86e98 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -44,7 +44,7 @@ end --- @param bufnr int? buffer number --- @return table all active LSP client names M.list_lsp_clients = function(bufnr) - local clients = vim.lsp.buf_get_clients(bufnr) + local clients = vim.lsp.get_active_clients({ bufnr = bufnr or 0 }) local names = {} for _, client in ipairs(clients) do From 0108b06a02cef330ba71fbca975a9907ea8274c9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 12:40:49 +0000 Subject: [PATCH 073/485] home: vim: lualine: use explicit buffer number I want to tighten the API of this function a little bit, so let's be more specific. --- modules/home/vim/plugin/settings/lualine.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/plugin/settings/lualine.lua b/modules/home/vim/plugin/settings/lualine.lua index fdaccda8..5219a956 100644 --- a/modules/home/vim/plugin/settings/lualine.lua +++ b/modules/home/vim/plugin/settings/lualine.lua @@ -10,7 +10,7 @@ local function list_spell_languages() end local function list_lsp_clients() - local client_names = utils.list_lsp_clients() + local client_names = utils.list_lsp_clients(0) if #client_names == 0 then return "" From 070df03b7e4d81ae75c298379fbd9279be11e903 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 12:42:21 +0000 Subject: [PATCH 074/485] home: vim: lua: utils: allow querying all clients --- modules/home/vim/lua/ambroisie/utils.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index fcb86e98..a84ea7b8 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -40,11 +40,11 @@ M.is_ssh = function() return false end ---- list all active LSP clients for current buffer +--- list all active LSP clients for specific buffer, or all buffers --- @param bufnr int? buffer number --- @return table all active LSP client names M.list_lsp_clients = function(bufnr) - local clients = vim.lsp.get_active_clients({ bufnr = bufnr or 0 }) + local clients = vim.lsp.get_active_clients({ bufnr = bufnr }) local names = {} for _, client in ipairs(clients) do From b16b6a534bd55ba67ecbb5bc0c9ed6befbb18f64 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 15:11:11 +0000 Subject: [PATCH 075/485] home: vim: lua: lsp: use 'vim.print' --- modules/home/vim/lua/ambroisie/lsp.lua | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index 99d8dab1..31a5bd18 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -51,8 +51,7 @@ M.on_attach = function(client, bufnr) local wk = require("which-key") local function list_workspace_folders() - local utils = require("ambroisie.utils") - utils.dump(vim.lsp.buf.list_workspace_folders()) + vim.print(vim.lsp.buf.list_workspace_folders()) end local function cycle_diagnostics_display() From d365aba3c0d91a0b1db91a420c2cddacf032a340 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Mar 2024 15:13:20 +0000 Subject: [PATCH 076/485] home: vim: lua: utils: remove 'dump' It's now available as 'vim.print'. --- modules/home/vim/lua/ambroisie/utils.lua | 6 ------ 1 file changed, 6 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index a84ea7b8..3d2dd3ba 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -1,11 +1,5 @@ local M = {} ---- pretty print lua object ---- @param obj any object to pretty print -M.dump = function(obj) - print(vim.inspect(obj)) -end - --- checks if a given command is executable --- @param cmd string? command to check --- @return boolean executable From 0ff8366105ab0ba6d8da2571c58c9a69bc97b2e5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 13 Mar 2024 13:08:57 +0000 Subject: [PATCH 077/485] home: vim: fix path high-lighting It was previously linked to `Underlined`, which just looks plain wrong IMO. This links it back to `GruvboxOrange`, as it used to be. --- modules/home/vim/init.vim | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index bd63d25b..06500143 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -88,6 +88,17 @@ set background=dark " 24 bit colors set termguicolors +" Setup some overrides for gruvbox +lua << EOF +local gruvbox = require("gruvbox") + +gruvbox.setup({ + overrides = { + -- Only URLs should be underlined + ["@string.special.path"] = { link = "GruvboxOrange" }, + } +}) +EOF " Use my preferred colorscheme colorscheme gruvbox " }}} From c0ef5c9275217ba76493cc496be441575ea2d09a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 13 Mar 2024 11:54:50 +0000 Subject: [PATCH 078/485] overlays: add gruvbox-nvin-expose-palette --- overlays/gruvbox-nvin-expose-palette/default.nix | 4 ++++ overlays/gruvbox-nvin-expose-palette/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/gruvbox-nvin-expose-palette/default.nix create mode 100644 overlays/gruvbox-nvin-expose-palette/generated.nix diff --git a/overlays/gruvbox-nvin-expose-palette/default.nix b/overlays/gruvbox-nvin-expose-palette/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/gruvbox-nvin-expose-palette/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/gruvbox-nvin-expose-palette/generated.nix b/overlays/gruvbox-nvin-expose-palette/generated.nix new file mode 100644 index 00000000..c52ad048 --- /dev/null +++ b/overlays/gruvbox-nvin-expose-palette/generated.nix @@ -0,0 +1,14 @@ +{ fetchpatch, ... }: + +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ + # https://github.com/ellisonleao/gruvbox.nvim/pull/319 + (fetchpatch { + name = "expose-color-palette.patch"; + url = "https://github.com/ellisonleao/gruvbox.nvim/commit/07a493ba4f8b650aab9ed9e486caa89822be0996.patch"; + hash = "sha256-iGwt8qIHe2vaiAUcpaUxyGlM472F89vobTdQ7CF/H70="; + }) + ]; + }); +} From 10b4e6ce2dffdf829a8e13d056273a2767dafec3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 14 Mar 2024 10:56:08 +0000 Subject: [PATCH 079/485] home: vim: explicitly revert diff highlighting --- modules/home/vim/init.vim | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 06500143..c94fc531 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -91,11 +91,17 @@ set termguicolors " Setup some overrides for gruvbox lua << EOF local gruvbox = require("gruvbox") +local colors = gruvbox.palette gruvbox.setup({ overrides = { -- Only URLs should be underlined ["@string.special.path"] = { link = "GruvboxOrange" }, + -- Revert back to the better diff highlighting + DiffAdd = { fg = colors.green, bg = "NONE" }, + DiffChange = { fg = colors.aqua, bg = "NONE" }, + DiffDelete = { fg = colors.red, bg = "NONE" }, + DiffText = { fg = colors.yellow, bg = colors.bg0 }, } }) EOF From 41e1ad326569d65120103748f562d3f72caf6562 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 14 Mar 2024 10:57:21 +0000 Subject: [PATCH 080/485] overlays: remove 'gruvbox-nvim-better-diff' Now that I have the explicit override for it, this overlay is not necessary. This reverts commit 9e0930aca4fb0ae40c40c5cd932962e832d0ee0a. This reverts commit 28187c3b8f34c0912d9f8ce5f74f415a6b77a1c2. --- .../gruvbox-nvim-better-diff/colours.patch | 28 ------------------- overlays/gruvbox-nvim-better-diff/default.nix | 4 --- .../gruvbox-nvim-better-diff/generated.nix | 10 ------- 3 files changed, 42 deletions(-) delete mode 100644 overlays/gruvbox-nvim-better-diff/colours.patch delete mode 100644 overlays/gruvbox-nvim-better-diff/default.nix delete mode 100644 overlays/gruvbox-nvim-better-diff/generated.nix diff --git a/overlays/gruvbox-nvim-better-diff/colours.patch b/overlays/gruvbox-nvim-better-diff/colours.patch deleted file mode 100644 index 5b0d61aa..00000000 --- a/overlays/gruvbox-nvim-better-diff/colours.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 416b3c9c5e783d173ac0fd5310a76c1b144b92c1 Mon Sep 17 00:00:00 2001 -From: eeeXun -Date: Thu, 19 Oct 2023 02:34:12 +0800 -Subject: Use better diff colours - ---- - README.md | 3 ++- - lua/gruvbox.lua | 7 ++++--- - 2 files changed, 6 insertions(+), 4 deletions(-) - -diff --git a/lua/gruvbox.lua b/lua/gruvbox.lua -index ceba0735..a319fc6a 100644 ---- a/lua/gruvbox.lua -+++ b/lua/gruvbox.lua -@@ -360,9 +361,9 @@ local function get_groups() - PmenuSel = { fg = colors.bg2, bg = colors.blue, bold = config.bold }, - PmenuSbar = { bg = colors.bg2 }, - PmenuThumb = { bg = colors.bg4 }, -- DiffDelete = { bg = colors.dark_red }, -- DiffAdd = { bg = colors.dark_green }, -- DiffChange = { bg = colors.dark_aqua }, -- DiffText = { bg = colors.yellow, fg = colors.bg0 }, -+ DiffDelete = { fg = colors.red }, -+ DiffAdd = { fg = colors.green }, -+ DiffChange = { fg = colors.aqua }, -+ DiffText = { fg = colors.yellow, bg = colors.bg0 }, - SpellCap = { link = "GruvboxBlueUnderline" }, - SpellBad = { link = "GruvboxRedUnderline" }, diff --git a/overlays/gruvbox-nvim-better-diff/default.nix b/overlays/gruvbox-nvim-better-diff/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/gruvbox-nvim-better-diff/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/gruvbox-nvim-better-diff/generated.nix b/overlays/gruvbox-nvim-better-diff/generated.nix deleted file mode 100644 index 82a18c2a..00000000 --- a/overlays/gruvbox-nvim-better-diff/generated.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ ... }: - -_final: prev: { - gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { - patches = (oa.patches or [ ]) ++ [ - # Inspired by https://github.com/ellisonleao/gruvbox.nvim/pull/291 - ./colours.patch - ]; - }); -} From 4a01a5053262c45bbeefd5ca4fd8ccff87440f5f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 16 Mar 2024 19:49:00 +0100 Subject: [PATCH 081/485] flake: bump inputs And fix the update `pinentry` options in home-manager. --- flake.lock | 24 ++++++++++++------------ hosts/nixos/aramis/home.nix | 4 ++-- modules/home/bitwarden/default.nix | 9 ++------- modules/home/gpg/default.nix | 11 +++-------- 4 files changed, 19 insertions(+), 29 deletions(-) diff --git a/flake.lock b/flake.lock index ce8318f1..a42d5dd5 100644 --- a/flake.lock +++ b/flake.lock @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1709988192, - "narHash": "sha256-qxwIkl85P0I1/EyTT+NJwzbXdOv86vgZxcv4UKicjK8=", + "lastModified": 1710532761, + "narHash": "sha256-SUXGZNrXX05YA9G6EmgupxhOr3swI1gcxLUeDMUhrEY=", "owner": "nix-community", "repo": "home-manager", - "rev": "b0b0c3d94345050a7f86d1ebc6c56eea4389d030", + "rev": "206f457fffdb9a73596a4cb2211a471bd305243d", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1709703039, - "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", + "lastModified": 1710451336, + "narHash": "sha256-pP86Pcfu3BrAvRO7R64x7hs+GaQrjFes+mEPowCfkxY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", + "rev": "d691274a972b3165335d261cc4671335f5c67de9", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1710013455, - "narHash": "sha256-qzOpU4APTso6JLA+/F4zlO/yL8++n/CsUpmxbQAsy/4=", + "lastModified": 1710607749, + "narHash": "sha256-TRgxM7sOiWF8cea73OzDnmfhyYnN8+vDHUUJlkDDZ/U=", "owner": "nix-community", "repo": "NUR", - "rev": "cf1e9b0e085368cc489c765f285f1d07c2ec8d36", + "rev": "b870db4117d587a8c5c2c8c9e2d311d7fa4befe2", "type": "github" }, "original": { diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index 66a08924..64b63ce4 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -2,7 +2,7 @@ { my.home = { # Use graphical pinentry - bitwarden.pinentry = "gtk2"; + bitwarden.pinentry = pkgs.pinentry-gtk2; # Ebook library calibre.enable = true; # Some amount of social life @@ -14,7 +14,7 @@ # Blue light filter gammastep.enable = true; # Use a small popup to enter passwords - gpg.pinentry = "gtk2"; + gpg.pinentry = pkgs.pinentry-gtk2; # Machine specific packages packages.additionalPackages = with pkgs; [ element-desktop # Matrix client diff --git a/modules/home/bitwarden/default.nix b/modules/home/bitwarden/default.nix index c709f7b5..0c0dfab0 100644 --- a/modules/home/bitwarden/default.nix +++ b/modules/home/bitwarden/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.bitwarden; in @@ -6,12 +6,7 @@ in options.my.home.bitwarden = with lib; { enable = my.mkDisableOption "bitwarden configuration"; - pinentry = mkOption { - type = types.str; - default = "tty"; - example = "gtk2"; - description = "Which pinentry interface to use"; - }; + pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; }; }; config = lib.mkIf cfg.enable { diff --git a/modules/home/gpg/default.nix b/modules/home/gpg/default.nix index 7eadf485..51c865a2 100644 --- a/modules/home/gpg/default.nix +++ b/modules/home/gpg/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.gpg; in @@ -6,12 +6,7 @@ in options.my.home.gpg = with lib; { enable = my.mkDisableOption "gpg configuration"; - pinentry = mkOption { - type = types.str; - default = "tty"; - example = "gtk2"; - description = "Which pinentry interface to use"; - }; + pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; }; }; config = lib.mkIf cfg.enable { @@ -22,7 +17,7 @@ in services.gpg-agent = { enable = true; enableSshSupport = true; # One agent to rule them all - pinentryFlavor = cfg.pinentry; + pinentryPackage = cfg.pinentry; extraConfig = '' allow-loopback-pinentry ''; From 61fa35093ce3eb7f3cbcc9ca97dcdb2af471eba5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Mar 2024 22:03:32 +0100 Subject: [PATCH 082/485] nixos: services: mealie: fix bulk upload --- modules/nixos/services/mealie/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index ebbebb20..55ac3764 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -66,6 +66,13 @@ in my.services.nginx.virtualHosts = { mealie = { inherit (cfg) port; + + extraConfig = { + # Allow bulk upload of recipes for import/export + locations."/".extraConfig = '' + client_max_body_size 0; + ''; + }; }; }; }; From 607aa5351c94bb52308cc83efc8f0f8f7acaf332 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Mar 2024 22:03:32 +0100 Subject: [PATCH 083/485] nixos: services: tandoor-recipes: fix bulk upload --- modules/nixos/services/tandoor-recipes/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index f5dc2dbc..48ad7a84 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -73,6 +73,13 @@ in my.services.nginx.virtualHosts = { recipes = { inherit (cfg) port; + + extraConfig = { + # Allow bulk upload of recipes for import/export + locations."/".extraConfig = '' + client_max_body_size 0; + ''; + }; }; }; }; From 15d0e6bb38b86cd9693dd9c43ee1da4a98744974 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Mar 2024 11:19:33 +0000 Subject: [PATCH 084/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index a42d5dd5..4308e9c9 100644 --- a/flake.lock +++ b/flake.lock @@ -116,11 +116,11 @@ ] }, "locked": { - "lastModified": 1703887061, - "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1710532761, - "narHash": "sha256-SUXGZNrXX05YA9G6EmgupxhOr3swI1gcxLUeDMUhrEY=", + "lastModified": 1711604890, + "narHash": "sha256-vbI/gxRTq/gHW1Q8z6D/7JG/qGNl3JTimUDX+MwnC3A=", "owner": "nix-community", "repo": "home-manager", - "rev": "206f457fffdb9a73596a4cb2211a471bd305243d", + "rev": "3142bdcc470e1e291e1fbe942fd69e06bd00c5df", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710451336, - "narHash": "sha256-pP86Pcfu3BrAvRO7R64x7hs+GaQrjFes+mEPowCfkxY=", + "lastModified": 1711523803, + "narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d691274a972b3165335d261cc4671335f5c67de9", + "rev": "2726f127c15a4cc9810843b96cad73c7eb39e443", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1710607749, - "narHash": "sha256-TRgxM7sOiWF8cea73OzDnmfhyYnN8+vDHUUJlkDDZ/U=", + "lastModified": 1711622043, + "narHash": "sha256-nCNcHYlmmPPIDRkDCvNoEog+AuG7jdmkhkU0fqoS82A=", "owner": "nix-community", "repo": "NUR", - "rev": "b870db4117d587a8c5c2c8c9e2d311d7fa4befe2", + "rev": "b7ff69e152caedbe4d0e40173d61732ac139a09c", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1708018599, - "narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=", + "lastModified": 1711519547, + "narHash": "sha256-Q7YmSCUJmDl71fJv/zD9lrOCJ1/SE/okZ2DsrmRjzhY=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431", + "rev": "7d47a32e5cd1ea481fab33c516356ce27c8cef4a", "type": "github" }, "original": { From 06c64c1a782c2677edbc55a5bebf3332c3fb7d36 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 1 Apr 2024 22:25:37 +0100 Subject: [PATCH 085/485] templates: fix 'matrix-notifier' CI step --- templates/c++-cmake/.woodpecker/check.yml | 2 +- templates/c++-meson/.woodpecker/check.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/c++-cmake/.woodpecker/check.yml b/templates/c++-cmake/.woodpecker/check.yml index 9135f7b0..8e716434 100644 --- a/templates/c++-cmake/.woodpecker/check.yml +++ b/templates/c++-cmake/.woodpecker/check.yml @@ -24,7 +24,7 @@ steps: - source: matrix_password target: pass commands: - - nix run '.#matrix-notifier' + - nix run github:ambroisie/matrix-notifier when: status: - failure diff --git a/templates/c++-meson/.woodpecker/check.yml b/templates/c++-meson/.woodpecker/check.yml index 9135f7b0..8e716434 100644 --- a/templates/c++-meson/.woodpecker/check.yml +++ b/templates/c++-meson/.woodpecker/check.yml @@ -24,7 +24,7 @@ steps: - source: matrix_password target: pass commands: - - nix run '.#matrix-notifier' + - nix run github:ambroisie/matrix-notifier when: status: - failure From 4b5a19a8faade3a5dda68dab7046fb413de31277 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 1 Apr 2024 22:26:21 +0100 Subject: [PATCH 086/485] templates: fix deprecated CI syntax --- .woodpecker/check.yml | 18 +++++++++--------- templates/c++-cmake/.woodpecker/check.yml | 18 +++++++++--------- templates/c++-meson/.woodpecker/check.yml | 18 +++++++++--------- 3 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.woodpecker/check.yml b/.woodpecker/check.yml index aff6e848..e04cd464 100644 --- a/.woodpecker/check.yml +++ b/.woodpecker/check.yml @@ -9,15 +9,15 @@ steps: - name: notifiy image: bash - secrets: - - source: matrix_homeserver - target: address - - source: matrix_roomid - target: room - - source: matrix_username - target: user - - source: matrix_password - target: pass + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password commands: - nix run '.#matrix-notifier' when: diff --git a/templates/c++-cmake/.woodpecker/check.yml b/templates/c++-cmake/.woodpecker/check.yml index 8e716434..4ff7dba0 100644 --- a/templates/c++-cmake/.woodpecker/check.yml +++ b/templates/c++-cmake/.woodpecker/check.yml @@ -14,15 +14,15 @@ steps: - name: notifiy image: bash - secrets: - - source: matrix_homeserver - target: address - - source: matrix_roomid - target: room - - source: matrix_username - target: user - - source: matrix_password - target: pass + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password commands: - nix run github:ambroisie/matrix-notifier when: diff --git a/templates/c++-meson/.woodpecker/check.yml b/templates/c++-meson/.woodpecker/check.yml index 8e716434..4ff7dba0 100644 --- a/templates/c++-meson/.woodpecker/check.yml +++ b/templates/c++-meson/.woodpecker/check.yml @@ -14,15 +14,15 @@ steps: - name: notifiy image: bash - secrets: - - source: matrix_homeserver - target: address - - source: matrix_roomid - target: room - - source: matrix_username - target: user - - source: matrix_password - target: pass + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password commands: - nix run github:ambroisie/matrix-notifier when: From 96aa934bec78ee047ba999c25b9d6836c3d576b6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Mar 2024 20:20:41 +0000 Subject: [PATCH 087/485] pkgs: zsh-done: fix homepage link --- pkgs/zsh-done/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/zsh-done/default.nix b/pkgs/zsh-done/default.nix index bdb6af36..8fac8136 100644 --- a/pkgs/zsh-done/default.nix +++ b/pkgs/zsh-done/default.nix @@ -26,7 +26,7 @@ stdenvNoCC.mkDerivation rec { description = '' A zsh plug-in to receive notifications when long processes finish ''; - homepage = "https://gitea.belanyi.fr/ambroisie/zsh-done"; + homepage = "https://git.belanyi.fr/ambroisie/zsh-done"; license = licenses.mit; platforms = platforms.unix; maintainers = with maintainers; [ ambroisie ]; From d97da124ee39432b20ae3ebeba218f5ed6577589 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Mar 2024 20:20:41 +0000 Subject: [PATCH 088/485] templates: fix homepage links --- templates/c++-cmake/flake.nix | 2 +- templates/c++-meson/flake.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/c++-cmake/flake.nix b/templates/c++-cmake/flake.nix index cb468e7e..db3b35c1 100644 --- a/templates/c++-cmake/flake.nix +++ b/templates/c++-cmake/flake.nix @@ -52,7 +52,7 @@ meta = with lib; { description = "A C++ project"; - homepage = "https://gitea.belanyi.fr/ambroisie/project"; + homepage = "https://git.belanyi.fr/ambroisie/project"; license = licenses.mit; maintainers = with maintainers; [ ambroisie ]; platforms = platforms.unix; diff --git a/templates/c++-meson/flake.nix b/templates/c++-meson/flake.nix index 9cfed0d7..5957c621 100644 --- a/templates/c++-meson/flake.nix +++ b/templates/c++-meson/flake.nix @@ -52,7 +52,7 @@ meta = with lib; { description = "A C++ project"; - homepage = "https://gitea.belanyi.fr/ambroisie/project"; + homepage = "https://git.belanyi.fr/ambroisie/project"; license = licenses.mit; maintainers = with maintainers; [ ambroisie ]; platforms = platforms.unix; From 8a4fdf6a56f69e9dbf6852a520ab43257c7731b1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Mar 2024 20:21:41 +0000 Subject: [PATCH 089/485] templates: fix description typo --- templates/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/default.nix b/templates/default.nix index f58fd727..31c3a81c 100644 --- a/templates/default.nix +++ b/templates/default.nix @@ -5,6 +5,6 @@ }; "c++-meson" = { path = ./c++-meson; - description = "A C++ project using CMake"; + description = "A C++ project using Meson"; }; } From f729f6a0980b439ed3d8143f2af82860c27bd5bd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 2 Apr 2024 12:25:05 +0200 Subject: [PATCH 090/485] hosts: nixos: porthos: secrets: add 'lohr' owner --- hosts/nixos/porthos/secrets/secrets.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index bea380c1..c43376b1 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -31,8 +31,14 @@ in publicKeys = all; }; - "lohr/secret.age".publicKeys = all; - "lohr/ssh-key.age".publicKeys = all; + "lohr/secret.age" = { + owner = "lohr"; + publicKeys = all; + }; + "lohr/ssh-key.age" = { + owner = "lohr"; + publicKeys = all; + }; "matrix/mail.age" = { owner = "matrix-synapse"; From 8f120e2129ceb2e32945cb5eecaaf43968d8f9cf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 2 Apr 2024 12:25:34 +0200 Subject: [PATCH 091/485] nixos: services: lohr: fix SSH key creation In the migration to `tmpfiles.d(5)`, I used the wrong type of file. Using `f` would write the path to the file as its content, rather than copy it. Unfortunately `C` and `C+` do not overwrite an existing file, so using a symlink it the correct solution here. This means the SSH key file must have `lohr` as an owner... Perhaps I should make it so the service can read the file itself, rather than rely on the filesystem location, so that I don't have to contort myself quite so much to make it work. --- modules/nixos/services/lohr/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/lohr/default.nix b/modules/nixos/services/lohr/default.nix index 21aadbac..21ed93bb 100644 --- a/modules/nixos/services/lohr/default.nix +++ b/modules/nixos/services/lohr/default.nix @@ -99,7 +99,7 @@ in }; }; "${lohrHome}/.ssh/id_ed25519" = { - "f+" = { + "L+" = { user = "lohr"; group = "lohr"; mode = "0700"; From 10a3e684c8fa837958210610c920e3dd83bfcf55 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 7 Apr 2024 13:28:26 +0200 Subject: [PATCH 092/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 4308e9c9..808a7777 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1707830867, - "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", + "lastModified": 1712079060, + "narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=", "owner": "ryantm", "repo": "agenix", - "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", + "rev": "1381a759b205dff7a6818733118d02253340fd5e", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1709336216, - "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1711604890, - "narHash": "sha256-vbI/gxRTq/gHW1Q8z6D/7JG/qGNl3JTimUDX+MwnC3A=", + "lastModified": 1712390667, + "narHash": "sha256-ebq+fJZfobqpsAdGDGpxNWSySbQejRwW9cdiil6krCo=", "owner": "nix-community", "repo": "home-manager", - "rev": "3142bdcc470e1e291e1fbe942fd69e06bd00c5df", + "rev": "b787726a8413e11b074cde42704b4af32d95545c", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1711523803, - "narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=", + "lastModified": 1712439257, + "narHash": "sha256-aSpiNepFOMk9932HOax0XwNxbA38GOUVOiXfUVPOrck=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2726f127c15a4cc9810843b96cad73c7eb39e443", + "rev": "ff0dbd94265ac470dda06a657d5fe49de93b4599", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1711622043, - "narHash": "sha256-nCNcHYlmmPPIDRkDCvNoEog+AuG7jdmkhkU0fqoS82A=", + "lastModified": 1712485930, + "narHash": "sha256-Gx1kXJYnYENoJKWdZpTSDj9fAbnhSzp/cTpFFIXre/M=", "owner": "nix-community", "repo": "NUR", - "rev": "b7ff69e152caedbe4d0e40173d61732ac139a09c", + "rev": "e4dfbd7eb86b3ac1bf5b7d5c4ca200dba5cbb5a9", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1711519547, - "narHash": "sha256-Q7YmSCUJmDl71fJv/zD9lrOCJ1/SE/okZ2DsrmRjzhY=", + "lastModified": 1712055707, + "narHash": "sha256-4XLvuSIDZJGS17xEwSrNuJLL7UjDYKGJSbK1WWX2AK8=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7d47a32e5cd1ea481fab33c516356ce27c8cef4a", + "rev": "e35aed5fda3cc79f88ed7f1795021e559582093a", "type": "github" }, "original": { From 6b51b4e2ab49dfe4a853ad5873e9d4741eafaefa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 7 Apr 2024 13:30:40 +0200 Subject: [PATCH 093/485] nixos: services: rss-bridge: fix deprecated option --- modules/nixos/services/rss-bridge/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/rss-bridge/default.nix b/modules/nixos/services/rss-bridge/default.nix index 85e37c20..52b10301 100644 --- a/modules/nixos/services/rss-bridge/default.nix +++ b/modules/nixos/services/rss-bridge/default.nix @@ -11,7 +11,9 @@ in config = lib.mkIf cfg.enable { services.rss-bridge = { enable = true; - whitelist = [ "*" ]; # Whitelist all + config = { + system.enabled_bridges = [ "*" ]; # Whitelist all + }; virtualHost = "rss-bridge.${config.networking.domain}"; }; From 6efe2c12ba7e580418ca8a17b14185422defa67e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Apr 2024 21:19:54 +0200 Subject: [PATCH 094/485] nixos: services: woodpecker: exec: fix NodeJS I need it for Tree Sitter support... --- modules/nixos/services/woodpecker/agent-exec/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/woodpecker/agent-exec/default.nix b/modules/nixos/services/woodpecker/agent-exec/default.nix index 7ae21c81..24161b03 100644 --- a/modules/nixos/services/woodpecker/agent-exec/default.nix +++ b/modules/nixos/services/woodpecker/agent-exec/default.nix @@ -44,6 +44,8 @@ in serviceConfig = { # Same option as upstream, without @setuid SystemCallFilter = lib.mkForce "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap"; + # NodeJS requires RWX memory... + MemoryDenyWriteExecute = lib.mkForce false; BindPaths = [ "/nix/var/nix/daemon-socket/socket" From 3e6b9f716167eef4c6a030f4c6570f4ea28a7c44 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Apr 2024 10:01:17 +0000 Subject: [PATCH 095/485] home: vim: ftdetect: add bp Unfortunately, the `blueprint` filetype name is already taken... --- modules/home/vim/ftdetect/blueprint.lua | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 modules/home/vim/ftdetect/blueprint.lua diff --git a/modules/home/vim/ftdetect/blueprint.lua b/modules/home/vim/ftdetect/blueprint.lua new file mode 100644 index 00000000..d3fb395d --- /dev/null +++ b/modules/home/vim/ftdetect/blueprint.lua @@ -0,0 +1,6 @@ +-- Use `bp` filetype for Blueprint files +vim.filetype.add({ + extension = { + bp = "bp", + }, +}) From 95c688766f7af1bd06e22ce150aa4628167455d8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Apr 2024 10:01:17 +0000 Subject: [PATCH 096/485] home: vim: ftplugin: add bp --- modules/home/vim/after/ftplugin/bp.vim | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 modules/home/vim/after/ftplugin/bp.vim diff --git a/modules/home/vim/after/ftplugin/bp.vim b/modules/home/vim/after/ftplugin/bp.vim new file mode 100644 index 00000000..1224e7a8 --- /dev/null +++ b/modules/home/vim/after/ftplugin/bp.vim @@ -0,0 +1,7 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Add comment format +setlocal comments=b://,s1:/*,mb:*,ex:*/ +setlocal commentstring=//\ %s +let b:undo_ftplugin.='|setlocal comments< commentstring<' From a4ede5f6f403a6f73d8ac34ee56892be2e1a4f4f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 10 May 2023 13:04:06 +0000 Subject: [PATCH 097/485] templates: add rust-cargo --- templates/default.nix | 4 + templates/rust-cargo/.envrc | 5 + templates/rust-cargo/.gitignore | 6 ++ templates/rust-cargo/.woodpecker/check.yml | 31 ++++++ templates/rust-cargo/Cargo.lock | 7 ++ templates/rust-cargo/Cargo.toml | 8 ++ templates/rust-cargo/flake.nix | 112 +++++++++++++++++++++ templates/rust-cargo/rustfmt.toml | 0 templates/rust-cargo/src/main.rs | 3 + 9 files changed, 176 insertions(+) create mode 100644 templates/rust-cargo/.envrc create mode 100644 templates/rust-cargo/.gitignore create mode 100644 templates/rust-cargo/.woodpecker/check.yml create mode 100644 templates/rust-cargo/Cargo.lock create mode 100644 templates/rust-cargo/Cargo.toml create mode 100644 templates/rust-cargo/flake.nix create mode 100644 templates/rust-cargo/rustfmt.toml create mode 100644 templates/rust-cargo/src/main.rs diff --git a/templates/default.nix b/templates/default.nix index 31c3a81c..44db753a 100644 --- a/templates/default.nix +++ b/templates/default.nix @@ -7,4 +7,8 @@ path = ./c++-meson; description = "A C++ project using Meson"; }; + "rust-cargo" = { + path = ./rust-cargo; + description = "A Rust project using Cargo"; + }; } diff --git a/templates/rust-cargo/.envrc b/templates/rust-cargo/.envrc new file mode 100644 index 00000000..de77fcb0 --- /dev/null +++ b/templates/rust-cargo/.envrc @@ -0,0 +1,5 @@ +if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then + source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" +fi + +use flake diff --git a/templates/rust-cargo/.gitignore b/templates/rust-cargo/.gitignore new file mode 100644 index 00000000..5f360ff9 --- /dev/null +++ b/templates/rust-cargo/.gitignore @@ -0,0 +1,6 @@ +# Rust build directory +/target + +# Nix generated files +/.pre-commit-config.yaml +/result diff --git a/templates/rust-cargo/.woodpecker/check.yml b/templates/rust-cargo/.woodpecker/check.yml new file mode 100644 index 00000000..4ff7dba0 --- /dev/null +++ b/templates/rust-cargo/.woodpecker/check.yml @@ -0,0 +1,31 @@ +labels: + backend: local + +steps: +- name: pre-commit check + image: bash + commands: + - nix develop --command pre-commit run --all + +- name: nix flake check + image: bash + commands: + - nix flake check + +- name: notifiy + image: bash + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password + commands: + - nix run github:ambroisie/matrix-notifier + when: + status: + - failure + - success diff --git a/templates/rust-cargo/Cargo.lock b/templates/rust-cargo/Cargo.lock new file mode 100644 index 00000000..4f9c86e2 --- /dev/null +++ b/templates/rust-cargo/Cargo.lock @@ -0,0 +1,7 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "project" +version = "0.0.0" diff --git a/templates/rust-cargo/Cargo.toml b/templates/rust-cargo/Cargo.toml new file mode 100644 index 00000000..4dfdc0b2 --- /dev/null +++ b/templates/rust-cargo/Cargo.toml @@ -0,0 +1,8 @@ +[package] +name = "project" +version = "0.0.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] diff --git a/templates/rust-cargo/flake.nix b/templates/rust-cargo/flake.nix new file mode 100644 index 00000000..6d50369d --- /dev/null +++ b/templates/rust-cargo/flake.nix @@ -0,0 +1,112 @@ +{ + description = "A Rust project"; + + inputs = { + futils = { + type = "github"; + owner = "numtide"; + repo = "flake-utils"; + ref = "main"; + }; + + nixpkgs = { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + ref = "nixos-unstable"; + }; + + pre-commit-hooks = { + type = "github"; + owner = "cachix"; + repo = "pre-commit-hooks.nix"; + ref = "master"; + inputs = { + flake-utils.follows = "futils"; + nixpkgs.follows = "nixpkgs"; + }; + }; + }; + + outputs = { self, futils, nixpkgs, pre-commit-hooks }: + { + overlays = { + default = final: _prev: { + project = with final; rustPlatform.buildRustPackage { + pname = "project"; + version = (final.lib.importTOML ./Cargo.toml).package.version; + + src = self; + + cargoLock = { + lockFile = "${self}/Cargo.lock"; + }; + + meta = with lib; { + description = "A Rust project"; + homepage = "https://git.belanyi.fr/ambroisie/project"; + license = licenses.mit; + maintainers = with maintainers; [ ambroisie ]; + }; + }; + }; + }; + } // futils.lib.eachDefaultSystem (system: + let + pkgs = import nixpkgs { + inherit system; + overlays = [ + self.overlays.default + ]; + }; + + pre-commit = pre-commit-hooks.lib.${system}.run { + src = self; + + hooks = { + clippy = { + enable = true; + settings = { + denyWarnings = true; + }; + }; + + nixpkgs-fmt = { + enable = true; + }; + + rustfmt = { + enable = true; + }; + }; + }; + in + { + checks = { + inherit (self.packages.${system}) project; + }; + + devShells = { + default = pkgs.mkShell { + inputsFrom = with self.packages.${system}; [ + project + ]; + + packages = with pkgs; [ + clippy + rust-analyzer + rustfmt + ]; + + RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}"; + + inherit (pre-commit) shellHook; + }; + }; + + packages = futils.lib.flattenTree { + default = pkgs.project; + inherit (pkgs) project; + }; + }); +} diff --git a/templates/rust-cargo/rustfmt.toml b/templates/rust-cargo/rustfmt.toml new file mode 100644 index 00000000..e69de29b diff --git a/templates/rust-cargo/src/main.rs b/templates/rust-cargo/src/main.rs new file mode 100644 index 00000000..e7a11a96 --- /dev/null +++ b/templates/rust-cargo/src/main.rs @@ -0,0 +1,3 @@ +fn main() { + println!("Hello, world!"); +} From 7e0cb867deb17d2f5b23670510147bb6dc59470f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Apr 2024 15:19:29 +0000 Subject: [PATCH 098/485] pkgs: remove 'digestpp' I have packaged it upstream. --- pkgs/default.nix | 2 -- pkgs/digestpp/default.nix | 31 ------------------------------- 2 files changed, 33 deletions(-) delete mode 100644 pkgs/digestpp/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index e82a90c4..a45bd7f7 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -12,8 +12,6 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { diff-flake = pkgs.callPackage ./diff-flake { }; - digestpp = pkgs.callPackage ./digestpp { }; - dragger = pkgs.callPackage ./dragger { }; drone-rsync = pkgs.callPackage ./drone-rsync { }; diff --git a/pkgs/digestpp/default.nix b/pkgs/digestpp/default.nix deleted file mode 100644 index 2fd90db0..00000000 --- a/pkgs/digestpp/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib -, fetchFromGitHub -, stdenv -}: -stdenv.mkDerivation { - pname = "digestpp"; - version = "0-unstable-2023-11-07"; - - src = fetchFromGitHub { - owner = "kerukuro"; - repo = "digestpp"; - rev = "ebb699402c244e22c3aff61d2239bcb2e87b8ef8"; - hash = "sha256-9X/P7DgZB6bSYjQWRli4iAXEFjhmACOVv3EYQrXuH5c="; - }; - - installPhase = '' - runHook preInstall - - mkdir -p $out/include/digestpp - cp -r *.hpp algorithm/ detail/ $out/include/digestpp - - runHook postInstall - ''; - - meta = with lib; { - description = "C++11 header-only message digest library"; - homepage = "https://github.com/kerukuro/digestpp"; - license = licenses.unlicense; - maintainers = with maintainers; [ ambroisie ]; - }; -} From e43cdbfa6519753cb5fb6d674d88eeecbd03e9ab Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Apr 2024 15:19:56 +0000 Subject: [PATCH 099/485] pkgs: remove 'sqlite_orm' I have packaged it upstream. --- pkgs/default.nix | 2 -- pkgs/sqlite_orm/default.nix | 32 -------------------------------- 2 files changed, 34 deletions(-) delete mode 100644 pkgs/sqlite_orm/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index a45bd7f7..02128874 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -28,8 +28,6 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { rbw-pass = pkgs.callPackage ./rbw-pass { }; - sqlite_orm = pkgs.callPackage ./sqlite_orm { }; - unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; zsh-done = pkgs.callPackage ./zsh-done { }; diff --git a/pkgs/sqlite_orm/default.nix b/pkgs/sqlite_orm/default.nix deleted file mode 100644 index 3891eee1..00000000 --- a/pkgs/sqlite_orm/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ lib -, cmake -, fetchFromGitHub -, sqlite -, stdenv -}: -stdenv.mkDerivation (finalAttrs: { - pname = "sqlite_orm"; - version = "1.8.2"; - - src = fetchFromGitHub { - owner = "fnc12"; - repo = "sqlite_orm"; - rev = "v${finalAttrs.version}"; - hash = "sha256-KqphGFcnR1Y11KqL7sxODSv7lEvcURdF6kLd3cg84kc="; - }; - - nativeBuildInputs = [ - cmake - ]; - - propagatedBuildInputs = [ - sqlite - ]; - - meta = with lib; { - description = "Light header only SQLite ORM"; - homepage = "https://sqliteorm.com/"; - license = licenses.agpl3Only; # MIT license is commercial - maintainers = with maintainers; [ ambroisie ]; - }; -}) From 06b760e3ee7ffe73a78753295a6d4e10ef6fe98a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Apr 2024 15:20:09 +0000 Subject: [PATCH 100/485] pkgs: remove 'bt-migrate' I have packaged it upstream. --- pkgs/bt-migrate/default.nix | 61 ------------------------------------- pkgs/default.nix | 2 -- 2 files changed, 63 deletions(-) delete mode 100644 pkgs/bt-migrate/default.nix diff --git a/pkgs/bt-migrate/default.nix b/pkgs/bt-migrate/default.nix deleted file mode 100644 index df99c554..00000000 --- a/pkgs/bt-migrate/default.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ lib -, boost -, cmake -, cxxopts -, digestpp -, fetchFromGitHub -, fmt -, jsoncons -, pugixml -, sqlite_orm -, stdenv -}: -stdenv.mkDerivation { - pname = "bt-migrate"; - version = "0-unstable-2023-08-17"; - - src = fetchFromGitHub { - owner = "mikedld"; - repo = "bt-migrate"; - rev = "e15a489c0c76f98355586ebbee08223af4e9bf50"; - hash = "sha256-kA6yxhbIh3ThmgF8Zyoe3I79giLVmdNr9IIrw5Xx4s0="; - }; - - nativeBuildInputs = [ - cmake - ]; - - buildInputs = [ - boost - cxxopts - fmt - jsoncons - pugixml - sqlite_orm - ]; - - cmakeFlags = [ - (lib.strings.cmakeBool "USE_VCPKG" false) - # NOTE: digestpp does not have proper CMake packaging (yet?) - (lib.strings.cmakeBool "USE_FETCHCONTENT" true) - (lib.strings.cmakeFeature "FETCHCONTENT_SOURCE_DIR_DIGESTPP" "${digestpp}/include/digestpp") - ]; - - # NOTE: no install target in CMake... - installPhase = '' - runHook preInstall - - mkdir -p $out/bin - cp BtMigrate $out/bin - - runHook postInstall - ''; - - meta = with lib; { - description = "Torrent state migration tool"; - homepage = "https://github.com/mikedld/bt-migrate"; - license = licenses.gpl3Only; - maintainers = with maintainers; [ ambroisie ]; - mainProgram = "BtMigrate"; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index 02128874..6b7fce11 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,7 +1,5 @@ { pkgs }: pkgs.lib.makeScope pkgs.newScope (pkgs: { - bt-migrate = pkgs.callPackage ./bt-migrate { }; - bw-pass = pkgs.callPackage ./bw-pass { }; change-audio = pkgs.callPackage ./change-audio { }; From 6a22a80d4203111dd77bcd4ae7594f2ae194403b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Apr 2024 14:06:21 +0000 Subject: [PATCH 101/485] home: direnv: update default flake Now that I (usually?) override `nixpkgs` in the registry, there's not much use in defaulting to `pkgs`. --- modules/home/direnv/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/direnv/default.nix b/modules/home/direnv/default.nix index 93a1f3b1..4f1f4b69 100644 --- a/modules/home/direnv/default.nix +++ b/modules/home/direnv/default.nix @@ -8,8 +8,8 @@ in defaultFlake = mkOption { type = types.str; - default = "pkgs"; - example = "nixpkgs"; + default = "nixpkgs"; + example = "pkgs"; description = '' Which flake from the registry should be used for use pkgs by default. From b735eb4b98fd60f3e3f3bcdca33aec1eedc4719e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Apr 2024 14:08:00 +0000 Subject: [PATCH 102/485] home: direnv: set 'DIRENV_DEFAULT_FLAKE' as needed --- modules/home/direnv/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/home/direnv/default.nix b/modules/home/direnv/default.nix index 4f1f4b69..67beb622 100644 --- a/modules/home/direnv/default.nix +++ b/modules/home/direnv/default.nix @@ -7,8 +7,8 @@ in enable = my.mkDisableOption "direnv configuration"; defaultFlake = mkOption { - type = types.str; - default = "nixpkgs"; + type = with types; nullOr str; + default = null; example = "pkgs"; description = '' Which flake from the registry should be used for @@ -39,7 +39,7 @@ in in lib.my.genAttrs' files linkLibFile; - home.sessionVariables = { + home.sessionVariables = lib.mkIf (cfg.defaultFlake != null) { DIRENV_DEFAULT_FLAKE = cfg.defaultFlake; }; }; From f9db06a6d43d4fdce7595c6a5b5acfe7af84b971 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 22 Apr 2024 20:58:45 +0200 Subject: [PATCH 103/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 808a7777..8ee39d73 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1712390667, - "narHash": "sha256-ebq+fJZfobqpsAdGDGpxNWSySbQejRwW9cdiil6krCo=", + "lastModified": 1713809191, + "narHash": "sha256-9Tb5JKcacjxNF1f7gsu/4l4Gxa2qflq9x1hhdl10iwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "b787726a8413e11b074cde42704b4af32d95545c", + "rev": "e866aae5bbbcfe6798ca05d3004a4e62f1828954", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1712439257, - "narHash": "sha256-aSpiNepFOMk9932HOax0XwNxbA38GOUVOiXfUVPOrck=", + "lastModified": 1713714899, + "narHash": "sha256-+z/XjO3QJs5rLE5UOf015gdVauVRQd2vZtsFkaXBq2Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ff0dbd94265ac470dda06a657d5fe49de93b4599", + "rev": "6143fc5eeb9c4f00163267708e26191d1e918932", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1712485930, - "narHash": "sha256-Gx1kXJYnYENoJKWdZpTSDj9fAbnhSzp/cTpFFIXre/M=", + "lastModified": 1713810384, + "narHash": "sha256-ze9APypWwgcNXvtc+Y/In/PCGmIzm/VefrwQKG7ge7E=", "owner": "nix-community", "repo": "NUR", - "rev": "e4dfbd7eb86b3ac1bf5b7d5c4ca200dba5cbb5a9", + "rev": "5d454967f1d978fe45956d25ed7ee15b9910da18", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1712055707, - "narHash": "sha256-4XLvuSIDZJGS17xEwSrNuJLL7UjDYKGJSbK1WWX2AK8=", + "lastModified": 1713775815, + "narHash": "sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "e35aed5fda3cc79f88ed7f1795021e559582093a", + "rev": "2ac4dcbf55ed43f3be0bae15e181f08a57af24a4", "type": "github" }, "original": { From c18054cad72c92a347a87ddaa63bf1b0ffa2a023 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 20:30:25 +0100 Subject: [PATCH 104/485] nixos: services: podgrab: use 'media' group --- modules/nixos/services/podgrab/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix index 5ceebb64..f1a8eb21 100644 --- a/modules/nixos/services/podgrab/default.nix +++ b/modules/nixos/services/podgrab/default.nix @@ -29,8 +29,13 @@ in services.podgrab = { enable = true; inherit (cfg) passwordFile port; + + group = "media"; }; + # Set-up media group + users.groups.media = { }; + my.services.nginx.virtualHosts = { podgrab = { inherit (cfg) port; From 5df0574f41017e67462fcc7809fd117f2f7944be Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 20:30:25 +0100 Subject: [PATCH 105/485] nixos: services: podgrab: add 'dataDir' --- modules/nixos/services/podgrab/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix index f1a8eb21..ea89e4e5 100644 --- a/modules/nixos/services/podgrab/default.nix +++ b/modules/nixos/services/podgrab/default.nix @@ -17,6 +17,15 @@ in ''; }; + dataDir = mkOption { + type = with types; nullOr str; + default = null; + example = "/mnt/podgrab"; + description = '' + Path to the directory to store the podcasts. Use default if null + ''; + }; + port = mkOption { type = types.port; default = 8080; @@ -31,6 +40,7 @@ in inherit (cfg) passwordFile port; group = "media"; + dataDirectory = lib.mkIf (cfg.dataDir != null) cfg.dataDir; }; # Set-up media group From 7ebbb10568f12929b54308d6aa96defad93c9d82 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 20:32:05 +0100 Subject: [PATCH 106/485] hosts: nixos: porthos: migrate podgrab 'dataDir' I want to share it with `audiobookshelf`, so putting it in `/data/media` makes it easier. --- hosts/nixos/porthos/services.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index a67ae3b3..d84c2fa5 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -134,6 +134,7 @@ in podgrab = { enable = true; passwordFile = secrets."podgrab/password".path; + dataDir = "/data/media/podcasts"; port = 9598; }; # Regular backups From 2dedb41a47e83aa3a86b4ad8062d7348fa7a35c9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 19:59:34 +0100 Subject: [PATCH 107/485] nixos: services: add audiobookshelf --- .../nixos/services/audiobookshelf/default.nix | 39 +++++++++++++++++++ modules/nixos/services/default.nix | 1 + 2 files changed, 40 insertions(+) create mode 100644 modules/nixos/services/audiobookshelf/default.nix diff --git a/modules/nixos/services/audiobookshelf/default.nix b/modules/nixos/services/audiobookshelf/default.nix new file mode 100644 index 00000000..8c9719d0 --- /dev/null +++ b/modules/nixos/services/audiobookshelf/default.nix @@ -0,0 +1,39 @@ +# Audiobook and podcast library +{ config, lib, ... }: +let + cfg = config.my.services.audiobookshelf; +in +{ + options.my.services.audiobookshelf = with lib; { + enable = mkEnableOption "Audiobookshelf, a self-hosted podcast manager"; + + port = mkOption { + type = types.port; + default = 8000; + example = 4242; + description = "The port on which Audiobookshelf will listen for incoming HTTP traffic."; + }; + }; + + config = lib.mkIf cfg.enable { + services.audiobookshelf = { + enable = true; + inherit (cfg) port; + + group = "media"; + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + audiobookshelf = { + inherit (cfg) port; + # Proxy websockets for RPC + extraConfig = { + locations."/".proxyWebsockets = true; + }; + }; + }; + }; +} diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 3b32d062..60b24786 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -4,6 +4,7 @@ imports = [ ./adblock ./aria + ./audiobookshelf ./backup ./blog ./calibre-web From 929c8ea9b0322339429113318440336e2931fbe2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 20:00:17 +0100 Subject: [PATCH 108/485] hosts: nixos: porthos: services: audiobookshelf --- hosts/nixos/porthos/services.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index d84c2fa5..23901f79 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -10,6 +10,11 @@ in adblock = { enable = true; }; + # Audiobook and podcast library + audiobookshelf = { + enable = true; + port = 9599; + }; # Backblaze B2 backup backup = { enable = true; From df79f36c873d08fabe18ec8bfcb87ff6f5eb4edd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 4 May 2024 16:06:14 +0200 Subject: [PATCH 109/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 8ee39d73..c1084e9b 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1712079060, - "narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=", + "lastModified": 1714136352, + "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=", "owner": "ryantm", "repo": "agenix", - "rev": "1381a759b205dff7a6818733118d02253340fd5e", + "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "lastModified": 1714641030, + "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1713809191, - "narHash": "sha256-9Tb5JKcacjxNF1f7gsu/4l4Gxa2qflq9x1hhdl10iwM=", + "lastModified": 1714679908, + "narHash": "sha256-KzcXzDvDJjX34en8f3Zimm396x6idbt+cu4tWDVS2FI=", "owner": "nix-community", "repo": "home-manager", - "rev": "e866aae5bbbcfe6798ca05d3004a4e62f1828954", + "rev": "9036fe9ef8e15a819fa76f47a8b1f287903fb848", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1713714899, - "narHash": "sha256-+z/XjO3QJs5rLE5UOf015gdVauVRQd2vZtsFkaXBq2Y=", + "lastModified": 1714635257, + "narHash": "sha256-4cPymbty65RvF1DWQfc+Bc8B233A1BWxJnNULJKQ1EY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6143fc5eeb9c4f00163267708e26191d1e918932", + "rev": "63c3a29ca82437c87573e4c6919b09a24ea61b0f", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1713810384, - "narHash": "sha256-ze9APypWwgcNXvtc+Y/In/PCGmIzm/VefrwQKG7ge7E=", + "lastModified": 1714825428, + "narHash": "sha256-6U4cppyR0u6sqSSVr3GMrnIXhP2YGR0knfgrUGtr/1Y=", "owner": "nix-community", "repo": "NUR", - "rev": "5d454967f1d978fe45956d25ed7ee15b9910da18", + "rev": "5847f3365c16afafc10c56994beadd4cdc8552ee", "type": "github" }, "original": { @@ -197,11 +197,11 @@ ] }, "locked": { - "lastModified": 1713775815, - "narHash": "sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls=", + "lastModified": 1714478972, + "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "2ac4dcbf55ed43f3be0bae15e181f08a57af24a4", + "rev": "2849da033884f54822af194400f8dff435ada242", "type": "github" }, "original": { From 8d2cf7f2c0a133e718f147222db9ae04d68c1155 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 4 May 2024 16:06:24 +0200 Subject: [PATCH 110/485] nixos: profiles: laptop: fix renamed option --- modules/nixos/profiles/laptop/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/profiles/laptop/default.nix b/modules/nixos/profiles/laptop/default.nix index 20a29d70..68c65b82 100644 --- a/modules/nixos/profiles/laptop/default.nix +++ b/modules/nixos/profiles/laptop/default.nix @@ -9,7 +9,7 @@ in config = lib.mkIf cfg.enable { # Enable touchpad support - services.xserver.libinput.enable = true; + services.libinput.enable = true; # Enable TLP power management my.services.tlp.enable = true; From 6162f4f4d52fc3bd2bcac2659ce6fc836a959345 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 4 May 2024 22:51:11 +0200 Subject: [PATCH 111/485] modules: services: nextcloud: bump to 29 --- modules/nixos/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 51195dfc..bb3169ac 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -31,7 +31,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud28; + package = pkgs.nextcloud29; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From 48beb9f1fe7cba2554da18727a2c0a2b34393d17 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 7 May 2024 11:10:29 +0000 Subject: [PATCH 112/485] nixos: services: postgres: simplify update script --- modules/nixos/services/postgresql/default.nix | 27 ++++++++++++------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index 6f51f3e7..1c067365 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -27,17 +27,26 @@ in environment.systemPackages = let - newpg = config.containers.temp-pg.config.services.postgresql; + pgCfg = config.services.postgresql; + newPackage' = pkgs.postgresql_13; + + oldPackage = if pgCfg.enableJIT then pgCfg.package.withJIT else pgCfg.package; + oldData = pgCfg.dataDir; + oldBin = "${if pgCfg.extraPlugins == [] then oldPackage else oldPackage.withPackages pgCfg.extraPlugins}/bin"; + + newPackage = if pgCfg.enableJIT then newPackage'.withJIT else newPackage'; + newData = "/var/lib/postgresql/${newPackage.psqlSchema}"; + newBin = "${if pgCfg.extraPlugins == [] then newPackage else newPackage.withPackages pgCfg.extraPlugins}/bin"; in [ (pkgs.writeScriptBin "upgrade-pg-cluster" '' #!/usr/bin/env bash - set -x - export OLDDATA="${config.services.postgresql.dataDir}" - export NEWDATA="${newpg.dataDir}" - export OLDBIN="${config.services.postgresql.package}/bin" - export NEWBIN="${newpg.package}/bin" + set -eux + export OLDDATA="${oldData}" + export NEWDATA="${newData}" + export OLDBIN="${oldBin}" + export NEWBIN="${newBin}" if [ "$OLDDATA" -ef "$NEWDATA" ]; then echo "Cannot migrate to same data directory" >&2 @@ -46,13 +55,13 @@ in install -d -m 0700 -o postgres -g postgres "$NEWDATA" cd "$NEWDATA" - sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" + sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA" systemctl stop postgresql # old one - sudo -u postgres $NEWBIN/pg_upgrade \ + sudo -u postgres "$NEWBIN/pg_upgrade" \ --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ - --old-bindir $OLDBIN --new-bindir $NEWBIN \ + --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ "$@" '') ]; From 0745e450b9a28041b875012eb935b224b3a05862 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 7 May 2024 11:40:03 +0000 Subject: [PATCH 113/485] nixos: services: postgres: remove unused container --- modules/nixos/services/postgresql/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index 1c067365..7559bb66 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -20,11 +20,6 @@ in # Taken from the manual (lib.mkIf cfg.upgradeScript { - containers.temp-pg.config.services.postgresql = { - enable = true; - package = pkgs.postgresql_13; - }; - environment.systemPackages = let pgCfg = config.services.postgresql; From f6c476a07f2e7d1e8671cfe01a749d7ca5a0e4a2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 7 May 2024 11:20:40 +0000 Subject: [PATCH 114/485] nixos: services: postgres: add post-upgrade advice --- modules/nixos/services/postgresql/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index 7559bb66..bbe46d42 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -58,6 +58,13 @@ in --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ "$@" + + cat << EOF + Run the following commands after setting: + services.postgresql.package = pkgs.postgresql_${lib.versions.major newPackage.version} + sudo -u postgres vacuumdb --all --analyze-in-stages + ${newData}/delete_old_cluster.sh + EOF '') ]; }) From 811a9f44c59545ca6944328e54138dca9ead2896 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 10 May 2024 09:35:47 +0000 Subject: [PATCH 115/485] home: vim: ftplugin: add json --- modules/home/vim/after/ftplugin/json.vim | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 modules/home/vim/after/ftplugin/json.vim diff --git a/modules/home/vim/after/ftplugin/json.vim b/modules/home/vim/after/ftplugin/json.vim new file mode 100644 index 00000000..3f7b09d2 --- /dev/null +++ b/modules/home/vim/after/ftplugin/json.vim @@ -0,0 +1,6 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Use a small indentation value on JSON files +setlocal shiftwidth=2 +let b:undo_ftplugin.='|setlocal shiftwidth<' From 1cba7b609daacf7ef6c5c3ff0f8b3f3c865c92dc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 13 May 2024 14:28:45 +0000 Subject: [PATCH 116/485] home: vim: null-ls: remove 'clang-format' I should be relying on `clangd` instead, which should always be available whenever `clang-format` was. --- modules/home/vim/plugin/settings/null-ls.lua | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index e7265c7e..eadf16a1 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -18,16 +18,6 @@ null_ls.register({ }), }) --- C, C++ -null_ls.register({ - null_ls.builtins.formatting.clang_format.with({ - -- Only used if available, but prefer clangd formatting if available - condition = function() - return utils.is_executable("clang-format") and not utils.is_executable("clangd") - end, - }), -}) - -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ From 9e89b4dd36b3b98430a8460e7c53f1e6185f116d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 19 May 2024 22:32:54 +0200 Subject: [PATCH 117/485] flake: bump inputs --- flake.lock | 39 ++++++++++++++++++--------------------- flake.nix | 1 - 2 files changed, 18 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index c1084e9b..5fa49109 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1714136352, - "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=", + "lastModified": 1715290355, + "narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=", "owner": "ryantm", "repo": "agenix", - "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e", + "rev": "8d37c5bdeade12b6479c85acd133063ab53187a0", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1714641030, - "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", + "lastModified": 1715865404, + "narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", + "rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1714679908, - "narHash": "sha256-KzcXzDvDJjX34en8f3Zimm396x6idbt+cu4tWDVS2FI=", + "lastModified": 1715930644, + "narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=", "owner": "nix-community", "repo": "home-manager", - "rev": "9036fe9ef8e15a819fa76f47a8b1f287903fb848", + "rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1714635257, - "narHash": "sha256-4cPymbty65RvF1DWQfc+Bc8B233A1BWxJnNULJKQ1EY=", + "lastModified": 1715961556, + "narHash": "sha256-+NpbZRCRisUHKQJZF3CT+xn14ZZQO+KjxIIanH3Pvn4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63c3a29ca82437c87573e4c6919b09a24ea61b0f", + "rev": "4a6b83b05df1a8bd7d99095ec4b4d271f2956b64", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1714825428, - "narHash": "sha256-6U4cppyR0u6sqSSVr3GMrnIXhP2YGR0knfgrUGtr/1Y=", + "lastModified": 1716149933, + "narHash": "sha256-0Ui2HmmKvSqxXfT5kCzTu2EO+kqYxavPZHROxQLsI14=", "owner": "nix-community", "repo": "NUR", - "rev": "5847f3365c16afafc10c56994beadd4cdc8552ee", + "rev": "0d0e224fe23a49977d871ae2fe2f14c84b03322a", "type": "github" }, "original": { @@ -185,9 +185,6 @@ "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": [ - "futils" - ], "gitignore": "gitignore", "nixpkgs": [ "nixpkgs" @@ -197,11 +194,11 @@ ] }, "locked": { - "lastModified": 1714478972, - "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=", + "lastModified": 1715870890, + "narHash": "sha256-nacSOeXtUEM77Gn0G4bTdEOeFIrkCBXiyyFZtdGwuH0=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "2849da033884f54822af194400f8dff435ada242", + "rev": "fa606cccd7b0ccebe2880051208e4a0f61bfc8c1", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 9c29183b..a07ee154 100644 --- a/flake.nix +++ b/flake.nix @@ -63,7 +63,6 @@ repo = "pre-commit-hooks.nix"; ref = "master"; inputs = { - flake-utils.follows = "futils"; nixpkgs.follows = "nixpkgs"; nixpkgs-stable.follows = "nixpkgs"; }; From ccab4d09528edc84a5759a4106b18c3d3fef556d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 15:12:45 +0000 Subject: [PATCH 118/485] overlays: add 'gruvbox-nvim-delimiters' To fix [1] and [2] until the plug-in gets bumped. [1]: https://github.com/ellisonleao/gruvbox.nvim/issues/335 [2]: https://github.com/ellisonleao/gruvbox.nvim/issues/340 --- overlays/gruvbox-nvim-delimiters/default.nix | 4 ++++ overlays/gruvbox-nvim-delimiters/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/gruvbox-nvim-delimiters/default.nix create mode 100644 overlays/gruvbox-nvim-delimiters/generated.nix diff --git a/overlays/gruvbox-nvim-delimiters/default.nix b/overlays/gruvbox-nvim-delimiters/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/gruvbox-nvim-delimiters/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/gruvbox-nvim-delimiters/generated.nix b/overlays/gruvbox-nvim-delimiters/generated.nix new file mode 100644 index 00000000..7a27a3dc --- /dev/null +++ b/overlays/gruvbox-nvim-delimiters/generated.nix @@ -0,0 +1,14 @@ +{ fetchpatch, ... }: + +_final: prev: { + gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ + # https://github.com/ellisonleao/gruvbox.nvim/pull/319 + (fetchpatch { + name = "add-Delimiter-highlight-group.patch"; + url = "https://github.com/ellisonleao/gruvbox.nvim/commit/20f90039564b293330bf97acc36dda8dd9e721a0.patch"; + hash = "sha256-it4SbgK/2iDVyvtXBfVW2YN9DqELfKsMkuCaunERGcE="; + }) + ]; + }); +} From 89056e3d5d7b5be3ee630430e36c919d4ef3cb0f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 May 2024 11:27:48 +0000 Subject: [PATCH 119/485] home: vim: lspconfig: migrate to 'ruff' This replaces and enhances the experience from the old `ruff-lsp` wrapper. --- modules/home/vim/plugin/settings/lspconfig.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 628eab97..b3f89543 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -53,8 +53,8 @@ if utils.is_executable("pyright") then }) end -if utils.is_executable("ruff-lsp") then - lspconfig.ruff_lsp.setup({ +if utils.is_executable("ruff") then + lspconfig.ruff.setup({ capabilities = capabilities, on_attach = lsp.on_attach, }) From 201fabbc147e59ba49f8743ceef3fe0ce84e5056 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 20:18:05 +0100 Subject: [PATCH 120/485] home: vim: remove redundant ftdetect files These have been added upstream and made redundant as part of the update to v0.10. --- modules/home/vim/ftdetect/blueprint.lua | 6 ------ modules/home/vim/ftdetect/gn.lua | 7 ------- modules/home/vim/ftdetect/kbuild.lua | 6 ------ modules/home/vim/ftdetect/tikz.lua | 6 ------ 4 files changed, 25 deletions(-) delete mode 100644 modules/home/vim/ftdetect/blueprint.lua delete mode 100644 modules/home/vim/ftdetect/gn.lua delete mode 100644 modules/home/vim/ftdetect/kbuild.lua delete mode 100644 modules/home/vim/ftdetect/tikz.lua diff --git a/modules/home/vim/ftdetect/blueprint.lua b/modules/home/vim/ftdetect/blueprint.lua deleted file mode 100644 index d3fb395d..00000000 --- a/modules/home/vim/ftdetect/blueprint.lua +++ /dev/null @@ -1,6 +0,0 @@ --- Use `bp` filetype for Blueprint files -vim.filetype.add({ - extension = { - bp = "bp", - }, -}) diff --git a/modules/home/vim/ftdetect/gn.lua b/modules/home/vim/ftdetect/gn.lua deleted file mode 100644 index 37d772ed..00000000 --- a/modules/home/vim/ftdetect/gn.lua +++ /dev/null @@ -1,7 +0,0 @@ --- Use GN filetype for Chromium Generate Ninja files -vim.filetype.add({ - extension = { - gn = "gn", - gni = "gn", - }, -}) diff --git a/modules/home/vim/ftdetect/kbuild.lua b/modules/home/vim/ftdetect/kbuild.lua deleted file mode 100644 index 799570e1..00000000 --- a/modules/home/vim/ftdetect/kbuild.lua +++ /dev/null @@ -1,6 +0,0 @@ --- Kbuild is just a Makefile under a different name -vim.filetype.add({ - filename = { - ["Kbuild"] = "make", - }, -}) diff --git a/modules/home/vim/ftdetect/tikz.lua b/modules/home/vim/ftdetect/tikz.lua deleted file mode 100644 index 93b7db01..00000000 --- a/modules/home/vim/ftdetect/tikz.lua +++ /dev/null @@ -1,6 +0,0 @@ --- Use LaTeX filetype for TikZ files -vim.filetype.add({ - extension = { - tikz = "tex", - }, -}) From a60287f8cf85e1f0bc0ddf40b110b4744244dee0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 20:26:12 +0100 Subject: [PATCH 121/485] home: vim: remove 'nvim-osc52' OSC52 supports has been added upstream, and is set up automatically when `SSH_TTY` is set (and a few other conditions) in v0.10. --- modules/home/vim/default.nix | 1 - modules/home/vim/plugin/settings/ssh.lua | 17 ----------------- 2 files changed, 18 deletions(-) delete mode 100644 modules/home/vim/plugin/settings/ssh.lua diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 07711cc5..2e85ba36 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -58,7 +58,6 @@ in # General enhancements vim-qf # Better quick-fix list - nvim-osc52 # Send clipboard data through terminal escape for SSH # Other wrappers git-messenger-vim # A simple blame window diff --git a/modules/home/vim/plugin/settings/ssh.lua b/modules/home/vim/plugin/settings/ssh.lua deleted file mode 100644 index 992a707e..00000000 --- a/modules/home/vim/plugin/settings/ssh.lua +++ /dev/null @@ -1,17 +0,0 @@ -if not require("ambroisie.utils").is_ssh() then - return -end - -local function copy(lines, _) - require("osc52").copy(table.concat(lines, "\n")) -end - -local function paste() - return { vim.fn.split(vim.fn.getreg(""), "\n"), vim.fn.getregtype("") } -end - -vim.g.clipboard = { - name = "osc52", - copy = { ["+"] = copy, ["*"] = copy }, - paste = { ["+"] = paste, ["*"] = paste }, -} From cc82d7575f370f44d4ab0f12b339bee8869fc894 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 20:27:39 +0100 Subject: [PATCH 122/485] home: vim: do not set 'termguicolors' explicitly Rely on the new behaviour from v0.10 which detects it more intelligently. --- modules/home/vim/init.vim | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index c94fc531..3a74c4f4 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -86,8 +86,6 @@ set mouse= " Set dark mode by default set background=dark -" 24 bit colors -set termguicolors " Setup some overrides for gruvbox lua << EOF local gruvbox = require("gruvbox") From 212f280d921e035b5f9c015be50564240eddb074 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 20:33:02 +0100 Subject: [PATCH 123/485] home: vim: remove commenting plug-ins Rely on the new built-in support which was added upstream as part of v0.10. Crucially, upstream supports using tree-sitter aware comment strings by default. --- modules/home/vim/after/plugin/mappings/commentary.lua | 10 ---------- modules/home/vim/default.nix | 2 -- 2 files changed, 12 deletions(-) delete mode 100644 modules/home/vim/after/plugin/mappings/commentary.lua diff --git a/modules/home/vim/after/plugin/mappings/commentary.lua b/modules/home/vim/after/plugin/mappings/commentary.lua deleted file mode 100644 index 6ed3b89b..00000000 --- a/modules/home/vim/after/plugin/mappings/commentary.lua +++ /dev/null @@ -1,10 +0,0 @@ -local wk = require("which-key") - -local keys = { - name = "Comment/uncomment", - c = "Current line", - u = "Uncomment the current and adjacent commented lines", - ["gc"] = "Uncomment the current and adjacent commented lines", -} - -wk.register(keys, { prefix = "gc" }) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 2e85ba36..509ae58d 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -40,7 +40,6 @@ in lualine-lsp-progress # Show progress for LSP servers # tpope essentials - vim-commentary # Easy comments vim-eunuch # UNIX integrations vim-fugitive # A 'git' wrapper vim-git # Sane git syntax files @@ -69,7 +68,6 @@ in none-ls-nvim # LSP integration for linters and formatters nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects - nvim-ts-context-commentstring # Comment string in nested language blocks plenary-nvim # 'null-ls', 'telescope' dependency # Completion From e0b66e89f9cd85abccad9307b4d3863955cd4818 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 May 2024 20:39:08 +0100 Subject: [PATCH 124/485] home: vim: ftplugin: remove bp It's now part of the upstream runtime as of v0.10, so this file is redundant and can be removed. --- modules/home/vim/after/ftplugin/bp.vim | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 modules/home/vim/after/ftplugin/bp.vim diff --git a/modules/home/vim/after/ftplugin/bp.vim b/modules/home/vim/after/ftplugin/bp.vim deleted file mode 100644 index 1224e7a8..00000000 --- a/modules/home/vim/after/ftplugin/bp.vim +++ /dev/null @@ -1,7 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Add comment format -setlocal comments=b://,s1:/*,mb:*,ex:*/ -setlocal commentstring=//\ %s -let b:undo_ftplugin.='|setlocal comments< commentstring<' From b90da603b1a67ebaa01b9b8ebcffc0f64ab452fe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 May 2024 14:08:10 +0000 Subject: [PATCH 125/485] home: nix: fix typo --- modules/home/nix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index 0934189a..f8d65ce8 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -27,7 +27,7 @@ in }; inputs = { - link = my.mkDisableOption "link inputs to `/etc/nix/inputs/`"; + link = my.mkDisableOption "link inputs to `$XDG_CONFIG_HOME/nix/inputs/`"; addToRegistry = my.mkDisableOption "add inputs and self to registry"; From 442d267ca244dc92b6177fa795e308c361eb73f5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 28 May 2024 13:48:54 +0000 Subject: [PATCH 126/485] home: vim: lsp: add missing type hint --- modules/home/vim/lua/ambroisie/lsp.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index 31a5bd18..dc473665 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -5,7 +5,7 @@ local lsp_format = require("lsp-format") --- Move to the next/previous diagnostic, automatically showing the diagnostics --- float if necessary. ---- @param forward whether to go forward or backwards +--- @param forward bool whether to go forward or backwards local function goto_diagnostic(forward) vim.validate({ forward = { forward, "boolean" }, From 5af0230c5883000d5c1570dc958e42320e8bc517 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 29 May 2024 11:13:30 +0000 Subject: [PATCH 127/485] flake: bump inputs And undo the overlay for `gruvbox-nvim`. This reverts commit ccab4d09528edc84a5759a4106b18c3d3fef556d. --- flake.lock | 30 +++++++++---------- overlays/gruvbox-nvim-delimiters/default.nix | 4 --- .../gruvbox-nvim-delimiters/generated.nix | 14 --------- 3 files changed, 15 insertions(+), 33 deletions(-) delete mode 100644 overlays/gruvbox-nvim-delimiters/default.nix delete mode 100644 overlays/gruvbox-nvim-delimiters/generated.nix diff --git a/flake.lock b/flake.lock index 5fa49109..5191e9fb 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1715290355, - "narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=", + "lastModified": 1716561646, + "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", "owner": "ryantm", "repo": "agenix", - "rev": "8d37c5bdeade12b6479c85acd133063ab53187a0", + "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1715930644, - "narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=", + "lastModified": 1716930911, + "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=", "owner": "nix-community", "repo": "home-manager", - "rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d", + "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1715961556, - "narHash": "sha256-+NpbZRCRisUHKQJZF3CT+xn14ZZQO+KjxIIanH3Pvn4=", + "lastModified": 1716769173, + "narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a6b83b05df1a8bd7d99095ec4b4d271f2956b64", + "rev": "9ca3f649614213b2aaf5f1e16ec06952fe4c2632", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1716149933, - "narHash": "sha256-0Ui2HmmKvSqxXfT5kCzTu2EO+kqYxavPZHROxQLsI14=", + "lastModified": 1716972321, + "narHash": "sha256-iB8kNkc+p/9NwmrXgnChB6JFcUtSBSdGESRVliiTCMI=", "owner": "nix-community", "repo": "NUR", - "rev": "0d0e224fe23a49977d871ae2fe2f14c84b03322a", + "rev": "3ced449a2fdd845ffde002790691bedf6958f00c", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1715870890, - "narHash": "sha256-nacSOeXtUEM77Gn0G4bTdEOeFIrkCBXiyyFZtdGwuH0=", + "lastModified": 1716213921, + "narHash": "sha256-xrsYFST8ij4QWaV6HEokCUNIZLjjLP1bYC60K8XiBVA=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "fa606cccd7b0ccebe2880051208e4a0f61bfc8c1", + "rev": "0e8fcc54b842ad8428c9e705cb5994eaf05c26a0", "type": "github" }, "original": { diff --git a/overlays/gruvbox-nvim-delimiters/default.nix b/overlays/gruvbox-nvim-delimiters/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/gruvbox-nvim-delimiters/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/gruvbox-nvim-delimiters/generated.nix b/overlays/gruvbox-nvim-delimiters/generated.nix deleted file mode 100644 index 7a27a3dc..00000000 --- a/overlays/gruvbox-nvim-delimiters/generated.