From dc052386d1df012e9a8ff2952c210018b91c925b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 23 Mar 2021 19:42:35 +0000 Subject: [PATCH 001/654] machine: aramis: add installer script This is the first time that I am setting up LVM-on-LUKS with NixOS, so a VM came in handy to test it out. --- machines/aramis/install.sh | 51 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100755 machines/aramis/install.sh diff --git a/machines/aramis/install.sh b/machines/aramis/install.sh new file mode 100755 index 0000000..537ef9e --- /dev/null +++ b/machines/aramis/install.sh @@ -0,0 +1,51 @@ +#!/bin/sh + +if [ "$(id -u)" -ne 0 ]; then + echo "This script must be run as root" >&2 + exit 1 +fi + +SWAP_SIZE=16GiB + +parted /dev/nvme0n1 --script -- \ + mklabel gpt \ + mkpart primary 512MiB 100% \ + mkpart ESP fat32 1MiB 512MiB \ + set 2 esp on + +cryptsetup luksFormat /dev/nvme0n1p1 +cryptsetup open /dev/nvme0n1p1 crypt + +pvcreate /dev/mapper/crypt +vgcreate lvm /dev/mapper/crypt +lvcreate -L "$SWAP_SIZE" -n swap lvm +lvcreate -l 100%FREE -n root lvm + +mkfs.ext4 -L nixos /dev/lvm/root +mkswap -L swap /dev/lvm/swap +mkfs.vfat -n boot /dev/nvme0n1p2 + +mount /dev/disk/by-label/nixos /mnt +mkdir /mnt/boot +mount /dev/nvme0n1p2 /mnt/boot +swapon /dev/lvm/swap + +cat << EOF +# Run the following commands as setup user +nixos-generate-config --root /mnt + +# Change uuids to labels +vim /mnt/etc/nixos/hardware-configuration.nix + +# Install system +mkdir -p /mnt/home/ambroisie/git/nix/config +cd /mnt/home/ambroisie/git/nix/config + +git clone . +# Assuming you set up GPG key correctly +git crypt unlock + +# Setup LUKS with 'boot.initrd.luks.devices.crypt', device is /dev/nvme0n1p1, preLVM = true + +# Use 'nixos-install --flake .#aramis --root /mnt --impure' because of home-manager issue +EOF From f634f1b2ed3b6d3d469771bc62a7f895985c8cd3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Apr 2021 11:49:07 +0000 Subject: [PATCH 002/654] flake: refactor handling of shared modules --- flake.nix | 8 +++++++- machines/porthos/default.nix | 8 ++++++++ porthos.nix | 23 ----------------------- 3 files changed, 15 insertions(+), 24 deletions(-) delete mode 100644 porthos.nix diff --git a/flake.nix b/flake.nix index f582719..9f072c5 100644 --- a/flake.nix +++ b/flake.nix @@ -58,12 +58,18 @@ home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; } + # Include generic settings + ./modules + # Include my secrets + ./secrets + # Include my services + ./services ]; buildHost = name: system: lib.nixosSystem { inherit system; modules = defaultModules ++ [ - (./. + "/${name}.nix") + (./. + "/machines/${name}") ]; specialArgs = { # Use my extended lib in NixOS configuration diff --git a/machines/porthos/default.nix b/machines/porthos/default.nix index d8726f2..ec29917 100644 --- a/machines/porthos/default.nix +++ b/machines/porthos/default.nix @@ -9,4 +9,12 @@ ./services.nix ./users.nix ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.09"; # Did you read the comment? } diff --git a/porthos.nix b/porthos.nix deleted file mode 100644 index ce3a200..0000000 --- a/porthos.nix +++ /dev/null @@ -1,23 +0,0 @@ -# Porthos self-hosted server -{ ... }: - -{ - imports = [ - # Include generic settings - ./modules - # Include porthos-specific modules - ./machines/porthos - # Include my secrets - ./secrets - # Include my services - ./services - ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? -} From bd53470e468f460f52bced2cf9a56548c16cd8e9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 3 Apr 2021 17:11:55 +0000 Subject: [PATCH 003/654] lib: attrs: add genAttrs' function --- lib/attrs.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/attrs.nix b/lib/attrs.nix index 4595467..17ed3bf 100644 --- a/lib/attrs.nix +++ b/lib/attrs.nix @@ -4,4 +4,6 @@ let in { mapFilterAttrs = pred: f: attrs: filterAttrs pred (mapAttrs' f attrs); + + genAttrs' = values: f: listToAttrs (map f values); } From e0b0f44a9a3d851dcf67a4c68aa88508ded55ee8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 3 Apr 2021 17:12:34 +0000 Subject: [PATCH 004/654] lib: attrs: document functions --- lib/attrs.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/attrs.nix b/lib/attrs.nix index 17ed3bf..7b86aaa 100644 --- a/lib/attrs.nix +++ b/lib/attrs.nix @@ -1,9 +1,21 @@ { lib, ... }: let - inherit (lib) filterAttrs mapAttrs'; + inherit (lib) filterAttrs listToAttrs mapAttrs'; in { + # Filter a generated set of attrs using a predicate function. + # + # mapFilterAttrs :: + # (name -> value -> bool) + # (name -> value -> { name = any; value = any; }) + # attrs mapFilterAttrs = pred: f: attrs: filterAttrs pred (mapAttrs' f attrs); + # Generate an attribute set by mapping a function over a list of values. + # + # genAttrs' :: + # [ values ] + # (value -> { name = any; value = any; }) + # attrs genAttrs' = values: f: listToAttrs (map f values); } From cd7c8e2172943f00331d44d4b49d7f8c201e42d7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 3 Apr 2021 17:35:14 +0000 Subject: [PATCH 005/654] lib: attrs: add renaming functions --- lib/attrs.nix | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/lib/attrs.nix b/lib/attrs.nix index 7b86aaa..84b63c7 100644 --- a/lib/attrs.nix +++ b/lib/attrs.nix @@ -1,6 +1,6 @@ { lib, ... }: let - inherit (lib) filterAttrs listToAttrs mapAttrs'; + inherit (lib) filterAttrs listToAttrs mapAttrs' nameValuePair; in { # Filter a generated set of attrs using a predicate function. @@ -18,4 +18,19 @@ in # (value -> { name = any; value = any; }) # attrs genAttrs' = values: f: listToAttrs (map f values); + + # Rename each of the attributes in an attribute set using the mapping function + # + # renameAttrs :: + # (name -> new name) + # attrs + renameAttrs = f: mapAttrs' (name: value: nameValuePair (f name) value); + + # Rename each of the attributes in an attribute set using a function which + # takes the attribute's name and value as inputs. + # + # renameAttrs' :: + # (name -> value -> new name) + # attrs + renameAttrs' = f: mapAttrs' (name: value: nameValuePair (f name value) value); } From 6acf9f4a1961b72f8d9c04e7d4c0dee73235fc3c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Apr 2021 12:00:21 +0000 Subject: [PATCH 006/654] machines: add aramis --- flake.nix | 1 + machines/aramis/boot.nix | 32 ++++++++++++++++++++++++++++ machines/aramis/default.nix | 38 ++++++++++++++++++++++++++++++++++ machines/aramis/hardware.nix | 26 +++++++++++++++++++++++ machines/aramis/networking.nix | 21 +++++++++++++++++++ machines/aramis/sound.nix | 5 +++++ 6 files changed, 123 insertions(+) create mode 100644 machines/aramis/boot.nix create mode 100644 machines/aramis/default.nix create mode 100644 machines/aramis/hardware.nix create mode 100644 machines/aramis/networking.nix create mode 100644 machines/aramis/sound.nix diff --git a/flake.nix b/flake.nix index 9f072c5..404b2c0 100644 --- a/flake.nix +++ b/flake.nix @@ -109,6 +109,7 @@ }; nixosConfigurations = lib.mapAttrs buildHost { + aramis = "x86_64-linux"; porthos = "x86_64-linux"; }; }; diff --git a/machines/aramis/boot.nix b/machines/aramis/boot.nix new file mode 100644 index 0000000..2169da5 --- /dev/null +++ b/machines/aramis/boot.nix @@ -0,0 +1,32 @@ +{ ... }: +{ + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + initrd = { + availableKernelModules = [ + "nvme" + "sd_mod" + "sdhci_pci" + "usb_storage" + "usbhid" + "xhci_pci" + ]; + kernelModules = [ + "dm-snapshot" + ]; + luks.devices.crypt = { + device = "/dev/nvme0n1p1"; + preLVM = true; + }; + }; + + kernelModules = [ + "kvm-intel" + ]; + extraModulePackages = [ ]; + }; +} diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix new file mode 100644 index 0000000..67486d1 --- /dev/null +++ b/machines/aramis/default.nix @@ -0,0 +1,38 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ + ./boot.nix + ./hardware.nix + ./networking.nix + ./sound.nix + ]; + + # Set your time zone. + time.timeZone = "Europe/Paris"; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + services.xserver.libinput.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.09"; # Did you read the comment? +} diff --git a/machines/aramis/hardware.nix b/machines/aramis/hardware.nix new file mode 100644 index 0000000..86eaf28 --- /dev/null +++ b/machines/aramis/hardware.nix @@ -0,0 +1,26 @@ +{ lib, modulesPath, ... }: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + "/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-label/swap"; } + ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + + hardware.cpu.intel.updateMicrocode = true; +} diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix new file mode 100644 index 0000000..752fc8c --- /dev/null +++ b/machines/aramis/networking.nix @@ -0,0 +1,21 @@ +{ ... }: +{ + networking = { + hostName = "aramis"; + domain = "nodomain.local"; # FIXME: gotta fix domain handling + wireless.enable = true; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + useDHCP = false; + + interfaces = { + enp0s31f6.useDHCP = true; + wlp0s20f3.useDHCP = true; + }; + }; + + # Which interface is used to connect to the internet + my.networking.externalInterface = "enp0s3"; +} diff --git a/machines/aramis/sound.nix b/machines/aramis/sound.nix new file mode 100644 index 0000000..38365f6 --- /dev/null +++ b/machines/aramis/sound.nix @@ -0,0 +1,5 @@ +{ ... }: +{ + sound.enable = true; + hardware.pulseaudio.enable = true; +} From 5427f15a17fafccaa3ff335083b56056671d893a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Apr 2021 18:46:45 +0000 Subject: [PATCH 007/654] home: add X keyboard configuration --- home/default.nix | 1 + home/x/default.nix | 17 +++++++++++++++++ home/x/keyboard.nix | 12 ++++++++++++ 3 files changed, 30 insertions(+) create mode 100644 home/x/default.nix create mode 100644 home/x/keyboard.nix diff --git a/home/default.nix b/home/default.nix index e8218e8..7a51a02 100644 --- a/home/default.nix +++ b/home/default.nix @@ -14,6 +14,7 @@ ./ssh.nix ./tmux.nix ./vim + ./x ./xdg.nix ./zsh ]; diff --git a/home/x/default.nix b/home/x/default.nix new file mode 100644 index 0000000..086c41b --- /dev/null +++ b/home/x/default.nix @@ -0,0 +1,17 @@ +{ config, lib, ... }: +let + cfg = config.my.home.x; +in +{ + imports = [ + ./keyboard.nix + ]; + + options.my.home.x = with lib; { + enable = mkEnableOption "X server configuration"; + }; + + config = lib.mkIf cfg.enable { + xsession.enable = true; + }; +} diff --git a/home/x/keyboard.nix b/home/x/keyboard.nix new file mode 100644 index 0000000..40af800 --- /dev/null +++ b/home/x/keyboard.nix @@ -0,0 +1,12 @@ +{ config, lib, ... }: +let + cfg = config.my.home.x; +in +{ + config = lib.mkIf cfg.enable { + home.keyboard = { + layout = "fr"; + variant = "us"; + }; + }; +} From f57cfda76773d7d6031a8f5ad5b430cdd0db7830 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Apr 2021 19:03:29 +0000 Subject: [PATCH 008/654] home: wm: add i3 This is only the basic default configuration. The full configuration will come later. I am not a fan of `wm.windowManager`, I might rename that option at some point. --- home/default.nix | 1 + home/wm/default.nix | 15 +++++++++++++++ home/wm/i3.nix | 15 +++++++++++++++ 3 files changed, 31 insertions(+) create mode 100644 home/wm/default.nix create mode 100644 home/wm/i3.nix diff --git a/home/default.nix b/home/default.nix index 7a51a02..fd59171 100644 --- a/home/default.nix +++ b/home/default.nix @@ -14,6 +14,7 @@ ./ssh.nix ./tmux.nix ./vim + ./wm ./x ./xdg.nix ./zsh diff --git a/home/wm/default.nix b/home/wm/default.nix new file mode 100644 index 0000000..10f86a4 --- /dev/null +++ b/home/wm/default.nix @@ -0,0 +1,15 @@ +{ lib, ... }: +{ + imports = [ + ./i3.nix + ]; + + options.my.home.wm = with lib; { + windowManager = mkOption { + type = with types; nullOr (enum [ "i3" ]); + default = null; + example = "i3"; + description = "Which window manager to use for home session"; + }; + }; +} diff --git a/home/wm/i3.nix b/home/wm/i3.nix new file mode 100644 index 0000000..3039cd6 --- /dev/null +++ b/home/wm/i3.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +let + isEnabled = config.my.home.wm.windowManager == "i3"; +in +{ + config = lib.mkIf isEnabled { + xsession.windowManager.i3 = { + enable = true; + + config = { + modifier = "Mod4"; # `Super` key + }; + }; + }; +} From b6fb77fc34a96785e8a1215b12db345fabdda4a4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 26 Apr 2021 17:22:20 +0000 Subject: [PATCH 009/654] modules: add home This makes setting and referring to my home-manager options easier. --- modules/default.nix | 1 + modules/home.nix | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 modules/home.nix diff --git a/modules/default.nix b/modules/default.nix index 082a8da..f20351f 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,6 +5,7 @@ imports = [ ./documentation.nix ./ergodox.nix + ./home.nix ./language.nix ./media.nix ./networking.nix diff --git a/modules/home.nix b/modules/home.nix new file mode 100644 index 0000000..f5314b9 --- /dev/null +++ b/modules/home.nix @@ -0,0 +1,11 @@ +# Simplify setting home options +{ lib, ... }: +let + actualPath = [ "home-manager" "users" "ambroisie" "my" "home" ]; + aliasPath = [ "my" "home" ]; +in +{ + imports = [ + (lib.mkAliasOptionModule aliasPath actualPath) + ]; +} From 45cb955433bce7dfab75a00a88cc779c0ccaa76d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Apr 2021 18:47:23 +0000 Subject: [PATCH 010/654] machines: aramis: add home configuration --- machines/aramis/default.nix | 8 +------- machines/aramis/home.nix | 4 ++++ 2 files changed, 5 insertions(+), 7 deletions(-) create mode 100644 machines/aramis/home.nix diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 67486d1..6eaadeb 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -8,6 +8,7 @@ imports = [ ./boot.nix ./hardware.nix + ./home.nix ./networking.nix ./sound.nix ]; @@ -15,13 +16,6 @@ # Set your time zone. time.timeZone = "Europe/Paris"; - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - # Enable CUPS to print documents. services.printing.enable = true; diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix new file mode 100644 index 0000000..ce312c4 --- /dev/null +++ b/machines/aramis/home.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + # To be filled out +} From fe9f468e06131288acc43b4f4df02c3524aff3d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 21:01:28 +0000 Subject: [PATCH 011/654] machines: aramis: home: enable X & i3 --- machines/aramis/home.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index ce312c4..e19428e 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,4 +1,14 @@ { ... }: { - # To be filled out + my.home = { + # i3 settings + wm.windowManager = "i3"; + # Keyboard settings + x.enable = true; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + # Enable i3 + services.xserver.windowManager.i3.enable = true; } From 1da8177ea28bd9ab7491c1aa16713a1cb702a4e8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 4 Apr 2021 19:28:34 +0000 Subject: [PATCH 012/654] home: wm: add i3bar --- home/wm/default.nix | 1 + home/wm/i3bar.nix | 52 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 home/wm/i3bar.nix diff --git a/home/wm/default.nix b/home/wm/default.nix index 10f86a4..b8eec93 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -2,6 +2,7 @@ { imports = [ ./i3.nix + ./i3bar.nix ]; options.my.home.wm = with lib; { diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix new file mode 100644 index 0000000..80cc252 --- /dev/null +++ b/home/wm/i3bar.nix @@ -0,0 +1,52 @@ +{ config, lib, pkgs, ... }: +let + isEnabled = config.my.home.wm.windowManager == "i3"; +in +{ + config = lib.mkIf isEnabled { + home.packages = with pkgs; [ + alsaUtils # Used by `sound` block + lm_sensors # Used by `temperature` block + ]; + + programs.i3status-rust = { + enable = true; + + bars = { + top = { + blocks = [ + { + block = "music"; + buttons = [ "prev" "play" "next" ]; + } + { + block = "cpu"; + } + { + block = "disk_space"; + } + { + block = "net"; + format = "{ssid} {ip} {signal_strength}"; + } + { + block = "battery"; + format = "{percentage}% ({time})"; + full_format = "{percentage}%"; + } + { + block = "temperature"; + } + { + block = "sound"; + } + { + block = "time"; + format = "%F %T"; + } + ]; + }; + }; + }; + }; +} From cdbe16e703ef9e1108264d4ed19de43e8dffaf5a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 4 Apr 2021 19:28:44 +0000 Subject: [PATCH 013/654] home: wm: add rofi --- home/wm/default.nix | 1 + home/wm/rofi.nix | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 home/wm/rofi.nix diff --git a/home/wm/default.nix b/home/wm/default.nix index b8eec93..55669eb 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -3,6 +3,7 @@ imports = [ ./i3.nix ./i3bar.nix + ./rofi.nix ]; options.my.home.wm = with lib; { diff --git a/home/wm/rofi.nix b/home/wm/rofi.nix new file mode 100644 index 0000000..b2fb32f --- /dev/null +++ b/home/wm/rofi.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +let + isEnabled = config.my.home.wm.windowManager == "i3"; +in +{ + config = lib.mkIf isEnabled { + programs.rofi = { + enable = true; + + package = pkgs.rofi.override { + plugins = with pkgs; [ + rofi-emoji + ]; + }; + + theme = "gruvbox-dark-hard"; + }; + }; +} From 90ccf42779b9301cb09122f3179716b35983ad29 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 4 Apr 2021 13:49:02 +0000 Subject: [PATCH 014/654] home: wm: i3: add configuration --- home/wm/i3.nix | 288 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 286 insertions(+), 2 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 3039cd6..649210b 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -1,14 +1,298 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let isEnabled = config.my.home.wm.windowManager == "i3"; + + terminal = "i3-sensible-terminal"; + + alt = "Mod1"; # `Alt` key + modifier = "Mod4"; # `Super` key + movementKeys = [ "Left" "Down" "Up" "Right" ]; + vimMovementKeys = [ "h" "j" "k" "l" ]; + shutdownMode = + "(l)ock, (e)xit, switch_(u)ser, (h)ibernate, (r)eboot, (Shift+s)hutdown"; + + # Takes an attrset of bindings for movement keys, transforms it to Vim keys + toVimKeyBindings = + let + toVimKeys = builtins.replaceStrings movementKeys vimMovementKeys; + in + lib.my.renameAttrs toVimKeys; + + # Takes an attrset of bindings for movement keys, add equivalent Vim keys + addVimKeyBindings = bindings: bindings // (toVimKeyBindings bindings); + # Generate an attrset of movement bindings, using the mapper function + genMovementBindings = f: addVimKeyBindings (lib.my.genAttrs' movementKeys f); in { config = lib.mkIf isEnabled { + home.packages = with pkgs; [ + arandr # Used by a mapping + flameshot # Used by a mapping, started at startup + playerctl # Used by a mapping + ]; + xsession.windowManager.i3 = { enable = true; config = { - modifier = "Mod4"; # `Super` key + inherit modifier; + + bars = + let + barConfigPath = + config.xdg.configFile."i3status-rust/config-top.toml".target; + in + [ + { + statusCommand = "i3status-rs ${barConfigPath}"; + trayOutput = "primary"; + position = "top"; + + colors = { + background = "#021215"; + statusline = "#93a1a1"; + separator = "#2aa198"; + + focusedWorkspace = { + border = "#2aa198"; + background = "#073642"; + text = "#eee895"; + }; + + activeWorkspace = { + border = "#073642"; + background = "#002b36"; + text = "#839496"; + }; + + inactiveWorkspace = { + border = "#002b36"; + background = "#021215"; + text = "#586e75"; + }; + + urgentWorkspace = { + border = "#cb4b16"; + background = "#dc322f"; + text = "#fdf6e3"; + }; + }; + } + ]; + + floating = { + inherit modifier; + + criteria = [ + { class = "^tridactyl_editor$"; } + { class = "^Blueman-.*$"; } + { title = "^htop$"; } + { class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; } + { class = "^Pavucontrol.*$"; } + { class = "^Arandr$"; } + ]; + }; + + focus = { + followMouse = true; # It is annoying sometimes, but useful enough to use + mouseWarping = true; # Let's moving around when switching screens + }; + + fonts = [ + "DejaVu Sans Mono 8" + ]; + + # I don't care for i3's default values, I specify them all explicitly + keybindings = builtins.foldl' (lhs: rhs: lhs // rhs) { } [ + { + # The basics + "${modifier}+Return" = "exec ${terminal}"; + "${modifier}+Shift+Return" = "exec env TMUX=nil ${terminal}"; + "${modifier}+Shift+q" = "kill"; + "${modifier}+f" = "fullscreen toggle"; + "${modifier}+Shift+c" = "reload"; + "${modifier}+Shift+r" = "restart"; + "${modifier}+Shift+e" = + "exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'"; + } + { + # Splits + "${modifier}+g" = "split h"; # Horizontally + "${modifier}+v" = "split v"; # Vertically + } + { + # Layouts + "${modifier}+s" = "layout stacking"; + "${modifier}+w" = "layout tabbed"; + "${modifier}+e" = "layout toggle split"; + } + { + # Toggle tiling/floating + "${modifier}+Control+space" = "floating toggle"; + # Change focus between tiling/floating + "${modifier}+space" = "focus mode_toggle"; + } + { + # Focus parent container + "${modifier}+q" = "focus parent"; + # Focus child container + "${modifier}+a" = "focus child"; + } + { + # Rofi tools + "${modifier}+d" = "exec rofi -show drun -disable-history"; + "${modifier}+Shift+d" = "exec rofi -show run -disable-history"; + "${modifier}+p" = "exec --no-startup-id flameshot gui"; + "${modifier}+Shift+p" = "exec rofi -show emoji"; + } + ( + # Changing container focus + genMovementBindings ( + key: lib.nameValuePair + "${modifier}+${key}" + "focus ${lib.toLower key}" + ) + ) + ( + # Changing screen focus + genMovementBindings ( + key: lib.nameValuePair + "${modifier}+${alt}+${key}" + "focus output ${lib.toLower key}" + ) + ) + ( + # Moving workspace to another screen + genMovementBindings ( + key: lib.nameValuePair + "${modifier}+${alt}+Control+${key}" + "move workspace to output ${lib.toLower key}" + ) + ) + ( + # Moving container to another screen + genMovementBindings ( + key: lib.nameValuePair + "${modifier}+${alt}+Shift+${key}" + "move container to output ${lib.toLower key}" + ) + ) + (addVimKeyBindings { + # Scroll through workspaces on given screen + "${modifier}+Control+Left" = "workspace prev_on_output"; + "${modifier}+Control+Right" = "workspace next_on_output"; + # Use scratchpad + "${modifier}+Control+Up" = "move to scratchpad"; + "${modifier}+Control+Down" = "scratchpad show"; + }) + ( + # Moving floating window + genMovementBindings ( + key: lib.nameValuePair + "${modifier}+Shift+${key}" + "move ${lib.toLower key} 10 px" + ) + ) + { + # Media keys + "XF86AudioRaiseVolume" = "exec amixer -q -D pulse sset Master 5%+"; + "XF86AudioLowerVolume" = "exec amixer -q -D pulse sset Master 5%-"; + "Control+XF86AudioRaiseVolume" = "exec amixer -q -D pulse sset Master 1%+"; + "Control+XF86AudioLowerVolume" = "exec amixer -q -D pulse sset Master 1%-"; + "XF86AudioMute" = "exec amixer -q -D pulse sset Master toggle"; + + "XF86AudioPlay" = "exec playerctl play-pause"; + "XF86AudioNext" = "exec playerctl next"; + "XF86AudioPrev" = "exec playerctl previous"; + } + { + # Sub-modes + "${modifier}+r" = "mode resize"; + "${modifier}+Shift+space" = "mode floating"; + "${modifier}+0" = ''mode "${shutdownMode}"''; + } + ]; + + keycodebindings = + let + toKeycode = n: if n == 0 then 19 else n + 9; + createWorkspaceBindings = mapping: command: + let + createWorkspaceBinding = num: + lib.nameValuePair + "${mapping}+${toString (toKeycode num)}" + "${command} ${toString num}"; + oneToNine = builtins.genList (x: x + 1) 9; + in + lib.my.genAttrs' oneToNine createWorkspaceBinding; + in + builtins.foldl' (lhs: rhs: lhs // rhs) { } [ + (createWorkspaceBindings modifier "workspace number") + (createWorkspaceBindings "${modifier}+Shift" "move container to workspace number") + ]; + + modes = + let + makeModeBindings = attrs: (addVimKeyBindings attrs) // { + "Escape" = "mode default"; + "Return" = "mode default"; + }; + in + { + resize = makeModeBindings { + # Normal movements + "Left" = "resize shrink width 10 px or 10 ppt"; + "Down" = "resize grow height 10 px or 10 ppt"; + "Up" = "resize shrink height 10 px or 10 ppt"; + "Right" = "resize grow width 10 px or 10 ppt"; + # Small movements + "Control+Left" = "resize shrink width 1 px or 1 ppt"; + "Control+Down" = "resize grow height 1 px or 1 ppt"; + "Control+Up" = "resize shrink height 1 px or 1 ppt"; + "Control+Right" = "resize grow width 1 px or 1 ppt"; + # Big movements + "Shift+Left" = "resize shrink width 100 px or 100 ppt"; + "Shift+Down" = "resize grow height 100 px or 100 ppt"; + "Shift+Up" = "resize shrink height 100 px or 100 ppt"; + "Shift+Right" = "resize grow width 100 px or 100 ppt"; + }; + + floating = makeModeBindings { + # Normal movements + "Left" = "move left 10 px"; + "Down" = "move down 10 px"; + "Up" = "move up 10 px"; + "Right" = "move right 10 px"; + # Small movements + "Control+Left" = "move left 1 px"; + "Control+Down" = "move down 1 px"; + "Control+Up" = "move up 1 px"; + "Control+Right" = "move right 1 px"; + # Big movements + "Shift+Left" = "move left 100 px"; + "Shift+Down" = "move down 100 px"; + "Shift+Up" = "move up 100 