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ fetchpatch, ... }: - -_final: prev: { - gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: { - patches = (oa.patches or [ ]) ++ [ - # https://github.com/ellisonleao/gruvbox.nvim/pull/319 - (fetchpatch { - name = "add-Delimiter-highlight-group.patch"; - url = "https://github.com/ellisonleao/gruvbox.nvim/commit/20f90039564b293330bf97acc36dda8dd9e721a0.patch"; - hash = "sha256-it4SbgK/2iDVyvtXBfVW2YN9DqELfKsMkuCaunERGcE="; - }) - ]; - }); -} From 82a0c65901f3209c47359db9bcdd1bc32e68e3a2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 Jun 2024 22:49:10 +0100 Subject: [PATCH 128/485] home: firefox: tridactyl: add LWN comment toggle Ideally, I would instead be targeting the `::before` pseudo-element, which is the _actual_ button, but it doesn't work... --- modules/home/firefox/tridactyl/tridactylrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/firefox/tridactyl/tridactylrc b/modules/home/firefox/tridactyl/tridactylrc index 4dc53cf3..5a8ef06c 100644 --- a/modules/home/firefox/tridactyl/tridactylrc +++ b/modules/home/firefox/tridactyl/tridactylrc @@ -15,8 +15,8 @@ bind --mode=input editor_rm " Binds {{{ " Reddit et al. {{{ -" Toggle comments on Reddit, Hacker News, Lobste.rs -bind ;c hint -Jc [class*="expand"],[class*="togg"],[class="comment_folder"] +" Toggle comments on Reddit, Hacker News, Lobste.rs, LWN +bind ;c hint -Jc [class*="expand"],[class*="togg"],[class="comment_folder"],[class="CommentTitle"] " Make `gu` take me back to subreddit from comments bindurl reddit.com gu urlparent 3 From c08c8c79d38b36270140b43a2885abe11318bf04 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 Jun 2024 12:53:13 +0000 Subject: [PATCH 129/485] home: firefox: tridactyl: fix DDG mapping --- modules/home/firefox/tridactyl/tridactylrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/firefox/tridactyl/tridactylrc b/modules/home/firefox/tridactyl/tridactylrc index 5a8ef06c..36bd59d7 100644 --- a/modules/home/firefox/tridactyl/tridactylrc +++ b/modules/home/firefox/tridactyl/tridactylrc @@ -26,8 +26,8 @@ bindurl www.google.com f hint -Jc #search a bindurl www.google.com F hint -Jbc #search a " Only hint search results on DuckDuckGo -bindurl ^https://duckduckgo.com f hint -Jc [data-testid="result-title-a"] -bindurl ^https://duckduckgo.com F hint -Jbc [data-testid="result-title-a"] +bindurl ^https://duckduckgo.com f hint -Jc [data-testid="result"] +bindurl ^https://duckduckgo.com F hint -Jbc [data-testid="result"] " Only hint item pages on Hacker News bindurl news.ycombinator.com ;f hint -Jc .age > a From 7ea10f7823c3e8d5a66fb7bec6df4c2fd2c8055c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jun 2024 10:06:31 +0000 Subject: [PATCH 130/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 5191e9fb..8ad503c4 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1715865404, - "narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=", + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1716930911, - "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=", + "lastModified": 1718141734, + "narHash": "sha256-cA+6l8ZCZ7MXGijVuY/1f55+wF/RT4PlTR9+g4bx86w=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086", + "rev": "892f76bd0aa09a0f7f73eb41834b8a904b6d0fad", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1716769173, - "narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=", + "lastModified": 1717974879, + "narHash": "sha256-GTO3C88+5DX171F/gVS3Qga/hOs/eRMxPFpiHq2t+D8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9ca3f649614213b2aaf5f1e16ec06952fe4c2632", + "rev": "c7b821ba2e1e635ba5a76d299af62821cbcb09f3", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1716972321, - "narHash": "sha256-iB8kNkc+p/9NwmrXgnChB6JFcUtSBSdGESRVliiTCMI=", + "lastModified": 1718184302, + "narHash": "sha256-opRL7+wsIxy+r0zP4BkrKUEiljIXhXdboIylH04ggOg=", "owner": "nix-community", "repo": "NUR", - "rev": "3ced449a2fdd845ffde002790691bedf6958f00c", + "rev": "4b71c3c633d0a1784960a2350012dbb809bb4dac", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1716213921, - "narHash": "sha256-xrsYFST8ij4QWaV6HEokCUNIZLjjLP1bYC60K8XiBVA=", + "lastModified": 1717664902, + "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "0e8fcc54b842ad8428c9e705cb5994eaf05c26a0", + "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", "type": "github" }, "original": { From 10a7111f1c8a0857f9ce06869e1b9f8923025da7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jun 2024 21:26:57 +0200 Subject: [PATCH 131/485] nixos: services: mealie: fix DB auth Turns out the package update [1] was because someone couldn't make it work on the previous version, and added a new setting to configure it more easily :-). [1]: https://github.com/NixOS/nixpkgs/pull/314294 --- modules/nixos/services/mealie/default.nix | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 55ac3764..96b9e144 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -35,12 +35,8 @@ in # Use PostgreSQL DB_ENGINE = "postgres"; - POSTGRES_USER = "mealie"; - POSTGRES_PASSWORD = ""; - POSTGRES_SERVER = "/run/postgresql"; - # Pydantic and/or mealie doesn't handle the URI correctly, hijack it - # with query parameters... - POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie"; + # Make it work with socket auth + POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; }; From d37c767a2f0999fbe10e7c2b6a969c1bf39137f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jun 2024 21:29:19 +0200 Subject: [PATCH 132/485] nixos: services: forgejo: fix deprecated config --- modules/nixos/services/forgejo/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix index 0f3dfc59..18538bea 100644 --- a/modules/nixos/services/forgejo/default.nix +++ b/modules/nixos/services/forgejo/default.nix @@ -83,7 +83,11 @@ in # I configure my backup system manually below. dump.enable = false; - mailerPasswordFile = lib.mkIf cfg.mail.enable cfg.mail.passwordFile; + secrets = { + mailer = lib.mkIf cfg.mail.enable { + PASSWD = cfg.mail.passwordFile; + }; + }; settings = { DEFAULT = { From 6a9ac77b0c366819a9f10110850c56a311a03cab Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 14 Jun 2024 21:17:21 +0100 Subject: [PATCH 133/485] nixos: hardware: bluetooth: remove pipewire conf Turns out the wireplumber configuration I was setting up is redundant with the upstream default (which work better, becomes they use a quirks database...). It was also out-of-date due to the update to v0.5, which changed the configuration format... --- modules/nixos/hardware/bluetooth/default.nix | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth/default.nix index c019b31e..e9b1991f 100644 --- a/modules/nixos/hardware/bluetooth/default.nix +++ b/modules/nixos/hardware/bluetooth/default.nix @@ -24,24 +24,6 @@ in extraModules = [ pkgs.pulseaudio-modules-bt ]; package = pkgs.pulseaudioFull; }; - - services.pipewire.wireplumber.configPackages = [ - (pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" '' - bluez_monitor.properties = { - -- SBC XQ provides better audio - ["bluez5.enable-sbc-xq"] = true, - - -- mSBC provides better audio + microphone - ["bluez5.enable-msbc"] = true, - - -- Synchronize volume with bluetooth device - ["bluez5.enable-hw-volume"] = true, - - -- FIXME: Some devices may now support both hsp_ag and hfp_ag - ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" - } - '') - ]; }) # Support for A2DP audio profile From 64331981d0015e04c45267fcff5087092f1db9fa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Jun 2024 10:11:50 +0000 Subject: [PATCH 134/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 8ad503c4..084af23a 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1716561646, - "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", + "lastModified": 1718371084, + "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", "owner": "ryantm", "repo": "agenix", - "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", + "rev": "3a56735779db467538fb2e577eda28a9daacaca6", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1718141734, - "narHash": "sha256-cA+6l8ZCZ7MXGijVuY/1f55+wF/RT4PlTR9+g4bx86w=", + "lastModified": 1718526747, + "narHash": "sha256-sKrD/utGvmtQALvuDj4j0CT3AJXP1idOAq2p+27TpeE=", "owner": "nix-community", "repo": "home-manager", - "rev": "892f76bd0aa09a0f7f73eb41834b8a904b6d0fad", + "rev": "0a7ffb28e5df5844d0e8039c9833d7075cdee792", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1717974879, - "narHash": "sha256-GTO3C88+5DX171F/gVS3Qga/hOs/eRMxPFpiHq2t+D8=", + "lastModified": 1718318537, + "narHash": "sha256-4Zu0RYRcAY/VWuu6awwq4opuiD//ahpc2aFHg2CWqFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c7b821ba2e1e635ba5a76d299af62821cbcb09f3", + "rev": "e9ee548d90ff586a6471b4ae80ae9cfcbceb3420", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1718184302, - "narHash": "sha256-opRL7+wsIxy+r0zP4BkrKUEiljIXhXdboIylH04ggOg=", + "lastModified": 1718606072, + "narHash": "sha256-+BKOI7p2YoNwNQgfdIldS0hmihEjBBLWPOek624sgeg=", "owner": "nix-community", "repo": "NUR", - "rev": "4b71c3c633d0a1784960a2350012dbb809bb4dac", + "rev": "6af362f6660ce325faacb9e180e3c2e8d2af3fdd", "type": "github" }, "original": { From 7c61d6dffc119069db44361dedc075ffc036f87d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Jun 2024 11:17:22 +0000 Subject: [PATCH 135/485] nixos: hardware: graphics: use AMDVLK options --- modules/nixos/hardware/graphics/default.nix | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/modules/nixos/hardware/graphics/default.nix b/modules/nixos/hardware/graphics/default.nix index 3baac02b..51ac4455 100644 --- a/modules/nixos/hardware/graphics/default.nix +++ b/modules/nixos/hardware/graphics/default.nix @@ -35,19 +35,22 @@ in (lib.mkIf (cfg.gpuFlavor == "amd") { boot.initrd.kernelModules = lib.mkIf cfg.amd.enableKernelModule [ "amdgpu" ]; + hardware.amdgpu = { + # Vulkan + amdvlk = lib.mkIf cfg.amd.amdvlk { + enable = true; + support32Bit = { + enable = true; + }; + }; + }; + hardware.opengl = { extraPackages = with pkgs; [ # OpenCL rocmPackages.clr rocmPackages.clr.icd - ] - ++ lib.optional cfg.amd.amdvlk amdvlk - ; - - extraPackages32 = with pkgs; [ - ] - ++ lib.optional cfg.amd.amdvlk driversi686Linux.amdvlk - ; + ]; }; }) From 9ab49e06f9abf377b34c86a3e52ea1ba0225f189 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Jun 2024 12:15:41 +0000 Subject: [PATCH 136/485] nixos: hardware: graphics: add 32bit Intel drivers --- modules/nixos/hardware/graphics/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/hardware/graphics/default.nix b/modules/nixos/hardware/graphics/default.nix index 51ac4455..65f10560 100644 --- a/modules/nixos/hardware/graphics/default.nix +++ b/modules/nixos/hardware/graphics/default.nix @@ -72,6 +72,13 @@ in intel-vaapi-driver libvdpau-va-gl ]; + + extraPackages32 = with pkgs.driversi686Linux; [ + # VA API + intel-media-driver + intel-vaapi-driver + libvdpau-va-gl + ]; }; }) ]); From eb94fca939189fb8f761ffda549d6fc6c4ff3943 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 18 Jun 2024 09:21:42 +0000 Subject: [PATCH 137/485] home: nix: use 'nix.nixPath' Freshly merged upstream, I've only been waiting ~1 year for it. --- modules/home/nix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index f8d65ce8..c0bbcc84 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -96,7 +96,7 @@ in }) (lib.mkIf cfg.inputs.addToNixPath { - home.sessionVariables.NIX_PATH = "${config.xdg.configHome}/nix/inputs\${NIX_PATH:+:$NIX_PATH}"; + nix.nixPath = [ "${config.xdg.configHome}/nix/inputs" ]; }) ]); } From 468eaa9ed47f3c5077a1e176d3a53e7dc3087fcc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 18 Jun 2024 13:13:42 +0000 Subject: [PATCH 138/485] home: nixpkgs: use 'escapeShellArg' --- modules/home/nixpkgs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/nixpkgs/default.nix b/modules/home/nixpkgs/default.nix index 720fc9b8..a4946db5 100644 --- a/modules/home/nixpkgs/default.nix +++ b/modules/home/nixpkgs/default.nix @@ -13,8 +13,8 @@ in ]; home.sessionVariables = { - GITHUB_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; - GITHUB_API_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; + GITHUB_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; + GITHUB_API_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; }; }; } From c2362795d80946805f613a9351ab934a4b33d38d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Jun 2024 15:38:12 +0000 Subject: [PATCH 139/485] flake: bump inputs Fixup `bash-language-server` which has been migrated out of `nodePackages`. --- flake.lock | 24 ++++++++++++------------ modules/home/vim/default.nix | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 084af23a..9a9275f6 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1718526747, - "narHash": "sha256-sKrD/utGvmtQALvuDj4j0CT3AJXP1idOAq2p+27TpeE=", + "lastModified": 1718788307, + "narHash": "sha256-SqiOz0sljM0GjyQEVinPXQxaGcbOXw5OgpCWGPgh/vo=", "owner": "nix-community", "repo": "home-manager", - "rev": "0a7ffb28e5df5844d0e8039c9833d7075cdee792", + "rev": "d7830d05421d0ced83a0f007900898bdcaf2a2ca", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1718318537, - "narHash": "sha256-4Zu0RYRcAY/VWuu6awwq4opuiD//ahpc2aFHg2CWqFY=", + "lastModified": 1718895438, + "narHash": "sha256-k3JqJrkdoYwE3fHE6xGDY676AYmyh4U2Zw+0Bwe5DLU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e9ee548d90ff586a6471b4ae80ae9cfcbceb3420", + "rev": "d603719ec6e294f034936c0d0dc06f689d91b6c3", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1718606072, - "narHash": "sha256-+BKOI7p2YoNwNQgfdIldS0hmihEjBBLWPOek624sgeg=", + "lastModified": 1718980488, + "narHash": "sha256-cULCoFNaBcyB9TUMmL6oDKu2FygaZbfn6I5mYwRC4G8=", "owner": "nix-community", "repo": "NUR", - "rev": "6af362f6660ce325faacb9e180e3c2e8d2af3fdd", + "rev": "ef74ae1e19df0d2118a4f27d6127f1153469a25e", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1717664902, - "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", + "lastModified": 1718879355, + "narHash": "sha256-RTyqP4fBX2MdhNuMP+fnR3lIwbdtXhyj7w7fwtvgspc=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "rev": "8cd35b9496d21a6c55164d8547d9d5280162b07a", "type": "github" }, "original": { diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 509ae58d..d7280fbf 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -102,7 +102,7 @@ in nixpkgs-fmt # Shell - nodePackages.bash-language-server + bash-language-server shfmt ]; }; From b73f6af5e018a337aceb72295aa0d3c7b74bbea7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Jun 2024 15:38:32 +0000 Subject: [PATCH 140/485] nixos: services: flood: use upstream module --- modules/nixos/services/flood/default.nix | 26 ++++-------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/modules/nixos/services/flood/default.nix b/modules/nixos/services/flood/default.nix index 155e73db..b95bac5a 100644 --- a/modules/nixos/services/flood/default.nix +++ b/modules/nixos/services/flood/default.nix @@ -1,5 +1,5 @@ # A nice UI for various torrent clients -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.services.flood; in @@ -13,31 +13,13 @@ in example = 3000; description = "Internal port for Flood UI"; }; - - stateDir = mkOption { - type = types.str; - default = "flood"; - example = "floodUI"; - description = "Directory under `/var/run` for storing Flood's files"; - }; }; config = lib.mkIf cfg.enable { - systemd.services.flood = { - description = "Flood torrent UI"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + services.flood = { + enable = true; - serviceConfig = { - ExecStart = lib.concatStringsSep " " [ - (lib.getExe pkgs.flood) - "--port ${builtins.toString cfg.port}" - "--rundir /var/lib/${cfg.stateDir}" - ]; - DynamicUser = true; - StateDirectory = cfg.stateDir; - ReadWritePaths = ""; - }; + inherit (cfg) port; }; my.services.nginx.virtualHosts = { From 105e0fbfd0c5d6177490486468098c5634508b5b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 19 Jun 2024 19:51:53 +0100 Subject: [PATCH 141/485] ci: fix typo --- .woodpecker/check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker/check.yml b/.woodpecker/check.yml index e04cd464..9e885aa0 100644 --- a/.woodpecker/check.yml +++ b/.woodpecker/check.yml @@ -7,7 +7,7 @@ steps: commands: - nix flake check -- name: notifiy +- name: notify image: bash environment: ADDRESS: From a15f7ec270ed7b2da17f1d7fc8ccf148f5a0cfe4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 19 Jun 2024 19:52:10 +0100 Subject: [PATCH 142/485] templates: fix typo --- templates/c++-cmake/.woodpecker/check.yml | 2 +- templates/c++-meson/.woodpecker/check.yml | 2 +- templates/rust-cargo/.woodpecker/check.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/c++-cmake/.woodpecker/check.yml b/templates/c++-cmake/.woodpecker/check.yml index 4ff7dba0..272c0e43 100644 --- a/templates/c++-cmake/.woodpecker/check.yml +++ b/templates/c++-cmake/.woodpecker/check.yml @@ -12,7 +12,7 @@ steps: commands: - nix flake check -- name: notifiy +- name: notify image: bash environment: ADDRESS: diff --git a/templates/c++-meson/.woodpecker/check.yml b/templates/c++-meson/.woodpecker/check.yml index 4ff7dba0..272c0e43 100644 --- a/templates/c++-meson/.woodpecker/check.yml +++ b/templates/c++-meson/.woodpecker/check.yml @@ -12,7 +12,7 @@ steps: commands: - nix flake check -- name: notifiy +- name: notify image: bash environment: ADDRESS: diff --git a/templates/rust-cargo/.woodpecker/check.yml b/templates/rust-cargo/.woodpecker/check.yml index 4ff7dba0..272c0e43 100644 --- a/templates/rust-cargo/.woodpecker/check.yml +++ b/templates/rust-cargo/.woodpecker/check.yml @@ -12,7 +12,7 @@ steps: commands: - nix flake check -- name: notifiy +- name: notify image: bash environment: ADDRESS: From fc5cb1a47d2a7046dd0d9eef5b5b8cf21c5736bf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 28 Jun 2024 09:54:50 +0000 Subject: [PATCH 143/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 9a9275f6..83ccfd7a 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1718788307, - "narHash": "sha256-SqiOz0sljM0GjyQEVinPXQxaGcbOXw5OgpCWGPgh/vo=", + "lastModified": 1719438532, + "narHash": "sha256-/Vmso2ZMoFE3M7d1MRsQ2K5sR8CVKnrM6t1ys9Xjpz4=", "owner": "nix-community", "repo": "home-manager", - "rev": "d7830d05421d0ced83a0f007900898bdcaf2a2ca", + "rev": "1a4f12ae0bda877ec4099b429cf439aad897d7e9", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1718895438, - "narHash": "sha256-k3JqJrkdoYwE3fHE6xGDY676AYmyh4U2Zw+0Bwe5DLU=", + "lastModified": 1719254875, + "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d603719ec6e294f034936c0d0dc06f689d91b6c3", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1718980488, - "narHash": "sha256-cULCoFNaBcyB9TUMmL6oDKu2FygaZbfn6I5mYwRC4G8=", + "lastModified": 1719564461, + "narHash": "sha256-wCFs1sf1tPoV3nCG5N5KaakAKm88FyzN6pRdOsOqNZg=", "owner": "nix-community", "repo": "NUR", - "rev": "ef74ae1e19df0d2118a4f27d6127f1153469a25e", + "rev": "7369862c4a8f293f6fde79044369dad7dfc04798", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1718879355, - "narHash": "sha256-RTyqP4fBX2MdhNuMP+fnR3lIwbdtXhyj7w7fwtvgspc=", + "lastModified": 1719259945, + "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "8cd35b9496d21a6c55164d8547d9d5280162b07a", + "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07", "type": "github" }, "original": { From b8952655378f033a484b98f6c748c7beef8740ae Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 28 Jun 2024 18:10:26 +0100 Subject: [PATCH 144/485] nixos: hardware: graphics: fix renamed option --- modules/nixos/hardware/graphics/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/nixos/hardware/graphics/default.nix b/modules/nixos/hardware/graphics/default.nix index 65f10560..89bb1cd2 100644 --- a/modules/nixos/hardware/graphics/default.nix +++ b/modules/nixos/hardware/graphics/default.nix @@ -26,7 +26,7 @@ in config = lib.mkIf cfg.enable (lib.mkMerge [ { - hardware.opengl = { + hardware.graphics = { enable = true; }; } @@ -45,7 +45,7 @@ in }; }; - hardware.opengl = { + hardware.graphics = { extraPackages = with pkgs; [ # OpenCL rocmPackages.clr @@ -62,7 +62,7 @@ in VDPAU_DRIVER = "va_gl"; }; - hardware.opengl = { + hardware.graphics = { extraPackages = with pkgs; [ # Open CL intel-compute-runtime From dc90e14e60f755cbe5d0b2ccdceed92221b53ffa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 1 Jul 2024 09:59:14 +0000 Subject: [PATCH 145/485] home: vim: lspconfig: add 'starpls' --- modules/home/vim/plugin/settings/lspconfig.lua | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index b3f89543..2f355f4d 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -76,3 +76,11 @@ if utils.is_executable("bash-language-server") then on_attach = lsp.on_attach, }) end + +-- Starlark +if utils.is_executable("starpls") then + lspconfig.starpls.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end From f11cdb367514db86063f9c2342a7e29d21dac473 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Jul 2024 13:10:07 +0000 Subject: [PATCH 146/485] home: gdb: use 'mkPackageOption' --- modules/home/gdb/default.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index fe8eb699..9e7d81f1 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -9,14 +9,7 @@ in rr = { enable = my.mkDisableOption "rr configuration"; - package = mkOption { - type = types.package; - default = pkgs.rr; - defaultText = literalExample "pkgs.rr"; - description = '' - Package providing rr - ''; - }; + package = mkPackageOption pkgs "rr" { }; }; }; From 4943df69ef8015ee0f36ef3997fb60a52d6e7903 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Jul 2024 13:12:21 +0000 Subject: [PATCH 147/485] home: gdb: add 'package' option --- modules/home/gdb/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index 9e7d81f1..efb49e20 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -6,6 +6,8 @@ in options.my.home.gdb = with lib; { enable = my.mkDisableOption "gdb configuration"; + package = mkPackageOption pkgs "gdb" { }; + rr = { enable = my.mkDisableOption "rr configuration"; @@ -16,7 +18,7 @@ in config = lib.mkIf cfg.enable (lib.mkMerge [ { home.packages = with pkgs; [ - gdb + cfg.package ]; xdg = { From abb78d63e24dadbe6c76af753a9433b44d62d323 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Jul 2024 13:10:28 +0000 Subject: [PATCH 148/485] home: calibre: add 'package' option --- modules/home/calibre/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/home/calibre/default.nix b/modules/home/calibre/default.nix index 6edf6545..de7c1263 100644 --- a/modules/home/calibre/default.nix +++ b/modules/home/calibre/default.nix @@ -5,11 +5,13 @@ in { options.my.home.calibre = with lib; { enable = mkEnableOption "calibre configuration"; + + package = mkPackageOption pkgs "calibre" { }; }; config = lib.mkIf cfg.enable { home.packages = with pkgs; [ - calibre + cfg.package ]; }; } From 1644e952435590c2f263624c7e649e91248eae63 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Jul 2024 13:11:30 +0000 Subject: [PATCH 149/485] home: discord: add 'package' option --- modules/home/discord/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/home/discord/default.nix b/modules/home/discord/default.nix index 7348bb4f..bfa5d40e 100644 --- a/modules/home/discord/default.nix +++ b/modules/home/discord/default.nix @@ -7,11 +7,13 @@ in { options.my.home.discord = with lib; { enable = mkEnableOption "discord configuration"; + + package = mkPackageOption pkgs "discord" { }; }; config = lib.mkIf cfg.enable { home.packages = with pkgs; [ - discord + cfg.package ]; xdg.configFile."discord/settings.json".source = From 04de570926161cf47201322fae92168a7f07aa34 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 8 Jul 2024 13:27:30 +0000 Subject: [PATCH 150/485] home: atuin: add 'package' option --- modules/home/atuin/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index b8973ccc..3f062638 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -1,15 +1,19 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.atuin; in { options.my.home.atuin = with lib; { enable = my.mkDisableOption "atuin configuration"; + + # I want the full experience by default + package = mkPackageOption pkgs "atuin" { }; }; config = lib.mkIf cfg.enable { programs.atuin = { enable = true; + inherit (cfg) package; flags = [ # I *despise* this hijacking of the up key, even though I use Ctrl-p From 6a6f3aed63cb2cf04f42a17d5329bfeed3c4f62f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 10 Jul 2024 21:40:36 +0100 Subject: [PATCH 151/485] home: vim: migrate to 'oil.nvim' --- modules/home/vim/after/ftplugin/netrw.vim | 6 ------ modules/home/vim/default.nix | 2 +- modules/home/vim/plugin/settings/oil.lua | 19 +++++++++++++++++++ 3 files changed, 20 insertions(+), 7 deletions(-) delete mode 100644 modules/home/vim/after/ftplugin/netrw.vim create mode 100644 modules/home/vim/plugin/settings/oil.lua diff --git a/modules/home/vim/after/ftplugin/netrw.vim b/modules/home/vim/after/ftplugin/netrw.vim deleted file mode 100644 index e3689f82..00000000 --- a/modules/home/vim/after/ftplugin/netrw.vim +++ /dev/null @@ -1,6 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Don't show Netrw in buffer list -setlocal bufhidden=delete -let b:undo_ftplugin='|setlocal bufhidden<' diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index d7280fbf..e2c3504f 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -46,7 +46,6 @@ in vim-repeat # Enanche '.' for plugins vim-rsi # Readline mappings vim-unimpaired # Some ex command mappings - vim-vinegar # Better netrw # Languages rust-vim @@ -85,6 +84,7 @@ in dressing-nvim # Integrate native UI hooks with Telescope etc... gitsigns-nvim # Fast git UI integration nvim-surround # Deal with pairs, now in Lua + oil-nvim # Better alternative to NetrW telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface diff --git a/modules/home/vim/plugin/settings/oil.lua b/modules/home/vim/plugin/settings/oil.lua new file mode 100644 index 00000000..451345dd --- /dev/null +++ b/modules/home/vim/plugin/settings/oil.lua @@ -0,0 +1,19 @@ +local oil = require("oil") +local wk = require("which-key") + +oil.setup({ + view_options = { + -- Show files and directories that start with "." by default + show_hidden = true, + -- But never '..' + is_always_hidden = function(name, bufnr) + return name == ".." + end, + }, +}) + +local keys = { + ["-"] = { oil.open, "Open parent directory" }, +} + +wk.register(keys) From 452399ee4c036663e2aef0a802120445591931a6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 10 Jul 2024 22:16:51 +0100 Subject: [PATCH 152/485] home: vim: oil: add detail view toggle mapping --- modules/home/vim/plugin/settings/oil.lua | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/home/vim/plugin/settings/oil.lua b/modules/home/vim/plugin/settings/oil.lua index 451345dd..e4a67164 100644 --- a/modules/home/vim/plugin/settings/oil.lua +++ b/modules/home/vim/plugin/settings/oil.lua @@ -1,6 +1,8 @@ local oil = require("oil") local wk = require("which-key") +local detail = false + oil.setup({ view_options = { -- Show files and directories that start with "." by default @@ -10,6 +12,19 @@ oil.setup({ return name == ".." end, }, + keymaps = { + ["gd"] = { + desc = "Toggle file detail view", + callback = function() + detail = not detail + if detail then + oil.set_columns({ "icon", "permissions", "size", "mtime" }) + else + oil.set_columns({ "icon" }) + end + end, + }, + }, }) local keys = { From 0de9966127b4177ad0c0760c72e9849c383a0a5f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 10 Jul 2024 22:45:48 +0100 Subject: [PATCH 153/485] home: vim: remove redundant 'nobackup' It's already the default. --- modules/home/vim/init.vim | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 3a74c4f4..eba0c255 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -38,8 +38,6 @@ set tabstop=8 " File parameters {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -" Disable backups, we have source control for that -set nobackup " Disable swapfiles too set noswapfile " }}} From 16d68022ebfaf8108ab73a99c54a84bbc811511d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 10 Jul 2024 22:47:14 +0100 Subject: [PATCH 154/485] home: vim: enable swap and undo files Trying it on for size, since NeoVim does use XDG directories for those. --- modules/home/vim/init.vim | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index eba0c255..a5a06f47 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -38,8 +38,10 @@ set tabstop=8 " File parameters {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -" Disable swapfiles too -set noswapfile +" Enable swap files +set swapfile +" And undo files +set undofile " }}} " UI and UX parameters {{{ From 88e4d72366955f31f6dcae0caeffb78cdb7b810a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Jul 2024 19:52:03 +0100 Subject: [PATCH 155/485] home: vim: git: use lua in visual mappings I thought the partial staging feature had broken, but it looks to be unrelated [1]. [1]: https://github.com/lewis6991/gitsigns.nvim/issues/1088 --- modules/home/vim/plugin/settings/git.lua | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 4dbebcad..5ae03e1d 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -1,6 +1,15 @@ local gitsigns = require("gitsigns") local wk = require("which-key") +--- Transform `f` into a function which acts on the current visual selection +local function make_visual(f) + return function() + local first = vim.fn.line("v") + local last = vim.fn.line(".") + f({ first, last }) + end +end + gitsigns.setup({ current_line_blame_opts = { -- Show the blame quickly @@ -43,13 +52,12 @@ local objects = { local visual = { ["ih"] = { gitsigns.select_hunk, "Git hunk" }, - -- Only the actual command can make use of the visual selection... ["g"] = { name = "Git", - p = { ":Gitsigns preview_hunk", "Preview selection" }, - r = { ":Gitsigns reset_hunk", "Restore selection" }, - s = { ":Gitsigns stage_hunk", "Stage selection" }, - u = { ":Gitsigns undo_stage_hunk", "Undo stage selection" }, + p = { gitsigns.preview_hunk, "Preview selection" }, + r = { make_visual(gitsigns.reset_hunk), "Restore selection" }, + s = { make_visual(gitsigns.stage_hunk), "Stage selection" }, + u = { gitsigns.undo_stage_hunk, "Undo stage selection" }, }, } From 966934a8bc1475b20fe03b2749916fb769d36051 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Jul 2024 20:11:51 +0100 Subject: [PATCH 156/485] home: vim: git: use lua in hunk mappings --- modules/home/vim/plugin/settings/git.lua | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 5ae03e1d..0ef647eb 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -10,6 +10,20 @@ local function make_visual(f) end end +local function nav_hunk(dir) + return function() + if vim.wo.diff then + local map = { + prev = "[c", + next = "]c", + } + vim.cmd.normal({ map[dir], bang = true }) + else + gitsigns.nav_hunk(dir) + end + end +end + gitsigns.setup({ current_line_blame_opts = { -- Show the blame quickly @@ -19,8 +33,8 @@ gitsigns.setup({ local keys = { -- Navigation - ["[c"] = { "&diff ? '[c' : 'Gitsigns prev_hunk'", "Previous hunk/diff", expr = true }, - ["]c"] = { "&diff ? ']c' : 'Gitsigns next_hunk'", "Next hunk/diff", expr = true }, + ["[c"] = { nav_hunk("prev"), "Previous hunk/diff" }, + ["]c"] = { nav_hunk("next"), "Next hunk/diff" }, -- Commands ["g"] = { From bcd9a31bb8f61d6355f4c9ee4a6e777087889b09 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Jul 2024 20:34:51 +0100 Subject: [PATCH 157/485] home: vim: lua: utils: add 'partial' Love me some functional goodness. This was taken from [1]. [1]: https://reddit.com/r/lua/comments/fh2go5 --- modules/home/vim/lua/ambroisie/utils.lua | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 3d2dd3ba..c9e92921 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -48,4 +48,22 @@ M.list_lsp_clients = function(bufnr) return names end +--- partially apply a function with given arguments +M.partial = function(f, ...) + local a = { ... } + local a_len = select("#", ...) + + return function(...) + local tmp = { ... } + local tmp_len = select("#", ...) + + -- Merge arg lists + for i = 1, tmp_len do + a[a_len + i] = tmp[i] + end + + return f(unpack(a, 1, a_len + tmp_len)) + end +end + return M From 5592a120a4f0c9c40d7f3228d2b989f8d3d8c149 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Jul 2024 20:38:40 +0100 Subject: [PATCH 158/485] home: vim: git: use 'partial' --- modules/home/vim/plugin/settings/git.lua | 26 +++++++++++------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 0ef647eb..de5bb69c 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -1,4 +1,5 @@ local gitsigns = require("gitsigns") +local utils = require("ambroisie.utils") local wk = require("which-key") --- Transform `f` into a function which acts on the current visual selection @@ -11,16 +12,14 @@ local function make_visual(f) end local function nav_hunk(dir) - return function() - if vim.wo.diff then - local map = { - prev = "[c", - next = "]c", - } - vim.cmd.normal({ map[dir], bang = true }) - else - gitsigns.nav_hunk(dir) - end + if vim.wo.diff then + local map = { + prev = "[c", + next = "]c", + } + vim.cmd.normal({ map[dir], bang = true }) + else + gitsigns.nav_hunk(dir) end end @@ -33,8 +32,8 @@ gitsigns.setup({ local keys = { -- Navigation - ["[c"] = { nav_hunk("prev"), "Previous hunk/diff" }, - ["]c"] = { nav_hunk("next"), "Next hunk/diff" }, + ["[c"] = { utils.partial(nav_hunk, "prev"), "Previous hunk/diff" }, + ["]c"] = { utils.partial(nav_hunk, "next"), "Next hunk/diff" }, -- Commands ["g"] = { @@ -42,8 +41,7 @@ local keys = { -- Actions b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, d = { gitsigns.diffthis, "Diff buffer" }, - -- stylua: ignore - D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, + D = { utils.partial(gitsigns.diffthis, "~"), "Diff buffer against last commit" }, g = { "Git", "Git status" }, h = { gitsigns.toggle_deleted, "Show deleted hunks" }, L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, From 5ffe2653c0499afda8b2c9b933b2ef9554c23510 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Jul 2024 20:59:58 +0100 Subject: [PATCH 159/485] home: vim: git: work around partial staging issue See [1]. [1]: https://github.com/lewis6991/gitsigns.nvim/issues/929 --- modules/home/vim/plugin/settings/git.lua | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index de5bb69c..404abfca 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -28,6 +28,8 @@ gitsigns.setup({ -- Show the blame quickly delay = 100, }, + -- Work-around for https://github.com/lewis6991/gitsigns.nvim/issues/929 + signs_staged_enable = false, }) local keys = { From 280829b54f55760119c37b15c2d68e6e6535001d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Jul 2024 20:34:09 +0100 Subject: [PATCH 160/485] home: vim: signtoggle: fix toggling Don't know how I missed this for so long... --- modules/home/vim/plugin/signtoggle.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua index d6a26e21..60f6a653 100644 --- a/modules/home/vim/plugin/signtoggle.lua +++ b/modules/home/vim/plugin/signtoggle.lua @@ -9,7 +9,7 @@ vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, { vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=yes", + command = "setlocal signcolumn=no", }) -- Never show the sign column in a terminal buffer From a7c542784c2ceb2ad4bbe605b8362794a69f0193 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Jul 2024 20:40:37 +0100 Subject: [PATCH 161/485] home: vim: numbertoggle: use lua callbacks Use `vim.opt` because those are local options (i.e: similar to `set` it defaults to setting it locally, `vim.opt_local` is not necessary). --- modules/home/vim/plugin/numbertoggle.lua | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/modules/home/vim/plugin/numbertoggle.lua b/modules/home/vim/plugin/numbertoggle.lua index 1f97fc89..80427101 100644 --- a/modules/home/vim/plugin/numbertoggle.lua +++ b/modules/home/vim/plugin/numbertoggle.lua @@ -7,17 +7,28 @@ local numbertoggle = vim.api.nvim_create_augroup("numbertoggle", { clear = true vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "InsertLeave", "WinEnter" }, { pattern = "*", group = numbertoggle, - command = "if &nu | setlocal rnu | endif", + callback = function() + if vim.opt.number:get() then + vim.opt.relativenumber = true + end + end, }) vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" }, { pattern = "*", group = numbertoggle, - command = "if &nu | setlocal nornu | endif", + callback = function() + if vim.opt.number:get() then + vim.opt.relativenumber = false + end + end, }) -- Never show the sign column in a terminal buffer vim.api.nvim_create_autocmd({ "TermOpen" }, { pattern = "*", group = numbertoggle, - command = "setlocal nonu nornu", + callback = function() + vim.opt.number = false + vim.opt.relativenumber = false + end, }) From 5918a0b9e6b246f69607c78d2dd68192849d724c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Jul 2024 20:40:59 +0100 Subject: [PATCH 162/485] home: vim: signtoggle: use lua callbacks Use `vim.opt` because this is a local option (i.e: similar to `set` it defaults to setting it locally, `vim.opt_local` is not necessary). --- modules/home/vim/plugin/signtoggle.lua | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua index 60f6a653..9765a818 100644 --- a/modules/home/vim/plugin/signtoggle.lua +++ b/modules/home/vim/plugin/signtoggle.lua @@ -4,17 +4,23 @@ local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true }) vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=yes", + callback = function() + vim.opt.signcolumn = "yes" + end, }) vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=no", + callback = function() + vim.opt.signcolumn = "no" + end, }) -- Never show the sign column in a terminal buffer vim.api.nvim_create_autocmd({ "TermOpen" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=no", + callback = function() + vim.opt.signcolumn = "no" + end, }) From 82f49f1389591f04440471422e542608edb6a326 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 19 Jul 2024 11:10:49 +0000 Subject: [PATCH 163/485] home: vim: telescope: move mappings from 'after' --- .../home/vim/after/plugin/mappings/telescope.lua | 15 --------------- modules/home/vim/plugin/settings/telescope.lua | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 15 deletions(-) delete mode 100644 modules/home/vim/after/plugin/mappings/telescope.lua diff --git a/modules/home/vim/after/plugin/mappings/telescope.lua b/modules/home/vim/after/plugin/mappings/telescope.lua deleted file mode 100644 index 0867b361..00000000 --- a/modules/home/vim/after/plugin/mappings/telescope.lua +++ /dev/null @@ -1,15 +0,0 @@ -local wk = require("which-key") -local telescope_builtin = require("telescope.builtin") - -local keys = { - f = { - name = "Fuzzy finder", - b = { telescope_builtin.buffers, "Open buffers" }, - f = { telescope_builtin.git_files, "Git tracked files" }, - F = { telescope_builtin.find_files, "Files" }, - g = { telescope_builtin.live_grep, "Grep string" }, - G = { telescope_builtin.grep_string, "Grep string under cursor" }, - }, -} - -wk.register(keys, { prefix = "" }) diff --git a/modules/home/vim/plugin/settings/telescope.lua b/modules/home/vim/plugin/settings/telescope.lua index 4548ec5d..64cc2982 100644 --- a/modules/home/vim/plugin/settings/telescope.lua +++ b/modules/home/vim/plugin/settings/telescope.lua @@ -1,4 +1,6 @@ local telescope = require("telescope") +local telescope_builtin = require("telescope.builtin") +local wk = require("which-key") telescope.setup({ defaults = { @@ -22,3 +24,16 @@ telescope.setup({ telescope.load_extension("fzf") telescope.load_extension("lsp_handlers") + +local keys = { + f = { + name = "Fuzzy finder", + b = { telescope_builtin.buffers, "Open buffers" }, + f = { telescope_builtin.git_files, "Git tracked files" }, + F = { telescope_builtin.find_files, "Files" }, + g = { telescope_builtin.live_grep, "Grep string" }, + G = { telescope_builtin.grep_string, "Grep string under cursor" }, + }, +} + +wk.register(keys, { prefix = "" }) From 3438290e32adb1dfcc3e69b86f83effa279a7c27 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 19 Jul 2024 11:13:11 +0000 Subject: [PATCH 164/485] home: vim: tree-sitter: move mappings from 'after' --- .../mappings/tree-sitter-textobjects.lua | 30 ------------------ .../home/vim/plugin/settings/tree-sitter.lua | 31 +++++++++++++++++++ 2 files changed, 31 insertions(+), 30 deletions(-) delete mode 100644 modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua diff --git a/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua b/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua deleted file mode 100644 index 631731cc..00000000 --- a/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua +++ /dev/null @@ -1,30 +0,0 @@ -local wk = require("which-key") - -local motions = { - ["]m"] = "Next method start", - ["]M"] = "Next method end", - ["]S"] = "Next statement start", - ["]]"] = "Next class start", - ["]["] = "Next class end", - ["[m"] = "Previous method start", - ["[M"] = "Previous method end", - ["[S"] = "Previous statement start", - ["[["] = "Previous class start", - ["[]"] = "Previous class end", -} - -local objects = { - ["aa"] = "a parameter", - ["ia"] = "inner parameter", - ["ab"] = "a block", - ["ib"] = "inner block", - ["ac"] = "a class", - ["ic"] = "inner class", - ["af"] = "a function", - ["if"] = "inner function", - ["ak"] = "a comment", - ["aS"] = "a statement", -} - -wk.register(motions, { mode = "n" }) -wk.register(objects, { mode = "o" }) diff --git a/modules/home/vim/plugin/settings/tree-sitter.lua b/modules/home/vim/plugin/settings/tree-sitter.lua index 5503857f..4584c85b 100644 --- a/modules/home/vim/plugin/settings/tree-sitter.lua +++ b/modules/home/vim/plugin/settings/tree-sitter.lua @@ -1,4 +1,6 @@ local ts_config = require("nvim-treesitter.configs") +local wk = require("which-key") + ts_config.setup({ highlight = { enable = true, @@ -51,3 +53,32 @@ ts_config.setup({ }, }, }) + +local motions = { + ["]m"] = "Next method start", + ["]M"] = "Next method end", + ["]S"] = "Next statement start", + ["]]"] = "Next class start", + ["]["] = "Next class end", + ["[m"] = "Previous method start", + ["[M"] = "Previous method end", + ["[S"] = "Previous statement start", + ["[["] = "Previous class start", + ["[]"] = "Previous class end", +} + +local objects = { + ["aa"] = "a parameter", + ["ia"] = "inner parameter", + ["ab"] = "a block", + ["ib"] = "inner block", + ["ac"] = "a class", + ["ic"] = "inner class", + ["af"] = "a function", + ["if"] = "inner function", + ["ak"] = "a comment", + ["aS"] = "a statement", +} + +wk.register(motions, { mode = "n" }) +wk.register(objects, { mode = "o" }) From c6735f3912041595610b64f4b2231ca836b39ebe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 19 Jul 2024 11:32:10 +0000 Subject: [PATCH 165/485] home: vime: tree-sitter: remove 'which-key' The plug-in now has support for setting mapping descriptions by itself. --- .../home/vim/plugin/settings/tree-sitter.lua | 70 ++++++------------- 1 file changed, 20 insertions(+), 50 deletions(-) diff --git a/modules/home/vim/plugin/settings/tree-sitter.lua b/modules/home/vim/plugin/settings/tree-sitter.lua index 4584c85b..d5fff465 100644 --- a/modules/home/vim/plugin/settings/tree-sitter.lua +++ b/modules/home/vim/plugin/settings/tree-sitter.lua @@ -1,5 +1,4 @@ local ts_config = require("nvim-treesitter.configs") -local wk = require("which-key") ts_config.setup({ highlight = { @@ -16,16 +15,16 @@ ts_config.setup({ -- Jump to matching text objects lookahead = true, keymaps = { - ["aa"] = "@parameter.outer", - ["ia"] = "@parameter.inner", - ["ab"] = "@block.outer", - ["ib"] = "@block.inner", - ["ac"] = "@class.outer", - ["ic"] = "@class.inner", - ["af"] = "@function.outer", - ["if"] = "@function.inner", - ["ak"] = "@comment.outer", - ["aS"] = "@statement.outer", + ["aa"] = { query = "@parameter.outer", desc = "a parameter" }, + ["ia"] = { query = "@parameter.inner", desc = "inner parameter" }, + ["ab"] = { query = "@block.outer", desc = "a block" }, + ["ib"] = { query = "@block.inner", desc = "inner block" }, + ["ac"] = { query = "@class.outer", desc = "a class" }, + ["ic"] = { query = "@class.inner", desc = "inner class" }, + ["af"] = { query = "@function.outer", desc = "a function" }, + ["if"] = { query = "@function.inner", desc = "inner function" }, + ["ak"] = { query = "@comment.outer", desc = "a comment" }, + ["aS"] = { query = "@statement.outer", desc = "a statement" }, }, }, move = { @@ -33,52 +32,23 @@ ts_config.setup({ -- Add to jump list set_jumps = true, goto_next_start = { - ["]m"] = "@function.outer", - ["]S"] = "@statement.outer", - ["]]"] = "@class.outer", + ["]m"] = { query = "@function.outer", desc = "Next method start" }, + ["]S"] = { query = "@statement.outer", desc = "Next statement start" }, + ["]]"] = { query = "@class.outer", desc = "Next class start" }, }, goto_next_end = { - ["]M"] = "@function.outer", - ["]["] = "@class.outer", + ["]M"] = { query = "@function.outer", desc = "Next method end" }, + ["]["] = { query = "@class.outer", desc = "Next class end" }, }, goto_previous_start = { - ["[m"] = "@function.outer", - ["[S"] = "@statement.outer", - ["[["] = "@class.outer", + ["[m"] = { query = "@function.outer", desc = "Previous method start" }, + ["[S"] = { query = "@statement.outer", desc = "Previous statement start" }, + ["[["] = { query = "@class.outer", desc = "Previous class start" }, }, goto_previous_end = { - ["[M"] = "@function.outer", - ["[]"] = "@class.outer", + ["[M"] = { query = "@function.outer", desc = "Previous method end" }, + ["[]"] = { query = "@class.outer", desc = "Previous class end" }, }, }, }, }) - -local motions = { - ["]m"] = "Next method start", - ["]M"] = "Next method end", - ["]S"] = "Next statement start", - ["]]"] = "Next class start", - ["]["] = "Next class end", - ["[m"] = "Previous method start", - ["[M"] = "Previous method end", - ["[S"] = "Previous statement start", - ["[["] = "Previous class start", - ["[]"] = "Previous class end", -} - -local objects = { - ["aa"] = "a parameter", - ["ia"] = "inner parameter", - ["ab"] = "a block", - ["ib"] = "inner block", - ["ac"] = "a class", - ["ic"] = "inner class", - ["af"] = "a function", - ["if"] = "inner function", - ["ak"] = "a comment", - ["aS"] = "a statement", -} - -wk.register(motions, { mode = "n" }) -wk.register(objects, { mode = "o" }) From abaa7119e7ba773045e66be0884796b323919346 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Jul 2024 11:34:42 +0100 Subject: [PATCH 166/485] home: vim: consistent 'unimpaired' mapping names --- modules/home/vim/after/plugin/mappings/unimpaired.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/after/plugin/mappings/unimpaired.lua b/modules/home/vim/after/plugin/mappings/unimpaired.lua index f5020564..e171d8fd 100644 --- a/modules/home/vim/after/plugin/mappings/unimpaired.lua +++ b/modules/home/vim/after/plugin/mappings/unimpaired.lua @@ -86,7 +86,7 @@ local keys = { z = "Spell checking", }, ["]o"] = { - name = "Option off", + name = "Disable option", b = "Light background", c = "Cursor line", d = "Diff", @@ -105,7 +105,7 @@ local keys = { z = "Spell checking", }, ["yo"] = { - name = "Option toggle", + name = "Toggle option", b = "Light background", c = "Cursor line", d = "Diff", From 326f9d039a2811531e48dacb6b30590fe6172e6a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 22 Jul 2024 16:05:54 +0000 Subject: [PATCH 167/485] home: vim: disable 'swapfile' As before, I still dislike this option and find its downsides worse than its upsides. --- modules/home/vim/init.vim | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index a5a06f47..01866146 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -38,9 +38,9 @@ set tabstop=8 " File parameters {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -" Enable swap files -set swapfile -" And undo files +" Disable swap files +set noswapfile +" Enable undo files set undofile " }}} From 997f208d305cbedfbfbd9f6e93d3caf95225775a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 24 Jul 2024 16:33:09 +0000 Subject: [PATCH 168/485] home: vim: remove irrelevant filetype plugins I don't make use of their non-upstreamed functionality. --- modules/home/vim/default.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index e2c3504f..a0634836 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -48,11 +48,7 @@ in vim-unimpaired # Some ex command mappings # Languages - rust-vim vim-beancount - vim-jsonnet - vim-nix - vim-toml # General enhancements vim-qf # Better quick-fix list From 442eef04826277d1eb562665b49b3215e59b445e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 25 Jul 2024 09:39:38 +0000 Subject: [PATCH 169/485] home: vim: git: fix deprecated functions --- modules/home/vim/plugin/settings/git.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 404abfca..0e3bc5ef 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -54,8 +54,8 @@ local keys = { s = { gitsigns.stage_hunk, "Stage hunk" }, S = { gitsigns.stage_buffer, "Stage buffer" }, u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, - ["["] = { gitsigns.prev_hunk, "Previous hunk" }, - ["]"] = { gitsigns.next_hunk, "Next hunk" }, + ["["] = { utils.partial(gitsigns.nav_hunk, "prev"), "Previous hunk" }, + ["]"] = { utils.partial(gitsigns.nav_hunk, "next"), "Next hunk" }, }, } From b5216a6a50de84bed2de995e623e82f91bce35a9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 25 Jul 2024 20:28:04 +0200 Subject: [PATCH 170/485] pkgs: unbound-zones-adblock: fix version --- pkgs/unbound-zones-adblock/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index 642ac418..2a6d4b7f 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -1,7 +1,7 @@ { lib, gawk, stdenvNoCC, stevenblack-blocklist }: stdenvNoCC.mkDerivation { name = "unbound-zones-adblock"; - version = stevenblack-blocklist.rev; + inherit (stevenblack-blocklist) version; src = stevenblack-blocklist; From d04de7d21307a24e2bdefd98bca02194e1931f96 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Jul 2024 22:41:42 +0100 Subject: [PATCH 171/485] flake: bump inputs And fix renamed packages. --- flake.lock | 36 ++++++++++++++++++------------------ modules/home/gtk/default.nix | 4 ++-- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 83ccfd7a..6b848466 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1718371084, - "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", + "lastModified": 1720546205, + "narHash": "sha256-boCXsjYVxDviyzoEyAk624600f3ZBo/DKtUdvMTpbGY=", "owner": "ryantm", "repo": "agenix", - "rev": "3a56735779db467538fb2e577eda28a9daacaca6", + "rev": "de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1717285511, - "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1719438532, - "narHash": "sha256-/Vmso2ZMoFE3M7d1MRsQ2K5sR8CVKnrM6t1ys9Xjpz4=", + "lastModified": 1721852138, + "narHash": "sha256-JH8N5uoqoVA6erV4O40VtKKHsnfmhvMGbxMNDLtim5o=", "owner": "nix-community", "repo": "home-manager", - "rev": "1a4f12ae0bda877ec4099b429cf439aad897d7e9", + "rev": "304a011325b7ac7b8c9950333cd215a7aa146b0e", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719254875, - "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", + "lastModified": 1721743106, + "narHash": "sha256-adRZhFpBTnHiK3XIELA3IBaApz70HwCYfv7xNrHjebA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", + "rev": "dc14ed91132ee3a26255d01d8fd0c1f5bff27b2f", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1719564461, - "narHash": "sha256-wCFs1sf1tPoV3nCG5N5KaakAKm88FyzN6pRdOsOqNZg=", + "lastModified": 1721930286, + "narHash": "sha256-IUr/laHRe52MkPlOSflG1GThgQo+ECmAP7O51RxLduI=", "owner": "nix-community", "repo": "NUR", - "rev": "7369862c4a8f293f6fde79044369dad7dfc04798", + "rev": "3ea857d2abb7f3825976cefc50894d35ca55f8c4", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1719259945, - "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=", + "lastModified": 1721042469, + "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07", + "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", "type": "github" }, "original": { diff --git a/modules/home/gtk/default.nix b/modules/home/gtk/default.nix index 62d3f811..f10087dc 100644 --- a/modules/home/gtk/default.nix +++ b/modules/home/gtk/default.nix @@ -21,12 +21,12 @@ in }; iconTheme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; theme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; }; From 4de788695034d7b5f4847fb23dad1a9431e51593 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Jul 2024 22:57:28 +0100 Subject: [PATCH 172/485] nixos: system: packages: fix deprecated config --- modules/nixos/system/packages/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/nixos/system/packages/default.nix b/modules/nixos/system/packages/default.nix index 5c29aa0f..ebea06f8 100644 --- a/modules/nixos/system/packages/default.nix +++ b/modules/nixos/system/packages/default.nix @@ -14,12 +14,14 @@ in config = lib.mkIf cfg.enable { environment.systemPackages = with pkgs; [ - vim wget ]; programs = { - vim.defaultEditor = true; # Modal editing is life + vim = { + enable = true; + defaultEditor = true; # Modal editing is life + }; zsh = { enable = true; # Use integrations From 58760280be64aa68500573111564ee7cf37dae6c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Jul 2024 22:43:19 +0100 Subject: [PATCH 173/485] home: vim: update for 'which-key' v3 It complains quite loudly about the legacy mapping syntax. --- .../home/vim/after/plugin/mappings/misc.lua | 4 +- .../vim/after/plugin/mappings/unimpaired.lua | 238 +++++++++--------- modules/home/vim/lua/ambroisie/lsp.lua | 45 ++-- modules/home/vim/plugin/settings/git.lua | 67 +++-- modules/home/vim/plugin/settings/oil.lua | 4 +- .../home/vim/plugin/settings/telescope.lua | 16 +- .../home/vim/plugin/settings/which-key.lua | 27 +- 7 files changed, 208 insertions(+), 193 deletions(-) diff --git a/modules/home/vim/after/plugin/mappings/misc.lua b/modules/home/vim/after/plugin/mappings/misc.lua index 6aa25a20..12dbffca 100644 --- a/modules/home/vim/after/plugin/mappings/misc.lua +++ b/modules/home/vim/after/plugin/mappings/misc.lua @@ -1,7 +1,7 @@ local wk = require("which-key") local keys = { - [""] = { "nohls", "Clear search highlight" }, + { "", "nohls", desc = "Clear search highlight" }, } -wk.register(keys, { prefix = "" }) +wk.add(keys) diff --git a/modules/home/vim/after/plugin/mappings/unimpaired.lua b/modules/home/vim/after/plugin/mappings/unimpaired.lua index e171d8fd..a0336d1d 100644 --- a/modules/home/vim/after/plugin/mappings/unimpaired.lua +++ b/modules/home/vim/after/plugin/mappings/unimpaired.lua @@ -3,126 +3,124 @@ local wk = require("which-key") local lsp = require("ambroisie.lsp") local keys = { - -- Edition and navigation mappins - ["["] = { - name = "Previous", - [""] = "Insert blank line above", - [""] = "Previous location list file", - [""] = "Previous quickfix list file", - [""] = "Previous tag in preview window", - a = "Previous argument", - A = "First argument", - b = "Previous buffer", - B = "First buffer", - e = "Exchange previous line", - f = "Previous file in directory", - l = "Previous location list entry", - L = "First Location list entry", - n = "Previous conflict marker/diff hunk", - p = "Paste line above", - P = "Paste line above", - q = "Previous quickfix list entry", - Q = "First quickfix list entry", - t = "Previous matching tag", - T = "First matching tag", - z = "Previous fold", - -- Encoding - C = "C string encode", - u = "URL encode", - x = "XML encode", - y = "C string encode", - -- Custom - d = { lsp.goto_prev_diagnostic, "Previous diagnostic" }, - }, - ["]"] = { - name = "Next", - [""] = "Insert blank line below", - [""] = "Next location list file", - [""] = "Next quickfix list file", - [""] = "Next tag in preview window", - a = "Next argument", - A = "Last argument", - b = "Next buffer", - B = "Last buffer", - e = "Exchange next line", - f = "Next file in directory", - l = "Next location list entry", - L = "Last Location list entry", - n = "Next conflict marker/diff hunk", - p = "Paste line below", - P = "Paste line below", - q = "Next quickfix list entry", - Q = "Last quickfix list entry", - t = "Next matching tag", - T = "Last matching tag", - z = "Next fold", - -- Decoding - C = "C string decode", - u = "URL decode", - x = "XML decode", - y = "C string decode", - -- Custom - d = { lsp.goto_next_diagnostic, "Next diagnostic" }, - }, + -- Previous + { "[", group = "Previous" }, + -- Edition and navigation mappings + { "[", desc = "Insert blank line above" }, + { "[", desc = "Previous location list file" }, + { "[", desc = "Previous quickfix list file" }, + { "[", desc = "Previous tag in preview window" }, + { "[a", desc = "Previous argument" }, + { "[A", desc = "First argument" }, + { "[b", desc = "Previous buffer" }, + { "[B", desc = "First buffer" }, + { "[e", desc = "Exchange previous line" }, + { "[f", desc = "Previous file in directory" }, + { "[l", desc = "Previous location list entry" }, + { "[L", desc = "First Location list entry" }, + { "[n", desc = "Previous conflict marker/diff hunk" }, + { "[p", desc = "Paste line above" }, + { "[P", desc = "Paste line above" }, + { "[q", desc = "Previous quickfix list entry" }, + { "[Q", desc = "First quickfix list entry" }, + { "[t", desc = "Previous matching tag" }, + { "[T", desc = "First matching tag" }, + { "[z", desc = "Previous fold" }, + -- Encoding + { "[C", desc = "C string encode" }, + { "[u", desc = "URL encode" }, + { "[x", desc = "XML encode" }, + { "[y", desc = "C string encode" }, + -- Custom + { "[d", lsp.goto_prev_diagnostic, desc = "Previous diagnostic" }, - -- Option mappings - ["[o"] = { - name = "Enable option", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatEnable", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - r = "Relative line numbers", - p = { "lwindow", "Location list" }, - q = { "cwindow", "Quickfix list" }, - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, - ["]o"] = { - name = "Disable option", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatDisable", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - p = { "lclose", "Location list" }, - q = { "cclose", "Quickfix list" }, - r = "Relative line numbers", - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, - ["yo"] = { - name = "Toggle option", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatToggle", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - p = { "(qf_loc_toggle)", "Location list" }, - q = { "(qf_qf_toggle)", "Quickfix list" }, - r = "Relative line numbers", - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, + -- Next + { "]", group = "Next" }, + -- Edition and navigation mappings + { "]", desc = "Insert blank line below" }, + { "]", desc = "Next location list file" }, + { "]", desc = "Next quickfix list file" }, + { "]", desc = "Next tag in preview window" }, + { "]a", desc = "Next argument" }, + { "]A", desc = "Last argument" }, + { "]b", desc = "Next buffer" }, + { "]B", desc = "Last buffer" }, + { "]e", desc = "Exchange next line" }, + { "]f", desc = "Next file in directory" }, + { "]l", desc = "Next location list entry" }, + { "]L", desc = "Last Location list entry" }, + { "]n", desc = "Next conflict marker/diff hunk" }, + { "]p", desc = "Paste line below" }, + { "]P", desc = "Paste line below" }, + { "]q", desc = "Next quickfix list entry" }, + { "]Q", desc = "Last quickfix list entry" }, + { "]t", desc = "Next matching tag" }, + { "]T", desc = "Last matching tag" }, + { "]z", desc = "Next fold" }, + -- Decoding + { "]C", desc = "C string decode" }, + { "]u", desc = "URL decode" }, + { "]x", desc = "XML decode" }, + { "]y", desc = "C string decode" }, + -- Custom + { "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" }, + + -- Enable option + { "[o", desc = "Enable option" }, + { "[ob", desc = "Light background" }, + { "[oc", desc = "Cursor line" }, + { "[od", desc = "Diff" }, + { "[of", "FormatEnable", desc = "LSP Formatting" }, + { "[oh", desc = "Search high-lighting" }, + { "[oi", desc = "Case insensitive search" }, + { "[ol", desc = "List mode" }, + { "[on", desc = "Line numbers" }, + { "[or", desc = "Relative line numbers" }, + { "[op", "lwindow", desc = "Location list" }, + { "[oq", "cwindow", desc = "Quickfix list" }, + { "[ou", desc = "Cursor column" }, + { "[ov", desc = "Virtual editing" }, + { "[ow", desc = "Text wrapping" }, + { "[ox", desc = "Cursor line and column" }, + { "[oz", desc = "Spell checking" }, + + -- Disable option + { "]o", desc = "Disable option" }, + { "]ob", desc = "Light background" }, + { "]oc", desc = "Cursor line" }, + { "]od", desc = "Diff" }, + { "]of", "FormatDisable", desc = "LSP Formatting" }, + { "]oh", desc = "Search high-lighting" }, + { "]oi", desc = "Case insensitive search" }, + { "]ol", desc = "List mode" }, + { "]on", desc = "Line numbers" }, + { "]op", "lclose", desc = "Location list" }, + { "]oq", "cclose", desc = "Quickfix list" }, + { "]or", desc = "Relative line numbers" }, + { "]ou", desc = "Cursor column" }, + { "]ov", desc = "Virtual editing" }, + { "]ow", desc = "Text wrapping" }, + { "]ox", desc = "Cursor line and column" }, + { "]oz", desc = "Spell checking" }, + + -- Toggle option + { "yo", group = "Toggle option" }, + { "yob", desc = "Light background" }, + { "yoc", desc = "Cursor line" }, + { "yod", desc = "Diff" }, + { "yof", "FormatToggle", desc = "LSP Formatting" }, + { "yoh", desc = "Search high-lighting" }, + { "yoi", desc = "Case insensitive search" }, + { "yol", desc = "List mode" }, + { "yon", desc = "Line numbers" }, + { "yop", "(qf_loc_toggle)", desc = "Location list" }, + { "yoq", "(qf_qf_toggle)", desc = "Quickfix list" }, + { "yor", desc = "Relative line numbers" }, + { "you", desc = "Cursor column" }, + { "yov", desc = "Virtual editing" }, + { "yow", desc = "Text wrapping" }, + { "yox", desc = "Cursor line and column" }, + { "yoz", desc = "Spell checking" }, } -wk.register(keys) +wk.add(keys) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index dc473665..19126236 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -87,31 +87,30 @@ M.on_attach = function(client, bufnr) end local keys = { - K = { vim.lsp.buf.hover, "Show symbol information" }, - [""] = { vim.lsp.buf.signature_help, "Show signature information" }, - ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, - ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, - ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, - ["gr"] = { vim.lsp.buf.references, "List all references" }, - - ["c"] = { - name = "Code", - a = { vim.lsp.buf.code_action, "Code actions" }, - d = { cycle_diagnostics_display, "Cycle diagnostics display" }, - D = { show_buffer_diagnostics, "Show buffer diagnostics" }, - r = { vim.lsp.buf.rename, "Rename symbol" }, - s = { vim.lsp.buf.signature_help, "Show signature" }, - t = { vim.lsp.buf.type_definition, "Go to type definition" }, - w = { - name = "Workspace", - a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" }, - l = { list_workspace_folders, "List folders in workspace" }, - r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" }, - }, - }, + buffer = bufnr, + -- LSP navigation + { "K", vim.lsp.buf.hover, desc = "Show symbol information" }, + { "", vim.lsp.buf.signature_help, desc = "Show signature information" }, + { "gd", vim.lsp.buf.definition, desc = "Go to definition" }, + { "gD", vim.lsp.buf.declaration, desc = "Go to declaration" }, + { "gi", vim.lsp.buf.implementation, desc = "Go to implementation" }, + { "gr", vim.lsp.buf.references, desc = "List all references" }, + -- Code + { "c", group = "Code" }, + { "ca", vim.lsp.buf.code_action, desc = "Code actions" }, + { "cd", cycle_diagnostics_display, desc = "Cycle diagnostics display" }, + { "cD", show_buffer_diagnostics, desc = "Show buffer diagnostics" }, + { "cr", vim.lsp.buf.rename, desc = "Rename symbol" }, + { "cs", vim.lsp.buf.signature_help, desc = "Show signature" }, + { "ct", vim.lsp.buf.type_definition, desc = "Go to type definition" }, + -- Workspace + { "cw", group = "Workspace" }, + { "cwa", vim.lsp.buf.add_workspace_folder, desc = "Add folder to workspace" }, + { "cwl", list_workspace_folders, desc = "List folders in workspace" }, + { "cwr", vim.lsp.buf.remove_workspace_folder, desc = "Remove folder from workspace" }, } - wk.register(keys, { buffer = bufnr }) + wk.add(keys) end return M diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 0e3bc5ef..b9b92a69 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -34,47 +34,42 @@ gitsigns.setup({ local keys = { -- Navigation - ["[c"] = { utils.partial(nav_hunk, "prev"), "Previous hunk/diff" }, - ["]c"] = { utils.partial(nav_hunk, "next"), "Next hunk/diff" }, - + { "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" }, + { "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" }, -- Commands - ["g"] = { - name = "Git", - -- Actions - b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, - d = { gitsigns.diffthis, "Diff buffer" }, - D = { utils.partial(gitsigns.diffthis, "~"), "Diff buffer against last commit" }, - g = { "Git", "Git status" }, - h = { gitsigns.toggle_deleted, "Show deleted hunks" }, - L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, - m = { "(git-messenger)", "Current line blame" }, - p = { gitsigns.preview_hunk, "Preview hunk" }, - r = { gitsigns.reset_hunk, "Restore hunk" }, - R = { gitsigns.reset_buffer, "Restore buffer" }, - s = { gitsigns.stage_hunk, "Stage hunk" }, - S = { gitsigns.stage_buffer, "Stage buffer" }, - u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, - ["["] = { utils.partial(gitsigns.nav_hunk, "prev"), "Previous hunk" }, - ["]"] = { utils.partial(gitsigns.nav_hunk, "next"), "Next hunk" }, - }, + { "g", group = "Git" }, + { "gb", gitsigns.toggle_current_line_blame, desc = "Toggle blame virtual text" }, + { "gd", gitsigns.diffthis, desc = "Diff buffer" }, + { "gD", utils.partial(gitsigns.diffthis, "~"), desc = "Diff buffer against last commit" }, + { "gg", "Git", desc = "Git status" }, + { "gh", gitsigns.toggle_deleted, desc = "Show deleted hunks" }, + { "gL", ":spT:Gllog --follow -- %:p", desc = "Current buffer log" }, + { "gm", "(git-messenger)", desc = "Current line blame" }, + { "gp", gitsigns.preview_hunk, desc = "Preview hunk" }, + { "gr", gitsigns.reset_hunk, desc = "Restore hunk" }, + { "gR", gitsigns.reset_buffer, desc = "Restore buffer" }, + { "gs", gitsigns.stage_hunk, desc = "Stage hunk" }, + { "gS", gitsigns.stage_buffer, desc = "Stage buffer" }, + { "gu", gitsigns.undo_stage_hunk, desc = "Undo stage hunk" }, + { "g[", utils.partial(gitsigns.nav_hunk, "prev"), desc = "Previous hunk" }, + { "g]", utils.partial(gitsigns.nav_hunk, "next"), desc = "Next hunk" }, } local objects = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + mode = "o", + { "ih", gitsigns.select_hunk, desc = "Git hunk" }, } - +-- Visual local visual = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, - - ["g"] = { - name = "Git", - p = { gitsigns.preview_hunk, "Preview selection" }, - r = { make_visual(gitsigns.reset_hunk), "Restore selection" }, - s = { make_visual(gitsigns.stage_hunk), "Stage selection" }, - u = { gitsigns.undo_stage_hunk, "Undo stage selection" }, - }, + mode = { "x" }, + { "ih", gitsigns.select_hunk, desc = "Git hunk" }, + { "g", group = "Git" }, + { "gp", gitsigns.preview_hunk, desc = "Preview selection" }, + { "gr", make_visual(gitsigns.reset_hunk), desc = "Restore selection" }, + { "gs", make_visual(gitsigns.stage_hunk), desc = "Stage selection" }, + { "gu", gitsigns.undo_stage_hunk, desc = "Undo stage selection" }, } -wk.register(keys, { buffer = bufnr }) -wk.register(objects, { buffer = bufnr, mode = "o" }) -wk.register(visual, { buffer = bufnr, mode = "x" }) +wk.add(keys) +wk.add(objects) +wk.add(visual) diff --git a/modules/home/vim/plugin/settings/oil.lua b/modules/home/vim/plugin/settings/oil.lua index e4a67164..a160725b 100644 --- a/modules/home/vim/plugin/settings/oil.lua +++ b/modules/home/vim/plugin/settings/oil.lua @@ -28,7 +28,7 @@ oil.setup({ }) local keys = { - ["-"] = { oil.open, "Open parent directory" }, + { "-", oil.open, desc = "Open parent directory" }, } -wk.register(keys) +wk.add(keys) diff --git a/modules/home/vim/plugin/settings/telescope.lua b/modules/home/vim/plugin/settings/telescope.lua index 64cc2982..1a239282 100644 --- a/modules/home/vim/plugin/settings/telescope.lua +++ b/modules/home/vim/plugin/settings/telescope.lua @@ -26,14 +26,12 @@ telescope.load_extension("fzf") telescope.load_extension("lsp_handlers") local keys = { - f = { - name = "Fuzzy finder", - b = { telescope_builtin.buffers, "Open buffers" }, - f = { telescope_builtin.git_files, "Git tracked files" }, - F = { telescope_builtin.find_files, "Files" }, - g = { telescope_builtin.live_grep, "Grep string" }, - G = { telescope_builtin.grep_string, "Grep string under cursor" }, - }, + { "f", group = "Fuzzy finder" }, + { "fb", telescope_builtin.buffers, desc = "Open buffers" }, + { "ff", telescope_builtin.git_files, desc = "Git tracked files" }, + { "fF", telescope_builtin.find_files, desc = "Files" }, + { "fg", telescope_builtin.live_grep, desc = "Grep string" }, + { "fG", telescope_builtin.grep_string, desc = "Grep string under cursor" }, } -wk.register(keys, { prefix = "" }) +wk.add(keys) diff --git a/modules/home/vim/plugin/settings/which-key.lua b/modules/home/vim/plugin/settings/which-key.lua index 2edfd709..81f398f0 100644 --- a/modules/home/vim/plugin/settings/which-key.lua +++ b/modules/home/vim/plugin/settings/which-key.lua @@ -1,2 +1,27 @@ local wk = require("which-key") -wk.setup() +wk.setup({ + icons = { + -- I don't like icons + mappings = false, + breadcrumb = "»", + separator = "âžœ", + group = "+", + ellipsis = "…", + keys = { + Up = "ï¢ ", + Down = "ï£ ", + Left = "ï  ", + Right = "ï¡ ", + C = "", + M = "", + D = "", + S = "", + CR = "", + Esc = " ", + NL = "", + BS = "", + Space = "", + Tab = " ", + }, + }, +}) From 6b7510cfd943763ca09b91ea83bc2510bf0f6c86 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 25 Jul 2024 20:17:50 +0100 Subject: [PATCH 174/485] home: vim: show directories in blue Blue is much more readable when the night filter kicks in. --- modules/home/vim/init.vim | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 01866146..93eb1339 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -100,6 +100,8 @@ gruvbox.setup({ DiffChange = { fg = colors.aqua, bg = "NONE" }, DiffDelete = { fg = colors.red, bg = "NONE" }, DiffText = { fg = colors.yellow, bg = colors.bg0 }, + -- Directories "pop" better in blue + Directory = { link = "GruvboxBlueBold" }, } }) EOF From ace266b02c3a45ce717ca457d9f79b49513e71cf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 26 Jul 2024 10:06:02 +0000 Subject: [PATCH 175/485] overlays: add 'none-ls-root-bug' Will be removed when the plug-in gets its next bump. --- overlays/none-ls-root-bug/default.nix | 4 ++++ overlays/none-ls-root-bug/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/none-ls-root-bug/default.nix create mode 100644 overlays/none-ls-root-bug/generated.nix diff --git a/overlays/none-ls-root-bug/default.nix b/overlays/none-ls-root-bug/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/none-ls-root-bug/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/none-ls-root-bug/generated.nix b/overlays/none-ls-root-bug/generated.nix new file mode 100644 index 00000000..16d3b25e --- /dev/null +++ b/overlays/none-ls-root-bug/generated.nix @@ -0,0 +1,14 @@ +{ fetchpatch, ... }: + +_final: prev: { + none-ls-nvim = prev.none-ls-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ + # https://github.com/nvimtools/none-ls.nvim/pull/163 + (fetchpatch { + name = "fix-get-root-directory.patch"; + url = "https://github.com/nvimtools/none-ls.nvim/commit/2cde745aadc2c36f6860a77a556494870675771a.patch"; + hash = "sha256-BtIjrT6ME2mR/5Ez9h+6r+fy0jYkBkw6/A9NConKRVs="; + }) + ]; + }); +} From 0d820cc2f41074564984ea0a2ba72c63bc08ef70 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 26 Jul 2024 11:52:17 +0000 Subject: [PATCH 176/485] home: vim: move 'nohls' to 'which-key' --- modules/home/vim/after/plugin/mappings/misc.lua | 7 ------- modules/home/vim/plugin/settings/which-key.lua | 6 ++++++ 2 files changed, 6 insertions(+), 7 deletions(-) delete mode 100644 modules/home/vim/after/plugin/mappings/misc.lua diff --git a/modules/home/vim/after/plugin/mappings/misc.lua b/modules/home/vim/after/plugin/mappings/misc.lua deleted file mode 100644 index 12dbffca..00000000 --- a/modules/home/vim/after/plugin/mappings/misc.lua +++ /dev/null @@ -1,7 +0,0 @@ -local wk = require("which-key") - -local keys = { - { "", "nohls", desc = "Clear search highlight" }, -} - -wk.add(keys) diff --git a/modules/home/vim/plugin/settings/which-key.lua b/modules/home/vim/plugin/settings/which-key.lua index 81f398f0..76a21178 100644 --- a/modules/home/vim/plugin/settings/which-key.lua +++ b/modules/home/vim/plugin/settings/which-key.lua @@ -25,3 +25,9 @@ wk.setup({ }, }, }) + +local keys = { + { "", "nohls", desc = "Clear search highlight" }, +} + +wk.add(keys) From 9ed2dcefdeef07a3359985c2859b5ec1c02a8386 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 26 Jul 2024 11:54:11 +0000 Subject: [PATCH 177/485] home: vim: which-key: use lua callbacks --- modules/home/vim/plugin/settings/which-key.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/plugin/settings/which-key.lua b/modules/home/vim/plugin/settings/which-key.lua index 76a21178..3dc260ae 100644 --- a/modules/home/vim/plugin/settings/which-key.lua +++ b/modules/home/vim/plugin/settings/which-key.lua @@ -27,7 +27,7 @@ wk.setup({ }) local keys = { - { "", "nohls", desc = "Clear search highlight" }, + { "", vim.cmd.nohlsearch, desc = "Clear search highlight" }, } wk.add(keys) From 1e2872c5c7ce6c07abdd4850bd100706606993f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 27 Jul 2024 15:09:52 +0100 Subject: [PATCH 178/485] home: vim: fix '+'/'-' highlighting in diffs I'm not a big fan of the new highlighting [1]. [1]: https://github.com/nvim-treesitter/nvim-treesitter/pull/6619 --- modules/home/vim/after/queries/diff/highlights.scm | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 modules/home/vim/after/queries/diff/highlights.scm diff --git a/modules/home/vim/after/queries/diff/highlights.scm b/modules/home/vim/after/queries/diff/highlights.scm new file mode 100644 index 00000000..c998725a --- /dev/null +++ b/modules/home/vim/after/queries/diff/highlights.scm @@ -0,0 +1,5 @@ +; extends + +; I want to the line added/removed markers to be the correct color +"+" @diff.plus +"-" @diff.minus From 93dfe0411493683dab491f632f3f27286bf59a19 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 4 Aug 2024 11:37:33 +0100 Subject: [PATCH 179/485] hosts: nixos: aramis: home: use 'pinentry-rofi' --- hosts/nixos/aramis/home.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index 64b63ce4..abf472a5 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -2,7 +2,7 @@ { my.home = { # Use graphical pinentry - bitwarden.pinentry = pkgs.pinentry-gtk2; + bitwarden.pinentry = pkgs.pinentry-rofi; # Ebook library calibre.enable = true; # Some amount of social life @@ -14,7 +14,7 @@ # Blue light filter gammastep.enable = true; # Use a small popup to enter passwords - gpg.pinentry = pkgs.pinentry-gtk2; + gpg.pinentry = pkgs.pinentry-rofi; # Machine specific packages packages.additionalPackages = with pkgs; [ element-desktop # Matrix client From f240730c4f6fd32738b944b5ef836768da10adf2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Aug 2024 14:15:12 +0000 Subject: [PATCH 180/485] flake: bump inputs And remove the overlay for `none-ls`, which has been fixed. This reverts commit ace266b02c3a45ce717ca457d9f79b49513e71cf. --- flake.lock | 36 ++++++++++++------------- overlays/none-ls-root-bug/default.nix | 4 --- overlays/none-ls-root-bug/generated.nix | 14 ---------- 3 files changed, 18 insertions(+), 36 deletions(-) delete mode 100644 overlays/none-ls-root-bug/default.nix delete mode 100644 overlays/none-ls-root-bug/generated.nix diff --git a/flake.lock b/flake.lock index 6b848466..751e70c6 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1720546205, - "narHash": "sha256-boCXsjYVxDviyzoEyAk624600f3ZBo/DKtUdvMTpbGY=", + "lastModified": 1722339003, + "narHash": "sha256-ZeS51uJI30ehNkcZ4uKqT4ZDARPyqrHADSKAwv5vVCU=", "owner": "ryantm", "repo": "agenix", - "rev": "de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6", + "rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1719994518, - "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1721852138, - "narHash": "sha256-JH8N5uoqoVA6erV4O40VtKKHsnfmhvMGbxMNDLtim5o=", + "lastModified": 1723015306, + "narHash": "sha256-jQnFEtH20/OsDPpx71ntZzGdRlpXhUENSQCGTjn//NA=", "owner": "nix-community", "repo": "home-manager", - "rev": "304a011325b7ac7b8c9950333cd215a7aa146b0e", + "rev": "b3d5ea65d88d67d4ec578ed11d4d2d51e3de525e", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1721743106, - "narHash": "sha256-adRZhFpBTnHiK3XIELA3IBaApz70HwCYfv7xNrHjebA=", + "lastModified": 1722813957, + "narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dc14ed91132ee3a26255d01d8fd0c1f5bff27b2f", + "rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1721930286, - "narHash": "sha256-IUr/laHRe52MkPlOSflG1GThgQo+ECmAP7O51RxLduI=", + "lastModified": 1723036652, + "narHash": "sha256-YIKo7vD/wkItzqIzg7u9bxYPhPwKhJbRbFcENuT0p68=", "owner": "nix-community", "repo": "NUR", - "rev": "3ea857d2abb7f3825976cefc50894d35ca55f8c4", + "rev": "2ee33d83d919b2375ebeeee175fab2af02dff92f", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1721042469, - "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", + "lastModified": 1722857853, + "narHash": "sha256-3Zx53oz/MSIyevuWO/SumxABkrIvojnB7g9cimxkhiE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", + "rev": "06939f6b7ec4d4f465bf3132a05367cccbbf64da", "type": "github" }, "original": { diff --git a/overlays/none-ls-root-bug/default.nix b/overlays/none-ls-root-bug/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/none-ls-root-bug/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/none-ls-root-bug/generated.nix b/overlays/none-ls-root-bug/generated.nix deleted file mode 100644 index 16d3b25e..00000000 --- a/overlays/none-ls-root-bug/generated.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ fetchpatch, ... }: - -_final: prev: { - none-ls-nvim = prev.none-ls-nvim.overrideAttrs (oa: { - patches = (oa.patches or [ ]) ++ [ - # https://github.com/nvimtools/none-ls.nvim/pull/163 - (fetchpatch { - name = "fix-get-root-directory.patch"; - url = "https://github.com/nvimtools/none-ls.nvim/commit/2cde745aadc2c36f6860a77a556494870675771a.patch"; - hash = "sha256-BtIjrT6ME2mR/5Ez9h+6r+fy0jYkBkw6/A9NConKRVs="; - }) - ]; - }); -} From 8ed69de4be87e5f558216df84d6563a5d3727778 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 10 Aug 2024 12:09:02 +0100 Subject: [PATCH 181/485] hosts: nixos: aramis: home: remove 'pinentry-rofi' I'm not sure why, but it's messing with my `gpg-agent`... But I didn't get any issues with `rbw`. I'll try and figure out why. This reverts commit 93dfe0411493683dab491f632f3f27286bf59a19. --- hosts/nixos/aramis/home.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index abf472a5..64b63ce4 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -2,7 +2,7 @@ { my.home = { # Use graphical pinentry - bitwarden.pinentry = pkgs.pinentry-rofi; + bitwarden.pinentry = pkgs.pinentry-gtk2; # Ebook library calibre.enable = true; # Some amount of social life @@ -14,7 +14,7 @@ # Blue light filter gammastep.enable = true; # Use a small popup to enter passwords - gpg.pinentry = pkgs.pinentry-rofi; + gpg.pinentry = pkgs.pinentry-gtk2; # Machine specific packages packages.additionalPackages = with pkgs; [ element-desktop # Matrix client From 483c5d23e0b6fe8b9379c4245a79876d1a1fc585 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 14 Aug 2024 12:50:20 +0000 Subject: [PATCH 182/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 751e70c6..9c8bb14b 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1722339003, - "narHash": "sha256-ZeS51uJI30ehNkcZ4uKqT4ZDARPyqrHADSKAwv5vVCU=", + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "owner": "ryantm", "repo": "agenix", - "rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1723015306, - "narHash": "sha256-jQnFEtH20/OsDPpx71ntZzGdRlpXhUENSQCGTjn//NA=", + "lastModified": 1723399884, + "narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=", "owner": "nix-community", "repo": "home-manager", - "rev": "b3d5ea65d88d67d4ec578ed11d4d2d51e3de525e", + "rev": "086f619dd991a4d355c07837448244029fc2d9ab", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1722813957, - "narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=", + "lastModified": 1723362943, + "narHash": "sha256-dFZRVSgmJkyM0bkPpaYRtG/kRMRTorUIDj8BxoOt1T4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa", + "rev": "a58bc8ad779655e790115244571758e8de055e3d", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1723036652, - "narHash": "sha256-YIKo7vD/wkItzqIzg7u9bxYPhPwKhJbRbFcENuT0p68=", + "lastModified": 1723632306, + "narHash": "sha256-WzILwMkbQ4S1ks1g5AzeHNTIWj5AcJ6PwQDUnHNWmM8=", "owner": "nix-community", "repo": "NUR", - "rev": "2ee33d83d919b2375ebeeee175fab2af02dff92f", + "rev": "dc6d7986f1d0a0d03f1a270e22352181f074e70a", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1722857853, - "narHash": "sha256-3Zx53oz/MSIyevuWO/SumxABkrIvojnB7g9cimxkhiE=", + "lastModified": 1723202784, + "narHash": "sha256-qbhjc/NEGaDbyy0ucycubq4N3//gDFFH3DOmp1D3u1Q=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "06939f6b7ec4d4f465bf3132a05367cccbbf64da", + "rev": "c7012d0c18567c889b948781bc74a501e92275d1", "type": "github" }, "original": { From e94bdef69050914da09e280d97b8022254adc600 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 28 Jul 2024 11:53:10 +0200 Subject: [PATCH 183/485] hosts: nixos: porthos: secrets: fix SSO owner --- hosts/nixos/porthos/secrets/secrets.nix | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index c43376b1..a9b9c516 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -81,9 +81,18 @@ in "pyload/credentials.age".publicKeys = all; - "sso/auth-key.age".publicKeys = all; - "sso/ambroisie/password-hash.age".publicKeys = all; - "sso/ambroisie/totp-secret.age".publicKeys = all; + "sso/auth-key.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; + "sso/ambroisie/password-hash.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; + "sso/ambroisie/totp-secret.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; "tandoor-recipes/secret-key.age".publicKeys = all; From 44c11fc431b4b349dfa350f6cf9b3a1f83fd3a0d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Sep 2024 12:07:33 +0200 Subject: [PATCH 184/485] pkgs: lohr: 0.4.5 -> 0.4.6 --- pkgs/lohr/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index ddeac7a0..b89ccff9 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -1,16 +1,16 @@ { lib, fetchFromGitHub, rustPlatform }: rustPlatform.buildRustPackage rec { pname = "lohr"; - version = "0.4.5"; + version = "0.4.6"; src = fetchFromGitHub { owner = "alarsyo"; repo = "lohr"; rev = "v${version}"; - hash = "sha256-p6E/r+OxFTpxDpOKSlacOxvRLfHSKg1mHNAfTytfqDY="; + hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; }; - cargoHash = "sha256-hext0S0o9D9pN9epzXtD5dwAYMPCLpBBOBT4FX0mTMk="; + cargoHash = "sha256-EUhyrhPe+mUgMmm4o+bxRIiSNReJRfw+/O1fPr8r7lo="; meta = with lib; { description = "Git mirroring daemon"; From 10727f9eea517935c8b968540d7a9ff0cf6c4b4f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Aug 2024 22:40:46 +0200 Subject: [PATCH 185/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 9c8bb14b..ee428c04 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1723399884, - "narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=", + "lastModified": 1724435763, + "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", "owner": "nix-community", "repo": "home-manager", - "rev": "086f619dd991a4d355c07837448244029fc2d9ab", + "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1723362943, - "narHash": "sha256-dFZRVSgmJkyM0bkPpaYRtG/kRMRTorUIDj8BxoOt1T4=", + "lastModified": 1724479785, + "narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a58bc8ad779655e790115244571758e8de055e3d", + "rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1723632306, - "narHash": "sha256-WzILwMkbQ4S1ks1g5AzeHNTIWj5AcJ6PwQDUnHNWmM8=", + "lastModified": 1724704503, + "narHash": "sha256-QcZKCI9d5UNuQt6UFQSNhQwzXnXDF8jgCy7julsbnvg=", "owner": "nix-community", "repo": "NUR", - "rev": "dc6d7986f1d0a0d03f1a270e22352181f074e70a", + "rev": "6b1fa8a8dec17eb73962a0eac8e04f2df1439448", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1723202784, - "narHash": "sha256-qbhjc/NEGaDbyy0ucycubq4N3//gDFFH3DOmp1D3u1Q=", + "lastModified": 1724440431, + "narHash": "sha256-9etXEOUtzeMgqg1u0wp+EdwG7RpmrAZ2yX516bMj2aE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "c7012d0c18567c889b948781bc74a501e92275d1", + "rev": "c8a54057aae480c56e28ef3e14e4960628ac495b", "type": "github" }, "original": { From 445cb43cb42270065d312ded3d69160e2603833c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Sep 2024 10:34:37 +0000 Subject: [PATCH 186/485] nixos: services: nix-cache: fix deprecated config --- modules/nixos/services/nix-cache/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nix-cache/default.nix b/modules/nixos/services/nix-cache/default.nix index 1ce3161b..f3a29aa8 100644 --- a/modules/nixos/services/nix-cache/default.nix +++ b/modules/nixos/services/nix-cache/default.nix @@ -40,7 +40,7 @@ in inherit (cfg) priority; }; - signKeyPath = cfg.secretKeyFile; + signKeyPaths = [ cfg.secretKeyFile ]; }; my.services.nginx.virtualHosts = { From fb4047b2b303f2dbdf91a862ee4ab543594c21dd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Sep 2024 12:07:33 +0200 Subject: [PATCH 187/485] nixos: services: nginx: sso: align with upstream This aligns with the PR I opened on nixpkgs [1]. [1]: https://github.com/NixOS/nixpkgs/pull/325838 --- modules/nixos/services/nginx/sso/default.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/modules/nixos/services/nginx/sso/default.nix b/modules/nixos/services/nginx/sso/default.nix index 4a78282a..d60e31b4 100644 --- a/modules/nixos/services/nginx/sso/default.nix +++ b/modules/nixos/services/nginx/sso/default.nix @@ -59,15 +59,10 @@ in StateDirectory = "nginx-sso"; WorkingDirectory = "/var/lib/nginx-sso"; # The files to be merged might not have the correct permissions - ExecStartPre = ''+${pkgs.writeShellScript "merge-nginx-sso-config" '' + ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' rm -f '${confPath}' ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} - - # Fix permissions - chown nginx-sso:nginx-sso ${confPath} - chmod 0600 ${confPath} - '' - }''; + ''; ExecStart = lib.mkForce '' ${lib.getExe pkg} \ --config ${confPath} \ From 52197a4f965dab7fe16bfc2fe6f301da8bc184a4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Sep 2024 12:07:33 +0200 Subject: [PATCH 188/485] nixos: services: pirate: add readarr --- modules/nixos/services/pirate/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/nixos/services/pirate/default.nix b/modules/nixos/services/pirate/default.nix index e500b544..822a8aa2 100644 --- a/modules/nixos/services/pirate/default.nix +++ b/modules/nixos/services/pirate/default.nix @@ -10,6 +10,7 @@ let bazarr = 6767; lidarr = 8686; radarr = 7878; + readarr = 8787; sonarr = 8989; }; @@ -67,6 +68,10 @@ in enable = lib.my.mkDisableOption "Radarr"; }; + readarr = { + enable = lib.my.mkDisableOption "Readarr"; + }; + sonarr = { enable = lib.my.mkDisableOption "Sonarr"; }; @@ -85,6 +90,9 @@ in # Radarr for movies (mkFullConfig "radarr") (mkFail2Ban "radarr") + # Readarr for books + (mkFullConfig "readarr") + (mkFail2Ban "readarr") # Sonarr for shows (mkFullConfig "sonarr") (mkFail2Ban "sonarr") From 6f00036b7963ac6674a40c5d2bc8fe8a25fe79cf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Sep 2024 12:07:33 +0200 Subject: [PATCH 189/485] overlays: add 'downgrade-transmission' The 4.0.6 release is buggy and widely blacklisted. --- overlays/downgrade-transmission/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 overlays/downgrade-transmission/default.nix diff --git a/overlays/downgrade-transmission/default.nix b/overlays/downgrade-transmission/default.nix new file mode 100644 index 00000000..9d3fc8ae --- /dev/null +++ b/overlays/downgrade-transmission/default.nix @@ -0,0 +1,14 @@ +self: prev: +{ + transmission_4 = prev.transmission_4.overrideAttrs (_: { + version = "4.0.5"; + + src = self.fetchFromGitHub { + owner = "transmission"; + repo = "transmission"; + rev = "4.0.5"; + hash = "sha256-gd1LGAhMuSyC/19wxkoE2mqVozjGPfupIPGojKY0Hn4="; + fetchSubmodules = true; + }; + }); +} From 0d2b9c969940e403a48af210dd856c2d086d360a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 5 Sep 2024 10:39:01 +0000 Subject: [PATCH 190/485] nixos: services: rename 'servarr' --- hosts/nixos/porthos/services.nix | 16 ++++++++-------- modules/nixos/services/default.nix | 2 +- .../services/{pirate => servarr}/default.nix | 4 ++-- 3 files changed, 11 insertions(+), 11 deletions(-) rename modules/nixos/services/{pirate => servarr}/default.nix (96%) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 23901f79..38e827b4 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -127,14 +127,6 @@ in passwordFile = secrets."paperless/password".path; secretKeyFile = secrets."paperless/secret-key".path; }; - # The whole *arr software suite - pirate = { - enable = true; - # ... But not Lidarr because I don't care for music that much - lidarr = { - enable = false; - }; - }; # Podcast automatic downloader podgrab = { enable = true; @@ -152,6 +144,14 @@ in rss-bridge.enable = true; # Usenet client sabnzbd.enable = true; + # The whole *arr software suite + servarr = { + enable = true; + # ... But not Lidarr because I don't care for music that much + lidarr = { + enable = false; + }; + }; # Because I stilll need to play sysadmin ssh-server.enable = true; # Recipe manager diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 60b24786..e877c8f0 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -26,7 +26,6 @@ ./nginx ./nix-cache ./paperless - ./pirate ./podgrab ./postgresql ./postgresql-backup @@ -34,6 +33,7 @@ ./quassel ./rss-bridge ./sabnzbd + ./servarr ./ssh-server ./tandoor-recipes ./tlp diff --git a/modules/nixos/services/pirate/default.nix b/modules/nixos/services/servarr/default.nix similarity index 96% rename from modules/nixos/services/pirate/default.nix rename to modules/nixos/services/servarr/default.nix index 822a8aa2..e25d9cfd 100644 --- a/modules/nixos/services/pirate/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -4,7 +4,7 @@ # [1]: https://youtu.be/I26Ql-uX6AM { config, lib, ... }: let - cfg = config.my.services.pirate; + cfg = config.my.services.servarr; ports = { bazarr = 6767; @@ -53,7 +53,7 @@ let ]); in { - options.my.services.pirate = { + options.my.services.servarr = { enable = lib.mkEnableOption "Media automation"; bazarr = { From 9b7bab8e8306e8138b5559929f28f46ac4333768 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 5 Sep 2024 18:09:50 +0200 Subject: [PATCH 191/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index ee428c04..0c1b9658 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "lastModified": 1725234343, + "narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "rev": "567b938d64d4b4112ee253b9274472dc3a346eb6", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1724435763, - "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "lastModified": 1725180166, + "narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=", "owner": "nix-community", "repo": "home-manager", - "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", + "rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1724479785, - "narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=", + "lastModified": 1725432240, + "narHash": "sha256-+yj+xgsfZaErbfYM3T+QvEE2hU7UuE+Jf0fJCJ8uPS0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be", + "rev": "ad416d066ca1222956472ab7d0555a6946746a80", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1724704503, - "narHash": "sha256-QcZKCI9d5UNuQt6UFQSNhQwzXnXDF8jgCy7julsbnvg=", + "lastModified": 1725551138, + "narHash": "sha256-4tSFz+wu2NvB41MLF68PDLM3gu8lg1hjgtgikbRq6Zo=", "owner": "nix-community", "repo": "NUR", - "rev": "6b1fa8a8dec17eb73962a0eac8e04f2df1439448", + "rev": "06bc57134f691188397ebeffa9b88552cc8090d3", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1724440431, - "narHash": "sha256-9etXEOUtzeMgqg1u0wp+EdwG7RpmrAZ2yX516bMj2aE=", + "lastModified": 1725513492, + "narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "c8a54057aae480c56e28ef3e14e4960628ac495b", + "rev": "7570de7b9b504cfe92025dd1be797bf546f66528", "type": "github" }, "original": { From a713913eefd3a201f971c456c648099d5ca1e3e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 22 Aug 2024 23:44:40 +0200 Subject: [PATCH 192/485] nixos: services: add pdf-edit --- modules/nixos/services/default.nix | 1 + modules/nixos/services/pdf-edit/default.nix | 73 +++++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 modules/nixos/services/pdf-edit/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index e877c8f0..1211ee68 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -26,6 +26,7 @@ ./nginx ./nix-cache ./paperless + ./pdf-edit ./podgrab ./postgresql ./postgresql-backup diff --git a/modules/nixos/services/pdf-edit/default.nix b/modules/nixos/services/pdf-edit/default.nix new file mode 100644 index 00000000..d59507b0 --- /dev/null +++ b/modules/nixos/services/pdf-edit/default.nix @@ -0,0 +1,73 @@ +{ config, lib, ... }: +let + cfg = config.my.services.pdf-edit; +in +{ + options.my.services.pdf-edit = with lib; { + enable = mkEnableOption "PDF edition service"; + + port = mkOption { + type = types.port; + default = 8089; + example = 8080; + description = "Internal port for webui"; + }; + + loginFile = mkOption { + type = types.str; + example = "/run/secrets/pdf-edit/login.env"; + description = '' + `SECURITY_INITIALLOGIN_USERNAME` and `SECURITY_INITIALLOGIN_PASSWORD` + defined in the format of 'EnvironmentFile' (see `systemd.exec(5)`). + ''; + }; + }; + + config = lib.mkIf cfg.enable { + services.stirling-pdf = lib.mkIf cfg.enable { + enable = true; + + environment = { + SERVER_PORT = cfg.port; + SECURITY_CSRFDISABLED = "false"; + + SYSTEM_SHOWUPDATE = "false"; # We don't care about update notifications + INSTALL_BOOK_AND_ADVANCED_HTML_OPS = "true"; # Installed by the module + + SECURITY_ENABLELOGIN = "true"; + SECURITY_LOGINATTEMPTCOUNT = "-1"; # Rely on fail2ban instead + }; + + environmentFiles = [ cfg.loginFile ]; + }; + + my.services.nginx.virtualHosts = { + pdf-edit = { + inherit (cfg) port; + + extraConfig = { + # Allow upload of PDF files up to 1G + locations."/".extraConfig = '' + client_max_body_size 1G; + ''; + }; + }; + }; + + services.fail2ban.jails = { + stirling-pdf = '' + enabled = true + filter = stirling-pdf + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/stirling-pdf.conf".text = '' + [Definition] + failregex = ^.*Failed login attempt from IP: $ + journalmatch = _SYSTEMD_UNIT=stirling-pdf.service + ''; + }; + }; +} From 90dcf3a1641aa93a4ce14cc8a9c49ba3efec8108 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 22 Aug 2024 23:45:16 +0200 Subject: [PATCH 193/485] hosts: nixos: porthos: secrets: add pdf-edit --- hosts/nixos/porthos/secrets/pdf-edit/login.age | 8 ++++++++ hosts/nixos/porthos/secrets/secrets.nix | 2 ++ 2 files changed, 10 insertions(+) create mode 100644 hosts/nixos/porthos/secrets/pdf-edit/login.age diff --git a/hosts/nixos/porthos/secrets/pdf-edit/login.age b/hosts/nixos/porthos/secrets/pdf-edit/login.age new file mode 100644 index 00000000..7f13f883 --- /dev/null +++ b/hosts/nixos/porthos/secrets/pdf-edit/login.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg VYlHgHSLpfKb5bn1XA3aCpfX7M23DgbraLxxOfo9PDk +Rj+mDvAsWX3WwpuhTrOubmo17j/aud5+P87df5bosBA +-> ssh-ed25519 jPowng o9ZFaYrITZ6DjWw07Vk/+TkuU187/ytlEK4sw7G32G4 +zmxlpDvDDEgQFqBVARXeX1ABhvfJ4uAHfa6mIxXzjAY +--- k/d9FWW8/OSo8EllwOBV74pZyX918u54jEljGk3ATUc +ü4+ø2{‘hE7!Ò­GA`×_@Íß—´¡R_ý§6J„ñL4v,‚6%ô‡øó#^® Ù¹ åB­§OøF‚|’7ܽÉL]œÙjR¨ +BþóÛ¾éaòs]xSÎ pbÞo#¬J1QŸ=t}5Õ>Oï‘{+¼. M"7e»yý÷— \ No newline at end of file diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index a9b9c516..a8a9819d 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -77,6 +77,8 @@ in "paperless/password.age".publicKeys = all; "paperless/secret-key.age".publicKeys = all; + "pdf-edit/login.age".publicKeys = all; + "podgrab/password.age".publicKeys = all; "pyload/credentials.age".publicKeys = all; From f91286d13b9e111355f11d0e54da897444207471 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 6 Sep 2024 20:52:26 +0100 Subject: [PATCH 194/485] flake: bump inputs --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 0c1b9658..88fda1ac 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1725180166, - "narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=", + "lastModified": 1725628988, + "narHash": "sha256-Y6TBMTGu4bddUwszGjlcOuN0soVc1Gv43hp+1sT/GNI=", "owner": "nix-community", "repo": "home-manager", - "rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb", + "rev": "127ccc3eb7e36fa75e8c3fbd8a343154f66cc1c6", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1725551138, - "narHash": "sha256-4tSFz+wu2NvB41MLF68PDLM3gu8lg1hjgtgikbRq6Zo=", + "lastModified": 1725647621, + "narHash": "sha256-GzILohiffZJQYq0dTg6PW36S0N0jV4rhcUmNbKxP+p8=", "owner": "nix-community", "repo": "NUR", - "rev": "06bc57134f691188397ebeffa9b88552cc8090d3", + "rev": "fa9112b06f678299e8c85dade3654cf8c5d7e1b4", "type": "github" }, "original": { From fbd3b70d61bd733af033545d4cfe4809fbb068a3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Aug 2024 10:10:26 +0000 Subject: [PATCH 195/485] home: use 'XDG_STATE_HOME' for history files It's specified as the place to put them, so let's make use of it I guess. --- modules/home/gdb/default.nix | 4 ++-- modules/home/pager/default.nix | 2 +- modules/home/wget/default.nix | 2 +- modules/home/xdg/default.nix | 9 ++++++--- modules/home/zsh/default.nix | 2 +- 5 files changed, 11 insertions(+), 8 deletions(-) diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index efb49e20..1ffc6bd9 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -23,11 +23,11 @@ in xdg = { configFile."gdb/gdbinit".source = ./gdbinit; - dataFile. "gdb/.keep".text = ""; + stateFile."gdb/.keep".text = ""; }; home.sessionVariables = { - GDBHISTFILE = "${config.xdg.dataHome}/gdb/gdb_history"; + GDBHISTFILE = "${config.xdg.stateHome}/gdb/gdb_history"; }; } diff --git a/modules/home/pager/default.nix b/modules/home/pager/default.nix index e304097f..1119440f 100644 --- a/modules/home/pager/default.nix +++ b/modules/home/pager/default.nix @@ -15,7 +15,7 @@ in # Clear the screen on start and exit LESS = "-R -+X -c"; # Better XDG compliance - LESSHISTFILE = "${config.xdg.dataHome}/less/history"; + LESSHISTFILE = "${config.xdg.stateHome}/less/history"; LESSKEY = "${config.xdg.configHome}/less/lesskey"; }; }; diff --git a/modules/home/wget/default.nix b/modules/home/wget/default.nix index 32c13c0d..1be53972 100644 --- a/modules/home/wget/default.nix +++ b/modules/home/wget/default.nix @@ -20,7 +20,7 @@ in }; xdg.configFile."wgetrc".text = '' - hsts-file = ${config.xdg.dataHome}/wget-hsts + hsts-file = ${config.xdg.stateHome}/wget-hsts ''; }; } diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index fb2668c6..e180f279 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -34,6 +34,9 @@ in "gdb/.keep".text = ""; "tig/.keep".text = ""; }; + stateFile = { + "python/.keep".text = ""; + }; }; # I want a tidier home @@ -43,13 +46,13 @@ in CARGO_HOME = "${dataHome}/cargo"; DOCKER_CONFIG = "${configHome}/docker"; GRADLE_USER_HOME = "${dataHome}/gradle"; - HISTFILE = "${dataHome}/bash/history"; + HISTFILE = "${stateHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; - PSQL_HISTORY = "${dataHome}/psql_history"; + PSQL_HISTORY = "${stateHome}/psql_history"; PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; PYTHONUSERBASE = "${dataHome}/python/"; PYTHON_HISTORY = "${stateHome}/python/history"; - REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; + REDISCLI_HISTFILE = "${stateHome}/redis/rediscli_history"; REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java"; diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index a2773669..11b6cb24 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -68,7 +68,7 @@ in ignoreSpace = true; ignoreDups = true; share = false; - path = "${config.xdg.dataHome}/zsh/zsh_history"; + path = "${config.xdg.stateHome}/zsh/zsh_history"; }; plugins = [ From e67b055a7bde91d1ee9d601a2ce71e0965459490 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 9 Sep 2024 15:27:51 +0000 Subject: [PATCH 196/485] home: vim: fix unimpaired mapping groups --- modules/home/vim/after/plugin/mappings/unimpaired.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/after/plugin/mappings/unimpaired.lua b/modules/home/vim/after/plugin/mappings/unimpaired.lua index a0336d1d..82aab059 100644 --- a/modules/home/vim/after/plugin/mappings/unimpaired.lua +++ b/modules/home/vim/after/plugin/mappings/unimpaired.lua @@ -66,7 +66,7 @@ local keys = { { "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" }, -- Enable option - { "[o", desc = "Enable option" }, + { "[o", group = "Enable option" }, { "[ob", desc = "Light background" }, { "[oc", desc = "Cursor line" }, { "[od", desc = "Diff" }, @@ -85,7 +85,7 @@ local keys = { { "[oz", desc = "Spell checking" }, -- Disable option - { "]o", desc = "Disable option" }, + { "]o", group = "Disable option" }, { "]ob", desc = "Light background" }, { "]oc", desc = "Cursor line" }, { "]od", desc = "Diff" }, From 6529bea6bb1af7cc082cad514321bb694a297ed8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 11 Sep 2024 10:28:32 +0000 Subject: [PATCH 197/485] home: nixpkgs: don't use 'escapeShellArg' I don't know what I was thinking exactly when I wrote this, but I clearly hadn't tested it. We can't use `escapeShellArg` as we need to expand the `$XDG_RUNTIME_DIR` variable used in those paths... This reverts commit 468eaa9ed47f3c5077a1e176d3a53e7dc3087fcc. --- modules/home/nixpkgs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/nixpkgs/default.nix b/modules/home/nixpkgs/default.nix index a4946db5..720fc9b8 100644 --- a/modules/home/nixpkgs/default.nix +++ b/modules/home/nixpkgs/default.nix @@ -13,8 +13,8 @@ in ]; home.sessionVariables = { - GITHUB_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; - GITHUB_API_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; + GITHUB_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; + GITHUB_API_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; }; }; } From 4f73945e283a15a4cd03178d27bd957fd30a066e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 12 Sep 2024 12:07:22 +0000 Subject: [PATCH 198/485] home: direnv: silence 'layout_poetry' --- modules/home/direnv/lib/python.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index 15a273fc..650115d4 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -14,7 +14,7 @@ layout_poetry() { fi # create venv if it doesn't exist - poetry run true + poetry run -q -- true # shellcheck disable=2155 export VIRTUAL_ENV=$(poetry env info --path) From 8a6af0e5b73c4e1a87e8da95aa339526a909495f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 12 Sep 2024 12:08:50 +0000 Subject: [PATCH 199/485] home: direnv: only mention 'poetry init' `poetry new` creates a new directory, which isn't really what we're interested in here. --- modules/home/direnv/lib/python.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index 650115d4..eae6d26f 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -9,7 +9,7 @@ layout_poetry() { if [[ ! -f pyproject.toml ]]; then # shellcheck disable=2016 - log_error 'layout_poetry: no pyproject.toml found. Use `poetry new` or `poetry init` to create one first' + log_error 'layout_poetry: no pyproject.toml found. Use `poetry init` to create one first' return 1 fi From 8d344b5d5104aa550cf1e2388f5b9bf2573dec41 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 12 Sep 2024 13:23:19 +0000 Subject: [PATCH 200/485] home: direnv: add 'layout_uv' I haven't really played with it yet, but from my small experiments this should be good enough for my (future) purposes. --- modules/home/direnv/lib/python.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index eae6d26f..d1e67a20 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -23,3 +23,34 @@ layout_poetry() { watch_file pyproject.toml watch_file poetry.lock } + +layout_uv() { + if ! has uv; then + # shellcheck disable=2016 + log_error 'layout_uv: `uv` is not in PATH' + return 1 + fi + + if [[ ! -f pyproject.toml ]]; then + # shellcheck disable=2016 + log_error 'layout_uv: no pyproject.toml found. Use `uv init` to create one first' + return 1 + fi + + local default_venv="$PWD/.venv" + : "${VIRTUAL_ENV:=$default_venv}" + + # Use non-default venv path if required + if [ "$VIRTUAL_ENV" != "$default_venv" ]; then + export UV_PROJECT_ENVIRONMENT="$VIRTUAL_ENV" + fi + + # create venv if it doesn't exist + uv venv -q + + export VIRTUAL_ENV + export UV_ACTIVE=1 + PATH_add "$VIRTUAL_ENV/bin" + watch_file pyproject.toml + watch_file uv.lock +} From 4a38757db92d2b621812558c219479cc2872ce33 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Sep 2024 11:58:55 +0000 Subject: [PATCH 201/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 88fda1ac..393a824f 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1725234343, - "narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=", + "lastModified": 1726153070, + "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "567b938d64d4b4112ee253b9274472dc3a346eb6", + "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", "type": "github" }, "original": { @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1725628988, - "narHash": "sha256-Y6TBMTGu4bddUwszGjlcOuN0soVc1Gv43hp+1sT/GNI=", + "lastModified": 1726611255, + "narHash": "sha256-/bxaYvIK6/d3zqpW26QFS0rqfd0cO4qreSNWvYLTl/w=", "owner": "nix-community", "repo": "home-manager", - "rev": "127ccc3eb7e36fa75e8c3fbd8a343154f66cc1c6", + "rev": "d2493de5cd1da06b6a4c3e97f4e7d5dd791df457", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1725432240, - "narHash": "sha256-+yj+xgsfZaErbfYM3T+QvEE2hU7UuE+Jf0fJCJ8uPS0=", + "lastModified": 1726463316, + "narHash": "sha256-gI9kkaH0ZjakJOKrdjaI/VbaMEo9qBbSUl93DnU7f4c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ad416d066ca1222956472ab7d0555a6946746a80", + "rev": "99dc8785f6a0adac95f5e2ab05cc2e1bf666d172", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1725647621, - "narHash": "sha256-GzILohiffZJQYq0dTg6PW36S0N0jV4rhcUmNbKxP+p8=", + "lastModified": 1726739127, + "narHash": "sha256-eI3C3B30nSiobx/Ld3n7ZL38Omn2zEIAwCgtgwCQaQc=", "owner": "nix-community", "repo": "NUR", - "rev": "fa9112b06f678299e8c85dade3654cf8c5d7e1b4", + "rev": "cb39c55630fd1660784dc5f60eb48adaeb9e950e", "type": "github" }, "original": { From c1eab0edeef61911777341fb8f4f4e7f19c51a21 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 20 Sep 2024 14:39:53 +0000 Subject: [PATCH 202/485] nixos: services: jellyfin: add fail2ban jail The upstream documentation adds quotes around the IP, but I don't see them in my logs. Let's split the difference by making them optional. --- modules/nixos/services/jellyfin/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index f5aaa995..e8910a59 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -41,5 +41,21 @@ in }; }; }; + + services.fail2ban.jails = { + jellyfin = '' + enabled = true + filter = jellyfin + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/jellyfin.conf".text = '' + [Definition] + failregex = ^.*Authentication request for .* has been denied \(IP: "?"?\)\. + journalmatch = _SYSTEMD_UNIT=jellyfin.service + ''; + }; }; } From 129d4b3a5a6e5ad1dbd80b3a04f3ff5bc32cf6e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 22 Aug 2024 23:46:25 +0200 Subject: [PATCH 203/485] hosts: nixos: porthos: services: enable pdf-edit --- hosts/nixos/porthos/services.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 38e827b4..5792be37 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -127,6 +127,11 @@ in passwordFile = secrets."paperless/password".path; secretKeyFile = secrets."paperless/secret-key".path; }; + # Sometimes, editing PDFs is useful + pdf-edit = { + enable = true; + loginFile = secrets."pdf-edit/login".path; + }; # Podcast automatic downloader podgrab = { enable = true; From cedac6bbf46605fffd52859dc7d5ffdb55e78cec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 00:43:17 +0200 Subject: [PATCH 204/485] nixos: services: mealie: add fail2ban jail --- modules/nixos/services/mealie/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 96b9e144..664d5ba8 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -71,5 +71,21 @@ in }; }; }; + + services.fail2ban.jails = { + mealie = '' + enabled = true + filter = mealie + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/mealie.conf".text = '' + [Definition] + failregex = ^.*ERROR.*Incorrect username or password from + journalmatch = _SYSTEMD_UNIT=mealie.service + ''; + }; }; } From f24cf2e16d7d25c387851a888e6615768d24b47d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 01:10:52 +0200 Subject: [PATCH 205/485] nixos: services: audiobookshelf: add fail2ban jail --- .../nixos/services/audiobookshelf/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/nixos/services/audiobookshelf/default.nix b/modules/nixos/services/audiobookshelf/default.nix index 8c9719d0..da9ec555 100644 --- a/modules/nixos/services/audiobookshelf/default.nix +++ b/modules/nixos/services/audiobookshelf/default.nix @@ -35,5 +35,21 @@ in }; }; }; + + services.fail2ban.jails = { + audiobookshelf = '' + enabled = true + filter = audiobookshelf + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/audiobookshelf.conf".text = '' + [Definition] + failregex = ^.*ERROR: \[Auth\] Failed login attempt for username ".*" from ip + journalmatch = _SYSTEMD_UNIT=audiobookshelf.service + ''; + }; }; } From 96e1a54638c98d64a3a38fd193844d6d5c3e66da Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 01:26:06 +0200 Subject: [PATCH 206/485] nixos: services: nextcloud: add fail2ban jail --- modules/nixos/services/nextcloud/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index bb3169ac..d173fc06 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -87,5 +87,25 @@ in "${config.services.nextcloud.home}/data/appdata_*/preview" ]; }; + + services.fail2ban.jails = { + nextcloud = '' + enabled = true + filter = nextcloud + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/nextcloud.conf".text = '' + [Definition] + _groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*) + datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?" + failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Login failed: + ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Trusted domain error. + ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Two-factor challenge failed: + journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service + ''; + }; }; } From a059828a587eb271d42656d8e315c083ff47b921 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 01:58:56 +0200 Subject: [PATCH 207/485] nixos: services: miniflux: add fail2ban jail --- modules/nixos/services/miniflux/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/nixos/services/miniflux/default.nix b/modules/nixos/services/miniflux/default.nix index 5104c8b1..400ae000 100644 --- a/modules/nixos/services/miniflux/default.nix +++ b/modules/nixos/services/miniflux/default.nix @@ -48,5 +48,21 @@ in inherit (cfg) port; }; }; + + services.fail2ban.jails = { + miniflux = '' + enabled = true + filter = miniflux + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/miniflux.conf".text = '' + [Definition] + failregex = ^.*msg="[^"]*(Incorrect|Invalid) username or password[^"]*".*client_ip= + journalmatch = _SYSTEMD_UNIT=miniflux.service + ''; + }; }; } From 1aa3385e137f81cb05975829dedb90e89f1c0e6d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 02:12:48 +0200 Subject: [PATCH 208/485] nixos: services: navidrome: add fail2ban jail --- modules/nixos/services/navidrome/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/nixos/services/navidrome/default.nix b/modules/nixos/services/navidrome/default.nix index 944a97ae..c513b910 100644 --- a/modules/nixos/services/navidrome/default.nix +++ b/modules/nixos/services/navidrome/default.nix @@ -52,5 +52,21 @@ in inherit (cfg) port; }; }; + + services.fail2ban.jails = { + navidrome = '' + enabled = true + filter = navidrome + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/navidrome.conf".text = '' + [Definition] + failregex = ^.*msg="Unsuccessful login".*X-Real-Ip:\[\] + journalmatch = _SYSTEMD_UNIT=navidrome.service + ''; + }; }; } From 2b64a00dc98535f71859f66986b416d941aa0291 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 02:13:30 +0200 Subject: [PATCH 209/485] nixos: services: flood: add fail2ban note --- modules/nixos/services/flood/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/flood/default.nix b/modules/nixos/services/flood/default.nix index b95bac5a..f3fe90b8 100644 --- a/modules/nixos/services/flood/default.nix +++ b/modules/nixos/services/flood/default.nix @@ -27,5 +27,7 @@ in inherit (cfg) port; }; }; + + # NOTE: unfortunately flood does not log connection failures for fail2ban }; } From 1f40ac4a9f09743a13e234e493eb7e9345c6d03d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Sep 2024 02:21:01 +0200 Subject: [PATCH 210/485] nixos: services: grocy: add fail2ban note --- modules/nixos/services/grocy/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/grocy/default.nix b/modules/nixos/services/grocy/default.nix index 87927d6c..9045b03c 100644 --- a/modules/nixos/services/grocy/default.nix +++ b/modules/nixos/services/grocy/default.nix @@ -36,5 +36,7 @@ in forceSSL = true; useACMEHost = config.networking.domain; }; + + # NOTE: unfortunately grocy does not log connection failures for fail2ban }; } From 0f3c5d1d63b2fbe8a08382af1e28c571a2620b64 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Sep 2024 10:43:50 +0000 Subject: [PATCH 211/485] nixos: services: transmission: add fail2ban note --- modules/nixos/services/transmission/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index aeb88b7e..ac8b24dd 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -90,5 +90,7 @@ in allowedTCPPorts = [ cfg.peerPort ]; allowedUDPPorts = [ cfg.peerPort ]; }; + + # NOTE: unfortunately transmission does not log connection failures for fail2ban }; } From b6279108e090c620d5d9a7fdbb4ccb556212cfb0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Sep 2024 10:44:09 +0000 Subject: [PATCH 212/485] nixos: services: vikunja: add fail2ban note --- modules/nixos/services/vikunja/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 6e7700f8..7838a79c 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -99,5 +99,7 @@ in config.services.vikunja.settings.files.basepath ]; }; + + # NOTE: unfortunately vikunja does not log connection failures for fail2ban }; } From 3aab65d9eac7d06a987f8f92de792da400845210 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Sep 2024 13:13:15 +0000 Subject: [PATCH 213/485] nixos: services: tandoor-recipes: add fail2ban note --- modules/nixos/services/tandoor-recipes/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 48ad7a84..3447beee 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -82,5 +82,7 @@ in }; }; }; + + # NOTE: unfortunately tandoor-recipes does not log connection failures for fail2ban }; } From b0029448c6d5ddbfa46f2b7c4785ca82787e4fcb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 25 Sep 2024 14:10:34 +0000 Subject: [PATCH 214/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 393a824f..71123623 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1726611255, - "narHash": "sha256-/bxaYvIK6/d3zqpW26QFS0rqfd0cO4qreSNWvYLTl/w=", + "lastModified": 1727246346, + "narHash": "sha256-TcUaKtya339Asu+g6KTJ8h7KiKcKXKp2V+At+7tksyY=", "owner": "nix-community", "repo": "home-manager", - "rev": "d2493de5cd1da06b6a4c3e97f4e7d5dd791df457", + "rev": "1e22ef1518fb175d762006f9cae7f6312b8caedb", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726463316, - "narHash": "sha256-gI9kkaH0ZjakJOKrdjaI/VbaMEo9qBbSUl93DnU7f4c=", + "lastModified": 1726937504, + "narHash": "sha256-bvGoiQBvponpZh8ClUcmJ6QnsNKw0EMrCQJARK3bI1c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "99dc8785f6a0adac95f5e2ab05cc2e1bf666d172", + "rev": "9357f4f23713673f310988025d9dc261c20e70c6", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1726739127, - "narHash": "sha256-eI3C3B30nSiobx/Ld3n7ZL38Omn2zEIAwCgtgwCQaQc=", + "lastModified": 1727272134, + "narHash": "sha256-q8xoi2eO23zhOmgBtJTj0QlcABoMeVB0CAWufTR3wyw=", "owner": "nix-community", "repo": "NUR", - "rev": "cb39c55630fd1660784dc5f60eb48adaeb9e950e", + "rev": "8dbbe7f3575d0ff0998f92f811fb8bf4e3f0d3b1", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1725513492, - "narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=", + "lastModified": 1726745158, + "narHash": "sha256-D5AegvGoEjt4rkKedmxlSEmC+nNLMBPWFxvmYnVLhjk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7570de7b9b504cfe92025dd1be797bf546f66528", + "rev": "4e743a6920eab45e8ba0fbe49dc459f1423a4b74", "type": "github" }, "original": { From 20db71996c678e75c999d733a713805691fa9991 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 25 Sep 2024 16:25:40 +0000 Subject: [PATCH 215/485] pkgs: add 'cgt-calc' --- pkgs/cgt-calc/default.nix | 47 +++++++++++++++++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 2 files changed, 49 insertions(+) create mode 100644 pkgs/cgt-calc/default.nix diff --git a/pkgs/cgt-calc/default.nix b/pkgs/cgt-calc/default.nix new file mode 100644 index 00000000..9966944a --- /dev/null +++ b/pkgs/cgt-calc/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, python3Packages +, withTeXLive ? true +, texliveSmall +}: +python3Packages.buildPythonApplication rec { + pname = "cgt-calc"; + version = "1.13.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "KapJI"; + repo = "capital-gains-calculator"; + rev = "v${version}"; + hash = "sha256-y/Y05wG89nccXyxfjqazyPJhd8dOkfwRJre+Rzx97Hw="; + }; + + build-system = with python3Packages; [ + poetry-core + ]; + + dependencies = with python3Packages; [ + defusedxml + jinja2 + pandas + requests + types-requests + yfinance + ]; + + makeWrapperArgs = lib.optionals withTeXLive [ + "--prefix" + "PATH" + ":" + "${lib.getBin texliveSmall}/bin" + ]; + + meta = with lib; { + description = "UK capital gains tax calculator"; + homepage = "https://github.com/KapJI/capital-gains-calculator"; + license = with licenses; [ mit ]; + mainProgram = "cgt-calc"; + maintainers = with maintainers; [ ambroisie ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 6b7fce11..949bcf78 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,6 +2,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; + cgt-calc = pkgs.callPackage ./cgt-calc { }; + change-audio = pkgs.callPackage ./change-audio { }; change-backlight = pkgs.callPackage ./change-backlight { }; From cbba752b54825e09245088d42b0e1d0e0910f33f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 27 Sep 2024 13:44:23 +0000 Subject: [PATCH 216/485] nixos: services: nginx: remove 'literalExample' Those examples do not use functions or any other "difficult to render" expression. --- modules/nixos/services/nginx/default.nix | 72 +++++++++++------------- 1 file changed, 32 insertions(+), 40 deletions(-) diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 7980ad95..e305b295 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -59,14 +59,12 @@ let extraConfig = mkOption { type = types.attrs; # FIXME: forward type of virtualHosts - example = litteralExample '' - { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; - } - ''; + example = { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; + }; + }; default = { }; description = '' Any extra configuration that should be applied to this virtual host. @@ -100,26 +98,24 @@ in virtualHosts = mkOption { type = types.attrsOf virtualHostOption; default = { }; - example = litteralExample '' - { - gitea = { - subdomain = "git"; - port = 8080; - }; - dev = { - root = "/var/www/dev"; - }; - jellyfin = { - port = 8096; - extraConfig = { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; + example = { + gitea = { + subdomain = "git"; + port = 8080; + }; + dev = { + root = "/var/www/dev"; + }; + jellyfin = { + port = 8096; + extraConfig = { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; }; }; - } - ''; + }; + }; description = '' List of virtual hosts to set-up using default settings. ''; @@ -163,25 +159,21 @@ in }; }; }); - example = litteralExample '' - { - alice = { - passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; - totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; - }; - } - ''; + example = { + alice = { + passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; + totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; + }; + }; description = "Definition of users"; }; groups = mkOption { type = with types; attrsOf (listOf str); - example = litteralExample '' - { - root = [ "alice" ]; - users = [ "alice" "bob" ]; - } - ''; + example = { + root = [ "alice" ]; + users = [ "alice" "bob" ]; + }; description = "Groups of users"; }; }; From 898523d079c724e16ad4f1f4b6e8f110e6d96e8f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 27 Sep 2024 13:48:26 +0000 Subject: [PATCH 217/485] treewide: fix typos --- hosts/nixos/porthos/services.nix | 2 +- modules/home/firefox/tridactyl/tridactylrc | 2 +- modules/home/mail/accounts/default.nix | 4 ++-- modules/home/tmux/default.nix | 2 +- modules/home/vim/init.vim | 2 +- modules/home/vim/lua/ambroisie/lsp.lua | 2 +- modules/home/wm/default.nix | 2 +- modules/home/wm/screen-lock/default.nix | 4 ++-- modules/home/xdg/default.nix | 2 +- modules/home/zsh/options.zsh | 2 +- modules/nixos/hardware/trackball/default.nix | 2 +- modules/nixos/profiles/default.nix | 2 +- modules/nixos/services/forgejo/default.nix | 2 +- modules/nixos/services/gitea/default.nix | 2 +- modules/nixos/services/podgrab/default.nix | 2 +- modules/nixos/services/vikunja/default.nix | 2 +- modules/nixos/services/wireguard/default.nix | 2 +- pkgs/unbound-zones-adblock/default.nix | 2 +- 18 files changed, 20 insertions(+), 20 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 5792be37..7a38cea4 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -157,7 +157,7 @@ in enable = false; }; }; - # Because I stilll need to play sysadmin + # Because I still need to play sysadmin ssh-server.enable = true; # Recipe manager tandoor-recipes = { diff --git a/modules/home/firefox/tridactyl/tridactylrc b/modules/home/firefox/tridactyl/tridactylrc index 36bd59d7..775719c5 100644 --- a/modules/home/firefox/tridactyl/tridactylrc +++ b/modules/home/firefox/tridactyl/tridactylrc @@ -4,7 +4,7 @@ " Use dark color scheme colorscheme dark -" Make tridactyl open Vim in my prefered terminal +" Make tridactyl open Vim in my preferred terminal set editorcmd @editorcmd@ " Remove editor file after use diff --git a/modules/home/mail/accounts/default.nix b/modules/home/mail/accounts/default.nix index 8886139e..202b9bc5 100644 --- a/modules/home/mail/accounts/default.nix +++ b/modules/home/mail/accounts/default.nix @@ -58,7 +58,7 @@ in { config.accounts.email.accounts = { personal = lib.mkMerge [ - # Common configuraton + # Common configuration (mkConfig { domain = "belanyi.fr"; address = "bruno"; @@ -70,7 +70,7 @@ in ]; gmail = lib.mkMerge [ - # Common configuraton + # Common configuration (mkConfig { domain = "gmail.com"; address = "brunobelanyi"; diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 501b9540..71ce4caa 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -30,7 +30,7 @@ in }); default = { ${config.my.home.terminal.program} = { }; }; - defaultText = litteralExpression '' + defaultText = literalExpression '' { ''${config.my.home.terminal.program} = { }; }; ''; example = { xterm-256color = { }; }; diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 93eb1339..8202cad7 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -1,4 +1,4 @@ -" Basic configuraion {{{ +" Basic configuration {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" " Use UTF-8 set encoding=utf-8 diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index 19126236..eb53da68 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -42,7 +42,7 @@ end --- shared LSP configuration callback --- @param client native client configuration ---- @param bufnr int? buffer number of the attched client +--- @param bufnr int? buffer number of the attached client M.on_attach = function(client, bufnr) -- Format on save lsp_format.on_attach(client, bufnr) diff --git a/modules/home/wm/default.nix b/modules/home/wm/default.nix index 449918ad..ae1e1367 100644 --- a/modules/home/wm/default.nix +++ b/modules/home/wm/default.nix @@ -58,7 +58,7 @@ in service = "some-service-name"; } ]; - description = "list of block configurations, merged with the defauls"; + description = "list of block configurations, merged with the defaults"; }; }; }; diff --git a/modules/home/wm/screen-lock/default.nix b/modules/home/wm/screen-lock/default.nix index 3b2ead6c..5e6874ed 100644 --- a/modules/home/wm/screen-lock/default.nix +++ b/modules/home/wm/screen-lock/default.nix @@ -2,7 +2,7 @@ let cfg = config.my.home.wm.screen-lock; - notficationCmd = + notificationCmd = let duration = toString (cfg.notify.delay * 1000); notifyCmd = "${lib.getExe pkgs.libnotify} -u critical -t ${duration}"; @@ -48,7 +48,7 @@ in "-notify" "${toString cfg.notify.delay}" "-notifier" - notficationCmd + notificationCmd ]; }; }; diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index e180f279..270200e7 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -11,7 +11,7 @@ in enable = true; # File types mime.enable = true; - # File associatons + # File associations mimeApps = { enable = true; }; diff --git a/modules/home/zsh/options.zsh b/modules/home/zsh/options.zsh index 32da8d85..7bcad034 100644 --- a/modules/home/zsh/options.zsh +++ b/modules/home/zsh/options.zsh @@ -12,7 +12,7 @@ setopt rc_quotes setopt auto_resume # Show history expansion before running a command setopt hist_verify -# Append commands to history as they are exectuted +# Append commands to history as they are executed setopt inc_append_history_time # Remove useless whitespace from commands setopt hist_reduce_blanks diff --git a/modules/nixos/hardware/trackball/default.nix b/modules/nixos/hardware/trackball/default.nix index 7a99247d..a9b24e32 100644 --- a/modules/nixos/hardware/trackball/default.nix +++ b/modules/nixos/hardware/trackball/default.nix @@ -11,7 +11,7 @@ in config = lib.mkIf cfg.enable { services.xserver = { # This section must be *after* the one configured by `libinput` - # for the `ScrollMethod` configuration to not be overriden + # for the `ScrollMethod` configuration to not be overridden inputClassSections = lib.mkAfter [ # MX Ergo '' diff --git a/modules/nixos/profiles/default.nix b/modules/nixos/profiles/default.nix index 43d5a84c..dbd4be3a 100644 --- a/modules/nixos/profiles/default.nix +++ b/modules/nixos/profiles/default.nix @@ -1,4 +1,4 @@ -# Configuration that spans accross system and home, or are almagations of modules +# Configuration that spans across system and home, or are almagations of modules { ... }: { imports = [ diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix index 18538bea..511724b8 100644 --- a/modules/nixos/services/forgejo/default.nix +++ b/modules/nixos/services/forgejo/default.nix @@ -1,4 +1,4 @@ -# A low-ressource, full-featured git forge. +# A low-resource, full-featured git forge. { config, lib, ... }: let cfg = config.my.services.forgejo; diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 212f59c9..95bdf42c 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -1,4 +1,4 @@ -# A low-ressource, full-featured git forge. +# A low-resource, full-featured git forge. { config, lib, ... }: let cfg = config.my.services.gitea; diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix index ea89e4e5..3ced8d31 100644 --- a/modules/nixos/services/podgrab/default.nix +++ b/modules/nixos/services/podgrab/default.nix @@ -13,7 +13,7 @@ in example = "/run/secrets/password.env"; description = '' The path to a file containing the PASSWORD environment variable - definition for Podgrab's authentification. + definition for Podgrab's authentication. ''; }; diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 7838a79c..2753da3a 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -41,7 +41,7 @@ in service = { # Only allow registration of users through the CLI enableregistration = false; - # Ues the host's timezone + # Use the host's timezone timezone = config.time.timeZone; # Use UNIX socket for serving the API unixsocket = socketPath; diff --git a/modules/nixos/services/wireguard/default.nix b/modules/nixos/services/wireguard/default.nix index a76e424f..840ac33a 100644 --- a/modules/nixos/services/wireguard/default.nix +++ b/modules/nixos/services/wireguard/default.nix @@ -206,7 +206,7 @@ in ]; } - # Additional inteface is only used to get access to "LAN" from wireguard + # Additional interface is only used to get access to "LAN" from wireguard (lib.mkIf cfg.internal.enable { networking.wg-quick.interfaces."${cfg.internal.name}" = mkInterface [ "${cfg.net.v4.subnet}.0/${toString cfg.net.v4.mask}" diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index 2a6d4b7f..11a6c90d 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -30,7 +30,7 @@ stdenvNoCC.mkDerivation { description = "Unified host lists, ready to be used by unbound"; longDescription = '' This is a simple derivation based on StevenBlack's unified hosts list. - The files have been modified for easy use wih unbound. + The files have been modified for easy use with unbound. ''; homepage = "https://github.com/StevenBlack/hosts"; license = licenses.mit; From 38f3ac0ce5883f6aee526b91240bca153019584b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 27 Sep 2024 14:11:03 +0000 Subject: [PATCH 218/485] home: vim: lspconfig: add 'typos-lsp' --- modules/home/vim/default.nix | 3 +++ modules/home/vim/plugin/settings/lspconfig.lua | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index a0634836..8e6bd5c6 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -100,6 +100,9 @@ in # Shell bash-language-server shfmt + + # Generic + typos-lsp ]; }; diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 2f355f4d..9e9425c5 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -84,3 +84,11 @@ if utils.is_executable("starpls") then on_attach = lsp.on_attach, }) end + +-- Generic +if utils.is_executable("typos-lsp") then + lspconfig.typos_lsp.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end From 79f08ea5a1a8060db0074d3eb9576283f27ca29f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Sep 2024 13:47:26 +0000 Subject: [PATCH 219/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 71123623..5c355bfc 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1727246346, - "narHash": "sha256-TcUaKtya339Asu+g6KTJ8h7KiKcKXKp2V+At+7tksyY=", + "lastModified": 1727383923, + "narHash": "sha256-4/vacp3CwdGoPf8U4e/N8OsGYtO09WTcQK5FqYfJbKs=", "owner": "nix-community", "repo": "home-manager", - "rev": "1e22ef1518fb175d762006f9cae7f6312b8caedb", + "rev": "ffe2d07e771580a005e675108212597e5b367d2d", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726937504, - "narHash": "sha256-bvGoiQBvponpZh8ClUcmJ6QnsNKw0EMrCQJARK3bI1c=", + "lastModified": 1727348695, + "narHash": "sha256-J+PeFKSDV+pHL7ukkfpVzCOO7mBSrrpJ3svwBFABbhI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9357f4f23713673f310988025d9dc261c20e70c6", + "rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1727272134, - "narHash": "sha256-q8xoi2eO23zhOmgBtJTj0QlcABoMeVB0CAWufTR3wyw=", + "lastModified": 1727701468, + "narHash": "sha256-C7Trw/LSFXDpN6RcDqoH8oaXDIQsCbI7aVwOT68ElUs=", "owner": "nix-community", "repo": "NUR", - "rev": "8dbbe7f3575d0ff0998f92f811fb8bf4e3f0d3b1", + "rev": "a885f104ba4ef8431d0fbe7ecbabac024779afb1", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1726745158, - "narHash": "sha256-D5AegvGoEjt4rkKedmxlSEmC+nNLMBPWFxvmYnVLhjk=", + "lastModified": 1727514110, + "narHash": "sha256-0YRcOxJG12VGDFH8iS8pJ0aYQQUAgo/r3ZAL+cSh9nk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "4e743a6920eab45e8ba0fbe49dc459f1423a4b74", + "rev": "85f7a7177c678de68224af3402ab8ee1bcee25c8", "type": "github" }, "original": { From 09f763bc164946c6e548b933fad626b0a7bf689e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Sep 2024 22:10:38 +0200 Subject: [PATCH 220/485] nixos: services: add komga --- modules/nixos/services/default.nix | 1 + modules/nixos/services/komga/default.nix | 55 ++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 modules/nixos/services/komga/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 1211ee68..651f3f82 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -16,6 +16,7 @@ ./grocy ./indexers ./jellyfin + ./komga ./lohr ./matrix ./mealie diff --git a/modules/nixos/services/komga/default.nix b/modules/nixos/services/komga/default.nix new file mode 100644 index 00000000..e1dc7807 --- /dev/null +++ b/modules/nixos/services/komga/default.nix @@ -0,0 +1,55 @@ +# A Comics/Manga media server +{ config, lib, ... }: +let + cfg = config.my.services.komga; +in +{ + options.my.services.komga = with lib; { + enable = mkEnableOption "Komga comics server"; + + port = mkOption { + type = types.port; + default = 4584; + example = 8080; + description = "Internal port for webui"; + }; + }; + + config = lib.mkIf cfg.enable { + services.komga = { + enable = true; + inherit (cfg) port; + + group = "media"; + }; + + systemd.services.komga.environment = { + LOGGING_LEVEL_ORG_GOTSON_KOMGA = "DEBUG"; # Needed for fail2ban + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + komga = { + inherit (cfg) port; + }; + }; + + services.fail2ban.jails = { + komga = '' + enabled = true + filter = komga + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/komga.conf".text = '' + [Definition] + failregex = ^.* ip=,.*Bad credentials.*$ + journalmatch = _SYSTEMD_UNIT=komga.service + ''; + }; + }; +} From eec65dc6b31b02fec85b5c65e30079fad1f9227a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Oct 2024 16:54:44 +0200 Subject: [PATCH 221/485] hosts: nixos: porthos: services: remove podgrab Podgrab is unmaintained... I'll rely on Audiobookshelf to both download and play podcasts. --- hosts/nixos/porthos/services.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 7a38cea4..ec3db670 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -132,13 +132,6 @@ in enable = true; loginFile = secrets."pdf-edit/login".path; }; - # Podcast automatic downloader - podgrab = { - enable = true; - passwordFile = secrets."podgrab/password".path; - dataDir = "/data/media/podcasts"; - port = 9598; - }; # Regular backups postgresql-backup.enable = true; pyload = { From b10d936c0a98aef3b4c078b7f7886e2db39758da Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Oct 2024 11:35:11 +0000 Subject: [PATCH 222/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 5c355bfc..752a2149 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1726153070, - "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=", + "lastModified": 1727826117, + "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a", + "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1727383923, - "narHash": "sha256-4/vacp3CwdGoPf8U4e/N8OsGYtO09WTcQK5FqYfJbKs=", + "lastModified": 1728337164, + "narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=", "owner": "nix-community", "repo": "home-manager", - "rev": "ffe2d07e771580a005e675108212597e5b367d2d", + "rev": "038630363e7de57c36c417fd2f5d7c14773403e4", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1727348695, - "narHash": "sha256-J+PeFKSDV+pHL7ukkfpVzCOO7mBSrrpJ3svwBFABbhI=", + "lastModified": 1728241625, + "narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784", + "rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1727701468, - "narHash": "sha256-C7Trw/LSFXDpN6RcDqoH8oaXDIQsCbI7aVwOT68ElUs=", + "lastModified": 1728385750, + "narHash": "sha256-M2Qgz4Opif8uN9/I/dWRtyZRcuHRv+02B1+FgJk6LyY=", "owner": "nix-community", "repo": "NUR", - "rev": "a885f104ba4ef8431d0fbe7ecbabac024779afb1", + "rev": "7fc13fc5ea634482f96525f06132646d5aa01f7f", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1727514110, - "narHash": "sha256-0YRcOxJG12VGDFH8iS8pJ0aYQQUAgo/r3ZAL+cSh9nk=", + "lastModified": 1728092656, + "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "85f7a7177c678de68224af3402ab8ee1bcee25c8", + "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", "type": "github" }, "original": { From 8e81d148bdda429cad565fc1cf6b327ba7eec29a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 10 Oct 2024 13:53:19 +0000 Subject: [PATCH 223/485] home: direnv: warn on non-existent version --- modules/home/direnv/lib/android.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/home/direnv/lib/android.sh b/modules/home/direnv/lib/android.sh index fa2f856b..64321e16 100644 --- a/modules/home/direnv/lib/android.sh +++ b/modules/home/direnv/lib/android.sh @@ -32,10 +32,16 @@ use_android() { -b|--build-tools) build_tools_version="$2" shift 2 + if ! [ -e "$ANDROID_HOME/build-tools/$build_tools_version" ]; then + log_error "use_android: build-tools version '$build_tools_version' does not exist" + fi ;; -n|--ndk) ndk_version="$2" shift 2 + if ! [ -e "$ANDROID_HOME/ndk/$ndk_version" ]; then + log_error "use_android: NDK version '$ndk_version' does not exist" + fi ;; --) shift From 0547ebc33c8d8891bbbeea44d31d50bc6b5dd01f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Oct 2024 10:43:52 +0000 Subject: [PATCH 224/485] home: wm: i3: remove 'FIXME' Add a clearer message about why I don't use the `startup` section. --- modules/home/wm/i3/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index 69246f03..c4328647 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -371,8 +371,7 @@ in }; startup = [ - # FIXME - # { commdand; always; notification; } + # NOTE: rely on systemd user services instead... ]; window = { From a09cef76c5b13c052eeed4b52531516204bd8839 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 17 Oct 2024 15:26:17 +0200 Subject: [PATCH 225/485] nixos: services: nextcloud: bump to 30 --- modules/nixos/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index d173fc06..e2c47463 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -31,7 +31,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud29; + package = pkgs.nextcloud30; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From cf1aeaf0884d2420ed7c55d94a859ffe527f3cbf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Oct 2024 13:49:19 +0000 Subject: [PATCH 226/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 752a2149..fb392a42 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1728337164, - "narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=", + "lastModified": 1729551526, + "narHash": "sha256-7LAGY32Xl14OVQp3y6M43/0AtHYYvV6pdyBcp3eoz0s=", "owner": "nix-community", "repo": "home-manager", - "rev": "038630363e7de57c36c417fd2f5d7c14773403e4", + "rev": "5ec753a1fc4454df9285d8b3ec0809234defb975", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1728241625, - "narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=", + "lastModified": 1729413321, + "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1", + "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1728385750, - "narHash": "sha256-M2Qgz4Opif8uN9/I/dWRtyZRcuHRv+02B1+FgJk6LyY=", + "lastModified": 1729688743, + "narHash": "sha256-Oe1PRxUAXSwRUcRIH+saPgMsIEEm7PfL81+M5IDCqvg=", "owner": "nix-community", "repo": "NUR", - "rev": "7fc13fc5ea634482f96525f06132646d5aa01f7f", + "rev": "2680c1d6af171ee32198c8f2f5dc07ce1d5bd2ea", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1728092656, - "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", + "lastModified": 1729104314, + "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", + "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", "type": "github" }, "original": { From 46df8b5b5b38be165849382e4c3ecc7c9e4b4201 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 21 Oct 2024 14:24:42 +0000 Subject: [PATCH 227/485] home: direnv: lib: fix shellcheck directive I like it better with a space in it. --- modules/home/direnv/lib/android.sh | 2 +- modules/home/direnv/lib/nix.sh | 2 +- modules/home/direnv/lib/postgres.sh | 2 +- modules/home/direnv/lib/python.