px"; + "Shift+Right" = "move right 100 px"; + }; + + ${shutdownMode} = makeModeBindings { + "l" = "exec --no-startup-id loginctl lock-session, mode default"; + "s" = "exec --no-startup-id systemctl suspend, mode default"; + "u" = "exec --no-startup-id dm-tool switch-to-greeter, mode default"; + "e" = "exec --no-startup-id i3-msg exit, mode default"; + "h" = "exec --no-startup-id systemctl hibernate, mode default"; + "r" = "exec --no-startup-id systemctl reboot, mode default"; + "Shift+s" = "exec --no-startup-id systemctl poweroff, mode default"; + }; + }; + + startup = [ + # FIXME + # { commdand; always; notification; } + { + command = "flameshot"; + } + ]; }; }; }; From 9fe78a5a7092c0205e65a51b58cf7878b352bbe6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 00:54:28 +0000 Subject: [PATCH 015/654] home: add terminal This module abstracts away the color configuration. --- home/default.nix | 1 + home/terminal/default.nix | 47 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 home/terminal/default.nix diff --git a/home/default.nix b/home/default.nix index fd59171..b1a5274 100644 --- a/home/default.nix +++ b/home/default.nix @@ -12,6 +12,7 @@ ./pager.nix ./secrets # Home-manager specific secrets ./ssh.nix + ./terminal ./tmux.nix ./vim ./wm diff --git a/home/terminal/default.nix b/home/terminal/default.nix new file mode 100644 index 0000000..bab73aa --- /dev/null +++ b/home/terminal/default.nix @@ -0,0 +1,47 @@ +{ lib, ... }: +let + mkColorOption = with lib; description: default: mkOption { + inherit description default; + example = "#abcdef"; + type = types.strMatching "#[0-9a-f]{6}"; + }; +in +{ + imports = [ + ]; + + options.my.home = with lib; { + terminal = { + colors = { + background = mkColorOption "Background color" "#161616"; + foreground = mkColorOption "Foreground color" "#ffffff"; + foregroundBold = mkColorOption "Foreground bold color" "#ffffff"; + cursor = mkColorOption "Cursor color" "#ffffff"; + + black = mkColorOption "Black" "#222222"; + blackBold = mkColorOption "Black bold" "#666666"; + + red = mkColorOption "Red" "#e84f4f"; + redBold = mkColorOption "Red bold" "#d23d3d"; + + green = mkColorOption "Green" "#b7ce42"; + greenBold = mkColorOption "Green bold" "#bde077"; + + yellow = mkColorOption "Yellow" "#fea63c"; + yellowBold = mkColorOption "Yellow bold" "#ffe863"; + + blue = mkColorOption "Blue" "#66aabb"; + blueBold = mkColorOption "Blue bold" "#aaccbb"; + + magenta = mkColorOption "Magenta" "#b7416e"; + magentaBold = mkColorOption "Magenta bold" "#e16a98"; + + cyan = mkColorOption "Cyan" "#6d878d"; + cyanBold = mkColorOption "Cyan bold" "#42717b"; + + white = mkColorOption "White" "#dddddd"; + whiteBold = mkColorOption "White bold" "#cccccc"; + }; + }; + }; +} From 76b17e924aedbaee4e2e109e91c19a446b7b13c6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 00:57:32 +0000 Subject: [PATCH 016/654] home: terminal: add termite --- home/terminal/default.nix | 8 ++++++ home/terminal/termite.nix | 53 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) create mode 100644 home/terminal/termite.nix diff --git a/home/terminal/default.nix b/home/terminal/default.nix index bab73aa..4c3f5cb 100644 --- a/home/terminal/default.nix +++ b/home/terminal/default.nix @@ -8,10 +8,18 @@ let in { imports = [ + ./termite.nix ]; options.my.home = with lib; { terminal = { + program = mkOption { + type = with types; nullOr (enum [ "termite" ]); + default = null; + example = "termite"; + description = "Which terminal to use for home session"; + }; + colors = { background = mkColorOption "Background color" "#161616"; foreground = mkColorOption "Foreground color" "#ffffff"; diff --git a/home/terminal/termite.nix b/home/terminal/termite.nix new file mode 100644 index 0000000..e8f67a7 --- /dev/null +++ b/home/terminal/termite.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.terminal; +in +{ + config = lib.mkIf (cfg.program == "termite") { + programs.termite = { + enable = true; + + # Niceties + browser = "${pkgs.xdg-utils}/bin/xdg-open"; + clickableUrl = true; + dynamicTitle = true; + fullscreen = false; + mouseAutohide = true; + urgentOnBell = true; + + # Look and feel + allowBold = true; + audibleBell = false; + cursorBlink = "system"; + font = "Monospace 9"; + scrollbar = "off"; + + + # Colors + backgroundColor = cfg.colors.background; + cursorColor = cfg.colors.cursor; + foregroundColor = cfg.colors.foreground; + foregroundBoldColor = cfg.colors.foregroundBold; + colorsExtra = with cfg.colors; '' + # Normal colors + color0 = ${black} + color1 = ${red} + color2 = ${green} + color3 = ${yellow} + color4 = ${blue} + color5 = ${magenta} + color6 = ${cyan} + color7 = ${white} + # Bold colors + color8 = ${blackBold} + color9 = ${redBold} + color10 = ${greenBold} + color11 = ${yellowBold} + color12 = ${blueBold} + color13 = ${magentaBold} + color14 = ${cyanBold} + color15 = ${whiteBold} + ''; + }; + }; +} From fee045d82c337f8fe31f11db7885e697de3313d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:00:47 +0000 Subject: [PATCH 017/654] home: wm: i3: use 'my.home.terminal' explicitly --- home/wm/i3.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 649210b..af22bc5 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -2,7 +2,10 @@ let isEnabled = config.my.home.wm.windowManager == "i3"; - terminal = "i3-sensible-terminal"; + terminal = + if config.my.home.terminal.program != null + then config.my.home.terminal.program + else "i3-sensible-terminal"; alt = "Mod1"; # `Alt` key modifier = "Mod4"; # `Super` key From b254e0f7ac3b0e7032d85c5b5e4e0a2f90766ffc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:08:42 +0000 Subject: [PATCH 018/654] machines: aramis: home: enable termite --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index e19428e..06218d7 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,6 +1,8 @@ { ... }: { my.home = { + # Termite terminal + terminal.program = "termite"; # i3 settings wm.windowManager = "i3"; # Keyboard settings From 646768c3b70f9f465a3a3a831a908c3cbc94ecde Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:33:46 +0000 Subject: [PATCH 019/654] home: add zathura --- home/default.nix | 1 + home/zathura.nix | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 home/zathura.nix diff --git a/home/default.nix b/home/default.nix index b1a5274..77d54ae 100644 --- a/home/default.nix +++ b/home/default.nix @@ -18,6 +18,7 @@ ./wm ./x ./xdg.nix + ./zathura.nix ./zsh ]; diff --git a/home/zathura.nix b/home/zathura.nix new file mode 100644 index 0000000..6162542 --- /dev/null +++ b/home/zathura.nix @@ -0,0 +1,20 @@ +{ config, lib, ... }: +let + cfg = config.my.home.zathura; +in +{ + options.my.home.zathura = with lib; { + enable = mkEnableOption "zathura configuration"; + }; + + config.programs.zathura = lib.mkIf cfg.enable { + enable = true; + + options = { + # Show '~' instead of full path to '$HOME' in window title + "window-title-home-tilde" = true; + # Show '~' instead of full path to '$HOME' in status bar + "statusbar-home-tilde" = true; + }; + }; +} From d01b7963cd1e345d27fcf1cfb62373c55cee209e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:35:33 +0000 Subject: [PATCH 020/654] machines: aramis: home: enable zathura --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 06218d7..5c12451 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -7,6 +7,8 @@ wm.windowManager = "i3"; # Keyboard settings x.enable = true; + # Zathura document viewer + zathura.enable = true; }; # Enable the X11 windowing system. From e6fb00ce9a546f44b0d889bf1ce8ab2dc1a28820 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:38:32 +0000 Subject: [PATCH 021/654] home: add flameshot --- home/default.nix | 1 + home/flameshot.nix | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/flameshot.nix diff --git a/home/default.nix b/home/default.nix index 77d54ae..e47940d 100644 --- a/home/default.nix +++ b/home/default.nix @@ -4,6 +4,7 @@ ./bat.nix ./direnv.nix ./documentation.nix + ./flameshot.nix ./git ./gpg.nix ./htop.nix diff --git a/home/flameshot.nix b/home/flameshot.nix new file mode 100644 index 0000000..a9a60a8 --- /dev/null +++ b/home/flameshot.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: +let + cfg = config.my.home.flameshot; +in +{ + options.my.home.flameshot = with lib; { + enable = mkEnableOption "flameshot configuration"; + }; + + config.services.flameshot = lib.mkIf cfg.enable { + enable = true; + }; +} From 595720dcd4f171be59a7853aaccd696698f57f81 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:39:01 +0000 Subject: [PATCH 022/654] home: wm: i3: use flameshot service directly Instead of starting `flameshot` with `i3`, use the provided service. --- home/wm/i3.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index af22bc5..819d880 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -28,9 +28,12 @@ let in { config = lib.mkIf isEnabled { + my.home = { + flameshot.enable = true; + }; + home.packages = with pkgs; [ arandr # Used by a mapping - flameshot # Used by a mapping, started at startup playerctl # Used by a mapping ]; @@ -292,9 +295,6 @@ in startup = [ # FIXME # { commdand; always; notification; } - { - command = "flameshot"; - } ]; }; }; From e6b810b5a1d069d0088e1aa63cb780fd15f3a557 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:47:49 +0000 Subject: [PATCH 023/654] home: add udiskie --- home/default.nix | 1 + home/udiskie.nix | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/udiskie.nix diff --git a/home/default.nix b/home/default.nix index e47940d..2f92758 100644 --- a/home/default.nix +++ b/home/default.nix @@ -15,6 +15,7 @@ ./ssh.nix ./terminal ./tmux.nix + ./udiskie.nix ./vim ./wm ./x diff --git a/home/udiskie.nix b/home/udiskie.nix new file mode 100644 index 0000000..1f2119e --- /dev/null +++ b/home/udiskie.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: +let + cfg = config.my.home.udiskie; +in +{ + options.my.home.udiskie = with lib; { + enable = mkEnableOption "udiskie configuration"; + }; + + config.services.udiskie = lib.mkIf cfg.enable { + enable = true; + }; +} From 4d04dd9b9b4ae46233fe40c36582d14d54c7b7d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 01:48:33 +0000 Subject: [PATCH 024/654] home: wm: i3: use udiskie service --- home/wm/i3.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 819d880..f81d881 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -30,6 +30,7 @@ in config = lib.mkIf isEnabled { my.home = { flameshot.enable = true; + udiskie.enable = true; }; home.packages = with pkgs; [ From e06edc8f4785312c81a1d328a19cc5fda8290c4b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 11:55:42 +0000 Subject: [PATCH 025/654] home: add firefox --- home/default.nix | 1 + home/firefox/default.nix | 19 +++++++++++++++++++ home/firefox/firefox.nix | 40 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 home/firefox/default.nix create mode 100644 home/firefox/firefox.nix diff --git a/home/default.nix b/home/default.nix index 2f92758..a7609ef 100644 --- a/home/default.nix +++ b/home/default.nix @@ -4,6 +4,7 @@ ./bat.nix ./direnv.nix ./documentation.nix + ./firefox ./flameshot.nix ./git ./gpg.nix diff --git a/home/firefox/default.nix b/home/firefox/default.nix new file mode 100644 index 0000000..1391052 --- /dev/null +++ b/home/firefox/default.nix @@ -0,0 +1,19 @@ +{ config, lib, ... }: +{ + options.my.home.firefox = with lib; { + enable = mkEnableOption "firefox configuration"; + + tridactyl = { + enable = mkOption { + type = types.bool; + description = "tridactyl configuration"; + example = false; + default = config.my.home.firefox.enable; + }; + }; + }; + + imports = [ + ./firefox.nix + ]; +} diff --git a/home/firefox/firefox.nix b/home/firefox/firefox.nix new file mode 100644 index 0000000..f4bc675 --- /dev/null +++ b/home/firefox/firefox.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.firefox; +in +{ + config.programs.firefox = lib.mkIf cfg.enable { + enable = true; + + profiles = { + default = { + id = 0; + + settings = { + "browser.bookmarks.showMobileBookmarks" = true; # Mobile bookmarks + "browser.download.useDownloadDir" = false; # Ask for download location + "browser.in-content.dark-mode" = true; # Dark mode + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; # Disable top stories + "browser.newtabpage.activity-stream.feeds.sections" = false; + "browser.newtabpage.activity-stream.feeds.system.topstories" = false; # Disable top stories + "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; # Disable pocket + "extensions.pocket.enabled" = false; # Disable pocket + "media.eme.enabled" = true; # Enable DRM + "media.gmp-widevinecdm.visible" = true; # Enable DRM + "media.gmp-widevinecdm.enabled" = true; # Enable DRM + "signon.autofillForms" = false; # Disable built-in form-filling + "signon.rememberSignons" = false; # Disable built-in password manager + "ui.systemUsesDarkTheme" = true; # Dark mode + }; + }; + }; + + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + bitwarden + https-everywhere + i-dont-care-about-cookies + reddit-enhancement-suite + ublock-origin + ] ++ lib.optional (cfg.tridactyl.enable) tridactyl; + }; +} From c17b5f4004f3d5b3fcf184e021b796f1d7fc37bb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 11:58:32 +0000 Subject: [PATCH 026/654] machines: aramis: home: enable firefox --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 5c12451..2bda0d6 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,6 +1,8 @@ { ... }: { my.home = { + # Firefo profile and extensions + firefox.enable = true; # Termite terminal terminal.program = "termite"; # i3 settings From d5b3b958273addadd5367ee2fbe317926e38bc33 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 12:30:04 +0000 Subject: [PATCH 027/654] home: firefox: use tridactyl-native when enabled --- home/firefox/firefox.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/firefox/firefox.nix b/home/firefox/firefox.nix index f4bc675..a1db93a 100644 --- a/home/firefox/firefox.nix +++ b/home/firefox/firefox.nix @@ -6,6 +6,12 @@ in config.programs.firefox = lib.mkIf cfg.enable { enable = true; + package = pkgs.firefox.override { + cfg = { + enableTridactylNative = cfg.tridactyl.enable; + }; + }; + profiles = { default = { id = 0; From e1240c188e631b87d27864646156c952bf7374b9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 13:22:53 +0000 Subject: [PATCH 028/654] home: firefox: add tridactyl --- home/firefox/default.nix | 1 + home/firefox/tridactyl.nix | 9 +++++ home/firefox/tridactylrc | 72 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 82 insertions(+) create mode 100644 home/firefox/tridactyl.nix create mode 100644 home/firefox/tridactylrc diff --git a/home/firefox/default.nix b/home/firefox/default.nix index 1391052..fd7d5ba 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -15,5 +15,6 @@ imports = [ ./firefox.nix + ./tridactyl.nix ]; } diff --git a/home/firefox/tridactyl.nix b/home/firefox/tridactyl.nix new file mode 100644 index 0000000..fd8e3fb --- /dev/null +++ b/home/firefox/tridactyl.nix @@ -0,0 +1,9 @@ +{ config, lib, ... }: +let + cfg = config.my.home.firefox.tridactyl; +in +{ + config = lib.mkIf cfg.enable { + xdg.configFile."tridactyl/tridactylrc".source = ./tridactylrc; + }; +} diff --git a/home/firefox/tridactylrc b/home/firefox/tridactylrc new file mode 100644 index 0000000..edb595e --- /dev/null +++ b/home/firefox/tridactylrc @@ -0,0 +1,72 @@ +" Shamelessly taken from bovine3dom's example configuration file from the docs + +" Basics {{{ +" Use dark color scheme +colorscheme dark + +" Make tridactyl open Vim in my prefered terminal +" FIXME: make it follow my prefered terminal +set editorcmd termite --class tridactyl_editor -e 'vim %f' +" }}} + +" Binds {{{ +" Reddit et al. {{{ +" Toggle comments on Reddit, Hacker News, Lobste.rs +bind ;c hint -c [class*="expand"],[class="togg"],[class="comment_folder"] + +" Make `gu` take me back to subreddit from comments +bindurl reddit.com gu urlparent 4 + +" Only hint search results on Google +bindurl www.google.com f hint -Jc #search div:not(.action-menu) > a +bindurl www.google.com F hint -Jbc #search div:not(.action-menu) > a + +" Only hint search results on DuckDuckGo +bindurl ^https://duckduckgo.com f hint -Jc [class=result__a] +bindurl ^https://duckduckgo.com F hint -Jbc [class=result__a] + +" Only hint item pages on Hacker News +bindurl news.ycombinator.com ;f hint -Jc .age > a +bindurl news.ycombinator.com ;f hint -Jtc .age > a +" }}} + +" Better bindings {{{ +" Handy multiwindow binds +bind gd tabdetach +bind gD composite tabduplicate; tabdetach + +" Make yy use canonical links on the few websites that support them +bind yy clipboard yankcanon +" }}} + +" Search {{{ +" Case insensitive only if fully lowercase +set findcase smart + +" Search forward/backward +bind / fillcmdline find +bind ? fillcmdline find -? + +" Go to next/previous match +bind n findnext 1 +bind N findnext -1 + +" Because :nohls never works +bind nohlsearch + +" Use browser's native find when using Ctrl-F +unbind +" }}} +" }}} + +" Redirections {{{ +" Always redirect Reddit to the old site +autocmd DocStart ^http(s?)://www.redit.com js tri.excmds.urlmodify("-t", "www", "old") +" }}} + +" Disabled websites {{{ +blacklistadd netflix.com +blacklistadd jellyfin.belanyi.fr +" }}} + +" vim: set filetype=vim foldmethod=marker: From c3c44bceb6544ffb8931435730efc88a40c92b1c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 15:57:05 +0000 Subject: [PATCH 029/654] home: add gammastep --- home/default.nix | 1 + home/gammastep.nix | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 home/gammastep.nix diff --git a/home/default.nix b/home/default.nix index a7609ef..570a0c2 100644 --- a/home/default.nix +++ b/home/default.nix @@ -6,6 +6,7 @@ ./documentation.nix ./firefox ./flameshot.nix + ./gammastep.nix ./git ./gpg.nix ./htop.nix diff --git a/home/gammastep.nix b/home/gammastep.nix new file mode 100644 index 0000000..b96f028 --- /dev/null +++ b/home/gammastep.nix @@ -0,0 +1,42 @@ +{ config, lib, ... }: +let + cfg = config.my.home.gammastep; + + mkTempOption = with lib; description: default: mkOption { + inherit description default; + type = types.int; + example = 1000; + }; + + mkTimeOption = with lib; description: default: mkOption { + inherit description default; + type = types.str; + example = "12:00-14:00"; + }; +in +{ + options.my.home.gammastep = with lib; { + enable = mkEnableOption "gammastep configuration"; + + temperature = { + day = mkTempOption "Colour temperature to use during the day" 6500; + night = mkTempOption "Colour temperature to use during the night" 2500; + }; + + times = { + dawn = mkTimeOption "Dawn time" "6:00-7:30"; + dusk = mkTimeOption "Dawn time" "18:30-20:00"; + }; + }; + + config.services.gammastep = lib.mkIf cfg.enable { + enable = true; + + dawnTime = cfg.times.dawn; + duskTime = cfg.times.dusk; + + temperature = { + inherit (cfg.temperature) day night; + }; + }; +} From 3ec448bf03210fd1b9ad51dbcef80da1e23df69e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 15:59:09 +0000 Subject: [PATCH 030/654] machines: aramis: home: enable gammastep --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 2bda0d6..2f72a5c 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -3,6 +3,8 @@ my.home = { # Firefo profile and extensions firefox.enable = true; + # Blue light filter + gammastep.enable = true; # Termite terminal terminal.program = "termite"; # i3 settings From b32fec2c63d565f9892a540138c9abda199ab8ad Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 15:58:15 +0000 Subject: [PATCH 031/654] home: wm: i3bar: add gammastep block if enabled --- home/wm/i3bar.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 80cc252..9d7a4f9 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -14,7 +14,7 @@ in bars = { top = { - blocks = [ + blocks = builtins.filter (attr: attr != { }) [ { block = "music"; buttons = [ "prev" "play" "next" ]; @@ -29,6 +29,12 @@ in block = "net"; format = "{ssid} {ip} {signal_strength}"; } + (lib.optionalAttrs (config.my.home.gammastep.enable) { + block = "hueshift"; + hue_shifter = "gammastep"; + step = 100; + click_temp = config.my.home.gammastep.temperature.day; + }) { block = "battery"; format = "{percentage}% ({time})"; From 046391e26e26e8eb2a72425acbf3086de83dae9d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 20:38:25 +0000 Subject: [PATCH 032/654] home: wm: i3bar: hide music block when not playing --- home/wm/i3bar.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 9d7a4f9..186a863 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -18,6 +18,7 @@ in { block = "music"; buttons = [ "prev" "play" "next" ]; + hide_when_empty = true; } { block = "cpu"; From c1759646300ad50022f862542e1f01893435d2e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 20:52:16 +0000 Subject: [PATCH 033/654] modules: users: add myself to 'video' and 'audio' --- modules/users.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/users.nix b/modules/users.nix index 1ace265..fbc3880 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -19,8 +19,10 @@ in isNormalUser = true; shell = pkgs.zsh; extraGroups = groupsIfExist [ + "audio" # sound control "media" # access to media files "plugdev" # usage of ZSA keyboard tools + "video" # screen control "wheel" # `sudo` for the user. ]; openssh.authorizedKeys.keys = with builtins; let From 971ee359ce4859e3043271f8a3a1654c01d738e0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 21:27:20 +0000 Subject: [PATCH 034/654] home: wm: use explicit 'enable' options This is so that I can explicitly enable them if I were to use Wayland and Sway, given that they should be compatible with both environment. This also means that putting them in `/home/x/` would a misnomer... Will revisit this if and when I try out Wayland and sway... --- home/wm/default.nix | 19 ++++++++++++++++++- home/wm/i3bar.nix | 4 ++-- home/wm/rofi.nix | 4 ++-- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index 55669eb..2421a50 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -1,4 +1,13 @@ -{ lib, ... }: +{ config, lib, ... }: +let + mkRelatedOption = description: relatedWMs: + let + isActivatedWm = wm: config.my.home.wm.windowManager == wm; + in + (lib.mkEnableOption description) // { + default = builtins.any isActivatedWm relatedWMs; + }; +in { imports = [ ./i3.nix @@ -13,5 +22,13 @@ example = "i3"; description = "Which window manager to use for home session"; }; + + i3bar = { + enable = mkRelatedOption "i3bar configuration" [ "i3" ]; + }; + + rofi = { + enable = mkRelatedOption "rofi menu" [ "i3" ]; + }; }; } diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 186a863..b1358b9 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: let - isEnabled = config.my.home.wm.windowManager == "i3"; + cfg = config.my.home.wm.i3bar; in { - config = lib.mkIf isEnabled { + config = lib.mkIf cfg.enable { home.packages = with pkgs; [ alsaUtils # Used by `sound` block lm_sensors # Used by `temperature` block diff --git a/home/wm/rofi.nix b/home/wm/rofi.nix index b2fb32f..87f167a 100644 --- a/home/wm/rofi.nix +++ b/home/wm/rofi.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: let - isEnabled = config.my.home.wm.windowManager == "i3"; + cfg = config.my.home.wm.rofi; in { - config = lib.mkIf isEnabled { + config = lib.mkIf cfg.enable { programs.rofi = { enable = true; From 6bad81a644a491f4aaa142be06df9529a4df0b10 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 15:52:41 +0000 Subject: [PATCH 035/654] home: wm: add dunst --- home/wm/default.nix | 5 +++++ home/wm/dunst.nix | 11 +++++++++++ 2 files changed, 16 insertions(+) create mode 100644 home/wm/dunst.nix diff --git a/home/wm/default.nix b/home/wm/default.nix index 2421a50..5a50331 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -10,6 +10,7 @@ let in { imports = [ + ./dunst.nix ./i3.nix ./i3bar.nix ./rofi.nix @@ -23,6 +24,10 @@ in description = "Which window manager to use for home session"; }; + dunst = { + enable = mkRelatedOption "dunst configuration" [ "i3" ]; + }; + i3bar = { enable = mkRelatedOption "i3bar configuration" [ "i3" ]; }; diff --git a/home/wm/dunst.nix b/home/wm/dunst.nix new file mode 100644 index 0000000..e6c2090 --- /dev/null +++ b/home/wm/dunst.nix @@ -0,0 +1,11 @@ +{ config, lib, ... }: +let + cfg = config.my.home.wm.dunst; +in +{ + config = lib.mkIf cfg.enable { + services.dunst = { + enable = true; + }; + }; +} From 54a20058fb7c10cd60ecffe35439a6920a41c3b3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 28 Apr 2021 16:41:26 +0000 Subject: [PATCH 036/654] home: wm: dunst: add configuration --- home/wm/dunst.nix | 51 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/home/wm/dunst.nix b/home/wm/dunst.nix index e6c2090..334396c 100644 --- a/home/wm/dunst.nix +++ b/home/wm/dunst.nix @@ -6,6 +6,57 @@ in config = lib.mkIf cfg.enable { services.dunst = { enable = true; + + settings = { + global = { + alignment = "center"; # Put message in the middle of the box + browser = "xdg-open"; # use default browser to open links + follow = "keyboard"; # follow keyboard focus + font = "Monospace 8"; # Simple looking font + frame_width = 3; # small frame + geometry = "300x50-15+49"; + markup = "full"; # subset of HTML + padding = 6; # distance between text and bubble border + progress_bar = true; # show a progress bar in notification bubbles + separator_color = "frame"; # use frame color to separate bubbles + sort = true; # sort messages by urgency + }; + + urgency_low = { + background = "#191311"; + foreground = "#3b7c87"; + frame_color = "#3b7c87"; + highlight = "#4998a6"; + timeout = 10; + }; + + urgency_normal = { + background = "#191311"; + foreground = "#5b8234"; + frame_color = "#5b8234"; + highlight = "#73a542"; + timeout = 10; + }; + + urgency_critical = { + background = "#191311"; + foreground = "#b7472a"; + frame_color = "#b7472a"; + highlight = "#d25637"; + timeout = 0; + }; + + fullscreen_delay_everything = { + # delay notifications by default + fullscreen = "delay"; + }; + + fullscreen_show_critical = { + # show critical notification + fullscreen = "show"; + msg_urgency = "critical"; + }; + }; }; }; } From 9f6c614c9fc773a32e81cbb29b260279c2953871 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 17:20:39 +0000 Subject: [PATCH 037/654] home: wm: add screen-lock --- home/wm/default.nix | 21 ++++++++++++++++++++- home/wm/screen-lock.nix | 15 +++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 home/wm/screen-lock.nix diff --git a/home/wm/default.nix b/home/wm/default.nix index 5a50331..05c0e85 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let mkRelatedOption = description: relatedWMs: let @@ -14,6 +14,7 @@ in ./i3.nix ./i3bar.nix ./rofi.nix + ./screen-lock.nix ]; options.my.home.wm = with lib; { @@ -35,5 +36,23 @@ in rofi = { enable = mkRelatedOption "rofi menu" [ "i3" ]; }; + + screen-lock = { + enable = mkRelatedOption "automatic X screen locker" [ "i3" ]; + + command = mkOption { + type = types.str; + default = "${pkgs.i3lock}/bin/i3lock -n -c 000000"; + example = "\${pkgs.i3lock}/bin/i3lock -n -i lock.png"; + description = "Locker command to run"; + }; + + timeout = mkOption { + type = types.ints.between 1 60; + default = 5; + example = 1; + description = "Inactive time interval to lock the screen automatically"; + }; + }; }; } diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock.nix new file mode 100644 index 0000000..eca5895 --- /dev/null +++ b/home/wm/screen-lock.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +let + cfg = config.my.home.wm.screen-lock; +in +{ + config = lib.mkIf cfg.enable { + services.screen-locker = { + enable = true; + + inactiveInterval = cfg.timeout; + + lockCmd = cfg.command; + }; + }; +} From cdc29efafcce0fa1b843a3e83eba357dd6d0ac35 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 17:54:26 +0000 Subject: [PATCH 038/654] home: wm: screen-lock: add xautolock options --- home/wm/default.nix | 7 +++++++ home/wm/screen-lock.nix | 17 ++++++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index 05c0e85..b4cece9 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -47,6 +47,13 @@ in description = "Locker command to run"; }; + cornerLock = my.mkDisableOption '' + Move mouse to upper-left corner to lock instantly, lower-right corner to + disable auto-lock. + ''; + + notify = my.mkDisableOption "Notify when about to lock the screen"; + timeout = mkOption { type = types.ints.between 1 60; default = 5; diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock.nix index eca5895..e6eee22 100644 --- a/home/wm/screen-lock.nix +++ b/home/wm/screen-lock.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.wm.screen-lock; in @@ -10,6 +10,21 @@ in inactiveInterval = cfg.timeout; lockCmd = cfg.command; + + xautolockExtraOptions = lib.optionals cfg.cornerLock [ + # Mouse corners: instant lock on upper-left, never lock on lower-right + "-cornerdelay" + "5" + "-cornerredelay" + "5" + "-corners" + "+00-" + ] ++ lib.optionals cfg.notify [ + "-notify" + "5" + "-notifier" + ''"${pkgs.libnotify}/bin/notify-send -u critical -t 5000 -- 'Locking in 5 seconds'"'' + ]; }; }; } From 185781a4e2b1357e9def17a097a11a9a7ac0a5b5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 18:27:38 +0000 Subject: [PATCH 039/654] home: wm: i3: add binding to toggle xautolock --- home/wm/i3.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index f81d881..7c29c8b 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -218,6 +218,25 @@ in "${modifier}+Shift+space" = "mode floating"; "${modifier}+0" = ''mode "${shutdownMode}"''; } + (lib.optionalAttrs config.my.home.wm.screen-lock.enable { + "${modifier}+x" = + let + systemctlUser = "${pkgs.systemd}/bin/systemctl --user"; + notify = "${pkgs.libnotify}/bin/notify-send -u low " + + "-h string:x-canonical-private-synchronous:xautolock-toggle"; + toggleXautolock = pkgs.writeScript "toggle-xautolock" '' + #!/bin/sh + if ${systemctlUser} is-active xautolock-session.service; then + ${systemctlUser} stop --user xautolock-session.service + ${notify} "Disabled Xautolock" + else + ${systemctlUser} start xautolock-session.service + ${notify} "Enabled Xautolock" + fi + ''; + in + "exec ${toggleXautolock}"; + }) ]; keycodebindings = From f8d6447ac4487a723fb67407d6cba222dfcc586d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 18:59:52 +0000 Subject: [PATCH 040/654] home: wm: i3: add dunst bindings --- home/wm/i3.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 7c29c8b..38a5f9e 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -237,6 +237,16 @@ in in "exec ${toggleXautolock}"; }) + ( + let + execDunstctl = "exec ${pkgs.dunst}/bin/dunstctl"; + in + lib.optionalAttrs config.my.home.wm.dunst.enable { + "${modifier}+minus" = "${execDunstctl} close"; + "${modifier}+Shift+minus" = "${execDunstctl} close-all"; + "${modifier}+equal" = "${execDunstctl} history-pop"; + } + ) ]; keycodebindings = From 9dbfb65c273f862ee0fcc1d332c1ac28e244738b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 6 Apr 2021 19:17:09 +0000 Subject: [PATCH 041/654] home: wm: i3: add display bindings --- home/wm/i3.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 38a5f9e..01ededd 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -212,6 +212,33 @@ in "XF86AudioNext" = "exec playerctl next"; "XF86AudioPrev" = "exec playerctl previous"; } + ( + let + xbacklight = "${pkgs.xorg.xbacklight}/bin/xbacklight"; + changeBacklight = pkgs.writeScript "change-backlight" '' + #!/bin/sh + if [ "$1" = "up" ]; then + upDown=-inc + else + upDown=-dec + fi + + ${xbacklight} "$upDown" "$2" + newBrightness="$(printf '$.0f' "$(${xbacklight} -get)")" + ${pkgs.libnotify}/bin/notify-send -u low \ + -h string:x-canonical-private-synchronous:change-backlight \ + -h "int:value:$newBrightness" \ + -- "Set brightness to $newBrightness" + ''; + in + { + "XF86Display" = "arandr"; + "XF86MonBrightnessUp" = "${changeBacklight} up 10"; + "XF86MonBrightnessDown" = "${changeBacklight} down 10"; + "Control+XF86MonBrightnessUp" = "${changeBacklight} up 1"; + "Control+XF86MonBrightnessDown" = "${changeBacklight} down 1"; + } + ) { # Sub-modes "${modifier}+r" = "mode resize"; From 75e3d9bf70437b2581c7d7df802182bda1cd5baa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Apr 2021 17:55:26 +0000 Subject: [PATCH 042/654] project: bootstrap: unlock BW when logged in --- bootstrap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bootstrap.sh b/bootstrap.sh index a3f9ac9..8f97c5e 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -78,7 +78,7 @@ get_pgp() { } get_creds() { - BW_SESSION="$(bw login --raw)" + BW_SESSION="$(bw login --raw || bw unlock --raw)" export BW_SESSION get_ssh From 6612d0226a8e3fc9516bdd5bac9a653201c64628 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Apr 2021 20:05:15 +0000 Subject: [PATCH 043/654] modules: packages: prefer user compinit to global This should make the shell startup faster. --- modules/packages.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/packages.nix b/modules/packages.nix index 9eb50f6..4560ab1 100644 --- a/modules/packages.nix +++ b/modules/packages.nix @@ -1,5 +1,5 @@ # Common packages -{ pkgs, ... }: +{ config, pkgs, ... }: { # List packages installed in system profile. To search, run: @@ -13,7 +13,11 @@ ]; programs.vim.defaultEditor = true; # Modal editing is life - programs.zsh.enable = true; # Use integrations + programs.zsh = { + enable = true; # Use integrations + # Disable global compinit when a user config exists + enableGlobalCompInit = !config.my.home.zsh.enable; + }; nixpkgs.config.allowUnfree = true; # Because I don't care *that* much. } From 5a3216095408f5bd2af60a2f7935522b61419bfd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Apr 2021 17:40:11 +0000 Subject: [PATCH 044/654] home: gpg: make pinentry configurable --- home/gpg.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/home/gpg.nix b/home/gpg.nix index 548f90b..d48c200 100644 --- a/home/gpg.nix +++ b/home/gpg.nix @@ -3,8 +3,15 @@ let cfg = config.my.home.gpg; in { - options.my.home.gpg = with lib.my; { - enable = mkDisableOption "gpg configuration"; + options.my.home.gpg = with lib; { + enable = my.mkDisableOption "gpg configuration"; + + pinentry = mkOption { + type = types.str; + default = "tty"; + example = "gtk2"; + description = "Which pinentry interface to use"; + }; }; config = lib.mkIf cfg.enable { @@ -15,7 +22,7 @@ in services.gpg-agent = { enable = true; enableSshSupport = true; # One agent to rule them all - pinentryFlavor = "tty"; + pinentryFlavor = cfg.pinentry; extraConfig = '' allow-loopback-pinentry ''; From 8dc89846b2d5d084d14a0273a037b4afb6cff6f9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Apr 2021 17:42:31 +0000 Subject: [PATCH 045/654] machines: aramis: home: use GTK pinentry I do have a graphical session, I can afford to be "fancy" --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 2f72a5c..c46b3fc 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -5,6 +5,8 @@ firefox.enable = true; # Blue light filter gammastep.enable = true; + # Use a small popup to enter passwords + gpg.pinentry = "gtk2"; # Termite terminal terminal.program = "termite"; # i3 settings From 8231e8feaab247c29a2b90f7c09a327dffb9c2c4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 9 Apr 2021 11:28:16 +0000 Subject: [PATCH 046/654] home: wm: i3: use keycode for shutdown mapping The motivation for using keycodes for all those mappings is to allow switch to an actual french keyboard layout it still be able to move through workspaces etc... --- home/wm/i3.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 01ededd..87e5ec8 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -243,7 +243,6 @@ in # Sub-modes "${modifier}+r" = "mode resize"; "${modifier}+Shift+space" = "mode floating"; - "${modifier}+0" = ''mode "${shutdownMode}"''; } (lib.optionalAttrs config.my.home.wm.screen-lock.enable { "${modifier}+x" = @@ -292,6 +291,9 @@ in builtins.foldl' (lhs: rhs: lhs // rhs) { } [ (createWorkspaceBindings modifier "workspace number") (createWorkspaceBindings "${modifier}+Shift" "move container to workspace number") + { + "${modifier}+${toString (toKeycode 0)}" = ''mode "${shutdownMode}"''; + } ]; modes = From 9973e0d32f199530e473334f55d4abc72283a2a1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Apr 2021 11:57:08 +0000 Subject: [PATCH 047/654] home: firefox: add form-history-control extension --- home/firefox/firefox.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/firefox.nix b/home/firefox/firefox.nix index a1db93a..68a8337 100644 --- a/home/firefox/firefox.nix +++ b/home/firefox/firefox.nix @@ -37,6 +37,7 @@ in extensions = with pkgs.nur.repos.rycee.firefox-addons; [ bitwarden + form-history-control https-everywhere i-dont-care-about-cookies reddit-enhancement-suite From 05e0cd4e1feae48c96f75beb6b4d50b64300dd07 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 18 Apr 2021 00:19:26 +0000 Subject: [PATCH 048/654] modules: users: reformat --- modules/users.nix | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/modules/users.nix b/modules/users.nix index fbc3880..6fa4e6d 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -25,13 +25,14 @@ in "video" # screen control "wheel" # `sudo` for the user. ]; - openssh.authorizedKeys.keys = with builtins; let - keyDir = ./ssh; - contents = readDir keyDir; - names = attrNames contents; - files = filter (name: contents.${name} == "regular") names; - keys = map (basename: readFile (keyDir + "/${basename}")) files; - in - keys; + openssh.authorizedKeys.keys = with builtins; + let + keyDir = ./ssh; + contents = readDir keyDir; + names = attrNames contents; + files = filter (name: contents.${name} == "regular") names; + keys = map (basename: readFile (keyDir + "/${basename}")) files; + in + keys; }; } From 1b9b59866265fd1e07d52ef365653ab67743a27a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 19 Apr 2021 16:17:57 +0000 Subject: [PATCH 049/654] home: wm: screen-lock: add corner delay setting --- home/wm/default.nix | 17 +++++++++++++---- home/wm/screen-lock.nix | 6 +++--- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index b4cece9..f4f0ad2 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -47,10 +47,19 @@ in description = "Locker command to run"; }; - cornerLock = my.mkDisableOption '' - Move mouse to upper-left corner to lock instantly, lower-right corner to - disable auto-lock. - ''; + cornerLock = { + enable = my.mkDisableOption '' + Move mouse to upper-left corner to lock instantly, lower-right corner to + disable auto-lock. + ''; + + delay = mkOption { + type = types.int; + default = 5; + example = 15; + description = "How many seconds before locking this way"; + }; + }; notify = my.mkDisableOption "Notify when about to lock the screen"; diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock.nix index e6eee22..1632be7 100644 --- a/home/wm/screen-lock.nix +++ b/home/wm/screen-lock.nix @@ -11,12 +11,12 @@ in lockCmd = cfg.command; - xautolockExtraOptions = lib.optionals cfg.cornerLock [ + xautolockExtraOptions = lib.optionals cfg.cornerLock.enable [ # Mouse corners: instant lock on upper-left, never lock on lower-right "-cornerdelay" - "5" + "${toString cfg.cornerLock.delay}" "-cornerredelay" - "5" + "${toString cfg.cornerLock.delay}" "-corners" "+00-" ] ++ lib.optionals cfg.notify [ From f5fcd2a7a6822f5a3dbf2ed2bfad98da5c5dae28 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 19 Apr 2021 16:44:28 +0000 Subject: [PATCH 050/654] home: wm: screen-lock: add 'notify.delay' setting --- home/wm/default.nix | 21 ++++++++++++++++++++- home/wm/screen-lock.nix | 14 +++++++++++--- 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index f4f0ad2..508fe76 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -61,7 +61,26 @@ in }; }; - notify = my.mkDisableOption "Notify when about to lock the screen"; + notify = { + enable = my.mkDisableOption "Notify when about to lock the screen"; + + delay = mkOption { + type = with types; + addCheck int (x: + let + cfg = config.my.home.wm.screen-lock.notify; + cornerCfg = config.my.home.wm.screen-lock.cornerLock; + in + (cfg.enable && cornerCfg.enable) -> cornerCfg.delay >= x); + default = 5; + example = 15; + description = '' + How many seconds in advance should there be a notification. + This value must be at lesser than or equal to `cornerLock.delay` + when both options are enabled. + ''; + }; + }; timeout = mkOption { type = types.ints.between 1 60; diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock.nix index 1632be7..720e73a 100644 --- a/home/wm/screen-lock.nix +++ b/home/wm/screen-lock.nix @@ -1,6 +1,14 @@ { config, lib, pkgs, ... }: let cfg = config.my.home.wm.screen-lock; + + notficationCmd = + let + duration = toString (cfg.notify.delay * 1000); + notifyCmd = "${pkgs.libnotify}/bin/notify-send -u critical -t ${duration}"; + in + # Needs to be surrounded by quotes for systemd to launch it correctly + ''"${notifyCmd} -- 'Locking in ${toString cfg.notify.delay} seconds'"''; in { config = lib.mkIf cfg.enable { @@ -19,11 +27,11 @@ in "${toString cfg.cornerLock.delay}" "-corners" "+00-" - ] ++ lib.optionals cfg.notify [ + ] ++ lib.optionals cfg.notify.enable [ "-notify" - "5" + "${toString cfg.notify.delay}" "-notifier" - ''"${pkgs.libnotify}/bin/notify-send -u critical -t 5000 -- 'Locking in 5 seconds'"'' + notficationCmd ]; }; }; From 98a8e068ea169fd1e0470b636fd5bea6b15ddac8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 23 Apr 2021 18:31:10 +0000 Subject: [PATCH 051/654] machines: aramis: services: enable wireguard --- machines/aramis/default.nix | 1 + machines/aramis/services.nix | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 machines/aramis/services.nix diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 6eaadeb..59f373f 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -10,6 +10,7 @@ ./hardware.nix ./home.nix ./networking.nix + ./services.nix ./sound.nix ]; diff --git a/machines/aramis/services.nix b/machines/aramis/services.nix new file mode 100644 index 0000000..30dc47d --- /dev/null +++ b/machines/aramis/services.nix @@ -0,0 +1,8 @@ +{ lib, ... }: +{ + config.my.services = { + wireguard = { + enable = true; + }; + }; +} From e329e7a59a90250bcd7529e00bfc3bdcc5bf9e11 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 7 Apr 2021 17:15:03 +0000 Subject: [PATCH 052/654] home: zsh: enable VTE integration when appropriate --- home/zsh/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index b7b9e8e..4657c4e 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -65,6 +65,12 @@ in # Sometime `gpg-agent` errors out... reset-agent = "gpg-connect-agent updatestartuptty /bye"; }; + + # Enable VTE integration when using one of the affected shells + enableVteIntegration = + builtins.any (name: config.my.home.terminal.program == name) [ + "termite" + ]; }; # Fuzzy-wuzzy From 676cd03c9c3935e1d99bdb63bf84554e2fd3de40 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 3 May 2021 20:23:22 +0200 Subject: [PATCH 053/654] home: wm: i3bar: show temperature block by default --- home/wm/i3bar.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index b1358b9..7e3625c 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -43,6 +43,7 @@ in } { block = "temperature"; + collapsed = false; } { block = "sound"; From 8788deac5eeb873d2a8443768af9a671f980a22f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 3 May 2021 20:41:03 +0200 Subject: [PATCH 054/654] home: wm: i3bar: extend width of music block --- home/wm/i3bar.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 7e3625c..b763b86 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -18,6 +18,7 @@ in { block = "music"; buttons = [ "prev" "play" "next" ]; + max_width = 50; hide_when_empty = true; } { From f89e1ba3e9a54b90117f84ced5d81c1ec55f3b4a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:35:30 +0200 Subject: [PATCH 055/654] home: wm: i3: fix audio media keys --- home/wm/i3.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 87e5ec8..5039f28 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -202,11 +202,11 @@ in ) { # Media keys - "XF86AudioRaiseVolume" = "exec amixer -q -D pulse sset Master 5%+"; - "XF86AudioLowerVolume" = "exec amixer -q -D pulse sset Master 5%-"; - "Control+XF86AudioRaiseVolume" = "exec amixer -q -D pulse sset Master 1%+"; - "Control+XF86AudioLowerVolume" = "exec amixer -q -D pulse sset Master 1%-"; - "XF86AudioMute" = "exec amixer -q -D pulse sset Master toggle"; + "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "Control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%"; + "Control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%"; + "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; "XF86AudioPlay" = "exec playerctl play-pause"; "XF86AudioNext" = "exec playerctl next"; From 036d59ec112fd6f1e37cbe6fce3803fbfd3d8f58 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:36:16 +0200 Subject: [PATCH 056/654] home: wm: i3: add mic mute media key --- home/wm/i3.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 5039f28..b4994e8 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -207,6 +207,7 @@ in "Control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%"; "Control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%"; "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle"; "XF86AudioPlay" = "exec playerctl play-pause"; "XF86AudioNext" = "exec playerctl next"; From b55466b79182de07c3ff9fb749d40534967f0d0c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 22:44:16 +0200 Subject: [PATCH 057/654] home: gammastep: change default night temperature I want the colour to be warmer, and blues even more attenuated. --- home/gammastep.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/gammastep.nix b/home/gammastep.nix index b96f028..343f130 100644 --- a/home/gammastep.nix +++ b/home/gammastep.nix @@ -20,7 +20,7 @@ in temperature = { day = mkTempOption "Colour temperature to use during the day" 6500; - night = mkTempOption "Colour temperature to use during the night" 2500; + night = mkTempOption "Colour temperature to use during the night" 2000; }; times = { From 3402b92784e339c54a958728ff7e6c5cf496b95a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 22:44:29 +0200 Subject: [PATCH 058/654] home: gammastep: show tray icon --- home/gammastep.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/gammastep.nix b/home/gammastep.nix index 343f130..24c595c 100644 --- a/home/gammastep.nix +++ b/home/gammastep.nix @@ -32,6 +32,8 @@ in config.services.gammastep = lib.mkIf cfg.enable { enable = true; + tray = true; + dawnTime = cfg.times.dawn; duskTime = cfg.times.dusk; From d388a379d462a46d8c48fd0523d63c65e76f65f5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:04:53 +0200 Subject: [PATCH 059/654] machine: aramis: networking: use networkmanager I consider WiFi configurations to be ephemeral --- machines/aramis/networking.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix index 752fc8c..3e0cb28 100644 --- a/machines/aramis/networking.nix +++ b/machines/aramis/networking.nix @@ -3,7 +3,8 @@ networking = { hostName = "aramis"; domain = "nodomain.local"; # FIXME: gotta fix domain handling - wireless.enable = true; + + networkmanager.enable = true; # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config From b61aca7def6ccb0dec0e6c0be8acca6bac08fd2b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:09:49 +0200 Subject: [PATCH 060/654] modules: users: add myself to 'networkmanager' --- modules/users.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/users.nix b/modules/users.nix index 6fa4e6d..3bc1c37 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -21,6 +21,7 @@ in extraGroups = groupsIfExist [ "audio" # sound control "media" # access to media files + "networkmanager" # wireless configuration "plugdev" # usage of ZSA keyboard tools "video" # screen control "wheel" # `sudo` for the user. From b1e8664e32f446eb9d02e6f46ec14dda5a4b2e65 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:21:10 +0200 Subject: [PATCH 061/654] home: add nm-applet --- home/default.nix | 1 + home/nm-applet.nix | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/nm-applet.nix diff --git a/home/default.nix b/home/default.nix index 570a0c2..91a6e51 100644 --- a/home/default.nix +++ b/home/default.nix @@ -11,6 +11,7 @@ ./gpg.nix ./htop.nix ./jq.nix + ./nm-applet.nix ./packages.nix ./pager.nix ./secrets # Home-manager specific secrets diff --git a/home/nm-applet.nix b/home/nm-applet.nix new file mode 100644 index 0000000..b8637f7 --- /dev/null +++ b/home/nm-applet.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: +let + cfg = config.my.home.nm-applet; +in +{ + options.my.home.nm-applet = with lib; { + enable = mkEnableOption "network-manager-applet configuration"; + }; + + config.services.network-manager-applet = lib.mkIf cfg.enable { + enable = true; + }; +} From f2b9040175ebf150bfac6f54d20b3d4e7379b9ea Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:21:34 +0200 Subject: [PATCH 062/654] machines: aramis: home: enable nm-applet --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index c46b3fc..3520fc0 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -7,6 +7,8 @@ gammastep.enable = true; # Use a small popup to enter passwords gpg.pinentry = "gtk2"; + # Network-Manager applet + nm-applet.enable = true; # Termite terminal terminal.program = "termite"; # i3 settings From a03db294fea7b3093d3c161382fee27b7f5a16e5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:16:47 +0200 Subject: [PATCH 063/654] machines: aramis: install: exit on error --- machines/aramis/install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/install.sh b/machines/aramis/install.sh index 537ef9e..b03a6df 100755 --- a/machines/aramis/install.sh +++ b/machines/aramis/install.