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/home/direnv/lib/android.sh b/modules/home/direnv/lib/android.sh index 64321e16..9344aea1 100644 --- a/modules/home/direnv/lib/android.sh +++ b/modules/home/direnv/lib/android.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash # shellcheck disable=2155 use_android() { diff --git a/modules/home/direnv/lib/nix.sh b/modules/home/direnv/lib/nix.sh index a65eb310..4b6c547d 100644 --- a/modules/home/direnv/lib/nix.sh +++ b/modules/home/direnv/lib/nix.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash use_pkgs() { if ! has nix; then diff --git a/modules/home/direnv/lib/postgres.sh b/modules/home/direnv/lib/postgres.sh index c2e6a8f6..46e171dc 100644 --- a/modules/home/direnv/lib/postgres.sh +++ b/modules/home/direnv/lib/postgres.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash layout_postgres() { if ! has postgres || ! has initdb; then diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index d1e67a20..780fbe64 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash layout_poetry() { if ! has poetry; then From 6d2ac0c473561aa75156788c26b0b7e6b442d241 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 28 Oct 2024 10:38:40 +0000 Subject: [PATCH 228/485] modules: services: matrix: remove sliding sync The functionality has been folded into `synapse` itself, and the module has been removed from the unstable branch. This reverts commit b4c2cc581b6b79db1961e0aa840fad6d17ee6652. --- hosts/nixos/porthos/services.nix | 3 -- modules/nixos/services/matrix/default.nix | 39 ----------------------- 2 files changed, 42 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index ec3db670..a2339f4e 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -69,9 +69,6 @@ in mailConfigFile = secrets."matrix/mail".path; # Only necessary when doing the initial registration secretFile = secrets."matrix/secret".path; - slidingSync = { - secretFile = secrets."matrix/sliding-sync-secret".path; - }; }; mealie = { enable = true; diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index b958f767..f4238342 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -26,21 +26,6 @@ in description = "Shared secret to register users"; }; - slidingSync = { - port = mkOption { - type = types.port; - default = 8009; - example = 8084; - description = "Port used by sliding sync server"; - }; - - secretFile = mkOption { - type = types.str; - example = "/var/lib/matrix/sliding-sync-secret-file.env"; - description = "Secret file which contains SYNCV3_SECRET definition"; - }; - }; - mailConfigFile = mkOption { type = types.str; example = "/var/lib/matrix/email-config.yaml"; @@ -106,17 +91,6 @@ in ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile; }; - services.matrix-sliding-sync = { - enable = true; - - settings = { - SYNCV3_SERVER = "https://${matrixDomain}"; - SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}"; - }; - - environmentFile = cfg.slidingSync.secretFile; - }; - my.services.nginx.virtualHosts = { # Element Web app deployment chat = { @@ -130,9 +104,6 @@ in "m.identity_server" = { "base_url" = "https://vector.im"; }; - "org.matrix.msc3575.proxy" = { - "url" = "https://matrix-sync.${domain}"; - }; }; showLabsSettings = true; defaultCountryCode = "FR"; # cocorico @@ -152,10 +123,6 @@ in matrix-client = { port = clientPort.private; }; - # Sliding sync - matrix-sync = { - inherit (cfg.slidingSync) port; - }; }; # Those are too complicated to use my wrapper... @@ -178,11 +145,6 @@ in "/_matrix" = proxyToClientPort; "/_synapse/client" = proxyToClientPort; - - # Sliding sync - "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = { - proxyPass = "http://${config.services.matrix-sliding-sync.settings.SYNCV3_BINDADDR}"; - }; }; listen = [ @@ -228,7 +190,6 @@ in client = { "m.homeserver" = { "base_url" = "https://${matrixDomain}"; }; "m.identity_server" = { "base_url" = "https://vector.im"; }; - "org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; }; }; # ACAO required to allow element-web on any URL to request this json file in From 67eb7bdd4bfe4b78c476a3e2ef3ef09727fb992b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 28 Oct 2024 10:43:54 +0000 Subject: [PATCH 229/485] hosts: nixos: porthos: secrets: remove matrix sync Remove the secret, as it not used anymore. This reverts commit 52413dcaf7d937a69002be661b8a6c26443e162c. --- .../nixos/porthos/secrets/matrix/sliding-sync-secret.age | 8 -------- hosts/nixos/porthos/secrets/secrets.nix | 3 --- 2 files changed, 11 deletions(-) delete mode 100644 hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age diff --git a/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age b/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age deleted file mode 100644 index e938cfa0..00000000 --- a/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 cKojmg xRtF3XVc7yPicAV/E4U7mn0itvD0h1BWBTjwunuoe2E -OkB9sjGB3ulH4Feuyj3Ed0DBG4+mghW/Qpum9oXL/8c --> ssh-ed25519 jPowng 1r8drqhz1yZdTq0Kvqya+ArU1C2fkN7Gg9LiWWfeUFg -cjbxntVwHvqLaJpiKs/Y8ojeb6e3/cLFcsoeuoobfFg ---- B1qA2PylJBrdZxZtCzlU2kRPvxLM+IrXTvR+ERxVtTY -"W9Äbg¸©~Ì/áÕb4ãÕ†ú³ÜÔIÊ -Û}ð §ËÅË-³²ªNó±”ÑC7vWœbºØ?¦8=œÉwÆB ÃUpJClï²OÈ™³œnOÁ\ \ No newline at end of file diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index a8a9819d..68e90f2e 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -48,9 +48,6 @@ in owner = "matrix-synapse"; publicKeys = all; }; - "matrix/sliding-sync-secret.age" = { - publicKeys = all; - }; "mealie/mail.age" = { publicKeys = all; From 5b66145be378013d673db5b31514437c76991c02 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 28 Oct 2024 10:32:19 +0000 Subject: [PATCH 230/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index fb392a42..249cddd2 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1729551526, - "narHash": "sha256-7LAGY32Xl14OVQp3y6M43/0AtHYYvV6pdyBcp3eoz0s=", + "lastModified": 1729864948, + "narHash": "sha256-CeGSqbN6S8JmzYJX/HqZjr7dMGlvHLLnJJarwB45lPs=", "owner": "nix-community", "repo": "home-manager", - "rev": "5ec753a1fc4454df9285d8b3ec0809234defb975", + "rev": "0c0268a3c80d30b989d0aadbd65f38d4fa27a9a0", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1729413321, - "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=", + "lastModified": 1729665710, + "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26", + "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1729688743, - "narHash": "sha256-Oe1PRxUAXSwRUcRIH+saPgMsIEEm7PfL81+M5IDCqvg=", + "lastModified": 1729868220, + "narHash": "sha256-OxHE1U+FIIaQ50nZpt/VxLH0bokiqsEqAshehlHhOFs=", "owner": "nix-community", "repo": "NUR", - "rev": "2680c1d6af171ee32198c8f2f5dc07ce1d5bd2ea", + "rev": "70b30d23d33ca2acfb267430b08ddf82ff7116b2", "type": "github" }, "original": { From 07552f30705ac3b268cf4f2301d9b28a9ba7089d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 21 Oct 2024 10:06:48 +0000 Subject: [PATCH 231/485] nixos: system: nix: configure GC --- modules/nixos/system/nix/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index ad135390..12a395e0 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -22,6 +22,10 @@ in options.my.system.nix = with lib; { enable = my.mkDisableOption "nix configuration"; + gc = { + enable = my.mkDisableOption "nix GC configuration"; + }; + cache = { selfHosted = my.mkDisableOption "self-hosted cache"; }; @@ -62,6 +66,22 @@ in }; } + (lib.mkIf cfg.gc.enable { + nix.gc = { + automatic = true; + + # Every week, with some wiggle room + dates = "weekly"; + randomizedDelaySec = "10min"; + + # Use a persistent timer for e.g: laptops + persistent = true; + + # Delete old profiles automatically after 15 days + options = "--delete-older-than 15d"; + }; + }) + (lib.mkIf cfg.cache.selfHosted { nix = { settings = { From 8475d92314d9e6e522910e1d96263cfa396881e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 21 Oct 2024 10:07:21 +0000 Subject: [PATCH 232/485] home: nix: configure GC --- modules/home/nix/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index c0bbcc84..c67cc6a1 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -22,6 +22,10 @@ in options.my.home.nix = with lib; { enable = my.mkDisableOption "nix configuration"; + gc = { + enable = my.mkDisableOption "nix GC configuration"; + }; + cache = { selfHosted = my.mkDisableOption "self-hosted cache"; }; @@ -60,6 +64,22 @@ in }; } + (lib.mkIf cfg.gc.enable { + nix.gc = { + automatic = true; + + # Every week, with some wiggle room + frequency = "weekly"; + randomizedDelaySec = "10min"; + + # Use a persistent timer for e.g: laptops + persistent = true; + + # Delete old profiles automatically after 15 days + options = "--delete-older-than 15d"; + }; + }) + (lib.mkIf cfg.cache.selfHosted { nix = { settings = { From 62de2772a40744cd5045a54c3191c373ad849332 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Nov 2024 11:02:35 +0000 Subject: [PATCH 233/485] home: vim: do not italicize comments --- modules/home/vim/init.vim | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 8202cad7..0b546765 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -102,7 +102,11 @@ gruvbox.setup({ DiffText = { fg = colors.yellow, bg = colors.bg0 }, -- Directories "pop" better in blue Directory = { link = "GruvboxBlueBold" }, - } + }, + italic = { + -- Comments should not be italic, for e.g: box drawing + comments = false, + }, }) EOF " Use my preferred colorscheme From 46bd23ff077063827304b9d1555a1a4f267f0c1f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 6 Nov 2024 10:53:58 +0000 Subject: [PATCH 234/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 249cddd2..af4cbfad 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1729864948, - "narHash": "sha256-CeGSqbN6S8JmzYJX/HqZjr7dMGlvHLLnJJarwB45lPs=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "0c0268a3c80d30b989d0aadbd65f38d4fa27a9a0", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1729665710, - "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1729868220, - "narHash": "sha256-OxHE1U+FIIaQ50nZpt/VxLH0bokiqsEqAshehlHhOFs=", + "lastModified": 1730885145, + "narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", "owner": "nix-community", "repo": "NUR", - "rev": "70b30d23d33ca2acfb267430b08ddf82ff7116b2", + "rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1729104314, - "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", + "lastModified": 1730814269, + "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", + "rev": "d70155fdc00df4628446352fc58adc640cd705c2", "type": "github" }, "original": { From 7b42368e2f144cab111d8856928cfc1d21bf0489 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Nov 2024 11:45:11 +0000 Subject: [PATCH 235/485] hosts: nixos: porthos: services: remove tandoor I fully transitioned to using Mealie instead. This reverts commit 493636decb178a23e85c593bd38cbcb1982df8cc. --- hosts/nixos/porthos/services.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index a2339f4e..109b4e5b 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -149,11 +149,6 @@ in }; # Because I still need to play sysadmin ssh-server.enable = true; - # Recipe manager - tandoor-recipes = { - enable = true; - secretKeyFile = secrets."tandoor-recipes/secret-key".path; - }; # Torrent client and webui transmission = { enable = true; From ab8a5daefe9773dbb69fce4667910819f748cb94 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 14 Nov 2024 20:05:06 +0000 Subject: [PATCH 236/485] hosts: porthos: secrets: acme: use OVH API I switched registrar, as OVH was ~4x cheaper. This needs a small change to the module to both refer to OVH instead of Gandi in the documentation, and make use of the correct API. I also needed to disable the propagation check, as it looks like OVH is slower than Gandi, and leads to spurious errors... --- hosts/nixos/porthos/secrets/acme/dns-key.age | 15 ++++++++------- modules/nixos/services/nginx/default.nix | 6 ++++-- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/hosts/nixos/porthos/secrets/acme/dns-key.age b/hosts/nixos/porthos/secrets/acme/dns-key.age index fce2a84c..d7f159eb 100644 --- a/hosts/nixos/porthos/secrets/acme/dns-key.age +++ b/hosts/nixos/porthos/secrets/acme/dns-key.age @@ -1,8 +1,9 @@ age-encryption.org/v1 --> ssh-ed25519 cKojmg bQFr9oAnbo1rI/MpUV8wQz/Xj7iZY4ZU+Swf0nSIQFw -zama2XJ0gdvUlD2GHMhmZqHSxHe+dKSfXnHoWDcSw7Y --> ssh-ed25519 jPowng gitUwSKTNKWLSxnwa185O7x/u0ul93g8wPESdZaKRk8 -uvBIfAUkZp5sg6rfeEGvL5ZDV8m2uSEotW02kjPN3Hw ---- SZxe5f/CUZBvPQa2Sz/UBY3L68rMkIGGRuZPk7YE+Vg -¾r ú&…¥‹{~v?¨}=Ä -}+ ¿SQ’M[²]Œ±k MÒAàtŒÃmMë/£µLsü|Þ…m©CÀñiYC}ƒŽ‡çxŽ€ \ No newline at end of file +-> ssh-ed25519 cKojmg Ec0xt1uJTva8MxUdoTVX5m3uWaIiRlodf345FEM7Uzs +aJIneWFJPB5HVeoUGp57agXih9YeZ6xMEbyQ+zJtWQY +-> ssh-ed25519 jPowng B5XotRgv7s/FUegGhceBj7EoukewNUOIFl4TFRQf1EQ +PgGCBd/Pqwp7ayqi7okHBGF1SfFpwT4KlHJ/np6p2uQ +--- AeLgwGz6k3OABb53cXNaCU/sgI4FlU1s6p8PhAaFOlg +1ÌÉCÔ¹ð¤ŽULfI1¸Hm»Ûòb}m”” ÁÅ¡ìg•ß0¦¢–¤`XG>\>¹8rŽz+Š›Y ™¼`—Ê¢.JBUÏ!z¸Z50ú*õ¡ÙŸ¤×ÖÇ®IôÔ]¹‹Ïå I +ĵ¿–oÒÛ°…g„®„ÒêÁ³Â¿Ÿt’©nƒºãcz[»{ +jçå&ÁõõNæ°Nÿo{õš½‚ -eP¾=L‰™ 6¦.SP:»e¶– \ No newline at end of file diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index e305b295..e5a87ded 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -86,7 +86,7 @@ in type = types.str; example = "/var/lib/acme/creds.env"; description = '' - Gandi API key file as an 'EnvironmentFile' (see `systemd.exec(5)`) + OVH API key file as an 'EnvironmentFile' (see `systemd.exec(5)`) ''; }; }; @@ -281,6 +281,7 @@ in locations."/" = { extraConfig = + # FIXME: check that X-User is dropped otherwise (args.extraConfig.locations."/".extraConfig or "") + '' # Use SSO auth_request /sso-auth; @@ -414,7 +415,8 @@ in { "${domain}" = { extraDomainNames = [ "*.${domain}" ]; - dnsProvider = "gandiv5"; + dnsProvider = "ovh"; + dnsPropagationCheck = false; # OVH is slow inherit (cfg.acme) credentialsFile; }; }; From 138d4d2bd9d7460dbe2bb48c1473c5bf9a07522e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Nov 2024 21:36:11 +0100 Subject: [PATCH 237/485] nixos: services: nextcloud: add collabora This needs to be configured through the "Nextcloud Office" app, specifically the WOPI setting is important for security (I put both the external IP, as well as `::1` and `127.0.0.1`). --- .../nixos/services/nextcloud/collabora.nix | 58 +++++++++++++++++++ modules/nixos/services/nextcloud/default.nix | 4 ++ 2 files changed, 62 insertions(+) create mode 100644 modules/nixos/services/nextcloud/collabora.nix diff --git a/modules/nixos/services/nextcloud/collabora.nix b/modules/nixos/services/nextcloud/collabora.nix new file mode 100644 index 00000000..d62181fb --- /dev/null +++ b/modules/nixos/services/nextcloud/collabora.nix @@ -0,0 +1,58 @@ +# Document editor with Nextcloud +{ config, lib, ... }: +let + cfg = config.my.services.nextcloud.collabora; +in +{ + options.my.services.nextcloud.collabora = with lib; { + enable = mkEnableOption "Collabora integration"; + + port = mkOption { + type = types.port; + default = 9980; + example = 8080; + description = "Internal port for API"; + }; + }; + + config = lib.mkIf cfg.enable { + services.collabora-online = { + enable = true; + inherit (cfg) port; + + aliasGroups = [ + { + host = "https://collabora.${config.networking.domain}"; + # Allow using from nextcloud + aliases = [ "https://${config.services.nextcloud.hostName}" ]; + } + ]; + + settings = { + # Rely on reverse proxy for SSL + ssl = { + enable = false; + termination = true; + }; + }; + }; + + my.services.nginx.virtualHosts = { + collabora = { + inherit (cfg) port; + + extraConfig = { + # Too bad for the repetition... + locations."~ ^/cool/(.*)/ws$" = { + proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}"; + proxyWebsockets = true; + }; + locations."^~ /cool/adminws" = { + proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}"; + proxyWebsockets = true; + }; + }; + }; + }; + }; +} diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index e2c47463..fe941778 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -4,6 +4,10 @@ let cfg = config.my.services.nextcloud; in { + imports = [ + ./collabora.nix + ]; + options.my.services.nextcloud = with lib; { enable = mkEnableOption "Nextcloud"; maxSize = mkOption { From ae230b5df7b17e222e5cebe8fc055c01d0361f24 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Nov 2024 21:38:16 +0100 Subject: [PATCH 238/485] hosts: porthos: services: enable collabora --- hosts/nixos/porthos/services.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 109b4e5b..ffd150a0 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -95,6 +95,9 @@ in nextcloud = { enable = true; passwordFile = secrets."nextcloud/password".path; + collabora = { + enable = true; + }; }; nix-cache = { enable = true; From e9d96138d5b5c6c678e2298618a3faa444bd37a9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 19 Nov 2024 15:46:31 +0000 Subject: [PATCH 239/485] nixos: services: nginx: add 'websocketsLocations' This accounts for the overwhelming majority of my usage of `extraConfig`. --- modules/nixos/services/nginx/default.nix | 44 ++++++++++++++++++------ 1 file changed, 34 insertions(+), 10 deletions(-) diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index e5a87ded..5a372ed7 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -17,6 +17,16 @@ let ''; }; + websocketsLocations = mkOption { + type = with types; listOf str; + default = [ ]; + example = [ "/socket" ]; + description = '' + Which locations on this virtual host should be configured for + websockets. + ''; + }; + port = mkOption { type = with types; nullOr port; default = null; @@ -108,12 +118,7 @@ in }; jellyfin = { port = 8096; - extraConfig = { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; - }; + websocketsLocations = [ "/socket" ]; }; }; description = '' @@ -195,6 +200,19 @@ in } configured. ''; })) + ++ (lib.flip lib.mapAttrsToList cfg.virtualHosts (_: { subdomain, ... } @ args: + let + proxyPass = [ "port" "socket" ]; + proxyPassUsed = lib.any (v: args.${v} != null) proxyPass; + in + { + assertion = args.websocketsLocations != [ ] -> proxyPassUsed; + message = '' + Subdomain '${subdomain}' can only use 'websocketsLocations' with one of ${ + lib.concatStringsSep ", " (builtins.map (v: "'${v}'") proxyPass) + }. + ''; + })) ++ ( let ports = lib.my.mapFilter @@ -241,6 +259,14 @@ in virtualHosts = let domain = config.networking.domain; + mkProxyPass = { websocketsLocations, ... }: proxyPass: + let + websockets = lib.genAttrs websocketsLocations (_: { + inherit proxyPass; + proxyWebsockets = true; + }); + in + { "/" = { inherit proxyPass; }; } // websockets; mkVHost = ({ subdomain, ... } @ args: lib.nameValuePair "${subdomain}.${domain}" (lib.my.recursiveMerge [ @@ -251,8 +277,7 @@ in } # Proxy to port (lib.optionalAttrs (args.port != null) { - locations."/".proxyPass = - "http://127.0.0.1:${toString args.port}"; + locations = mkProxyPass args "http://127.0.0.1:${toString args.port}"; }) # Serve filesystem content (lib.optionalAttrs (args.root != null) { @@ -260,8 +285,7 @@ in }) # Serve to UNIX socket (lib.optionalAttrs (args.socket != null) { - locations."/".proxyPass = - "http://unix:${args.socket}"; + locations = mkProxyPass args "http://unix:${args.socket}"; }) # Redirect to a different domain (lib.optionalAttrs (args.redirect != null) { From 6a1a35a3840bc40cc095a6e98702b705e67aa43f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 19 Nov 2024 15:49:31 +0000 Subject: [PATCH 240/485] nixos: services: migrate to 'websocketsLocations' --- modules/nixos/services/aria/default.nix | 4 +--- .../nixos/services/audiobookshelf/default.nix | 4 +--- modules/nixos/services/jellyfin/default.nix | 6 +----- modules/nixos/services/nextcloud/collabora.nix | 16 ++++------------ modules/nixos/services/paperless/default.nix | 6 +----- 5 files changed, 8 insertions(+), 28 deletions(-) diff --git a/modules/nixos/services/aria/default.nix b/modules/nixos/services/aria/default.nix index 2d1b3e2e..acbf0b73 100644 --- a/modules/nixos/services/aria/default.nix +++ b/modules/nixos/services/aria/default.nix @@ -65,9 +65,7 @@ in aria-rpc = { port = cfg.rpcPort; # Proxy websockets for RPC - extraConfig = { - locations."/".proxyWebsockets = true; - }; + websocketsLocations = [ "/" ]; }; }; diff --git a/modules/nixos/services/audiobookshelf/default.nix b/modules/nixos/services/audiobookshelf/default.nix index da9ec555..04ec8b91 100644 --- a/modules/nixos/services/audiobookshelf/default.nix +++ b/modules/nixos/services/audiobookshelf/default.nix @@ -30,9 +30,7 @@ in audiobookshelf = { inherit (cfg) port; # Proxy websockets for RPC - extraConfig = { - locations."/".proxyWebsockets = true; - }; + websocketsLocations = [ "/" ]; }; }; diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index e8910a59..6edeb671 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -27,17 +27,13 @@ in my.services.nginx.virtualHosts = { jellyfin = { port = 8096; + websocketsLocations = [ "/socket" ]; extraConfig = { locations."/" = { extraConfig = '' proxy_buffering off; ''; }; - # Too bad for the repetition... - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; }; }; }; diff --git a/modules/nixos/services/nextcloud/collabora.nix b/modules/nixos/services/nextcloud/collabora.nix index d62181fb..f8f42a77 100644 --- a/modules/nixos/services/nextcloud/collabora.nix +++ b/modules/nixos/services/nextcloud/collabora.nix @@ -40,18 +40,10 @@ in my.services.nginx.virtualHosts = { collabora = { inherit (cfg) port; - - extraConfig = { - # Too bad for the repetition... - locations."~ ^/cool/(.*)/ws$" = { - proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}"; - proxyWebsockets = true; - }; - locations."^~ /cool/adminws" = { - proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}"; - proxyWebsockets = true; - }; - }; + websocketsLocations = [ + "~ ^/cool/(.*)/ws$" + "^~ /cool/adminws" + ]; }; }; }; diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index f62879ab..eceae1cf 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -152,11 +152,7 @@ in sso = { enable = true; }; - - # Enable websockets on root - extraConfig = { - locations."/".proxyWebsockets = true; - }; + websocketsLocations = [ "/" ]; }; }; From 60050113bc6a167449a56f0a17f2820e776f97bf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 19 Nov 2024 15:53:19 +0000 Subject: [PATCH 241/485] nixos: services: nginx: modify example Now that `websocketLocations` exists, it makes little sense to use `proxyWebsockets` in an example, so use a different one. --- modules/nixos/services/nginx/default.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 5a372ed7..3bba9f4e 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -70,10 +70,13 @@ let extraConfig = mkOption { type = types.attrs; # FIXME: forward type of virtualHosts example = { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; + extraConfig = '' + add_header X-Clacks-Overhead "GNU Terry Pratchett"; + ''; + + locations."/".extraConfig = '' + client_max_body_size 1G; + ''; }; default = { }; description = '' From 2ffbc13513088245c5bdfa680a34eeb40468fbf1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 20 Nov 2024 21:05:16 +0100 Subject: [PATCH 242/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index af4cbfad..fd8354fb 100644 --- a/flake.lock +++ b/flake.lock @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1730837930, - "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", + "lastModified": 1732025103, + "narHash": "sha256-qjEI64RKvDxRyEarY0jTzrZMa8ebezh2DEZmJJrpVdo=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", + "rev": "a46e702093a5c46e192243edbd977d5749e7f294", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730785428, - "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", + "lastModified": 1732014248, + "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", + "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1730885145, - "narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", + "lastModified": 1732131502, + "narHash": "sha256-kWc3mjgEUh+2xzaluNxLMvEHRkfJ37pRBtXcwekKefM=", "owner": "nix-community", "repo": "NUR", - "rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", + "rev": "13b44543c4e5d20bb2976ddde846c7341e4c41dd", "type": "github" }, "original": { @@ -194,11 +194,11 @@ ] }, "locked": { - "lastModified": 1730814269, - "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", + "lastModified": 1732021966, + "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "d70155fdc00df4628446352fc58adc640cd705c2", + "rev": "3308484d1a443fc5bc92012435d79e80458fe43c", "type": "github" }, "original": { From 7f0cd6612eccf07046df860650f2f95ad85fea95 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 14 Nov 2024 21:29:24 +0100 Subject: [PATCH 243/485] nixos: services: paperless: remove MKL work-around Instead, rely on the upstream service's work-around [1]. This will reduce the amount of package builds I need to do when updating my server... [1]: https://github.com/NixOS/nixpkgs/pull/299008 This reverts commit e2ec4d3032ee3d3dc3be935b0e2af9ad7ff0c511. --- modules/nixos/services/paperless/default.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index eceae1cf..321dfa3a 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.services.paperless; in @@ -80,9 +80,6 @@ in # Misc PAPERLESS_TIME_ZONE = config.time.timeZone; PAPERLESS_ADMIN_USER = cfg.username; - - # Fix classifier hangs - LD_LIBRARY_PATH = "${lib.getLib pkgs.mkl}/lib"; }; # Admin password From 6a5c4a627aa9b26a7aeb7e324ae9b3b533f9a04f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Nov 2024 13:31:08 +0100 Subject: [PATCH 244/485] nixos: services: pyload: add fail2ban jail --- modules/nixos/services/pyload/default.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/pyload/default.nix b/modules/nixos/services/pyload/default.nix index 88889bf8..7257d0f5 100644 --- a/modules/nixos/services/pyload/default.nix +++ b/modules/nixos/services/pyload/default.nix @@ -53,6 +53,20 @@ in }; }; - # FIXME: fail2ban + services.fail2ban.jails = { + pyload = '' + enabled = true + filter = pyload + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/pyload.conf".text = '' + [Definition] + failregex = ^.*Login failed for user '.*' \[CLIENT: \]$ + journalmatch = _SYSTEMD_UNIT=pyload.service + ''; + }; }; } From fe49e470269f9f8a2445e7ce6f219a4fd6d18561 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Nov 2024 12:02:29 +0000 Subject: [PATCH 245/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index fd8354fb..cd3f50ca 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1732025103, - "narHash": "sha256-qjEI64RKvDxRyEarY0jTzrZMa8ebezh2DEZmJJrpVdo=", + "lastModified": 1732482255, + "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=", "owner": "nix-community", "repo": "home-manager", - "rev": "a46e702093a5c46e192243edbd977d5749e7f294", + "rev": "a9953635d7f34e7358d5189751110f87e3ac17da", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1732131502, - "narHash": "sha256-kWc3mjgEUh+2xzaluNxLMvEHRkfJ37pRBtXcwekKefM=", + "lastModified": 1732704680, + "narHash": "sha256-x3NlO2qzuobU9BrynzydX7X9oskJpysv7BI7DJ5cVSE=", "owner": "nix-community", "repo": "NUR", - "rev": "13b44543c4e5d20bb2976ddde846c7341e4c41dd", + "rev": "31a30f0862fd8b5f88a6597382bb09197356b19e", "type": "github" }, "original": { From e39fef275c2eee50708080e932ae48bb1845c997 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Nov 2024 12:05:41 +0000 Subject: [PATCH 246/485] nixos: services: paperless: use 'environmentFile' That way I don't have to configure all services to make use of it. Someday I'll find the will to add the `postgresql.service` dependency upstream, truly removing the need to configure any service at all. --- modules/nixos/services/paperless/default.nix | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index 321dfa3a..c8967e11 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -84,43 +84,30 @@ in # Admin password passwordFile = cfg.passwordFile; + + # Secret key + environmentFile = cfg.secretKeyFile; }; systemd.services = { paperless-scheduler = { requires = [ "postgresql.service" ]; after = [ "postgresql.service" ]; - - serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; - }; }; paperless-consumer = { requires = [ "postgresql.service" ]; after = [ "postgresql.service" ]; - - serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; - }; }; paperless-web = { requires = [ "postgresql.service" ]; after = [ "postgresql.service" ]; - - serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; - }; }; paperless-task-queue = { requires = [ "postgresql.service" ]; after = [ "postgresql.service" ]; - - serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; - }; }; }; From f2168378fc1b658eeb24ec364953c4160de041f7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Nov 2024 15:12:10 +0000 Subject: [PATCH 247/485] home: direnv: lib: also watch '.python-version' It's used by `uv` as a kind of configuration file, so watch it as well. --- modules/home/direnv/lib/python.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index 780fbe64..b4b2bcef 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -53,4 +53,5 @@ layout_uv() { PATH_add "$VIRTUAL_ENV/bin" watch_file pyproject.toml watch_file uv.lock + watch_file .python-version } From 83da7ba9c8c8d54b8fd7585ee009505e9a36dafa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 11:24:30 +0000 Subject: [PATCH 248/485] home: tmux: explicitly disable mouse support It's disabled by default, but make it explicit :-). --- modules/home/tmux/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 71ce4caa..dc7fed1c 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -47,6 +47,7 @@ in clock24 = true; # I'm one of those heathens escapeTime = 0; # Let vim do its thing instead historyLimit = 100000; # Bigger buffer + mouse = false; # I dislike mouse support terminal = "tmux-256color"; # I want accurate termcap info plugins = with pkgs.tmuxPlugins; [ From e8a41187e75b84cee2aae14663bb4fd5229e256d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 12:05:45 +0000 Subject: [PATCH 249/485] home: xdg: create 'HISTFILE' parent directory In fbd3b70d61bd733af033545d4cfe4809fbb068a3, I forgot to modify the `.keep` file to be created in `$XDG_STATE_HOME/bash/`. --- modules/home/xdg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 270200e7..e4c1887d 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -30,11 +30,11 @@ in }; # A tidy home is a tidy mind dataFile = { - "bash/.keep".text = ""; "gdb/.keep".text = ""; "tig/.keep".text = ""; }; stateFile = { + "bash/.keep".text = ""; "python/.keep".text = ""; }; }; From 8b61af1ac3cff8450234534b29420a51aa4b9de5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 12:07:07 +0000 Subject: [PATCH 250/485] home: xdg: remove 'gdb' directory I have an actual module to configure `gdb`, and it uses `$XDG_STATE_HOME` anyway... --- modules/home/xdg/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index e4c1887d..479ba1ef 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -30,7 +30,6 @@ in }; # A tidy home is a tidy mind dataFile = { - "gdb/.keep".text = ""; "tig/.keep".text = ""; }; stateFile = { From da3c29bbafe60b2e30172a6c5da452b2efeb8a34 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 12:07:50 +0000 Subject: [PATCH 251/485] home: xdg: add comment about 'tig' To explain why I didn't modify it as part of my `$XDG_STATE_HOME` migration in fbd3b70d61bd733af033545d4cfe4809fbb068a3. --- modules/home/xdg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 479ba1ef..803167fa 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -30,7 +30,7 @@ in }; # A tidy home is a tidy mind dataFile = { - "tig/.keep".text = ""; + "tig/.keep".text = ""; # `tig` uses `XDG_DATA_HOME` specifically... }; stateFile = { "bash/.keep".text = ""; From b38658405ad50a54876c5c7537e6f1815542c83c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 12:17:31 +0000 Subject: [PATCH 252/485] home: tmux: add binding to refresh configuration Don't rely on `tmux-sensible` to set it up. --- modules/home/tmux/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index dc7fed1c..23dff051 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -81,6 +81,9 @@ in ]; extraConfig = '' + # Refresh configuration + bind-key -N "Source tmux.conf" R source-file ${config.xdg.configHome}/tmux/tmux.conf \; display-message "Sourced tmux.conf!" + # Better vim mode bind-key -T copy-mode-vi 'v' send -X begin-selection ${ From 98c90d77c51b74dc5888c7e0647fdd9f35511964 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 12:50:29 +0000 Subject: [PATCH 253/485] home: tmux: add sloppy window switching bindings Another set of bindings which were setup by `tmux-sensible`, that I want to enable explicitly to avoid issues when it is disabled by default. --- modules/home/tmux/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 23dff051..bb23b441 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -84,6 +84,10 @@ in # Refresh configuration bind-key -N "Source tmux.conf" R source-file ${config.xdg.configHome}/tmux/tmux.conf \; display-message "Sourced tmux.conf!" + # Accept sloppy Ctrl key when switching windows, on top of default mapping + bind-key -N "Select the previous window" C-p previous-window + bind-key -N "Select the next window" C-n next-window + # Better vim mode bind-key -T copy-mode-vi 'v' send -X begin-selection ${ From c74acda957fb2fb86560e7507390b482b2705ebf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Nov 2024 19:58:50 +0000 Subject: [PATCH 254/485] nixos: system: packages: remove 'wget' --- modules/nixos/system/packages/default.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/nixos/system/packages/default.nix b/modules/nixos/system/packages/default.nix index ebea06f8..6a78ff66 100644 --- a/modules/nixos/system/packages/default.nix +++ b/modules/nixos/system/packages/default.nix @@ -1,5 +1,5 @@ # Common packages -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.system.packages; in @@ -13,10 +13,6 @@ in }; config = lib.mkIf cfg.enable { - environment.systemPackages = with pkgs; [ - wget - ]; - programs = { vim = { enable = true; From 3ac85b87623fb4d64c93c996d21ffac7fd832979 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 29 Nov 2024 14:29:32 +0000 Subject: [PATCH 255/485] home: packages: add 'tree' --- modules/home/packages/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/packages/default.nix b/modules/home/packages/default.nix index 1362a060..b0f8d674 100644 --- a/modules/home/packages/default.nix +++ b/modules/home/packages/default.nix @@ -26,6 +26,7 @@ in fd file ripgrep + tree ] ++ cfg.additionalPackages); nixpkgs.config = { From baa853477d78bfd63cbed78c1d9e703a4d8c3d9d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 2 Dec 2024 20:36:37 +0000 Subject: [PATCH 256/485] nixos: hardware: sound: remove ALSA `sound.enable` was removed from the latest release, and is unnecessary with PulseAudio. --- modules/nixos/hardware/sound/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/nixos/hardware/sound/default.nix b/modules/nixos/hardware/sound/default.nix index e8ba7f71..1cf12cb4 100644 --- a/modules/nixos/hardware/sound/default.nix +++ b/modules/nixos/hardware/sound/default.nix @@ -54,9 +54,6 @@ in # Pulseaudio setup (lib.mkIf cfg.pulse.enable { - # ALSA - sound.enable = true; - hardware.pulseaudio.enable = true; }) ]); From ad1cfbd6f03e0b38f690d8563af02c1c04d8b731 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 3 Dec 2024 10:43:09 +0000 Subject: [PATCH 257/485] flake: bump inputs Allow-list the build inputs for `sonarr` until the package is fixed upstream [1]. [1]: https://github.com/NixOS/nixpkgs/issues/360592 --- flake.lock | 18 +++++++++--------- modules/nixos/services/servarr/default.nix | 10 ++++++++++ 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index cd3f50ca..0aeab376 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1732482255, - "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=", + "lastModified": 1733175814, + "narHash": "sha256-zFOtOaqjzZfPMsm1mwu98syv3y+jziAq5DfWygaMtLg=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9953635d7f34e7358d5189751110f87e3ac17da", + "rev": "bf23fe41082aa0289c209169302afd3397092f22", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1732521221, - "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", + "lastModified": 1733015953, + "narHash": "sha256-t4BBVpwG9B4hLgc6GUBuj3cjU7lP/PJfpTHuSqE+crk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", + "rev": "ac35b104800bff9028425fec3b6e8a41de2bbfff", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1732704680, - "narHash": "sha256-x3NlO2qzuobU9BrynzydX7X9oskJpysv7BI7DJ5cVSE=", + "lastModified": 1733215745, + "narHash": "sha256-RIlhnKlObJ1sEdzBP6Nuy4jLUiQnmWWXVsRHRbv6SzY=", "owner": "nix-community", "repo": "NUR", - "rev": "31a30f0862fd8b5f88a6597382bb09197356b19e", + "rev": "251d756a74e67bda25d89327b01a3da19dddabae", "type": "github" }, "original": { diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index e25d9cfd..4aa0de71 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -96,5 +96,15 @@ in # Sonarr for shows (mkFullConfig "sonarr") (mkFail2Ban "sonarr") + + # HACK: until https://github.com/NixOS/nixpkgs/issues/360592 is resolved + (lib.mkIf cfg.sonarr.enable { + nixpkgs.config.permittedInsecurePackages = [ + "aspnetcore-runtime-6.0.36" + "aspnetcore-runtime-wrapped-6.0.36" + "dotnet-sdk-6.0.428" + "dotnet-sdk-wrapped-6.0.428" + ]; + }) ]); } From 35c547a090afdf77a1fb42125170649ef1247ab8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 3 Dec 2024 10:43:33 +0000 Subject: [PATCH 258/485] home: tmux: enable focus events Since `tmux-sensible` was disabled by default, we should enable this explicitly now. --- modules/home/tmux/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index bb23b441..ae8b8f06 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -48,6 +48,7 @@ in escapeTime = 0; # Let vim do its thing instead historyLimit = 100000; # Bigger buffer mouse = false; # I dislike mouse support + focusEvents = true; # Report focus events terminal = "tmux-256color"; # I want accurate termcap info plugins = with pkgs.tmuxPlugins; [ From 19120bca2943d5a03d9116bc547f89197059694b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 8 Dec 2024 16:08:48 -0500 Subject: [PATCH 259/485] nixos: hardware: graphics: use 'initrd' option --- modules/nixos/hardware/graphics/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/nixos/hardware/graphics/default.nix b/modules/nixos/hardware/graphics/default.nix index 89bb1cd2..7d8b359c 100644 --- a/modules/nixos/hardware/graphics/default.nix +++ b/modules/nixos/hardware/graphics/default.nix @@ -33,9 +33,8 @@ in # AMD GPU (lib.mkIf (cfg.gpuFlavor == "amd") { - boot.initrd.kernelModules = lib.mkIf cfg.amd.enableKernelModule [ "amdgpu" ]; - hardware.amdgpu = { + initrd.enable = cfg.amd.enableKernelModule; # Vulkan amdvlk = lib.mkIf cfg.amd.amdvlk { enable = true; From cb5eb68d35ce1a70c8d7b8560b23586f065c79e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 11 Dec 2024 00:46:47 +0100 Subject: [PATCH 260/485] flake: bump inputs And fix deprecated NUR overlay attribute. --- flake.lock | 60 +++++++++++++++++++++++++++++++----------- flake.nix | 4 +++ flake/home-manager.nix | 2 +- flake/nixos.nix | 2 +- 4 files changed, 51 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 0aeab376..0db428a8 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1730504689, - "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "506278e768c2a08bec68eb62932193e341f55c90", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1733175814, - "narHash": "sha256-zFOtOaqjzZfPMsm1mwu98syv3y+jziAq5DfWygaMtLg=", + "lastModified": 1733873195, + "narHash": "sha256-dTosiZ3sZ/NKoLKQ++v8nZdEHya0eTNEsaizNp+MUPM=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf23fe41082aa0289c209169302afd3397092f22", + "rev": "f26aa4b76fb7606127032d33ac73d7d507d82758", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1733015953, - "narHash": "sha256-t4BBVpwG9B4hLgc6GUBuj3cjU7lP/PJfpTHuSqE+crk=", + "lastModified": 1733759999, + "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ac35b104800bff9028425fec3b6e8a41de2bbfff", + "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56", "type": "github" }, "original": { @@ -167,12 +167,21 @@ } }, "nur": { + "inputs": { + "flake-parts": [ + "flake-parts" + ], + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, "locked": { - "lastModified": 1733215745, - "narHash": "sha256-RIlhnKlObJ1sEdzBP6Nuy4jLUiQnmWWXVsRHRbv6SzY=", + "lastModified": 1733873876, + "narHash": "sha256-6YHWh0+E74hBiH0N+LeZPSWRvbmudF6mtEtFpRo3LWc=", "owner": "nix-community", "repo": "NUR", - "rev": "251d756a74e67bda25d89327b01a3da19dddabae", + "rev": "77c8486c65517272727884ca62b9322092f4f643", "type": "github" }, "original": { @@ -194,11 +203,11 @@ ] }, "locked": { - "lastModified": 1732021966, - "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=", + "lastModified": 1733665616, + "narHash": "sha256-+XTFXYlFJBxohhMGLDpYdEnhUNdxN8dyTA8WAd+lh2A=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "3308484d1a443fc5bc92012435d79e80458fe43c", + "rev": "d8c02f0ffef0ef39f6063731fc539d8c71eb463a", "type": "github" }, "original": { @@ -235,6 +244,27 @@ "repo": "default", "type": "github" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nur", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733222881, + "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "49717b5af6f80172275d47a418c9719a31a78b53", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index a07ee154..f0bb79c7 100644 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,10 @@ owner = "nix-community"; repo = "NUR"; ref = "master"; + inputs = { + flake-parts.follows = "flake-parts"; + nixpkgs.follows = "nixpkgs"; + }; }; pre-commit-hooks = { diff --git a/flake/home-manager.nix b/flake/home-manager.nix index 34af3753..add889eb 100644 --- a/flake/home-manager.nix +++ b/flake/home-manager.nix @@ -25,7 +25,7 @@ let inherit system; overlays = (lib.attrValues self.overlays) ++ [ - inputs.nur.overlay + inputs.nur.overlays.default ]; }; diff --git a/flake/nixos.nix b/flake/nixos.nix index b48b551d..fa656dc0 100644 --- a/flake/nixos.nix +++ b/flake/nixos.nix @@ -7,7 +7,7 @@ let } { nixpkgs.overlays = (lib.attrValues self.overlays) ++ [ - inputs.nur.overlay + inputs.nur.overlays.default ]; } # Include generic settings From c5a375d1657cac9ed2b2aa449c9380298a390ad7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 11 Dec 2024 00:48:54 +0100 Subject: [PATCH 261/485] nixos: services: paperless: use automatic DB setup That way I don't have to worry about the `postgresql.service` dependency anymore :-). --- modules/nixos/services/paperless/default.nix | 40 ++------------------ 1 file changed, 3 insertions(+), 37 deletions(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index c8967e11..63f456b2 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -61,11 +61,6 @@ in PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER"; - # Use PostgreSQL - PAPERLESS_DBHOST = "/run/postgresql"; - PAPERLESS_DBUSER = "paperless"; - PAPERLESS_DBNAME = "paperless"; - # Security settings PAPERLESS_ALLOWED_HOSTS = paperlessDomain; PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}"; @@ -87,40 +82,11 @@ in # Secret key environmentFile = cfg.secretKeyFile; - }; - systemd.services = { - paperless-scheduler = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; + # Automatic PostgreSQL provisioning + database = { + createLocally = true; }; - - paperless-consumer = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; - }; - - paperless-web = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; - }; - - paperless-task-queue = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; - }; - }; - - # Set-up database - services.postgresql = { - enable = true; - ensureDatabases = [ "paperless" ]; - ensureUsers = [ - { - name = "paperless"; - ensureDBOwnership = true; - } - ]; }; # Set-up media group From b2d2ff179840437f5659102c03356a112c2c24df Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 16 Dec 2024 00:19:31 +0100 Subject: [PATCH 262/485] nixos: services: postgres: fix renamed option --- modules/nixos/services/postgresql/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index bbe46d42..3dcf6d13 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -27,11 +27,11 @@ in oldPackage = if pgCfg.enableJIT then pgCfg.package.withJIT else pgCfg.package; oldData = pgCfg.dataDir; - oldBin = "${if pgCfg.extraPlugins == [] then oldPackage else oldPackage.withPackages pgCfg.extraPlugins}/bin"; + oldBin = "${if pgCfg.extensions == [] then oldPackage else oldPackage.withPackages pgCfg.extensions}/bin"; newPackage = if pgCfg.enableJIT then newPackage'.withJIT else newPackage'; newData = "/var/lib/postgresql/${newPackage.psqlSchema}"; - newBin = "${if pgCfg.extraPlugins == [] then newPackage else newPackage.withPackages pgCfg.extraPlugins}/bin"; + newBin = "${if pgCfg.extensions == [] then newPackage else newPackage.withPackages pgCfg.extensions}/bin"; in [ (pkgs.writeScriptBin "upgrade-pg-cluster" '' From dec5dabf02ed6a901f9f9feb97ffcd8973e54237 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 16 Dec 2024 00:20:18 +0100 Subject: [PATCH 263/485] modules: services: postgres: upgrade version --- modules/nixos/services/postgresql/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index 3dcf6d13..1dca1644 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -14,7 +14,7 @@ in # Let other services enable postgres when they need it (lib.mkIf cfg.enable { services.postgresql = { - package = pkgs.postgresql_13; + package = pkgs.postgresql_17; }; }) @@ -23,7 +23,7 @@ in environment.systemPackages = let pgCfg = config.services.postgresql; - newPackage' = pkgs.postgresql_13; + newPackage' = pkgs.postgresql_17; oldPackage = if pgCfg.enableJIT then pgCfg.package.withJIT else pgCfg.package; oldData = pgCfg.dataDir; From 747b344b766e22ac7bb3ba4152db60de49cd12be Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 15 Dec 2024 17:50:43 -0500 Subject: [PATCH 264/485] pkgs: remove 'cgt-calc' It's been merged upstream. --- pkgs/cgt-calc/default.nix | 47 --------------------------------------- pkgs/default.nix | 2 -- 2 files changed, 49 deletions(-) delete mode 100644 pkgs/cgt-calc/default.nix diff --git a/pkgs/cgt-calc/default.nix b/pkgs/cgt-calc/default.nix deleted file mode 100644 index 9966944a..00000000 --- a/pkgs/cgt-calc/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ lib -, fetchFromGitHub -, python3Packages -, withTeXLive ? true -, texliveSmall -}: -python3Packages.buildPythonApplication rec { - pname = "cgt-calc"; - version = "1.13.0"; - pyproject = true; - - src = fetchFromGitHub { - owner = "KapJI"; - repo = "capital-gains-calculator"; - rev = "v${version}"; - hash = "sha256-y/Y05wG89nccXyxfjqazyPJhd8dOkfwRJre+Rzx97Hw="; - }; - - build-system = with python3Packages; [ - poetry-core - ]; - - dependencies = with python3Packages; [ - defusedxml - jinja2 - pandas - requests - types-requests - yfinance - ]; - - makeWrapperArgs = lib.optionals withTeXLive [ - "--prefix" - "PATH" - ":" - "${lib.getBin texliveSmall}/bin" - ]; - - meta = with lib; { - description = "UK capital gains tax calculator"; - homepage = "https://github.com/KapJI/capital-gains-calculator"; - license = with licenses; [ mit ]; - mainProgram = "cgt-calc"; - maintainers = with maintainers; [ ambroisie ]; - platforms = platforms.unix; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index 949bcf78..6b7fce11 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,8 +2,6 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; - cgt-calc = pkgs.callPackage ./cgt-calc { }; - change-audio = pkgs.callPackage ./change-audio { }; change-backlight = pkgs.callPackage ./change-backlight { }; From 92e5fbe7df0c74a33baccfdb9fc82859217e0b3a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:12:46 -0500 Subject: [PATCH 265/485] overlays: add 'lsp-format-nvim-indentation' To fix the issue I reported upstream [1]. [1]: https://github.com/lukas-reineke/lsp-format.nvim/issues/94 --- overlays/lsp-format-nvim-indentation/default.nix | 4 ++++ overlays/lsp-format-nvim-indentation/generated.nix | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 overlays/lsp-format-nvim-indentation/default.nix create mode 100644 overlays/lsp-format-nvim-indentation/generated.nix diff --git a/overlays/lsp-format-nvim-indentation/default.nix b/overlays/lsp-format-nvim-indentation/default.nix new file mode 100644 index 00000000..832e71de --- /dev/null +++ b/overlays/lsp-format-nvim-indentation/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/lsp-format-nvim-indentation/generated.nix b/overlays/lsp-format-nvim-indentation/generated.nix new file mode 100644 index 00000000..19022078 --- /dev/null +++ b/overlays/lsp-format-nvim-indentation/generated.nix @@ -0,0 +1,14 @@ +{ fetchpatch, ... }: + +_final: prev: { + lsp-format-nvim = prev.lsp-format-nvim.overrideAttrs (oa: { + patches = (oa.patches or [ ]) ++ [ + # https://github.com/lukas-reineke/lsp-format.nvim/issues/94 + (fetchpatch { + name = "use-effective-indentation"; + url = "https://github.com/liskin/lsp-format.nvim/commit/3757ac443bdf5bd166673833794553229ee8d939.patch"; + hash = "sha256-Dv+TvXrU/IrrPxz2MSPbLmRxch+qkHbI3AyFMj/ssDk="; + }) + ]; + }); +} From 322fbc970b12c187eb32a3c6ea57fe81cb4625db Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:14:16 -0500 Subject: [PATCH 266/485] home: vim: lsp: rely on 'bashls' formatting I finally figured out why I was getting the wrong indentation, turns out it was an issue in `lsp-format.nvim`. With that fixed/worked around, I can now rely completely on `bash-language-server` for formatting. I'll also rely on `shfmt` automatically detecting the type of file, as (Neo)Vim cannot be made to reliably set `ft=bash` for Bash scripts and `ft=sh` for POSIX shell. Finally, I removed spaces after redirections, I've now come around to liking the default (no spaces) better. --- .../home/vim/plugin/settings/lspconfig.lua | 10 +++++++ modules/home/vim/plugin/settings/null-ls.lua | 26 ------------------- 2 files changed, 10 insertions(+), 26 deletions(-) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 9e9425c5..1f9abfd9 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -74,6 +74,16 @@ if utils.is_executable("bash-language-server") then filetypes = { "bash", "sh", "zsh" }, capabilities = capabilities, on_attach = lsp.on_attach, + settings = { + bashIde = { + shfmt = { + -- Simplify the code + simplifyCode = true, + -- Indent switch cases + caseIndent = true, + }, + }, + }, }) end diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index eadf16a1..258a2094 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -46,29 +46,3 @@ null_ls.register({ condition = utils.is_executable_condition("isort"), }), }) - --- Shell (non-POSIX) -null_ls.register({ - null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, - -- add space after redirection, use bash dialect - extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, - -- Restrict to bash and zsh - filetypes = { "bash", "zsh" }, - -- Only used if available - condition = utils.is_executable_condition("shfmt"), - }), -}) - --- Shell (POSIX) -null_ls.register({ - null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, - -- add space after redirection, use POSIX - extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" }, - -- Restrict to POSIX sh - filetypes = { "sh" }, - -- Only used if available - condition = utils.is_executable_condition("shfmt"), - }), -}) From f4f1aad1c08bc232908cb8ce3e3ee2a0b6c38645 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:33:22 -0500 Subject: [PATCH 267/485] pkgs: fix shell formatting Ran `shfmt --write --indent 4 --simplify --case-indent`, in accordance with my editor settings. --- pkgs/bw-pass/bw-pass | 2 +- pkgs/change-audio/change-audio | 2 +- pkgs/diff-flake/diff-flake | 14 +++++++------- pkgs/osc52/osc52 | 2 +- pkgs/osc777/osc777 | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/pkgs/bw-pass/bw-pass b/pkgs/bw-pass/bw-pass index 124714ad..0e974b70 100755 --- a/pkgs/bw-pass/bw-pass +++ b/pkgs/bw-pass/bw-pass @@ -66,7 +66,7 @@ query_password() { printf '%s\n' "$PASSWORD" } -if [ $# -lt 1 ] || [ $# -gt 2 ]; then +if [ $# -lt 1 ] || [ $# -gt 2 ]; then usage exit 1 fi diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio index 612fecf6..5a1fb9cd 100755 --- a/pkgs/change-audio/change-audio +++ b/pkgs/change-audio/change-audio @@ -62,7 +62,7 @@ do_toggle() { } case "$1" in - up|down) + up | down) do_change_volume "$@" ;; toggle) diff --git a/pkgs/diff-flake/diff-flake b/pkgs/diff-flake/diff-flake index 0572b4ef..a2a35131 100755 --- a/pkgs/diff-flake/diff-flake +++ b/pkgs/diff-flake/diff-flake @@ -81,23 +81,23 @@ parse_args() { shift case "$opt" in - -h|--help) + -h | --help) usage exit ;; - -f|--flake-output) + -f | --flake-output) FLAKE_OUTPUTS+=("$1") shift ;; - -o|--output) + -o | --output) OUTPUT_FILE="$1" shift ;; - -n|--new-rev) + -n | --new-rev) NEW_REV="$(git rev-parse "$1")" shift ;; - -p|--previous-rev) + -p | --previous-rev) PREVIOUS_REV="$(git rev-parse "$1")" shift ;; @@ -157,7 +157,7 @@ list_dev_shells() { } diff_output() { - local PREV NEW; + local PREV NEW PREV="$(mktemp --dry-run)" NEW="$(mktemp --dry-run)" @@ -169,7 +169,7 @@ diff_output() { printf 'Closure diff for `%s`:\n```\n' "$1" nix store diff-closures "$PREV" "$NEW" | sanitize_output printf '```\n\n' - } >> "$OUTPUT_FILE" + } >>"$OUTPUT_FILE" } parse_args "$@" diff --git a/pkgs/osc52/osc52 b/pkgs/osc52/osc52 index f64ccb67..de3a982e 100755 --- a/pkgs/osc52/osc52 +++ b/pkgs/osc52/osc52 @@ -15,7 +15,7 @@ usage() { exec 1>&2 fi - cat << EOF + cat <&2 fi - cat << EOF + cat < Send a notification (title and message) to the host system using the OSC 777 escape sequence: From c75a307c58f3280fa326f764a1517a04e37898ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:39:15 -0500 Subject: [PATCH 268/485] home: wm: i3: fix 'pavucontrol' float --- modules/home/wm/i3/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index c4328647..ec4f87fc 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -127,7 +127,7 @@ in { class = "^Blueman-.*$"; } { title = "^htop$"; } { class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; } - { class = "^Pavucontrol.*$"; } + { class = "^pavucontrol.*$"; } { class = "^Arandr$"; } { class = ".?blueman-manager.*$"; } ]; From ead8101b8d94e88dd648a694d117bc8f4f10fcd7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:45:52 -0500 Subject: [PATCH 269/485] home: wm: i3: match 'blueman' float explicitly This is more of a work-around due to the wrapper in nixpkgs' packaging of that application, so might as well make that explicit and narrow. --- modules/home/wm/i3/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index ec4f87fc..92d13817 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -129,7 +129,7 @@ in { class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; } { class = "^pavucontrol.*$"; } { class = "^Arandr$"; } - { class = ".?blueman-manager.*$"; } + { class = "^\\.blueman-manager-wrapped$"; } ]; }; From b7b6705391fccf00ca277f57bb8b730fc0e78bf1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 18 Dec 2024 20:47:24 -0500 Subject: [PATCH 270/485] home: wm: i3: make 'arandr' float Another work-around due to a wrapper in nixpkgs. --- modules/home/wm/i3/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index 92d13817..029a14ba 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -130,6 +130,7 @@ in { class = "^pavucontrol.*$"; } { class = "^Arandr$"; } { class = "^\\.blueman-manager-wrapped$"; } + { class = "^\\.arandr-wrapped$"; } ]; }; From 5cae5632d31be145211fb927eed6af24216db3b8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 21 Dec 2024 17:06:37 -0500 Subject: [PATCH 271/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 0db428a8..bc1d34b0 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1733873195, - "narHash": "sha256-dTosiZ3sZ/NKoLKQ++v8nZdEHya0eTNEsaizNp+MUPM=", + "lastModified": 1734808199, + "narHash": "sha256-MxlUcLjE8xLbrI1SJ2B2jftlg4wdutEILa3fgqwA98I=", "owner": "nix-community", "repo": "home-manager", - "rev": "f26aa4b76fb7606127032d33ac73d7d507d82758", + "rev": "f342df3ad938f205a913973b832f52c12546aac6", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1733759999, - "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=", + "lastModified": 1734424634, + "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56", + "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1733873876, - "narHash": "sha256-6YHWh0+E74hBiH0N+LeZPSWRvbmudF6mtEtFpRo3LWc=", + "lastModified": 1734810357, + "narHash": "sha256-Oa6d+y1/PVaPrZ/GYwvmTK9kSrc5Qx/8D3DFN2TzpVA=", "owner": "nix-community", "repo": "NUR", - "rev": "77c8486c65517272727884ca62b9322092f4f643", + "rev": "e7b7b92a7c97a91f1465ab433bbdf6d00df1db8e", "type": "github" }, "original": { @@ -203,11 +203,11 @@ ] }, "locked": { - "lastModified": 1733665616, - "narHash": "sha256-+XTFXYlFJBxohhMGLDpYdEnhUNdxN8dyTA8WAd+lh2A=", + "lastModified": 1734797603, + "narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "d8c02f0ffef0ef39f6063731fc539d8c71eb463a", + "rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498", "type": "github" }, "original": { From e65b3ed1fc7977b9214c5bdbe1369c3decc96454 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 23 Dec 2024 22:42:42 -0500 Subject: [PATCH 272/485] home: vim: ftplugin: add query --- modules/home/vim/after/ftplugin/query.vim | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 modules/home/vim/after/ftplugin/query.vim diff --git a/modules/home/vim/after/ftplugin/query.vim b/modules/home/vim/after/ftplugin/query.vim new file mode 100644 index 00000000..fd2ac73a --- /dev/null +++ b/modules/home/vim/after/ftplugin/query.vim @@ -0,0 +1,6 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Use a small indentation value on query files +setlocal shiftwidth=2 +let b:undo_ftplugin.='|setlocal shiftwidth<' From 2996481327151763beece5cc24acb7913c2a5399 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 28 Dec 2024 13:24:21 -0500 Subject: [PATCH 273/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index bc1d34b0..a1385ba8 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1734808199, - "narHash": "sha256-MxlUcLjE8xLbrI1SJ2B2jftlg4wdutEILa3fgqwA98I=", + "lastModified": 1735381016, + "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", "owner": "nix-community", "repo": "home-manager", - "rev": "f342df3ad938f205a913973b832f52c12546aac6", + "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734424634, - "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1734810357, - "narHash": "sha256-Oa6d+y1/PVaPrZ/GYwvmTK9kSrc5Qx/8D3DFN2TzpVA=", + "lastModified": 1735408823, + "narHash": "sha256-1VjQeMQer5nXNYtw+BG+s78ucaEoxO5oqj+yRmM8MMs=", "owner": "nix-community", "repo": "NUR", - "rev": "e7b7b92a7c97a91f1465ab433bbdf6d00df1db8e", + "rev": "8283ea92deac8cdb6fd63ff04049ac9e879bf5eb", "type": "github" }, "original": { From 9c50691ede84ad83e1d7fa4dc3334f38cee08630 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 28 Dec 2024 13:28:03 -0500 Subject: [PATCH 274/485] nixos: services: nginx: sso: use upstream module It's finally been merged, so let's get rid of this module. --- modules/nixos/services/nginx/default.nix | 4 - modules/nixos/services/nginx/sso/default.nix | 84 -------------------- 2 files changed, 88 deletions(-) delete mode 100644 modules/nixos/services/nginx/sso/default.nix diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 3bba9f4e..cb276041 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -87,10 +87,6 @@ let }); in { - imports = [ - ./sso - ]; - options.my.services.nginx = with lib; { enable = mkEnableOption "Nginx"; diff --git a/modules/nixos/services/nginx/sso/default.nix b/modules/nixos/services/nginx/sso/default.nix deleted file mode 100644 index d60e31b4..00000000 --- a/modules/nixos/services/nginx/sso/default.nix +++ /dev/null @@ -1,84 +0,0 @@ -# I must override the module to allow having runtime secrets -{ config, lib, pkgs, utils, ... }: -let - cfg = config.services.nginx.sso; - pkg = lib.getBin cfg.package; - confPath = "/var/lib/nginx-sso/config.json"; -in -{ - disabledModules = [ "services/security/nginx-sso.nix" ]; - - - options.services.nginx.sso = with lib; { - enable = mkEnableOption "nginx-sso service"; - - package = mkOption { - type = types.package; - default = pkgs.nginx-sso; - defaultText = "pkgs.nginx-sso"; - description = '' - The nginx-sso package that should be used. - ''; - }; - - configuration = mkOption { - type = types.attrsOf types.unspecified; - default = { }; - example = literalExample '' - { - listen = { addr = "127.0.0.1"; port = 8080; }; - - providers.token.tokens = { - myuser = "MyToken"; - }; - - acl = { - rule_sets = [ - { - rules = [ { field = "x-application"; equals = "MyApp"; } ]; - allow = [ "myuser" ]; - } - ]; - }; - } - ''; - description = '' - nginx-sso configuration - (documentation) - as a Nix attribute set. - ''; - }; - }; - - config = lib.mkIf cfg.enable { - systemd.services.nginx-sso = { - description = "Nginx SSO Backend"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - StateDirectory = "nginx-sso"; - WorkingDirectory = "/var/lib/nginx-sso"; - # The files to be merged might not have the correct permissions - ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' - rm -f '${confPath}' - ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} - ''; - ExecStart = lib.mkForce '' - ${lib.getExe pkg} \ - --config ${confPath} \ - --frontend-dir ${pkg}/share/frontend - ''; - Restart = "always"; - User = "nginx-sso"; - Group = "nginx-sso"; - }; - }; - - users.users.nginx-sso = { - isSystemUser = true; - group = "nginx-sso"; - }; - - users.groups.nginx-sso = { }; - }; -} From debf061dd2f03d166b543da5a182b2645d90a6b5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 13 Jan 2025 17:35:20 +0000 Subject: [PATCH 275/485] treewide: add 'shell=bash' for '.envrc' files Looks like the `shellcheck` pre-commit hook starting running on those files as well. --- .envrc | 1 + templates/c++-cmake/.envrc | 1 + templates/c++-meson/.envrc | 1 + templates/rust-cargo/.envrc | 1 + 4 files changed, 4 insertions(+) mode change 100644 => 100755 templates/c++-cmake/.envrc diff --git a/.envrc b/.envrc index f5141c20..a6b1f81e 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" fi diff --git a/templates/c++-cmake/.envrc b/templates/c++-cmake/.envrc old mode 100644 new mode 100755 index de77fcb0..390d06d4 --- a/templates/c++-cmake/.envrc +++ b/templates/c++-cmake/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" fi diff --git a/templates/c++-meson/.envrc b/templates/c++-meson/.envrc index de77fcb0..390d06d4 100644 --- a/templates/c++-meson/.envrc +++ b/templates/c++-meson/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" fi diff --git a/templates/rust-cargo/.envrc b/templates/rust-cargo/.envrc index de77fcb0..390d06d4 100644 --- a/templates/rust-cargo/.envrc +++ b/templates/rust-cargo/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" fi From 2cf14c92d33bf47db9856932e9cb4a6ce92ad4fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 13 Jan 2025 17:37:07 +0000 Subject: [PATCH 276/485] flake: bump inputs --- flake.lock | 33 +++++++++++++++------------------ flake.nix | 1 - 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index a1385ba8..a95fb34a 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1736143030, + "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1735381016, - "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", + "lastModified": 1736785676, + "narHash": "sha256-TY0jUwR3EW0fnS0X5wXMAVy6h4Z7Y6a3m+Yq++C9AyE=", "owner": "nix-community", "repo": "home-manager", - "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", + "rev": "fc52a210b60f2f52c74eac41a8647c1573d2071d", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1735291276, - "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", + "lastModified": 1736701207, + "narHash": "sha256-jG/+MvjVY7SlTakzZ2fJ5dC3V1PrKKrUEOEE30jrOKA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", + "rev": "ed4a395ea001367c1f13d34b1e01aa10290f67d6", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1735408823, - "narHash": "sha256-1VjQeMQer5nXNYtw+BG+s78ucaEoxO5oqj+yRmM8MMs=", + "lastModified": 1736786866, + "narHash": "sha256-JaWZU7wFWsI4rGAemVciyhTxadaZyubJpLqupKLZUtI=", "owner": "nix-community", "repo": "NUR", - "rev": "8283ea92deac8cdb6fd63ff04049ac9e879bf5eb", + "rev": "16ff3063cb4a4cf6fb5f48ca7dc55c27f2ea4891", "type": "github" }, "original": { @@ -197,17 +197,14 @@ "gitignore": "gitignore", "nixpkgs": [ "nixpkgs" - ], - "nixpkgs-stable": [ - "nixpkgs" ] }, "locked": { - "lastModified": 1734797603, - "narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=", + "lastModified": 1735882644, + "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498", + "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f0bb79c7..afd3c805 100644 --- a/flake.nix +++ b/flake.nix @@ -68,7 +68,6 @@ ref = "master"; inputs = { nixpkgs.follows = "nixpkgs"; - nixpkgs-stable.follows = "nixpkgs"; }; }; From 9f2ed2ae5a5348cd2c97acc95be795a24d0bbe14 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 13 Jan 2025 17:37:41 +0000 Subject: [PATCH 277/485] nixos: hardware: fix renamed 'pulseaudio' config --- modules/nixos/hardware/bluetooth/default.nix | 2 +- modules/nixos/hardware/sound/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth/default.nix index e9b1991f..b14ac21a 100644 --- a/modules/nixos/hardware/bluetooth/default.nix +++ b/modules/nixos/hardware/bluetooth/default.nix @@ -20,7 +20,7 @@ in # Support for additional bluetooth codecs (lib.mkIf cfg.loadExtraCodecs { - hardware.pulseaudio = { + services.pulseaudio = { extraModules = [ pkgs.pulseaudio-modules-bt ]; package = pkgs.pulseaudioFull; }; diff --git a/modules/nixos/hardware/sound/default.nix b/modules/nixos/hardware/sound/default.nix index 1cf12cb4..cd453dee 100644 --- a/modules/nixos/hardware/sound/default.nix +++ b/modules/nixos/hardware/sound/default.nix @@ -54,7 +54,7 @@ in # Pulseaudio setup (lib.mkIf cfg.pulse.enable { - hardware.pulseaudio.enable = true; + services.pulseaudio.enable = true; }) ]); } From c99b5b2532cc1654a38bca9cd2ad7460f35aa278 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 13 Jan 2025 17:38:05 +0000 Subject: [PATCH 278/485] nixos: services: komga: use 'settings' --- modules/nixos/services/komga/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/nixos/services/komga/default.nix b/modules/nixos/services/komga/default.nix index e1dc7807..160d6ce1 100644 --- a/modules/nixos/services/komga/default.nix +++ b/modules/nixos/services/komga/default.nix @@ -21,10 +21,10 @@ in inherit (cfg) port; group = "media"; - }; - systemd.services.komga.environment = { - LOGGING_LEVEL_ORG_GOTSON_KOMGA = "DEBUG"; # Needed for fail2ban + settings = { + logging.level.org.gotson.komga = "DEBUG"; # Needed for fail2ban + }; }; # Set-up media group From f08787625b73ce88487303814e13e7355721dddd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 28 Jan 2025 12:34:20 +0000 Subject: [PATCH 279/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index a95fb34a..8884f797 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1723293904, - "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", "owner": "ryantm", "repo": "agenix", - "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1736785676, - "narHash": "sha256-TY0jUwR3EW0fnS0X5wXMAVy6h4Z7Y6a3m+Yq++C9AyE=", + "lastModified": 1737968762, + "narHash": "sha256-xiPARGKwocaMtv+U/rgi+h2g56CZZEmrcl7ldRaslq8=", "owner": "nix-community", "repo": "home-manager", - "rev": "fc52a210b60f2f52c74eac41a8647c1573d2071d", + "rev": "e1ae908bcc30af792b0bb0a52e53b03d2577255e", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1736701207, - "narHash": "sha256-jG/+MvjVY7SlTakzZ2fJ5dC3V1PrKKrUEOEE30jrOKA=", + "lastModified": 1737885589, + "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ed4a395ea001367c1f13d34b1e01aa10290f67d6", + "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1736786866, - "narHash": "sha256-JaWZU7wFWsI4rGAemVciyhTxadaZyubJpLqupKLZUtI=", + "lastModified": 1738059992, + "narHash": "sha256-VeNLLucQTlED2cqD3uofh968tm7u7UgwCdY5+jo/BSc=", "owner": "nix-community", "repo": "NUR", - "rev": "16ff3063cb4a4cf6fb5f48ca7dc55c27f2ea4891", + "rev": "c46c836963685acbd2430439f859b60f230b3643", "type": "github" }, "original": { @@ -200,11 +200,11 @@ ] }, "locked": { - "lastModified": 1735882644, - "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=", + "lastModified": 1737465171, + "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656", + "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", "type": "github" }, "original": { From 1540483955f38bb57af7706c7e458378028e36f4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 30 Jan 2025 13:06:49 +0100 Subject: [PATCH 280/485] nixos: services: komga: fix deprecated option --- modules/nixos/services/komga/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/komga/default.nix b/modules/nixos/services/komga/default.nix index 160d6ce1..9af3cd16 100644 --- a/modules/nixos/services/komga/default.nix +++ b/modules/nixos/services/komga/default.nix @@ -18,11 +18,11 @@ in config = lib.mkIf cfg.enable { services.komga = { enable = true; - inherit (cfg) port; group = "media"; settings = { + server.port = cfg.port; logging.level.org.gotson.komga = "DEBUG"; # Needed for fail2ban }; }; From 533e3b9a9f198d1a8168060db694f3a6ae6464b0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 29 Jan 2025 19:14:54 +0100 Subject: [PATCH 281/485] nixos: services: add homebox --- modules/nixos/services/default.nix | 1 + modules/nixos/services/homebox/default.nix | 42 ++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 modules/nixos/services/homebox/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 651f3f82..3992385f 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -14,6 +14,7 @@ ./forgejo ./gitea ./grocy + ./homebox ./indexers ./jellyfin ./komga diff --git a/modules/nixos/services/homebox/default.nix b/modules/nixos/services/homebox/default.nix new file mode 100644 index 00000000..d79e3314 --- /dev/null +++ b/modules/nixos/services/homebox/default.nix @@ -0,0 +1,42 @@ +# Home inventory made easy +{ config, lib, ... }: +let + cfg = config.my.services.homebox; +in +{ + options.my.services.homebox = with lib; { + enable = mkEnableOption "Homebox home inventory"; + + port = mkOption { + type = types.port; + default = 7745; + example = 8080; + description = "Internal port for webui"; + }; + }; + + config = lib.mkIf cfg.enable { + services.homebox = { + enable = true; + + settings = { + # FIXME: mailer? + HBOX_WEB_PORT = toString cfg.port; + }; + }; + + my.services.nginx.virtualHosts = { + homebox = { + inherit (cfg) port; + }; + }; + + my.services.backup = { + paths = [ + config.services.homebox.settings.HBOX_STORAGE_DATA + ]; + }; + + # NOTE: unfortunately homebox does not log connection failures for fail2ban + }; +} From 2cbcbb7b3a6819a66c7e2fb84a623e6bea087d35 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 Feb 2025 15:15:28 +0000 Subject: [PATCH 282/485] home: secrets: fix path to 'keys' --- modules/home/secrets/secrets.