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -eu + if [ "$(id -u)" -ne 0 ]; then echo "This script must be run as root" >&2 exit 1 From 376e60d71e22ac23374ddf52757097420978527a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:27:07 +0200 Subject: [PATCH 064/654] modules: networking: add 'wireless' option --- modules/networking.nix | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/modules/networking.nix b/modules/networking.nix index 28ba108..99e1ef3 100644 --- a/modules/networking.nix +++ b/modules/networking.nix @@ -1,13 +1,27 @@ -{ lib, ... }: - +{ config, lib, ... }: +let + cfg = config.my.networking; +in { - options.my.networking.externalInterface = with lib; mkOption { - type = types.nullOr types.str; - default = null; - example = "eth0"; - description = '' - Name of the network interface that egresses to the internet. Used for - e.g. NATing internal networks. - ''; + options.my.networking = with lib; { + externalInterface = mkOption { + type = types.nullOr types.str; + default = null; + example = "eth0"; + description = '' + Name of the network interface that egresses to the internet. Used for + e.g. NATing internal networks. + ''; + }; + + wireless = { + enable = mkEnableOption "wireless configuration"; + }; }; + + config = lib.mkMerge [ + (lib.mkIf cfg.wireless.enable { + networking.networkmanager.enable = true; + }) + ]; } From 1022601602592b700564a17d55ce2e544258f485 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:27:21 +0200 Subject: [PATCH 065/654] machines: aramis: networking: use wireless option --- machines/aramis/networking.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix index 3e0cb28..929b44d 100644 --- a/machines/aramis/networking.nix +++ b/machines/aramis/networking.nix @@ -4,8 +4,6 @@ hostName = "aramis"; domain = "nodomain.local"; # FIXME: gotta fix domain handling - networkmanager.enable = true; - # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. @@ -19,4 +17,7 @@ # Which interface is used to connect to the internet my.networking.externalInterface = "enp0s3"; + + # Enable WiFi integration + my.networking.wireless.enable = true; } From b115d94cd64d57a0d944366a4cfe2226f6f925e7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:47:04 +0200 Subject: [PATCH 066/654] modules: add bluetooth --- modules/bluetooth.nix | 38 ++++++++++++++++++++++++++++++++++++++ modules/default.nix | 1 + 2 files changed, 39 insertions(+) create mode 100644 modules/bluetooth.nix diff --git a/modules/bluetooth.nix b/modules/bluetooth.nix new file mode 100644 index 0000000..811dd94 --- /dev/null +++ b/modules/bluetooth.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.modules.bluetooth; +in +{ + options.my.modules.bluetooth = with lib; { + enable = mkEnableOption "wireless configuration"; + + enableHeadsetIntegration = my.mkDisableOption "A2DP sink configuration"; + + loadExtraCodecs = my.mkDisableOption "extra audio codecs"; + }; + + config = lib.mkIf cfg.enable (lib.mkMerge [ + # Enable bluetooth devices and GUI to connect to them + { + hardware.bluetooth.enable = true; + services.blueman.enable = true; + } + + # Support for additional bluetooth codecs + (lib.mkIf cfg.loadExtraCodecs { + hardware.pulseaudio = { + extraModules = [ pkgs.pulseaudio-modules-bt ]; + package = pkgs.pulseaudioFull; + }; + }) + + # Support for A2DP audio profile + (lib.mkIf cfg.enableHeadsetIntegration { + hardware.bluetooth.settings = { + General = { + Enable = "Source,Sink,Media,Socket"; + }; + }; + }) + ]); +} diff --git a/modules/default.nix b/modules/default.nix index f20351f..c25a426 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -3,6 +3,7 @@ { imports = [ + ./bluetooth.nix ./documentation.nix ./ergodox.nix ./home.nix From 2b8d01f0561f639ca09b10f9f0d49ba85c7a4565 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:47:34 +0200 Subject: [PATCH 067/654] machines: aramis: enable bluetooth --- machines/aramis/bluetooth.nix | 5 +++++ machines/aramis/default.nix | 1 + 2 files changed, 6 insertions(+) create mode 100644 machines/aramis/bluetooth.nix diff --git a/machines/aramis/bluetooth.nix b/machines/aramis/bluetooth.nix new file mode 100644 index 0000000..0255a72 --- /dev/null +++ b/machines/aramis/bluetooth.nix @@ -0,0 +1,5 @@ +{ ... }: +{ + # Bluetooth integration + my.modules.bluetooth.enable = true; +} diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 59f373f..221da9e 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -6,6 +6,7 @@ { imports = [ + ./bluetooth.nix ./boot.nix ./hardware.nix ./home.nix From 79525013b018ba76ff18bdcdb659a233c0a30014 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:15:13 +0200 Subject: [PATCH 068/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index f80cf84..9e21b7a 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1619558193, - "narHash": "sha256-DljP5/9EX0eXEPhzCUFqFEHkkcFuXJBx1PTgcv0OgyM=", + "lastModified": 1620138697, + "narHash": "sha256-8Mgj+Fj4zGEI7oA9wbyqvdwq+46kAyd3barMIedWkho=", "owner": "nix-community", "repo": "home-manager", - "rev": "18ad12d52b8cebbb57013865eec2be5125de050a", + "rev": "64c5228c0828fff0c94c1d42f7225115c299ae08", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1619464443, - "narHash": "sha256-R7WAb8EnkIJxxaF6GTHUPytjonhB4Zm0iatyWoW169A=", + "lastModified": 1620074890, + "narHash": "sha256-4Z8Zwpg0gPvqKbSsck1g9ql4E5NClGZdjyxbYoaXA4s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8e4fe32876ca15e3d5eb3ecd3ca0b224417f5f17", + "rev": "7cb76200088f45cd24a9aa67fd2f9657943d78a4", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1619628114, - "narHash": "sha256-s3pQyvMfXVmbQOX224yOWQf6zi8406sShFF4u17LVQ0=", + "lastModified": 1620140064, + "narHash": "sha256-WiQxLQEyYkmeHv/oB89LfyIjLqNWvI+7ZWBX0Ygb9pM=", "owner": "nix-community", "repo": "NUR", - "rev": "0615e756dc14986c4968fa478c0bd080d621cb2b", + "rev": "ac217b9a764d5352db9ccfb5cc39bdd3ff74d4ec", "type": "github" }, "original": { From f4cc68a650ec7372fa91b162146af6138f539f70 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:15:49 +0200 Subject: [PATCH 069/654] home: wm: i3: use new 'fonts' option type --- home/wm/i3.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index b4994e8..9446e99 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -105,9 +105,10 @@ in mouseWarping = true; # Let's moving around when switching screens }; - fonts = [ - "DejaVu Sans Mono 8" - ]; + fonts = { + names = [ "DejaVu Sans Mono" ]; + size = 8.0; + }; # I don't care for i3's default values, I specify them all explicitly keybindings = builtins.foldl' (lhs: rhs: lhs // rhs) { } [ From 8837c7c33c6b7b200e9fe429510e8ea509abb0e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 4 May 2021 19:16:18 +0200 Subject: [PATCH 070/654] home: wm: i3bar: use FontAwesome5 for icons --- home/wm/i3.nix | 5 +++++ home/wm/i3bar.nix | 3 +++ 2 files changed, 8 insertions(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 9446e99..9fe9316 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -84,6 +84,11 @@ in text = "#fdf6e3"; }; }; + + fonts = { + names = [ "DejaVu Sans Mono" "FontAwesome5Free" ]; + size = 8.0; + }; } ]; diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index b763b86..5cc1356 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -7,6 +7,7 @@ in home.packages = with pkgs; [ alsaUtils # Used by `sound` block lm_sensors # Used by `temperature` block + font-awesome # Icon font ]; programs.i3status-rust = { @@ -14,6 +15,8 @@ in bars = { top = { + icons = "awesome5"; + blocks = builtins.filter (attr: attr != { }) [ { block = "music"; From b4d002033a46d6d0352b3a6026c8787ecef448c6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:54:27 +0200 Subject: [PATCH 071/654] home: add bluetooth --- home/bluetooth.nix | 19 +++++++++++++++++++ home/default.nix | 1 + 2 files changed, 20 insertions(+) create mode 100644 home/bluetooth.nix diff --git a/home/bluetooth.nix b/home/bluetooth.nix new file mode 100644 index 0000000..2a4f613 --- /dev/null +++ b/home/bluetooth.nix @@ -0,0 +1,19 @@ +{ config, lib, ... }: +let + cfg = config.my.home.bluetooth; +in +{ + options.my.home.bluetooth = with lib; { + enable = mkEnableOption "bluetooth configuration"; + }; + + config = lib.mkIf cfg.enable { + services.blueman-applet = { + enable = true; + }; + + services.mpris-proxy = { + enable = true; + }; + }; +} diff --git a/home/default.nix b/home/default.nix index 91a6e51..7c5e807 100644 --- a/home/default.nix +++ b/home/default.nix @@ -2,6 +2,7 @@ { imports = [ ./bat.nix + ./bluetooth.nix ./direnv.nix ./documentation.nix ./firefox From ef0f4bdca557c7b9cf7cd819dbf3f7726f2def26 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 May 2021 12:54:40 +0200 Subject: [PATCH 072/654] machines: aramis: home: enable bluetooth --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 3520fc0..880ed35 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,6 +1,8 @@ { ... }: { my.home = { + # Bluetooth GUI & media keys + bluetooth.enable = true; # Firefo profile and extensions firefox.enable = true; # Blue light filter From ad1d907c25f9955c44d1335761a0a0a877d358fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 6 May 2021 12:38:42 +0200 Subject: [PATCH 073/654] home: x: add cursor I would like to check out alternative themes. Notably Quintom [1], Volantes [2], and Vimix [3]. [1]: https://gitlab.com/Burning_Cube/quintom-cursor-theme [2]: https://github.com/varlesh/volantes-cursors [3]: https://github.com/vinceliuice/Vimix-cursors --- home/x/cursor.nix | 12 ++++++++++++ home/x/default.nix | 1 + 2 files changed, 13 insertions(+) create mode 100644 home/x/cursor.nix diff --git a/home/x/cursor.nix b/home/x/cursor.nix new file mode 100644 index 0000000..4bbff0c --- /dev/null +++ b/home/x/cursor.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.x; +in +{ + config = lib.mkIf cfg.enable { + xsession.pointerCursor = { + package = pkgs.numix-cursor-theme; + name = "Numix-Cursor"; + }; + }; +} diff --git a/home/x/default.nix b/home/x/default.nix index 086c41b..f021ca0 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -4,6 +4,7 @@ let in { imports = [ + ./cursor.nix ./keyboard.nix ]; From 06f9f423e953dcb64cef8961299d17643ad0d9d6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 17:04:18 +0200 Subject: [PATCH 074/654] modules: documentation: use 'mkDisableOption' The documentation module already gates behind 'documentation.enable' for the other options. --- modules/documentation.nix | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/modules/documentation.nix b/modules/documentation.nix index 5f67197..093c4cd 100644 --- a/modules/documentation.nix +++ b/modules/documentation.nix @@ -1,23 +1,18 @@ { config, lib, ... }: let cfg = config.my.module.documentation; - - # I usually want everything enabled at once, but keep it customizable - defaultToGlobal = description: lib.mkEnableOption description // { - default = cfg.enable; - }; in { options.my.module.documentation = with lib.my; { enable = mkDisableOption "Documentation integration"; - dev.enable = defaultToGlobal "Documentation aimed at developers"; + dev.enable = mkDisableOption "Documentation aimed at developers"; - info.enable = defaultToGlobal "Documentation aimed at developers"; + info.enable = mkDisableOption "Documentation aimed at developers"; - man.enable = defaultToGlobal "Documentation aimed at developers"; + man.enable = mkDisableOption "Documentation aimed at developers"; - nixos.enable = defaultToGlobal "NixOS documentation"; + nixos.enable = mkDisableOption "NixOS documentation"; }; config.documentation = { From 3a07cffa14e1d773faf66a417609943f9e87d806 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 17:12:48 +0200 Subject: [PATCH 075/654] modules: documentation: add linux man pages option I want to be able to read about syscalls or the C library. --- modules/documentation.nix | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/modules/documentation.nix b/modules/documentation.nix index 093c4cd..8948778 100644 --- a/modules/documentation.nix +++ b/modules/documentation.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.module.documentation; in @@ -10,23 +10,31 @@ in info.enable = mkDisableOption "Documentation aimed at developers"; - man.enable = mkDisableOption "Documentation aimed at developers"; + man = { + enable = mkDisableOption "Documentation aimed at developers"; + + linux = mkDisableOption "Linux man pages (section 2 & 3)"; + }; nixos.enable = mkDisableOption "NixOS documentation"; }; - config.documentation = { - enable = cfg.enable; + config = lib.mkIf cfg.enable { + documentation = { + enable = true; - dev.enable = cfg.dev.enable; + dev.enable = cfg.dev.enable; - info.enable = cfg.info.enable; + info.enable = cfg.info.enable; - man = { - enable = cfg.man.enable; - generateCaches = true; + man = { + enable = cfg.man.enable; + generateCaches = true; + }; + + nixos.enable = cfg.nixos.enable; }; - nixos.enable = cfg.nixos.enable; + environment.systemPackages = lib.optional cfg.man.linux pkgs.manpages; }; } From 4225bdd1032966c28daa647128d5b815bc3861b6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 17:32:26 +0200 Subject: [PATCH 076/654] home: packages: add option for additional packages --- home/packages.nix | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/home/packages.nix b/home/packages.nix index b951f9e..7d87fc6 100644 --- a/home/packages.nix +++ b/home/packages.nix @@ -3,11 +3,21 @@ let cfg = config.my.home.packages; in { - options.my.home.packages = with lib.my; { - enable = mkDisableOption "user packages"; + options.my.home.packages = with lib; { + enable = my.mkDisableOption "user packages"; + + additionalPackages = mkOption { + type = with types; listOf package; + default = [ ]; + example = literalExample '' + with pkgs; [ + quasselClient + ] + ''; + }; }; - config.home.packages = with pkgs; lib.mkIf cfg.enable [ + config.home.packages = with pkgs; lib.mkIf cfg.enable ([ # Git related gitAndTools.git-absorb gitAndTools.git-revise @@ -16,5 +26,5 @@ in rr # Terminal prettiness termite.terminfo - ]; + ] ++ cfg.additionalPackages); } From d9734dd5052985b23fb10a83d358f1fcd096bae4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 17:34:22 +0200 Subject: [PATCH 077/654] machines: aramis: add some additional packages --- machines/aramis/home.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 880ed35..b8fd278 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { my.home = { # Bluetooth GUI & media keys @@ -9,6 +9,11 @@ gammastep.enable = true; # Use a small popup to enter passwords gpg.pinentry = "gtk2"; + # Machine specific packages + packages.additionalPackages = with pkgs; [ + pavucontrol # Audio mixer GUI + quasselClient # IRC client + ]; # Network-Manager applet nm-applet.enable = true; # Termite terminal From a0c63f00f9dc7d7d2107195394e972865bfc256d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 18:01:46 +0200 Subject: [PATCH 078/654] home: pager: add colored man page support --- home/pager.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/home/pager.nix b/home/pager.nix index 54ea3c4..74a4c3b 100644 --- a/home/pager.nix +++ b/home/pager.nix @@ -14,5 +14,20 @@ in PAGER = "less"; # Clear the screen on start and exit LESS = "-R -+X -c"; + + # Colored man pages + LESS_TERMCAP_mb = "$(tput bold; tput setaf 2)"; + LESS_TERMCAP_md = "$(tput bold; tput setaf 6)"; + LESS_TERMCAP_me = "$(tput sgr0)"; + LESS_TERMCAP_so = "$(tput bold; tput setaf 3; tput setab 4)"; + LESS_TERMCAP_se = "$(tput rmso; tput sgr0)"; + LESS_TERMCAP_us = "$(tput bold; tput setaf 2)"; + LESS_TERMCAP_ue = "$(tput rmul; tput sgr0)"; + LESS_TERMCAP_mr = "$(tput rev)"; + LESS_TERMCAP_mh = "$(tput dim)"; + LESS_TERMCAP_ZN = "$(tput ssubm)"; + LESS_TERMCAP_ZV = "$(tput rsubm)"; + LESS_TERMCAP_ZO = "$(tput ssupm)"; + LESS_TERMCAP_ZW = "$(tput rsupm)"; }; } From 749ef9f072cdf6430112ca394b42a79b62a43527 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 19:05:44 +0200 Subject: [PATCH 079/654] home: packages: add 'file' to common package set --- home/packages.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/home/packages.nix b/home/packages.nix index 7d87fc6..0d57840 100644 --- a/home/packages.nix +++ b/home/packages.nix @@ -18,13 +18,11 @@ in }; config.home.packages = with pkgs; lib.mkIf cfg.enable ([ - # Git related + file gitAndTools.git-absorb gitAndTools.git-revise gitAndTools.tig - # Dev work rr - # Terminal prettiness termite.terminfo ] ++ cfg.additionalPackages); } From 717c628ff10bc636b51df61c97a6dccff2e22277 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 19:34:01 +0200 Subject: [PATCH 080/654] machines: aramis: home: set up background `i3` inherits its background from `lightdm`. --- machines/aramis/home.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index b8fd278..8980e9a 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -30,4 +30,10 @@ services.xserver.enable = true; # Enable i3 services.xserver.windowManager.i3.enable = true; + # Nice wallpaper + services.xserver.displayManager.lightdm.background = + let + wallpapers = "${pkgs.plasma-workspace-wallpapers}/share/wallpapers"; + in + "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; } From 6008ac470c9fda08ddb0bdbaab147a3146d38090 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 19:35:47 +0200 Subject: [PATCH 081/654] home: add feh --- home/default.nix | 1 + home/feh.nix | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/feh.nix diff --git a/home/default.nix b/home/default.nix index 7c5e807..45065c8 100644 --- a/home/default.nix +++ b/home/default.nix @@ -5,6 +5,7 @@ ./bluetooth.nix ./direnv.nix ./documentation.nix + ./feh.nix ./firefox ./flameshot.nix ./gammastep.nix diff --git a/home/feh.nix b/home/feh.nix new file mode 100644 index 0000000..3a952a2 --- /dev/null +++ b/home/feh.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: +let + cfg = config.my.home.feh; +in +{ + options.my.home.feh = with lib; { + enable = mkEnableOption "feh configuration"; + }; + + config.programs.feh = lib.mkIf cfg.enable { + enable = true; + }; +} From 86ab6bf17a6780d8039c859086272dfd22259c93 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 May 2021 19:36:09 +0200 Subject: [PATCH 082/654] machines: aramis: home: enable feh --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 8980e9a..f4c7553 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -3,6 +3,8 @@ my.home = { # Bluetooth GUI & media keys bluetooth.enable = true; + # Image viewver + feh.enable = true; # Firefo profile and extensions firefox.enable = true; # Blue light filter From 53dd04a0b7ef280127be475752ea04a1f81fc693 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 May 2021 17:40:22 +0200 Subject: [PATCH 083/654] pkgs: add i3-get-window-criteria --- pkgs/default.nix | 2 + pkgs/i3-get-window-criteria/default.nix | 43 +++++++++++++++++++ .../i3-get-window-criteria | 30 +++++++++++++ 3 files changed, 75 insertions(+) create mode 100644 pkgs/i3-get-window-criteria/default.nix create mode 100755 pkgs/i3-get-window-criteria/i3-get-window-criteria diff --git a/pkgs/default.nix b/pkgs/default.nix index 58f004a..164c0b3 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -4,6 +4,8 @@ rec { havm = pkgs.callPackage ./havm { }; + i3-get-window-criteria = pkgs.callPackage ./i3-get-window-criteria { }; + lohr = pkgs.callPackage ./lohr { }; nolimips = pkgs.callPackage ./nolimips { }; diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix new file mode 100644 index 0000000..185e1e4 --- /dev/null +++ b/pkgs/i3-get-window-criteria/default.nix @@ -0,0 +1,43 @@ +{ coreutils, gnused, makeWrapper, lib, shellcheck, stdenvNoCC, xorg }: +stdenvNoCC.mkDerivation rec { + pname = "i3-get-window-criteria"; + version = "0.1.0"; + + src = ./i3-get-window-criteria; + + phases = [ "buildPhase" "installPhase" "fixupPhase" ]; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/${pname} + chmod a+x $out/bin/${pname} + ''; + + wrapperPath = lib.makeBinPath [ + coreutils + gnused + xorg.xprop + xorg.xwininfo + ]; + + fixupPhase = '' + patchShebangs $out/bin/${pname} + wrapProgram $out/bin/${pname} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = "Helper script to query i3 window criterions"; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/i3-get-window-criteria/i3-get-window-criteria b/pkgs/i3-get-window-criteria/i3-get-window-criteria new file mode 100755 index 0000000..e68641c --- /dev/null +++ b/pkgs/i3-get-window-criteria/i3-get-window-criteria @@ -0,0 +1,30 @@ +#!/usr/bin/env bash + +# i3-get-window-criteria - Get criteria for use with i3 config commands + +# To use, run this script, then click on a window. +# Output is in the format: [= = ...] + +# Known problem: when WM_NAME is used as fallback for the 'title=""' criterion, +# quotes in "" are not escaped properly. This is a problem with the output of `xprop`, +# reported upstream: https://bugs.freedesktop.org/show_bug.cgi?id=66807 + +match_int='[0-9][0-9]*' +match_string='".*"' +match_qstring='"[^"\\]*(\\.[^"\\]*)*"' # NOTE: Adds 1 backreference + +{ + # Run xwininfo, get window id + window_id=$(xwininfo -int | sed -nre "s/^xwininfo: Window id: ($match_int) .*$/\1/p") + echo "id=$window_id" + + # Run xprop, transform its output into i3 criteria. Handle fallback to + # WM_NAME when _NET_WM_NAME isn't set + xprop -id "$window_id" | + sed -nr \ + -e "s/^WM_CLASS\(STRING\) = ($match_qstring), ($match_qstring)$/instance=\1\nclass=\3/p" \ + -e "s/^WM_WINDOW_ROLE\(STRING\) = ($match_qstring)$/window_role=\1/p" \ + -e "/^WM_NAME\(STRING\) = ($match_string)$/ {s//title=\1/; h}" \ + -e "/^_NET_WM_NAME\(UTF8_STRING\) = ($match_qstring)$/ {s//title=\1/; h}" \ + -e '$ {g; p}' +} | sort | tr "\n" " " | sed -r 's/^(.*) $/[\1]\n/' From 5f7d2c74bcfde52ae0e0473901a40c6b9ca57172 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 May 2021 17:41:42 +0200 Subject: [PATCH 084/654] home: wm: i3: add i3-get-window-criteria package --- home/wm/i3.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 9fe9316..c431be0 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -34,6 +34,7 @@ in }; home.packages = with pkgs; [ + ambroisie.i3-get-window-criteria # little helper for i3 configuration arandr # Used by a mapping playerctl # Used by a mapping ]; From 15190d4b509809baf3de4e5fb567adc9cb1b42cc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 May 2021 17:47:47 +0200 Subject: [PATCH 085/654] pkgs: i3-get-window-criteria: remove whitespace --- pkgs/i3-get-window-criteria/i3-get-window-criteria | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/i3-get-window-criteria/i3-get-window-criteria b/pkgs/i3-get-window-criteria/i3-get-window-criteria index e68641c..dba386e 100755 --- a/pkgs/i3-get-window-criteria/i3-get-window-criteria +++ b/pkgs/i3-get-window-criteria/i3-get-window-criteria @@ -27,4 +27,4 @@ match_qstring='"[^"\\]*(\\.[^"\\]*)*"' # NOTE: Adds 1 backreference -e "/^WM_NAME\(STRING\) = ($match_string)$/ {s//title=\1/; h}" \ -e "/^_NET_WM_NAME\(UTF8_STRING\) = ($match_qstring)$/ {s//title=\1/; h}" \ -e '$ {g; p}' -} | sort | tr "\n" " " | sed -r 's/^(.*) $/[\1]\n/' +} | sort | tr "\n" " " | sed -r 's/^ *(.*) $/[\1]\n/' From 1c147613e45ea206f5324899eed26f3c35d57662 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 May 2021 17:53:06 +0200 Subject: [PATCH 086/654] home: terminal: export TERMINAL when appropriate This is used by some programs, like 'rofi' to launch terminal programs. --- home/terminal/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/home/terminal/default.nix b/home/terminal/default.nix index 4c3f5cb..676eed9 100644 --- a/home/terminal/default.nix +++ b/home/terminal/default.nix @@ -1,10 +1,12 @@ -{ lib, ... }: +{ config, lib, ... }: let mkColorOption = with lib; description: default: mkOption { inherit description default; example = "#abcdef"; type = types.strMatching "#[0-9a-f]{6}"; }; + + cfg = config.my.home.terminal; in { imports = [ @@ -52,4 +54,8 @@ in }; }; }; + + config.home.sessionVariables = lib.mkIf (cfg.program != null) { + TERMINAL = "termite"; + }; } From f57fd32088d980f9498110fe5a379910f79a76e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 8 May 2021 23:53:21 +0200 Subject: [PATCH 087/654] machines: aramis: home: add jellyfin-media-player --- machines/aramis/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index f4c7553..6591924 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -13,6 +13,7 @@ gpg.pinentry = "gtk2"; # Machine specific packages packages.additionalPackages = with pkgs; [ + jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI quasselClient # IRC client ]; From 3887a86650ad6700c8027f572859205f0293c675 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 00:06:12 +0200 Subject: [PATCH 088/654] flake: add overlays folder --- flake.nix | 2 +- overlays/default.nix | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 overlays/default.nix diff --git a/flake.nix b/flake.nix index 404b2c0..8f55618 100644 --- a/flake.nix +++ b/flake.nix @@ -103,7 +103,7 @@ }) // { overlay = self.overlays.pkgs; - overlays = { + overlays = import ./overlays // { lib = final: prev: { inherit lib; }; pkgs = final: prev: { ambroisie = import ./pkgs { pkgs = prev; }; }; }; diff --git a/overlays/default.nix b/overlays/default.nix new file mode 100644 index 0000000..413c3b4 --- /dev/null +++ b/overlays/default.nix @@ -0,0 +1,3 @@ +{ + # FIXME: add overlays +} From 5aaa497653df216cbd479b1f043de1bff6513444 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 00:06:52 +0200 Subject: [PATCH 089/654] overlays: add transgui-fix-duplicate-status Upstream is being slow in merging the patch... --- overlays/default.nix | 2 +- overlays/transgui-fix-duplicate-status/default.nix | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 overlays/transgui-fix-duplicate-status/default.nix diff --git a/overlays/default.nix b/overlays/default.nix index 413c3b4..d52dcd3 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,3 +1,3 @@ { - # FIXME: add overlays + transgui-fix-duplicate-status = import ./transgui-fix-duplicate-status; } diff --git a/overlays/transgui-fix-duplicate-status/default.nix b/overlays/transgui-fix-duplicate-status/default.nix new file mode 100644 index 0000000..6190306 --- /dev/null +++ b/overlays/transgui-fix-duplicate-status/default.nix @@ -0,0 +1,11 @@ +final: prev: +{ + transgui = prev.transgui.overrideAttrs (oldAttrs: { + patches = [ + (final.fetchpatch { + url = "https://patch-diff.githubusercontent.com/raw/transmission-remote-gui/transgui/pull/1354.patch"; + sha256 = "sha256-Q4DAduqnTtNI0Zw9NIWpE8L0G8RusvPbZ3iW29k7XXA="; + }) + ]; + }); +} From bf9de874ce8b0a291930ea32831d676eb32589d1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 00:07:27 +0200 Subject: [PATCH 090/654] machines: aramis: home: add transgui --- machines/aramis/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 6591924..d226149 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -16,6 +16,7 @@ jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI quasselClient # IRC client + transgui # Transmission remote ]; # Network-Manager applet nm-applet.enable = true; From 5e193b3a420eafc3107f10a99b3a498ec8e058a2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 01:01:36 +0200 Subject: [PATCH 091/654] home: add gtk --- home/default.nix | 1 + home/gtk.nix | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 home/gtk.nix diff --git a/home/default.nix b/home/default.nix index 45065c8..f38aa10 100644 --- a/home/default.nix +++ b/home/default.nix @@ -11,6 +11,7 @@ ./gammastep.nix ./git ./gpg.nix + ./gtk.nix ./htop.nix ./jq.nix ./nm-applet.nix diff --git a/home/gtk.nix b/home/gtk.nix new file mode 100644 index 0000000..71bf264 --- /dev/null +++ b/home/gtk.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.gtk; +in +{ + options.my.home.gtk = with lib; { + enable = mkEnableOption "GTK configuration"; + }; + + config.gtk = lib.mkIf cfg.enable { + enable = true; + + font = { + package = pkgs.dejavu_fonts; + name = "DejaVu Sans"; + size = 8; + }; + + gtk2 = { + # That sweet, sweet clean home that I am always aiming for... + configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; + }; + + iconTheme = { + package = pkgs.gnome3.gnome_themes_standard; + name = "Adwaita"; + }; + + theme = { + package = pkgs.gnome3.gnome_themes_standard; + name = "Adwaita"; + }; + }; +} From 00a5d1b0768dd46821b6260140ad5c25e1d07925 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 01:01:53 +0200 Subject: [PATCH 092/654] machines: aramis: home: enable GTK In order to not have an error at activation, dconf must be made available to the dbus service. --- machines/aramis/home.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index d226149..9893ced 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -11,6 +11,8 @@ gammastep.enable = true; # Use a small popup to enter passwords gpg.pinentry = "gtk2"; + # GTK theme configuration + gtk.enable = true; # Machine specific packages packages.additionalPackages = with pkgs; [ jellyfin-media-player # Wraps the webui and mpv together @@ -40,4 +42,9 @@ wallpapers = "${pkgs.plasma-workspace-wallpapers}/share/wallpapers"; in "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; + + services.dbus.packages = with pkgs; [ + # Allow setting GTK configuration using home-manager + gnome3.dconf + ]; } From 79dfb3a97954c4ef5f0c464feb8a44dc5f91bdef Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 01:15:18 +0200 Subject: [PATCH 093/654] home: gtk: do not set font size Turns out that I do not like how it interferes with Firefox's rendering... I should probably investigate this in the future if I want to use this option. --- home/gtk.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/home/gtk.nix b/home/gtk.nix index 71bf264..77ca477 100644 --- a/home/gtk.nix +++ b/home/gtk.nix @@ -13,7 +13,6 @@ in font = { package = pkgs.dejavu_fonts; name = "DejaVu Sans"; - size = 8; }; gtk2 = { From 0c943d84300afa8bbced44b8f58b7d57fe33dd83 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:30:49 +0200 Subject: [PATCH 094/654] flake: add profiles folder This will be used for configurations that either consolidates multiple options that make sens to use together, or span accross system and home configuration. --- flake.nix | 2 ++ profiles/default.nix | 7 +++++++ 2 files changed, 9 insertions(+) create mode 100644 profiles/default.nix diff --git a/flake.nix b/flake.nix index 8f55618..f54c252 100644 --- a/flake.nix +++ b/flake.nix @@ -60,6 +60,8 @@ } # Include generic settings ./modules + # Include bundles of settings + ./profiles # Include my secrets ./secrets # Include my services diff --git a/profiles/default.nix b/profiles/default.nix new file mode 100644 index 0000000..d726f32 --- /dev/null +++ b/profiles/default.nix @@ -0,0 +1,7 @@ +# Configuration that spans accross system and home, or are almagations of modules +{ ... }: +{ + imports = [ + # FIXME + ]; +} From 885b45d39cde14bcfd82ebbfb186af2bd686bd9e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:39:20 +0200 Subject: [PATCH 095/654] profiles: add bluetooth --- profiles/bluetooth.nix | 15 +++++++++++++++ profiles/default.nix | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 profiles/bluetooth.nix diff --git a/profiles/bluetooth.nix b/profiles/bluetooth.nix new file mode 100644 index 0000000..33792d7 --- /dev/null +++ b/profiles/bluetooth.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +let + cfg = config.my.profiles.bluetooth; +in +{ + options.my.profiles.bluetooth = with lib; { + enable = mkEnableOption "bluetooth profile"; + }; + + config = lib.mkIf cfg.enable { + my.modules.bluetooth.enable = true; + + my.home.bluetooth.enable = true; + }; +} diff --git a/profiles/default.nix b/profiles/default.nix index d726f32..30d76c2 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -2,6 +2,6 @@ { ... }: { imports = [ - # FIXME + ./bluetooth.nix ]; } From ca620a4eb6c9eb6f8d415828949c15cf194f3869 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:39:51 +0200 Subject: [PATCH 096/654] machines: aramis: enable bluetooth profile --- machines/aramis/bluetooth.nix | 5 ----- machines/aramis/default.nix | 2 +- machines/aramis/home.nix | 2 -- machines/aramis/profiles.nix | 7 +++++++ 4 files changed, 8 insertions(+), 8 deletions(-) delete mode 100644 machines/aramis/bluetooth.nix create mode 100644 machines/aramis/profiles.nix diff --git a/machines/aramis/bluetooth.nix b/machines/aramis/bluetooth.nix deleted file mode 100644 index 0255a72..0000000 --- a/machines/aramis/bluetooth.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ ... }: -{ - # Bluetooth integration - my.modules.bluetooth.enable = true; -} diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 221da9e..1af2dd6 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -6,11 +6,11 @@ { imports = [ - ./bluetooth.nix ./boot.nix ./hardware.nix ./home.nix ./networking.nix + ./profiles.nix ./services.nix ./sound.nix ]; diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 9893ced..a63bf3b 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,8 +1,6 @@ { pkgs, ... }: { my.home = { - # Bluetooth GUI & media keys - bluetooth.enable = true; # Image viewver feh.enable = true; # Firefo profile and extensions diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix new file mode 100644 index 0000000..f9aa2aa --- /dev/null +++ b/machines/aramis/profiles.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + my.profiles = { + # Bluetooth configuration and GUI + bluetooth.enable = true; + }; +} From 12b3397a203dada442571ad5b77c49c2be0c3745 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:40:37 +0200 Subject: [PATCH 097/654] modules: bluetooth: fix documentation --- modules/bluetooth.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/bluetooth.nix b/modules/bluetooth.nix index 811dd94..661ed60 100644 --- a/modules/bluetooth.nix +++ b/modules/bluetooth.nix @@ -4,7 +4,7 @@ let in { options.my.modules.bluetooth = with lib; { - enable = mkEnableOption "wireless configuration"; + enable = mkEnableOption "bluetooth configuration"; enableHeadsetIntegration = my.mkDisableOption "A2DP sink configuration"; From 1c2193d698ae3ce4bf1d7be9233212ef53349e70 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:45:23 +0200 Subject: [PATCH 098/654] profiles: add wm --- profiles/default.nix | 1 + profiles/wm.nix | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 profiles/wm.nix diff --git a/profiles/default.nix b/profiles/default.nix index 30d76c2..c012eee 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -3,5 +3,6 @@ { imports = [ ./bluetooth.nix + ./wm.nix ]; } diff --git a/profiles/wm.nix b/profiles/wm.nix new file mode 100644 index 0000000..a2e9dd2 --- /dev/null +++ b/profiles/wm.nix @@ -0,0 +1,23 @@ +{ config, lib, ... }: +let + cfg = config.my.profiles.wm; +in +{ + options.my.profiles.wm = with lib; { + windowManager = mkOption { + type = with types; nullOr (enum [ "i3" ]); + default = null; + example = "i3"; + description = "Which window manager to use"; + }; + }; + + config = lib.mkMerge [ + (lib.mkIf (cfg.windowManager == "i3") { + # Enable i3 + services.xserver.windowManager.i3.enable = true; + # i3 settings + my.home.wm.windowManager = "i3"; + }) + ]; +} From 3f50abcbe0c76333382a78dca68febfa0c74c6e7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:45:46 +0200 Subject: [PATCH 099/654] machines: aramis: use wm profile --- machines/aramis/home.nix | 4 ---- machines/aramis/profiles.nix | 2 ++ 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index a63bf3b..a5a936c 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -22,8 +22,6 @@ nm-applet.enable = true; # Termite terminal terminal.program = "termite"; - # i3 settings - wm.windowManager = "i3"; # Keyboard settings x.enable = true; # Zathura document viewer @@ -32,8 +30,6 @@ # Enable the X11 windowing system. services.xserver.enable = true; - # Enable i3 - services.xserver.windowManager.i3.enable = true; # Nice wallpaper services.xserver.displayManager.lightdm.background = let diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix index f9aa2aa..1eb73e8 100644 --- a/machines/aramis/profiles.nix +++ b/machines/aramis/profiles.nix @@ -3,5 +3,7 @@ my.profiles = { # Bluetooth configuration and GUI bluetooth.enable = true; + # i3 configuration + wm.windowManager = "i3"; }; } From e211ac7d73d647b16e6b4b8014fd84a17595f1d5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:48:27 +0200 Subject: [PATCH 100/654] profiles: add gtk --- profiles/default.nix | 1 + profiles/gtk.nix | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 profiles/gtk.nix diff --git a/profiles/default.nix b/profiles/default.nix index c012eee..fb3d4f4 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -3,6 +3,7 @@ { imports = [ ./bluetooth.nix + ./gtk.nix ./wm.nix ]; } diff --git a/profiles/gtk.nix b/profiles/gtk.nix new file mode 100644 index 0000000..9eebe23 --- /dev/null +++ b/profiles/gtk.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.profiles.gtk; +in +{ + options.my.profiles.gtk = with lib; { + enable = mkEnableOption "bluetooth profile"; + }; + + config = lib.mkIf cfg.enable { + # Allow setting GTK configuration using home-manager + services.dbus.packages = with pkgs; [ + gnome3.dconf + ]; + + # GTK theme configuration + my.home.gtk.enable = true; + }; +} From e786eadddeb3562d36668d7e0420ee6080c537f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:51:00 +0200 Subject: [PATCH 101/654] machines: aramis: use gtk profile --- machines/aramis/home.nix | 7 ------- machines/aramis/profiles.nix | 2 ++ 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index a5a936c..aca7978 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -9,8 +9,6 @@ gammastep.enable = true; # Use a small popup to enter passwords gpg.pinentry = "gtk2"; - # GTK theme configuration - gtk.enable = true; # Machine specific packages packages.additionalPackages = with pkgs; [ jellyfin-media-player # Wraps the webui and mpv together @@ -36,9 +34,4 @@ wallpapers = "${pkgs.plasma-workspace-wallpapers}/share/wallpapers"; in "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; - - services.dbus.packages = with pkgs; [ - # Allow setting GTK configuration using home-manager - gnome3.dconf - ]; } diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix index 1eb73e8..6001918 100644 --- a/machines/aramis/profiles.nix +++ b/machines/aramis/profiles.nix @@ -3,6 +3,8 @@ my.profiles = { # Bluetooth configuration and GUI bluetooth.enable = true; + # GTK theme configuration + gtk.enable = true; # i3 configuration wm.windowManager = "i3"; }; From 125935ac0f5320b3adf955fc0411dda665bcd8cf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:56:28 +0200 Subject: [PATCH 102/654] profiles: add X --- profiles/default.nix | 1 + profiles/x.nix | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 profiles/x.nix diff --git a/profiles/default.nix b/profiles/default.nix index fb3d4f4..eea1a11 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -5,5 +5,6 @@ ./bluetooth.nix ./gtk.nix ./wm.nix + ./x.nix ]; } diff --git a/profiles/x.nix b/profiles/x.nix new file mode 100644 index 0000000..e9d9cfd --- /dev/null +++ b/profiles/x.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.profiles.x; +in +{ + options.my.profiles.x = with lib; { + enable = mkEnableOption "X profile"; + }; + + config = lib.mkIf cfg.enable { + # Enable the X11 windowing system. + services.xserver.enable = true; + # Nice wallpaper + services.xserver.displayManager.lightdm.background = + let + wallpapers = "${pkgs.plasma-workspace-wallpapers}/share/wallpapers"; + in + "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; + + # X configuration + my.home.x.enable = true; + }; +} From 737484dcfecdae6059c307e526b7b0f4c17200e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 11:57:10 +0200 Subject: [PATCH 103/654] machines: aramis: use X profile --- machines/aramis/home.nix | 11 ----------- machines/aramis/profiles.nix | 2 ++ 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index aca7978..c889272 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -20,18 +20,7 @@ nm-applet.enable = true; # Termite terminal terminal.program = "termite"; - # Keyboard settings - x.enable = true; # Zathura document viewer zathura.enable = true; }; - - # Enable the X11 windowing system. - services.xserver.enable = true; - # Nice wallpaper - services.xserver.displayManager.lightdm.background = - let - wallpapers = "${pkgs.plasma-workspace-wallpapers}/share/wallpapers"; - in - "${wallpapers}/summer_1am/contents/images/2560x1600.jpg"; } diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix index 6001918..e8701aa 100644 --- a/machines/aramis/profiles.nix +++ b/machines/aramis/profiles.nix @@ -7,5 +7,7 @@ gtk.enable = true; # i3 configuration wm.windowManager = "i3"; + # X configuration + x.enable = true; }; } From d46f66842f8d07f7fca54acd3888c37269c9e747 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 12:04:04 +0200 Subject: [PATCH 104/654] profiles: add laptop --- profiles/default.nix | 1 + profiles/laptop.nix | 14 ++++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 profiles/laptop.nix diff --git a/profiles/default.nix b/profiles/default.nix index eea1a11..30ec900 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -4,6 +4,7 @@ imports = [ ./bluetooth.nix ./gtk.nix + ./laptop.nix ./wm.nix ./x.nix ]; diff --git a/profiles/laptop.nix b/profiles/laptop.nix new file mode 100644 index 0000000..188619c --- /dev/null +++ b/profiles/laptop.nix @@ -0,0 +1,14 @@ +{ config, lib, ... }: +let + cfg = config.my.profiles.laptop; +in +{ + options.my.profiles.laptop = with lib; { + enable = mkEnableOption "laptop profile"; + }; + + config = lib.mkIf cfg.enable { + # Enable touchpad support + services.xserver.libinput.enable = true; + }; +} From 30ce91557d9ceb97f669d52558bea3b79cb82271 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 12:04:26 +0200 Subject: [PATCH 105/654] machines: aramis: use laptop profile --- machines/aramis/default.nix | 3 --- machines/aramis/profiles.nix | 2 ++ 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 1af2dd6..bb78127 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -21,9 +21,6 @@ # Enable CUPS to print documents. services.printing.enable = true; - # Enable touchpad support (enabled default in most desktopManager). - services.xserver.libinput.enable = true; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix index e8701aa..6d2bef7 100644 --- a/machines/aramis/profiles.nix +++ b/machines/aramis/profiles.nix @@ -5,6 +5,8 @@ bluetooth.enable = true; # GTK theme configuration gtk.enable = true; + # Laptop specific configuration + laptop.enable = true; # i3 configuration wm.windowManager = "i3"; # X configuration From f04368a71e68e5c2c1d885ad180e6c5bec4261ab Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 12:05:04 +0200 Subject: [PATCH 106/654] machines: porthos: set timezone --- machines/porthos/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/machines/porthos/default.nix b/machines/porthos/default.nix index ec29917..abfc01a 100644 --- a/machines/porthos/default.nix +++ b/machines/porthos/default.nix @@ -10,6 +10,9 @@ ./users.nix ]; + # Set your time zone. + time.timeZone = "Europe/Paris"; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave From fab93a5f2fec32f87c2ed0c759775a2d9205f8cc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 12:14:50 +0200 Subject: [PATCH 107/654] modules: users: simplify 'groupsIfExist' --- modules/users.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/modules/users.nix b/modules/users.nix index 3bc1c37..15896e0 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -2,11 +2,8 @@ { config, lib, pkgs, ... }: let my = config.my; - groupIfExists = grp: - lib.lists.optional - (builtins.hasAttr grp config.users.groups) - grp; - groupsIfExist = builtins.concatMap groupIfExists; + groupExists = grp: builtins.hasAttr grp config.users.groups; + groupsIfExist = builtins.filter groupExists; in { users.mutableUsers = false; # I want it to be declarative. From ac4cf0c1a297aa2a174264819d348c572e270a1e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 17:27:43 +0200 Subject: [PATCH 108/654] home: wm: i3: fix screen-related mappings --- home/wm/i3.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index c431be0..261a282 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -240,11 +240,11 @@ in ''; in { - "XF86Display" = "arandr"; - "XF86MonBrightnessUp" = "${changeBacklight} up 10"; - "XF86MonBrightnessDown" = "${changeBacklight} down 10"; - "Control+XF86MonBrightnessUp" = "${changeBacklight} up 1"; - "Control+XF86MonBrightnessDown" = "${changeBacklight} down 1"; + "XF86Display" = "exec arandr"; + "XF86MonBrightnessUp" = "exec ${changeBacklight} up 10"; + "XF86MonBrightnessDown" = "exec ${changeBacklight} down 10"; + "Control+XF86MonBrightnessUp" = "exec ${changeBacklight} up 1"; + "Control+XF86MonBrightnessDown" = "exec ${changeBacklight} down 1"; } ) { From 03130ed9ee4c777402fbc06f81ab33a1e9aca47a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 17:28:05 +0200 Subject: [PATCH 109/654] home: wm: i3: use 'brightnessctl' --- home/wm/i3.nix | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 261a282..05c381d 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -222,20 +222,19 @@ in } ( let - xbacklight = "${pkgs.xorg.xbacklight}/bin/xbacklight"; + brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl"; changeBacklight = pkgs.writeScript "change-backlight" '' #!/bin/sh if [ "$1" = "up" ]; then - upDown=-inc + upDown="+$2%" else - upDown=-dec + upDown="$2%-" fi - ${xbacklight} "$upDown" "$2" - newBrightness="$(printf '$.0f' "$(${xbacklight} -get)")" + newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)" ${pkgs.libnotify}/bin/notify-send -u low \ -h string:x-canonical-private-synchronous:change-backlight \ - -h "int:value:$newBrightness" \ + -h "int:value:''${newBrightness/\%/}" \ -- "Set brightness to $newBrightness" ''; in From 59e833a55bd4632c14df6b3aee947ab251f74c7f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 17:45:05 +0200 Subject: [PATCH 110/654] home: wm: i3bar: remove gammastep block It doesn't seem to be working well with my setup... --- home/wm/i3bar.nix | 6 ------ 1 file changed, 6 deletions(-) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 5cc1356..dec72e5 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -34,12 +34,6 @@ in block = "net"; format = "{ssid} {ip} {signal_strength}"; } - (lib.optionalAttrs (config.my.home.gammastep.enable) { - block = "hueshift"; - hue_shifter = "gammastep"; - step = 100; - click_temp = config.my.home.gammastep.temperature.day; - }) { block = "battery"; format = "{percentage}% ({time})"; From f9d849c5da85c70b34aa393a97a8139c1aea3cd7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 17:45:24 +0200 Subject: [PATCH 111/654] home: wm: i3bar: add 'backlight' block --- home/wm/i3bar.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index dec72e5..3e74bde 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -34,6 +34,9 @@ in block = "net"; format = "{ssid} {ip} {signal_strength}"; } + { + block = "backlight"; + } { block = "battery"; format = "{percentage}% ({time})"; From f3764ce20ed4a9b2751e5927d254d73ffabf6b20 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 May 2021 21:13:24 +0200 Subject: [PATCH 112/654] home: pager: fix colorized man pages Turns out that sessionVariables are not being set at the proper time for use with `tput`. This commit also cleans up a bit how the config was being set. --- home/pager.nix | 45 +++++++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/home/pager.nix b/home/pager.nix index 74a4c3b..9f0dc5e 100644 --- a/home/pager.nix +++ b/home/pager.nix @@ -7,27 +7,32 @@ in enable = mkDisableOption "pager configuration"; }; - config.programs.lesspipe.enable = cfg.enable; - config.home.sessionVariables = lib.mkIf cfg.enable { - # My default pager - PAGER = "less"; - # Clear the screen on start and exit - LESS = "-R -+X -c"; + config = lib.mkIf cfg.enable { + programs.lesspipe.enable = true; - # Colored man pages - LESS_TERMCAP_mb = "$(tput bold; tput setaf 2)"; - LESS_TERMCAP_md = "$(tput bold; tput setaf 6)"; - LESS_TERMCAP_me = "$(tput sgr0)"; - LESS_TERMCAP_so = "$(tput bold; tput setaf 3; tput setab 4)"; - LESS_TERMCAP_se = "$(tput rmso; tput sgr0)"; - LESS_TERMCAP_us = "$(tput bold; tput setaf 2)"; - LESS_TERMCAP_ue = "$(tput rmul; tput sgr0)"; - LESS_TERMCAP_mr = "$(tput rev)"; - LESS_TERMCAP_mh = "$(tput dim)"; - LESS_TERMCAP_ZN = "$(tput ssubm)"; - LESS_TERMCAP_ZV = "$(tput rsubm)"; - LESS_TERMCAP_ZO = "$(tput ssupm)"; - LESS_TERMCAP_ZW = "$(tput rsupm)"; + home.sessionVariables = { + # My default pager + PAGER = "less"; + # Clear the screen on start and exit + LESS = "-R -+X -c"; + }; + + programs.zsh.localVariables = { + # Colored man pages + LESS_TERMCAP_mb = "$(tput bold; tput setaf 2)"; + LESS_TERMCAP_md = "$(tput bold; tput setaf 6)"; + LESS_TERMCAP_me = "$(tput sgr0)"; + LESS_TERMCAP_so = "$(tput bold; tput setaf 3; tput setab 4)"; + LESS_TERMCAP_se = "$(tput rmso; tput sgr0)"; + LESS_TERMCAP_us = "$(tput bold; tput setaf 2)"; + LESS_TERMCAP_ue = "$(tput rmul; tput sgr0)"; + LESS_TERMCAP_mr = "$(tput rev)"; + LESS_TERMCAP_mh = "$(tput dim)"; + LESS_TERMCAP_ZN = "$(tput ssubm)"; + LESS_TERMCAP_ZV = "$(tput rsubm)"; + LESS_TERMCAP_ZO = "$(tput ssupm)"; + LESS_TERMCAP_ZW = "$(tput rsupm)"; + }; }; } From d23ad8f5e12ba0f0c383439fb1d9faabf5e7a9ed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 May 2021 17:47:47 +0200 Subject: [PATCH 113/654] modules: add upower --- modules/default.nix | 1 + modules/upower.nix | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 modules/upower.nix diff --git a/modules/default.nix b/modules/default.nix index c25a426..a5ffc91 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -12,6 +12,7 @@ ./networking.nix ./nix.nix ./packages.nix + ./upower.nix ./users.nix ]; } diff --git a/modules/upower.nix b/modules/upower.nix new file mode 100644 index 0000000..8c46c1d --- /dev/null +++ b/modules/upower.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.modules.upower; +in +{ + options.my.modules.upower = with lib; { + enable = mkEnableOption "upower configuration"; + + levels = { + low = mkOption { + type = types.ints.unsigned; + default = 25; + example = 10; + description = "Low percentage"; + }; + + critical = mkOption { + type = types.ints.unsigned; + default = 15; + example = 5; + description = "Critical percentage"; + }; + + action = mkOption { + type = types.ints.unsigned; + default = 5; + example = 3; + description = "Percentage at which point an action must be taken"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + services.upower = { + enable = true; + + percentageLow = cfg.levels.low; + + percentageCritical = cfg.levels.critical; + + percentageAction = cfg.levels.action; + }; + }; +} From 7d48b0edab27ebdd56c3386ef3891886e7dbbb40 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 May 2021 17:48:00 +0200 Subject: [PATCH 114/654] profiles: laptop: enable upower --- profiles/laptop.