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/secrets/secrets.nix b/modules/home/secrets/secrets.nix index f4743429..27cdb4ee 100644 --- a/modules/home/secrets/secrets.nix +++ b/modules/home/secrets/secrets.nix @@ -1,6 +1,6 @@ # Common secrets let - keys = import ../../keys; + keys = import ../../../keys; all = builtins.attrValues keys.users; in From 9c4d853037aaca039709c7bd013738b5528e31fe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 6 Feb 2025 11:28:27 +0000 Subject: [PATCH 283/485] home: secrets: github: update token --- modules/home/secrets/github/token.age | Bin 369 -> 253 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/modules/home/secrets/github/token.age b/modules/home/secrets/github/token.age index 1d36ccdc3cc89a5b9c5bd9df4e8b62445fe4b3b0..3e8bb5a8329daf21e005a46c76ade14a887d5952 100644 GIT binary patch delta 217 zcmey!^p|mhPJO9wfw_@)QdN0wwn1o$iD_`MPquGrqD5eZwnt=ogkNHcrDcY;t7THQ zFPCqzYm`%&fs3WThev@yg-ft$REC*}p?+?0MMZ`|NL5LoS5$JTS4Mt*B$uwPu7YEx zn{i%RYEYhwWnN@KRgR^PTUbV9eoC5aZlYO=SypmIL{Mdjxk-U@peGk^#jIn8)9!jl zD=c=X^7Ym#tkv=mzIfc}u-Q)8ry`Fp%Cxecmb~(l>&(K)4JmrZW=LuO*_m_GTgBny T^33`v>=u2U1}$?cyY#C8DZ^1= delta 334 zcmey%_>pOXPJKpUxwlJVUanhtPOxD_rb)S{n?Y5MNuIlpb6#+2q@jyRm`hSpfk|>j zHdkbDP*spmzGYHXj+s|Usb`6&V`;9Zk%g0aqCr(^rJJdfn`KtEr&FO(AeXM4LSaf- zS!Ax6ZhBE_VsWa1l7Y2?k)=YQf`7gaSGGyITe5p{czu#dXhEP~Mq*BgV{u|?QfgkF zxrd{3RAgkKv42^KQCMlYSxI3*uz{0fq?fOYiFU3*sE12RMm|?YcxsMch*_$8VS#^C zYCup?KslGLuC9W4R$57(b9hQrj-gR;L~==XRc=LYv9?c%r+c Date: Wed, 12 Feb 2025 14:26:07 +0000 Subject: [PATCH 284/485] pkgs: lohr: use 'useFetchCargoVendor' The previous fetcher is in the process of being deprecated. --- pkgs/lohr/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index b89ccff9..aeb13b1a 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -10,7 +10,8 @@ rustPlatform.buildRustPackage rec { hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; }; - cargoHash = "sha256-EUhyrhPe+mUgMmm4o+bxRIiSNReJRfw+/O1fPr8r7lo="; + useFetchCargoVendor = true; + cargoHash = "sha256-R3/N/43+bGx6acE/rhBcrk6kS5zQu8NJ1sVvKJJkK9w="; meta = with lib; { description = "Git mirroring daemon"; From 40a841031fe465b7225927d1d493627e547cab59 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Feb 2025 14:27:15 +0000 Subject: [PATCH 285/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 8884f797..b7ca7083 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1738453229, + "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1737968762, - "narHash": "sha256-xiPARGKwocaMtv+U/rgi+h2g56CZZEmrcl7ldRaslq8=", + "lastModified": 1739314552, + "narHash": "sha256-ggVf2BclyIW3jexc/uvgsgJH4e2cuG6Nyg54NeXgbFI=", "owner": "nix-community", "repo": "home-manager", - "rev": "e1ae908bcc30af792b0bb0a52e53b03d2577255e", + "rev": "83bd3a26ac0526ae04fa74df46738bb44b89dcdd", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737885589, - "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", + "lastModified": 1739214665, + "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", + "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1738059992, - "narHash": "sha256-VeNLLucQTlED2cqD3uofh968tm7u7UgwCdY5+jo/BSc=", + "lastModified": 1739229047, + "narHash": "sha256-sSTgA86wdk8d544c2+gzrfvVPHQF4mbsomvLOW2thn0=", "owner": "nix-community", "repo": "NUR", - "rev": "c46c836963685acbd2430439f859b60f230b3643", + "rev": "8348d89f30598a73fee7efb4b5d34c3de201e71b", "type": "github" }, "original": { From 374886a63f01f2f736ce4502e61ba017403a77fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Feb 2025 14:30:00 +0000 Subject: [PATCH 286/485] nixos: services: servarr: remove build work-around It's been fixed upstream. This partially reverts commit ad1cfbd6f03e0b38f690d8563af02c1c04d8b731. --- modules/nixos/services/servarr/default.nix | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 4aa0de71..e25d9cfd 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -96,15 +96,5 @@ in # Sonarr for shows (mkFullConfig "sonarr") (mkFail2Ban "sonarr") - - # HACK: until https://github.com/NixOS/nixpkgs/issues/360592 is resolved - (lib.mkIf cfg.sonarr.enable { - nixpkgs.config.permittedInsecurePackages = [ - "aspnetcore-runtime-6.0.36" - "aspnetcore-runtime-wrapped-6.0.36" - "dotnet-sdk-6.0.428" - "dotnet-sdk-wrapped-6.0.428" - ]; - }) ]); } From 80b4c9ffcd8e610e39e473a6425001e9e939386f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Feb 2025 14:31:20 +0000 Subject: [PATCH 287/485] home: mail: accounts: use 'migadu' flavor --- modules/home/mail/accounts/default.nix | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/modules/home/mail/accounts/default.nix b/modules/home/mail/accounts/default.nix index 202b9bc5..5216ad5e 100644 --- a/modules/home/mail/accounts/default.nix +++ b/modules/home/mail/accounts/default.nix @@ -26,20 +26,7 @@ let }; migaduConfig = { - imap = { - host = "imap.migadu.com"; - port = 993; - tls = { - enable = true; - }; - }; - smtp = { - host = "smtp.migadu.com"; - port = 465; - tls = { - enable = true; - }; - }; + flavor = "migadu.com"; }; gmailConfig = { From f474c033d5d89d9cf84bbc18f878eb1bb9fed4d3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Feb 2025 14:40:39 +0000 Subject: [PATCH 288/485] nixos: services: nginx: remove zstd compression The zstd module is unmaintained and buggy, remove it preventively. The option itself will probably be removed soon [1]. [1]: https://github.com/NixOS/nixpkgs/pull/381678 --- modules/nixos/services/nginx/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index cb276041..1e9e38a8 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -253,7 +253,6 @@ in recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - recommendedZstdSettings = true; virtualHosts = let From 8f5be69a4e297c8289399ae09b805090042ebfcc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Feb 2025 15:33:40 +0100 Subject: [PATCH 289/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b7ca7083..c4ae7ba5 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1739314552, - "narHash": "sha256-ggVf2BclyIW3jexc/uvgsgJH4e2cuG6Nyg54NeXgbFI=", + "lastModified": 1739790043, + "narHash": "sha256-4gK4zdNDQ4PyGFs7B6zp9iPIBy9E+bVJiZ0XAmncvgQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "83bd3a26ac0526ae04fa74df46738bb44b89dcdd", + "rev": "c1ea92cdfb85bd7b0995b550581d9fd1c3370bf9", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739214665, - "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=", + "lastModified": 1739580444, + "narHash": "sha256-+/bSz4EAVbqz8/HsIGLroF8aNaO8bLRL7WfACN+24g4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a", + "rev": "8bb37161a0488b89830168b81c48aed11569cb93", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1739229047, - "narHash": "sha256-sSTgA86wdk8d544c2+gzrfvVPHQF4mbsomvLOW2thn0=", + "lastModified": 1739796551, + "narHash": "sha256-XcTK29rOc0WxcSJDHUK8JQege9CzSVVAcjHdswOVFPA=", "owner": "nix-community", "repo": "NUR", - "rev": "8348d89f30598a73fee7efb4b5d34c3de201e71b", + "rev": "827aa6eeaf92cc085f84947f6c32002792b67497", "type": "github" }, "original": { From 1237ef41742323d88d639877d38cd6ec05d9cf91 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Feb 2025 16:22:00 +0000 Subject: [PATCH 290/485] home: git: include local configuration properly Using `includes` ensures that the local configuration is included at the end of the configuration file. --- modules/home/git/default.nix | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index 1bb22159..8791cb27 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -123,11 +123,6 @@ in defaultBranch = "main"; }; - # Local configuration, not-versioned - include = { - path = "config.local"; - }; - merge = { conflictStyle = "zdiff3"; }; @@ -167,8 +162,8 @@ in }; }; - # Multiple identities includes = [ + # Multiple identities { condition = "gitdir:~/git/EPITA/"; contents = { @@ -187,6 +182,10 @@ in }; }; } + # Local configuration, not-versioned + { + path = "config.local"; + } ]; ignores = From 337d7309c61e39bd77db6537acde9a301dade42f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Feb 2025 16:41:54 +0000 Subject: [PATCH 291/485] home: git: use 'mkAfter' for config includes This should ensure that they will be included at the very end of the configuration, even if other modules add more includes. Notably, this ensures that the local configuration can override any other setting. --- modules/home/git/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index 8791cb27..c88008fa 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -162,7 +162,7 @@ in }; }; - includes = [ + includes = lib.mkAfter [ # Multiple identities { condition = "gitdir:~/git/EPITA/"; From d3a953247c270ca2e771bac5343123c4239c0da3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Feb 2025 14:15:01 +0000 Subject: [PATCH 292/485] home: packages: disable on 'useGlobalPkgs' It doesn't do anything when `useGlobalPkgs` is set, and has started warning about its upcoming deprecation. --- modules/home/packages/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/home/packages/default.nix b/modules/home/packages/default.nix index b0f8d674..43f7111e 100644 --- a/modules/home/packages/default.nix +++ b/modules/home/packages/default.nix @@ -1,6 +1,7 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, osConfig, ... }: let cfg = config.my.home.packages; + useGlobalPkgs = osConfig.home-manager.useGlobalPkgs or false; in { options.my.home.packages = with lib; { @@ -29,7 +30,7 @@ in tree ] ++ cfg.additionalPackages); - nixpkgs.config = { + nixpkgs.config = lib.mkIf (!useGlobalPkgs) { inherit (cfg) allowAliases allowUnfree; }; }; From 852696409a4319a9767814c4483072d4bb9cbd61 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Feb 2025 17:07:43 +0000 Subject: [PATCH 293/485] home: pager: remove 'LESSKEY' It should do the lookup in `$XDG_CONFIG_HOME/lesskey` automatically now. --- modules/home/pager/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/home/pager/default.nix b/modules/home/pager/default.nix index 1119440f..a35da2c2 100644 --- a/modules/home/pager/default.nix +++ b/modules/home/pager/default.nix @@ -16,7 +16,6 @@ in LESS = "-R -+X -c"; # Better XDG compliance LESSHISTFILE = "${config.xdg.stateHome}/less/history"; - LESSKEY = "${config.xdg.configHome}/less/lesskey"; }; }; } From e43570fe5bfa8a6258d11c3eb8f7738cb045a5ce Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Feb 2025 17:04:21 +0000 Subject: [PATCH 294/485] home: pager: allow quitting without screen clear --- modules/home/pager/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/home/pager/default.nix b/modules/home/pager/default.nix index a35da2c2..e84dcb73 100644 --- a/modules/home/pager/default.nix +++ b/modules/home/pager/default.nix @@ -17,5 +17,10 @@ in # Better XDG compliance LESSHISTFILE = "${config.xdg.stateHome}/less/history"; }; + + xdg.configFile."lesskey".text = '' + # Quit without clearing the screen on `Q` + Q toggle-option -!^Predraw-on-quit\nq + ''; }; } From 84f1186b6c6888ed3ebc1fb6072a259e509b3271 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Feb 2025 13:38:07 +0000 Subject: [PATCH 295/485] home: tmux: add 'enableResurrect' To be used on the cloudtop with its frequent reboots. --- modules/home/tmux/default.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index ae8b8f06..53716435 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -20,6 +20,8 @@ in enablePassthrough = mkEnableOption "tmux DCS passthrough sequence"; + enableResurrect = mkEnableOption "tmux-resurrect plugin"; + terminalFeatures = mkOption { type = with types; attrsOf (submodule { options = { @@ -51,7 +53,7 @@ in focusEvents = true; # Report focus events terminal = "tmux-256color"; # I want accurate termcap info - plugins = with pkgs.tmuxPlugins; [ + plugins = with pkgs.tmuxPlugins; builtins.filter (attr: attr != { }) [ # Open high-lighted files in copy mode open # Better pane management @@ -79,6 +81,13 @@ in set -g status-right '#{prefix_highlight} %a %Y-%m-%d %H:%M' ''; } + # Resurrect sessions + (lib.optionalAttrs cfg.enableResurrect { + plugin = resurrect; + extraConfig = '' + set -g @resurrect-dir '${config.xdg.stateHome}/tmux/resurrect' + ''; + }) ]; extraConfig = '' From 105bcbd53a30d349bb68276249a77793ec5f2d19 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Feb 2025 13:39:46 +0000 Subject: [PATCH 296/485] hosts: home: mousqueton: enable 'tmux-resurrect' --- hosts/homes/ambroisie@mousqueton/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/homes/ambroisie@mousqueton/default.nix b/hosts/homes/ambroisie@mousqueton/default.nix index 44e62e68..37884d79 100644 --- a/hosts/homes/ambroisie@mousqueton/default.nix +++ b/hosts/homes/ambroisie@mousqueton/default.nix @@ -15,6 +15,9 @@ # I use scripts that use the passthrough sequence often on this host enablePassthrough = true; + # Frequent reboots mean that session persistence can be handy + enableResurrect = true; + terminalFeatures = { # HTerm uses `xterm-256color` as its `$TERM`, so use that here xterm-256color = { }; From edeb67238bc24dc982075bb5f6787d8035b578b3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Feb 2025 13:58:02 +0000 Subject: [PATCH 297/485] home: tmux: enable aggressive resize Generally useful, rarely gets in the way, I'd rather have it enabled by default. --- modules/home/tmux/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 53716435..08b9202c 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -52,6 +52,7 @@ in mouse = false; # I dislike mouse support focusEvents = true; # Report focus events terminal = "tmux-256color"; # I want accurate termcap info + aggressiveResize = true; # Automatic resize when switching client size plugins = with pkgs.tmuxPlugins; builtins.filter (attr: attr != { }) [ # Open high-lighted files in copy mode From 0dc8ac443313724285d54447330311f3b2e0856b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 Feb 2025 12:36:10 +0000 Subject: [PATCH 298/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index c4ae7ba5..bd5cf0aa 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1739790043, - "narHash": "sha256-4gK4zdNDQ4PyGFs7B6zp9iPIBy9E+bVJiZ0XAmncvgQ=", + "lastModified": 1740624780, + "narHash": "sha256-8TP61AI3QBQsjzVUQFIV8NoB5nbYfJB3iHczhBikDkU=", "owner": "nix-community", "repo": "home-manager", - "rev": "c1ea92cdfb85bd7b0995b550581d9fd1c3370bf9", + "rev": "b8869e4ead721bbd4f0d6b927e8395705d4f16e6", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739580444, - "narHash": "sha256-+/bSz4EAVbqz8/HsIGLroF8aNaO8bLRL7WfACN+24g4=", + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8bb37161a0488b89830168b81c48aed11569cb93", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1739796551, - "narHash": "sha256-XcTK29rOc0WxcSJDHUK8JQege9CzSVVAcjHdswOVFPA=", + "lastModified": 1740655932, + "narHash": "sha256-BSTcgL2C74x0TgVdVEWfIz2SHkwIFMN0Dvv1lCoOhCA=", "owner": "nix-community", "repo": "NUR", - "rev": "827aa6eeaf92cc085f84947f6c32002792b67497", + "rev": "1ca8ff37f33a560c4a292ed83774434854f0b39a", "type": "github" }, "original": { From 88c00bb83d7d83d9af480f9de8027175bdd32ec7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 Feb 2025 12:44:10 +0000 Subject: [PATCH 299/485] home: firefox: fix deprecated option --- modules/home/firefox/default.nix | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/modules/home/firefox/default.nix b/modules/home/firefox/default.nix index 02c74f2d..6346dc9b 100644 --- a/modules/home/firefox/default.nix +++ b/modules/home/firefox/default.nix @@ -61,19 +61,21 @@ in "ui.systemUsesDarkTheme" = true; # Dark mode }; - extensions = with pkgs.nur.repos.rycee.firefox-addons; ([ - bitwarden - consent-o-matic - form-history-control - reddit-comment-collapser - reddit-enhancement-suite - refined-github - sponsorblock - ublock-origin - ] - ++ lib.optional (cfg.tridactyl.enable) tridactyl - ++ lib.optional (cfg.ff2mpv.enable) ff2mpv - ); + extensions = { + packages = with pkgs.nur.repos.rycee.firefox-addons; ([ + bitwarden + consent-o-matic + form-history-control + reddit-comment-collapser + reddit-enhancement-suite + refined-github + sponsorblock + ublock-origin + ] + ++ lib.optional (cfg.tridactyl.enable) tridactyl + ++ lib.optional (cfg.ff2mpv.enable) ff2mpv + ); + }; }; }; }; From ca618b53ccef400567eef305c634854ca16529fb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 Feb 2025 16:59:15 +0000 Subject: [PATCH 300/485] home: vim: oil: explicitly remove icons They started appearing on the latest bump, it looks like my configuration started including `nvim-web-devicons` (see [1]). I'll probably remove this configuration on the next nixpkgs bump (it's a good canary to check that I *never* include icons in the future). [1]: https://github.com/NixOS/nixpkgs/pull/382668 --- modules/home/vim/plugin/settings/oil.lua | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/vim/plugin/settings/oil.lua b/modules/home/vim/plugin/settings/oil.lua index a160725b..74d5007a 100644 --- a/modules/home/vim/plugin/settings/oil.lua +++ b/modules/home/vim/plugin/settings/oil.lua @@ -4,6 +4,8 @@ local wk = require("which-key") local detail = false oil.setup({ + -- Don't show icons + columns = {}, view_options = { -- Show files and directories that start with "." by default show_hidden = true, From dc4221fc17fc3d36e75f4d47b6e1a552969ab29f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Mar 2025 13:02:02 +0000 Subject: [PATCH 301/485] flake: bump inputs And remove the overlay for `lsp-format.nvim`, which has been fixed. This reverts commit 92e5fbe7df0c74a33baccfdb9fc82859217e0b3a. --- flake.lock | 30 +++++++++---------- .../lsp-format-nvim-indentation/default.nix | 4 --- .../lsp-format-nvim-indentation/generated.nix | 14 --------- 3 files changed, 15 insertions(+), 33 deletions(-) delete mode 100644 overlays/lsp-format-nvim-indentation/default.nix delete mode 100644 overlays/lsp-format-nvim-indentation/generated.nix diff --git a/flake.lock b/flake.lock index bd5cf0aa..6db188a6 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1738453229, - "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", + "lastModified": 1741352980, + "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", + "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1740624780, - "narHash": "sha256-8TP61AI3QBQsjzVUQFIV8NoB5nbYfJB3iHczhBikDkU=", + "lastModified": 1741955947, + "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", "owner": "nix-community", "repo": "home-manager", - "rev": "b8869e4ead721bbd4f0d6b927e8395705d4f16e6", + "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1740560979, - "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", + "lastModified": 1742069588, + "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5135c59491985879812717f4c9fea69604e7f26f", + "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1740655932, - "narHash": "sha256-BSTcgL2C74x0TgVdVEWfIz2SHkwIFMN0Dvv1lCoOhCA=", + "lastModified": 1741294988, + "narHash": "sha256-3408u6q615kVTb23WtDriHRmCBBpwX7iau6rvfipcu4=", "owner": "nix-community", "repo": "NUR", - "rev": "1ca8ff37f33a560c4a292ed83774434854f0b39a", + "rev": "b30c245e2c44c7352a27485bfd5bc483df660f0e", "type": "github" }, "original": { @@ -200,11 +200,11 @@ ] }, "locked": { - "lastModified": 1737465171, - "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", + "lastModified": 1742058297, + "narHash": "sha256-b4SZc6TkKw8WQQssbN5O2DaCEzmFfvSTPYHlx/SFW9Y=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", + "rev": "59f17850021620cd348ad2e9c0c64f4e6325ce2a", "type": "github" }, "original": { diff --git a/overlays/lsp-format-nvim-indentation/default.nix b/overlays/lsp-format-nvim-indentation/default.nix deleted file mode 100644 index 832e71de..00000000 --- a/overlays/lsp-format-nvim-indentation/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/lsp-format-nvim-indentation/generated.nix b/overlays/lsp-format-nvim-indentation/generated.nix deleted file mode 100644 index 19022078..00000000 --- a/overlays/lsp-format-nvim-indentation/generated.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ fetchpatch, ... }: - -_final: prev: { - lsp-format-nvim = prev.lsp-format-nvim.overrideAttrs (oa: { - patches = (oa.patches or [ ]) ++ [ - # https://github.com/lukas-reineke/lsp-format.nvim/issues/94 - (fetchpatch { - name = "use-effective-indentation"; - url = "https://github.com/liskin/lsp-format.nvim/commit/3757ac443bdf5bd166673833794553229ee8d939.patch"; - hash = "sha256-Dv+TvXrU/IrrPxz2MSPbLmRxch+qkHbI3AyFMj/ssDk="; - }) - ]; - }); -} From 5ae2eacd49042d3c00e3d2e666c355bcb89e10d1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 19 Mar 2025 11:45:07 +0000 Subject: [PATCH 302/485] home: git: add 'ignoreRevsFile' I'm surprised I hadn't configured it already. `.git-blame-ignore-revs` is the usual name, as most forges automatically detect and use it. --- modules/home/git/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index c88008fa..bd085b8a 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -75,6 +75,7 @@ in # Makes it a bit more readable blame = { coloring = "repeatedLines"; + ignoreRevsFile = ".git-blame-ignore-revs"; markIgnoredLines = true; markUnblamables = true; }; From 9156a8211d6388e274698e834d010710d727d425 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Mar 2025 11:47:59 +0000 Subject: [PATCH 303/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 6db188a6..2eff24a5 100644 --- a/flake.lock +++ b/flake.lock @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1741955947, - "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", + "lastModified": 1742771635, + "narHash": "sha256-HQHzQPrg+g22tb3/K/4tgJjPzM+/5jbaujCZd8s2Mls=", "owner": "nix-community", "repo": "home-manager", - "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", + "rev": "ad0614a1ec9cce3b13169e20ceb7e55dfaf2a818", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742069588, - "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", + "lastModified": 1742669843, + "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", + "rev": "1e5b653dff12029333a6546c11e108ede13052eb", "type": "github" }, "original": { @@ -200,11 +200,11 @@ ] }, "locked": { - "lastModified": 1742058297, - "narHash": "sha256-b4SZc6TkKw8WQQssbN5O2DaCEzmFfvSTPYHlx/SFW9Y=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "59f17850021620cd348ad2e9c0c64f4e6325ce2a", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { From 6fc81e45e98bcb4190641c53aad62a28cb782367 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Mar 2025 11:58:56 +0000 Subject: [PATCH 304/485] home: zsh: migrate to 'initContent' This also fixes a small ordering issue: my alias definitions used to be defined at the very end of the file, they're now slotted _before_ the `zshrc.local` import. --- modules/home/zsh/default.nix | 40 +++++++++++++++++------------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 11b6cb24..f4092d88 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -87,28 +87,26 @@ in # Modal editing is life, but CLI benefits from emacs gymnastics defaultKeymap = "emacs"; - # Make those happen early to avoid doing double the work - initExtraFirst = lib.mkBefore '' - ${ - lib.optionalString cfg.launchTmux '' - # Launch tmux unless already inside one - if [ -z "$TMUX" ]; then - exec tmux new-session - fi - '' - } - ''; + initContent = lib.mkMerge [ + # Make those happen early to avoid doing double the work + (lib.mkBefore (lib.optionalString cfg.launchTmux '' + # Launch tmux unless already inside one + if [ -z "$TMUX" ]; then + exec tmux new-session + fi + '')) - initExtra = lib.mkAfter '' - source ${./completion-styles.zsh} - source ${./extra-mappings.zsh} - source ${./options.zsh} + (lib.mkAfter '' + source ${./completion-styles.zsh} + source ${./extra-mappings.zsh} + source ${./options.zsh} - # Source local configuration - if [ -f "$ZDOTDIR/zshrc.local" ]; then - source "$ZDOTDIR/zshrc.local" - fi - ''; + # Source local configuration + if [ -f "$ZDOTDIR/zshrc.local" ]; then + source "$ZDOTDIR/zshrc.local" + fi + '') + ]; localVariables = { # I like having the full path @@ -151,7 +149,7 @@ in }; # Use OSC-777 to send the notification through SSH - initExtra = lib.mkIf cfg.notify.ssh.useOsc777 '' + initContent = lib.mkIf cfg.notify.ssh.useOsc777 '' done_send_notification() { local exit_status="$1" local title="$2" From b2758839e8a0fe5cb613542172d6bfd36ba088ee Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 24 Mar 2025 16:51:45 +0000 Subject: [PATCH 305/485] home: vim: lspconfig: add 'harper' Support for more languages is upcoming, I also need to check how to handle custom words/dictionaries. --- modules/home/vim/plugin/settings/lspconfig.lua | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 1f9abfd9..f8e65d87 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -96,6 +96,13 @@ if utils.is_executable("starpls") then end -- Generic +if utils.is_executable("harper-ls") then + lspconfig.harper_ls.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end + if utils.is_executable("typos-lsp") then lspconfig.typos_lsp.setup({ capabilities = capabilities, From abec0dd226d765a54976be0a07442c4ce45b3cdb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Mar 2025 14:30:07 +0000 Subject: [PATCH 306/485] home: git: remove 'ignoreRevsFile' I remember why I didn't set it globally now, it's because `git blame` complains and errors out, rather than silently ignoring the setting, when the file doesn't exist in a repo... This reverts commit 5ae2eacd49042d3c00e3d2e666c355bcb89e10d1. --- modules/home/git/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index bd085b8a..c88008fa 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -75,7 +75,6 @@ in # Makes it a bit more readable blame = { coloring = "repeatedLines"; - ignoreRevsFile = ".git-blame-ignore-revs"; markIgnoredLines = true; markUnblamables = true; }; From 458ea144c447cb15ed07351992f9cbe8f74489db Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Mar 2025 16:52:58 +0000 Subject: [PATCH 307/485] home: vim: remove 'fastfold' configuration I missed it in the original commit that removed the plug-in from my configuration... --- modules/home/vim/plugin/settings/fastfold.lua | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 modules/home/vim/plugin/settings/fastfold.lua diff --git a/modules/home/vim/plugin/settings/fastfold.lua b/modules/home/vim/plugin/settings/fastfold.lua deleted file mode 100644 index 78ee9378..00000000 --- a/modules/home/vim/plugin/settings/fastfold.lua +++ /dev/null @@ -1,5 +0,0 @@ --- Intercept all fold commands --- stylua: ignore -vim.g.fastfold_fold_command_suffixes = { - "x", "X", "a", "A", "o", "O", "c", "C", "r", "R", "m", "M", "i", "n", "N", -} From 1841ff391d13eb31b3ff670b9c9f4563ecc7140b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 28 Mar 2025 15:27:21 +0000 Subject: [PATCH 308/485] flake: dev-shells: remove redundant 'pre-commit' It's already being installed by the shell hook. --- flake/dev-shells.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/flake/dev-shells.nix b/flake/dev-shells.nix index d5f5989b..87464a48 100644 --- a/flake/dev-shells.nix +++ b/flake/dev-shells.nix @@ -6,7 +6,6 @@ name = "NixOS-config"; nativeBuildInputs = with pkgs; [ - gitAndTools.pre-commit nixpkgs-fmt ]; From 37e88c2707072bc4cc244669c084dccb74b52ab3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 Mar 2025 14:41:21 +0000 Subject: [PATCH 309/485] flake: bump inputs And fix the small `jq` breakage. --- flake.lock | 18 +++++++++--------- modules/home/jq/default.nix | 1 + 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 2eff24a5..a2d931a0 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1742771635, - "narHash": "sha256-HQHzQPrg+g22tb3/K/4tgJjPzM+/5jbaujCZd8s2Mls=", + "lastModified": 1743607567, + "narHash": "sha256-kTzKPDFmNzwO1cK4fiJgPB/iSw7HgBAmknRTeAPJAeI=", "owner": "nix-community", "repo": "home-manager", - "rev": "ad0614a1ec9cce3b13169e20ceb7e55dfaf2a818", + "rev": "49748c74cdbae03d70381f150b810f92617f23aa", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1743448293, + "narHash": "sha256-bmEPmSjJakAp/JojZRrUvNcDX2R5/nuX6bm+seVaGhs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "77b584d61ff80b4cef9245829a6f1dfad5afdfa3", "type": "github" }, "original": { diff --git a/modules/home/jq/default.nix b/modules/home/jq/default.nix index 57e266fa..53e59865 100644 --- a/modules/home/jq/default.nix +++ b/modules/home/jq/default.nix @@ -17,6 +17,7 @@ in strings = "0;32"; arrays = "1;39"; objects = "1;39"; + objectKeys = "1;34"; }; }; } From dfb3c353ecc6e2152dfc2440544db2ffbd99a20b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 Mar 2025 16:15:04 +0000 Subject: [PATCH 310/485] home: vim: remove 'lsp_lines' It's been upstreamed! --- modules/home/vim/default.nix | 1 - modules/home/vim/plugin/settings/lsp-lines.lua | 3 --- 2 files changed, 4 deletions(-) delete mode 100644 modules/home/vim/plugin/settings/lsp-lines.lua diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 8e6bd5c6..b65e935f 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -59,7 +59,6 @@ in # LSP and linting nvim-lspconfig # Easy LSP configuration lsp-format-nvim # Simplified formatting configuration - lsp_lines-nvim # Show diagnostics *over* regions none-ls-nvim # LSP integration for linters and formatters nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects diff --git a/modules/home/vim/plugin/settings/lsp-lines.lua b/modules/home/vim/plugin/settings/lsp-lines.lua deleted file mode 100644 index 9c79818c..00000000 --- a/modules/home/vim/plugin/settings/lsp-lines.lua +++ /dev/null @@ -1,3 +0,0 @@ -local lsp_lines = require("lsp_lines") - -lsp_lines.setup() From 274d143031cbc350673c8bed520fa0f2522319c0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 Mar 2025 16:17:59 +0000 Subject: [PATCH 311/485] home: vim: fix deprecated calls --- modules/home/vim/lua/ambroisie/lsp.lua | 17 +++++++---------- modules/home/vim/lua/ambroisie/utils.lua | 2 +- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index eb53da68..39892028 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -5,14 +5,15 @@ local lsp_format = require("lsp-format") --- Move to the next/previous diagnostic, automatically showing the diagnostics --- float if necessary. ---- @param forward bool whether to go forward or backwards -local function goto_diagnostic(forward) +--- @param count number whether to go count or backwards +local function goto_diagnostic(count) vim.validate({ - forward = { forward, "boolean" }, + count = { count, "number" }, }) local opts = { float = false, + count = count, } -- Only show floating diagnostics if they are otherwise not displayed @@ -21,23 +22,19 @@ local function goto_diagnostic(forward) opts.float = true end - if forward then - vim.diagnostic.goto_next(opts) - else - vim.diagnostic.goto_prev(opts) - end + vim.diagnostic.jump(opts) end --- Move to the next diagnostic, automatically showing the diagnostics float if --- necessary. M.goto_next_diagnostic = function() - goto_diagnostic(true) + goto_diagnostic(1) end --- Move to the previous diagnostic, automatically showing the diagnostics float --- if necessary. M.goto_prev_diagnostic = function() - goto_diagnostic(false) + goto_diagnostic(-1) end --- shared LSP configuration callback diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index c9e92921..0ee7c83b 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -38,7 +38,7 @@ end --- @param bufnr int? buffer number --- @return table all active LSP client names M.list_lsp_clients = function(bufnr) - local clients = vim.lsp.get_active_clients({ bufnr = bufnr }) + local clients = vim.lsp.get_clients({ bufnr = bufnr }) local names = {} for _, client in ipairs(clients) do From 4ef1b08f4ee444ab9dcb1513421cf78a79449242 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 Mar 2025 16:55:00 +0000 Subject: [PATCH 312/485] home: vim: lualine: use built-in 'branch' It now supports worktrees correctly (or at least I can't figure out which issue I used to have with it...). As a bonus, it also supports showing the correct branch for an `oil` buffer. This reverts commit 481d5f6f53e1e6ff1d8f29d3ac996af723be2381. --- modules/home/vim/plugin/settings/lualine.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/vim/plugin/settings/lualine.lua b/modules/home/vim/plugin/settings/lualine.lua index 5219a956..31ad3c48 100644 --- a/modules/home/vim/plugin/settings/lualine.lua +++ b/modules/home/vim/plugin/settings/lualine.lua @@ -30,7 +30,7 @@ lualine.setup({ { "mode" }, }, lualine_b = { - { "FugitiveHead" }, + { "branch" }, { "filename", symbols = { readonly = "🔒" } }, }, lualine_c = { From c1efc4316d7fe2bedd222d02e148e9ec8f7f6707 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 Mar 2025 16:44:00 +0000 Subject: [PATCH 313/485] home: vim: lualine: add custom 'oil' extension I don't like the built-in one. --- modules/home/vim/plugin/settings/lualine.lua | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/modules/home/vim/plugin/settings/lualine.lua b/modules/home/vim/plugin/settings/lualine.lua index 31ad3c48..bbe46475 100644 --- a/modules/home/vim/plugin/settings/lualine.lua +++ b/modules/home/vim/plugin/settings/lualine.lua @@ -1,4 +1,5 @@ local lualine = require("lualine") +local oil = require("oil") local utils = require("ambroisie.utils") local function list_spell_languages() @@ -57,5 +58,21 @@ lualine.setup({ extensions = { "fugitive", "quickfix", + { + sections = { + lualine_a = { + { "mode" }, + }, + lualine_b = { + { "branch" }, + }, + lualine_c = { + function() + return vim.fn.fnamemodify(oil.get_current_dir(), ":~") + end, + }, + }, + filetypes = { "oil" }, + }, }, }) From 262dc48425c2b62305b5202abad20f71cf92aaed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Apr 2025 20:02:33 +0100 Subject: [PATCH 314/485] home: vim: use default 'diffopt:linematch' It's now been defaulted to `linematch:40` on v0.11. --- modules/home/vim/init.vim | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 0b546765..39ef32e3 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -68,8 +68,6 @@ set listchars=tab:>─,trail:·,nbsp:¤ " Use patience diff set diffopt+=algorithm:patience -" Align similar lines in each hunk -set diffopt+=linematch:50 " Don't redraw when executing macros set lazyredraw From 2583cc6c12817a9f1012ba24bfe32aeb4b7794a3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Apr 2025 21:16:58 +0100 Subject: [PATCH 315/485] home: vim: lua: lsp: add count to diagnostic maps --- modules/home/vim/lua/ambroisie/lsp.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index 39892028..e57bdafd 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -28,13 +28,13 @@ end --- Move to the next diagnostic, automatically showing the diagnostics float if --- necessary. M.goto_next_diagnostic = function() - goto_diagnostic(1) + goto_diagnostic(vim.v.count1) end --- Move to the previous diagnostic, automatically showing the diagnostics float --- if necessary. M.goto_prev_diagnostic = function() - goto_diagnostic(-1) + goto_diagnostic(-vim.v.count1) end --- shared LSP configuration callback From 36aa641ec0d861b7abffc8204b6538b7dc0367a2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Apr 2025 21:23:30 +0100 Subject: [PATCH 316/485] home: vim: rely on built-in diagnostic jump config This reduces the surface area of my configuration. --- .../vim/after/plugin/mappings/unimpaired.lua | 4 -- modules/home/vim/lua/ambroisie/lsp.lua | 38 ++----------------- .../home/vim/plugin/settings/lspconfig.lua | 4 ++ 3 files changed, 8 insertions(+), 38 deletions(-) diff --git a/modules/home/vim/after/plugin/mappings/unimpaired.lua b/modules/home/vim/after/plugin/mappings/unimpaired.lua index 82aab059..765b6b11 100644 --- a/modules/home/vim/after/plugin/mappings/unimpaired.lua +++ b/modules/home/vim/after/plugin/mappings/unimpaired.lua @@ -31,8 +31,6 @@ local keys = { { "[u", desc = "URL encode" }, { "[x", desc = "XML encode" }, { "[y", desc = "C string encode" }, - -- Custom - { "[d", lsp.goto_prev_diagnostic, desc = "Previous diagnostic" }, -- Next { "]", group = "Next" }, @@ -62,8 +60,6 @@ local keys = { { "]u", desc = "URL decode" }, { "]x", desc = "XML decode" }, { "]y", desc = "C string decode" }, - -- Custom - { "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" }, -- Enable option { "[o", group = "Enable option" }, diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index e57bdafd..e48de128 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -3,40 +3,6 @@ local M = {} -- Simplified LSP formatting configuration local lsp_format = require("lsp-format") ---- Move to the next/previous diagnostic, automatically showing the diagnostics ---- float if necessary. ---- @param count number whether to go count or backwards -local function goto_diagnostic(count) - vim.validate({ - count = { count, "number" }, - }) - - local opts = { - float = false, - count = count, - } - - -- Only show floating diagnostics if they are otherwise not displayed - local config = vim.diagnostic.config() - if not (config.virtual_text or config.virtual_lines) then - opts.float = true - end - - vim.diagnostic.jump(opts) -end - ---- Move to the next diagnostic, automatically showing the diagnostics float if ---- necessary. -M.goto_next_diagnostic = function() - goto_diagnostic(vim.v.count1) -end - ---- Move to the previous diagnostic, automatically showing the diagnostics float ---- if necessary. -M.goto_prev_diagnostic = function() - goto_diagnostic(-vim.v.count1) -end - --- shared LSP configuration callback --- @param client native client configuration --- @param bufnr int? buffer number of the attached client @@ -76,6 +42,10 @@ M.on_attach = function(client, bufnr) vim.diagnostic.config({ virtual_text = text, virtual_lines = lines, + jump = { + -- Show float on jump if no diagnostic text is otherwise shown + float = not (text or lines), + }, }) end diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index f8e65d87..7817d4c1 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -16,6 +16,10 @@ vim.diagnostic.config({ update_in_insert = false, -- Show highest severity first severity_sort = true, + jump = { + -- Show float on diagnostic jumps + float = true, + }, }) -- Inform servers we are able to do completion, snippets, etc... From d48d5c45e04b67e7642ac5f36c5fd1c81f7cd19d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Apr 2025 15:24:43 +0000 Subject: [PATCH 317/485] home: vim: remove 'friendly-snippets' I never use them... --- modules/home/vim/default.nix | 1 - modules/home/vim/plugin/settings/luasnip.lua | 1 - 2 files changed, 2 deletions(-) delete mode 100644 modules/home/vim/plugin/settings/luasnip.lua diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index b65e935f..20a74fff 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -66,7 +66,6 @@ in # Completion luasnip # Snippet manager compatible with LSP - friendly-snippets # LSP snippets collection nvim-cmp # Completion engine cmp-async-path # More responsive path completion cmp-buffer # Words from open buffers diff --git a/modules/home/vim/plugin/settings/luasnip.lua b/modules/home/vim/plugin/settings/luasnip.lua deleted file mode 100644 index 80309d7e..00000000 --- a/modules/home/vim/plugin/settings/luasnip.lua +++ /dev/null @@ -1 +0,0 @@ -require("luasnip.loaders.from_vscode").lazy_load() From 53569f17a6850d00856ad4788516ff947f8907ad Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 5 Apr 2025 18:27:04 +0100 Subject: [PATCH 318/485] treewide: pre-commit-hooks.nix renaming --- flake.lock | 50 +++++++++++++++++----------------- flake.nix | 4 +-- flake/checks.nix | 2 +- templates/c++-cmake/flake.nix | 8 +++--- templates/c++-meson/flake.nix | 8 +++--- templates/rust-cargo/flake.nix | 8 +++--- 6 files changed, 40 insertions(+), 40 deletions(-) diff --git a/flake.lock b/flake.lock index a2d931a0..353a3923 100644 --- a/flake.lock +++ b/flake.lock @@ -108,10 +108,33 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "master", + "repo": "git-hooks.nix", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ - "pre-commit-hooks", + "git-hooks", "nixpkgs" ] }, @@ -191,38 +214,15 @@ "type": "github" } }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat", - "gitignore": "gitignore", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1742649964, - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "master", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", "flake-parts": "flake-parts", "futils": "futils", + "git-hooks": "git-hooks", "home-manager": "home-manager", "nixpkgs": "nixpkgs", "nur": "nur", - "pre-commit-hooks": "pre-commit-hooks", "systems": "systems" } }, diff --git a/flake.nix b/flake.nix index afd3c805..50767290 100644 --- a/flake.nix +++ b/flake.nix @@ -61,10 +61,10 @@ }; }; - pre-commit-hooks = { + git-hooks = { type = "github"; owner = "cachix"; - repo = "pre-commit-hooks.nix"; + repo = "git-hooks.nix"; ref = "master"; inputs = { nixpkgs.follows = "nixpkgs"; diff --git a/flake/checks.nix b/flake/checks.nix index 98e49bd5..73e64d52 100644 --- a/flake/checks.nix +++ b/flake/checks.nix @@ -1,7 +1,7 @@ { inputs, ... }: { imports = [ - inputs.pre-commit-hooks.flakeModule + inputs.git-hooks.flakeModule ]; perSystem = { ... }: { diff --git a/templates/c++-cmake/flake.nix b/templates/c++-cmake/flake.nix index db3b35c1..36fd5ad6 100644 --- a/templates/c++-cmake/flake.nix +++ b/templates/c++-cmake/flake.nix @@ -16,10 +16,10 @@ ref = "nixos-unstable"; }; - pre-commit-hooks = { + git-hooks = { type = "github"; owner = "cachix"; - repo = "pre-commit-hooks.nix"; + repo = "git-hooks.nix"; ref = "master"; inputs = { flake-utils.follows = "futils"; @@ -28,7 +28,7 @@ }; }; - outputs = { self, futils, nixpkgs, pre-commit-hooks }: + outputs = { self, futils, nixpkgs, git-hooks }: { overlays = { default = final: _prev: { @@ -69,7 +69,7 @@ ]; }; - pre-commit = pre-commit-hooks.lib.${system}.run { + pre-commit = git-hooks.lib.${system}.run { src = self; hooks = { diff --git a/templates/c++-meson/flake.nix b/templates/c++-meson/flake.nix index 5957c621..961ba1fb 100644 --- a/templates/c++-meson/flake.nix +++ b/templates/c++-meson/flake.nix @@ -16,10 +16,10 @@ ref = "nixos-unstable"; }; - pre-commit-hooks = { + git-hooks = { type = "github"; owner = "cachix"; - repo = "pre-commit-hooks.nix"; + repo = "git-hooks.nix"; ref = "master"; inputs = { flake-utils.follows = "futils"; @@ -28,7 +28,7 @@ }; }; - outputs = { self, futils, nixpkgs, pre-commit-hooks }: + outputs = { self, futils, nixpkgs, git-hooks }: { overlays = { default = final: _prev: { @@ -69,7 +69,7 @@ ]; }; - pre-commit = pre-commit-hooks.lib.${system}.run { + pre-commit = git-hooks.lib.${system}.run { src = self; hooks = { diff --git a/templates/rust-cargo/flake.nix b/templates/rust-cargo/flake.nix index 6d50369d..b9031d91 100644 --- a/templates/rust-cargo/flake.nix +++ b/templates/rust-cargo/flake.nix @@ -16,10 +16,10 @@ ref = "nixos-unstable"; }; - pre-commit-hooks = { + git-hooks = { type = "github"; owner = "cachix"; - repo = "pre-commit-hooks.nix"; + repo = "git-hooks.nix"; ref = "master"; inputs = { flake-utils.follows = "futils"; @@ -28,7 +28,7 @@ }; }; - outputs = { self, futils, nixpkgs, pre-commit-hooks }: + outputs = { self, futils, nixpkgs, git-hooks }: { overlays = { default = final: _prev: { @@ -60,7 +60,7 @@ ]; }; - pre-commit = pre-commit-hooks.lib.${system}.run { + pre-commit = git-hooks.lib.${system}.run { src = self; hooks = { From 418494004b3479f0e523d3f72eb995aab8dddf41 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 5 Apr 2025 18:29:51 +0100 Subject: [PATCH 319/485] templates: use 'pre-commit.enabledPackages' --- templates/c++-cmake/flake.nix | 6 +++--- templates/c++-meson/flake.nix | 6 +++--- templates/rust-cargo/flake.nix | 7 +++---- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/templates/c++-cmake/flake.nix b/templates/c++-cmake/flake.nix index 36fd5ad6..eecb0070 100644 --- a/templates/c++-cmake/flake.nix +++ b/templates/c++-cmake/flake.nix @@ -92,12 +92,12 @@ devShells = { default = pkgs.mkShell { - inputsFrom = with self.packages.${system}; [ - project + inputsFrom = [ + self.packages.${system}.project ]; packages = with pkgs; [ - clang-tools + self.checks.${system}.pre-commit.enabledPackages ]; inherit (pre-commit) shellHook; diff --git a/templates/c++-meson/flake.nix b/templates/c++-meson/flake.nix index 961ba1fb..a4357772 100644 --- a/templates/c++-meson/flake.nix +++ b/templates/c++-meson/flake.nix @@ -92,12 +92,12 @@ devShells = { default = pkgs.mkShell { - inputsFrom = with self.packages.${system}; [ - project + inputsFrom = [ + self.packages.${system}.project ]; packages = with pkgs; [ - clang-tools + self.checks.${system}.pre-commit.enabledPackages ]; inherit (pre-commit) shellHook; diff --git a/templates/rust-cargo/flake.nix b/templates/rust-cargo/flake.nix index b9031d91..502d902e 100644 --- a/templates/rust-cargo/flake.nix +++ b/templates/rust-cargo/flake.nix @@ -88,14 +88,13 @@ devShells = { default = pkgs.mkShell { - inputsFrom = with self.packages.${system}; [ - project + inputsFrom = [ + self.packages.${system}.project ]; packages = with pkgs; [ - clippy rust-analyzer - rustfmt + self.checks.${system}.pre-commit.enabledPackages ]; RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}"; From 62ddec5c2346959e395b42775fbd82284bc8886f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 5 Apr 2025 18:46:14 +0100 Subject: [PATCH 320/485] templates: remove unused 'follows' --- templates/c++-cmake/flake.nix | 1 - templates/c++-meson/flake.nix | 1 - templates/rust-cargo/flake.nix | 1 - 3 files changed, 3 deletions(-) diff --git a/templates/c++-cmake/flake.nix b/templates/c++-cmake/flake.nix index eecb0070..7796f5e5 100644 --- a/templates/c++-cmake/flake.nix +++ b/templates/c++-cmake/flake.nix @@ -22,7 +22,6 @@ repo = "git-hooks.nix"; ref = "master"; inputs = { - flake-utils.follows = "futils"; nixpkgs.follows = "nixpkgs"; }; }; diff --git a/templates/c++-meson/flake.nix b/templates/c++-meson/flake.nix index a4357772..cb14eb56 100644 --- a/templates/c++-meson/flake.nix +++ b/templates/c++-meson/flake.nix @@ -22,7 +22,6 @@ repo = "git-hooks.nix"; ref = "master"; inputs = { - flake-utils.follows = "futils"; nixpkgs.follows = "nixpkgs"; }; }; diff --git a/templates/rust-cargo/flake.nix b/templates/rust-cargo/flake.nix index 502d902e..efd8358d 100644 --- a/templates/rust-cargo/flake.nix +++ b/templates/rust-cargo/flake.nix @@ -22,7 +22,6 @@ repo = "git-hooks.nix"; ref = "master"; inputs = { - flake-utils.follows = "futils"; nixpkgs.follows = "nixpkgs"; }; }; From ca98b8367c2ae384acd56271696f9a57de7f82f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 5 Apr 2025 18:18:06 +0100 Subject: [PATCH 321/485] templates: add python-uv --- templates/default.nix | 4 + templates/python-uv/.envrc | 6 ++ templates/python-uv/.gitignore | 6 ++ templates/python-uv/.woodpecker/check.yml | 31 ++++++ templates/python-uv/flake.nix | 112 ++++++++++++++++++++ templates/python-uv/pyproject.toml | 17 +++ templates/python-uv/src/project/__init__.py | 2 + 7 files changed, 178 insertions(+) create mode 100644 templates/python-uv/.envrc create mode 100644 templates/python-uv/.gitignore create mode 100644 templates/python-uv/.woodpecker/check.yml create mode 100644 templates/python-uv/flake.nix create mode 100644 templates/python-uv/pyproject.toml create mode 100644 templates/python-uv/src/project/__init__.py diff --git a/templates/default.nix b/templates/default.nix index 44db753a..51864cda 100644 --- a/templates/default.nix +++ b/templates/default.nix @@ -7,6 +7,10 @@ path = ./c++-meson; description = "A C++ project using Meson"; }; + "python-uv" = { + path = ./python-uv; + description = "A Python project using uv"; + }; "rust-cargo" = { path = ./rust-cargo; description = "A Rust project using Cargo"; diff --git a/templates/python-uv/.envrc b/templates/python-uv/.envrc new file mode 100644 index 00000000..390d06d4 --- /dev/null +++ b/templates/python-uv/.envrc @@ -0,0 +1,6 @@ +# shellcheck shell=bash +if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then + source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg=" +fi + +use flake diff --git a/templates/python-uv/.gitignore b/templates/python-uv/.gitignore new file mode 100644 index 00000000..c79d1e89 --- /dev/null +++ b/templates/python-uv/.gitignore @@ -0,0 +1,6 @@ +# Virtual environments +.venv + +# Nix generated files +/.pre-commit-config.yaml +/result diff --git a/templates/python-uv/.woodpecker/check.yml b/templates/python-uv/.woodpecker/check.yml new file mode 100644 index 00000000..272c0e43 --- /dev/null +++ b/templates/python-uv/.woodpecker/check.yml @@ -0,0 +1,31 @@ +labels: + backend: local + +steps: +- name: pre-commit check + image: bash + commands: + - nix develop --command pre-commit run --all + +- name: nix flake check + image: bash + commands: + - nix flake check + +- name: notify + image: bash + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password + commands: + - nix run github:ambroisie/matrix-notifier + when: + status: + - failure + - success diff --git a/templates/python-uv/flake.nix b/templates/python-uv/flake.nix new file mode 100644 index 00000000..5059e646 --- /dev/null +++ b/templates/python-uv/flake.nix @@ -0,0 +1,112 @@ +{ + description = "A Python project"; + + inputs = { + futils = { + type = "github"; + owner = "numtide"; + repo = "flake-utils"; + ref = "main"; + }; + + nixpkgs = { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + ref = "nixos-unstable"; + }; + + git-hooks = { + type = "github"; + owner = "cachix"; + repo = "git-hooks.nix"; + ref = "master"; + inputs = { + nixpkgs.follows = "nixpkgs"; + }; + }; + }; + + outputs = { self, futils, nixpkgs, git-hooks }: + { + overlays = { + default = final: _prev: { + project = with final; python3.pkgs.buildPythonApplication { + pname = "project"; + version = (final.lib.importTOML ./pyproject.toml).project.version; + pyproject = true; + + src = self; + + build-system = with python3.pkgs; [ setuptools ]; + + pythonImportsCheck = [ "project" ]; + + meta = with lib; { + description = "A Python project"; + homepage = "https://git.belanyi.fr/ambroisie/project"; + license = licenses.mit; + maintainers = with maintainers; [ ambroisie ]; + }; + }; + }; + }; + } // futils.lib.eachDefaultSystem (system: + let + pkgs = import nixpkgs { + inherit system; + overlays = [ + self.overlays.default + ]; + }; + + pre-commit = git-hooks.lib.${system}.run { + src = self; + + hooks = { + mypy = { + enable = true; + }; + + nixpkgs-fmt = { + enable = true; + }; + + ruff = { + enable = true; + }; + + ruff-format = { + enable = true; + }; + }; + }; + in + { + checks = { + inherit (self.packages.${system}) project; + + inherit pre-commit; + }; + + devShells = { + default = pkgs.mkShell { + inputsFrom = [ + self.packages.${system}.project + ]; + + packages = with pkgs; [ + uv + self.checks.${system}.pre-commit.enabledPackages + ]; + + inherit (pre-commit) shellHook; + }; + }; + + packages = futils.lib.flattenTree { + default = pkgs.project; + inherit (pkgs) project; + }; + }); +} diff --git a/templates/python-uv/pyproject.toml b/templates/python-uv/pyproject.toml new file mode 100644 index 00000000..7b2d896d --- /dev/null +++ b/templates/python-uv/pyproject.toml @@ -0,0 +1,17 @@ +[build-system] +requires = ["setuptools"] +build-backend = "setuptools.build_meta" + + +[project] +name = "project" +version = "0.0.0" +description = "project description" +requires-python = ">=3.12" +dependencies = [] + +[project.scripts] +project = "project:main" + +[dependency-groups] +dev = [] diff --git a/templates/python-uv/src/project/__init__.py b/templates/python-uv/src/project/__init__.py new file mode 100644 index 00000000..b06117df --- /dev/null +++ b/templates/python-uv/src/project/__init__.py @@ -0,0 +1,2 @@ +def main() -> None: + print("Hello, world!") From 7791ad09073529a8b01e534928fc0c61da139d53 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:00:10 +0000 Subject: [PATCH 322/485] nixos: services: servarr: fix 'enableAll' logic I renamed the option and refactored how it worked to make it more explicit that it enables the entire suite by default, with explicit opt-out of individual components (or fine-grained opt-in as an alternative). --- hosts/nixos/porthos/services.nix | 2 +- modules/nixos/services/servarr/default.nix | 20 +++++++++----------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index ffd150a0..021a6ae8 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -144,7 +144,7 @@ in sabnzbd.enable = true; # The whole *arr software suite servarr = { - enable = true; + enableAll = true; # ... But not Lidarr because I don't care for music that much lidarr = { enable = false; diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index e25d9cfd..65c409a3 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -19,6 +19,8 @@ let enable = true; group = "media"; }; + # Set-up media group + users.groups.media = { }; }; mkRedirection = service: { @@ -54,34 +56,30 @@ let in { options.my.services.servarr = { - enable = lib.mkEnableOption "Media automation"; + enableAll = lib.mkEnableOption "media automation suite"; bazarr = { - enable = lib.my.mkDisableOption "Bazarr"; + enable = lib.mkEnableOption "Bazarr" // { default = cfg.enableAll; };; }; lidarr = { - enable = lib.my.mkDisableOption "Lidarr"; + enable = lib.mkEnableOption "Lidarr" // { default = cfg.enableAll; }; }; radarr = { - enable = lib.my.mkDisableOption "Radarr"; + enable = lib.mkEnableOption "Radarr" // { default = cfg.enableAll; }; }; readarr = { - enable = lib.my.mkDisableOption "Readarr"; + enable = lib.mkEnableOption "Readarr" // { default = cfg.enableAll; }; }; sonarr = { - enable = lib.my.mkDisableOption "Sonarr"; + enable = lib.mkEnableOption "Sonarr" // { default = cfg.enableAll; }; }; }; - config = lib.mkIf cfg.enable (lib.mkMerge [ - { - # Set-up media group - users.groups.media = { }; - } + config = (lib.mkMerge [ # Bazarr does not log authentication failures... (mkFullConfig "bazarr") # Lidarr for music From 860c13ab1f456bc37ef092453c75c09ee08fc950 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 10:51:21 +0000 Subject: [PATCH 323/485] nixos: services: servarr: extract bazarr It's not an actual *arr package, but closely related to them. Extract its configuration to a sub-module. --- modules/nixos/services/servarr/bazarr.nix | 29 ++++++++++++++++++++++ modules/nixos/services/servarr/default.nix | 11 +++----- 2 files changed, 33 insertions(+), 7 deletions(-) create mode 100644 modules/nixos/services/servarr/bazarr.nix diff --git a/modules/nixos/services/servarr/bazarr.nix b/modules/nixos/services/servarr/bazarr.nix new file mode 100644 index 00000000..2d27c958 --- /dev/null +++ b/modules/nixos/services/servarr/bazarr.nix @@ -0,0 +1,29 @@ +{ config, lib, ... }: +let + cfg = config.my.services.servarr.bazarr; +in +{ + options.my.services.servarr.bazarr = with lib; { + enable = lib.mkEnableOption "Bazarr" // { + default = config.my.services.servarr.enableAll; + }; + }; + + config = lib.mkIf cfg.enable { + services.bazarr = { + enable = true; + group = "media"; + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + bazarr = { + port = 6767; + }; + }; + + # Bazarr does not log authentication failures... + }; +} diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 65c409a3..53fd14b9 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -7,7 +7,6 @@ let cfg = config.my.services.servarr; ports = { - bazarr = 6767; lidarr = 8686; radarr = 7878; readarr = 8787; @@ -55,13 +54,13 @@ let ]); in { + imports = [ + ./bazarr.nix + ]; + options.my.services.servarr = { enableAll = lib.mkEnableOption "media automation suite"; - bazarr = { - enable = lib.mkEnableOption "Bazarr" // { default = cfg.enableAll; };; - }; - lidarr = { enable = lib.mkEnableOption "Lidarr" // { default = cfg.enableAll; }; }; @@ -80,8 +79,6 @@ in }; config = (lib.mkMerge [ - # Bazarr does not log authentication failures... - (mkFullConfig "bazarr") # Lidarr for music (mkFullConfig "lidarr") (mkFail2Ban "lidarr") From 1f876d3e214081aa3bd006a9b78fe5772473c382 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 10:53:32 +0000 Subject: [PATCH 324/485] nixos: services: servarr: bazarr: add 'port' --- modules/nixos/services/servarr/bazarr.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/servarr/bazarr.nix b/modules/nixos/services/servarr/bazarr.nix index 2d27c958..637da0c7 100644 --- a/modules/nixos/services/servarr/bazarr.nix +++ b/modules/nixos/services/servarr/bazarr.nix @@ -7,12 +7,20 @@ in enable = lib.mkEnableOption "Bazarr" // { default = config.my.services.servarr.enableAll; }; + + port = mkOption { + type = types.port; + default = 6767; + example = 8080; + description = "Internal port for webui"; + }; }; config = lib.mkIf cfg.enable { services.bazarr = { enable = true; group = "media"; + listenPort = cfg.port; }; # Set-up media group @@ -20,7 +28,7 @@ in my.services.nginx.virtualHosts = { bazarr = { - port = 6767; + inherit (cfg) port; }; }; From 8e6be43817d1337df7a5169bf62ae7d05e5689fb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:07:21 +0000 Subject: [PATCH 325/485] nixox: services: servarr: refactor starr config Makes it slightly DRY-er and more readable. --- modules/nixos/services/servarr/default.nix | 87 ++-------------------- modules/nixos/services/servarr/starr.nix | 51 +++++++++++++ 2 files changed, 56 insertions(+), 82 deletions(-) create mode 100644 modules/nixos/services/servarr/starr.nix diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 53fd14b9..398461bd 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -2,94 +2,17 @@ # Relevant link [1]. # # [1]: https://youtu.be/I26Ql-uX6AM -{ config, lib, ... }: -let - cfg = config.my.services.servarr; - - ports = { - lidarr = 8686; - radarr = 7878; - readarr = 8787; - sonarr = 8989; - }; - - mkService = service: { - services.${service} = { - enable = true; - group = "media"; - }; - # Set-up media group - users.groups.media = { }; - }; - - mkRedirection = service: { - my.services.nginx.virtualHosts = { - ${service} = { - port = ports.${service}; - }; - }; - }; - - mkFail2Ban = service: lib.mkIf cfg.${service}.enable { - services.fail2ban.jails = { - ${service} = '' - enabled = true - filter = ${service} - action = iptables-allports - ''; - }; - - environment.etc = { - "fail2ban/filter.d/${service}.conf".text = '' - [Definition] - failregex = ^.*\|Warn\|Auth\|Auth-Failure ip username .*$ - journalmatch = _SYSTEMD_UNIT=${service}.service - ''; - }; - }; - - mkFullConfig = service: lib.mkIf cfg.${service}.enable (lib.mkMerge [ - (mkService service) - (mkRedirection service) - ]); -in +{ lib, ... }: { imports = [ ./bazarr.nix + (import ./starr.nix "lidarr") + (import ./starr.nix "radarr") + (import ./starr.nix "readarr") + (import ./starr.nix "sonarr") ]; options.my.services.servarr = { enableAll = lib.mkEnableOption "media automation suite"; - - lidarr = { - enable = lib.mkEnableOption "Lidarr" // { default = cfg.enableAll; }; - }; - - radarr = { - enable = lib.mkEnableOption "Radarr" // { default = cfg.enableAll; }; - }; - - readarr = { - enable = lib.mkEnableOption "Readarr" // { default = cfg.enableAll; }; - }; - - sonarr = { - enable = lib.mkEnableOption "Sonarr" // { default = cfg.enableAll; }; - }; }; - - config = (lib.mkMerge [ - # Lidarr for music - (mkFullConfig "lidarr") - (mkFail2Ban "lidarr") - # Radarr for movies - (mkFullConfig "radarr") - (mkFail2Ban "radarr") - # Readarr for books - (mkFullConfig "readarr") - (mkFail2Ban "readarr") - # Sonarr for shows - (mkFullConfig "sonarr") - (mkFail2Ban "sonarr") - ]); } diff --git a/modules/nixos/services/servarr/starr.nix b/modules/nixos/services/servarr/starr.nix new file mode 100644 index 00000000..e9c84f90 --- /dev/null +++ b/modules/nixos/services/servarr/starr.nix @@ -0,0 +1,51 @@ +# Templated *arr configuration +starr: +{ config, lib, ... }: +let + cfg = config.my.services.servarr.${starr}; + ports = { + lidarr = 8686; + radarr = 7878; + readarr = 8787; + sonarr = 8989; + }; +in +{ + options.my.services.servarr.${starr} = with lib; { + enable = lib.mkEnableOption (lib.toSentenceCase starr) // { + default = config.my.services.servarr.enableAll; + }; + }; + + config = lib.mkIf cfg.enable { + services.${starr} = { + enable = true; + group = "media"; + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + ${starr} = { + port = ports.${starr}; + }; + }; + + services.fail2ban.jails = { + ${starr} = '' + enabled = true + filter = ${starr} + action = iptables-allports + ''; + }; + + environment.etc = { + "fail2ban/filter.d/${starr}.conf".text = '' + [Definition] + failregex = ^.*\|Warn\|Auth\|Auth-Failure ip username .*$ + journalmatch = _SYSTEMD_UNIT=${starr}.service + ''; + }; + }; +} From d783b5f5ee598ddd82e585c12d8e397c55a1e3b1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:12:16 +0000 Subject: [PATCH 326/485] nixos: services: servarr: starr: add 'port' Now that declarative configurations are supported for those applications. --- modules/nixos/services/servarr/starr.nix | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/servarr/starr.nix b/modules/nixos/services/servarr/starr.nix index e9c84f90..2bf7c114 100644 --- a/modules/nixos/services/servarr/starr.nix +++ b/modules/nixos/services/servarr/starr.nix @@ -15,12 +15,25 @@ in enable = lib.mkEnableOption (lib.toSentenceCase starr) // { default = config.my.services.servarr.enableAll; }; + + port = mkOption { + type = types.port; + default = ports.${starr}; + example = 8080; + description = "Internal port for webui"; + }; }; config = lib.mkIf cfg.enable { services.${starr} = { enable = true; group = "media"; + + settings = { + server = { + port = cfg.port; + }; + }; }; # Set-up media group @@ -28,7 +41,7 @@ in my.services.nginx.virtualHosts = { ${starr} = { - port = ports.${starr}; + port = cfg.port; }; }; From f825d047b5f17cdff8cd096660abf48ed79e7f72 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:21:24 +0000 Subject: [PATCH 327/485] nixos: services: servarr: migrate prowlarr The configuration doesn't have `group`, so it's a slightly different configuration to the rest of the *arr services. I also want to move the other two indexer modules under `servarr`, as they are all closely related. --- hosts/nixos/porthos/services.nix | 4 -- modules/nixos/services/indexers/default.nix | 30 ------------ modules/nixos/services/servarr/default.nix | 1 + modules/nixos/services/servarr/prowlarr.nix | 53 +++++++++++++++++++++ 4 files changed, 54 insertions(+), 34 deletions(-) create mode 100644 modules/nixos/services/servarr/prowlarr.nix diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 021a6ae8..90178944 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -51,10 +51,6 @@ in passwordFile = secrets."forgejo/mail-password".path; }; }; - # Meta-indexers - indexers = { - prowlarr.enable = true; - }; # Jellyfin media server jellyfin.enable = true; # Gitea mirrorig service diff --git a/modules/nixos/services/indexers/default.nix b/modules/nixos/services/indexers/default.nix index 8a42345a..00bf3163 100644 --- a/modules/nixos/services/indexers/default.nix +++ b/modules/nixos/services/indexers/default.nix @@ -5,13 +5,11 @@ let jackettPort = 9117; nzbhydraPort = 5076; - prowlarrPort = 9696; in { options.my.services.indexers = with lib; { jackett.enable = mkEnableOption "Jackett torrent meta-indexer"; nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; - prowlarr.enable = mkEnableOption "Prowlarr torrent & usenet meta-indexer"; }; config = lib.mkMerge [ @@ -46,33 +44,5 @@ in }; }; }) - - (lib.mkIf cfg.prowlarr.enable { - services.prowlarr = { - enable = true; - }; - - my.services.nginx.virtualHosts = { - prowlarr = { - port = prowlarrPort; - }; - }; - - services.fail2ban.jails = { - prowlarr = '' - enabled = true - filter = prowlarr - action = iptables-allports - ''; - }; - - environment.etc = { - "fail2ban/filter.d/prowlarr.conf".text = '' - [Definition] - failregex = ^.*\|Warn\|Auth\|Auth-Failure ip username .*$ - journalmatch = _SYSTEMD_UNIT=prowlarr.service - ''; - }; - }) ]; } diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 398461bd..1bca773e 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -6,6 +6,7 @@ { imports = [ ./bazarr.nix + ./prowlarr.nix (import ./starr.nix "lidarr") (import ./starr.nix "radarr") (import ./starr.nix "readarr") diff --git a/modules/nixos/services/servarr/prowlarr.nix b/modules/nixos/services/servarr/prowlarr.nix new file mode 100644 index 00000000..ce044c63 --- /dev/null +++ b/modules/nixos/services/servarr/prowlarr.nix @@ -0,0 +1,53 @@ +# Torrent and NZB indexer +{ config, lib, ... }: +let + cfg = config.my.services.servarr.prowlarr; +in +{ + options.my.services.servarr.prowlarr = with lib; { + enable = lib.mkEnableOption "Prowlarr" // { + default = config.my.services.servarr.enableAll; + }; + + port = mkOption { + type = types.port; + default = 9696; + example = 8080; + description = "Internal port for webui"; + }; + }; + + config = lib.mkIf cfg.enable { + services.prowlarr = { + enable = true; + + settings = { + server = { + port = cfg.port; + }; + }; + }; + + my.services.nginx.virtualHosts = { + prowlarr = { + inherit (cfg) port; + }; + }; + + services.fail2ban.jails = { + prowlarr = '' + enabled = true + filter = prowlarr + action = iptables-allports + ''; + }; + + environment.etc = { + "fail2ban/filter.d/prowlarr.conf".text = '' + [Definition] + failregex = ^.*\|Warn\|Auth\|Auth-Failure ip username .*$ + journalmatch = _SYSTEMD_UNIT=prowlarr.service + ''; + }; + }; +} From 950cf4dd059e74d87084747b25e70138753b82d5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:27:18 +0000 Subject: [PATCH 328/485] nixos: services: servarr: migrate jackett --- hosts/nixos/porthos/services.nix | 4 +++ modules/nixos/services/indexers/default.nix | 22 -------------- modules/nixos/services/servarr/default.nix | 1 + modules/nixos/services/servarr/jackett.nix | 33 +++++++++++++++++++++ 4 files changed, 38 insertions(+), 22 deletions(-) create mode 100644 modules/nixos/services/servarr/jackett.nix diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 90178944..d45846ae 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -145,6 +145,10 @@ in lidarr = { enable = false; }; + # I only use Prowlarr nowadays + jackett = { + enable = false; + }; }; # Because I still need to play sysadmin ssh-server.enable = true; diff --git a/modules/nixos/services/indexers/default.nix b/modules/nixos/services/indexers/default.nix index 00bf3163..5d810796 100644 --- a/modules/nixos/services/indexers/default.nix +++ b/modules/nixos/services/indexers/default.nix @@ -3,36 +3,14 @@ let cfg = config.my.services.indexers; - jackettPort = 9117; nzbhydraPort = 5076; in { options.my.services.indexers = with lib; { - jackett.enable = mkEnableOption "Jackett torrent meta-indexer"; nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; }; config = lib.mkMerge [ - (lib.mkIf cfg.jackett.enable { - services.jackett = { - enable = true; - }; - - # Jackett wants to eat *all* my RAM if left to its own devices - systemd.services.jackett = { - serviceConfig = { - MemoryHigh = "15%"; - MemoryMax = "25%"; - }; - }; - - my.services.nginx.virtualHosts = { - jackett = { - port = jackettPort; - }; - }; - }) - (lib.mkIf cfg.nzbhydra.enable { services.nzbhydra2 = { enable = true; diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 1bca773e..06a1cef1 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -6,6 +6,7 @@ { imports = [ ./bazarr.nix + ./jackett.nix ./prowlarr.nix (import ./starr.nix "lidarr") (import ./starr.nix "radarr") diff --git a/modules/nixos/services/servarr/jackett.nix b/modules/nixos/services/servarr/jackett.nix new file mode 100644 index 00000000..756df9bf --- /dev/null +++ b/modules/nixos/services/servarr/jackett.nix @@ -0,0 +1,33 @@ +{ config, lib, ... }: +let + cfg = config.my.services.servarr.jackett; +in +{ + options.my.services.servarr.jackett = with lib; { + enable = lib.mkEnableOption "Jackett" // { + default = config.my.services.servarr.enableAll; + }; + }; + + config = lib.mkIf cfg.enable { + services.jackett = { + enable = true; + }; + + # Jackett wants to eat *all* my RAM if left to its own devices + systemd.services.jackett = { + serviceConfig = { + MemoryHigh = "15%"; + MemoryMax = "25%"; + }; + }; + + my.services.nginx.virtualHosts = { + jackett = { + port = 9117; + }; + }; + + # Jackett does not log authentication failures... + }; +} From c823edf58415c1f07eebd03a21617c09447cafbb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:28:04 +0000 Subject: [PATCH 329/485] nixos: services: servarr: jackett: add 'port' --- modules/nixos/services/servarr/jackett.