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/laptop.nix b/profiles/laptop.nix index 188619c..f02360b 100644 --- a/profiles/laptop.nix +++ b/profiles/laptop.nix @@ -10,5 +10,8 @@ in config = lib.mkIf cfg.enable { # Enable touchpad support services.xserver.libinput.enable = true; + + # Enable upower power management + my.modules.upower.enable = true; }; } From 0fc3bf3096998588a59e3784eee5b173c4570a90 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 May 2021 17:49:37 +0200 Subject: [PATCH 115/654] home: add power-alert --- home/default.nix | 1 + home/power-alert.nix | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 home/power-alert.nix diff --git a/home/default.nix b/home/default.nix index f38aa10..9b33d23 100644 --- a/home/default.nix +++ b/home/default.nix @@ -17,6 +17,7 @@ ./nm-applet.nix ./packages.nix ./pager.nix + ./power-alert.nix ./secrets # Home-manager specific secrets ./ssh.nix ./terminal diff --git a/home/power-alert.nix b/home/power-alert.nix new file mode 100644 index 0000000..8dbb5e6 --- /dev/null +++ b/home/power-alert.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +let + cfg = config.my.home.power-alert; +in +{ + options.my.home.power-alert = with lib; { + enable = mkEnableOption "power-alert configuration"; + }; + + config = lib.mkIf cfg.enable { + services.poweralertd = { + enable = true; + }; + }; +} From 8de23feee7d03e77d7b2a5a295085521bec795d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 May 2021 17:51:44 +0200 Subject: [PATCH 116/654] profiles: laptop: enable power-alert --- profiles/laptop.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/laptop.nix b/profiles/laptop.nix index f02360b..055c0b2 100644 --- a/profiles/laptop.nix +++ b/profiles/laptop.nix @@ -13,5 +13,8 @@ in # Enable upower power management my.modules.upower.enable = true; + + # Enable battery notifications + my.home.power-alert.enable = true; }; } From b4d3b06fbfaad5b4b0c9ef8573d94a6f4aae1cfe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 May 2021 19:55:59 +0200 Subject: [PATCH 117/654] home: zsh: make history ten times bigger --- home/zsh/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 4657c4e..8d25552 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -13,7 +13,7 @@ in enableCompletion = true; history = { - size = 50000; + size = 500000; ignoreSpace = true; ignoreDups = true; share = true; From 9e6bc604f3a40d890ed1662a0b02cd42704dcfbd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 May 2021 21:36:30 +0200 Subject: [PATCH 118/654] home: x: add 'xsel' package I like it better than 'xclip'. --- home/x/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/home/x/default.nix b/home/x/default.nix index f021ca0..a2820ba 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.x; in @@ -14,5 +14,9 @@ in config = lib.mkIf cfg.enable { xsession.enable = true; + + home.packages = with pkgs; [ + xsel + ]; }; } From 76148d75b8b3b86bd84bebc1847d50698d9aeb08 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 May 2021 21:39:26 +0200 Subject: [PATCH 119/654] machines: aramis: services: remove gnupg-agent The one configured by home-manager is more appropriate. --- machines/porthos/services.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 9bc99e7..910987d 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -106,9 +106,4 @@ in startAtBoot = true; # Server must be started to ensure clients can connect }; }; - - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; } From e5fdfd6c4459d9d1ccfb746646446e5d786769e9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 09:52:50 +0200 Subject: [PATCH 120/654] pkgs: add comma --- pkgs/comma/comma | 33 +++++++++++++++++++++++++++++++++ pkgs/comma/default.nix | 42 ++++++++++++++++++++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 3 files changed, 77 insertions(+) create mode 100755 pkgs/comma/comma create mode 100644 pkgs/comma/default.nix diff --git a/pkgs/comma/comma b/pkgs/comma/comma new file mode 100755 index 0000000..5c347d6 --- /dev/null +++ b/pkgs/comma/comma @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +set -euo pipefail + +print_err() { + printf "%s\n" "$1" >&2 +} + +usage() { + print_err "Usage: , [argument]..." +} + +find_program() { + local CANDIDATE + CANDIDATE="$(nix-locate --top-level --minimal --at-root --whole-name "/bin/$1")" + if [ "$(printf '%s\n' "$CANDIDATE" | wc -l)" -gt 1 ]; then + CANDIDATE="$(printf '%s' "$CANDIDATE" | fzf-tmux)" + fi + printf '%s' "$CANDIDATE" +} + +if [ $# -lt 1 ]; then + usage + exit 1 +fi + +PROGRAM="$(find_program "$1")" +if [ -z "$PROGRAM" ]; then + print_err "No match found for $1" + exit 1 +fi + +nix shell "nixpkgs#$PROGRAM" -c "$@" diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix new file mode 100644 index 0000000..73756d0 --- /dev/null +++ b/pkgs/comma/default.nix @@ -0,0 +1,42 @@ +{ fzf, lib, makeWrapper, nix-index, shellcheck, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "comma"; + version = "0.1.0"; + + src = ./. + "/comma"; + + phases = [ "buildPhase" "installPhase" "fixupPhase" ]; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/${meta.mainProgram} + chmod a+x $out/bin/${meta.mainProgram} + ''; + + wrapperPath = lib.makeBinPath [ + fzf + nix-index + ]; + + fixupPhase = '' + patchShebangs $out/bin/${meta.mainProgram} + wrapProgram $out/bin/${meta.mainProgram} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + mainProgram = ","; + description = "A simple script inspired by Shopify's comma, for modern Nix"; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 164c0b3..82aa254 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,7 @@ { pkgs }: rec { + comma = pkgs.callPackage ./comma { }; + diff-flake = pkgs.callPackage ./diff-flake { }; havm = pkgs.callPackage ./havm { }; From 97ee498405157d82da26c99ea0b6eb2aca5c52dc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 09:53:39 +0200 Subject: [PATCH 121/654] home: packages: add 'comma' to common package set --- home/packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/packages.nix b/home/packages.nix index 0d57840..90111a2 100644 --- a/home/packages.nix +++ b/home/packages.nix @@ -18,6 +18,7 @@ in }; config.home.packages = with pkgs; lib.mkIf cfg.enable ([ + ambroisie.comma file gitAndTools.git-absorb gitAndTools.git-revise From 7d0a772cce6df1cdddd74771b5f664a84195ba8d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 10:19:10 +0200 Subject: [PATCH 122/654] home: firefox: tridactyl: fix parent URL on Reddit --- home/firefox/tridactylrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/firefox/tridactylrc b/home/firefox/tridactylrc index edb595e..20a67e3 100644 --- a/home/firefox/tridactylrc +++ b/home/firefox/tridactylrc @@ -15,7 +15,7 @@ set editorcmd termite --class tridactyl_editor -e 'vim %f' bind ;c hint -c [class*="expand"],[class="togg"],[class="comment_folder"] " Make `gu` take me back to subreddit from comments -bindurl reddit.com gu urlparent 4 +bindurl reddit.com gu urlparent 3 " Only hint search results on Google bindurl www.google.com f hint -Jc #search div:not(.action-menu) > a @@ -27,7 +27,7 @@ bindurl ^https://duckduckgo.com F hint -Jbc [class=result__a] " Only hint item pages on Hacker News bindurl news.ycombinator.com ;f hint -Jc .age > a -bindurl news.ycombinator.com ;f hint -Jtc .age > a +bindurl news.ycombinator.com ;F hint -Jtc .age > a " }}} " Better bindings {{{ From ee33ab11c61b4db2a1cdd880f25f03963194ae5d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 20 May 2021 17:55:14 +0200 Subject: [PATCH 123/654] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 9e21b7a..4599275 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "futils": { "locked": { - "lastModified": 1619345332, - "narHash": "sha256-qHnQkEp1uklKTpx3MvKtY6xzgcqXDsz5nLilbbuL+3A=", + "lastModified": 1620759905, + "narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=", "owner": "numtide", "repo": "flake-utils", - "rev": "2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28", + "rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8", "type": "github" }, "original": { @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1620138697, - "narHash": "sha256-8Mgj+Fj4zGEI7oA9wbyqvdwq+46kAyd3barMIedWkho=", + "lastModified": 1621417094, + "narHash": "sha256-Csk4p8jFUma7FtMnjEJGTPGxCOnTbb30xr8AXwrUTMM=", "owner": "nix-community", "repo": "home-manager", - "rev": "64c5228c0828fff0c94c1d42f7225115c299ae08", + "rev": "3d18912f5ae7c98bd5249411d98cdf3b28fe1f09", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1620074890, - "narHash": "sha256-4Z8Zwpg0gPvqKbSsck1g9ql4E5NClGZdjyxbYoaXA4s=", + "lastModified": 1621160191, + "narHash": "sha256-5xaEDqmmDsJnd2agtmEIrbUHSuNjTqidJPkBrmls6Ek=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7cb76200088f45cd24a9aa67fd2f9657943d78a4", + "rev": "7a1fbc38a4b538450ac0d42aec8a3e513b4d723e", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1620140064, - "narHash": "sha256-WiQxLQEyYkmeHv/oB89LfyIjLqNWvI+7ZWBX0Ygb9pM=", + "lastModified": 1621525236, + "narHash": "sha256-aJh5wvoHB15CBMXNYEqbJuOuU3sETaJS9UFSgESF8zs=", "owner": "nix-community", "repo": "NUR", - "rev": "ac217b9a764d5352db9ccfb5cc39bdd3ff74d4ec", + "rev": "ba113338c358c6b939dd269b1c89f0b43392f30b", "type": "github" }, "original": { From 986701d1c8c4ac6ba5d978cf1cff220fdddea5e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 20 May 2021 15:31:04 +0000 Subject: [PATCH 124/654] services: adblock: use new 'settings' option This shows that I have not upgraded the server in a while... --- services/adblock.nix | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/services/adblock.nix b/services/adblock.nix index 23d63c8..45e4d6e 100644 --- a/services/adblock.nix +++ b/services/adblock.nix @@ -45,21 +45,28 @@ in services.unbound = { enable = true; - allowedAccess = [ - "127.0.0.0/24" - "${wgCfg.net.v4.subnet}.0/${toString wgCfg.net.v4.mask}" - "${wgCfg.net.v6.subnet}::0/${toString wgCfg.net.v6.mask}" - ]; + settings = { + server = { + access-control = [ + "127.0.0.0/24 allow" + "${wgCfg.net.v4.subnet}.0/${toString wgCfg.net.v4.mask} allow" + "${wgCfg.net.v6.subnet}::0/${toString wgCfg.net.v6.mask} allow" + ]; - inherit (cfg) forwardAddresses interfaces; + interface = cfg.interfaces; - extraConfig = '' - so-reuseport: yes - tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt - tls-upstream: yes + so-reuseport = true; + tls-cert-bundle = "/etc/ssl/certs/ca-certificates.crt"; + tls-upstream = true; - include: "${pkgs.ambroisie.unbound-zones-adblock}/hosts" - ''; + include = "${pkgs.ambroisie.unbound-zones-adblock}/hosts"; + }; + + forward-zone = [{ + name = "."; + forward-addr = cfg.forwardAddresses; + }]; + }; }; }; } From 2c596395b0244d8c00aead9d0308cf4d91d14eeb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 10 May 2021 18:02:42 +0200 Subject: [PATCH 125/654] home: add nix-index --- home/default.nix | 1 + home/nix-index.nix | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/nix-index.nix diff --git a/home/default.nix b/home/default.nix index 9b33d23..7f0e587 100644 --- a/home/default.nix +++ b/home/default.nix @@ -14,6 +14,7 @@ ./gtk.nix ./htop.nix ./jq.nix + ./nix-index.nix ./nm-applet.nix ./packages.nix ./pager.nix diff --git a/home/nix-index.nix b/home/nix-index.nix new file mode 100644 index 0000000..ae6f338 --- /dev/null +++ b/home/nix-index.nix @@ -0,0 +1,13 @@ +{ config, lib, ... }: +let + cfg = config.my.home.nix-index; +in +{ + options.my.home.nix-index = with lib.my; { + enable = mkDisableOption "nix-index configuration"; + }; + + config.programs.nix-index = lib.mkIf cfg.enable { + enable = true; + }; +} From 2a0b5b78021ee2ea82ea9c9dc8c0078adcedbe3b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 10:27:19 +0200 Subject: [PATCH 126/654] pkgs: add myself as maintainer to all packages --- pkgs/comma/default.nix | 1 + pkgs/diff-flake/default.nix | 1 + pkgs/havm/default.nix | 1 + pkgs/i3-get-window-criteria/default.nix | 1 + pkgs/lohr/default.nix | 1 + pkgs/nolimips/default.nix | 1 + pkgs/podgrab/default.nix | 1 + pkgs/unbound-zones-adblock/default.nix | 1 + pkgs/unified-hosts-lists/default.nix | 1 + 9 files changed, 9 insertions(+) diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix index 73756d0..deab009 100644 --- a/pkgs/comma/default.nix +++ b/pkgs/comma/default.nix @@ -38,5 +38,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; license = with licenses; [ mit ]; platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/diff-flake/default.nix b/pkgs/diff-flake/default.nix index 9511952..4cd7777 100644 --- a/pkgs/diff-flake/default.nix +++ b/pkgs/diff-flake/default.nix @@ -38,5 +38,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; license = with licenses; [ mit ]; platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/havm/default.nix b/pkgs/havm/default.nix index 20817fc..97a708f 100644 --- a/pkgs/havm/default.nix +++ b/pkgs/havm/default.nix @@ -26,5 +26,6 @@ stdenv.mkDerivation rec { homepage = "https://www.lrde.epita.fr/wiki/Havm"; license = licenses.gpl2Plus; platforms = platforms.all; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix index 185e1e4..65cdb0e 100644 --- a/pkgs/i3-get-window-criteria/default.nix +++ b/pkgs/i3-get-window-criteria/default.nix @@ -39,5 +39,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; license = with licenses; [ mit ]; platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index 1ceb018..34182dd 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -17,5 +17,6 @@ rustPlatform.buildRustPackage rec { homepage = "https://github.com/alarsyo/lohr"; license = with licenses; [ mit asl20 ]; platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/nolimips/default.nix b/pkgs/nolimips/default.nix index ff5c9b0..49cd1b0 100644 --- a/pkgs/nolimips/default.nix +++ b/pkgs/nolimips/default.nix @@ -19,5 +19,6 @@ stdenv.mkDerivation rec { homepage = "https://www.lrde.epita.fr/wiki/Nolimips"; license = licenses.gpl2; platforms = platforms.all; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/podgrab/default.nix b/pkgs/podgrab/default.nix index 7f18416..aa7f981 100644 --- a/pkgs/podgrab/default.nix +++ b/pkgs/podgrab/default.nix @@ -25,5 +25,6 @@ buildGoModule rec { ''; homepage = "https://github.com/akhilrex/podgrab"; license = licenses.gpl3; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index c4309bd..e8afbe1 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -33,5 +33,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/StevenBlack/hosts"; license = licenses.mit; platforms = platforms.all; + maintainers = with maintainers; [ ambroisie ]; }; } diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index af55994..2c49924 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -29,5 +29,6 @@ stdenvNoCC.mkDerivation rec { homepage = "https://github.com/StevenBlack/hosts"; license = licenses.mit; platforms = platforms.all; + maintainers = with maintainers; [ ambroisie ]; }; } From f6ace9d438746c04761402bc75e5b3135acfe43f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 15:05:57 +0200 Subject: [PATCH 127/654] services: add TLP --- services/default.nix | 1 + services/tlp.nix | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 services/tlp.nix diff --git a/services/default.nix b/services/default.nix index fc377d9..6096454 100644 --- a/services/default.nix +++ b/services/default.nix @@ -22,6 +22,7 @@ ./rss-bridge.nix ./sabnzbd.nix ./ssh-server.nix + ./tlp.nix ./transmission.nix ./wireguard.nix ]; diff --git a/services/tlp.nix b/services/tlp.nix new file mode 100644 index 0000000..a560319 --- /dev/null +++ b/services/tlp.nix @@ -0,0 +1,22 @@ +# TLP power management +{ config, lib, ... }: +let + cfg = config.my.services.tlp; +in +{ + options.my.services.tlp = { + enable = lib.mkEnableOption "TLP power management configuration"; + }; + + config = lib.mkIf cfg.enable { + services.tlp = { + enable = true; + + settings = { + # Keep charge between 60% and 80% to preserve battery life + START_CHARGE_THRESH_BAT0 = 60; + STOP_CHARGE_THRESH_BAT0 = 80; + }; + }; + }; +} From 02c2a23ee5d3fbdb9ff5f39d232a53e452cdff29 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 May 2021 15:06:13 +0200 Subject: [PATCH 128/654] profiles: laptop: enable TLP --- profiles/laptop.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/laptop.nix b/profiles/laptop.nix index 055c0b2..f834ac8 100644 --- a/profiles/laptop.nix +++ b/profiles/laptop.nix @@ -11,6 +11,9 @@ in # Enable touchpad support services.xserver.libinput.enable = true; + # Enable TLP power management + my.services.tlp.enable = true; + # Enable upower power management my.modules.upower.enable = true; From 1a5dd0b91c08c9b1fc973f1f1960ec22ce62410f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 17:57:01 +0200 Subject: [PATCH 129/654] home: wm: rofi: configure terminal --- home/wm/rofi.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/wm/rofi.nix b/home/wm/rofi.nix index 87f167a..9707ed7 100644 --- a/home/wm/rofi.nix +++ b/home/wm/rofi.nix @@ -7,6 +7,8 @@ in programs.rofi = { enable = true; + terminal = config.my.home.terminal.program; # null by default + package = pkgs.rofi.override { plugins = with pkgs; [ rofi-emoji From e4d8a4d4b2f93ecda06a85b7bf3ad1678de03a37 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 20:25:02 +0200 Subject: [PATCH 130/654] flake: inject 'inputs' into NixOS configuration --- flake.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flake.nix b/flake.nix index f54c252..6fa7b2a 100644 --- a/flake.nix +++ b/flake.nix @@ -76,6 +76,8 @@ specialArgs = { # Use my extended lib in NixOS configuration inherit lib; + # Inject inputs to use them in global registry + inherit inputs; }; }; in From d086af7e006e21dff145f40f8a48883156f1b086 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 20:25:09 +0200 Subject: [PATCH 131/654] modules: nix: pin flake registry to common inputs --- modules/nix.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/nix.nix b/modules/nix.nix index fb601a5..6cba363 100644 --- a/modules/nix.nix +++ b/modules/nix.nix @@ -1,9 +1,17 @@ # Nix related settings -{ pkgs, ... }: +{ inputs, pkgs, ... }: { nix = { package = pkgs.nixFlakes; + registry = { + # Allow me to use my custom package using `nix run self#pkg` + self.flake = inputs.self; + # Do not follow master, use pinned revision instead + nixpkgs.flake = inputs.nixpkgs; + # Add NUR to run some packages that are only present there + nur.flake = inputs.nur; + }; extraOptions = '' experimental-features = nix-command flakes ''; From 129fcdd42ccc0f038151789ee398e91742e8bcbc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 20:57:18 +0200 Subject: [PATCH 132/654] pkgs: remove podgrab Now that it has been merged upstream, no reason to keep it. --- pkgs/default.nix | 2 -- pkgs/podgrab/default.nix | 30 ------------------------------ services/podgrab.nix | 2 +- 3 files changed, 1 insertion(+), 33 deletions(-) delete mode 100644 pkgs/podgrab/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 82aa254..2f21e7f 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -12,8 +12,6 @@ rec { nolimips = pkgs.callPackage ./nolimips { }; - podgrab = pkgs.callPackage ./podgrab { }; - unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { inherit unified-hosts-lists; }; diff --git a/pkgs/podgrab/default.nix b/pkgs/podgrab/default.nix deleted file mode 100644 index aa7f981..0000000 --- a/pkgs/podgrab/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ buildGoModule, fetchFromGitHub, lib }: - -buildGoModule rec { - pname = "podgrab"; - version = "2021-03-26"; - - src = fetchFromGitHub { - owner = "akhilrex"; - repo = "podgrab"; - rev = "3179a875b8b638fb86d0e829d12a9761c1cd7f90"; - sha256 = "sha256-vhxIm20ZUi+RusrAsSY54tv/D570/oMO5qLz9dNqgqo="; - }; - - vendorSha256 = "sha256-xY9xNuJhkWPgtqA/FBVIp7GuWOv+3nrz6l3vaZVLlIE="; - - postInstall = '' - mkdir -p $out/share/ - cp -r "$src/client" "$out/share/" - cp -r "$src/webassets" "$out/share/" - ''; - - meta = with lib; { - description = '' - A self-hosted podcast manager to download episodes as soon as they become live - ''; - homepage = "https://github.com/akhilrex/podgrab"; - license = licenses.gpl3; - maintainers = with maintainers; [ ambroisie ]; - }; -} diff --git a/services/podgrab.nix b/services/podgrab.nix index 556ffff..bfccc72 100644 --- a/services/podgrab.nix +++ b/services/podgrab.nix @@ -8,7 +8,7 @@ let domain = config.networking.domain; podgrabDomain = "podgrab.${domain}"; - podgrabPkg = pkgs.ambroisie.podgrab; + podgrabPkg = pkgs.podgrab; in { options.my.services.podgrab = with lib; { From 943ea20b165bc89f6bc00d73a892b22a22ff9e2b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 22:50:05 +0200 Subject: [PATCH 133/654] services: podgrab: switch to upstream service --- services/podgrab.nix | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/services/podgrab.nix b/services/podgrab.nix index bfccc72..47b0b73 100644 --- a/services/podgrab.nix +++ b/services/podgrab.nix @@ -7,8 +7,6 @@ let domain = config.networking.domain; podgrabDomain = "podgrab.${domain}"; - - podgrabPkg = pkgs.podgrab; in { options.my.services.podgrab = with lib; { @@ -33,24 +31,9 @@ in }; config = lib.mkIf cfg.enable { - systemd.services.podgrab = { - description = "Podgrab podcast manager"; - wantedBy = [ "multi-user.target" ]; - environment = { - CONFIG = "/var/lib/podgrab/config"; - DATA = "/var/lib/podgrab/data"; - GIN_MODE = "release"; - PORT = toString cfg.port; - }; - serviceConfig = { - DynamicUser = true; - EnvironmentFile = lib.optional (cfg.passwordFile != null) [ - cfg.passwordFile - ]; - ExecStart = "${podgrabPkg}/bin/podgrab"; - WorkingDirectory = "${podgrabPkg}/share"; - StateDirectory = [ "podgrab/config" "podgrab/data" ]; - }; + services.podgrab = { + enable = true; + inherit (cfg) passwordFile port; }; services.nginx.virtualHosts."${podgrabDomain}" = { From 91132901612a214f144fc2c7d9015c35cd694d61 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 11 May 2021 18:46:43 +0200 Subject: [PATCH 134/654] pkgs: add ff2mpv-go --- pkgs/default.nix | 2 ++ pkgs/ff2mpv-go/default.nix | 30 ++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+) create mode 100644 pkgs/ff2mpv-go/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 2f21e7f..58e65cd 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -4,6 +4,8 @@ rec { diff-flake = pkgs.callPackage ./diff-flake { }; + ff2mpv-go = pkgs.callPackage ./ff2mpv-go { }; + havm = pkgs.callPackage ./havm { }; i3-get-window-criteria = pkgs.callPackage ./i3-get-window-criteria { }; diff --git a/pkgs/ff2mpv-go/default.nix b/pkgs/ff2mpv-go/default.nix new file mode 100644 index 0000000..9efcf13 --- /dev/null +++ b/pkgs/ff2mpv-go/default.nix @@ -0,0 +1,30 @@ +{ buildGoModule, fetchgit, lib, mpv }: +buildGoModule rec { + pname = "ff2mpv-go"; + version = "1.0.1"; + + src = fetchgit { + url = "https://git.clsr.net/util/ff2mpv-go/"; + rev = "v${version}"; + sha256 = "sha256-e/AuOA3isFTyBf97Zwtr16yo49UdYzvktV5PKB/eH/s="; + }; + + vendorSha256 = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo="; + + postPatch = '' + sed -i -e 's,"mpv","${mpv}/bin/mpv",' ff2mpv.go + ''; + + postInstall = '' + mkdir -p "$out/lib/mozilla/native-messaging-hosts" + $out/bin/ff2mpv-go --manifest > "$out/lib/mozilla/native-messaging-hosts/ff2mpv.json" + ''; + + meta = with lib; { + description = '' + Native messaging host for ff2mpv written in Go. + ''; + homepage = "https://git.clsr.net/util/ff2mpv-go/"; + license = licenses.publicDomain; + }; +} From fb56631ef3ebdf23f3f06a7c1c57da2de266c8d0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 21:20:28 +0200 Subject: [PATCH 135/654] home: add mpv --- home/default.nix | 1 + home/mpv.nix | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 home/mpv.nix diff --git a/home/default.nix b/home/default.nix index 7f0e587..ddbf1ca 100644 --- a/home/default.nix +++ b/home/default.nix @@ -14,6 +14,7 @@ ./gtk.nix ./htop.nix ./jq.nix + ./mpv.nix ./nix-index.nix ./nm-applet.nix ./packages.nix diff --git a/home/mpv.nix b/home/mpv.nix new file mode 100644 index 0000000..9aef379 --- /dev/null +++ b/home/mpv.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.mpv; +in +{ + options.my.home.mpv = with lib; { + enable = mkEnableOption "mpv configuration"; + }; + + config = lib.mkIf cfg.enable { + programs.mpv = { + enable = true; + + scripts = [ + pkgs.mpvScripts.mpris # Allow controlling using media keys + ]; + }; + }; +} From 15abb291ef641adcb36ebe0404463b0604f47acf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 21:20:39 +0200 Subject: [PATCH 136/654] machines: aramis: home: enable mpv --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index c889272..404a4d0 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -16,6 +16,8 @@ quasselClient # IRC client transgui # Transmission remote ]; + # Minimal video player + mpv.enable = true; # Network-Manager applet nm-applet.enable = true; # Termite terminal From e80485018c07df195827347e7de0e5712d36775f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 21:28:10 +0200 Subject: [PATCH 137/654] home: firefox: add ff2mpv This allows watching videos using mpv via a simple button. --- home/firefox/default.nix | 9 +++++++++ home/firefox/firefox.nix | 12 ++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/home/firefox/default.nix b/home/firefox/default.nix index fd7d5ba..601644b 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -11,6 +11,15 @@ default = config.my.home.firefox.enable; }; }; + + ff2mpv = { + enable = mkOption { + type = types.bool; + description = "ff2mpv configuration"; + example = false; + default = config.my.home.mpv.enable; + }; + }; }; imports = [ diff --git a/home/firefox/firefox.nix b/home/firefox/firefox.nix index 68a8337..d5ecd53 100644 --- a/home/firefox/firefox.nix +++ b/home/firefox/firefox.nix @@ -10,6 +10,11 @@ in cfg = { enableTridactylNative = cfg.tridactyl.enable; }; + + extraNativeMessagingHosts = with pkgs; ([ ] + # Watch videos using mpv + ++ lib.optional cfg.ff2mpv.enable ambroisie.ff2mpv-go + ); }; profiles = { @@ -35,13 +40,16 @@ in }; }; - extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + extensions = with pkgs.nur.repos.rycee.firefox-addons; ([ bitwarden form-history-control https-everywhere i-dont-care-about-cookies reddit-enhancement-suite ublock-origin - ] ++ lib.optional (cfg.tridactyl.enable) tridactyl; + ] + ++ lib.optional (cfg.tridactyl.enable) tridactyl + ++ lib.optional (cfg.ff2mpv.enable) ff2mpv + ); }; } From cc377138390093851cdc3546ac9473ff485cfbce Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 16 May 2021 19:12:20 +0200 Subject: [PATCH 138/654] home: firefox: tridactyl: fix Reddit URL rewriter --- home/firefox/tridactylrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/firefox/tridactylrc b/home/firefox/tridactylrc index 20a67e3..869d6e5 100644 --- a/home/firefox/tridactylrc +++ b/home/firefox/tridactylrc @@ -61,7 +61,7 @@ unbind " Redirections {{{ " Always redirect Reddit to the old site -autocmd DocStart ^http(s?)://www.redit.com js tri.excmds.urlmodify("-t", "www", "old") +autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old") " }}} " Disabled websites {{{ From f2b20c65a81543b6d0627c62556ed12e14602936 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 20 May 2021 19:12:20 +0200 Subject: [PATCH 139/654] modules: nix: expose pinned nixpkgs as 'pkgs' That way if I do want to use that latest version, I can still use `nixpkgs#`. --- modules/nix.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nix.nix b/modules/nix.nix index 6cba363..bfde967 100644 --- a/modules/nix.nix +++ b/modules/nix.nix @@ -7,8 +7,8 @@ registry = { # Allow me to use my custom package using `nix run self#pkg` self.flake = inputs.self; - # Do not follow master, use pinned revision instead - nixpkgs.flake = inputs.nixpkgs; + # Use pinned nixpkgs when using `nix run pkgs#` + pkgs.flake = inputs.nixpkgs; # Add NUR to run some packages that are only present there nur.flake = inputs.nur; }; From 8a8f7387f4b27de0ae174e2e6a1f7792b6287a8c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 21 May 2021 23:46:07 +0200 Subject: [PATCH 140/654] pkgs: add bw-pass Until `rbw` gets support for Yubikey 2FA, I still need a decent way to query for my passwords on the command line... This wrapper program should be good enough for basic usage with programs that need a password command. --- pkgs/bw-pass/bw-pass | 74 ++++++++++++++++++++++++++++++++++++++++ pkgs/bw-pass/default.nix | 45 ++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 3 files changed, 121 insertions(+) create mode 100755 pkgs/bw-pass/bw-pass create mode 100644 pkgs/bw-pass/default.nix diff --git a/pkgs/bw-pass/bw-pass b/pkgs/bw-pass/bw-pass new file mode 100755 index 0000000..16c931e --- /dev/null +++ b/pkgs/bw-pass/bw-pass @@ -0,0 +1,74 @@ +#!/usr/bin/env bash + +AUTO_LOCK=900 # 15min timeout by default + +usage() { + printf '%s\n' "Usage: bw-pass [directory name] " >&2 +} + +prompt_pass() { + rofi -dmenu -password -no-fixed-num-lines -p "$1" +} + +error_out() { + rofi -dmenu -no-fixed-num-lines -p "$1" + exit 1 +} + +login() { + local PASSWORD + PASSWORD="$(prompt_pass "Password")" || error_out "Cannot prompt password" + export BW_SESSION + BW_SESSION="$(bw unlock "$PASSWORD" --raw)" || error_out "Cannot unlock" +} + +ensure_logged_in() { + # Use the same keyring as bitwarden-rofi for this + + local KEY_ID + keyctl link @u @s + if ! KEY_ID="$(keyctl request user bw_session 2>/dev/null)"; then + login + KEY_ID="$(keyctl add user bw_session "$BW_SESSION" @u)" + fi + + if [ "$AUTO_LOCK" -gt 0 ]; then + keyctl timeout "$KEY_ID" "$AUTO_LOCK" + fi + export BW_SESSION + BW_SESSION="$(keyctl pipe "$KEY_ID")" + keyctl unlink @u @s +} + +query_password() { + # Either use with `query_password + # Or `query_password ` when the account has no directory + + local FOLDER_ID + local PASSWORD + + if [ $# -eq 2 ]; then + FOLDER_ID="$(bw list folders | + jq '.[] | select(.name == "'"$1"'") | .id' | + cut -d'"' -f2)" + shift + else + FOLDER_ID=null + fi + PASSWORD="$(bw list items --folderid "$FOLDER_ID" | + jq '.[] | select(.name == "'"$1"'") | .login.password' | + cut -d'"' -f2)" + + if [ -z "$PASSWORD" ]; then + error_out "Did not find password for '$1'" + fi + printf '%s\n' "$PASSWORD" +} + +if [ $# -lt 1 ] || [ $# -gt 2 ]; then + usage + exit 1 +fi + +ensure_logged_in +query_password "$@" diff --git a/pkgs/bw-pass/default.nix b/pkgs/bw-pass/default.nix new file mode 100644 index 0000000..a5297d5 --- /dev/null +++ b/pkgs/bw-pass/default.nix @@ -0,0 +1,45 @@ +{ bitwarden-cli, coreutils, jq, keyutils, lib, makeWrapper, rofi, shellcheck, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "bw-pass"; + version = "0.1.0"; + + src = ./bw-pass; + + phases = [ "buildPhase" "installPhase" "fixupPhase" ]; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/${pname} + chmod a+x $out/bin/${pname} + ''; + + wrapperPath = lib.makeBinPath [ + bitwarden-cli + coreutils + jq + keyutils + rofi + ]; + + fixupPhase = '' + patchShebangs $out/bin/${pname} + wrapProgram $out/bin/${pname} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = "A simple script to query a password from bitwarden"; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 58e65cd..197acfb 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,7 @@ { pkgs }: rec { + bw-pass = pkgs.callPackage ./bw-pass { }; + comma = pkgs.callPackage ./comma { }; diff-flake = pkgs.callPackage ./diff-flake { }; From 81647c5a02c1767c976efc71c21508f8983e6d3e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 15 May 2021 13:56:07 +0200 Subject: [PATCH 141/654] home: terminal: use 'cfg.terminal' for TERMINAL --- home/terminal/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/terminal/default.nix b/home/terminal/default.nix index 676eed9..5d32556 100644 --- a/home/terminal/default.nix +++ b/home/terminal/default.nix @@ -56,6 +56,6 @@ in }; config.home.sessionVariables = lib.mkIf (cfg.program != null) { - TERMINAL = "termite"; + TERMINAL = cfg.program; }; } From 182ec2a4dbdf20c87cdcf86cc2d816d0fc62fa13 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 16:04:46 +0200 Subject: [PATCH 142/654] home: add mail and accounts configuration --- home/default.nix | 1 + home/mail/accounts.nix | 95 ++++++++++++++++++++++++++++++++++++++++++ home/mail/default.nix | 12 ++++++ 3 files changed, 108 insertions(+) create mode 100644 home/mail/accounts.nix create mode 100644 home/mail/default.nix diff --git a/home/default.nix b/home/default.nix index ddbf1ca..8b638aa 100644 --- a/home/default.nix +++ b/home/default.nix @@ -14,6 +14,7 @@ ./gtk.nix ./htop.nix ./jq.nix + ./mail ./mpv.nix ./nix-index.nix ./nm-applet.nix diff --git a/home/mail/accounts.nix b/home/mail/accounts.nix new file mode 100644 index 0000000..8a3e1eb --- /dev/null +++ b/home/mail/accounts.nix @@ -0,0 +1,95 @@ +{ lib, pkgs, ... }: +let + mkAddress = address: domain: "${address}@${domain}"; + + mkConfig = { domain, address, passName, aliases ? [ ], primary ? false }: { + realName = lib.mkDefault "Bruno BELANYI"; + userName = lib.mkDefault (mkAddress address domain); + passwordCommand = + lib.mkDefault [ "${pkgs.ambroisie.bw-pass}/bin/bw-pass" "Mail" passName ]; + + address = mkAddress address domain; + aliases = builtins.map (lib.flip mkAddress domain) aliases; + + inherit primary; + }; + + migaduConfig = { + imap = { + host = "imap.migadu.com"; + port = 993; + tls = { + enable = true; + }; + }; + smtp = { + host = "smtp.migadu.com"; + port = 465; + tls = { + enable = true; + }; + }; + }; + + gmailConfig = { + flavor = "gmail.com"; + folders = { + drafts = "[Gmail]/Drafts"; + sent = "[Gmail]/Sent Mail"; + trash = "[Gmail]/Trash"; + }; + }; + + office365Config = { + imap = { + host = "outlook.office365.com"; + port = 993; + tls = { + enable = true; + }; + }; + smtp = { + host = "outlook.office365.com"; + port = 587; + tls = { + enable = true; + useStartTls = true; + }; + }; + }; +in +{ + config.accounts.email.accounts = { + personal = lib.mkMerge [ + # Common configuraton + (mkConfig { + domain = "belanyi.fr"; + address = "bruno"; + passName = "Migadu"; + aliases = [ "admin" "postmaster" ]; + primary = true; # This is my primary email + }) + migaduConfig + ]; + + gmail = lib.mkMerge [ + # Common configuraton + (mkConfig { + domain = "gmail.com"; + address = "brunobelanyi"; + passName = "GMail"; + }) + gmailConfig + ]; + + epita = lib.mkMerge [ + # Common configuration + (mkConfig { + domain = "epita.fr"; + address = "bruno.belanyi"; + passName = "EPITA"; + }) + office365Config + ]; + }; +} diff --git a/home/mail/default.nix b/home/mail/default.nix new file mode 100644 index 0000000..32c918e --- /dev/null +++ b/home/mail/default.nix @@ -0,0 +1,12 @@ +{ config, lib, ... }: +{ + imports = [ + ./accounts.nix + ]; + + config = { + accounts.email = { + maildirBasePath = "mail"; + }; + }; +} From d31e293cef03b1804d8d9652de78e7f6c39d72d5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 16:09:11 +0200 Subject: [PATCH 143/654] home: mail: add msmtp --- home/mail/accounts.nix | 8 +++++++- home/mail/default.nix | 14 ++++++++++++++ home/mail/msmtp.nix | 9 +++++++++ 3 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 home/mail/msmtp.nix diff --git a/home/mail/accounts.nix b/home/mail/accounts.nix index 8a3e1eb..7f1ad02 100644 --- a/home/mail/accounts.nix +++ b/home/mail/accounts.nix @@ -1,5 +1,7 @@ -{ lib, pkgs, ... }: +{ config, lib, pkgs, ... }: let + cfg = config.my.home.mail; + mkAddress = address: domain: "${address}@${domain}"; mkConfig = { domain, address, passName, aliases ? [ ], primary ? false }: { @@ -12,6 +14,10 @@ let aliases = builtins.map (lib.flip mkAddress domain) aliases; inherit primary; + + msmtp = { + enable = cfg.msmtp.enable; + }; }; migaduConfig = { diff --git a/home/mail/default.nix b/home/mail/default.nix index 32c918e..cc81d0c 100644 --- a/home/mail/default.nix +++ b/home/mail/default.nix @@ -1,9 +1,23 @@ { config, lib, ... }: +let + cfg = config.my.home.mail; + + mkRelatedOption = desc: lib.mkEnableOption desc // { default = cfg.enable; }; +in { imports = [ ./accounts.nix + ./msmtp.nix ]; + options.my.home.mail = with lib; { + enable = my.mkDisableOption "email configuration"; + + msmtp = { + enable = mkRelatedOption "msmtp configuration"; + }; + }; + config = { accounts.email = { maildirBasePath = "mail"; diff --git a/home/mail/msmtp.nix b/home/mail/msmtp.nix new file mode 100644 index 0000000..3e725e8 --- /dev/null +++ b/home/mail/msmtp.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.mail.msmtp; +in +{ + config.programs.msmtp = lib.mkIf cfg.enable { + enable = true; + }; +} From b134aedff0dd72ee9c1da1c574579cb3d4a9db23 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 16:23:39 +0200 Subject: [PATCH 144/654] home: wm: i3bar: invert baclight icon Because I am using an emoji font, it looks better that way. --- home/wm/i3bar.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index 3e74bde..e9c85de 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -36,6 +36,7 @@ in } { block = "backlight"; + invert_icons = true; } { block = "battery"; From a33fbc665939e74bd6a84a9cb4471caca6deefff Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 22:45:05 +0200 Subject: [PATCH 145/654] services: add flood --- services/default.nix | 1 + services/flood.nix | 53 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 services/flood.nix diff --git a/services/default.nix b/services/default.nix index 6096454..424e26f 100644 --- a/services/default.nix +++ b/services/default.nix @@ -7,6 +7,7 @@ ./blog.nix ./calibre-web.nix ./drone.nix + ./flood.nix ./gitea.nix ./indexers.nix ./jellyfin.nix diff --git a/services/flood.nix b/services/flood.nix new file mode 100644 index 0000000..70988cb --- /dev/null +++ b/services/flood.nix @@ -0,0 +1,53 @@ +# A nice UI for various torrent clients +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.flood; + + domain = config.networking.domain; + webuiDomain = "flood.${domain}"; +in +{ + options.my.services.flood = with lib; { + enable = mkEnableOption "Flood UI"; + + port = mkOption { + type = types.port; + default = 9092; + example = 3000; + description = "Internal port for Flood UI"; + }; + + stateDir = mkOption { + type = types.str; + default = "flood"; + example = "floodUI"; + description = "Directory under `/var/run` for storing Flood's files"; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.flood = { + description = "Flood torrent UI"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + ExecStart = lib.concatStringsSep " " [ + "${pkgs.flood}/bin/flood" + "--port ${builtins.toString cfg.port}" + "--rundir /var/lib/${cfg.stateDir}" + ]; + DynamicUser = true; + StateDirectory = cfg.stateDir; + ReadWritePaths = ""; + }; + }; + + services.nginx.virtualHosts."${webuiDomain}" = { + forceSSL = true; + useACMEHost = domain; + + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; + }; + }; +} From 78d77890de0aa9ef506586053591c359ca3d9efe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 22 May 2021 22:45:47 +0200 Subject: [PATCH 146/654] machines: porthos: services: enable flood --- machines/porthos/services.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 910987d..9773007 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -40,6 +40,10 @@ in sharedSecretFile = builtins.toFile "rpc.env" my.secrets.drone.secret; }; + # Flood UI for transmission + flood = { + enable = true; + }; # Gitea forge gitea.enable = true; # Meta-indexers From 9d3d86365c43dc1e60b1cc2e7025080472947bc9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 23 May 2021 00:14:26 +0200 Subject: [PATCH 147/654] project: readme: mention manual flood config --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 8d84109..a68f7dc 100644 --- a/README.md +++ b/README.md @@ -21,3 +21,4 @@ Secondly, take care of a few manual steps: * Configure Sonarr, Radarr, Bazarr * Configure Transmission's webui port * Configure Quassel user +* Configure Flood account From 406eeea9f699f2f197410a69fc91cde9bd060e1d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 23 May 2021 00:32:59 +0200 Subject: [PATCH 148/654] services: podgrab: remove mention of merged PR --- services/podgrab.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/services/podgrab.nix b/services/podgrab.nix index 47b0b73..7926fc2 100644 --- a/services/podgrab.nix +++ b/services/podgrab.nix @@ -1,6 +1,4 @@ -# A simple podcast fetcher. See [1] -# -# [1]: https://github.com/NixOS/nixpkgs/pull/106008 +# A simple podcast fetcher { config, lib, pkgs, ... }: let cfg = config.my.services.podgrab; From a508db48c93f6751dc63dc642636fb1820860b2f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 17:59:18 +0200 Subject: [PATCH 149/654] modules: add sound I will probably want to share this configuration between multiple machines in the future. --- modules/default.nix | 1 + modules/sound.nix | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 modules/sound.nix diff --git a/modules/default.nix b/modules/default.nix index a5ffc91..32b5b6f 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -12,6 +12,7 @@ ./networking.nix ./nix.nix ./packages.nix + ./sound.nix ./upower.nix ./users.nix ]; diff --git a/modules/sound.nix b/modules/sound.nix new file mode 100644 index 0000000..5e5ca63 --- /dev/null +++ b/modules/sound.nix @@ -0,0 +1,25 @@ +{ config, lib, ... }: +let + cfg = config.my.modules.sound; +in +{ + options.my.modules.sound = with lib; { + enable = mkEnableOption "sound configuration"; + + pulse = { + enable = mkEnableOption "pulseaudio configuration"; + }; + }; + + config = lib.mkIf cfg.enable (lib.mkMerge [ + # Basic configuration + { + sound.enable = true; + } + + # Pulseaudio setup + (lib.mkIf cfg.pulse.enable { + hardware.pulseaudio.enable = true; + }) + ]); +} From 8b4966fcbe512b7127586b4b9479bec06f3f3a6e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 17:59:45 +0200 Subject: [PATCH 150/654] machines: aramis: sound: use common module --- machines/aramis/sound.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/machines/aramis/sound.nix b/machines/aramis/sound.nix index 38365f6..586f3ff 100644 --- a/machines/aramis/sound.nix +++ b/machines/aramis/sound.nix @@ -1,5 +1,10 @@ { ... }: { - sound.enable = true; - hardware.pulseaudio.enable = true; + my.modules.sound = { + enable = true; + + pulse = { + enable = true; + }; + }; } From 931b67fdb2c257d7e3a051bf5478f2c2d7af237a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 18:17:39 +0200 Subject: [PATCH 151/654] modules: sound: add pipewire configuration --- modules/sound.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/modules/sound.nix b/modules/sound.nix index 5e5ca63..567a974 100644 --- a/modules/sound.nix +++ b/modules/sound.nix @@ -6,6 +6,10 @@ in options.my.modules.sound = with lib; { enable = mkEnableOption "sound configuration"; + pipewire = { + enable = mkEnableOption "pipewire configuration"; + }; + pulse = { enable = mkEnableOption "pulseaudio configuration"; }; @@ -17,6 +21,32 @@ in sound.enable = true; } + (lib.mkIf cfg.pipewire.enable { + # RealtimeKit is recommended + security.rtkit.enable = true; + + services.pipewire = { + enable = true; + + alsa = { + enable = true; + support32Bit = true; + }; + + pulse = { + enable = true; + }; + + jack = { + enable = true; + }; + + media-session = { + enable = true; + }; + }; + }) + # Pulseaudio setup (lib.mkIf cfg.pulse.enable { hardware.pulseaudio.enable = true; From 414606b58ea6b77698a614835918513f80463421 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 18:18:40 +0200 Subject: [PATCH 152/654] modules: bluetooth: add pipewire codecs --- modules/bluetooth.nix | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/modules/bluetooth.nix b/modules/bluetooth.nix index 661ed60..b4b8362 100644 --- a/modules/bluetooth.nix +++ b/modules/bluetooth.nix @@ -24,6 +24,43 @@ in extraModules = [ pkgs.pulseaudio-modules-bt ]; package = pkgs.pulseaudioFull; }; + + services.pipewire = { + media-session.config.bluez-monitor.rules = [ + { + # Matches all cards + matches = [{ "device.name" = "~bluez_card.*"; }]; + actions = { + "update-props" = { + "bluez5.reconnect-profiles" = [ + "hfp_hf" + "hsp_hs" + "a2dp_sink" + ]; + # mSBC provides better audio + microphone + "bluez5.msbc-support" = true; + # SBC XQ provides better audio + "bluez5.sbc-xq-support" = true; + }; + }; + } + { + matches = [ + # Matches all sources + { + "node.name" = "~bluez_input.*"; + } + # Matches all outputs + { + "node.name" = "~bluez_output.*"; + } + ]; + actions = { + "node.pause-on-idle" = false; + }; + } + ]; + }; }) # Support for A2DP audio profile From 796df5475e2ff534c9d15aeff3d766f344b2f1d3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 18:35:06 +0200 Subject: [PATCH 153/654] home: wm: i3: use pamixer for audio control This can be used with either pipewire and pulseaudio without having to install all of pulseaudio. --- home/wm/i3.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 05c381d..853be11 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -36,6 +36,7 @@ in home.packages = with pkgs; [ ambroisie.i3-get-window-criteria # little helper for i3 configuration arandr # Used by a mapping + pamixer # Used by a mapping playerctl # Used by a mapping ]; @@ -209,12 +210,12 @@ in ) { # Media keys - "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "Control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%"; - "Control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%"; - "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; - "XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + "XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 5"; + "XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 5"; + "Control+XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 1"; + "Control+XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 1"; + "XF86AudioMute" = "exec pamixer --toggle-mute"; + "XF86AudioMicMute" = "exec pamixer --default-source --toggle-mute"; "XF86AudioPlay" = "exec playerctl play-pause"; "XF86AudioNext" = "exec playerctl next"; From ca1c7962eab7af75d4c5f57d67dd588d3a355bf6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 18:19:05 +0200 Subject: [PATCH 154/654] machines: aramis: sound: switch to pipewire The support for mSBC means I should get better audio on my QC35. --- machines/aramis/sound.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/aramis/sound.nix b/machines/aramis/sound.nix index 586f3ff..97537e3 100644 --- a/machines/aramis/sound.nix +++ b/machines/aramis/sound.nix @@ -3,7 +3,7 @@ my.modules.sound = { enable = true; - pulse = { + pipewire = { enable = true; }; }; From f66da6fee6fa065d1bfc2bed55fb25618b7fdf67 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 May 2021 20:26:37 +0200 Subject: [PATCH 155/654] home: git: add 'pick' alias I wanted to name it 'pickaxe' but for a curious reason, it does not seem to be working when I use that alias... I am trying to find a second alias name for `git log -p -S`, which only shows commits that change the number of occurrences of its pickaxe in the file. Whereas `-G` shows any commit involving the pickaxe in its diff. --- home/git/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/git/default.nix b/home/git/default.nix index da5efae..718ff27 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -23,6 +23,7 @@ in assume = "update-index --assume-unchanged"; unassume = "update-index --no-assume-unchanged"; assumed = "!git ls-files -v | grep ^h | cut -c 3-"; + pick = "log -p -G"; push-new = "!git push -u origin " + ''"$(git branch | grep '^* ' | cut -f2- -d' ')"''; }; From 76d165343e065437b8a39106107e9f695d329770 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 19:05:17 +0200 Subject: [PATCH 156/654] pkgs: add vimix-cursors --- pkgs/default.nix | 2 ++ pkgs/vimix-cursors/default.nix | 44 ++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 pkgs/vimix-cursors/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 197acfb..380ee0b 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -16,6 +16,8 @@ rec { nolimips = pkgs.callPackage ./nolimips { }; + vimix-cursors = pkgs.callPackage ./vimix-cursors { }; + unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { inherit unified-hosts-lists; }; diff --git a/pkgs/vimix-cursors/default.nix b/pkgs/vimix-cursors/default.nix new file mode 100644 index 0000000..78057ef --- /dev/null +++ b/pkgs/vimix-cursors/default.nix @@ -0,0 +1,44 @@ +{ python3, fetchFromGitHub, inkscape, lib, stdenvNoCC, xcursorgen }: +let + py = python3.withPackages (ps: with ps; [ cairosvg ]); +in +stdenvNoCC.mkDerivation rec { + pname = "vimix-cursors"; + version = "unstable-2020-04-28"; + + src = fetchFromGitHub { + owner = "vinceliuice"; + repo = pname; + rev = "27ebb1935944bc986bf8ae85ee3343b8351d9823"; + sha256 = "sha256-bIPRrKaNQ2Eo+T6zv7qeA1z7uRHXezM0yxh+uqA01Gs="; + }; + + nativeBuildInputs = [ + inkscape + py + xcursorgen + ]; + + postPatch = '' + patchShebangs . + ''; + + buildPhase = '' + HOME="$NIX_BUILD_ROOT" ./build.sh + ''; + + installPhase = '' + install -dm 755 $out/share/icons + for color in "" "-white"; do + cp -pr dist''${color}/ "$out/share/icons/Vimix''${color}-cursors" + done + ''; + + meta = with lib; { + description = "An X cursor theme inspired by Materia design"; + homepage = "https://github.com/vinceliuice/Vimix-cursors"; + license = licenses.gpl3Only; + platforms = platforms.linux; + maintainers = with maintainers; [ ambroisie ]; + }; +} From 059831b5320de0b27e2e619ba230b0b0e23fd703 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 19:05:38 +0200 Subject: [PATCH 157/654] home: x: cursor: switch to Vimix --- home/x/cursor.