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/servarr/jackett.nix b/modules/nixos/services/servarr/jackett.nix index 756df9bf..481cd3de 100644 --- a/modules/nixos/services/servarr/jackett.nix +++ b/modules/nixos/services/servarr/jackett.nix @@ -7,11 +7,19 @@ in enable = lib.mkEnableOption "Jackett" // { default = config.my.services.servarr.enableAll; }; + + port = mkOption { + type = types.port; + default = 9117; + example = 8080; + description = "Internal port for webui"; + }; }; config = lib.mkIf cfg.enable { services.jackett = { enable = true; + inherit (cfg) port; }; # Jackett wants to eat *all* my RAM if left to its own devices @@ -24,7 +32,7 @@ in my.services.nginx.virtualHosts = { jackett = { - port = 9117; + inherit (cfg) port; }; }; From b1ade723837cbffcfc8a1ac24fa96566392e5e3d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:32:39 +0000 Subject: [PATCH 330/485] nixos: services: servarr: migrate nzbhydra --- hosts/nixos/porthos/services.nix | 3 +++ modules/nixos/services/default.nix | 1 - modules/nixos/services/indexers/default.nix | 26 --------------------- modules/nixos/services/servarr/default.nix | 1 + modules/nixos/services/servarr/nzbhydra.nix | 25 ++++++++++++++++++++ 5 files changed, 29 insertions(+), 27 deletions(-) delete mode 100644 modules/nixos/services/indexers/default.nix create mode 100644 modules/nixos/services/servarr/nzbhydra.nix diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index d45846ae..7efddfa1 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -149,6 +149,9 @@ in jackett = { enable = false; }; + nzbhydra = { + enable = false; + }; }; # Because I still need to play sysadmin ssh-server.enable = true; diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 3992385f..27f8765a 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -15,7 +15,6 @@ ./gitea ./grocy ./homebox - ./indexers ./jellyfin ./komga ./lohr diff --git a/modules/nixos/services/indexers/default.nix b/modules/nixos/services/indexers/default.nix deleted file mode 100644 index 5d810796..00000000 --- a/modules/nixos/services/indexers/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -# Torrent and usenet meta-indexers -{ config, lib, ... }: -let - cfg = config.my.services.indexers; - - nzbhydraPort = 5076; -in -{ - options.my.services.indexers = with lib; { - nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.nzbhydra.enable { - services.nzbhydra2 = { - enable = true; - }; - - my.services.nginx.virtualHosts = { - nzbhydra = { - port = nzbhydraPort; - }; - }; - }) - ]; -} diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 06a1cef1..23838fde 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -7,6 +7,7 @@ imports = [ ./bazarr.nix ./jackett.nix + ./nzbhydra.nix ./prowlarr.nix (import ./starr.nix "lidarr") (import ./starr.nix "radarr") diff --git a/modules/nixos/services/servarr/nzbhydra.nix b/modules/nixos/services/servarr/nzbhydra.nix new file mode 100644 index 00000000..4112c30d --- /dev/null +++ b/modules/nixos/services/servarr/nzbhydra.nix @@ -0,0 +1,25 @@ +{ config, lib, ... }: +let + cfg = config.my.services.servarr.nzbhydra; +in +{ + options.my.services.servarr.nzbhydra = with lib; { + enable = lib.mkEnableOption "NZBHydra2" // { + default = config.my.services.servarr.enableAll; + }; + }; + + config = lib.mkIf cfg.enable { + services.nzbhydra2 = { + enable = true; + }; + + my.services.nginx.virtualHosts = { + nzbhydra = { + port = 5076; + }; + }; + + # NZBHydra2 does not log authentication failures... + }; +} From ec965800e4a1cd0d8a26f7e2ba50d31e85aaf9b9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 11:34:25 +0000 Subject: [PATCH 331/485] nixos: services: servarr: nzbhydra: fix websockets From what I could read, NZBHydra2 *might* require proxying websockets in new versions (better safe than sorry). --- modules/nixos/services/servarr/nzbhydra.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/services/servarr/nzbhydra.nix b/modules/nixos/services/servarr/nzbhydra.nix index 4112c30d..7b639869 100644 --- a/modules/nixos/services/servarr/nzbhydra.nix +++ b/modules/nixos/services/servarr/nzbhydra.nix @@ -17,6 +17,7 @@ in my.services.nginx.virtualHosts = { nzbhydra = { port = 5076; + websocketsLocations = [ "/" ]; }; }; From 351026418678281890d469c7d183516f34bba445 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 Mar 2025 22:49:11 +0200 Subject: [PATCH 332/485] flake: bump inputs --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 353a3923..d86d6b5a 100644 --- a/flake.lock +++ b/flake.lock @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1743607567, - "narHash": "sha256-kTzKPDFmNzwO1cK4fiJgPB/iSw7HgBAmknRTeAPJAeI=", + "lastModified": 1743869639, + "narHash": "sha256-Xhe3whfRW/Ay05z9m1EZ1/AkbV1yo0tm1CbgjtCi4rQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "49748c74cdbae03d70381f150b810f92617f23aa", + "rev": "d094c6763c6ddb860580e7d3b4201f8f496a6836", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743448293, - "narHash": "sha256-bmEPmSjJakAp/JojZRrUvNcDX2R5/nuX6bm+seVaGhs=", + "lastModified": 1743689281, + "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "77b584d61ff80b4cef9245829a6f1dfad5afdfa3", + "rev": "2bfc080955153be0be56724be6fa5477b4eefabb", "type": "github" }, "original": { From 215eb4c91ac722b8da4bb38c6791695021c3b516 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Feb 2025 22:59:51 +0100 Subject: [PATCH 333/485] nixos: services: servarr: add autobrr --- hosts/nixos/porthos/services.nix | 3 ++ modules/nixos/services/servarr/autobrr.nix | 62 ++++++++++++++++++++++ modules/nixos/services/servarr/default.nix | 1 + 3 files changed, 66 insertions(+) create mode 100644 modules/nixos/services/servarr/autobrr.nix diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 7efddfa1..cb77fbe1 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -141,6 +141,9 @@ in # The whole *arr software suite servarr = { enableAll = true; + autobrr = { + enable = false; + }; # ... But not Lidarr because I don't care for music that much lidarr = { enable = false; diff --git a/modules/nixos/services/servarr/autobrr.nix b/modules/nixos/services/servarr/autobrr.nix new file mode 100644 index 00000000..afb07f4c --- /dev/null +++ b/modules/nixos/services/servarr/autobrr.nix @@ -0,0 +1,62 @@ +# IRC-based +{ config, lib, ... }: +let + cfg = config.my.services.servarr.autobrr; +in +{ + options.my.services.servarr.autobrr = with lib; { + enable = mkEnableOption "autobrr IRC announce tracker" // { + default = config.my.services.servarr.enableAll; + }; + + port = mkOption { + type = types.port; + default = 7474; + example = 8080; + description = "Internal port for webui"; + }; + + sessionSecretFile = mkOption { + type = types.str; + example = "/run/secrets/autobrr-secret.txt"; + description = '' + File containing the session secret. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + services.autobrr = { + enable = true; + + settings = { + inherit (cfg) port; + checkForUpdates = false; + }; + + secretFile = cfg.sessionSecretFile; + }; + + my.services.nginx.virtualHosts = { + autobrr = { + inherit (cfg) port; + }; + }; + + services.fail2ban.jails = { + autobrr = '' + enabled = true + filter = autobrr + action = iptables-allports + ''; + }; + + environment.etc = { + "fail2ban/filter.d/autobrr.conf".text = '' + [Definition] + failregex = ^.*Auth: invalid login \[.*\] from: $ + journalmatch = _SYSTEMD_UNIT=autobrr.service + ''; + }; + }; +} diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 23838fde..409fcdc6 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -5,6 +5,7 @@ { lib, ... }: { imports = [ + ./autobrr.nix ./bazarr.nix ./jackett.nix ./nzbhydra.nix From 979814e9dea51880a2ed2c3f37033b994160441d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Feb 2025 21:58:19 +0000 Subject: [PATCH 334/485] hosts: nixos: porthos: secrets: add autobrr --- hosts/nixos/porthos/secrets/secrets.nix | 2 ++ .../porthos/secrets/servarr/autobrr/session-secret.age | 7 +++++++ 2 files changed, 9 insertions(+) create mode 100644 hosts/nixos/porthos/secrets/servarr/autobrr/session-secret.age diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index 68e90f2e..425756c5 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -80,6 +80,8 @@ in "pyload/credentials.age".publicKeys = all; + "servarr/autobrr/session-secret.age".publicKeys = all; + "sso/auth-key.age" = { owner = "nginx-sso"; publicKeys = all; diff --git a/hosts/nixos/porthos/secrets/servarr/autobrr/session-secret.age b/hosts/nixos/porthos/secrets/servarr/autobrr/session-secret.age new file mode 100644 index 00000000..e98b94ad --- /dev/null +++ b/hosts/nixos/porthos/secrets/servarr/autobrr/session-secret.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg bu09lB+fjaPP31cUQZP6EqSPuseucgNK7k9vAS08iS0 ++NGL+b2QD/qGo6hqHvosAXzHZtDvfodmPdcgnrKlD1o +-> ssh-ed25519 jPowng QDCdRBGWhtdvvMCiDH52cZHz1/W7aomhTatZ4+9IKwI +Ou3jjV/O55G1CPgGS33l3eWhhYWrVdwVNPSiE14d5rE +--- q0ssmpG50OX1WaNSInc2hbtH3DbTwQGDU74VGEoMh94 + ¯mCùºÆ‘'hK.Ðì/™Xu(€«Õ×g$½'¼šM{fK˜” !ÛMZ²oR÷®ˆüÎÕÍŸö;yb \ No newline at end of file From b8c649d5bff68813cb8589c776cf39a17cef91ea Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 30 Mar 2025 20:22:01 +0200 Subject: [PATCH 335/485] hosts: nixos: porthos: services: enable autobrr --- hosts/nixos/porthos/services.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index cb77fbe1..784eb313 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -142,7 +142,7 @@ in servarr = { enableAll = true; autobrr = { - enable = false; + sessionSecretFile = secrets."servarr/autobrr/session-secret".path; }; # ... But not Lidarr because I don't care for music that much lidarr = { From 08f7c2bd7912696047e815adbb92adf89f4e47c7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 5 Apr 2025 20:24:21 +0200 Subject: [PATCH 336/485] nixos: services: nextcloud: bump to 31 --- modules/nixos/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index fe941778..cf1b876f 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -35,7 +35,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud30; + package = pkgs.nextcloud31; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From 01529075369d01274302efaaa8df55aac77b1a21 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Apr 2025 10:19:30 +0000 Subject: [PATCH 337/485] flake: nixos: use 'self.dirtyRev' if available --- flake/nixos.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake/nixos.nix b/flake/nixos.nix index fa656dc0..bf9eac8c 100644 --- a/flake/nixos.nix +++ b/flake/nixos.nix @@ -3,7 +3,7 @@ let defaultModules = [ { # Let 'nixos-version --json' know about the Git revision - system.configurationRevision = self.rev or "dirty"; + system.configurationRevision = self.rev or self.dirtyRev or "dirty"; } { nixpkgs.overlays = (lib.attrValues self.overlays) ++ [ From a1cab7f60649123658bb8df098c5eff934d0364b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Apr 2025 15:50:22 +0000 Subject: [PATCH 338/485] flake: home-manager: set overlays in module I need to inherit `lib` to make sure it picks up my version, not the one from `pkgs`. I can't use `extraSpecialArgs` like NixOS, due to it missing from upstream [1]. [1]: https://github.com/nix-community/home-manager/pull/3969 --- flake/home-manager.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/flake/home-manager.nix b/flake/home-manager.nix index add889eb..093ae8cf 100644 --- a/flake/home-manager.nix +++ b/flake/home-manager.nix @@ -3,6 +3,11 @@ let defaultModules = [ # Include generic settings "${self}/modules/home" + { + nixpkgs.overlays = (lib.attrValues self.overlays) ++ [ + inputs.nur.overlays.default + ]; + } { # Basic user information defaults home.username = lib.mkDefault "ambroisie"; @@ -21,18 +26,15 @@ let # * not letting me set `lib` as an extraSpecialArgs # * not respecting `nixpkgs.overlays` [1] # [1]: https://github.com/nix-community/home-manager/issues/2954 - pkgs = import inputs.nixpkgs { - inherit system; - - overlays = (lib.attrValues self.overlays) ++ [ - inputs.nur.overlays.default - ]; - }; + pkgs = inputs.nixpkgs.legacyPackages.${system}; modules = defaultModules ++ [ "${self}/hosts/homes/${name}" ]; + # Use my extended lib in NixOS configuration + inherit (self) lib; + extraSpecialArgs = { # Inject inputs to use them in global registry inherit inputs; From e5bf5a3ba1ce7c6d2aa09658303dcabf72bb09b9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Apr 2025 11:41:07 +0200 Subject: [PATCH 339/485] flake: bump inputs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d86d6b5a..9e61219b 100644 --- a/flake.lock +++ b/flake.lock @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743689281, - "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=", + "lastModified": 1744174375, + "narHash": "sha256-oxI9TLgnQbQ/WL0tIwVSIooLbXq4PW1QUhf5aQmXFgk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2bfc080955153be0be56724be6fa5477b4eefabb", + "rev": "ef3a956f697525883b77192cbe208233ea0f8f79", "type": "github" }, "original": { From 439a6bc930ea7eabb372824c71d4a9174d4588b5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Apr 2025 12:26:04 +0200 Subject: [PATCH 340/485] nixos: services: homebox: use postgres --- modules/nixos/services/homebox/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/nixos/services/homebox/default.nix b/modules/nixos/services/homebox/default.nix index d79e3314..bde59e67 100644 --- a/modules/nixos/services/homebox/default.nix +++ b/modules/nixos/services/homebox/default.nix @@ -19,6 +19,11 @@ in services.homebox = { enable = true; + # Automatic PostgreSQL provisioning + database = { + createLocally = true; + }; + settings = { # FIXME: mailer? HBOX_WEB_PORT = toString cfg.port; From 1dd1dbb917b17da7864a4ac20a977869ff752ac2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Apr 2025 12:26:42 +0200 Subject: [PATCH 341/485] nixos: services: homebox: proxy websockets Should avoid a bunch of error logs, and ensure that e.g: adding a label does not require a refresh to show it in a list. --- modules/nixos/services/homebox/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/services/homebox/default.nix b/modules/nixos/services/homebox/default.nix index bde59e67..8ed5d776 100644 --- a/modules/nixos/services/homebox/default.nix +++ b/modules/nixos/services/homebox/default.nix @@ -33,6 +33,7 @@ in my.services.nginx.virtualHosts = { homebox = { inherit (cfg) port; + websocketsLocations = [ "/api" ]; }; }; From bd55ecc016eb49eca60b98ab0d2a22eca49a95ce Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Apr 2025 12:27:51 +0200 Subject: [PATCH 342/485] hosts: nixos: porthos: services: enable homebox --- hosts/nixos/porthos/services.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 784eb313..561da278 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -51,6 +51,10 @@ in passwordFile = secrets."forgejo/mail-password".path; }; }; + # Home inventory + homebox = { + enable = true; + }; # Jellyfin media server jellyfin.enable = true; # Gitea mirrorig service From a28295da27b96301bba49cd68cb6ae017be4be76 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Apr 2025 19:01:08 +0200 Subject: [PATCH 343/485] nixos: services: servarr: autobrr: fix comment --- modules/nixos/services/servarr/autobrr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/servarr/autobrr.nix b/modules/nixos/services/servarr/autobrr.nix index afb07f4c..4465a78c 100644 --- a/modules/nixos/services/servarr/autobrr.nix +++ b/modules/nixos/services/servarr/autobrr.nix @@ -1,4 +1,4 @@ -# IRC-based +# IRC-based indexer { config, lib, ... }: let cfg = config.my.services.servarr.autobrr; From a0473a5c6cd191ea649c250dc7e8f6094e74adba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Apr 2025 11:27:47 +0200 Subject: [PATCH 344/485] nixos: services: servarr: autobrr: fix fail2ban The log line for authentication failures has been updated since the original PR. It also happens to be logged in JSON, and I'm a bit too lazy to match it more properly than this. --- modules/nixos/services/servarr/autobrr.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/servarr/autobrr.nix b/modules/nixos/services/servarr/autobrr.nix index 4465a78c..398e8786 100644 --- a/modules/nixos/services/servarr/autobrr.nix +++ b/modules/nixos/services/servarr/autobrr.nix @@ -54,7 +54,7 @@ in environment.etc = { "fail2ban/filter.d/autobrr.conf".text = '' [Definition] - failregex = ^.*Auth: invalid login \[.*\] from: $ + failregex = "message":"Auth: Failed login attempt username: \[.*\] ip: " journalmatch = _SYSTEMD_UNIT=autobrr.service ''; }; From e82ae4a2192191e2894969fe3107fdbcd36c8c92 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Apr 2025 10:19:57 +0000 Subject: [PATCH 345/485] home: vim: numbertoggle: remove 'TermOpen' event It's now part of upstream's default setup. --- modules/home/vim/plugin/numbertoggle.lua | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/modules/home/vim/plugin/numbertoggle.lua b/modules/home/vim/plugin/numbertoggle.lua index 80427101..b1e3df21 100644 --- a/modules/home/vim/plugin/numbertoggle.lua +++ b/modules/home/vim/plugin/numbertoggle.lua @@ -22,13 +22,3 @@ vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" end end, }) - --- Never show the sign column in a terminal buffer -vim.api.nvim_create_autocmd({ "TermOpen" }, { - pattern = "*", - group = numbertoggle, - callback = function() - vim.opt.number = false - vim.opt.relativenumber = false - end, -}) From 67936af4c73f8664448efc80b072f40c568517c6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Apr 2025 10:19:57 +0000 Subject: [PATCH 346/485] home: vim: signtoggle: remove 'TermOpen' event It's now part of upstream's default setup. --- modules/home/vim/plugin/signtoggle.lua | 9 --------- 1 file changed, 9 deletions(-) diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua index 9765a818..6a7640c1 100644 --- a/modules/home/vim/plugin/signtoggle.lua +++ b/modules/home/vim/plugin/signtoggle.lua @@ -15,12 +15,3 @@ vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { vim.opt.signcolumn = "no" end, }) - --- Never show the sign column in a terminal buffer -vim.api.nvim_create_autocmd({ "TermOpen" }, { - pattern = "*", - group = signtoggle, - callback = function() - vim.opt.signcolumn = "no" - end, -}) From 6f5ac4e55f644a5e5a473e9fda752fbebdec7455 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Apr 2025 10:24:30 +0000 Subject: [PATCH 347/485] home: vim: signtoggle: only show signs if 'number' If a buffer doesn't show a number column, I probably also don't want a sign column to be toggled on/off in there. --- modules/home/vim/plugin/signtoggle.lua | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua index 6a7640c1..3deca340 100644 --- a/modules/home/vim/plugin/signtoggle.lua +++ b/modules/home/vim/plugin/signtoggle.lua @@ -1,17 +1,21 @@ local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true }) --- Only show sign column for the currently focused buffer +-- Only show sign column for the currently focused buffer, if it has a number column vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, { pattern = "*", group = signtoggle, callback = function() - vim.opt.signcolumn = "yes" + if vim.opt.number:get() then + vim.opt.signcolumn = "yes" + end end, }) vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { pattern = "*", group = signtoggle, callback = function() - vim.opt.signcolumn = "no" + if vim.opt.number:get() then + vim.opt.signcolumn = "no" + end end, }) From 26ee59ef6e4f28ccbdbcf87eb28bb4074a87c840 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Apr 2025 13:54:52 +0000 Subject: [PATCH 348/485] home: atuin: use 'uk' dialect for dates This should be for date *parsing*, from my looking at the code. Unlikely to be relevant, but might as well set it to the saner of the two options. --- modules/home/atuin/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index 3f062638..8c02e692 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -21,6 +21,8 @@ in ]; settings = { + # Reasonable date format + dialect = "uk"; # The package is managed by Nix update_check = false; # I don't care for the fancy display From c69aaa7adb604593d20d38d0037caaf24cb41f3e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Apr 2025 15:25:18 +0200 Subject: [PATCH 349/485] nixos: services: servarr: autobrr: fix websockets I found some logs complaining about websockets before enabling this. --- modules/nixos/services/servarr/autobrr.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/services/servarr/autobrr.nix b/modules/nixos/services/servarr/autobrr.nix index 398e8786..c3370cb8 100644 --- a/modules/nixos/services/servarr/autobrr.nix +++ b/modules/nixos/services/servarr/autobrr.nix @@ -40,6 +40,7 @@ in my.services.nginx.virtualHosts = { autobrr = { inherit (cfg) port; + websocketsLocations = [ "/api" ]; }; }; From e4bc0444bfe7fdc7a43afcbda1ec7379f8286301 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Apr 2025 15:29:10 +0200 Subject: [PATCH 350/485] nixos: services: transmission: fix umask I want downloads to be readable by the `media` group. The permissions weren't correctly applied without `umask`. --- modules/nixos/services/transmission/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index ac8b24dd..16d51e3f 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -65,6 +65,8 @@ in # Proxied behind Nginx. rpc-whitelist-enabled = true; rpc-whitelist = "127.0.0.1"; + + umask = "002"; # To go with `downloadDirPermissions` }; }; From 1b6a48d6c27a88c98c6c99cbe642ee681c362cbd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Apr 2025 17:07:23 +0200 Subject: [PATCH 351/485] flake: bump inputs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 9e61219b..65b8f048 100644 --- a/flake.lock +++ b/flake.lock @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1744174375, - "narHash": "sha256-oxI9TLgnQbQ/WL0tIwVSIooLbXq4PW1QUhf5aQmXFgk=", + "lastModified": 1744777043, + "narHash": "sha256-O6jgTxz9BKUiaJl03JsVHvSjtCOC8gHfDvC2UCfcLMc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ef3a956f697525883b77192cbe208233ea0f8f79", + "rev": "7a6f7f4c1c69eee05641beaa40e7f85da8e69fb0", "type": "github" }, "original": { From c40090d17607efbec1d58cefa95f0745ab0806b7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Apr 2025 14:51:46 +0200 Subject: [PATCH 352/485] nixos: services: servarr: add cross-seed --- hosts/nixos/porthos/services.nix | 3 + modules/nixos/services/servarr/cross-seed.nix | 96 +++++++++++++++++++ modules/nixos/services/servarr/default.nix | 1 + 3 files changed, 100 insertions(+) create mode 100644 modules/nixos/services/servarr/cross-seed.nix diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 561da278..a95840a9 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -148,6 +148,9 @@ in autobrr = { sessionSecretFile = secrets."servarr/autobrr/session-secret".path; }; + cross-seed = { + enable = false; + }; # ... But not Lidarr because I don't care for music that much lidarr = { enable = false; diff --git a/modules/nixos/services/servarr/cross-seed.nix b/modules/nixos/services/servarr/cross-seed.nix new file mode 100644 index 00000000..74f216ae --- /dev/null +++ b/modules/nixos/services/servarr/cross-seed.nix @@ -0,0 +1,96 @@ +# Automatic cross-seeding for video media +{ config, lib, ... }: +let + cfg = config.my.services.servarr.cross-seed; +in +{ + options.my.services.servarr.cross-seed = with lib; { + enable = mkEnableOption "cross-seed daemon" // { + default = config.my.services.servarr.enableAll; + }; + + port = mkOption { + type = types.port; + default = 2468; + example = 8080; + description = "Internal port for daemon"; + }; + + linkDirectory = mkOption { + type = types.str; + default = "/data/downloads/complete/links"; + example = "/var/lib/cross-seed/links"; + description = "Link directory"; + }; + + secretSettingsFile = mkOption { + type = types.str; + example = "/run/secrets/cross-seed-secrets.json"; + description = '' + File containing secret settings. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + services.cross-seed = { + enable = true; + group = "media"; + + # Rely on recommended defaults for tracker snatches etc... + useGenConfigDefaults = true; + + settings = { + inherit (cfg) port; + host = "127.0.0.1"; + + # Inject torrents to client directly + action = "inject"; + # Query the client for torrents to match + useClientTorrents = true; + # Use hardlinks + linkType = "hardlink"; + # Use configured link directory + linkDirs = [ cfg.linkDirectory ]; + # Match as many torrents as possible + matchMode = "partial"; + # Cross-seed full season if at least 50% of episodes are already downloaded + seasonFromEpisodes = 0.5; + }; + + settingsFile = cfg.secretSettingsFile; + }; + + systemd.services.cross-seed = { + serviceConfig = { + # Loose umask to make cross-seed links readable by `media` + UMask = "0002"; + }; + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + cross-seed = { + inherit (cfg) port; + }; + }; + + services.fail2ban.jails = { + cross-seed = '' + enabled = true + filter = cross-seed + action = iptables-allports + ''; + }; + + environment.etc = { + "fail2ban/filter.d/cross-seed.conf".text = '' + [Definition] + failregex = ^.*Unauthorized API access attempt to .* from $ + journalmatch = _SYSTEMD_UNIT=cross-seed.service + ''; + }; + }; +} diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix index 409fcdc6..dca57cf6 100644 --- a/modules/nixos/services/servarr/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -7,6 +7,7 @@ imports = [ ./autobrr.nix ./bazarr.nix + ./cross-seed.nix ./jackett.nix ./nzbhydra.nix ./prowlarr.nix From 058096079eadcf5fb488f00156dcd6d3a5489256 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Apr 2025 14:52:10 +0200 Subject: [PATCH 353/485] hosts: nixos: porthos: secrets: add cross-seed --- hosts/nixos/porthos/secrets/secrets.nix | 1 + .../servarr/cross-seed/configuration.json.age | Bin 0 -> 1282 bytes 2 files changed, 1 insertion(+) create mode 100644 hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index 425756c5..b3812b43 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -81,6 +81,7 @@ in "pyload/credentials.age".publicKeys = all; "servarr/autobrr/session-secret.age".publicKeys = all; + "servarr/cross-seed/configuration.json.age".publicKeys = all; "sso/auth-key.age" = { owner = "nginx-sso"; diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age new file mode 100644 index 0000000000000000000000000000000000000000..e9af03f472da8411b7106cf733ba1d389201263a GIT binary patch literal 1282 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;^Y%D)lpW z_Vox$^UBlD_YJRfEOs*TaI7%TamjG@@%MBN_6+q4%rlBG4CFEk(T)lZswgWlj0|@T zOfI%GGIq@J$u08_b}~sxN^>zZ3kh=Z)~^WiGeNg4DR)FdraKP>Q?&_key4;IpeNQjT-={NB3)O=pQ;MLzxPQS!oIb3v^1Sri)Zs9eVB=lXAmyUEuZlJ%3cK^Gi!u7w2uv-`dOQZ$FXe z3*(03pW)Xgwfh=0Gjk-(y5bwTz)`wS;CJZJWp^yK``2&nXpHTb_IM9_Qkgn(YnF5BSA*H`bfRnLD#;ukQR_DQvniFx=(b?Qj2! zjwJcLmRIPtk}o>ACGkbuS&frT;XOMSX2r>6bGA<`5MKBvH)cmpdxG$^g=^xroJ_lW zj8(z<=7Gg4?T`5IWK_04n)k`A_^6Ro?}Rfup7}iebiiEhj^WR)BYmZDuN1^h=f3NB z6c#wu{Eyn*Tra+3;%3F&h3x;{ z^$9+GF!jix1q_uog>SvI7|Yxv)Rh!9ZmoJe^Hct_oFjD>yg&T+$mUMnlCH0>@~5aB{o`yCkb0pdG)BVZ)G22c?)L5Mi!54$;;YvkVqAOw@6QYkJHc+T zNuQ?QSKG(kYxG~eg5$-Dk9TiY9FCcs7awN$Li4RTlb1v|*GGSr=bP_ytXh#jaoPRb zwqIJFxK>UPFfTilIA`aV#ZKF@6J~T=_+H2N?wKE_+oI|3g2V15M&`b+lZ*TGd$II~ zp4Y!@)U{7*rY!nfB+ayF=43{`-Tk2xT8jLvukPx;c-d-lXH&IZ+b@X|F$b9DSJ}w? zn|)=Ec)*@~w|7Ctwy8c>9*bKP8$9m~Z2lAQOWRa0DSvOJ^E$QZQ65=0Za0753*7ZutHTFF1He;Ff2n;b$@S zO@^oRdHR_y1$Hbr^txewUfIF>X6zzqJWZZTPgB_3-hUQrYkHDkaX$G8Gn2mmfp2fO a3$3o2qvJ8ZJ$CJ3_b3jI6I)+s@Bjd%=|BMh literal 0 HcmV?d00001 From ee1139713c908ab43cd86b86fc984f1824395ca2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Apr 2025 14:52:38 +0200 Subject: [PATCH 354/485] hosts: nixos: porthos: services: enable cross-seed --- hosts/nixos/porthos/services.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index a95840a9..96f15d38 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -149,7 +149,7 @@ in sessionSecretFile = secrets."servarr/autobrr/session-secret".path; }; cross-seed = { - enable = false; + secretSettingsFile = secrets."servarr/cross-seed/configuration.json".path; }; # ... But not Lidarr because I don't care for music that much lidarr = { From 135cef25365c25a1efaa912489c960a5fe839663 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Apr 2025 16:04:52 +0000 Subject: [PATCH 355/485] home: atuin: add daemon Enabled by default, I probably won't have a reason *not* to use it. --- modules/home/atuin/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index 8c02e692..dbd9690a 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -8,6 +8,10 @@ in # I want the full experience by default package = mkPackageOption pkgs "atuin" { }; + + daemon = { + enable = my.mkDisableOption "atuin daemon"; + }; }; config = lib.mkIf cfg.enable { @@ -15,6 +19,10 @@ in enable = true; inherit (cfg) package; + daemon = lib.mkIf cfg.daemon.enable { + enable = true; + }; + flags = [ # I *despise* this hijacking of the up key, even though I use Ctrl-p "--disable-up-arrow" From 29b47d7f84c67428d44ccc1f385161f187702661 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 22 Apr 2025 13:04:36 +0000 Subject: [PATCH 356/485] home: tmux: rename 'mkTerminalFeature' This is a more accurate name to describe what the function is doing. --- modules/home/tmux/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 08b9202c..82ceb3a3 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -6,7 +6,7 @@ let (config.my.home.wm.windowManager != null) ]; - mkTerminalFlags = opt: flag: + mkTerminalFeature = opt: flag: let mkFlag = term: ''set -as terminal-features ",${term}:${flag}"''; enabledTerminals = lib.filterAttrs (_: v: v.${opt}) cfg.terminalFeatures; @@ -123,9 +123,9 @@ in } # Force OSC8 hyperlinks for each relevant $TERM - ${mkTerminalFlags "hyperlinks" "hyperlinks"} + ${mkTerminalFeature "hyperlinks" "hyperlinks"} # Force 24-bit color for each relevant $TERM - ${mkTerminalFlags "trueColor" "RGB"} + ${mkTerminalFeature "trueColor" "RGB"} ''; }; } From ec1c94676a727ee7b6e20c377ad0f7d05af9d69e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 22 Apr 2025 13:15:04 +0000 Subject: [PATCH 357/485] home: vim: highlight over-extended commit subjects --- modules/home/vim/after/queries/gitcommit/highlights.scm | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 modules/home/vim/after/queries/gitcommit/highlights.scm diff --git a/modules/home/vim/after/queries/gitcommit/highlights.scm b/modules/home/vim/after/queries/gitcommit/highlights.scm new file mode 100644 index 00000000..05162c9d --- /dev/null +++ b/modules/home/vim/after/queries/gitcommit/highlights.scm @@ -0,0 +1,6 @@ +; extends + +; Highlight over-extended subject lines (rely on wrapping for message body) +((subject) @comment.error + (#vim-match? @comment.error ".\{50,}") + (#offset! @comment.error 0 50 0 0)) From 946eab9ec00bfba393d1ed292a28f0f692048096 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Feb 2025 16:26:39 +0000 Subject: [PATCH 358/485] home: git: extract 'delta' configuration I want to be able to re-use it between different source control systems (e.g: `jj`). As a first step, extract it to a proper module so that I can have it live in a single space. --- modules/home/default.nix | 1 + modules/home/delta/default.nix | 61 ++++++++++++++++++++++++++++++++++ modules/home/git/default.nix | 28 ---------------- 3 files changed, 62 insertions(+), 28 deletions(-) create mode 100644 modules/home/delta/default.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index c8183cfd..e642e878 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -8,6 +8,7 @@ ./bluetooth ./calibre ./comma + ./delta ./dircolors ./direnv ./discord diff --git a/modules/home/delta/default.nix b/modules/home/delta/default.nix new file mode 100644 index 00000000..e9350bb4 --- /dev/null +++ b/modules/home/delta/default.nix @@ -0,0 +1,61 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.my.home.delta; +in +{ + options.my.home.delta = with lib; { + enable = my.mkDisableOption "delta configuration"; + + package = mkPackageOption pkgs "delta" { }; + + git = { + enable = my.mkDisableOption "git integration"; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = [ + { + # For its configuration + assertion = cfg.enable -> cfg.git.enable; + message = '' + `config.my.home.delta` must enable `config.my.home.delta.git` to be + properly configured. + ''; + } + ]; + + home.packages = [ cfg.package ]; + + programs.git = lib.mkIf cfg.git.enable { + delta = { + enable = true; + inherit (cfg) package; + + options = { + features = "diff-highlight decorations"; + + # Less jarring style for `diff-highlight` emulation + diff-highlight = { + minus-style = "red"; + minus-non-emph-style = "red"; + minus-emph-style = "bold red 52"; + + plus-style = "green"; + plus-non-emph-style = "green"; + plus-emph-style = "bold green 22"; + + whitespace-error-style = "reverse red"; + }; + + # Personal preference for easier reading + decorations = { + commit-style = "raw"; # Do not recolor meta information + keep-plus-minus-markers = true; + paging = "always"; + }; + }; + }; + }; + }; +} diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index c88008fa..ca59a5fb 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -42,34 +42,6 @@ in lfs.enable = true; - delta = { - enable = true; - - options = { - features = "diff-highlight decorations"; - - # Less jarring style for `diff-highlight` emulation - diff-highlight = { - minus-style = "red"; - minus-non-emph-style = "red"; - minus-emph-style = "bold red 52"; - - plus-style = "green"; - plus-non-emph-style = "green"; - plus-emph-style = "bold green 22"; - - whitespace-error-style = "reverse red"; - }; - - # Personal preference for easier reading - decorations = { - commit-style = "raw"; # Do not recolor meta information - keep-plus-minus-markers = true; - paging = "always"; - }; - }; - }; - # There's more extraConfig = { # Makes it a bit more readable From 2eb2a83dca68ffd2ff5380300fbaec23e8038e6a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 24 Apr 2025 09:29:37 +0000 Subject: [PATCH 359/485] flake: bump inputs --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 65b8f048..6bd45a88 100644 --- a/flake.lock +++ b/flake.lock @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1743869639, - "narHash": "sha256-Xhe3whfRW/Ay05z9m1EZ1/AkbV1yo0tm1CbgjtCi4rQ=", + "lastModified": 1745439012, + "narHash": "sha256-TwbdiH28QK7Da2JQTqFHdb+UCJq6QbF2mtf+RxHVzEA=", "owner": "nix-community", "repo": "home-manager", - "rev": "d094c6763c6ddb860580e7d3b4201f8f496a6836", + "rev": "d31710fb2cd536b1966fee2af74e99a0816a61a8", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1744777043, - "narHash": "sha256-O6jgTxz9BKUiaJl03JsVHvSjtCOC8gHfDvC2UCfcLMc=", + "lastModified": 1745469902, + "narHash": "sha256-+kHgeD+3+WZZcOaIsS6XwQWb+qbYYWYXzoEjdmdW6OY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7a6f7f4c1c69eee05641beaa40e7f85da8e69fb0", + "rev": "4975ac49a527b505803958595fcb191c9e889f60", "type": "github" }, "original": { From 89bc60609f07b4f3cff4cb4e0610f1b8243a9ad3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 24 Apr 2025 12:46:24 +0200 Subject: [PATCH 360/485] home: firefox: tridactyl: use 'replaceVars' --- modules/home/firefox/tridactyl/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/modules/home/firefox/tridactyl/default.nix b/modules/home/firefox/tridactyl/default.nix index 35b58c2d..26ddfad5 100644 --- a/modules/home/firefox/tridactyl/default.nix +++ b/modules/home/firefox/tridactyl/default.nix @@ -12,9 +12,7 @@ let in { config = lib.mkIf cfg.enable { - xdg.configFile."tridactyl/tridactylrc".source = pkgs.substituteAll { - src = ./tridactylrc; - + xdg.configFile."tridactyl/tridactylrc".source = pkgs.replaceVars ./tridactylrc { editorcmd = lib.concatStringsSep " " [ # Use my configured terminal term From bfda64288ead8796e1f3c8a5980fabb228f2e844 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 30 Apr 2025 21:05:22 +0100 Subject: [PATCH 361/485] nix: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 6bd45a88..584d9423 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", + "lastModified": 1745630506, + "narHash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=", "owner": "ryantm", "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", + "rev": "96e078c646b711aee04b82ba01aefbff87004ded", "type": "github" }, "original": { @@ -36,11 +36,11 @@ ] }, "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1745439012, - "narHash": "sha256-TwbdiH28QK7Da2JQTqFHdb+UCJq6QbF2mtf+RxHVzEA=", + "lastModified": 1746040799, + "narHash": "sha256-osgPX/SzIpkR50vev/rqoTEAVkEcOWXoQXmbzsaI4KU=", "owner": "nix-community", "repo": "home-manager", - "rev": "d31710fb2cd536b1966fee2af74e99a0816a61a8", + "rev": "5f217e5a319f6c186283b530f8c975e66c028433", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745469902, - "narHash": "sha256-+kHgeD+3+WZZcOaIsS6XwQWb+qbYYWYXzoEjdmdW6OY=", + "lastModified": 1745930157, + "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4975ac49a527b505803958595fcb191c9e889f60", + "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", "type": "github" }, "original": { From c5be292dfca50b740acf130bb0c3138fb4261a26 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 30 Apr 2025 21:34:11 +0100 Subject: [PATCH 362/485] nixos: profiles: wm: fix i3lock PAM service This was announced as a breaking change, and would lock me out if not set. I wish the transition went a bit slower, by first introducing the option for each PAM service, and *then* toggling it. Oh well. --- modules/nixos/profiles/wm/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/profiles/wm/default.nix b/modules/nixos/profiles/wm/default.nix index c2273281..bca4d700 100644 --- a/modules/nixos/profiles/wm/default.nix +++ b/modules/nixos/profiles/wm/default.nix @@ -24,6 +24,8 @@ in my.home.udiskie.enable = true; # udiskie fails if it can't find this dbus service services.udisks2.enable = true; + # Ensure i3lock can actually unlock the session + security.pam.services.i3lock.enable = true; }) ]; } From 4b6f62b25ab9bccf84aa994ac8e8b79a42632e00 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 30 Apr 2025 21:36:50 +0100 Subject: [PATCH 363/485] home: gpg: fix deprecated config --- modules/home/gpg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/gpg/default.nix b/modules/home/gpg/default.nix index 51c865a2..2a00baf4 100644 --- a/modules/home/gpg/default.nix +++ b/modules/home/gpg/default.nix @@ -17,7 +17,7 @@ in services.gpg-agent = { enable = true; enableSshSupport = true; # One agent to rule them all - pinentryPackage = cfg.pinentry; + pinentry.package = cfg.pinentry; extraConfig = '' allow-loopback-pinentry ''; From e3243ebe80d7c3e55337227d1e4177022d78ca05 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 May 2025 17:59:03 +0100 Subject: [PATCH 364/485] nixos: services: nextcloud: simplify DB handling I *think* the option didn't exist when I originally used this module. --- modules/nixos/services/nextcloud/default.nix | 22 +++++--------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index cf1b876f..d8d4fce0 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -44,11 +44,15 @@ in adminuser = cfg.admin; adminpassFile = cfg.passwordFile; dbtype = "pgsql"; - dbhost = "/run/postgresql"; }; https = true; + # Automatic PostgreSQL provisioning + database = { + createLocally = true; + }; + settings = { overwriteprotocol = "https"; # Nginx only allows SSL }; @@ -60,22 +64,6 @@ in }; }; - services.postgresql = { - enable = true; - ensureDatabases = [ "nextcloud" ]; - ensureUsers = [ - { - name = "nextcloud"; - ensureDBOwnership = true; - } - ]; - }; - - systemd.services."nextcloud-setup" = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; - }; - # The service above configures the domain, no need for my wrapper services.nginx.virtualHosts."nextcloud.${config.networking.domain}" = { forceSSL = true; From 921d604ebea0d265815c76c60a85efa0929bc1ce Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 May 2025 22:35:33 +0100 Subject: [PATCH 365/485] hosts: nixos: porthos: secrets: update cross-seed --- .../servarr/cross-seed/configuration.json.age | Bin 1282 -> 1364 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age index e9af03f472da8411b7106cf733ba1d389201263a..1499a56c21c9911f5a7111177b3458e418cb4b1c 100644 GIT binary patch delta 1337 zcmZqTy23R~+#=N{Kdj6( zkju?CG(W`1q_`?PSKrs8&^6REIMFhosHDiCI6uQN-`^~&Dk-2MG@~>spG((Hp}06h zH#Nn`)YQ;YAuAxiJTF}#B-zj1%rDG1C(EQFDzM7fuRbiR%*Qjgytq`~%%sfKHQ2B) zIV&p6FxSX}%Pci3(7?>gG(SDeGd#u5&&15d(>chkDl^|Zr8Lzd-Q6ravLGxV#oR5D zOIKG{A*d>)D4@V8C#1Y6B-7Nm(juua&p*OE*Uccf#3SF)#LqI&&)hxRB`~p^Yxyd> zj1~K?AFEe4*c%Y58#y;-`z!&8)Tv=jGo`~r_eAP+vgUnQnY4O$&c(W!cUcYk)~Byu z7Vzw@$d$U!zGgcb()tRwY`S*Zy*t7{bAo+2mn5_5`<;szWvw3^-gZ;4wr6wbV}m{m zd#2gfbYzy8RB#p=DDJkBTcaa%;L*aG_3u~ATWG{_FFEEz{e{%6|2DLE)+t6^YG6z` z{A5PL1Fns#@q)XPE=n6m+~kVqJ@igxBk!iS4|MwPt~j;Y#z|+*+yi>9=iQDHGtMxmlmx_$beugPX zC;Bt}=|BBkD}!4icUS!ciOom#Ivr*InYoqZI92{v^Vwc!8_chE_cKSY;`RSeWPFul z&X?ET`*duvY47@lcRoKh`e8Y7LgQ1NNpr*|*IP3%T(3NrlaO?fgQuS3;l0yGIg|F? z{!}L(zr@krBgDYT>E`5BUmn_sn!7X~3~^2tpJcLOcJqtK2^lfZ3r}Bjtbg}%_5#Dc zqDk?V!FnzapA{-pnoWw@EXX9*aZ2FU?%n@uHofl(KhksITjrT*E{~sAZ&>ZykP>k@ zhBG{FR`T)SXCGh595Gz;>=&N`r=!=ejvIe@x_`g<75JTLv5v#rE1e3rcP=`!Rz?4m zgj1iKWZ`x@qp2_DpQWy0WNDJ-Z8<-u{`0#QS+Dv2GkAPmM8Ix=voUBj3W$k#l{*-0QbL{ZE-J+QnJC>Fo*gsol04UVk^a``q54u_trU9f8|D zo0jM{s5;GNSTlFCVb7OefzKNq*{bHwf6q{&cXOiI)9pXkwKE>R=Mp=o=s-YT;TDy5 z^KNdbFDf}(SvHYtZ5jXevMiA!!7o^w**8>XUjFyP_wgz2<%gCmICJvImNvx*|6_Sc ztKTo5bYT83`FY!TEDjyWR=HIko%HP2pJ^whY?PS)`5ONVx_xf*(=~mX3m+^yw_&OO zPnYN248r+y*$z+f+OWn`%%DuxQ`vk+S&!fq$Jt+Zm?w4Bx4zE1EjJ_2EP26Uj$>}E zf99q5{9E+3{kYq<)s=;t{-jy0yYsvL)+|#|)k_`I)&<@vSC=ThFPfPa+kXGa|C?3& zyXVAA<7!)|wXdxFcrr(Oit`Rm|2HR}Z#wv8p3Vh4tLYSxJDgG{VwPHIo zeaf^J!vop2KROTB)y=Hm{d)H6ef$D;Onn{)&aNpaKY#K9d)G5+8AQE#OR7#0Z4=(_&r^bDJ`Uv34fERD`MG{=0+ zDWQe(h2f6cGk8CDwcdR7)oJG4PdmRPvwmBt)u|BJa&&H(RXdxa_pF@k=V?Y+|39{5 zpRZXh*QprkDgDa!?(xIv(!ZNuYX=;`p A&j0`b delta 1254 zcmcb@)xp}06h zH#Nn`)YQ;YAuAxiJTG0r(aAKzuhb+hQ$H-o$yK*g3Dnza+ze zOIKG{!7{3>pft!-JJH)R#3wSq%``0_(J55BI78dqG|@vlu{b0*Ezcy$E7;M3OU$$T zOi$zTjC!Hcr%_pq^|q{YqMUTMUJzZUVt;dS=>JF7+R}RBrb5r1v-C{wp8EOYkag9@ z)IA4kjVJC|Y3IoQ*ClIrh09m5{4=J%+`Vg-neY9xKl=8hz%@_gr=Qy~_0FeN`!ZZ# zIsSQEYn31=Hib3r>Y}T<+>2#>PcO^gn!vE4G25=@|NZ>vdZp7Hf%(t>={NB3)O=pQ z;MLzxPQS!oIb3v^1Sri)Zs z9eVB=lXAmyUEuZlJ%3cK^Gi!u7w2uv-`dOQZ$FXe3*(03pW)Xgwfh=0Gjk-(y5bwT zz)`wS;CJZJWp^yK``6cR?P!ecm-u`$!`J)Iie_WYNnV^!zD|qcP^n5{2%328Ms|6- z@AQiavYQKyn=~HGV3O+PXL~ByUSaPOTg$Jo;j~M@fBArHo@+0o5ql@v8@t$IB3Q~tA@BXt(MKm7N|=1$#|?pB@p;PPcl`yxH*%`*$~r>GtM<7^X< zdZE50G)BVZ)G22c?)L5Mi!54$;;YvkVqAOw@6QYkJHc+TNuQ?QSKG(kYxG~eg5$-D zk9TiY9FCcs7awN$Li4RTlb1v|*GGSr=bP_ytXh#jaoPRbwqIJFxK>UPFfTilIA`aV z#ZKF@6J~T=_+H2N?wKE_+oI|3g2V15M&`b+lZ*TGyMD3sho0BJY}B<+Yo;vvTO`f2 zXy#-_zTN$y6IzP=tgr6szIfSca%WSuUE42-6EO#v=2zLs{F{Ack9feIe7AQ&# Date: Sat, 3 May 2025 13:56:12 +0100 Subject: [PATCH 366/485] home: vim: lua: lsp: configure inlay hints --- modules/home/vim/lua/ambroisie/lsp.lua | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index e48de128..fef04873 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -53,6 +53,10 @@ M.on_attach = function(client, bufnr) vim.diagnostic.open_float(nil, { scope = "buffer" }) end + local function toggle_inlay_hints() + vim.lsp.inlay_hint.enable(not vim.lsp.inlay_hint.is_enabled()) + end + local keys = { buffer = bufnr, -- LSP navigation @@ -67,6 +71,7 @@ M.on_attach = function(client, bufnr) { "ca", vim.lsp.buf.code_action, desc = "Code actions" }, { "cd", cycle_diagnostics_display, desc = "Cycle diagnostics display" }, { "cD", show_buffer_diagnostics, desc = "Show buffer diagnostics" }, + { "ch", toggle_inlay_hints, desc = "Toggle inlay hints" }, { "cr", vim.lsp.buf.rename, desc = "Rename symbol" }, { "cs", vim.lsp.buf.signature_help, desc = "Show signature" }, { "ct", vim.lsp.buf.type_definition, desc = "Go to type definition" }, From d2a8894eb298a2fbdee409b20995c51d6dcbaf4e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 May 2025 18:06:41 +0100 Subject: [PATCH 367/485] home: wm: i3: make 'firefox' history float --- modules/home/wm/i3/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index 029a14ba..5f22bbe2 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -127,6 +127,7 @@ in { class = "^Blueman-.*$"; } { title = "^htop$"; } { class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; } + { class = "^firefox$"; instance = "Places"; window_role = "Organizer"; } { class = "^pavucontrol.*$"; } { class = "^Arandr$"; } { class = "^\\.blueman-manager-wrapped$"; } From a9ba93f834db067e9d791c4299ceab483c8ef6f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 May 2025 11:27:12 +0000 Subject: [PATCH 368/485] home: delta: assert git is enabled --- modules/home/delta/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/home/delta/default.nix b/modules/home/delta/default.nix index e9350bb4..58ee0311 100644 --- a/modules/home/delta/default.nix +++ b/modules/home/delta/default.nix @@ -23,6 +23,13 @@ in properly configured. ''; } + { + assertion = cfg.enable -> config.programs.git.enable; + message = '' + `config.my.home.delta` relies on `config.programs.git` to be + enabled. + ''; + } ]; home.packages = [ cfg.package ]; From 07d8f5a03fbc5a1e36e6425953ad30f2c7037287 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 May 2025 17:25:28 +0200 Subject: [PATCH 369/485] flake: nixos: use 'nixpkgs.hostPlatform' This is the proper way to set `system` nowadays. --- flake/nixos.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/flake/nixos.nix b/flake/nixos.nix index bf9eac8c..0fbd3a6a 100644 --- a/flake/nixos.nix +++ b/flake/nixos.nix @@ -15,8 +15,10 @@ let ]; buildHost = name: system: lib.nixosSystem { - inherit system; modules = defaultModules ++ [ + { + nixpkgs.hostPlatform = system; + } "${self}/hosts/nixos/${name}" ]; specialArgs = { From 8a8e4f93a513ad3aaafdbeced14a61d5f961ff1d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 May 2025 17:16:44 +0000 Subject: [PATCH 370/485] flake: home-manager: remove obsolete comment --- flake/home-manager.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/flake/home-manager.nix b/flake/home-manager.nix index 093ae8cf..88a74e8f 100644 --- a/flake/home-manager.nix +++ b/flake/home-manager.nix @@ -22,10 +22,6 @@ let ]; mkHome = name: system: inputs.home-manager.lib.homeManagerConfiguration { - # Work-around for home-manager - # * not letting me set `lib` as an extraSpecialArgs - # * not respecting `nixpkgs.overlays` [1] - # [1]: https://github.com/nix-community/home-manager/issues/2954 pkgs = inputs.nixpkgs.legacyPackages.${system}; modules = defaultModules ++ [ From 77839ab2ef3003c38324cade0810b41d1c84cc8c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 8 May 2025 13:29:35 +0000 Subject: [PATCH 371/485] flake: bump inputs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 584d9423..ef7aba8e 100644 --- a/flake.lock +++ b/flake.lock @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745930157, - "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", + "lastModified": 1746683680, + "narHash": "sha256-+5zk+UbG0+GQlKt+gIKm+OhlYvHmkAHFXvf7hl1HDeM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", + "rev": "16762245d811fdd74b417cc922223dc8eb741e8b", "type": "github" }, "original": { From 0c5836bc56e9048e27db4081595ff7cb566f9c31 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 8 May 2025 23:22:11 +0200 Subject: [PATCH 372/485] nixos: services: paperless: use 'PAPERLESS_URL' --- modules/nixos/services/paperless/default.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index 63f456b2..9cdac38a 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -53,17 +53,13 @@ in mediaDir = lib.mkIf (cfg.documentPath != null) cfg.documentPath; settings = - let - paperlessDomain = "paperless.${config.networking.domain}"; - in { # Use SSO PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER"; # Security settings - PAPERLESS_ALLOWED_HOSTS = paperlessDomain; - PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}"; + PAPERLESS_URL = "https://paperless.${config.networking.domain}"; # OCR settings PAPERLESS_OCR_LANGUAGE = "fra+eng"; From a997d36964830a96b13c99175c51165614686edf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 8 May 2025 23:22:35 +0200 Subject: [PATCH 373/485] nixos: services: paperless: fix formatting --- modules/nixos/services/paperless/default.nix | 32 ++++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index 9cdac38a..f345e8a8 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -52,26 +52,26 @@ in mediaDir = lib.mkIf (cfg.documentPath != null) cfg.documentPath; - settings = - { - # Use SSO - PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; - PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER"; + settings = { + # Use SSO + PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; + PAPERLESS_ENABLE_HTTP_REMOTE_USER_API = true; + PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER"; - # Security settings - PAPERLESS_URL = "https://paperless.${config.networking.domain}"; + # Security settings + PAPERLESS_URL = "https://paperless.${config.networking.domain}"; - # OCR settings - PAPERLESS_OCR_LANGUAGE = "fra+eng"; + # OCR settings + PAPERLESS_OCR_LANGUAGE = "fra+eng"; - # Workers - PAPERLESS_TASK_WORKERS = 3; - PAPERLESS_THREADS_PER_WORKER = 4; + # Workers + PAPERLESS_TASK_WORKERS = 3; + PAPERLESS_THREADS_PER_WORKER = 4; - # Misc - PAPERLESS_TIME_ZONE = config.time.timeZone; - PAPERLESS_ADMIN_USER = cfg.username; - }; + # Misc + PAPERLESS_TIME_ZONE = config.time.timeZone; + PAPERLESS_ADMIN_USER = cfg.username; + }; # Admin password passwordFile = cfg.passwordFile; From 1dc65a37e7dc8041ee639dac882c5e2503708170 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 8 May 2025 23:29:30 +0200 Subject: [PATCH 374/485] nixos: services: paperless: set proxy settings --- modules/nixos/services/paperless/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index f345e8a8..b6965cae 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -60,6 +60,8 @@ in # Security settings PAPERLESS_URL = "https://paperless.${config.networking.domain}"; + PAPERLESS_USE_X_FORWARD_HOST = true; + PAPERLESS_PROXY_SSL_HEADER = ''["HTTP_X_FORWARDED_PROTO", "https"]''; # OCR settings PAPERLESS_OCR_LANGUAGE = "fra+eng"; From 5b545a28f10c90d07f0442fb8c5823b1cb53f2f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 9 May 2025 00:02:07 +0200 Subject: [PATCH 375/485] nixos: services: mealie: use automatic DB setup --- modules/nixos/services/mealie/default.nix | 20 +++----------------- 1 file changed, 3 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 664d5ba8..3b4d4f73 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -38,27 +38,13 @@ in # Make it work with socket auth POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; - }; - systemd.services = { - mealie = { - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; + # Automatic PostgreSQL provisioning + database = { + createLocally = true; }; }; - # Set-up database - services.postgresql = { - enable = true; - ensureDatabases = [ "mealie" ]; - ensureUsers = [ - { - name = "mealie"; - ensureDBOwnership = true; - } - ]; - }; - my.services.nginx.virtualHosts = { mealie = { inherit (cfg) port; From f14f5c7f8aa3e87cb025e04b3f8cac2b1315d596 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 14 May 2025 18:51:12 +0000 Subject: [PATCH 376/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ef7aba8e..b90b54a0 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1742649964, - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "lastModified": 1746537231, + "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1746040799, - "narHash": "sha256-osgPX/SzIpkR50vev/rqoTEAVkEcOWXoQXmbzsaI4KU=", + "lastModified": 1747225851, + "narHash": "sha256-4IbmZrNOdXP143kZEUzxBS5SqyxUlaSHLgdpeJfP2ZU=", "owner": "nix-community", "repo": "home-manager", - "rev": "5f217e5a319f6c186283b530f8c975e66c028433", + "rev": "6bf057fc8326e83bda05a669fc08d106547679fb", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746683680, - "narHash": "sha256-+5zk+UbG0+GQlKt+gIKm+OhlYvHmkAHFXvf7hl1HDeM=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "16762245d811fdd74b417cc922223dc8eb741e8b", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { From 97bcc5f34ed0b7154829f4bd0a43b485f16205b7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 18 May 2025 02:14:36 +0200 Subject: [PATCH 377/485] hosts: nixos: porthos: secrets: update cross-seed --- .../servarr/cross-seed/configuration.json.age | Bin 1364 -> 1528 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age index 1499a56c21c9911f5a7111177b3458e418cb4b1c..e319f3a823c4eb4c84b15f6630ea5fbf42f9092b 100644 GIT binary patch delta 1502 zcmcb@^@DqYPJM)-VR?CgkBPZawo9aGMoCdYRk>4OQGumFMo6W5x^rP=Mt)AETV`3V z1(#E4QAJ@+N^qv5r>~)BvQubgdVynQWKwEazOiRuRf$n@d4RJ~l2Kr;1(&X!LUD11 zZfc5=si~o*LRLV2d0x7LTcA^FQMP_+ScYYkbCiF2Kz*uLx|y4Yvy+>npMhItskXmS zqIsZaWtO7}muXf=R=J;Zl8HxhR8p98WpSjBN1#htPF{*xP+m@HvU6p4X<2GTMrw)$ zm#(g^f>}hNuTxTJMdzPPBsB^Mmo>ycf*D2@n z37;fCdeuv+?>w+R<0Yeo{}QfuMmN)!+&k=0a;^TSYwE4IY0U~Q?{9Yfw0X#~C0&SF zX}+aS((K$VJ-bblR?1ZG`JdIke`#ik!jg~Af1G*t+V950$FnqoQUr|mohx^EF@65T z!^>7rb@N!fc}v>LkM#>r%T@8aynXUz(Vrc1N_9sTE>E4Nw7mX$h0l{u+OqtM1bTj@ z{(q8F`{LD`c_O|u&izgQ`QeY>?OCTZ*t+M1PUGCN>2JW}-2Va(cQ3Qqb*%S#`^L*J zG+q`LyViT9Zd*R-NA%IVo*yc{RKzX66}P)FtGzy)v4%Z9f!XkKo!$0ChYdC^i?TxQ zn;!e4|M;`7(CJ-Ed03yy+^*NF)SaH%BJzKE^2OXKtanWAHZ%#J&b~Tv%d`CgUAeXM zmqgG0v{sNa#44C8s9yZV?WjFxZhl>tDqUQvv?~1K4ePy1>-d}J>u|1KJ8x&IqfYo+ zv*Wuy^8DMJ_IAY~9#8ikC1JDBo^u^VY~lYmh;NKyxvQY*wpb@t-T7Qi$XnlQ^#W44 zZ`SP8{vYOUcPhZZFKDgXN`tTQ-^=Rxdu|@>URiWR^t<<$J0G5AKAz@imKnqS{_7*H z#FFImH@qBwus*nwkZR2-_kL^j^KWZC&P&xjDY@4u!1R1$kMd!|Dd)3Oj?a-1@bQuJ zGhz?e+$&-I#Jc~q!JT&{OXn-=ZTu><_0+@qFGA5bx1N1jc_%AC@a99t6+hbVFjPD* zlbM&YU~#mT=C-yyD6{*CAU zbAcA213k_z6ZG$z|4sdxvnDiormsueVi3I=hEAwk9|GFUKP*( zmVCWq#*6=IN3OVUo_;VjW9z5BgI6P(MYo&%yc#j-Pdb0amK!C$A9UOt4%p@|(ERo= zklTIkm2$WJ$%@ynyzZJ(QCwgDr_KO<~sq1K!1b7eBA@YG1o_ZS9v8 z<^gMpl?pxQNNIoN50~D4D9GRL(1pc$?pxUA*sb!4%qx!Ga!2Fh)W#z7ZdRxIg}XfB zp55k34$-WbeoQ+va{*q&I@m&wc zd^er?vXJvLKbtK3YbrlQ;`sKm-4o}XlD+TIschDg_~GD{&rUZ^itg#_SzfzD;_Y=d zZS&;ktru!-w(1*&1`97TayHfcbHvdhOU!CRc)|p!BKv182~T_$y*_L?x37jXhvyNK9{bYLUD11 zZfc5=si~o*LRLV2d0x6gNV1>1nO~T3PL@eURA7~{Uwv3snU7~~d2y+}nMs+eYp`Kq za#mEBVXlz{msx67pn;i}X?}W`XLyRApNW}^r*n{7Rc5|-N@=P^y1Q9;WI7txsRS zEa2H)kt=ndea&_>r1ceU*>vr+dv}C^<^=n4E=gw9_d6Fc%341-yzQo7ZO`V=#|C{C z_Dr*{>BuZGso*R$P~2@Lw?;?kz@vpV>))@Kx6p{=UUJNb`U|OB|7~dTtW%7-)WDc> z_{off2V5If;{|soU6eMCxXBgId+43YM&3;;B> zMU&z!gY{e&vq3U-{a~ z*FQGab)CFyN4|xhBj@^rxz}%h`kyjcw2QNN)7ul~Q@d?9y#8)-_qn}8V^8LyI|8?R zHZ9R@P<5Kkux9RN!=5j{0-rZJvQ^EU|DK^l@8(3ar`vz7YiB%s&n0$F(Sd-x!YwNA z=H1*So? zR=;09>A?J7^7FRwSR6W#t#Ye8I_cT3KhsW1*(fpp^ELh#bo<=qr)&B&7d}{aZo^Xl zpDxe48HDravK^k{wPB5?m_eDWr?UBuvL3-Jj$MtD9NB`}OSC`}hUynEE^poLy5;e*WZzB>QVlyR#GCM9pjMT)w+% z|MIqz9@5-VzPpQ7zOP%b@b($oWBkAKquxptFf0(7(RKaL=@~X>zuXE|SsI;jXpZ@s zQ$h>n3&S0?XYhXRYQ6dDtJBQ8pLTvpX8pEOt5YGc<>=fnt9CX;?^!w7&(n;u{(o%A zK3}t1u2V76Q~H(d-Q$PTrGGcS)($vyhjINiudWlzW8FbX?;=Q2YG0CoF! AMgRZ+ From c1e2114c57e9e0027b3e17b7fbf48253b22fb651 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 23 May 2025 22:56:19 +0100 Subject: [PATCH 378/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index b90b54a0..e0456b8e 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1745630506, - "narHash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=", + "lastModified": 1747575206, + "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", "owner": "ryantm", "repo": "agenix", - "rev": "96e078c646b711aee04b82ba01aefbff87004ded", + "rev": "4835b1dc898959d8547a871ef484930675cb47f1", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1746537231, - "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", + "lastModified": 1747372754, + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1747225851, - "narHash": "sha256-4IbmZrNOdXP143kZEUzxBS5SqyxUlaSHLgdpeJfP2ZU=", + "lastModified": 1747978958, + "narHash": "sha256-pQQnbxWpY3IiZqgelXHIe/OAE/Yv4NSQq7fch7M6nXQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "6bf057fc8326e83bda05a669fc08d106547679fb", + "rev": "7419250703fd5eb50e99bdfb07a86671939103ea", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746904237, - "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", + "lastModified": 1747744144, + "narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", + "rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f", "type": "github" }, "original": { From 24407448d498d637b94d04d9b06816f432c9197b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 27 May 2025 11:16:46 +0000 Subject: [PATCH 379/485] hosts: homes: mousqueton: disable 'atuin' package The system-provided package is built without its sync functionality. To ensure the module works as written, I can't use `pkgs.emptyDirectory` for this unfortunately... --- hosts/homes/ambroisie@mousqueton/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/hosts/homes/ambroisie@mousqueton/default.nix b/hosts/homes/ambroisie@mousqueton/default.nix index 37884d79..13836189 100644 --- a/hosts/homes/ambroisie@mousqueton/default.nix +++ b/hosts/homes/ambroisie@mousqueton/default.nix @@ -7,6 +7,20 @@ services.gpg-agent.enable = lib.mkForce false; my.home = { + atuin = { + package = pkgs.stdenv.mkDerivation { + pname = "atuin"; + version = "18.4.0"; + + buildCommand = '' + mkdir -p $out/bin + ln -s /usr/bin/atuin $out/bin/atuin + ''; + + meta.mainProgram = "atuin"; + }; + }; + git = { package = pkgs.emptyDirectory; }; From 9751fdb888d0d72801bff0c0381b057e0431f2a8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 27 May 2025 11:39:15 +0000 Subject: [PATCH 380/485] hosts: homes: bazin: disable 'atuin' package Same as on `mousqueton`. --- hosts/homes/ambroisie@bazin/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/hosts/homes/ambroisie@bazin/default.nix b/hosts/homes/ambroisie@bazin/default.nix index f52fbce5..365b70df 100644 --- a/hosts/homes/ambroisie@bazin/default.nix +++ b/hosts/homes/ambroisie@bazin/default.nix @@ -4,6 +4,20 @@ services.gpg-agent.enable = lib.mkForce false; my.home = { + atuin = { + package = pkgs.stdenv.mkDerivation { + pname = "atuin"; + version = "18.4.0"; + + buildCommand = '' + mkdir -p $out/bin + ln -s /usr/bin/atuin $out/bin/atuin + ''; + + meta.mainProgram = "atuin"; + }; + }; + git = { package = pkgs.emptyDirectory; }; From a67a54bda27092c9f89e60bf3ce75839e914f9b4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 24 May 2025 22:33:21 +0200 Subject: [PATCH 381/485] nixos: services: paperless: use structured setting The module should stringify it to JSON automatically, so might as well use the more readable option. --- modules/nixos/services/paperless/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index b6965cae..11959772 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -61,7 +61,7 @@ in # Security settings PAPERLESS_URL = "https://paperless.${config.networking.domain}"; PAPERLESS_USE_X_FORWARD_HOST = true; - PAPERLESS_PROXY_SSL_HEADER = ''["HTTP_X_FORWARDED_PROTO", "https"]''; + PAPERLESS_PROXY_SSL_HEADER = [ "HTTP_X_FORWARDED_PROTO" "https" ]; # OCR settings PAPERLESS_OCR_LANGUAGE = "fra+eng"; From 98d39717e2aa0306865982191afa200b5914426b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 31 May 2025 22:37:21 +0100 Subject: [PATCH 382/485] home: direnv: lib: don't erase pre-existing venv Turns out `uv venv` isn't idempotent, it removes the existing virtual environment by default. Thankfully, there's a flag to fix it. --- modules/home/direnv/lib/python.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index b4b2bcef..b1be8a91 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -46,7 +46,7 @@ layout_uv() { fi # create venv if it doesn't exist - uv venv -q + uv venv -q --allow-existing export VIRTUAL_ENV export UV_ACTIVE=1 From 151570cccaf8511688769ee0665868340054ba30 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 9 Jun 2025 10:36:33 +0000 Subject: [PATCH 383/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e0456b8e..219d87d6 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1747978958, - "narHash": "sha256-pQQnbxWpY3IiZqgelXHIe/OAE/Yv4NSQq7fch7M6nXQ=", + "lastModified": 1749400020, + "narHash": "sha256-0nTmHO8AYgRYk5v6zw5oZ3x9nh+feb+Isn7WNe318M0=", "owner": "nix-community", "repo": "home-manager", - "rev": "7419250703fd5eb50e99bdfb07a86671939103ea", + "rev": "2835e8ba0ad99ba86d4a5e497a962ec9fa35e48f", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1747744144, - "narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=", + "lastModified": 1749285348, + "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f", + "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", "type": "github" }, "original": { From 971f90581397286a3ffb424970cb5c1e9471a203 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 9 Jun 2025 13:52:29 +0200 Subject: [PATCH 384/485] nixos: services: mealie: remove DB settings Looks like I missed them in the original commit to migrate to `database.createLocally`. --- modules/nixos/services/mealie/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 3b4d4f73..8c02398c 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -32,11 +32,6 @@ in BASE_URL = "https://mealie.${config.networking.domain}"; TZ = config.time.timeZone; ALLOw_SIGNUP = "false"; - - # Use PostgreSQL - DB_ENGINE = "postgres"; - # Make it work with socket auth - POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql"; }; # Automatic PostgreSQL provisioning From 1b275e1a8a8291b3ed9789d25c2592ba52b8d9ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 17 Jun 2025 09:29:24 +0000 Subject: [PATCH 385/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 219d87d6..94ab916d 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1747372754, - "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", + "lastModified": 1749636823, + "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", + "rev": "623c56286de5a3193aa38891a6991b28f9bab056", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1749400020, - "narHash": "sha256-0nTmHO8AYgRYk5v6zw5oZ3x9nh+feb+Isn7WNe318M0=", + "lastModified": 1750127463, + "narHash": "sha256-K2xFtlD3PcKAZriOE3LaBLYmVfGQu+rIF4Jr1RFYR0Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "2835e8ba0ad99ba86d4a5e497a962ec9fa35e48f", + "rev": "28eef8722d1af18ca13e687dbf485e1c653a0402", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749285348, - "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", + "lastModified": 1749794982, + "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", + "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", "type": "github" }, "original": { From 112e3403615f65807dfcc28929b2b8a19656859e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 17 Jun 2025 09:26:09 +0000 Subject: [PATCH 386/485] home: do not hard-code username The flake module already sets it with `mkDefault`, making it easier to override it for a specific host. --- modules/home/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/home/default.nix b/modules/home/default.nix index e642e878..1c403778 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -51,9 +51,6 @@ # First sane reproducible version home.stateVersion = "20.09"; - # Who am I? - home.username = "ambroisie"; - # Start services automatically systemd.user.startServices = "sd-switch"; } From 03bb62777079b4a8ecc755570cc04a45095ca013 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Jul 2025 13:23:34 +0200 Subject: [PATCH 387/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 94ab916d..a4da84dc 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1747575206, - "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", + "lastModified": 1750173260, + "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", "owner": "ryantm", "repo": "agenix", - "rev": "4835b1dc898959d8547a871ef484930675cb47f1", + "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "lastModified": 1751413152, + "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1749636823, - "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "623c56286de5a3193aa38891a6991b28f9bab056", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1750127463, - "narHash": "sha256-K2xFtlD3PcKAZriOE3LaBLYmVfGQu+rIF4Jr1RFYR0Q=", + "lastModified": 1751429452, + "narHash": "sha256-4s5vRtaqdNhVBnbOWOzBNKrRa0ShQTLoEPjJp3joeNI=", "owner": "nix-community", "repo": "home-manager", - "rev": "28eef8722d1af18ca13e687dbf485e1c653a0402", + "rev": "df12269039dcf752600b1bcc176bacf2786ec384", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749794982, - "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", + "lastModified": 1751271578, + "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", + "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", "type": "github" }, "original": { From d61840651698e3ad05325039e9aa2a6cf9ad6aa2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Jul 2025 13:24:16 +0200 Subject: [PATCH 388/485] nixos: services: use 'postgresql.target' This is now the more correct dependency to use in service definitions, to guarantee read-write access with users and permissions. --- modules/nixos/services/drone/server/default.nix | 4 ++-- modules/nixos/services/tandoor-recipes/default.nix | 4 ++-- modules/nixos/services/woodpecker/server/default.nix | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/drone/server/default.nix b/modules/nixos/services/drone/server/default.nix index a3a1e496..d6148f42 100644 --- a/modules/nixos/services/drone/server/default.nix +++ b/modules/nixos/services/drone/server/default.nix @@ -6,8 +6,8 @@ in config = lib.mkIf cfg.enable { systemd.services.drone-server = { wantedBy = [ "multi-user.target" ]; - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; + after = [ "postgresql.target" ]; + requires = [ "postgresql.target" ]; serviceConfig = { EnvironmentFile = [ cfg.secretFile diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 3447beee..169eec82 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -49,8 +49,8 @@ in systemd.services = { tandoor-recipes = { - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; + after = [ "postgresql.target" ]; + requires = [ "postgresql.target" ]; serviceConfig = { EnvironmentFile = cfg.secretKeyFile; diff --git a/modules/nixos/services/woodpecker/server/default.nix b/modules/nixos/services/woodpecker/server/default.nix index adf533e8..caf0179c 100644 --- a/modules/nixos/services/woodpecker/server/default.nix +++ b/modules/nixos/services/woodpecker/server/default.nix @@ -24,8 +24,8 @@ in }; systemd.services.woodpecker-server = { - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; + after = [ "postgresql.target" ]; + requires = [ "postgresql.target" ]; serviceConfig = { # Set username for DB access From 5d8722397010e1c1ddbc4d59abe53b7a6bd55584 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Jul 2025 13:26:22 +0200 Subject: [PATCH 389/485] nixos: services: transmission: use 'trgui-ng' I like it much better than the built-in UI. --- modules/nixos/services/transmission/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index 16d51e3f..ddd77d4b 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -47,6 +47,7 @@ in enable = true; package = pkgs.transmission_4; group = "media"; + webHome = pkgs.trgui-ng-web; downloadDirPermissions = "775"; From 66ec807dc6729a8aabd7cb5f42797e246f36befa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Jul 2025 14:01:15 +0200 Subject: [PATCH 390/485] hosts: nixos: aramis: home: use 'trgui-ng' It looks and works much better than the old one. Unfortunately, it's a Tauri app. --- hosts/nixos/aramis/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index 64b63ce4..221b1eae 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -20,7 +20,7 @@ element-desktop # Matrix client jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI - transgui # Transmission remote + trgui-ng # Transmission remote ]; # Minimal video player mpv.enable = true; From 8d809e3ac3c05eb9ca6de3279fee2a8c72cdd293 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Jul 2025 10:40:08 +0000 Subject: [PATCH 391/485] flake: bump inputs --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index a4da84dc..dc32e95f 100644 --- a/flake.lock +++ b/flake.lock @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1751271578, - "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", + "lastModified": 1751952840, + "narHash": "sha256-SIkjQb9PPGvR/EcZAU8UZEnO9dwY2Z/BrDWgtyZd7OA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", + "rev": "27278798fe68d7f81131dd7ab62b8ea2b795cd56", "type": "github" }, "original": { From b093faf00d8066e19d144c34533a32602a4fb8f7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Jul 2025 10:42:13 +0000 Subject: [PATCH 392/485] nixos: services: tandoor-recipes: use automatic DB --- .../services/tandoor-recipes/default.nix | 25 +++---------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 169eec82..4b4ed1a0 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -26,18 +26,16 @@ in services.tandoor-recipes = { enable = true; + database = { + createLocally = true; + }; + port = cfg.port; extraConfig = let tandoorRecipesDomain = "recipes.${config.networking.domain}"; in { - # Use PostgreSQL - DB_ENGINE = "django.db.backends.postgresql"; - POSTGRES_HOST = "/run/postgresql"; - POSTGRES_USER = "tandoor_recipes"; - POSTGRES_DB = "tandoor_recipes"; - # Security settings ALLOWED_HOSTS = tandoorRecipesDomain; CSRF_TRUSTED_ORIGINS = "https://${tandoorRecipesDomain}"; @@ -49,27 +47,12 @@ in systemd.services = { tandoor-recipes = { - after = [ "postgresql.target" ]; - requires = [ "postgresql.target" ]; - serviceConfig = { EnvironmentFile = cfg.secretKeyFile; }; }; }; - # Set-up database - services.postgresql = { - enable = true; - ensureDatabases = [ "tandoor_recipes" ]; - ensureUsers = [ - { - name = "tandoor_recipes"; - ensureDBOwnership = true; - } - ]; - }; - my.services.nginx.virtualHosts = { recipes = { inherit (cfg) port; From 2473bca1671ddaab0ce6de70d5471bf304133af6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Jul 2025 14:24:23 +0000 Subject: [PATCH 393/485] home: vim: telescope: remove LSP handlers The plug-in was broken with the update to 0.11, and I would like to try using the built-in quickfixlist-based handlers for a while. This reverts commit 8d4a1e61b4f26f7443f7c8b0b65643f0bd312e9f. --- modules/home/vim/default.nix | 1 - modules/home/vim/plugin/settings/telescope.lua | 1 - 2 files changed, 2 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 20a74fff..930a853a 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -80,7 +80,6 @@ in nvim-surround # Deal with pairs, now in Lua oil-nvim # Better alternative to NetrW telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm - telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface which-key-nvim # Show available mappings ]; diff --git a/modules/home/vim/plugin/settings/telescope.lua b/modules/home/vim/plugin/settings/telescope.lua index 1a239282..810d51cb 100644 --- a/modules/home/vim/plugin/settings/telescope.lua +++ b/modules/home/vim/plugin/settings/telescope.lua @@ -23,7 +23,6 @@ telescope.setup({ }) telescope.load_extension("fzf") -telescope.load_extension("lsp_handlers") local keys = { { "f", group = "Fuzzy finder" }, From 979ae901c4057308ce1da3bbf2388e2addd99d7f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 15 Jul 2025 09:52:21 +0000 Subject: [PATCH 394/485] flake: bump inputs --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index dc32e95f..0f205ab2 100644 --- a/flake.lock +++ b/flake.lock @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1751429452, - "narHash": "sha256-4s5vRtaqdNhVBnbOWOzBNKrRa0ShQTLoEPjJp3joeNI=", + "lastModified": 1752467539, + "narHash": "sha256-4kaR+xmng9YPASckfvIgl5flF/1nAZOplM+Wp9I5SMI=", "owner": "nix-community", "repo": "home-manager", - "rev": "df12269039dcf752600b1bcc176bacf2786ec384", + "rev": "1e54837569e0b80797c47be4720fab19e0db1616", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1751952840, - "narHash": "sha256-SIkjQb9PPGvR/EcZAU8UZEnO9dwY2Z/BrDWgtyZd7OA=", + "lastModified": 1752644555, + "narHash": "sha256-oeRcp4VEyZ/3ZgfRRoq60/08l2zy0K53l8MdfSIYd24=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "27278798fe68d7f81131dd7ab62b8ea2b795cd56", + "rev": "9100a4f6bf446603b9575927c8585162f9ec9aa6", "type": "github" }, "original": { From 13b61346f5cca39d1ba2c66717e14a6d01b99acc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 15 Jul 2025 09:54:23 +0000 Subject: [PATCH 395/485] home: tmux: increase history scrollback Even *longer*. --- modules/home/tmux/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 82ceb3a3..3ea047a2 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -48,7 +48,7 @@ in keyMode = "vi"; # Home-row keys and other niceties clock24 = true; # I'm one of those heathens escapeTime = 0; # Let vim do its thing instead - historyLimit = 100000; # Bigger buffer + historyLimit = 1000000; # Bigger buffer mouse = false; # I dislike mouse support focusEvents = true; # Report focus events terminal = "tmux-256color"; # I want accurate termcap info From add796768567599e9d6b2a54c80baac84d7681b5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jul 2025 20:49:24 +0100 Subject: [PATCH 396/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 0f205ab2..e96a7a08 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1751413152, - "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1752467539, - "narHash": "sha256-4kaR+xmng9YPASckfvIgl5flF/1nAZOplM+Wp9I5SMI=", + "lastModified": 1753617834, + "narHash": "sha256-WEVfKrdIdu5CpppJ0Va3vzP0DKlS+ZTLbBjugMO2Drg=", "owner": "nix-community", "repo": "home-manager", - "rev": "1e54837569e0b80797c47be4720fab19e0db1616", + "rev": "72cc1e3134a35005006f06640724319caa424737", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1752644555, - "narHash": "sha256-oeRcp4VEyZ/3ZgfRRoq60/08l2zy0K53l8MdfSIYd24=", + "lastModified": 1753429684, + "narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9100a4f6bf446603b9575927c8585162f9ec9aa6", + "rev": "7fd36ee82c0275fb545775cc5e4d30542899511d", "type": "github" }, "original": { From 2a515754a2c8bb87fe756d9862d3bb04c6be2bbb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jul 2025 20:48:06 +0100 Subject: [PATCH 397/485] home: zsh: use absolute path to 'XDG_CONFIG_HOME' The path handling has been fixed upstream, which makes this module more readable. --- modules/home/zsh/default.nix | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index f4092d88..08b41018 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -1,14 +1,6 @@ { config, pkgs, lib, ... }: let cfg = config.my.home.zsh; - - # Have a nice relative path for XDG_CONFIG_HOME, without leading `/` - relativeXdgConfig = - let - noHome = lib.removePrefix config.home.homeDirectory; - noSlash = lib.removePrefix "/"; - in - noSlash (noHome config.xdg.configHome); in { options.my.home.zsh = with lib; { @@ -57,7 +49,7 @@ in programs.zsh = { enable = true; - dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME + dotDir = "${config.xdg.configHome}/zsh"; # Don't clutter $HOME enableCompletion = true; history = { From 4b7c6c1f5eb7cbd7254a8f69050b17c9d4723837 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 29 Jul 2025 16:13:58 +0000 Subject: [PATCH 398/485] pkgs: comma: fix 'nix-locate' invocation --- pkgs/comma/comma | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/comma/comma b/pkgs/comma/comma index 4367a267..857b9c9d 100755 --- a/pkgs/comma/comma +++ b/pkgs/comma/comma @@ -12,7 +12,7 @@ usage() { find_program() { local CANDIDATE - CANDIDATE="$(nix-locate --top-level --minimal --at-root --whole-name "/bin/$1")" + CANDIDATE="$(nix-locate --minimal --at-root --whole-name "/bin/$1")" if [ "$(printf '%s\n' "$CANDIDATE" | wc -l)" -gt 1 ]; then CANDIDATE="$(printf '%s' "$CANDIDATE" | fzf-tmux)" fi From 7786c591b5f1e5745eb73b3a60ebe5e0704669a9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Aug 2025 11:13:52 +0000 Subject: [PATCH 399/485] pkgs: comma: add 'COMMA_PICKER' --- pkgs/comma/comma | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/comma/comma b/pkgs/comma/comma index 857b9c9d..b03a7f24 100755 --- a/pkgs/comma/comma +++ b/pkgs/comma/comma @@ -14,7 +14,7 @@ find_program() { local CANDIDATE CANDIDATE="$(nix-locate --minimal --at-root --whole-name "/bin/$1")" if [ "$(printf '%s\n' "$CANDIDATE" | wc -l)" -gt 1 ]; then - CANDIDATE="$(printf '%s' "$CANDIDATE" | fzf-tmux)" + CANDIDATE="$(printf '%s' "$CANDIDATE" | "${COMMA_PICKER:-fzf-tmux}")" fi printf '%s' "$CANDIDATE" } From f94fc468aa3c3bed51611d083d01e5adbecf75dd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Aug 2025 14:28:34 +0000 Subject: [PATCH 400/485] home: zsh: ignore more commands for notification --- modules/home/zsh/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 08b41018..1e85ccec 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -14,10 +14,12 @@ in exclude = mkOption { type = with types; listOf str; default = [ + "bat" "delta" "direnv reload" "fg" "git (?!push|pull|fetch)" + "home-manager (?!switch|build|news)" "htop" "less" "man" From a10270f8e16b9e397782a8cd9297e516247b049e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Aug 2025 11:00:26 +0000 Subject: [PATCH 401/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index e96a7a08..080c212f 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1750173260, - "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", + "lastModified": 1754337839, + "narHash": "sha256-fEc2/4YsJwtnLU7HCFMRckb0u9UNnDZmwGhXT5U5NTw=", "owner": "ryantm", "repo": "agenix", - "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", + "rev": "856df6f6922845abd4fd958ce21febc07ca2fa45", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1753121425, - "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", + "lastModified": 1754091436, + "narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", + "rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1753617834, - "narHash": "sha256-WEVfKrdIdu5CpppJ0Va3vzP0DKlS+ZTLbBjugMO2Drg=", + "lastModified": 1754365350, + "narHash": "sha256-NLWIkn1qM0wxtZu/2NXRaujWJ4Y1PSZlc7h0y6pOzOQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "72cc1e3134a35005006f06640724319caa424737", + "rev": "c5d7e957397ecb7d48b99c928611c6e780db1b56", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1753429684, - "narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=", + "lastModified": 1754372978, + "narHash": "sha256-ByII9p9ek0k9UADC/hT+i9ueM2mw0Zxiz+bOlydU6Oo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7fd36ee82c0275fb545775cc5e4d30542899511d", + "rev": "9ebe222ec7ef9de52478f76cba3f0324c1d1119f", "type": "github" }, "original": { @@ -200,11 +200,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1741294988, - "narHash": "sha256-3408u6q615kVTb23WtDriHRmCBBpwX7iau6rvfipcu4=", + "lastModified": 1753980880, + "narHash": "sha256-aj1pbYxL6N+XFqBHjB4B1QP0bnKRcg1AfpgT5zUFsW8=", "owner": "nix-community", "repo": "NUR", - "rev": "b30c245e2c44c7352a27485bfd5bc483df660f0e", + "rev": "16db3e61da7606984a05b4dfc33cd1d26d22fb22", "type": "github" }, "original": { From dd7b6135315c51812e6928087b20235c9fb7638d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 5 Aug 2025 11:03:01 +0000 Subject: [PATCH 402/485] pkgs: lohr: remove 'useFetchCargoVendor' It's now turned on by default. --- pkgs/lohr/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index aeb13b1a..d8545e0d 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -10,7 +10,6 @@ rustPlatform.buildRustPackage rec { hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; }; - useFetchCargoVendor = true; cargoHash = "sha256-R3/N/43+bGx6acE/rhBcrk6kS5zQu8NJ1sVvKJJkK9w="; meta = with lib; { From f1d7da7fcb72aff435a975adfe710810ab064d93 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 00:11:26 +0200 Subject: [PATCH 403/485] nixos: services: matrix: refactor well-knowns --- modules/nixos/services/matrix/default.nix | 54 ++++++++++------------- 1 file changed, 23 insertions(+), 31 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index f4238342..b43dbcc9 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -14,6 +14,26 @@ let clientPort = { public = 443; private = 11339; }; domain = config.networking.domain; matrixDomain = "matrix.${domain}"; + + serverConfig = { + "m.server" = "${matrixDomain}:${toString federationPort.public}"; + }; + clientConfig = { + "m.homeserver" = { + "base_url" = "https://${matrixDomain}"; + "server_name" = domain; + }; + "m.identity_server" = { + "base_url" = "https://vector.im"; + }; + }; + + # ACAO required to allow element-web on any URL to request this json file + mkWellKnown = data: '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; in { options.my.services.matrix = with lib; { @@ -96,15 +116,7 @@ in chat = { root = pkgs.element-web.override { conf = { - default_server_config = { - "m.homeserver" = { - "base_url" = "https://${matrixDomain}"; - "server_name" = domain; - }; - "m.identity_server" = { - "base_url" = "https://vector.im"; - }; - }; + default_server_config = clientConfig; showLabsSettings = true; defaultCountryCode = "FR"; # cocorico roomDirectory = { @@ -176,28 +188,8 @@ in forceSSL = true; useACMEHost = domain; - locations."= /.well-known/matrix/server".extraConfig = - let - server = { "m.server" = "${matrixDomain}:${toString federationPort.public}"; }; - in - '' - add_header Content-Type application/json; - return 200 '${builtins.toJSON server}'; - ''; - - locations."= /.well-known/matrix/client".extraConfig = - let - client = { - "m.homeserver" = { "base_url" = "https://${matrixDomain}"; }; - "m.identity_server" = { "base_url" = "https://vector.im"; }; - }; - # ACAO required to allow element-web on any URL to request this json file - in - '' - add_header Content-Type application/json; - add_header Access-Control-Allow-Origin *; - return 200 '${builtins.toJSON client}'; - ''; + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; }; }; From 0792e8c7cb1b75e608372e44fb36a885f28a998e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 00:34:40 +0200 Subject: [PATCH 404/485] nixos: services: matrix: fix element-web config --- modules/nixos/services/matrix/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index b43dbcc9..42f7b4e2 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -117,10 +117,11 @@ in root = pkgs.element-web.override { conf = { default_server_config = clientConfig; - showLabsSettings = true; - defaultCountryCode = "FR"; # cocorico - roomDirectory = { + show_labs_settings = true; + default_country_code = "FR"; # cocorico + room_directory = { "servers" = [ + domain "matrix.org" "mozilla.org" ]; From bd019258cb4f15e028bc4cb7a68353abe270e6ac Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 10:39:55 +0200 Subject: [PATCH 405/485] nixos: services: matrix: simplify listeners --- modules/nixos/services/matrix/default.nix | 93 ++++++++--------------- 1 file changed, 30 insertions(+), 63 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 42f7b4e2..83dac7cf 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -10,13 +10,11 @@ let cfg = config.my.services.matrix; - federationPort = { public = 8448; private = 11338; }; - clientPort = { public = 443; private = 11339; }; domain = config.networking.domain; matrixDomain = "matrix.${domain}"; serverConfig = { - "m.server" = "${matrixDomain}:${toString federationPort.public}"; + "m.server" = "${matrixDomain}:443"; }; clientConfig = { "m.homeserver" = { @@ -39,6 +37,13 @@ in options.my.services.matrix = with lib; { enable = mkEnableOption "Matrix Synapse"; + port = mkOption { + type = types.port; + default = 8448; + example = 8008; + description = "Internal port for listeners"; + }; + secretFile = mkOption { type = with types; nullOr str; default = null; @@ -78,22 +83,22 @@ in enable_registration = false; listeners = [ - # Federation { + inherit (cfg) port; bind_addresses = [ "::1" ]; - port = federationPort.private; - tls = false; # Terminated by nginx. + type = "http"; + tls = false; x_forwarded = true; - resources = [{ names = [ "federation" ]; compress = false; }]; - } - - # Client - { - bind_addresses = [ "::1" ]; - port = clientPort.private; - tls = false; # Terminated by nginx. - x_forwarded = true; - resources = [{ names = [ "client" ]; compress = false; }]; + resources = [ + { + names = [ "client" ]; + compress = true; + } + { + names = [ "federation" ]; + compress = false; + } + ]; } ]; @@ -130,11 +135,8 @@ in }; }; # Dummy VHosts for port collision detection - matrix-federation = { - port = federationPort.private; - }; - matrix-client = { - port = clientPort.private; + matrix-dummy = { + inherit (cfg) port; }; }; @@ -144,45 +146,15 @@ in onlySSL = true; useACMEHost = domain; - locations = - let - proxyToClientPort = { - proxyPass = "http://[::1]:${toString clientPort.private}"; - }; - in - { - # Or do a redirect instead of the 404, or whatever is appropriate - # for you. But do not put a Matrix Web client here! See the - # Element web section below. - "/".return = "404"; + locations = { + # Or do a redirect instead of the 404, or whatever is appropriate + # for you. But do not put a Matrix Web client here! See the + # Element web section below. + "/".return = "404"; - "/_matrix" = proxyToClientPort; - "/_synapse/client" = proxyToClientPort; - }; - - listen = [ - { addr = "0.0.0.0"; port = clientPort.public; ssl = true; } - { addr = "[::]"; port = clientPort.public; ssl = true; } - ]; - - }; - - # same as above, but listening on the federation port - "${matrixDomain}_federation" = { - onlySSL = true; - serverName = matrixDomain; - useACMEHost = domain; - - locations."/".return = "404"; - - locations."/_matrix" = { - proxyPass = "http://[::1]:${toString federationPort.private}"; + "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; + "/_synapse/client".proxyPass = "http://[::1]:${toString cfg.port}"; }; - - listen = [ - { addr = "0.0.0.0"; port = federationPort.public; ssl = true; } - { addr = "[::]"; port = federationPort.public; ssl = true; } - ]; }; "${domain}" = { @@ -197,11 +169,6 @@ in # For administration tools. environment.systemPackages = [ pkgs.matrix-synapse ]; - networking.firewall.allowedTCPPorts = [ - clientPort.public - federationPort.public - ]; - my.services.backup = { paths = [ config.services.matrix-synapse.dataDir From 1e31b2dfea4e2161c371806b262b924349ab31f5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 10:42:23 +0200 Subject: [PATCH 406/485] nixos: services: matrix: simplify VHost --- modules/nixos/services/matrix/default.nix | 31 ++++++++++------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 83dac7cf..763d9b12 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -134,29 +134,26 @@ in }; }; }; - # Dummy VHosts for port collision detection - matrix-dummy = { + matrix = { + # Somewhat unused, but necessary for port collision detection inherit (cfg) port; + + extraConfig = { + locations = { + # Or do a redirect instead of the 404, or whatever is appropriate + # for you. But do not put a Matrix Web client here! See the + # Element web section below. + "/".return = "404"; + + "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; + "/_synapse/client".proxyPass = "http://[::1]:${toString cfg.port}"; + }; + }; }; }; # Those are too complicated to use my wrapper... services.nginx.virtualHosts = { - ${matrixDomain} = { - onlySSL = true; - useACMEHost = domain; - - locations = { - # Or do a redirect instead of the 404, or whatever is appropriate - # for you. But do not put a Matrix Web client here! See the - # Element web section below. - "/".return = "404"; - - "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; - "/_synapse/client".proxyPass = "http://[::1]:${toString cfg.port}"; - }; - }; - "${domain}" = { forceSSL = true; useACMEHost = domain; From fa7b4910f5cac8bc1f50cc396174ecceae8b1fd5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 11:06:04 +0200 Subject: [PATCH 407/485] nixos: services: matrix: fix proxy to synapse I want to make use of the `/_synapse/matrix/` sub-path, so just proxy the whole of `/_synapse/`. --- modules/nixos/services/matrix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 763d9b12..dfd5b502 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -146,7 +146,7 @@ in "/".return = "404"; "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; - "/_synapse/client".proxyPass = "http://[::1]:${toString cfg.port}"; + "/_synapse".proxyPass = "http://[::1]:${toString cfg.port}"; }; }; }; From 9cadbe6256b8ea9db3c2acc3eeb0e02b903d7579 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 11:07:37 +0200 Subject: [PATCH 408/485] nixos: services: matrix: add admin interface --- modules/nixos/services/matrix/default.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index dfd5b502..837d1502 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -10,6 +10,8 @@ let cfg = config.my.services.matrix; + adminPkg = pkgs.synapse-admin-etkecc; + domain = config.networking.domain; matrixDomain = "matrix.${domain}"; @@ -147,6 +149,22 @@ in "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; "/_synapse".proxyPass = "http://[::1]:${toString cfg.port}"; + + "= /admin".return = "307 /admin/"; + "/admin/" = { + alias = "${adminPkg}/"; + priority = 500; + tryFiles = "$uri $uri/ /index.html"; + }; + "~ ^/admin/.*\\.(?:css|js|jpg|jpeg|gif|png|svg|ico|woff|woff2|ttf|eot|webp)$" = { + priority = 400; + root = adminPkg; + extraConfig = '' + rewrite ^/admin/(.*)$ /$1 break; + expires 30d; + more_set_headers "Cache-Control: public"; + ''; + }; }; }; }; From 7a85a4440716f752c8f004330c9e2aa1a3c9886f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 20:06:40 +0200 Subject: [PATCH 409/485] nixos: services: matrix: remove obsolete comment --- modules/nixos/services/matrix/default.nix | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 837d1502..483a72ae 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -1,10 +1,4 @@ -# Matrix homeserver setup, using different endpoints for federation and client -# traffic. The main trick for this is defining two nginx servers endpoints for -# matrix.domain.com, each listening on different ports. -# -# Configuration shamelessly stolen from [1] -# -# [1]: https://github.com/alarsyo/nixos-config/blob/main/services/matrix.nix +# Matrix homeserver setup. { config, lib, pkgs, ... }: let From 30348a1e193318b1d8bbb8f6d828226f49e8eaa7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Aug 2025 22:28:22 +0200 Subject: [PATCH 410/485] nixos: services: matrix: add Facebook bridge I probably won't actually use it, after test-driving it quickly. But now that the effort has been expanded, might as well keep it if only as a future reference. --- modules/nixos/services/matrix/bridges.nix | 143 ++++++++++++++++++++++ modules/nixos/services/matrix/default.nix | 4 + 2 files changed, 147 insertions(+) create mode 100644 modules/nixos/services/matrix/bridges.nix diff --git a/modules/nixos/services/matrix/bridges.nix b/modules/nixos/services/matrix/bridges.nix new file mode 100644 index 00000000..70f4118a --- /dev/null +++ b/modules/nixos/services/matrix/bridges.nix @@ -0,0 +1,143 @@ +# Matrix bridges for some services I use +{ config, lib, ... }: +let + cfg = config.my.services.matrix.bridges; + synapseCfg = config.services.matrix-synapse; + + domain = config.networking.domain; + serverName = synapseCfg.settings.server_name; + + mkBridgeOption = n: lib.mkEnableOption "${n} bridge" // { default = cfg.enable; }; + mkPortOption = n: default: lib.mkOption { + type = lib.types.port; + inherit default; + example = 8080; + description = "${n} bridge port"; + }; + mkEnvironmentFileOption = n: lib.mkOption { + type = lib.types.str; + example = "/run/secret/matrix/${lib.toLower n}-bridge-secrets.env"; + description = '' + Path to a file which should contain the secret values for ${n} bridge. + + Using through the following format: + + ``` + MATRIX_APPSERVICE_AS_TOKEN= + MATRIX_APPSERVICE_HS_TOKEN= + ``` + + Each bridge should use a different set of secrets, as they each register + their own independent double-puppetting appservice. + ''; + }; +in +{ + options.my.services.matrix.bridges = with lib; { + enable = mkEnableOption "bridges configuration"; + + admin = mkOption { + type = types.str; + default = "ambroisie"; + example = "admin"; + description = "Local username for the admin"; + }; + + facebook = { + enable = mkBridgeOption "Facebook"; + + port = mkPortOption "Facebook" 29321; + + environmentFile = mkEnvironmentFileOption "Facebook"; + }; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.facebook.enable { + services.mautrix-meta.instances.facebook = { + enable = true; + # Automatically register the bridge with synapse + registerToSynapse = true; + + # Provide `AS_TOKEN`, `HS_TOKEN` + inherit (cfg.facebook) environmentFile; + + settings = { + homeserver = { + domain = serverName; + address = "http://localhost:${toString config.my.services.matrix.port}"; + }; + + appservice = { + hostname = "localhost"; + inherit (cfg.facebook) port; + address = "http://localhost:${toString cfg.facebook.port}"; + public_address = "https://facebook-bridge.${domain}"; + + as_token = "$MATRIX_APPSERVICE_AS_TOKEN"; + hs_token = "$MATRIX_APPSERVICE_HS_TOKEN"; + + bot = { + username = "fbbot"; + }; + }; + + backfill = { + enabled = true; + }; + + bridge = { + delivery_receipts = true; + permissions = { + "*" = "relay"; + ${serverName} = "user"; + "@${cfg.admin}:${serverName}" = "admin"; + }; + }; + + database = { + type = "postgres"; + uri = "postgres:///mautrix-meta-facebook?host=/var/run/postgresql/"; + }; + + double_puppet = { + secrets = { + ${serverName} = "as_token:$MATRIX_APPSERVICE_AS_TOKEN"; + }; + }; + + network = { + # Don't be picky on Facebook/Messenger + allow_messenger_com_on_fb = true; + displayname_template = ''{{or .DisplayName .Username "Unknown user"}} (FB)''; + }; + + provisioning = { + shared_secret = "disable"; + }; + }; + }; + + services.postgresql = { + enable = true; + ensureDatabases = [ "mautrix-meta-facebook" ]; + ensureUsers = [{ + name = "mautrix-meta-facebook"; + ensureDBOwnership = true; + }]; + }; + + systemd.services.mautrix-meta-facebook = { + wants = [ "postgres.service" ]; + after = [ "postgres.service" ]; + }; + + my.services.nginx.virtualHosts = { + # Proxy to the bridge + "facebook-bridge" = { + inherit (cfg.facebook) port; + }; + }; + }) + ]; +} diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 483a72ae..04d24a02 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -30,6 +30,10 @@ let ''; in { + imports = [ + ./bridges.nix + ]; + options.my.services.matrix = with lib; { enable = mkEnableOption "Matrix Synapse"; From b1c9279c637956d134793431e0760d71a0e8bd97 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 2 Aug 2025 14:46:32 +0200 Subject: [PATCH 411/485] nixos: services: add thelounge --- modules/nixos/services/default.nix | 1 + modules/nixos/services/thelounge/default.nix | 59 ++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 modules/nixos/services/thelounge/default.nix diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 27f8765a..e03eca19 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -38,6 +38,7 @@ ./servarr ./ssh-server ./tandoor-recipes + ./thelounge ./tlp ./transmission ./vikunja diff --git a/modules/nixos/services/thelounge/default.nix b/modules/nixos/services/thelounge/default.nix new file mode 100644 index 00000000..e224839e --- /dev/null +++ b/modules/nixos/services/thelounge/default.nix @@ -0,0 +1,59 @@ +# Web IRC client +{ config, lib, ... }: +let + cfg = config.my.services.thelounge; +in +{ + options.my.services.thelounge = with lib; { + enable = mkEnableOption "The Lounge, a self-hosted web IRC client"; + + port = mkOption { + type = types.port; + default = 9050; + example = 4242; + description = "The port on which The Lounge will listen for incoming HTTP traffic."; + }; + }; + + config = lib.mkIf cfg.enable { + services.thelounge = { + enable = true; + inherit (cfg) port; + + extraConfig = { + reverseProxy = true; + }; + }; + + my.services.nginx.virtualHosts = { + irc = { + inherit (cfg) port; + # Proxy websockets for RPC + websocketsLocations = [ "/" ]; + + extraConfig = { + locations."/".extraConfig = '' + proxy_read_timeout 1d; + ''; + }; + }; + }; + + services.fail2ban.jails = { + thelounge = '' + enabled = true + filter = thelounge + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/thelounge.conf".text = '' + [Definition] + failregex = Authentication failed for user .* from $ + Authentication for non existing user attempted from $ + journalmatch = _SYSTEMD_UNIT=thelounge.service + ''; + }; + }; +} From 17ceaa5620c49c5445b99945475c477122637ce7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 6 Aug 2025 15:37:08 +0000 Subject: [PATCH 412/485] nixos: services: matrix: fix out-dated comments --- modules/nixos/services/matrix/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 04d24a02..97dec2e3 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -142,7 +142,7 @@ in locations = { # Or do a redirect instead of the 404, or whatever is appropriate # for you. But do not put a Matrix Web client here! See the - # Element web section below. + # Element web section above. "/".return = "404"; "/_matrix".proxyPass = "http://[::1]:${toString cfg.port}"; @@ -168,7 +168,7 @@ in }; }; - # Those are too complicated to use my wrapper... + # Setup well-known locations services.nginx.virtualHosts = { "${domain}" = { forceSSL = true; From 8688206ff530dc8fc6da6d2e6e68dcc56dc77622 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Aug 2025 10:05:13 +0000 Subject: [PATCH 413/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 080c212f..7ee0f96e 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1754337839, - "narHash": "sha256-fEc2/4YsJwtnLU7HCFMRckb0u9UNnDZmwGhXT5U5NTw=", + "lastModified": 1754433428, + "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=", "owner": "ryantm", "repo": "agenix", - "rev": "856df6f6922845abd4fd958ce21febc07ca2fa45", + "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d", "type": "github" }, "original": { @@ -53,11 +53,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1754091436, - "narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=", + "lastModified": 1754487366, + "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd", + "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1750779888, - "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", + "lastModified": 1754416808, + "narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1754365350, - "narHash": "sha256-NLWIkn1qM0wxtZu/2NXRaujWJ4Y1PSZlc7h0y6pOzOQ=", + "lastModified": 1754886238, + "narHash": "sha256-LTQomWOwG70lZR+78ZYSZ9sYELWNq3HJ7/tdHzfif/s=", "owner": "nix-community", "repo": "home-manager", - "rev": "c5d7e957397ecb7d48b99c928611c6e780db1b56", + "rev": "0d492b89d1993579e63b9dbdaed17fd7824834da", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754372978, - "narHash": "sha256-ByII9p9ek0k9UADC/hT+i9ueM2mw0Zxiz+bOlydU6Oo=", + "lastModified": 1754725699, + "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9ebe222ec7ef9de52478f76cba3f0324c1d1119f", + "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054", "type": "github" }, "original": { From 8c506ea03cfcbbc805eb5e9b26863fa5a0260400 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Aug 2025 09:56:33 +0000 Subject: [PATCH 414/485] home: xdg: enable 'preferXdgDirectories' At the moment this only makes a difference for `dircolors`. --- modules/home/xdg/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index 803167fa..7a0c5179 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -56,4 +56,7 @@ in XCOMPOSECACHE = "${dataHome}/X11/xcompose"; _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java"; }; + + # Some modules *optionally* use `XDG_*_HOME` when told to + config.home.preferXdgDirectories = lib.mkIf cfg.enable true; } From 5f073875e63aadc7ac925b4fd078248d94f565cd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Aug 2025 10:18:35 +0000 Subject: [PATCH 415/485] home: tmux: use consistent commenting style --- modules/home/tmux/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 3ea047a2..e3e3dafb 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -61,8 +61,8 @@ in pain-control # Better session management sessionist + # X clipboard integration { - # X clipboard integration plugin = yank; extraConfig = '' # Use 'clipboard' because of misbehaving apps (e.g: firefox) @@ -71,8 +71,8 @@ in set -g @yank_action 'copy-pipe' ''; } + # Show when prefix has been pressed { - # Show when prefix has been pressed plugin = prefix-highlight; extraConfig = '' # Also show when I'm in copy or sync mode From e2ae3e02d91291327f883db2bf6fc6a14e269828 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Aug 2025 11:00:38 +0000 Subject: [PATCH 416/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 7ee0f96e..f4d5f576 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1754416808, - "narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=", + "lastModified": 1755446520, + "narHash": "sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW+7uSsOUM=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864", + "rev": "4b04db83821b819bbbe32ed0a025b31e7971f22e", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1754886238, - "narHash": "sha256-LTQomWOwG70lZR+78ZYSZ9sYELWNq3HJ7/tdHzfif/s=", + "lastModified": 1755491080, + "narHash": "sha256-ib1Xi13NEalrFqQAHceRsb+6aIPANFuQq80SS/bY10M=", "owner": "nix-community", "repo": "home-manager", - "rev": "0d492b89d1993579e63b9dbdaed17fd7824834da", + "rev": "f8af2cbe386f9b96dd9efa57ab15a09377f38f4d", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754725699, - "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=", + "lastModified": 1755186698, + "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054", + "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", "type": "github" }, "original": { From f3af8f9ba8b0042875d9c856cb6ec5b37889ddcb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Aug 2025 12:06:37 +0000 Subject: [PATCH 417/485] home: atuin: remove bad comment Most likely a copy-paste error. --- modules/home/atuin/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index dbd9690a..40d2b04d 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -6,7 +6,6 @@ in options.my.home.atuin = with lib; { enable = my.mkDisableOption "atuin configuration"; - # I want the full experience by default package = mkPackageOption pkgs "atuin" { }; daemon = { From 1a109b6b1f48919cc07a2a3c853858e5900eede4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 26 Aug 2025 11:39:23 +0000 Subject: [PATCH 418/485] flake: bump inputs And fix a renamed package. --- flake.lock | 18 +++++++++--------- modules/nixos/profiles/x/default.nix | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index f4d5f576..ca1b4226 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1755446520, - "narHash": "sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW+7uSsOUM=", + "lastModified": 1755960406, + "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "4b04db83821b819bbbe32ed0a025b31e7971f22e", + "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1755491080, - "narHash": "sha256-ib1Xi13NEalrFqQAHceRsb+6aIPANFuQq80SS/bY10M=", + "lastModified": 1756022458, + "narHash": "sha256-J1i35r4HfNDdPpwL0vOBaZopQudAUVtartEerc1Jryc=", "owner": "nix-community", "repo": "home-manager", - "rev": "f8af2cbe386f9b96dd9efa57ab15a09377f38f4d", + "rev": "9e3a33c0bcbc25619e540b9dfea372282f8a9740", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1755186698, - "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", + "lastModified": 1756125398, + "narHash": "sha256-XexyKZpf46cMiO5Vbj+dWSAXOnr285GHsMch8FBoHbc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", + "rev": "3b9f00d7a7bf68acd4c4abb9d43695afb04e03a5", "type": "github" }, "original": { diff --git a/modules/nixos/profiles/x/default.nix b/modules/nixos/profiles/x/default.nix index ea77939c..874f36f6 100644 --- a/modules/nixos/profiles/x/default.nix +++ b/modules/nixos/profiles/x/default.nix @@ -13,7 +13,7 @@ in # Nice wallpaper services.xserver.displayManager.lightdm.background = let - wallpapers = "${pkgs.plasma5Packages.plasma-workspace-wallpapers}/share/wallpapers"; + wallpapers = "${pkgs.kdePackages.plasma-workspace-wallpapers}/share/wallpapers"; in "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; From a889dfbb1a9ce76410e6655ba82616a4c20a3e71 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 26 Aug 2025 11:40:40 +0000 Subject: [PATCH 419/485] home: nix: fix renamed option --- modules/home/nix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index c67cc6a1..2f435a8d 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -69,7 +69,7 @@ in automatic = true; # Every week, with some wiggle room - frequency = "weekly"; + dates = "weekly"; randomizedDelaySec = "10min"; # Use a persistent timer for e.g: laptops From 31147abd9176c9b8afbfa4924df0f589f041b3fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 26 Aug 2025 13:07:41 +0000 Subject: [PATCH 420/485] home: add trgui --- modules/home/default.nix | 1 + modules/home/trgui/default.nix | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 modules/home/trgui/default.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index 1c403778..ad3b9791 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -38,6 +38,7 @@ ./ssh ./terminal ./tmux + ./trgui ./udiskie ./vim ./wget diff --git a/modules/home/trgui/default.nix b/modules/home/trgui/default.nix new file mode 100644 index 00000000..ee545a98 --- /dev/null +++ b/modules/home/trgui/default.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.trgui; +in +{ + options.my.home.trgui = with lib; { + enable = mkEnableOption "Transmission GUI onfiguration"; + + package = mkPackageOption pkgs "TrguiNG" { default = "trgui-ng"; }; + }; + + config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + cfg.package + ]; + }; +} From 1800cb9daa62bf87d55b98baf84a0d2d9a70129c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 26 Aug 2025 13:08:58 +0000 Subject: [PATCH 421/485] hosts: nixos: aramis: use 'trgui' module --- hosts/nixos/aramis/home.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index 221b1eae..75785821 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -20,7 +20,6 @@ element-desktop # Matrix client jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI - trgui-ng # Transmission remote ]; # Minimal video player mpv.enable = true; @@ -28,6 +27,8 @@ nm-applet.enable = true; # Terminal terminal.program = "alacritty"; + # Transmission remote + trgui.enable = true; # Zathura document viewer zathura.enable = true; }; From 3fa1664b5c574632c67848e44c167c77cf638ccb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 Feb 2025 16:47:11 +0000 Subject: [PATCH 422/485] home: delta: use stand-alone configuration file Ideally, I'd like for `delta` to just read a configuration file at `$XDG_CONFIG_HOME/delta/config` by default, but upstream seems somewhat reticent to the idea :-/. So instead, let's keep relying on `git` being enabled, but rather than inlining the configuration, let's store it where I think it should belong and include it into `gitconfig`. --- modules/home/delta/default.nix | 59 ++++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 24 deletions(-) diff --git a/modules/home/delta/default.nix b/modules/home/delta/default.nix index 58ee0311..16d3d597 100644 --- a/modules/home/delta/default.nix +++ b/modules/home/delta/default.nix @@ -1,6 +1,9 @@ { config, pkgs, lib, ... }: let cfg = config.my.home.delta; + + configFormat = pkgs.formats.gitIni { }; + configPath = "${config.xdg.configHome}/delta/config"; in { options.my.home.delta = with lib; { @@ -34,35 +37,43 @@ in home.packages = [ cfg.package ]; + xdg.configFile."delta/config".source = configFormat.generate "delta-config" { + delta = { + features = "diff-highlight decorations"; + + # Less jarring style for `diff-highlight` emulation + diff-highlight = { + minus-style = "red"; + minus-non-emph-style = "red"; + minus-emph-style = "bold red 52"; + + plus-style = "green"; + plus-non-emph-style = "green"; + plus-emph-style = "bold green 22"; + + whitespace-error-style = "reverse red"; + }; + + # Personal preference for easier reading + decorations = { + commit-style = "raw"; # Do not recolor meta information + keep-plus-minus-markers = true; + paging = "always"; + }; + }; + }; + programs.git = lib.mkIf cfg.git.enable { delta = { enable = true; inherit (cfg) package; - - options = { - features = "diff-highlight decorations"; - - # Less jarring style for `diff-highlight` emulation - diff-highlight = { - minus-style = "red"; - minus-non-emph-style = "red"; - minus-emph-style = "bold red 52"; - - plus-style = "green"; - plus-non-emph-style = "green"; - plus-emph-style = "bold green 22"; - - whitespace-error-style = "reverse red"; - }; - - # Personal preference for easier reading - decorations = { - commit-style = "raw"; # Do not recolor meta information - keep-plus-minus-markers = true; - paging = "always"; - }; - }; }; + + includes = [ + { + path = configPath; + } + ]; }; }; } From 3dd4f07609a8d8c9f15530745aa68ba458b943f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Sep 2025 11:35:39 +0000 Subject: [PATCH 423/485] hosts: nixos: aramis: home: drop 'jellyfin-media-player' It's about to be made broken due to using QtWebEngine 5, which is EOL and marked insecure in new nixpkgs. --- hosts/nixos/aramis/home.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/nixos/aramis/home.nix b/hosts/nixos/aramis/home.nix index 75785821..e8c99e41 100644 --- a/hosts/nixos/aramis/home.nix +++ b/hosts/nixos/aramis/home.nix @@ -18,7 +18,6 @@ # Machine specific packages packages.additionalPackages = with pkgs; [ element-desktop # Matrix client - jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI ]; # Minimal video player From b9bc37d365c607bdda473c9f2a0a992f0e8f6cc0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Sep 2025 11:14:25 +0000 Subject: [PATCH 424/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index ca1b4226..e86674e1 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1754487366, - "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", + "rev": "4524271976b625a4a605beefd893f270620fd751", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1756022458, - "narHash": "sha256-J1i35r4HfNDdPpwL0vOBaZopQudAUVtartEerc1Jryc=", + "lastModified": 1756954499, + "narHash": "sha256-Pg4xBHzvzNY8l9x/rLWoJMnIR8ebG+xeU+IyqThIkqU=", "owner": "nix-community", "repo": "home-manager", - "rev": "9e3a33c0bcbc25619e540b9dfea372282f8a9740", + "rev": "ed1a98c375450dfccf427adacd2bfd1a7b22eb25", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1756125398, - "narHash": "sha256-XexyKZpf46cMiO5Vbj+dWSAXOnr285GHsMch8FBoHbc=", + "lastModified": 1756936398, + "narHash": "sha256-/o1TTpMIICpjrMHBilL9lYm/r69uhdK1L8j1pfY6tWU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3b9f00d7a7bf68acd4c4abb9d43695afb04e03a5", + "rev": "47f28ad9378956563df9a884fd1b209b64336ba3", "type": "github" }, "original": { From e6c95245b27e5ac6fbac237d222c56a39ba401f9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Sep 2025 11:17:27 +0000 Subject: [PATCH 425/485] home: ssh: disable default config It's been deprecated. This also makes my `addKeysToAgent` configuration more explicit. --- modules/home/ssh/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/modules/home/ssh/default.nix b/modules/home/ssh/default.nix index 748b1957..b0b41675 100644 --- a/modules/home/ssh/default.nix +++ b/modules/home/ssh/default.nix @@ -17,6 +17,7 @@ in { programs.ssh = { enable = true; + enableDefaultConfig = false; includes = [ # Local configuration, not-versioned @@ -53,11 +54,12 @@ in identityFile = "~/.ssh/shared_rsa"; user = "ambroisie"; }; - }; - extraConfig = '' - AddKeysToAgent yes - ''; + # `*` is automatically made the last match block by the module + "*" = { + addKeysToAgent = "yes"; + }; + }; }; } From fa6bcabf95d8d1d860612880198271b6d31cbb0a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 11 Sep 2025 13:33:27 +0000 Subject: [PATCH 426/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e86674e1..d5104222 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1755960406, - "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=", + "lastModified": 1757588530, + "narHash": "sha256-tJ7A8mID3ct69n9WCvZ3PzIIl3rXTdptn/lZmqSS95U=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2", + "rev": "b084b2c2b6bc23e83bbfe583b03664eb0b18c411", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1756954499, - "narHash": "sha256-Pg4xBHzvzNY8l9x/rLWoJMnIR8ebG+xeU+IyqThIkqU=", + "lastModified": 1757578556, + "narHash": "sha256-w1PGkTGow5XzsjccV364No46rkuGxTqo7m/4cfhnkIk=", "owner": "nix-community", "repo": "home-manager", - "rev": "ed1a98c375450dfccf427adacd2bfd1a7b22eb25", + "rev": "b7112b12ea5b8c3aa6af344498ed9ca27dd03ba3", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1756936398, - "narHash": "sha256-/o1TTpMIICpjrMHBilL9lYm/r69uhdK1L8j1pfY6tWU=", + "lastModified": 1757487488, + "narHash": "sha256-zwE/e7CuPJUWKdvvTCB7iunV4E/+G0lKfv4kk/5Izdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "47f28ad9378956563df9a884fd1b209b64336ba3", + "rev": "ab0f3607a6c7486ea22229b92ed2d355f1482ee0", "type": "github" }, "original": { From 27da55519c74d63010d67153041aed789b9add97 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Jul 2025 17:57:07 +0200 Subject: [PATCH 427/485] hosts: nixos: porthos: secrets: update cross-seed --- .../servarr/cross-seed/configuration.json.age | Bin 1528 -> 2031 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age index e319f3a823c4eb4c84b15f6630ea5fbf42f9092b..94fdf975d6418d394c62c42e572374b24865a776 100644 GIT binary patch delta 2009 zcmeyt{hohedfX?k{` z1y`7VVx&c?t9gk}QGTLxrkh!^t9em@esE}{g_)bXV|KY;V0m7Fd!m_FI+w1ULUD11 zZfc5=si~o*LRLV2d0x7Lc4U~PQL39qp1E1MdzE&0T786jgi(<}SWvRRr>}W=NOneY zrcYjImWfk2S4vnwc0qtaN}6SkajCw(qj8|KuW4wYgetwcC zm#(g^f^l-HWw5zNc~GcZlw(O$j#rLXR7JXTSaMlrp{u)Zm9JTfp`lNNdw8ZVSDWh2 z#!s*K@6<=xMeC=_?o%thNw!FzUK4zk}9+{djIX+e!sW%u-<*K zg`x6<({7nAg+QS)2}b2ZmsR#`cpQHtgw@qh{oS4Gr>yq1s#KP78(f|7M(2v?f%cFe zdK+w(Zm`yo-MD;X``@U5HMtds3LFpZa5q1Cf75z}isUzQ>VLkt(ynF|81>FrXLCH$ z&Wg1ktsTOTJ1K~>PqjR-D6s8Rtp3~@hpFB>^wx-#gs$M}+jXGsy0-4(1ewXs50~V9 zigIN*cem0SAT8vTwG@xF2&}V%g5S zbvLK-3d;z?W9>pkOWr#(XkWXVVP|5$)ZhG+qZ8B2YbTa}`trR_>-1!U!(B7G11l{bt?>D>|=Kub_=9QkS@T}J?SIitfI~6^tt!|Y)v2h;1n)1`V z^%<7OY!&Qdwto1vAxZbHfJdh+7gNxYqZbm7g{+Ugy6ZIe(uq2;z6)gUTv&2mIwWs} z`Jb6(eo-4|_i@JaeX8Aga9R4TNoQQjnCdU9=-tg%yWXYGos)OrL|50Lsa>f#I|Tn( zm;8>rDZ-*VTesuU&gWORr%Bgeue7R^~XAzs7N@4HA;{rsO9 z(lcKkSH8CF)vc%7PI{P}PhjU&yYZyV>r;N$oW#dc`PN(KH6K_c*=RX)jl4ik>7nF) zi}y3+>-Q_2J1E(mqogFoT;R$fBa%KTE2z-p=sQbU3)SaQ8?7D|xwkx1+x=Ulwobr`hivkGzlMSL?8Q-sbhbg}o$K$mIIH zn0HrR$J-qIx@KYe{<}(PTLeqJn~Z~X9<@w9f4_O%`H!FKAJtY##bwWRs!*8z{MRC` zI-BiZr>zmYS)$ z*m*YGcj9~FFg0lr+tj)MjT`d&KJjcaDB}82=PS>xrn-*l#vVq~IgZkasoUcwy?*9n zH#IWykeL|GQm@(g<#EC39dVNl8!f#inVDF< z$!ubHtf#Ue)$W-%d&^UW%1wOYr(Dfmq(9@P%IEI)U~jA!nzX*@t#PvD zDtUul9?IUFi#z5V4msEVsjKen0zdPe`3<|x6EvO#&f&HE_d~?})olj5HA3MR%BGr2 z_*Z=pntyD?-8F6pjf9_a2=2euvi3vMm(aqg=Y$zvh(BeT)V|(D)9IV@nu9!v*JR{n z&M`7N^;$&l_*0NFLr7&|#!U16tojWXxUPF{dfv<5`Qu`Q$PKIfAJ1iO80l}nptO9+ z?i90~zY5O$PSC#n$>b|9fBch~(ckU}{JdRZUvsv-eaW*k$0Qn;-O6fSw@bnP-KruH z#&1F$=Wd>1*mhZ}{V-cHgWhihiEFIvEw?Hz_}LitY2LL* zt@Z1oj|R+tZ+Ggb>@tQY@q5qN3J5UR2b!JHXuRSz#rx+HDSvbIJ)7;%?4Q(sVDEgB zDX|yxcpJEV-JA|Od%LWCbNvl}&yV&e`Toj}<$%nuu`;S@J6{!d_~ppE)|WJbR<50BIXQa& z+@HM~=S~$}b5jXYU(#)V<;K6#-sL^Wip$!Eo@>XNquY$E z7?Hu=vv9MR$YZ_4OQGumFMo6W5x^rP=Mt)AETV`3V z1(#E4QAJ@+N^qv5r>~)BvQubgdVynQWKwEazOiRuRf$n@d4RJ~l2Kr;1(&X!LUD11 zZfc5=si~o*LRLV2d0x7LTcA^FQMP_+ScYYkbCiF2Kz*uLx|y4Yvy+>npMhItskXmS zqIsZaWtO7}muXf=R=J;Zl8HxhR8p98WpSjBN1#htPF{*xP+m@HvU6p4X<2GTMrw)$ zm#(g^f>}hNuTxTJMdzPPBsB^Mmo>ycf*D2@n z37;fCdeuv+?>w+R<0Yeo{}QfuMmN)!+&k=0a;^TSYwE4IY0U~Q?{9Yfw0X#~C0&SF zX}+aS((K$VJ-bblR?1ZG`JdIke`#ik!jg~Af1G*t+V950$FnqoQUr|mohx^EF@65T z!^>7rb@N!fc}v>LkM#>r%T@8aynXUz(Vrc1N_9sTE>E4Nw7mX$h0l{u+OqtM1bTj@ z{(q8F`{LD`c_O|u&izgQ`QeY>?OCTZ*t+M1PUGCN>2JW}-2Va(cQ3Qqb*%S#`^L*J zG+q`LyViT9Zd*R-NA%IVo*yc{RKzX66}P)FtGzy)v4%Z9f!XkKo!$0ChYdC^i?TxQ zn;!e4|M;`7(CJ-Ed03yy+^*NF)SaH%BJzKE^2OXKtanWAHZ%#J&b~Tv%d`CgUAeXM zmqgG0v{sNa#44C8s9yZV?WjFxZhl>tDqUQvv?~1K4ePy1>-d}J>u|1KJ8x&IqfYo+ zv*Wuy^8DMJ_IAY~9#8ikC1JDBo^u^VY~lYmh;NKyxvQY*wpb@t-T7Qi$XnlQ^#W44 zZ`SP8{vYOUcPhZZFKDgXN`tTQ-^=Rxdu|@>URiWR^t<<$J0G5AKAz@imKnqS{_7*H z#FFImH@qBwus*nwkZR2-_kL^j^KWZC&P&xjDY@4u!1R1$kMd!|Dd)3Oj?a-1@bQuJ zGhz?e+$&-I#Jc~q!JT&{OXn-=ZTu><_0+@qFGA5bx1N1jc_%AC@a99t6+hbVFjPD* zlbM&YU~#mT=C-yyD6{*CAU zbAcA213k_z6ZG$z|4sdxvnDiormsueVi3I=hEAwk9|GFUKP*( zmVCWq#*6=IN3OVUo_;VjW9z5BgI6P(MYo&%yc#j-Pdb0amK!C$A9UOt4%p@|(ERo= zklTIkm2$WJ$%@ynyzZJ(QCwgDr_KO<~sq1K!1b7eBA@YG1o_ZS9v8 z<^gMpl?pxQNNIoN50~D4D9GRL(1pc$?pxUA*sb!4%qx!Ga!2Fh)W#z7ZdRxIg}XfB zp55k34$-WbeoQ+va{*q&I@m&wc zd^er?vXJvLKbtK3YbrlQ;`sKm-4o}XlD+TIschDg_~GD{&rUZ^itg#_SzfzD;_Y=d zZS&;ktru!-w(1*&1`97TayHfcbHvdhOU!CRc)|p!BKv182~T_$y*_L?x3k From 4c3e3d471fa61dcd5de24f0338b36e3b29c83f1f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 13 Sep 2025 19:10:39 +0200 Subject: [PATCH 428/485] modules: services: nginx: fix SSL renewal, again I'd previously fixed this in 1e10c6630b2c46bd40c2b23fa6a4f7c8fa751823, however NixOS has recently updated how the renewal units work [1], which broke it. [1]: https://github.com/NixOS/nixpkgs/pull/422076 --- modules/nixos/services/nginx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 1e9e38a8..ff530b0a 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -444,7 +444,7 @@ in }; }; - systemd.services."acme-${domain}" = { + systemd.services."acme-order-renew-${domain}" = { serviceConfig = { Environment = [ # Since I do a "weird" setup with a wildcard CNAME From 445b3d1422651d1604eda311f74ff0260386f76e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 18 Sep 2025 10:03:06 +0000 Subject: [PATCH 429/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index d5104222..b9c0fd5a 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1757588530, - "narHash": "sha256-tJ7A8mID3ct69n9WCvZ3PzIIl3rXTdptn/lZmqSS95U=", + "lastModified": 1758108966, + "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b084b2c2b6bc23e83bbfe583b03664eb0b18c411", + "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1757578556, - "narHash": "sha256-w1PGkTGow5XzsjccV364No46rkuGxTqo7m/4cfhnkIk=", + "lastModified": 1758184248, + "narHash": "sha256-TOazVsj8D1LTGQ6q8xdtfoPs9Z+PiqUS952WvZPssR0=", "owner": "nix-community", "repo": "home-manager", - "rev": "b7112b12ea5b8c3aa6af344498ed9ca27dd03ba3", + "rev": "bf7056c6a2d893d80db18d06d7e730d6515aaae8", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1757487488, - "narHash": "sha256-zwE/e7CuPJUWKdvvTCB7iunV4E/+G0lKfv4kk/5Izdg=", + "lastModified": 1758035966, + "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ab0f3607a6c7486ea22229b92ed2d355f1482ee0", + "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b", "type": "github" }, "original": { From 9f9c1e571b7a871db4a19d9bfe7fc3ebf9b24875 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 15 Sep 2025 13:22:30 +0000 Subject: [PATCH 430/485] home: zsh: do not notify on 'home-manager news' --- modules/home/zsh/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 1e85ccec..3c1e5152 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -19,7 +19,7 @@ in "direnv reload" "fg" "git (?!push|pull|fetch)" - "home-manager (?!switch|build|news)" + "home-manager (?!switch|build)" "htop" "less" "man" From 5b47fc63656b7583fb427386339c7adce3cc7e97 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 3 Oct 2025 12:23:54 +0200 Subject: [PATCH 431/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index b9c0fd5a..1889e0ce 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1759362264, + "narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1758184248, - "narHash": "sha256-TOazVsj8D1LTGQ6q8xdtfoPs9Z+PiqUS952WvZPssR0=", + "lastModified": 1759337100, + "narHash": "sha256-CcT3QvZ74NGfM+lSOILcCEeU+SnqXRvl1XCRHenZ0Us=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf7056c6a2d893d80db18d06d7e730d6515aaae8", + "rev": "004753ae6b04c4b18aa07192c1106800aaacf6c3", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1758035966, - "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=", + "lastModified": 1759422813, + "narHash": "sha256-WNkZqscW/dPLK5NMKH/jCkYMaVm/3KWgPmKMq65IXxk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b", + "rev": "2a7c84e1e740f004e0fe5c2577a63d1e659a496c", "type": "github" }, "original": { From 62533d435b9d86cf0c1271cd0a14ed73a67584f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 3 Oct 2025 12:18:38 +0000 Subject: [PATCH 432/485] home: vim: lspconfig: use native configuration The `nvim-lspconfig` "framework" is being deprecated to use the native `vim.lsp.config` and `vim.lsp.enable` functionality. I _could_ remove the `is_executable` checks, as native LSP handling does _not_ loudly error out when enabling a server which isn't executable. However I think `:LspInfo` is more readable if I don't. --- .../home/vim/plugin/settings/lspconfig.lua | 57 ++++++------------- 1 file changed, 17 insertions(+), 40 deletions(-) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 7817d4c1..68158b21 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -1,4 +1,3 @@ -local lspconfig = require("lspconfig") local lsp = require("ambroisie.lsp") local utils = require("ambroisie.utils") @@ -25,59 +24,45 @@ vim.diagnostic.config({ -- Inform servers we are able to do completion, snippets, etc... local capabilities = require("cmp_nvim_lsp").default_capabilities() +-- Shared configuration +vim.lsp.config("*", { + capabilities = capabilities, + on_attach = lsp.on_attach, +}) + -- C/C++ if utils.is_executable("clangd") then - lspconfig.clangd.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("clangd") end -- Haskell if utils.is_executable("haskell-language-server-wrapper") then - lspconfig.hls.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("hls") end -- Nix if utils.is_executable("nil") then - lspconfig.nil_ls.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("nil_ls") end -- Python if utils.is_executable("pyright") then - lspconfig.pyright.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("pyright") end if utils.is_executable("ruff") then - lspconfig.ruff.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("ruff") end -- Rust if utils.is_executable("rust-analyzer") then - lspconfig.rust_analyzer.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("rust_analyzer") end -- Shell if utils.is_executable("bash-language-server") then - lspconfig.bashls.setup({ + vim.lsp.config("bashls", { filetypes = { "bash", "sh", "zsh" }, - capabilities = capabilities, - on_attach = lsp.on_attach, settings = { bashIde = { shfmt = { @@ -89,27 +74,19 @@ if utils.is_executable("bash-language-server") then }, }, }) + vim.lsp.enable("bashls") end -- Starlark if utils.is_executable("starpls") then - lspconfig.starpls.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("starpls") end -- Generic if utils.is_executable("harper-ls") then - lspconfig.harper_ls.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("harper_ls") end if utils.is_executable("typos-lsp") then - lspconfig.typos_lsp.setup({ - capabilities = capabilities, - on_attach = lsp.on_attach, - }) + vim.lsp.enable("typos_lsp") end From 6b1b5300cdc275422e1eab5cdc24b7f6f6798d1b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 3 Oct 2025 12:39:18 +0000 Subject: [PATCH 433/485] home: vim: lspconfig: simplify LSP config Despite what I just said in the previous commit, I decided to remove the `is_executable` checks and always enable all servers. I figured out that NeoVim actually handles `PATH` modifications pretty well in this scenario: making a previously unavailable server executable will automatically enable it. --- .../home/vim/plugin/settings/lspconfig.lua | 73 +++++++------------ 1 file changed, 26 insertions(+), 47 deletions(-) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 68158b21..1596e84a 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -30,38 +30,20 @@ vim.lsp.config("*", { on_attach = lsp.on_attach, }) --- C/C++ -if utils.is_executable("clangd") then - vim.lsp.enable("clangd") -end - --- Haskell -if utils.is_executable("haskell-language-server-wrapper") then - vim.lsp.enable("hls") -end - --- Nix -if utils.is_executable("nil") then - vim.lsp.enable("nil_ls") -end - --- Python -if utils.is_executable("pyright") then - vim.lsp.enable("pyright") -end - -if utils.is_executable("ruff") then - vim.lsp.enable("ruff") -end - --- Rust -if utils.is_executable("rust-analyzer") then - vim.lsp.enable("rust_analyzer") -end - --- Shell -if utils.is_executable("bash-language-server") then - vim.lsp.config("bashls", { +local servers = { + -- C/C++ + clangd = {}, + -- Haskell + hls = {}, + -- Nix + nil_ls = {}, + -- Python + pyright = {}, + ruff = {}, + -- Rust + rust_analyzer = {}, + -- Shell + bashls = { filetypes = { "bash", "sh", "zsh" }, settings = { bashIde = { @@ -73,20 +55,17 @@ if utils.is_executable("bash-language-server") then }, }, }, - }) - vim.lsp.enable("bashls") -end + }, + -- Starlark + starpls = {}, + -- Generic + harper_ls = {}, + typos_lsp = {}, +} --- Starlark -if utils.is_executable("starpls") then - vim.lsp.enable("starpls") -end - --- Generic -if utils.is_executable("harper-ls") then - vim.lsp.enable("harper_ls") -end - -if utils.is_executable("typos-lsp") then - vim.lsp.enable("typos_lsp") +for server, config in pairs(servers) do + if not vim.tbl_isempty(config) then + vim.lsp.config(server, config) + end + vim.lsp.enable(server) end From 2df05aaa1a2f85601df107f16bfec70b9239eab4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 Oct 2025 09:33:49 +0000 Subject: [PATCH 434/485] flake: bump inputs And fix a breaking change leading to an evaluation failure. --- flake.lock | 36 +++++++++++----------- modules/nixos/services/homebox/default.nix | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 1889e0ce..1a8a9347 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1754433428, - "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=", + "lastModified": 1760836749, + "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", "owner": "ryantm", "repo": "agenix", - "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d", + "rev": "2f0f812f69f3eb4140157fe15e12739adf82e32a", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1759362264, - "narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", + "lastModified": 1760948891, + "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "758cf7296bee11f1706a574c77d072b8a7baa881", + "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "lastModified": 1760663237, + "narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1759337100, - "narHash": "sha256-CcT3QvZ74NGfM+lSOILcCEeU+SnqXRvl1XCRHenZ0Us=", + "lastModified": 1760969583, + "narHash": "sha256-vsf5mvR0xxK4GsfLx5bMJAQ4ysdrKymMIifNw+4TP7g=", "owner": "nix-community", "repo": "home-manager", - "rev": "004753ae6b04c4b18aa07192c1106800aaacf6c3", + "rev": "c9d758b500e53db5b74aa02d17dc45b65229e8e9", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1759422813, - "narHash": "sha256-WNkZqscW/dPLK5NMKH/jCkYMaVm/3KWgPmKMq65IXxk=", + "lastModified": 1760878510, + "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2a7c84e1e740f004e0fe5c2577a63d1e659a496c", + "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", "type": "github" }, "original": { @@ -200,11 +200,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1753980880, - "narHash": "sha256-aj1pbYxL6N+XFqBHjB4B1QP0bnKRcg1AfpgT5zUFsW8=", + "lastModified": 1759781536, + "narHash": "sha256-v/X5gKmgVoGtu5elYyUu2w037PyWVhrqnWzXkLJ9xnY=", "owner": "nix-community", "repo": "NUR", - "rev": "16db3e61da7606984a05b4dfc33cd1d26d22fb22", + "rev": "c30a53a5947bcc874b3f8842e6fe5c34bc81d8dd", "type": "github" }, "original": { diff --git a/modules/nixos/services/homebox/default.nix b/modules/nixos/services/homebox/default.nix index 8ed5d776..524a6d73 100644 --- a/modules/nixos/services/homebox/default.nix +++ b/modules/nixos/services/homebox/default.nix @@ -39,7 +39,7 @@ in my.services.backup = { paths = [ - config.services.homebox.settings.HBOX_STORAGE_DATA + (lib.removePrefix "file://" config.services.homebox.settings.HBOX_STORAGE_CONN_STRING) ]; }; From 9ddc77958ab4c647df7173a3a5eee08ae88f926b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 Oct 2025 09:35:02 +0000 Subject: [PATCH 435/485] home: git: fix deprecated config --- modules/home/git/default.nix | 38 +++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix index ca59a5fb..c3a51a0f 100644 --- a/modules/home/git/default.nix +++ b/modules/home/git/default.nix @@ -21,29 +21,31 @@ in config.programs.git = lib.mkIf cfg.enable { enable = true; - # Who am I? - userEmail = mkMailAddress "bruno" "belanyi.fr"; - userName = "Bruno BELANYI"; - inherit (cfg) package; - aliases = { - git = "!git"; - lol = "log --graph --decorate --pretty=oneline --abbrev-commit --topo-order"; - lola = "lol --all"; - assume = "update-index --assume-unchanged"; - unassume = "update-index --no-assume-unchanged"; - assumed = "!git ls-files -v | grep ^h | cut -c 3-"; - pick = "log -p -G"; - push-new = "!git push -u origin " - + ''"$(git branch | grep '^* ' | cut -f2- -d' ')"''; - root = "git rev-parse --show-toplevel"; - }; - lfs.enable = true; # There's more - extraConfig = { + settings = { + # Who am I? + user = { + email = mkMailAddress "bruno" "belanyi.fr"; + name = "Bruno BELANYI"; + }; + + alias = { + git = "!git"; + lol = "log --graph --decorate --pretty=oneline --abbrev-commit --topo-order"; + lola = "lol --all"; + assume = "update-index --assume-unchanged"; + unassume = "update-index --no-assume-unchanged"; + assumed = "!git ls-files -v | grep ^h | cut -c 3-"; + pick = "log -p -G"; + push-new = "!git push -u origin " + + ''"$(git branch | grep '^* ' | cut -f2- -d' ')"''; + root = "git rev-parse --show-toplevel"; + }; + # Makes it a bit more readable blame = { coloring = "repeatedLines"; From 4000a848ef21903b7d593160b509173c2fe81736 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 Oct 2025 09:39:19 +0000 Subject: [PATCH 436/485] home: delta: use upstream module --- modules/home/delta/default.nix | 42 +++++----------------------------- 1 file changed, 6 insertions(+), 36 deletions(-) diff --git a/modules/home/delta/default.nix b/modules/home/delta/default.nix index 16d3d597..e76edc60 100644 --- a/modules/home/delta/default.nix +++ b/modules/home/delta/default.nix @@ -1,9 +1,6 @@ { config, pkgs, lib, ... }: let cfg = config.my.home.delta; - - configFormat = pkgs.formats.gitIni { }; - configPath = "${config.xdg.configHome}/delta/config"; in { options.my.home.delta = with lib; { @@ -17,28 +14,14 @@ in }; config = lib.mkIf cfg.enable { - assertions = [ - { - # For its configuration - assertion = cfg.enable -> cfg.git.enable; - message = '' - `config.my.home.delta` must enable `config.my.home.delta.git` to be - properly configured. - ''; - } - { - assertion = cfg.enable -> config.programs.git.enable; - message = '' - `config.my.home.delta` relies on `config.programs.git` to be - enabled. - ''; - } - ]; + programs.delta = { + enable = true; - home.packages = [ cfg.package ]; + inherit (cfg) package; - xdg.configFile."delta/config".source = configFormat.generate "delta-config" { - delta = { + enableGitIntegration = cfg.git.enable; + + options = { features = "diff-highlight decorations"; # Less jarring style for `diff-highlight` emulation @@ -62,18 +45,5 @@ in }; }; }; - - programs.git = lib.mkIf cfg.git.enable { - delta = { - enable = true; - inherit (cfg) package; - }; - - includes = [ - { - path = configPath; - } - ]; - }; }; } From a20c8f820dcf77e0b0a75c67d2edf38d97488ba2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 27 Oct 2025 12:30:49 +0000 Subject: [PATCH 437/485] flake: bump inputs --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 1a8a9347..f56e8f29 100644 --- a/flake.lock +++ b/flake.lock @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1760969583, - "narHash": "sha256-vsf5mvR0xxK4GsfLx5bMJAQ4ysdrKymMIifNw+4TP7g=", + "lastModified": 1761530345, + "narHash": "sha256-+9+YCK9Lh6GThkXu/8JTxMFUnImIdZpb8ElUh6/F5Y8=", "owner": "nix-community", "repo": "home-manager", - "rev": "c9d758b500e53db5b74aa02d17dc45b65229e8e9", + "rev": "bbaeb9f1c29e79bb1653b32c3d73244cdf4bd888", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1760878510, - "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", + "lastModified": 1761373498, + "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", + "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce", "type": "github" }, "original": { From c536ee0136969aa1715e07939dfac9b02342f60d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 27 Oct 2025 12:31:12 +0000 Subject: [PATCH 438/485] home: zsh: add 'zsh-completion-sync' It's gated behind `completionSync.enable`, as it does make entering/leaving direnv-enabled projects slower (due to the calls to `compinit`). This might need a bit more work to avoid multiple `compinit`s at shell startup, will refine in the future if necessary. --- modules/home/zsh/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 3c1e5152..6c6a4693 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -8,6 +8,10 @@ in launchTmux = mkEnableOption "auto launch tmux at shell start"; + completionSync = { + enable = mkEnableOption "zsh-completion-sync plugin"; + }; + notify = { enable = mkEnableOption "zsh-done notification"; @@ -118,6 +122,18 @@ in }; } + (lib.mkIf cfg.completionSync.enable { + programs.zsh = { + plugins = [ + { + name = "zsh-completion-sync"; + file = "share/zsh-completion-sync/zsh-completion-sync.plugin.zsh"; + src = pkgs.zsh-completion-sync; + } + ]; + }; + }) + (lib.mkIf cfg.notify.enable { programs.zsh = { plugins = [ From 983bf0f7646ea2ebdff895751eea7054b9140b3a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 3 Nov 2025 17:22:29 +0100 Subject: [PATCH 439/485] nixos: services: nextcloud: bump to 32 --- modules/nixos/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index d8d4fce0..dd3b3868 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -35,7 +35,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud31; + package = pkgs.nextcloud32; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From 41c506749ef389c9a2f11dd3f3d17493892820f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 6 Nov 2025 14:39:11 +0000 Subject: [PATCH 440/485] flake: overlays: use 'lib' It's a `lib` function, not _really_ a Nixpkgs one. Also it's about to break after the next flake update :-). --- flake/overlays.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake/overlays.nix b/flake/overlays.nix index 0c47989d..c10afc33 100644 --- a/flake/overlays.nix +++ b/flake/overlays.nix @@ -1,4 +1,4 @@ -{ self, ... }: +{ self, lib, ... }: let default-overlays = import "${self}/overlays"; @@ -8,7 +8,7 @@ let # Expose my custom packages pkgs = _final: prev: { - ambroisie = prev.recurseIntoAttrs (import "${self}/pkgs" { pkgs = prev; }); + ambroisie = lib.recurseIntoAttrs (import "${self}/pkgs" { pkgs = prev; }); }; }; in From 44246b4ea146b1ca7b4687b35e0b833decb35b89 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 Nov 2025 11:56:25 +0000 Subject: [PATCH 441/485] flake: NUR has renamed its branch to 'main' --- flake.lock | 2 +- flake.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index f56e8f29..50f38e4e 100644 --- a/flake.lock +++ b/flake.lock @@ -209,7 +209,7 @@ }, "original": { "owner": "nix-community", - "ref": "master", + "ref": "main", "repo": "NUR", "type": "github" } diff --git a/flake.nix b/flake.nix index 50767290..0bdd180e 100644 --- a/flake.nix +++ b/flake.nix @@ -54,7 +54,7 @@ type = "github"; owner = "nix-community"; repo = "NUR"; - ref = "master"; + ref = "main"; inputs = { flake-parts.follows = "flake-parts"; nixpkgs.follows = "nixpkgs"; From fe681d3f16eea4d87d55d02c1e8e915eaaf415e6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 6 Nov 2025 14:35:53 +0000 Subject: [PATCH 442/485] flake: bump inputs --- flake.lock | 54 ++++++++++++++++-------------------------------------- 1 file changed, 16 insertions(+), 38 deletions(-) diff --git a/flake.lock b/flake.lock index 50f38e4e..d95de526 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1760836749, - "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", + "lastModified": 1761656077, + "narHash": "sha256-lsNWuj4Z+pE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94=", "owner": "ryantm", "repo": "agenix", - "rev": "2f0f812f69f3eb4140157fe15e12739adf82e32a", + "rev": "9ba0d85de3eaa7afeab493fed622008b6e4924f5", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1760948891, - "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", + "lastModified": 1762040540, + "narHash": "sha256-z5PlZ47j50VNF3R+IMS9LmzI5fYRGY/Z5O5tol1c9I4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", + "rev": "0010412d62a25d959151790968765a70c436598b", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1761530345, - "narHash": "sha256-+9+YCK9Lh6GThkXu/8JTxMFUnImIdZpb8ElUh6/F5Y8=", + "lastModified": 1762435363, + "narHash": "sha256-BTmHXtuuwVO1dRs6jPHcHCoO6+A7G3+GzrgeluiSkww=", "owner": "nix-community", "repo": "home-manager", - "rev": "bbaeb9f1c29e79bb1653b32c3d73244cdf4bd888", + "rev": "432bc8a5da66638b5f139588efd6c4bd327e4cdc", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1761373498, - "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=", + "lastModified": 1762111121, + "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce", + "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", "type": "github" }, "original": { @@ -196,15 +196,14 @@ ], "nixpkgs": [ "nixpkgs" - ], - "treefmt-nix": "treefmt-nix" + ] }, "locked": { - "lastModified": 1759781536, - "narHash": "sha256-v/X5gKmgVoGtu5elYyUu2w037PyWVhrqnWzXkLJ9xnY=", + "lastModified": 1762602346, + "narHash": "sha256-BVzjmS25ihrfnfpfLD6gzXqMp9vP0hOyjIWkV0LP6E0=", "owner": "nix-community", "repo": "NUR", - "rev": "c30a53a5947bcc874b3f8842e6fe5c34bc81d8dd", + "rev": "fe5118da8d7e09651e0362ff130d194bc1441185", "type": "github" }, "original": { @@ -241,27 +240,6 @@ "repo": "default", "type": "github" } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733222881, - "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "49717b5af6f80172275d47a418c9719a31a78b53", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } } }, "root": "root", From 0ac983a71f8cec556babe577e65b513173143417 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 9 Oct 2025 10:47:23 +0000 Subject: [PATCH 443/485] home: vim: do not set 'background' explicitly Rely on the new behaviour from v0.10 which detects it more intelligently. --- modules/home/vim/init.vim | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 39ef32e3..11429250 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -81,9 +81,6 @@ set updatetime=250 " Disable all mouse integrations set mouse= -" Set dark mode by default -set background=dark - " Setup some overrides for gruvbox lua << EOF local gruvbox = require("gruvbox") From bbdbc1e55cb8b2125b2ece2ff1c9d4c5922d821b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 28 Oct 2025 12:43:53 +0000 Subject: [PATCH 444/485] home: vim: ftdetect: remove glsl GLSL is now correctly detected starting with v0.11. This reverts commit b8b64bed8e4b3d8d109e7dcf38f69a4242142ec3. --- modules/home/vim/ftdetect/glsl.lua | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 modules/home/vim/ftdetect/glsl.lua diff --git a/modules/home/vim/ftdetect/glsl.lua b/modules/home/vim/ftdetect/glsl.lua deleted file mode 100644 index 2f4f1ddd..00000000 --- a/modules/home/vim/ftdetect/glsl.lua +++ /dev/null @@ -1,7 +0,0 @@ --- Use GLSL filetype for common shader file extensions -vim.filetype.add({ - extension = { - frag = "glsl", - vert = "glsl", - }, -}) From 6e73c936b09d46c8427963b5139588804aceddaa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 Nov 2025 14:48:49 +0000 Subject: [PATCH 445/485] home: zsh: fix plug-in path The upstream commit [1] said it was a non-breaking change, but didn't actually setup the symlinks for this package... [1]: 10f01ded353d5a76c6acbecaa0ac5e5063f60c13 --- modules/home/zsh/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index 6c6a4693..95242628 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -72,7 +72,7 @@ in plugins = [ { name = "fast-syntax-highlighting"; - file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; + file = "share/zsh/plugins/fast-syntax-highlighting/fast-syntax-highlighting.plugin.zsh"; src = pkgs.zsh-fast-syntax-highlighting; } { From 1b4111e28fc68d5b4592f3238854ba1164443c7e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 Nov 2025 22:12:42 +0100 Subject: [PATCH 446/485] nixos: services: nextcloud: use declarative apps Now that the `notify_push` module declaratively installs _its_ app [1], I should declaratively install _all_ apps. [1]: https://github.com/NixOS/nixpkgs/pull/451501 --- modules/nixos/services/nextcloud/collabora.nix | 6 ++++++ modules/nixos/services/nextcloud/default.nix | 10 ++++++++++ 2 files changed, 16 insertions(+) diff --git a/modules/nixos/services/nextcloud/collabora.nix b/modules/nixos/services/nextcloud/collabora.nix index f8f42a77..408b232e 100644 --- a/modules/nixos/services/nextcloud/collabora.nix +++ b/modules/nixos/services/nextcloud/collabora.nix @@ -16,6 +16,12 @@ in }; config = lib.mkIf cfg.enable { + services.nextcloud = { + extraApps = { + inherit (config.services.nextcloud.package.packages.apps) richdocuments; + }; + }; + services.collabora-online = { enable = true; inherit (cfg) port; diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index dd3b3868..24515ffe 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -62,6 +62,16 @@ in # Allow using the push service without hard-coding my IP in the configuration bendDomainToLocalhost = true; }; + + extraApps = { + inherit (config.services.nextcloud.package.packages.apps) + calendar + contacts + deck + tasks + ; + # notify_push is automatically installed by the module + }; }; # The service above configures the domain, no need for my wrapper From 6124d07c1b846d316e03e78a3cb65a77ce2e9832 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Nov 2025 12:35:54 +0100 Subject: [PATCH 447/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index d95de526..b0414094 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1761656077, - "narHash": "sha256-lsNWuj4Z+pE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94=", + "lastModified": 1762618334, + "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", "owner": "ryantm", "repo": "agenix", - "rev": "9ba0d85de3eaa7afeab493fed622008b6e4924f5", + "rev": "fcdea223397448d35d9b31f798479227e80183f6", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1762040540, - "narHash": "sha256-z5PlZ47j50VNF3R+IMS9LmzI5fYRGY/Z5O5tol1c9I4=", + "lastModified": 1762980239, + "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "0010412d62a25d959151790968765a70c436598b", + "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1760663237, - "narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=", + "lastModified": 1763319842, + "narHash": "sha256-YG19IyrTdnVn0l3DvcUYm85u3PaqBt6tI6VvolcuHnA=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37", + "rev": "7275fa67fbbb75891c16d9dee7d88e58aea2d761", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1762435363, - "narHash": "sha256-BTmHXtuuwVO1dRs6jPHcHCoO6+A7G3+GzrgeluiSkww=", + "lastModified": 1763313531, + "narHash": "sha256-yvdCYUL85zEDp2NzPUBmaNBXP6KnWEOhAk3j7PTfsKw=", "owner": "nix-community", "repo": "home-manager", - "rev": "432bc8a5da66638b5f139588efd6c4bd327e4cdc", + "rev": "3670a78eee49deebe4825fc8ecc46b172d1a8391", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1762111121, - "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", + "lastModified": 1763283776, + "narHash": "sha256-Y7TDFPK4GlqrKrivOcsHG8xSGqQx3A6c+i7novT85Uk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", + "rev": "50a96edd8d0db6cc8db57dab6bb6d6ee1f3dc49a", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1762602346, - "narHash": "sha256-BVzjmS25ihrfnfpfLD6gzXqMp9vP0hOyjIWkV0LP6E0=", + "lastModified": 1763378400, + "narHash": "sha256-9eZj8GNTBYnI8PQf9n8m9XbFCA/ugQ5r7sylY9DEx9M=", "owner": "nix-community", "repo": "NUR", - "rev": "fe5118da8d7e09651e0362ff130d194bc1441185", + "rev": "6bd477535ba71aa22d2712c8735c92812a1c74dc", "type": "github" }, "original": { From ad6a0bf4d3e5c5914160b2f427ef153d534b1030 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 6 Nov 2025 22:36:18 +0100 Subject: [PATCH 448/485] nixos: services: mealie: extend session timeout --- modules/nixos/services/mealie/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 8c02398c..837bff29 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -32,6 +32,7 @@ in BASE_URL = "https://mealie.${config.networking.domain}"; TZ = config.time.timeZone; ALLOw_SIGNUP = "false"; + TOKEN_TIME = 24 * 180; # 180 days }; # Automatic PostgreSQL provisioning From 127e26b259624c6a57bc839abdde4f245c3099b8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Nov 2025 12:38:30 +0100 Subject: [PATCH 449/485] nixos: services: transmission: use high file limit Seeding a lot of files means keeping them all open. The actual limit was cargo-culted from an open issue. --- modules/nixos/services/transmission/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index ddd77d4b..2ed01fd0 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -71,10 +71,12 @@ in }; }; - # Transmission wants to eat *all* my RAM if left to its own devices systemd.services.transmission = { serviceConfig = { + # Transmission wants to eat *all* my RAM if left to its own devices MemoryMax = "33%"; + # Avoid errors due to high number of open files. + LimitNOFILE = 1048576; }; }; From b37bde6eaf150033149d0bbd5d924d0f9fb4b145 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Nov 2025 12:45:22 +0100 Subject: [PATCH 450/485] nixos: services: transmission: use longer timeout It looks like Transmission takes time roughly proportional with the number of open files to stop, so let's increase the timeout slightly. --- modules/nixos/services/transmission/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index 2ed01fd0..6a7fbc72 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -77,6 +77,8 @@ in MemoryMax = "33%"; # Avoid errors due to high number of open files. LimitNOFILE = 1048576; + # Longer stop timeout to finish all torrents + TimeoutStopSec = "5m"; }; }; From 29fb7c5066132e12b98a6cb7a7f9ba3c5460d8c1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 17 Nov 2025 13:57:48 +0000 Subject: [PATCH 451/485] home: discord: use upstream module --- modules/home/discord/default.nix | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/modules/home/discord/default.nix b/modules/home/discord/default.nix index bfa5d40e..f9892df3 100644 --- a/modules/home/discord/default.nix +++ b/modules/home/discord/default.nix @@ -1,8 +1,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.home.discord; - - jsonFormat = pkgs.formats.json { }; in { options.my.home.discord = with lib; { @@ -12,14 +10,15 @@ in }; config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - cfg.package - ]; + programs.discord = { + enable = true; - xdg.configFile."discord/settings.json".source = - jsonFormat.generate "discord.json" { + inherit (cfg) package; + + settings = { # Do not keep me from using the app just to force an update SKIP_HOST_UPDATE = true; }; + }; }; } From 3020c6433b0056aa805cdabd8d4c30f82cfb47e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 30 Nov 2025 00:20:07 +0100 Subject: [PATCH 452/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index b0414094..b84e16d7 100644 --- a/flake.lock +++ b/flake.lock @@ -53,11 +53,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "lastModified": 1761588595, + "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", "owner": "edolstra", "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1762980239, - "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", + "lastModified": 1763759067, + "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", + "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1763319842, - "narHash": "sha256-YG19IyrTdnVn0l3DvcUYm85u3PaqBt6tI6VvolcuHnA=", + "lastModified": 1763988335, + "narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "7275fa67fbbb75891c16d9dee7d88e58aea2d761", + "rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1763313531, - "narHash": "sha256-yvdCYUL85zEDp2NzPUBmaNBXP6KnWEOhAk3j7PTfsKw=", + "lastModified": 1764361670, + "narHash": "sha256-jgWzgpIaHbL3USIq0gihZeuy1lLf2YSfwvWEwnfAJUw=", "owner": "nix-community", "repo": "home-manager", - "rev": "3670a78eee49deebe4825fc8ecc46b172d1a8391", + "rev": "780be8ef503a28939cf9dc7996b48ffb1a3e04c6", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1763283776, - "narHash": "sha256-Y7TDFPK4GlqrKrivOcsHG8xSGqQx3A6c+i7novT85Uk=", + "lastModified": 1764242076, + "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "50a96edd8d0db6cc8db57dab6bb6d6ee1f3dc49a", + "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1763378400, - "narHash": "sha256-9eZj8GNTBYnI8PQf9n8m9XbFCA/ugQ5r7sylY9DEx9M=", + "lastModified": 1764449851, + "narHash": "sha256-VnodC1+3KML8MYLLnK84E6U2Fz4ioNacOeQd1pMCSTw=", "owner": "nix-community", "repo": "NUR", - "rev": "6bd477535ba71aa22d2712c8735c92812a1c74dc", + "rev": "b1781c0aa8935d8d1f35d228bcc7127fcebcd363", "type": "github" }, "original": { From f546f85037bf23f105a721132f06ab3a562d38f7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 Nov 2025 23:34:06 +0100 Subject: [PATCH 453/485] hosts: nixos: porthos: secrets: sso: remove owner Now that the service uses `LoadCredential` [1], I can make the files root-owned. [1]: https://github.com/NixOS/nixpkgs/pull/460305 --- hosts/nixos/porthos/secrets/secrets.nix | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index b3812b43..f1842b4c 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -83,18 +83,9 @@ in "servarr/autobrr/session-secret.age".publicKeys = all; "servarr/cross-seed/configuration.json.age".publicKeys = all; - "sso/auth-key.age" = { - owner = "nginx-sso"; - publicKeys = all; - }; - "sso/ambroisie/password-hash.age" = { - owner = "nginx-sso"; - publicKeys = all; - }; - "sso/ambroisie/totp-secret.age" = { - owner = "nginx-sso"; - publicKeys = all; - }; + "sso/auth-key.age".publicKeys = all; + "sso/ambroisie/password-hash.age".publicKeys = all; + "sso/ambroisie/totp-secret.age".publicKeys = all; "tandoor-recipes/secret-key.age".publicKeys = all; From 5cd9155a5838d54c3606f6b0851e54252ea0774c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 23 Nov 2025 17:08:35 +0100 Subject: [PATCH 454/485] nixos: services: mealie: backup state directory Somehow forgot to do this when first writing the module. --- modules/nixos/services/mealie/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 837bff29..f3774e17 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -54,6 +54,12 @@ in }; }; + my.services.backup = { + paths = [ + "/var/lib/mealie" + ]; + }; + services.fail2ban.jails = { mealie = '' enabled = true From ddc6cd37adbb80960e8c99ddbb549057b64126ed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 11 Dec 2025 21:00:17 +0100 Subject: [PATCH 455/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index b84e16d7..fd6173b9 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1763988335, - "narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=", + "lastModified": 1765464257, + "narHash": "sha256-dixPWKiHzh80PtD0aLuxYNQ0xP+843dfXG/yM3OzaYQ=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce", + "rev": "09e45f2598e1a8499c3594fe11ec2943f34fe509", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1764361670, - "narHash": "sha256-jgWzgpIaHbL3USIq0gihZeuy1lLf2YSfwvWEwnfAJUw=", + "lastModified": 1765480374, + "narHash": "sha256-HlbvQAqLx7WqZFFQZ8nu5UUJAVlXiV/kqKbyueA8srw=", "owner": "nix-community", "repo": "home-manager", - "rev": "780be8ef503a28939cf9dc7996b48ffb1a3e04c6", + "rev": "39cb677ed9e908e90478aa9fe5f3383dfc1a63f3", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764242076, - "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", + "lastModified": 1765186076, + "narHash": "sha256-hM20uyap1a0M9d344I692r+ik4gTMyj60cQWO+hAYP8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", + "rev": "addf7cf5f383a3101ecfba091b98d0a1263dc9b8", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1764449851, - "narHash": "sha256-VnodC1+3KML8MYLLnK84E6U2Fz4ioNacOeQd1pMCSTw=", + "lastModified": 1765481746, + "narHash": "sha256-oWDp4EMOXvPZSC5ZVdg90K7EFgUGvxmrFAwA/1hJ/j4=", "owner": "nix-community", "repo": "NUR", - "rev": "b1781c0aa8935d8d1f35d228bcc7127fcebcd363", + "rev": "2b2d6d53d6a66d1be2d8620024cc61ad986bcee2", "type": "github" }, "original": { From bf428aaeca03be801b53396eeba5ab73fab7c297 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 2 Dec 2025 12:34:42 +0000 Subject: [PATCH 456/485] nixos: hardware: graphics: remove 'amdvlk' It's been fully deprecated, the package was removed. --- modules/nixos/hardware/graphics/default.nix | 9 --------- 1 file changed, 9 deletions(-) diff --git a/modules/nixos/hardware/graphics/default.nix b/modules/nixos/hardware/graphics/default.nix index 7d8b359c..4b6eb375 100644 --- a/modules/nixos/hardware/graphics/default.nix +++ b/modules/nixos/hardware/graphics/default.nix @@ -15,8 +15,6 @@ in amd = { enableKernelModule = lib.my.mkDisableOption "Kernel driver module"; - - amdvlk = lib.mkEnableOption "Use AMDVLK instead of Mesa RADV driver"; }; intel = { @@ -35,13 +33,6 @@ in (lib.mkIf (cfg.gpuFlavor == "amd") { hardware.amdgpu = { initrd.enable = cfg.amd.enableKernelModule; - # Vulkan - amdvlk = lib.mkIf cfg.amd.amdvlk { - enable = true; - support32Bit = { - enable = true; - }; - }; }; hardware.graphics = { From 88024f16e59eb35dc1f13ff17626126604424ff6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Dec 2025 14:56:25 +0000 Subject: [PATCH 457/485] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index fd6173b9..c8c20733 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1763759067, - "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1765464257, - "narHash": "sha256-dixPWKiHzh80PtD0aLuxYNQ0xP+843dfXG/yM3OzaYQ=", + "lastModified": 1765911976, + "narHash": "sha256-t3T/xm8zstHRLx+pIHxVpQTiySbKqcQbK+r+01XVKc0=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "09e45f2598e1a8499c3594fe11ec2943f34fe509", + "rev": "b68b780b69702a090c8bb1b973bab13756cc7a27", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1765480374, - "narHash": "sha256-HlbvQAqLx7WqZFFQZ8nu5UUJAVlXiV/kqKbyueA8srw=", + "lastModified": 1766171975, + "narHash": "sha256-47Ee0bTidhF/3/sHuYnWRuxcCrrm0mBNDxBkOTd3wWQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "39cb677ed9e908e90478aa9fe5f3383dfc1a63f3", + "rev": "bb35f07cc95a73aacbaf1f7f46bb8a3f40f265b5", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1765186076, - "narHash": "sha256-hM20uyap1a0M9d344I692r+ik4gTMyj60cQWO+hAYP8=", + "lastModified": 1766070988, + "narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "addf7cf5f383a3101ecfba091b98d0a1263dc9b8", + "rev": "c6245e83d836d0433170a16eb185cefe0572f8b8", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1765481746, - "narHash": "sha256-oWDp4EMOXvPZSC5ZVdg90K7EFgUGvxmrFAwA/1hJ/j4=", + "lastModified": 1766242030, + "narHash": "sha256-GdaKIZrzm4fbFf9jBVmeQFZTwYPxUlSTZrSId/JNMAU=", "owner": "nix-community", "repo": "NUR", - "rev": "2b2d6d53d6a66d1be2d8620024cc61ad986bcee2", + "rev": "30006228925f07c5c2a270bb95dc8da35d9942dc", "type": "github" }, "original": { From 7202fa191197d24c05b621a643bd4b07f13f8a43 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 20 Dec 2025 13:43:06 +0000 Subject: [PATCH 458/485] home: firefox: do not trim URLs --- modules/home/firefox/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/home/firefox/default.nix b/modules/home/firefox/default.nix index 6346dc9b..19a008cc 100644 --- a/modules/home/firefox/default.nix +++ b/modules/home/firefox/default.nix @@ -52,6 +52,7 @@ in "browser.newtabpage.activity-stream.feeds.sections" = false; "browser.newtabpage.activity-stream.feeds.system.topstories" = false; # Disable top stories "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; # Disable pocket + "browser.urlbar.trimURLs" = false; # Always show the `http://` prefix "extensions.pocket.enabled" = false; # Disable pocket "media.eme.enabled" = true; # Enable DRM "media.gmp-widevinecdm.enabled" = true; # Enable DRM From 852ded641a1e47b9cd95c5aaf3a3a2c1c6e01e38 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Jan 2026 16:53:16 +0000 Subject: [PATCH 459/485] home: vim: lua: move 'list_clients' to lsp' --- modules/home/vim/lua/ambroisie/lsp.lua | 14 ++++++++++++++ modules/home/vim/lua/ambroisie/utils.lua | 14 -------------- modules/home/vim/plugin/settings/lualine.lua | 4 ++-- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index fef04873..05ca47a9 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -85,4 +85,18 @@ M.on_attach = function(client, bufnr) wk.add(keys) end +--- list all active LSP clients for specific buffer, or all buffers +--- @param bufnr int? buffer number +--- @return table all active LSP client names +M.list_clients = function(bufnr) + local clients = vim.lsp.get_clients({ bufnr = bufnr }) + local names = {} + + for _, client in ipairs(clients) do + table.insert(names, client.name) + end + + return names +end + return M diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 0ee7c83b..482325e5 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -34,20 +34,6 @@ M.is_ssh = function() return false end ---- list all active LSP clients for specific buffer, or all buffers ---- @param bufnr int? buffer number ---- @return table all active LSP client names -M.list_lsp_clients = function(bufnr) - local clients = vim.lsp.get_clients({ bufnr = bufnr }) - local names = {} - - for _, client in ipairs(clients) do - table.insert(names, client.name) - end - - return names -end - --- partially apply a function with given arguments M.partial = function(f, ...) local a = { ... } diff --git a/modules/home/vim/plugin/settings/lualine.lua b/modules/home/vim/plugin/settings/lualine.lua index bbe46475..2dbc916e 100644 --- a/modules/home/vim/plugin/settings/lualine.lua +++ b/modules/home/vim/plugin/settings/lualine.lua @@ -1,6 +1,6 @@ local lualine = require("lualine") local oil = require("oil") -local utils = require("ambroisie.utils") +local lsp = require("ambroisie.lsp") local function list_spell_languages() if not vim.opt.spell:get() then @@ -11,7 +11,7 @@ local function list_spell_languages() end local function list_lsp_clients() - local client_names = utils.list_lsp_clients(0) + local client_names = lsp.list_clients(0) if #client_names == 0 then return "" From 034a432c8e408aeb606e4100b1758a956124328f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Jan 2026 16:57:25 +0000 Subject: [PATCH 460/485] home: vim: null-ls: use 'partial' Just noticed that 'is_executable_condition' wasn't necessary now that I have this more generic solution. --- modules/home/vim/plugin/settings/null-ls.lua | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 258a2094..00295bcc 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -10,11 +10,11 @@ null_ls.setup({ null_ls.register({ null_ls.builtins.diagnostics.buildifier.with({ -- Only used if available - condition = utils.is_executable_condition("buildifier"), + condition = utils.partial(utils.is_executable, "buildifier"), }), null_ls.builtins.formatting.buildifier.with({ -- Only used if available - condition = utils.is_executable_condition("buildifier"), + condition = utils.partial(utils.is_executable, "buildifier"), }), }) @@ -22,7 +22,7 @@ null_ls.register({ null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ -- Only used if available - condition = utils.is_executable_condition("nixpkgs-fmt"), + condition = utils.partial(utils.is_executable, "nixpkgs-fmt"), }), }) @@ -30,19 +30,19 @@ null_ls.register({ null_ls.register({ null_ls.builtins.diagnostics.mypy.with({ -- Only used if available - condition = utils.is_executable_condition("mypy"), + condition = utils.partial(utils.is_executable, "mypy"), }), null_ls.builtins.diagnostics.pylint.with({ -- Only used if available - condition = utils.is_executable_condition("pylint"), + condition = utils.partial(utils.is_executable, "pylint"), }), null_ls.builtins.formatting.black.with({ extra_args = { "--fast" }, -- Only used if available - condition = utils.is_executable_condition("black"), + condition = utils.partial(utils.is_executable, "black"), }), null_ls.builtins.formatting.isort.with({ -- Only used if available - condition = utils.is_executable_condition("isort"), + condition = utils.partial(utils.is_executable, "isort"), }), }) From ab34234c8392130d0158940d761dfa2923d527bf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Jan 2026 16:57:25 +0000 Subject: [PATCH 461/485] home: vim: lua: remove 'is_executable_condition' --- modules/home/vim/lua/ambroisie/utils.lua | 9 --------- 1 file changed, 9 deletions(-) diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 482325e5..5cb8df10 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -7,15 +7,6 @@ M.is_executable = function(cmd) return cmd and vim.fn.executable(cmd) == 1 end ---- return a function that checks if a given command is executable ---- @param cmd string? command to check ---- @return fun(): boolean executable -M.is_executable_condition = function(cmd) - return function() - return M.is_executable(cmd) - end -end - --- whether or not we are currently in an SSH connection --- @return boolean ssh connection M.is_ssh = function() From 69b9480aa10d6cedcad2d31048dfe2dea1fdeac1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 20 Jan 2026 11:43:50 +0000 Subject: [PATCH 462/485] home: vim: git: use consistent textobject names Specifically, use a lower-case name, to be consistent with all other textobjects. --- modules/home/vim/plugin/settings/git.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index b9b92a69..fcae4252 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -57,12 +57,12 @@ local keys = { local objects = { mode = "o", - { "ih", gitsigns.select_hunk, desc = "Git hunk" }, + { "ih", gitsigns.select_hunk, desc = "git hunk" }, } -- Visual local visual = { mode = { "x" }, - { "ih", gitsigns.select_hunk, desc = "Git hunk" }, + { "ih", gitsigns.select_hunk, desc = "git hunk" }, { "g", group = "Git" }, { "gp", gitsigns.preview_hunk, desc = "Preview selection" }, { "gr", make_visual(gitsigns.reset_hunk), desc = "Restore selection" }, From 47ca4ed61cd328aff79cbec8f933e396ef53ffb8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 19 Jan 2026 16:01:37 +0000 Subject: [PATCH 463/485] overlays: add 'nvim-treesitter-legacy-shim' There has been a major breaking change upstream, as they have merged updated the plug-in to its (majorly incompatible) main branch rewrite. To make the upgrade process easier, this overlay ensures my configuration will keep evaluating with the legacy plug-in variant. --- .../nvim-treesitter-legacy-shim/default.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 overlays/nvim-treesitter-legacy-shim/default.nix diff --git a/overlays/nvim-treesitter-legacy-shim/default.nix b/overlays/nvim-treesitter-legacy-shim/default.nix new file mode 100644 index 00000000..d629f717 --- /dev/null +++ b/overlays/nvim-treesitter-legacy-shim/default.nix @@ -0,0 +1,18 @@ +final: prev: +let + inherit (final) lib; + overrides = final: prev: + let + hasLegacyPackage = prev ? nvim-treesitter-legacy; + in + { + nvim-treesitter-textobjects-legacy = prev.nvim-treesitter-textobjects.overrideAttrs { + dependencies = [ final.nvim-treesitter-legacy ]; + }; + } // (lib.optionalAttrs (!hasLegacyPackage) { + nvim-treesitter-legacy = final.nvim-treesitter; + }); +in +{ + vimPlugins = prev.vimPlugins.extend (overrides); +} From 28a36cfdaab7154ec1eec5534963829edd89da83 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 20 Jan 2026 11:33:16 +0000 Subject: [PATCH 464/485] home: vim: use legacy 'nvim-treesitter' plug-ins --- modules/home/vim/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 930a853a..726d4870 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -60,8 +60,8 @@ in nvim-lspconfig # Easy LSP configuration lsp-format-nvim # Simplified formatting configuration none-ls-nvim # LSP integration for linters and formatters - nvim-treesitter.withAllGrammars # Better highlighting - nvim-treesitter-textobjects # More textobjects + nvim-treesitter-legacy.withAllGrammars # Better highlighting + nvim-treesitter-textobjects-legacy # More textobjects plenary-nvim # 'null-ls', 'telescope' dependency # Completion From dbd7e077e5f23f3b6f2c42b1c55d9180680c6faf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 19 Jan 2026 18:12:55 +0000 Subject: [PATCH 465/485] flake: bump inputs --- flake.lock | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index c8c20733..3f7a9b57 100644 --- a/flake.lock +++ b/flake.lock @@ -53,15 +53,15 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1761588595, - "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", - "owner": "edolstra", + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "NixOS", "repo": "flake-compat", - "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", "type": "github" }, "original": { - "owner": "edolstra", + "owner": "NixOS", "repo": "flake-compat", "type": "github" } @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1765835352, - "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", + "lastModified": 1768135262, + "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "a34fae9c08a15ad73f295041fec82323541400a9", + "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1765911976, - "narHash": "sha256-t3T/xm8zstHRLx+pIHxVpQTiySbKqcQbK+r+01XVKc0=", + "lastModified": 1769069492, + "narHash": "sha256-Efs3VUPelRduf3PpfPP2ovEB4CXT7vHf8W+xc49RL/U=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b68b780b69702a090c8bb1b973bab13756cc7a27", + "rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1766171975, - "narHash": "sha256-47Ee0bTidhF/3/sHuYnWRuxcCrrm0mBNDxBkOTd3wWQ=", + "lastModified": 1769442288, + "narHash": "sha256-p+Xqr+P22TYW2RqbwccSd4UlUDEwl7PnoW3qiH8wVoE=", "owner": "nix-community", "repo": "home-manager", - "rev": "bb35f07cc95a73aacbaf1f7f46bb8a3f40f265b5", + "rev": "384786dc70c4992643f916c7e57f378714fec4f1", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1766070988, - "narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=", + "lastModified": 1769170682, + "narHash": "sha256-oMmN1lVQU0F0W2k6OI3bgdzp2YOHWYUAw79qzDSjenU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c6245e83d836d0433170a16eb185cefe0572f8b8", + "rev": "c5296fdd05cfa2c187990dd909864da9658df755", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1766242030, - "narHash": "sha256-GdaKIZrzm4fbFf9jBVmeQFZTwYPxUlSTZrSId/JNMAU=", + "lastModified": 1769444957, + "narHash": "sha256-2VIGLo/Xj7v+ZZqR/k2uoaZ75vpYB1FLa2UAW5ZhIK8=", "owner": "nix-community", "repo": "NUR", - "rev": "30006228925f07c5c2a270bb95dc8da35d9942dc", + "rev": "9183819b926f1f58e8af86e86f28cc7d1e87698f", "type": "github" }, "original": { From 96a76f8c7f3811af06438b848bd266f013249e91 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 20 Jan 2026 11:41:38 +0000 Subject: [PATCH 466/485] home: vim: tree-sitter: migrate textobjects config This uses the new configuration format. I might DRY it up at some point in the future, though I probably won't. --- .../home/vim/plugin/settings/tree-sitter.lua | 105 +++++++++++------- 1 file changed, 64 insertions(+), 41 deletions(-) diff --git a/modules/home/vim/plugin/settings/tree-sitter.lua b/modules/home/vim/plugin/settings/tree-sitter.lua index d5fff465..cbb0d455 100644 --- a/modules/home/vim/plugin/settings/tree-sitter.lua +++ b/modules/home/vim/plugin/settings/tree-sitter.lua @@ -1,4 +1,58 @@ local ts_config = require("nvim-treesitter.configs") +local ts_select = require("nvim-treesitter-textobjects.select") +local ts_move = require("nvim-treesitter-textobjects.move") +local utils = require("ambroisie.utils") +local wk = require("which-key") + +local function select_textobject(query) + return utils.partial(ts_select.select_textobject, query) +end + +local function goto_next_start(query) + return utils.partial(ts_move.goto_next_start, query) +end +local function goto_next_end(query) + return utils.partial(ts_move.goto_next_end, query) +end +local function goto_previous_start(query) + return utils.partial(ts_move.goto_previous_start, query) +end +local function goto_previous_end(query) + return utils.partial(ts_move.goto_previous_end, query) +end + +local objects = { + mode = { "x", "o" }, + { "aa", select_textobject("@parameter.outer"), desc = "a parameter" }, + { "ia", select_textobject("@parameter.inner"), desc = "inner parameter" }, + { "ab", select_textobject("@block.outer"), desc = "a block" }, + { "ib", select_textobject("@block.inner"), desc = "inner block" }, + { "ac", select_textobject("@class.outer"), desc = "a class" }, + { "ic", select_textobject("@class.inner"), desc = "inner class" }, + { "af", select_textobject("@function.outer"), desc = "a function" }, + { "if", select_textobject("@function.inner"), desc = "inner function" }, + { "ak", select_textobject("@comment.outer"), desc = "a comment" }, + { "aS", select_textobject("@statement.outer"), desc = "a statement" }, +} +local moves = { + mode = { "n", "x", "o" }, + -- Next start + { "]m", goto_next_start("@function.outer"), desc = "Next method start" }, + { "]S", goto_next_start("@statement.outer"), desc = "Next statement start" }, + { "]]", goto_next_start("@class.outer"), desc = "Next class start" }, + -- Next end + { "]M", goto_next_end("@function.outer"), desc = "Next method end" }, + { "][", goto_next_end("@class.outer"), desc = "Next class end" }, + -- Previous start + { "[m", goto_previous_start("@function.outer"), desc = "Previous method start" }, + { "[S", goto_previous_start("@statement.outer"), desc = "Previous statement start" }, + { "[[", goto_previous_start("@class.outer"), desc = "Previous class start" }, + -- Previous end + { "[M", goto_previous_end("@function.outer"), desc = "Previous method end" }, + { "[]", goto_previous_end("@class.outer"), desc = "Previous class end" }, +} +wk.add(objects) +wk.add(moves) ts_config.setup({ highlight = { @@ -9,46 +63,15 @@ ts_config.setup({ indent = { enable = true, }, - textobjects = { - select = { - enable = true, - -- Jump to matching text objects - lookahead = true, - keymaps = { - ["aa"] = { query = "@parameter.outer", desc = "a parameter" }, - ["ia"] = { query = "@parameter.inner", desc = "inner parameter" }, - ["ab"] = { query = "@block.outer", desc = "a block" }, - ["ib"] = { query = "@block.inner", desc = "inner block" }, - ["ac"] = { query = "@class.outer", desc = "a class" }, - ["ic"] = { query = "@class.inner", desc = "inner class" }, - ["af"] = { query = "@function.outer", desc = "a function" }, - ["if"] = { query = "@function.inner", desc = "inner function" }, - ["ak"] = { query = "@comment.outer", desc = "a comment" }, - ["aS"] = { query = "@statement.outer", desc = "a statement" }, - }, - }, - move = { - enable = true, - -- Add to jump list - set_jumps = true, - goto_next_start = { - ["]m"] = { query = "@function.outer", desc = "Next method start" }, - ["]S"] = { query = "@statement.outer", desc = "Next statement start" }, - ["]]"] = { query = "@class.outer", desc = "Next class start" }, - }, - goto_next_end = { - ["]M"] = { query = "@function.outer", desc = "Next method end" }, - ["]["] = { query = "@class.outer", desc = "Next class end" }, - }, - goto_previous_start = { - ["[m"] = { query = "@function.outer", desc = "Previous method start" }, - ["[S"] = { query = "@statement.outer", desc = "Previous statement start" }, - ["[["] = { query = "@class.outer", desc = "Previous class start" }, - }, - goto_previous_end = { - ["[M"] = { query = "@function.outer", desc = "Previous method end" }, - ["[]"] = { query = "@class.outer", desc = "Previous class end" }, - }, - }, +}) + +require("nvim-treesitter-textobjects").setup({ + select = { + -- Jump to matching text objects + lookahead = true, + }, + move = { + -- Add to jump list + set_jumps = true, }, }) From 635fddc3388c4b2883bed382062ee8a5847a8dd7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 20 Jan 2026 12:26:37 +0000 Subject: [PATCH 467/485] home: vim: migrate to new 'nvim-treesitter' --- modules/home/vim/default.nix | 4 +- .../home/vim/plugin/settings/tree-sitter.lua | 42 +++++++++++++------ 2 files changed, 32 insertions(+), 14 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 726d4870..930a853a 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -60,8 +60,8 @@ in nvim-lspconfig # Easy LSP configuration lsp-format-nvim # Simplified formatting configuration none-ls-nvim # LSP integration for linters and formatters - nvim-treesitter-legacy.withAllGrammars # Better highlighting - nvim-treesitter-textobjects-legacy # More textobjects + nvim-treesitter.withAllGrammars # Better highlighting + nvim-treesitter-textobjects # More textobjects plenary-nvim # 'null-ls', 'telescope' dependency # Completion diff --git a/modules/home/vim/plugin/settings/tree-sitter.lua b/modules/home/vim/plugin/settings/tree-sitter.lua index cbb0d455..2958c2a9 100644 --- a/modules/home/vim/plugin/settings/tree-sitter.lua +++ b/modules/home/vim/plugin/settings/tree-sitter.lua @@ -1,4 +1,4 @@ -local ts_config = require("nvim-treesitter.configs") +local treesitter = require("nvim-treesitter") local ts_select = require("nvim-treesitter-textobjects.select") local ts_move = require("nvim-treesitter-textobjects.move") local utils = require("ambroisie.utils") @@ -54,17 +54,6 @@ local moves = { wk.add(objects) wk.add(moves) -ts_config.setup({ - highlight = { - enable = true, - -- Avoid duplicate highlighting - additional_vim_regex_highlighting = false, - }, - indent = { - enable = true, - }, -}) - require("nvim-treesitter-textobjects").setup({ select = { -- Jump to matching text objects @@ -75,3 +64,32 @@ require("nvim-treesitter-textobjects").setup({ set_jumps = true, }, }) + +-- Automatically setup treesitter for supported filetypes +local function treesitter_try_attach(buf, language) + -- Try to load language + -- NOTE: the best way I found to check if a filetype has a grammar + if not vim.treesitter.language.add(language) then + return false + end + + -- Syntax highlighting + vim.treesitter.start(buf, language) + -- Indentation + vim.bo.indentexpr = "v:lua.require('nvim-treesitter').indentexpr()" + + return true +end + +vim.api.nvim_create_autocmd("FileType", { + pattern = "*", + group = vim.api.nvim_create_augroup("treesitter_attach", { clear = true }), + callback = function(args) + local buf, filetype = args.buf, args.match + local language = vim.treesitter.language.get_lang(filetype) + if not language then + return + end + treesitter_try_attach(buf, language) + end, +}) From f3f0cb6a34eb339d0a60a064aef340e5415b50bf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 20 Jan 2026 12:27:26 +0000 Subject: [PATCH 468/485] overlays: remove 'nvim-treesitter-legacy-shim' With the migration complete, I do not need it anymore. This reverts commit bf260de243e55d02ae6be52678ccadc6ea77439b. --- .../nvim-treesitter-legacy-shim/default.nix | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 overlays/nvim-treesitter-legacy-shim/default.nix diff --git a/overlays/nvim-treesitter-legacy-shim/default.nix b/overlays/nvim-treesitter-legacy-shim/default.nix deleted file mode 100644 index d629f717..00000000 --- a/overlays/nvim-treesitter-legacy-shim/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -final: prev: -let - inherit (final) lib; - overrides = final: prev: - let - hasLegacyPackage = prev ? nvim-treesitter-legacy; - in - { - nvim-treesitter-textobjects-legacy = prev.nvim-treesitter-textobjects.overrideAttrs { - dependencies = [ final.nvim-treesitter-legacy ]; - }; - } // (lib.optionalAttrs (!hasLegacyPackage) { - nvim-treesitter-legacy = final.nvim-treesitter; - }); -in -{ - vimPlugins = prev.vimPlugins.extend (overrides); -} From bfd058da36a535ace178e66a3a9100b879e15b45 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Feb 2026 20:39:05 +0000 Subject: [PATCH 469/485] home: vim: git: map hunk-navigation in more modes --- modules/home/vim/plugin/settings/git.lua | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index fcae4252..2c4504dd 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -33,10 +33,6 @@ gitsigns.setup({ }) local keys = { - -- Navigation - { "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" }, - { "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" }, - -- Commands { "g", group = "Git" }, { "gb", gitsigns.toggle_current_line_blame, desc = "Toggle blame virtual text" }, { "gd", gitsigns.diffthis, desc = "Diff buffer" }, @@ -55,6 +51,12 @@ local keys = { { "g]", utils.partial(gitsigns.nav_hunk, "next"), desc = "Next hunk" }, } +local moves = { + mode = { "n", "x", "o" }, + { "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" }, + { "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" }, +} + local objects = { mode = "o", { "ih", gitsigns.select_hunk, desc = "git hunk" }, @@ -71,5 +73,6 @@ local visual = { } wk.add(keys) +wk.add(moves) wk.add(objects) wk.add(visual) From 89db8883e961a417f6a6c78fc3c7b3ad4794ffb8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 10 Feb 2026 14:53:14 +0000 Subject: [PATCH 470/485] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 3f7a9b57..dad55a08 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1762618334, - "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", + "lastModified": 1770165109, + "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=", "owner": "ryantm", "repo": "agenix", - "rev": "fcdea223397448d35d9b31f798479227e80183f6", + "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1768135262, - "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1769069492, - "narHash": "sha256-Efs3VUPelRduf3PpfPP2ovEB4CXT7vHf8W+xc49RL/U=", + "lastModified": 1770726378, + "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23", + "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1769442288, - "narHash": "sha256-p+Xqr+P22TYW2RqbwccSd4UlUDEwl7PnoW3qiH8wVoE=", + "lastModified": 1770654520, + "narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", "owner": "nix-community", "repo": "home-manager", - "rev": "384786dc70c4992643f916c7e57f378714fec4f1", + "rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1769170682, - "narHash": "sha256-oMmN1lVQU0F0W2k6OI3bgdzp2YOHWYUAw79qzDSjenU=", + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c5296fdd05cfa2c187990dd909864da9658df755", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1769444957, - "narHash": "sha256-2VIGLo/Xj7v+ZZqR/k2uoaZ75vpYB1FLa2UAW5ZhIK8=", + "lastModified": 1770732881, + "narHash": "sha256-yGkibRit67Pz1uo1Kk55kZBHQq90K3gc0N762JGW/uQ=", "owner": "nix-community", "repo": "NUR", - "rev": "9183819b926f1f58e8af86e86f28cc7d1e87698f", + "rev": "06490c1287ab62a8c5075c440fd3e247913bc29c", "type": "github" }, "original": { From f2ae223c665968d94c573c3a6eb37b7d19513e2d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Feb 2026 15:01:11 +0100 Subject: [PATCH 471/485] nixos: services: sabnzbd: fix deprecated config I want to have _some_ settings set outside my NixOS configuration, so keep the config-file writable. --- modules/nixos/services/sabnzbd/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/nixos/services/sabnzbd/default.nix b/modules/nixos/services/sabnzbd/default.nix index 9e0d9c3c..6c9eadd4 100644 --- a/modules/nixos/services/sabnzbd/default.nix +++ b/modules/nixos/services/sabnzbd/default.nix @@ -13,6 +13,11 @@ in services.sabnzbd = { enable = true; group = "media"; + + # Don't warn about the config file + configFile = null; + # I want to configure servers outside of Nix + allowConfigWrite = true; }; # Set-up media group From c8f9e002f62e770be83d9af56a58f176b92a7474 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Feb 2026 15:08:09 +0100 Subject: [PATCH 472/485] nixos: services: sabnzbd: add 'port' option --- modules/nixos/services/sabnzbd/default.nix | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/modules/nixos/services/sabnzbd/default.nix b/modules/nixos/services/sabnzbd/default.nix index 6c9eadd4..37ba96cf 100644 --- a/modules/nixos/services/sabnzbd/default.nix +++ b/modules/nixos/services/sabnzbd/default.nix @@ -2,11 +2,17 @@ { config, lib, ... }: let cfg = config.my.services.sabnzbd; - port = 9090; # NOTE: not declaratively set... in { options.my.services.sabnzbd = with lib; { enable = mkEnableOption "SABnzbd binary news reader"; + + port = mkOption { + type = types.port; + default = 9090; + example = 4242; + description = "The port on which SABnzbd will listen for incoming HTTP traffic"; + }; }; config = lib.mkIf cfg.enable { @@ -18,6 +24,13 @@ in configFile = null; # I want to configure servers outside of Nix allowConfigWrite = true; + + settings = { + misc = { + host = "127.0.0.1"; + inherit (cfg) port; + }; + }; }; # Set-up media group @@ -25,7 +38,7 @@ in my.services.nginx.virtualHosts = { sabnzbd = { - inherit port; + inherit (cfg) port; }; }; From 72efb0c7eae9a14c26e702dbca0ebbd1c2822f46 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Feb 2026 19:46:25 +0100 Subject: [PATCH 473/485] hosts: nixos: porthos: secrets: update cross-seed --- .../servarr/cross-seed/configuration.json.age | Bin 2031 -> 3119 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age index 94fdf975d6418d394c62c42e572374b24865a776..b8cbe6aa7d2a5491342a62798ddaf2830e28cb7d 100644 GIT binary patch literal 3119 zcmdM|0Vh{?Pd^1mcUJ{hKj)yxfDl&~1vgJ0SCE`8S7dlfj!$@4X{522X|hL9L6VV4 zX_B#5o{w>4g>$BXwx@?*Rid+DPLzwMp-OH&<9-en~*4 zV_9IZMXqOvUzksLN@Y~ITUAuBlY5Yhle>?BVRnjRfvaz5SW%!+L2;r-RAo?zt4Xql zpGjbdV-Z(KXoX==M7B||L5Znzra_5Mu#<6!YlVAiXhu$CZct%VmXk?{tEEY>foEl4 zR*+eUhm(PCSb<4WZlqyUSX4Pza70d4Vor){RJd!obDn=nx{p&~aaOo*qH9ukKuVTx zS&+YTsk2*-c6OCtu5)T~Sa7OqQktc4X^xY5ScS0xSBQaIu4h(?QDT{EmU*#LzF$&F zgjryfTe4GXNI+#)xuJP}xItucQeIhEd0s_TQKoU3Pqt@?aa3-lQJHH}6<3%~cy3u} zNUm=|Xr@7#v2UJtYGuB!qq(_rV5woEuZdrIgppa9g{5z)pMjZMnqx(%f0RL>WoB4# zp@mn7vpH94P)bCEi+)yEs=Gl+s)2imXHjLienqfvxNnhTx<__qS)zZYk8w$fzn^Pb zs+)gRx{FgmQCg6pdzDF6K#4O~s#!sPqQGkVa zx?8weR(eIMcCN8ux^G&Ek#}-tRElGGg?~zAW@Je=m#KbYak-8G`MU_jAi*sg{Z)kCGgpsFVnv+v@nP-8MK~RuIQGiRXV`gSqrSdNg}G~JQese$QL0OTb5%q{u6u5}iK&rKqJ@E@V?ddav4>-% zuSIEbkh6JGWp-3Rva6$`Q${dXXh2Y)nR9rirKMTAX;EIWk+HrNB*v8#c5Rhf&nMXp(ZVV-H2Wr(Azi>YHemqnR-g+*p+Mwv&UxuI{6XGy71 zl5<&TPHCc9Zc15rXnBT*w_k9ob7qlyNl3YweoA7bkBhc(Vpe)?nn$RsE0=q&Ur3N& zK%jx6p_xH;zPYQVsY_r+SxKRnsdGtjq<>;nezCt{R*F$@YN?N(YpPFPxtB#{lwXju zPfnnvxj$D~iEnmgK$2y8u47t7SxAzhvw?SBs7bm(VoEVRA)=f1;zgcVtnacThf8U~!^nVMJn1ct(a}aHyk+XK8U-SV@(6VUS6pX=t{$ zPobMhR+&$^n|psE>JyQ$Suws%eUwpRq}Ju9rcYQA$}#c#yeQ zkdaA5fssdXT6T7zwwHf$zF8udp=VB*c3MWMt-7Eq=$EKl!ZwmSCwJ5m!)$_T7jXncDbojwu_&> zS8kHNzh9VR zZ(e%2rC)eiSZ;AniMK^ST1i-{Q)ZyPqmPGippScGpj&8WqGM8Ev5%osK%jAjkF&nM ztC@F3XcU*Pxpt_FKv|hZZnAz>qJ?>&S!Iz|o@ID= zm`7@Wp_yTtOHp!GXi9`>5X|}eTc|c)#prLC;c4l&wd%90i za=C9-PD+|vhIg{NcWR!8MTL2oTc%5tTTw)wTS|pDmws`HtADC%kZEb5U!GY;Wnoxu zq`OZ*v2$g*Wtd5&i&vgca+G7fw~1G>ey~AmW`4R)k+XS3aA8tKMNnCmDVMKHSYp0e zu}Ni~Q<8U?xv#%LQDAXIpii!gr@LuNfwzmRez-+$XsEtVaax*pfTc@BuxDXWNp@wW zdq75!sUcT{VX~`!a=y2jc}hjTNvf~8QE_&8NU(2lP-%#vaiCdIq+yA9u6|^yhe@J) zvPr17yLNd{N_wfWS(#66WQrwMnTw};Zl$w_c7bQEN1}UJx>2E@Yg&q9nWtx{yPv;F zqL+tfaDaZLc4b*cqNRCKZbW)mo{^z`sCjZlzIkNZo^ye7VNr>bQ+8gMGnbJ;ib+aV zSaMKSP^G?kp=XLmwn1TLfoW<=R+vjwdPJzVsj0JLxvNR0ab-|xMOaW`MwyFafJ;=7 zep+E}l^IutepX77WsY~4Pfl2hw_$2#mRD7zNxFAoUXizxmtj;%g@>cIk6*rTd8tL3 zep;njWu#A1L{+(gv0FufZ$OPwpT@Po_ShYP^h_UK%$p-M5Tp$ zZgx^wYEfcUNKj#vzf+ijexNs3m04v(iA#2tsb#pCe~NLQwtMuvxx zXL_o3WMyJvfK!o2KxSg1d#P(kae;H1b67~Ji)TeTmr+1LRJvJ~cZgGzV^FG}xl?MW zqqbR!p>}48e||=Wd1zH$W=V;0URtt#x?8YIrn7Hlc2QBNcc{63Nl{6NK37h7fnj#2 ztG}07kWZpxSV>BvL5ORJS4d!yiBpzOh^c=`xud(KOL3A{m1BresBw_9OOB_hOJzW+ zg-4*dTRxYwi(6(+q_&q?YJOUXTWLm^o2Pqvj%!*;Nvg4NWK?cdXjze0a=D9#c6g~z dsE?UZRiv?{u}hM_qpd9$xWVu0=Yq2@004Qv`|1Dy literal 2031 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;<=S&$J9m zF108%Ez1fnwba%(@lP*Gv8;3pa4ITEa}G-n@GUjXG)>PAwBQQ!PmHukbu};XDaucD z&U7>_!m*q%D~GW!PCyAa=HPkhbXbVF37 zN?-GNd`T7B8omGaZol8#dRXti*uqeG!fCfmmqMUWnFOQqq01_JHaw2M5yI+fsQ&KG z^;1^+T2(5`xDBq(c%ySg^gw&a54{aGOE*~S$ZlM|vHfpUz?$5OLj{h9cDS1#y}xO_ zLPheMIX_=qX;-rfjCyCRvpJq=XT{o&)(+vvofO2`r&=CZ6xenuR)21d!&L7bdTYc= zLRawg?K)6*U0Zi?g3M&+hfDH4MY%GZyIb|5$M(Tg$;?inturkgj$Cn?HA&oN&q>*d z%j-_D9KL^(xx`Y#*#2;2Tk};p!Goa_9{fFLEF2WYr!0H+-AYr=0EGqj?(Yt>XF4Ff z^LVF#gTiOoH``>~kGU?fZ0Fs&n^Sp(WrX3ecA=sr@0}U6uieeCGqGRlZ+^IFKd}_&m#(Kht>q1$~?7h-IrI~ z%&SkOu>6!LUVgh?F8FEI=G%@PI}5)Uy%oJEr}TA>qx1J0-VF19e_!)T&sBKVYnCf! z4xgQhp43*i%AVLbk6%ss>E8Mb%VV|*_Ay&O{MwMDdso1tQGxeEs(${@4C$FKk1JnW_UhKtZ6`fU&L^<*s@-@}=JhGRYfj>0seJ3L z^O_GVl5Dh`xkg?fr}R*Azs36*^81y}9hB_OQBsm(E^y_L5lNqv6;$YP^qr-wh3fOD zjaCnf+*_Wh?f$f8*WIT<-`&ool<`Wgm|XZ^*~-gj&-*O;Qghv`FN-(z)9m+-N8U&B zt995tZ}WQJ!d{XqWODsp%)2YE<82OpU9&KK|6QfDErO-qO~%1Gk6I?5zu&y>{Krp^ zYOAE;vgbNgC`^C;YY|tS&GxU;)`;D#QDsfsZl6C({NUrz;_B1_=fy5LIdQ+W=JsBW z%nm*x^*YF&WF4f%bacs3anas8oq8>zcl;?xnIWXIFk_~9f7XTzT-QA}J@4i3{Bbctb2ra0Y`ZMgewZzp!SLVqDv#rWyUy*%TIj5Qnnm;M#5Gp- zmRl7U{A>*SH1FD@)^*WG1LnWCJ9Sic8N-wKz2|HN1Q_fC&CX~vUh$gZ{d0+wzq$IJ z&Gu*ZPwGFgcfQG#*o%3*4cxwNP6wU6UDm$2{)WHjNBfg}f91z=>nEK5wmQG|*T%vp zugUpj5qt5jvDxYAG8`$p`}cS0uK8!4wBd<@xa5ov-@>x` z4YxeF|KPXg(WwiqZH=k|s~OU!>h#QKwp+$GFD?D!my!U6gBn}j3M?G5IK4cBmr8yEjszWJTf zp1W!cj|^YLd89JDQEszyTYUQNp5XT0Nv|6oOkb2T!}#*+l9x$$F8u1*eEf3cUF%C4 zK`Ylzw45Bhf9}s-jdQ1puDPiMsW0iazjEVWY436#4iUuytqpbFRcg%T-vqDc6s{=g z4Jk}MwrrQLDd(G*jh+&7GI&|bm=9iYX7k+?#ah`e5XX1^e8pw$L(jEi&2pb)PMa+i zFva=c(QQUn47`Oi_WNAlX{^l28dhHW(0{s6O$>+bT+YbNvq~3Q>UY;AW&R7x@b Date: Wed, 18 Feb 2026 11:18:41 +0000 Subject: [PATCH 474/485] pkgs: i3-get-window-criteria: fix 'xorg' packages The `xorg` namespace is about to be removed in my next bump, so let's pro-actively remove them now. --- pkgs/i3-get-window-criteria/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix index 2fc840dc..cba51944 100644 --- a/pkgs/i3-get-window-criteria/default.nix +++ b/pkgs/i3-get-window-criteria/default.nix @@ -1,4 +1,4 @@ -{ lib, coreutils, gnused, makeWrapper, stdenvNoCC, xorg }: +{ lib, coreutils, gnused, makeWrapper, stdenvNoCC, xprop, xwininfo }: stdenvNoCC.mkDerivation rec { pname = "i3-get-window-criteria"; version = "0.1.0"; @@ -22,8 +22,8 @@ stdenvNoCC.mkDerivation rec { wrapperPath = lib.makeBinPath [ coreutils gnused - xorg.xprop - xorg.xwininfo + xprop + xwininfo ]; fixupPhase = '' From 4704b34db3e248abab508f0f8c2b5c6f45a26549 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Feb 2026 21:40:35 +0100 Subject: [PATCH 475/485] overlays: downgrade-transmission: add derivation I need to vendor the full derivation definition, as upstream diverges further and further away from 4.0.5. On the next bump, the packaging for 4.1.0 starts becoming sufficiently different to break my overlay. --- overlays/downgrade-transmission/default.nix | 17 +- .../downgrade-transmission/transmission_4.nix | 232 ++++++++++++++++++ 2 files changed, 237 insertions(+), 12 deletions(-) create mode 100644 overlays/downgrade-transmission/transmission_4.nix diff --git a/overlays/downgrade-transmission/default.nix b/overlays/downgrade-transmission/default.nix index 9d3fc8ae..9fc6d140 100644 --- a/overlays/downgrade-transmission/default.nix +++ b/overlays/downgrade-transmission/default.nix @@ -1,14 +1,7 @@ -self: prev: +self: _prev: { - transmission_4 = prev.transmission_4.overrideAttrs (_: { - version = "4.0.5"; - - src = self.fetchFromGitHub { - owner = "transmission"; - repo = "transmission"; - rev = "4.0.5"; - hash = "sha256-gd1LGAhMuSyC/19wxkoE2mqVozjGPfupIPGojKY0Hn4="; - fetchSubmodules = true; - }; - }); + transmission_4 = self.callPackage ./transmission_4.nix { + fmt = self.fmt_9; + libutp = self.libutp_3_4; + }; } diff --git a/overlays/downgrade-transmission/transmission_4.nix b/overlays/downgrade-transmission/transmission_4.nix new file mode 100644 index 00000000..a49f6b9b --- /dev/null +++ b/overlays/downgrade-transmission/transmission_4.nix @@ -0,0 +1,232 @@ +{ stdenv +, lib +, fetchFromGitHub +, fetchpatch2 +, cmake +, pkg-config +, python3 +, openssl +, curl +, libevent +, inotify-tools +, systemd +, zlib +, pcre +, libb64 +, libutp +, libdeflate +, utf8cpp +, fast-float +, fmt +, libpsl +, miniupnpc +, dht +, libnatpmp +, # Build options + enableGTK3 ? false +, gtkmm3 +, libpthread-stubs +, wrapGAppsHook3 +, enableQt5 ? false +, enableQt6 ? false +, qt5 +, qt6Packages +, nixosTests +, enableSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd +, enableDaemon ? true +, enableCli ? true +, installLib ? false +, apparmorRulesFromClosure +}: + +let + inherit (lib) cmakeBool optionals; + + apparmorRules = apparmorRulesFromClosure { name = "transmission-daemon"; } ( + [ + curl + libdeflate + libevent + libnatpmp + libpsl + miniupnpc + openssl + pcre + zlib + ] + ++ optionals enableSystemd [ systemd ] + ++ optionals stdenv.hostPlatform.isLinux [ inotify-tools ] + ); + +in +stdenv.mkDerivation (finalAttrs: { + pname = "transmission"; + version = "4.0.5"; + + src = fetchFromGitHub { + owner = "transmission"; + repo = "transmission"; + rev = finalAttrs.version; + hash = "sha256-gd1LGAhMuSyC/19wxkoE2mqVozjGPfupIPGojKY0Hn4="; + fetchSubmodules = true; + }; + + patches = [ + (fetchpatch2 { + url = "https://github.com/transmission/transmission/commit/febfe49ca3ecab1a7142ecb34012c1f0b2bcdee8.patch?full_index=1"; + hash = "sha256-Ge0+AXf/ilfMieGBAdvvImY7JOb0gGIdeKprC37AROs="; + excludes = [ + # The submodule that we don't use (we use our miniupnp) + "third-party/miniupnp" + # Hunk fails for this one, but we don't care because we don't rely upon + # xcode definitions even for the Darwin build. + "Transmission.xcodeproj/project.pbxproj" + ]; + }) + ]; + + outputs = [ + "out" + "apparmor" + ]; + + cmakeFlags = [ + (cmakeBool "ENABLE_CLI" enableCli) + (cmakeBool "ENABLE_DAEMON" enableDaemon) + (cmakeBool "ENABLE_GTK" enableGTK3) + (cmakeBool "ENABLE_MAC" false) # requires xcodebuild + (cmakeBool "ENABLE_QT" (enableQt5 || enableQt6)) + (cmakeBool "INSTALL_LIB" installLib) + ] + ++ optionals stdenv.hostPlatform.isDarwin [ + # Transmission sets this to 10.13 if not explicitly specified, see https://github.com/transmission/transmission/blob/0be7091eb12f4eb55f6690f313ef70a66795ee72/CMakeLists.txt#L7-L16. + "-DCMAKE_OSX_DEPLOYMENT_TARGET=${stdenv.hostPlatform.darwinMinVersion}" + ]; + + postPatch = '' + # Clean third-party libraries to ensure system ones are used. + # Excluding gtest since it is hardcoded to vendored version. The rest of the listed libraries are not packaged. + pushd third-party + for f in *; do + if [[ ! $f =~ googletest|wildmat|wide-integer|jsonsl ]]; then + rm -r "$f" + fi + done + popd + rm \ + cmake/FindFastFloat.cmake \ + cmake/FindFmt.cmake \ + cmake/FindUtfCpp.cmake + # Upstream uses different config file name. + substituteInPlace CMakeLists.txt --replace 'find_package(UtfCpp)' 'find_package(utf8cpp)' + + # Use gettext even on Darwin + substituteInPlace libtransmission/utils.h \ + --replace-fail '#if defined(HAVE_GETTEXT) && !defined(__APPLE__)' '#if defined(HAVE_GETTEXT)' + ''; + + nativeBuildInputs = [ + pkg-config + cmake + python3 + ] + ++ optionals enableGTK3 [ wrapGAppsHook3 ] + ++ optionals enableQt5 [ qt5.wrapQtAppsHook ] + ++ optionals enableQt6 [ qt6Packages.wrapQtAppsHook ]; + + buildInputs = [ + curl + dht + fast-float + fmt + libb64 + libdeflate + libevent + libnatpmp + libpsl + libutp + miniupnpc + openssl + pcre + utf8cpp + zlib + ] + ++ optionals enableQt5 ( + with qt5; + [ + qttools + qtbase + ] + ) + ++ optionals enableQt6 ( + with qt6Packages; + [ + qttools + qtbase + qtsvg + ] + ) + ++ optionals enableGTK3 [ + gtkmm3 + libpthread-stubs + ] + ++ optionals enableSystemd [ systemd ] + ++ optionals stdenv.hostPlatform.isLinux [ inotify-tools ]; + + postInstall = '' + mkdir $apparmor + cat >$apparmor/bin.transmission-daemon <, + include + profile $out/bin/transmission-daemon { + include + include + include + include "${apparmorRules}" + @{PROC}/sys/kernel/random/uuid r, + @{PROC}/sys/vm/overcommit_memory r, + @{PROC}/@{pid}/environ r, + @{PROC}/@{pid}/mounts r, + /tmp/tr_session_id_* rwk, + + $out/share/transmission/public_html/** r, + + include if exists + } + EOF + install -Dm0444 -t $out/share/icons ../qt/icons/transmission.svg + ''; + + passthru.tests = { + apparmor = nixosTests.transmission_4; # starts the service with apparmor enabled + smoke-test = nixosTests.bittorrent; + }; + + meta = { + description = "Fast, easy and free BitTorrent client"; + mainProgram = + if (enableQt5 || enableQt6) then + "transmission-qt" + else if enableGTK3 then + "transmission-gtk" + else + "transmission-cli"; + longDescription = '' + Transmission is a BitTorrent client which features a simple interface + on top of a cross-platform back-end. + Feature spotlight: + * Uses fewer resources than other clients + * Native Mac, GTK and Qt GUI clients + * Daemon ideal for servers, embedded systems, and headless use + * All these can be remote controlled by Web and Terminal clients + * Bluetack (PeerGuardian) blocklists with automatic updates + * Full encryption, DHT, and PEX support + ''; + homepage = "https://www.transmissionbt.com/"; + license = with lib.licenses; [ + gpl2Plus + mit + ]; + platforms = lib.platforms.unix; + }; +}) From 89bd3aa428ab9bb37c61f2fa0e75c755b37bc3c3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Feb 2026 15:21:56 +0100 Subject: [PATCH 476/485] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index dad55a08..1f7bb189 100644 --- a/flake.lock +++ b/flake.lock @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1770654520, - "narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", + "lastModified": 1771505064, + "narHash": "sha256-lh9rF+C/nKFyWAqbHIa6tK9L/6N0UaQg7zw15aP4jBM=", "owner": "nix-community", "repo": "home-manager", - "rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", + "rev": "a0a01d8811fd5e99e003078ed64a0e7b531545dd", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1770562336, - "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", + "lastModified": 1771369470, + "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", + "rev": "0182a361324364ae3f436a63005877674cf45efb", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1770732881, - "narHash": "sha256-yGkibRit67Pz1uo1Kk55kZBHQq90K3gc0N762JGW/uQ=", + "lastModified": 1771506707, + "narHash": "sha256-R9oBi0EPsWN4bHfYgcyiSzx31/Fkgg3IHubf30II7Ow=", "owner": "nix-community", "repo": "NUR", - "rev": "06490c1287ab62a8c5075c440fd3e247913bc29c", + "rev": "30ad144e51a0ae8b47aa84c1139e84fc278d6e86", "type": "github" }, "original": { From 354118ada1f758922acbc4660c12a1902a810382 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Jan 2026 14:54:11 +0000 Subject: [PATCH 477/485] treewide: remove unused 'with pkgs' --- modules/home/calibre/default.nix | 2 +- modules/home/gdb/default.nix | 2 +- modules/home/trgui/default.nix | 2 +- templates/c++-cmake/flake.nix | 2 +- templates/c++-meson/flake.nix | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/home/calibre/default.nix b/modules/home/calibre/default.nix index de7c1263..fcd62f86 100644 --- a/modules/home/calibre/default.nix +++ b/modules/home/calibre/default.nix @@ -10,7 +10,7 @@ in }; config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ + home.packages = [ cfg.package ]; }; diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index 1ffc6bd9..b7c3aca5 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -17,7 +17,7 @@ in config = lib.mkIf cfg.enable (lib.mkMerge [ { - home.packages = with pkgs; [ + home.packages = [ cfg.package ]; diff --git a/modules/home/trgui/default.nix b/modules/home/trgui/default.nix index ee545a98..63df3550 100644 --- a/modules/home/trgui/default.nix +++ b/modules/home/trgui/default.nix @@ -10,7 +10,7 @@ in }; config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ + home.packages = [ cfg.package ]; }; diff --git a/templates/c++-cmake/flake.nix b/templates/c++-cmake/flake.nix index 7796f5e5..eb2767d6 100644 --- a/templates/c++-cmake/flake.nix +++ b/templates/c++-cmake/flake.nix @@ -95,7 +95,7 @@ self.packages.${system}.project ]; - packages = with pkgs; [ + packages = [ self.checks.${system}.pre-commit.enabledPackages ]; diff --git a/templates/c++-meson/flake.nix b/templates/c++-meson/flake.nix index cb14eb56..44189179 100644 --- a/templates/c++-meson/flake.nix +++ b/templates/c++-meson/flake.nix @@ -95,7 +95,7 @@ self.packages.${system}.project ]; - packages = with pkgs; [ + packages = [ self.checks.${system}.pre-commit.enabledPackages ]; From b776c356929e84d876364e77e0ab5fad064763e0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Jan 2026 17:52:23 +0000 Subject: [PATCH 478/485] treewide: remove redundant 'builtins' I keep forgetting `map` and `removeAttrs` are included at the top-level in the prelude. --- modules/home/mail/accounts/default.nix | 2 +- modules/home/wm/i3bar/default.nix | 2 +- modules/nixos/programs/steam/default.nix | 2 +- modules/nixos/services/backup/default.nix | 2 +- modules/nixos/services/nginx/default.nix | 6 +++--- overlays/default.nix | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/home/mail/accounts/default.nix b/modules/home/mail/accounts/default.nix index 5216ad5e..ca5e6ea6 100644 --- a/modules/home/mail/accounts/default.nix +++ b/modules/home/mail/accounts/default.nix @@ -11,7 +11,7 @@ let lib.mkDefault [ (lib.getExe pkgs.ambroisie.rbw-pass) "Mail" passName ]; address = mkMailAddress address domain; - aliases = builtins.map (lib.flip mkMailAddress domain) aliases; + aliases = map (lib.flip mkMailAddress domain) aliases; inherit primary; diff --git a/modules/home/wm/i3bar/default.nix b/modules/home/wm/i3bar/default.nix index 5ae0e7d7..28c19355 100644 --- a/modules/home/wm/i3bar/default.nix +++ b/modules/home/wm/i3bar/default.nix @@ -69,7 +69,7 @@ in inactive_state = "Idle"; }; in - builtins.map (block: defaults // block) cfg.vpn.blockConfigs + map (block: defaults // block) cfg.vpn.blockConfigs ) ) { diff --git a/modules/nixos/programs/steam/default.nix b/modules/nixos/programs/steam/default.nix index 0c7f9dad..c859bdb2 100644 --- a/modules/nixos/programs/steam/default.nix +++ b/modules/nixos/programs/steam/default.nix @@ -23,7 +23,7 @@ in enable = true; }; - environment.systemPackages = builtins.map lib.hiPrio [ + environment.systemPackages = map lib.hiPrio [ # Respect XDG conventions, leave my HOME alone (pkgs.writeShellScriptBin "steam" '' mkdir -p "${cfg.dataDir}" diff --git a/modules/nixos/services/backup/default.nix b/modules/nixos/services/backup/default.nix index 8aeeae19..79884063 100644 --- a/modules/nixos/services/backup/default.nix +++ b/modules/nixos/services/backup/default.nix @@ -96,7 +96,7 @@ in # Contains the UID/GID map, and other useful state "/var/lib/nixos" # SSH host keys (and public keys for convenience) - (builtins.map (key: [ key.path "${key.path}.pub" ]) config.services.openssh.hostKeys) + (map (key: [ key.path "${key.path}.pub" ]) config.services.openssh.hostKeys) ]; services.restic.backups.backblaze = { diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index ff530b0a..153a299f 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -188,14 +188,14 @@ in ++ (lib.flip lib.mapAttrsToList cfg.virtualHosts (_: { subdomain, ... } @ args: let conflicts = [ "port" "root" "socket" "redirect" ]; - optionsNotNull = builtins.map (v: args.${v} != null) conflicts; + optionsNotNull = map (v: args.${v} != null) conflicts; optionsSet = lib.filter lib.id optionsNotNull; in { assertion = builtins.length optionsSet == 1; message = '' Subdomain '${subdomain}' must have exactly one of ${ - lib.concatStringsSep ", " (builtins.map (v: "'${v}'") conflicts) + lib.concatStringsSep ", " (map (v: "'${v}'") conflicts) } configured. ''; })) @@ -208,7 +208,7 @@ in assertion = args.websocketsLocations != [ ] -> proxyPassUsed; message = '' Subdomain '${subdomain}' can only use 'websocketsLocations' with one of ${ - lib.concatStringsSep ", " (builtins.map (v: "'${v}'") proxyPass) + lib.concatStringsSep ", " (map (v: "'${v}'") proxyPass) }. ''; })) diff --git a/overlays/default.nix b/overlays/default.nix index 683e021b..d3e30aa8 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,6 +1,6 @@ # Automatically import all overlays in the directory let files = builtins.readDir ./.; - overlays = builtins.removeAttrs files [ "default.nix" ]; + overlays = removeAttrs files [ "default.nix" ]; in builtins.mapAttrs (name: _: import "${./.}/${name}") overlays From 0694be19251db5f8706b1c08fb202e2a484098d6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 12 Jan 2026 14:55:47 +0000 Subject: [PATCH 479/485] nixos: services: servarr: remove redundant 'lib' My personal style preference (currently) is to use `with lib` on option declarations, avoiding the `lib` prefix. --- modules/nixos/services/servarr/bazarr.nix | 2 +- modules/nixos/services/servarr/jackett.nix | 2 +- modules/nixos/services/servarr/nzbhydra.nix | 2 +- modules/nixos/services/servarr/prowlarr.nix | 2 +- modules/nixos/services/servarr/starr.nix | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/nixos/services/servarr/bazarr.nix b/modules/nixos/services/servarr/bazarr.nix index 637da0c7..67d34169 100644 --- a/modules/nixos/services/servarr/bazarr.nix +++ b/modules/nixos/services/servarr/bazarr.nix @@ -4,7 +4,7 @@ let in { options.my.services.servarr.bazarr = with lib; { - enable = lib.mkEnableOption "Bazarr" // { + enable = mkEnableOption "Bazarr" // { default = config.my.services.servarr.enableAll; }; diff --git a/modules/nixos/services/servarr/jackett.nix b/modules/nixos/services/servarr/jackett.nix index 481cd3de..8e8a5c3e 100644 --- a/modules/nixos/services/servarr/jackett.nix +++ b/modules/nixos/services/servarr/jackett.nix @@ -4,7 +4,7 @@ let in { options.my.services.servarr.jackett = with lib; { - enable = lib.mkEnableOption "Jackett" // { + enable = mkEnableOption "Jackett" // { default = config.my.services.servarr.enableAll; }; diff --git a/modules/nixos/services/servarr/nzbhydra.nix b/modules/nixos/services/servarr/nzbhydra.nix index 7b639869..f2f82ac2 100644 --- a/modules/nixos/services/servarr/nzbhydra.nix +++ b/modules/nixos/services/servarr/nzbhydra.nix @@ -4,7 +4,7 @@ let in { options.my.services.servarr.nzbhydra = with lib; { - enable = lib.mkEnableOption "NZBHydra2" // { + enable = mkEnableOption "NZBHydra2" // { default = config.my.services.servarr.enableAll; }; }; diff --git a/modules/nixos/services/servarr/prowlarr.nix b/modules/nixos/services/servarr/prowlarr.nix index ce044c63..6825843c 100644 --- a/modules/nixos/services/servarr/prowlarr.nix +++ b/modules/nixos/services/servarr/prowlarr.nix @@ -5,7 +5,7 @@ let in { options.my.services.servarr.prowlarr = with lib; { - enable = lib.mkEnableOption "Prowlarr" // { + enable = mkEnableOption "Prowlarr" // { default = config.my.services.servarr.enableAll; }; diff --git a/modules/nixos/services/servarr/starr.nix b/modules/nixos/services/servarr/starr.nix index 2bf7c114..0ccdaa42 100644 --- a/modules/nixos/services/servarr/starr.nix +++ b/modules/nixos/services/servarr/starr.nix @@ -12,7 +12,7 @@ let in { options.my.services.servarr.${starr} = with lib; { - enable = lib.mkEnableOption (lib.toSentenceCase starr) // { + enable = mkEnableOption (lib.toSentenceCase starr) // { default = config.my.services.servarr.enableAll; }; From 854a9729724a5a748cc61e15e4523247ba52ac5c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Jan 2026 17:55:52 +0000 Subject: [PATCH 480/485] flake: checks: enable 'nixf-diagnose' --- flake/checks.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/flake/checks.nix b/flake/checks.nix index 73e64d52..01d3c7a5 100644 --- a/flake/checks.nix +++ b/flake/checks.nix @@ -15,6 +15,10 @@ enable = true; }; + nixf-diagnose = { + enable = true; + }; + nixpkgs-fmt = { enable = true; }; From d94f9564340c71d18a957b3b3a7c78ce70d7fec0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 26 Feb 2026 15:47:36 +0000 Subject: [PATCH 481/485] flake: bump inputs And fix a package change. --- flake.lock | 30 +++++++++++++++--------------- modules/home/mpv/default.nix | 2 +- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 1f7bb189..3faacc8b 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1769996383, - "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", + "lastModified": 1772408722, + "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1770726378, - "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", + "lastModified": 1772024342, + "narHash": "sha256-+eXlIc4/7dE6EcPs9a2DaSY3fTA9AE526hGqkNID3Wg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", + "rev": "6e34e97ed9788b17796ee43ccdbaf871a5c2b476", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1771505064, - "narHash": "sha256-lh9rF+C/nKFyWAqbHIa6tK9L/6N0UaQg7zw15aP4jBM=", + "lastModified": 1772633327, + "narHash": "sha256-jl+DJB2DUx7EbWLRng+6HNWW/1/VQOnf0NsQB4PlA7I=", "owner": "nix-community", "repo": "home-manager", - "rev": "a0a01d8811fd5e99e003078ed64a0e7b531545dd", + "rev": "5a75730e6f21ee624cbf86f4915c6e7489c74acc", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1771369470, - "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=", + "lastModified": 1772638773, + "narHash": "sha256-hxYz2avAoL3bSuAsllNKdRIcSjZRzE0c+1vbPe6RFNk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0182a361324364ae3f436a63005877674cf45efb", + "rev": "9b91b0810a0fc78c2b9179390fd3a0295ec7107d", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1771506707, - "narHash": "sha256-R9oBi0EPsWN4bHfYgcyiSzx31/Fkgg3IHubf30II7Ow=", + "lastModified": 1772638553, + "narHash": "sha256-RTdoij40R7JMeORObiBLfT7VjwHpLxLTBR6hO/mplSk=", "owner": "nix-community", "repo": "NUR", - "rev": "30ad144e51a0ae8b47aa84c1139e84fc278d6e86", + "rev": "7a914a204156d118c4e98706a71f68a044c881ae", "type": "github" }, "original": { diff --git a/modules/home/mpv/default.nix b/modules/home/mpv/default.nix index 8af394cf..207d601f 100644 --- a/modules/home/mpv/default.nix +++ b/modules/home/mpv/default.nix @@ -13,7 +13,7 @@ in scripts = [ pkgs.mpvScripts.mpris # Allow controlling using media keys - pkgs.mpvScripts.mpv-cheatsheet # Show some simple mappings on '?' + pkgs.mpvScripts.mpv-cheatsheet-ng # Show some simple mappings on '?' pkgs.mpvScripts.uosc # Nicer UI ]; }; From 8103562170ce6ced978a59ab7f24e7de1307400b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Mar 2026 21:24:42 +0100 Subject: [PATCH 482/485] nixos: services: nextcloud: bump to 33 --- modules/nixos/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 24515ffe..ae6d5436 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -35,7 +35,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud32; + package = pkgs.nextcloud33; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From b3c0321b4038f15eb035e076da5e6be43a889d66 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 4 Mar 2026 22:00:49 +0100 Subject: [PATCH 483/485] nixos: system: documentation: fix renamed option --- modules/nixos/system/documentation/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/nixos/system/documentation/default.nix b/modules/nixos/system/documentation/default.nix index 304c8117..0956a4b5 100644 --- a/modules/nixos/system/documentation/default.nix +++ b/modules/nixos/system/documentation/default.nix @@ -29,7 +29,10 @@ in man = { enable = cfg.man.enable; - generateCaches = true; + + cache = { + enable = true; + }; }; nixos.enable = cfg.nixos.enable; From 36c34eb12ae7396a04cd84a2e3be940f427db850 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 16 Mar 2026 14:25:07 +0000 Subject: [PATCH 484/485] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 3faacc8b..f33747b0 100644 --- a/flake.lock +++ b/flake.lock @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1772024342, - "narHash": "sha256-+eXlIc4/7dE6EcPs9a2DaSY3fTA9AE526hGqkNID3Wg=", + "lastModified": 1772893680, + "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "6e34e97ed9788b17796ee43ccdbaf871a5c2b476", + "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", "type": "github" }, "original": { @@ -159,11 +159,11 @@ ] }, "locked": { - "lastModified": 1772633327, - "narHash": "sha256-jl+DJB2DUx7EbWLRng+6HNWW/1/VQOnf0NsQB4PlA7I=", + "lastModified": 1773666768, + "narHash": "sha256-7XvLaFMQOsfWrK+msO0Oqe5CeNYsAlSGjrl5y14gA6w=", "owner": "nix-community", "repo": "home-manager", - "rev": "5a75730e6f21ee624cbf86f4915c6e7489c74acc", + "rev": "ca53f083dbd4c83dd5dca8a3099374708e155c32", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1772638773, - "narHash": "sha256-hxYz2avAoL3bSuAsllNKdRIcSjZRzE0c+1vbPe6RFNk=", + "lastModified": 1773579282, + "narHash": "sha256-LWvZj9Bvm1EuoO6zbX4yjZebwnZNfeTbmCJGS7RGQ3Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9b91b0810a0fc78c2b9179390fd3a0295ec7107d", + "rev": "5a88de74db0e948139be4b46f9a94d64aa11391c", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1772638553, - "narHash": "sha256-RTdoij40R7JMeORObiBLfT7VjwHpLxLTBR6hO/mplSk=", + "lastModified": 1773668952, + "narHash": "sha256-h6429piA06biF5pvpivmySNPxD9pRPR/9gp0w4SeeAs=", "owner": "nix-community", "repo": "NUR", - "rev": "7a914a204156d118c4e98706a71f68a044c881ae", + "rev": "b33e4c245dfbc30b80b7e67bf51071d4ad603ff4", "type": "github" }, "original": { From 38dc0488a930b5a9410b3faec86fd2f9d28923d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 16 Mar 2026 14:27:02 +0000 Subject: [PATCH 485/485] nixos: services: nix-cache: fix renamed option --- modules/nixos/services/nix-cache/default.nix | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/nix-cache/default.nix b/modules/nixos/services/nix-cache/default.nix index f3a29aa8..e11962f6 100644 --- a/modules/nixos/services/nix-cache/default.nix +++ b/modules/nixos/services/nix-cache/default.nix @@ -33,14 +33,16 @@ in config = lib.mkIf cfg.enable { services.harmonia = { - enable = true; + cache = { + enable = true; - settings = { - bind = "127.0.0.1:${toString cfg.port}"; - inherit (cfg) priority; + settings = { + bind = "127.0.0.1:${toString cfg.port}"; + inherit (cfg) priority; + }; + + signKeyPaths = [ cfg.secretKeyFile ]; }; - - signKeyPaths = [ cfg.secretKeyFile ]; }; my.services.nginx.virtualHosts = {