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/x/cursor.nix b/home/x/cursor.nix index 4bbff0c..4762199 100644 --- a/home/x/cursor.nix +++ b/home/x/cursor.nix @@ -5,8 +5,8 @@ in { config = lib.mkIf cfg.enable { xsession.pointerCursor = { - package = pkgs.numix-cursor-theme; - name = "Numix-Cursor"; + package = pkgs.ambroisie.vimix-cursors; + name = "Vimix-cursors"; }; }; } From 395f15f18100c1aacb3131270cdc851edada18dc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 19:57:31 +0200 Subject: [PATCH 158/654] pkgs: add volantes-cursors --- pkgs/default.nix | 2 ++ pkgs/volantes-cursors/default.nix | 44 +++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 pkgs/volantes-cursors/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 380ee0b..7419501 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -18,6 +18,8 @@ rec { vimix-cursors = pkgs.callPackage ./vimix-cursors { }; + volantes-cursors = pkgs.callPackage ./volantes-cursors { }; + unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { inherit unified-hosts-lists; }; diff --git a/pkgs/volantes-cursors/default.nix b/pkgs/volantes-cursors/default.nix new file mode 100644 index 0000000..08cec66 --- /dev/null +++ b/pkgs/volantes-cursors/default.nix @@ -0,0 +1,44 @@ +{ fetchFromGitHub, inkscape, lib, stdenvNoCC, xcursorgen }: +stdenvNoCC.mkDerivation rec { + pname = "volantes-cursors"; + version = "unstable-2020-06-06"; + + src = fetchFromGitHub { + owner = "varlesh"; + repo = pname; + rev = "d1d290ff42cc4fa643716551bd0b02582b90fd2f"; + sha256 = "sha256-irMN/enoo90nYLfvSOScZoYdvhZKvqqp+grZB2BQD9o="; + }; + + nativeBuildInputs = [ + inkscape + xcursorgen + ]; + + postPatch = '' + patchShebangs . + # The script tries to build in its source directory... + substituteInPlace build.sh --replace \ + ': "''${BUILD_DIR:="$SCRIPT_DIR"/build}"' \ + "BUILD_DIR=$(pwd)/build" + substituteInPlace build.sh --replace \ + ': "''${OUT_DIR:="$SCRIPT_DIR"/dist}"' \ + "OUT_DIR=$(pwd)/dist" + ''; + + buildPhase = '' + HOME="$NIX_BUILD_ROOT" ./build.sh + ''; + + installPhase = '' + make install PREFIX= DESTDIR=$out/ + ''; + + meta = with lib; { + description = "Classic cursor with a flying style"; + homepage = "https://github.com/varlesh/volantes-cursors"; + license = licenses.gpl2Only; + platforms = platforms.linux; + maintainers = with maintainers; [ ambroisie ]; + }; +} From da21e7a6f292c34170591a2cc4fc2d256e4c88b8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 21:37:29 +0200 Subject: [PATCH 159/654] pkgs: comma: allow override which nixpkgs is used This is useful for me to use my pinned `pkgs` instead. --- pkgs/comma/comma | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/comma/comma b/pkgs/comma/comma index 5c347d6..ba5c6ae 100755 --- a/pkgs/comma/comma +++ b/pkgs/comma/comma @@ -30,4 +30,4 @@ if [ -z "$PROGRAM" ]; then exit 1 fi -nix shell "nixpkgs#$PROGRAM" -c "$@" +nix shell "${COMMA_PKGS_FLAKE:-nixpkgs}#$PROGRAM" -c "$@" From 60749582923d6cfa6aca389a56e56065968ce897 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 21:49:24 +0200 Subject: [PATCH 160/654] home: extract 'comma' into its own module --- home/comma.nix | 15 +++++++++++++++ home/default.nix | 1 + home/packages.nix | 1 - 3 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 home/comma.nix diff --git a/home/comma.nix b/home/comma.nix new file mode 100644 index 0000000..60de863 --- /dev/null +++ b/home/comma.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.comma; +in +{ + options.my.home.comma = with lib; { + enable = my.mkDisableOption "comma configuration"; + }; + + config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + ambroisie.comma + ]; + }; +} diff --git a/home/default.nix b/home/default.nix index 8b638aa..efc4a81 100644 --- a/home/default.nix +++ b/home/default.nix @@ -3,6 +3,7 @@ imports = [ ./bat.nix ./bluetooth.nix + ./comma.nix ./direnv.nix ./documentation.nix ./feh.nix diff --git a/home/packages.nix b/home/packages.nix index 90111a2..0d57840 100644 --- a/home/packages.nix +++ b/home/packages.nix @@ -18,7 +18,6 @@ in }; config.home.packages = with pkgs; lib.mkIf cfg.enable ([ - ambroisie.comma file gitAndTools.git-absorb gitAndTools.git-revise From 1ac9f0cc8cade78fdb73d010546dfc8ec88901c0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 27 May 2021 21:50:14 +0200 Subject: [PATCH 161/654] home: comma: configure custom 'nixpkgs' flake This makes use of my pinned `pkgs` flake from the registry by default. --- home/comma.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/home/comma.nix b/home/comma.nix index 60de863..cc6a0ad 100644 --- a/home/comma.nix +++ b/home/comma.nix @@ -5,11 +5,25 @@ in { options.my.home.comma = with lib; { enable = my.mkDisableOption "comma configuration"; + + pkgsFlake = mkOption { + type = types.str; + default = "pkgs"; + example = "nixpkgs"; + description = '' + Which flake from the registry should be used with + nix shell. + ''; + }; }; config = lib.mkIf cfg.enable { home.packages = with pkgs; [ ambroisie.comma ]; + + home.sessionVariables = { + COMMA_PKGS_FLAKE = cfg.pkgsFlake; + }; }; } From 2999ba7c0b69d114dc5ac120a254268f4392c7e5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 28 May 2021 11:38:28 +0200 Subject: [PATCH 162/654] services: jellyfin: fix proxy configuration --- services/jellyfin.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/services/jellyfin.nix b/services/jellyfin.nix index dc48354..122a70c 100644 --- a/services/jellyfin.nix +++ b/services/jellyfin.nix @@ -22,6 +22,13 @@ in useACMEHost = domain; locations."/" = { + proxyPass = "http://127.0.0.1:8096/"; + extraConfig = '' + proxy_buffering off; + ''; + }; + + locations."/socket" = { proxyPass = "http://127.0.0.1:8096/"; proxyWebsockets = true; }; From 6728b5b94912e01aa636243f5dad3c7de21b6299 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 12:18:39 +0200 Subject: [PATCH 163/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 4599275..23dd0be 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1621417094, - "narHash": "sha256-Csk4p8jFUma7FtMnjEJGTPGxCOnTbb30xr8AXwrUTMM=", + "lastModified": 1622145920, + "narHash": "sha256-/tt6IApLuVcGP5auy4zjLzfm5+MBHYLS3Nauvv2U2EQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "3d18912f5ae7c98bd5249411d98cdf3b28fe1f09", + "rev": "0e6c61a44092e98ba1d75b41f4f947843dc7814d", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1621160191, - "narHash": "sha256-5xaEDqmmDsJnd2agtmEIrbUHSuNjTqidJPkBrmls6Ek=", + "lastModified": 1622194753, + "narHash": "sha256-76qtvFp/vFEz46lz5iZMJ0mnsWQYmuGYlb0fHgKqqMg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7a1fbc38a4b538450ac0d42aec8a3e513b4d723e", + "rev": "540dccb2aeaffa9dc69bfdc41c55abd7ccc6baa3", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1621525236, - "narHash": "sha256-aJh5wvoHB15CBMXNYEqbJuOuU3sETaJS9UFSgESF8zs=", + "lastModified": 1622221304, + "narHash": "sha256-aU/BdVGUverHNY9BOmDaAo21G8k9ndhzzjX1RSY1im0=", "owner": "nix-community", "repo": "NUR", - "rev": "ba113338c358c6b939dd269b1c89f0b43392f30b", + "rev": "8d8c59d767d854a1bc6fd08952529e10438eaa8d", "type": "github" }, "original": { From 737b5e797b720d1618f74a26ceca3ec9d0e6ec32 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:15:20 +0200 Subject: [PATCH 164/654] modules: ergodox: remove useless group clause The `zsa` module already add the group itself. --- modules/ergodox.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/ergodox.nix b/modules/ergodox.nix index cbc4957..a822eb7 100644 --- a/modules/ergodox.nix +++ b/modules/ergodox.nix @@ -10,7 +10,5 @@ in config = lib.mkIf cfg.enable { hardware.keyboard.zsa.enable = true; - - users.extraGroups = [ "plugdev" ]; }; } From e81aaa8ebc99554c6b20399319a89ea11b9f5b07 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:35:27 +0200 Subject: [PATCH 165/654] modules: add 'hardware' directory --- modules/default.nix | 1 + modules/hardware/default.nix | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 modules/hardware/default.nix diff --git a/modules/default.nix b/modules/default.nix index 32b5b6f..6d3e065 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,6 +6,7 @@ ./bluetooth.nix ./documentation.nix ./ergodox.nix + ./hardware ./home.nix ./language.nix ./media.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix new file mode 100644 index 0000000..26f40e3 --- /dev/null +++ b/modules/hardware/default.nix @@ -0,0 +1,8 @@ +# Hardware-related modules +{ ... }: + +{ + imports = [ + # FIXME: add modules + ]; +} From 9b054d10c74015822234f8b0eb39463d20072d94 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:37:07 +0200 Subject: [PATCH 166/654] modules: hardware: move 'bluetooth' --- modules/default.nix | 1 - modules/{ => hardware}/bluetooth.nix | 4 ++-- modules/hardware/default.nix | 2 +- profiles/bluetooth.nix | 2 +- 4 files changed, 4 insertions(+), 5 deletions(-) rename modules/{ => hardware}/bluetooth.nix (95%) diff --git a/modules/default.nix b/modules/default.nix index 6d3e065..80bb699 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -3,7 +3,6 @@ { imports = [ - ./bluetooth.nix ./documentation.nix ./ergodox.nix ./hardware diff --git a/modules/bluetooth.nix b/modules/hardware/bluetooth.nix similarity index 95% rename from modules/bluetooth.nix rename to modules/hardware/bluetooth.nix index b4b8362..ffe0fbe 100644 --- a/modules/bluetooth.nix +++ b/modules/hardware/bluetooth.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: let - cfg = config.my.modules.bluetooth; + cfg = config.my.hardware.bluetooth; in { - options.my.modules.bluetooth = with lib; { + options.my.hardware.bluetooth = with lib; { enable = mkEnableOption "bluetooth configuration"; enableHeadsetIntegration = my.mkDisableOption "A2DP sink configuration"; diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 26f40e3..383e1dd 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -3,6 +3,6 @@ { imports = [ - # FIXME: add modules + ./bluetooth.nix ]; } diff --git a/profiles/bluetooth.nix b/profiles/bluetooth.nix index 33792d7..292d0d1 100644 --- a/profiles/bluetooth.nix +++ b/profiles/bluetooth.nix @@ -8,7 +8,7 @@ in }; config = lib.mkIf cfg.enable { - my.modules.bluetooth.enable = true; + my.hardware.bluetooth.enable = true; my.home.bluetooth.enable = true; }; From b0cc830467efcbd9af8f6dea025ea9585e91de03 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:38:54 +0200 Subject: [PATCH 167/654] modules: hardware: move 'ergodox' --- modules/default.nix | 1 - modules/hardware/default.nix | 1 + modules/{ => hardware}/ergodox.nix | 4 ++-- modules/{ => hardware}/networking.nix | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename modules/{ => hardware}/ergodox.nix (73%) rename modules/{ => hardware}/networking.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index 80bb699..ddc434a 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -4,7 +4,6 @@ { imports = [ ./documentation.nix - ./ergodox.nix ./hardware ./home.nix ./language.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 383e1dd..9c762aa 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -4,5 +4,6 @@ { imports = [ ./bluetooth.nix + ./ergodox.nix ]; } diff --git a/modules/ergodox.nix b/modules/hardware/ergodox.nix similarity index 73% rename from modules/ergodox.nix rename to modules/hardware/ergodox.nix index a822eb7..77f3ecb 100644 --- a/modules/ergodox.nix +++ b/modules/hardware/ergodox.nix @@ -1,10 +1,10 @@ # ZSA keyboard udev rules { config, lib, ... }: let - cfg = config.my.modules.ergodox; + cfg = config.my.hardware.ergodox; in { - options.my.modules.ergodox = with lib; { + options.my.hardware.ergodox = with lib; { enable = mkEnableOption "ZSA udev rules and user group configuration"; }; diff --git a/modules/networking.nix b/modules/hardware/networking.nix similarity index 100% rename from modules/networking.nix rename to modules/hardware/networking.nix From f9bcf79430ac832c4e9534c09c07b744d6d9f395 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:41:59 +0200 Subject: [PATCH 168/654] modules: hardware: move 'networking' --- machines/aramis/networking.nix | 10 ++++++---- machines/porthos/networking.nix | 2 +- modules/default.nix | 1 - modules/hardware/default.nix | 1 + modules/hardware/networking.nix | 4 ++-- services/wireguard.nix | 2 +- 6 files changed, 11 insertions(+), 9 deletions(-) diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix index 929b44d..9322f1f 100644 --- a/machines/aramis/networking.nix +++ b/machines/aramis/networking.nix @@ -15,9 +15,11 @@ }; }; - # Which interface is used to connect to the internet - my.networking.externalInterface = "enp0s3"; + my.hardware.networking = { + # Which interface is used to connect to the internet + externalInterface = "enp0s3"; - # Enable WiFi integration - my.networking.wireless.enable = true; + # Enable WiFi integration + wireless.enable = true; + }; } diff --git a/machines/porthos/networking.nix b/machines/porthos/networking.nix index e593eeb..1e2c9cd 100644 --- a/machines/porthos/networking.nix +++ b/machines/porthos/networking.nix @@ -31,5 +31,5 @@ }; # Which interface is used to connect to the internet - my.networking.externalInterface = "eth0"; + my.hardware.networking.externalInterface = "eth0"; } diff --git a/modules/default.nix b/modules/default.nix index ddc434a..81ece11 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -8,7 +8,6 @@ ./home.nix ./language.nix ./media.nix - ./networking.nix ./nix.nix ./packages.nix ./sound.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 9c762aa..773a6a7 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -5,5 +5,6 @@ imports = [ ./bluetooth.nix ./ergodox.nix + ./networking.nix ]; } diff --git a/modules/hardware/networking.nix b/modules/hardware/networking.nix index 99e1ef3..f0806fe 100644 --- a/modules/hardware/networking.nix +++ b/modules/hardware/networking.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.my.networking; + cfg = config.my.hardware.networking; in { - options.my.networking = with lib; { + options.my.hardware.networking = with lib; { externalInterface = mkOption { type = types.nullOr types.str; default = null; diff --git a/services/wireguard.nix b/services/wireguard.nix index fc948f6..977c6c5 100644 --- a/services/wireguard.nix +++ b/services/wireguard.nix @@ -18,7 +18,7 @@ let in lib.filterAttrs shouldConnectToPeer allOthers; - extIface = config.my.networking.externalInterface; + extIface = config.my.hardware.networking.externalInterface; mkInterface = clientAllowedIPs: { listenPort = cfg.port; From af67d04992a2916d0a4a8f0adbd62ce7621eeae3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:43:32 +0200 Subject: [PATCH 169/654] modules: hardware: move 'sound' --- machines/aramis/sound.nix | 2 +- modules/default.nix | 1 - modules/hardware/default.nix | 1 + modules/{ => hardware}/sound.nix | 4 ++-- 4 files changed, 4 insertions(+), 4 deletions(-) rename modules/{ => hardware}/sound.nix (92%) diff --git a/machines/aramis/sound.nix b/machines/aramis/sound.nix index 97537e3..f9dd1b0 100644 --- a/machines/aramis/sound.nix +++ b/machines/aramis/sound.nix @@ -1,6 +1,6 @@ { ... }: { - my.modules.sound = { + my.hardware.sound = { enable = true; pipewire = { diff --git a/modules/default.nix b/modules/default.nix index 81ece11..6094ddd 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,7 +10,6 @@ ./media.nix ./nix.nix ./packages.nix - ./sound.nix ./upower.nix ./users.nix ]; diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 773a6a7..292bd3c 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -6,5 +6,6 @@ ./bluetooth.nix ./ergodox.nix ./networking.nix + ./sound.nix ]; } diff --git a/modules/sound.nix b/modules/hardware/sound.nix similarity index 92% rename from modules/sound.nix rename to modules/hardware/sound.nix index 567a974..3a12843 100644 --- a/modules/sound.nix +++ b/modules/hardware/sound.nix @@ -1,9 +1,9 @@ { config, lib, ... }: let - cfg = config.my.modules.sound; + cfg = config.my.hardware.sound; in { - options.my.modules.sound = with lib; { + options.my.hardware.sound = with lib; { enable = mkEnableOption "sound configuration"; pipewire = { From 31f8ec6e98a6972a561fb82d21232554618d7d53 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:44:34 +0200 Subject: [PATCH 170/654] modules: hardware: move 'upower' --- modules/default.nix | 1 - modules/hardware/default.nix | 1 + modules/{ => hardware}/upower.nix | 4 ++-- profiles/laptop.nix | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) rename modules/{ => hardware}/upower.nix (91%) diff --git a/modules/default.nix b/modules/default.nix index 6094ddd..f534f66 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,7 +10,6 @@ ./media.nix ./nix.nix ./packages.nix - ./upower.nix ./users.nix ]; } diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 292bd3c..1740080 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -7,5 +7,6 @@ ./ergodox.nix ./networking.nix ./sound.nix + ./upower.nix ]; } diff --git a/modules/upower.nix b/modules/hardware/upower.nix similarity index 91% rename from modules/upower.nix rename to modules/hardware/upower.nix index 8c46c1d..f21b9d2 100644 --- a/modules/upower.nix +++ b/modules/hardware/upower.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: let - cfg = config.my.modules.upower; + cfg = config.my.hardware.upower; in { - options.my.modules.upower = with lib; { + options.my.hardware.upower = with lib; { enable = mkEnableOption "upower configuration"; levels = { diff --git a/profiles/laptop.nix b/profiles/laptop.nix index f834ac8..20a29d7 100644 --- a/profiles/laptop.nix +++ b/profiles/laptop.nix @@ -15,7 +15,7 @@ in my.services.tlp.enable = true; # Enable upower power management - my.modules.upower.enable = true; + my.hardware.upower.enable = true; # Enable battery notifications my.home.power-alert.enable = true; From d2704b17fe269dd5a833b5208b30eeaf29a83cc6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:46:51 +0200 Subject: [PATCH 171/654] modules: move 'services' into subfolder --- flake.nix | 2 -- modules/default.nix | 1 + {services => modules/services}/adblock.nix | 0 {services => modules/services}/backup.nix | 0 {services => modules/services}/blog.nix | 0 {services => modules/services}/calibre-web.nix | 0 {services => modules/services}/default.nix | 0 {services => modules/services}/drone.nix | 0 {services => modules/services}/flood.nix | 0 {services => modules/services}/gitea.nix | 0 {services => modules/services}/indexers.nix | 0 {services => modules/services}/jellyfin.nix | 0 {services => modules/services}/lohr.nix | 0 {services => modules/services}/matrix.nix | 0 {services => modules/services}/miniflux.nix | 0 {services => modules/services}/nextcloud.nix | 0 {services => modules/services}/nginx.nix | 0 {services => modules/services}/pirate.nix | 0 {services => modules/services}/podgrab.nix | 0 {services => modules/services}/postgresql-backup.nix | 0 {services => modules/services}/quassel.nix | 0 {services => modules/services}/rss-bridge.nix | 0 {services => modules/services}/sabnzbd.nix | 0 {services => modules/services}/ssh-server.nix | 0 {services => modules/services}/tlp.nix | 0 {services => modules/services}/transmission.nix | 0 {services => modules/services}/wireguard.nix | 0 27 files changed, 1 insertion(+), 2 deletions(-) rename {services => modules/services}/adblock.nix (100%) rename {services => modules/services}/backup.nix (100%) rename {services => modules/services}/blog.nix (100%) rename {services => modules/services}/calibre-web.nix (100%) rename {services => modules/services}/default.nix (100%) rename {services => modules/services}/drone.nix (100%) rename {services => modules/services}/flood.nix (100%) rename {services => modules/services}/gitea.nix (100%) rename {services => modules/services}/indexers.nix (100%) rename {services => modules/services}/jellyfin.nix (100%) rename {services => modules/services}/lohr.nix (100%) rename {services => modules/services}/matrix.nix (100%) rename {services => modules/services}/miniflux.nix (100%) rename {services => modules/services}/nextcloud.nix (100%) rename {services => modules/services}/nginx.nix (100%) rename {services => modules/services}/pirate.nix (100%) rename {services => modules/services}/podgrab.nix (100%) rename {services => modules/services}/postgresql-backup.nix (100%) rename {services => modules/services}/quassel.nix (100%) rename {services => modules/services}/rss-bridge.nix (100%) rename {services => modules/services}/sabnzbd.nix (100%) rename {services => modules/services}/ssh-server.nix (100%) rename {services => modules/services}/tlp.nix (100%) rename {services => modules/services}/transmission.nix (100%) rename {services => modules/services}/wireguard.nix (100%) diff --git a/flake.nix b/flake.nix index 6fa7b2a..02c2147 100644 --- a/flake.nix +++ b/flake.nix @@ -64,8 +64,6 @@ ./profiles # Include my secrets ./secrets - # Include my services - ./services ]; buildHost = name: system: lib.nixosSystem { diff --git a/modules/default.nix b/modules/default.nix index f534f66..9e2a051 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,6 +10,7 @@ ./media.nix ./nix.nix ./packages.nix + ./services ./users.nix ]; } diff --git a/services/adblock.nix b/modules/services/adblock.nix similarity index 100% rename from services/adblock.nix rename to modules/services/adblock.nix diff --git a/services/backup.nix b/modules/services/backup.nix similarity index 100% rename from services/backup.nix rename to modules/services/backup.nix diff --git a/services/blog.nix b/modules/services/blog.nix similarity index 100% rename from services/blog.nix rename to modules/services/blog.nix diff --git a/services/calibre-web.nix b/modules/services/calibre-web.nix similarity index 100% rename from services/calibre-web.nix rename to modules/services/calibre-web.nix diff --git a/services/default.nix b/modules/services/default.nix similarity index 100% rename from services/default.nix rename to modules/services/default.nix diff --git a/services/drone.nix b/modules/services/drone.nix similarity index 100% rename from services/drone.nix rename to modules/services/drone.nix diff --git a/services/flood.nix b/modules/services/flood.nix similarity index 100% rename from services/flood.nix rename to modules/services/flood.nix diff --git a/services/gitea.nix b/modules/services/gitea.nix similarity index 100% rename from services/gitea.nix rename to modules/services/gitea.nix diff --git a/services/indexers.nix b/modules/services/indexers.nix similarity index 100% rename from services/indexers.nix rename to modules/services/indexers.nix diff --git a/services/jellyfin.nix b/modules/services/jellyfin.nix similarity index 100% rename from services/jellyfin.nix rename to modules/services/jellyfin.nix diff --git a/services/lohr.nix b/modules/services/lohr.nix similarity index 100% rename from services/lohr.nix rename to modules/services/lohr.nix diff --git a/services/matrix.nix b/modules/services/matrix.nix similarity index 100% rename from services/matrix.nix rename to modules/services/matrix.nix diff --git a/services/miniflux.nix b/modules/services/miniflux.nix similarity index 100% rename from services/miniflux.nix rename to modules/services/miniflux.nix diff --git a/services/nextcloud.nix b/modules/services/nextcloud.nix similarity index 100% rename from services/nextcloud.nix rename to modules/services/nextcloud.nix diff --git a/services/nginx.nix b/modules/services/nginx.nix similarity index 100% rename from services/nginx.nix rename to modules/services/nginx.nix diff --git a/services/pirate.nix b/modules/services/pirate.nix similarity index 100% rename from services/pirate.nix rename to modules/services/pirate.nix diff --git a/services/podgrab.nix b/modules/services/podgrab.nix similarity index 100% rename from services/podgrab.nix rename to modules/services/podgrab.nix diff --git a/services/postgresql-backup.nix b/modules/services/postgresql-backup.nix similarity index 100% rename from services/postgresql-backup.nix rename to modules/services/postgresql-backup.nix diff --git a/services/quassel.nix b/modules/services/quassel.nix similarity index 100% rename from services/quassel.nix rename to modules/services/quassel.nix diff --git a/services/rss-bridge.nix b/modules/services/rss-bridge.nix similarity index 100% rename from services/rss-bridge.nix rename to modules/services/rss-bridge.nix diff --git a/services/sabnzbd.nix b/modules/services/sabnzbd.nix similarity index 100% rename from services/sabnzbd.nix rename to modules/services/sabnzbd.nix diff --git a/services/ssh-server.nix b/modules/services/ssh-server.nix similarity index 100% rename from services/ssh-server.nix rename to modules/services/ssh-server.nix diff --git a/services/tlp.nix b/modules/services/tlp.nix similarity index 100% rename from services/tlp.nix rename to modules/services/tlp.nix diff --git a/services/transmission.nix b/modules/services/transmission.nix similarity index 100% rename from services/transmission.nix rename to modules/services/transmission.nix diff --git a/services/wireguard.nix b/modules/services/wireguard.nix similarity index 100% rename from services/wireguard.nix rename to modules/services/wireguard.nix From ce4b0b8c90183a948b5c6b2960bb9279e95460f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:48:32 +0200 Subject: [PATCH 172/654] modules: add 'system' directory --- modules/default.nix | 1 + modules/system/default.nix | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 modules/system/default.nix diff --git a/modules/default.nix b/modules/default.nix index 9e2a051..352f964 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -11,6 +11,7 @@ ./nix.nix ./packages.nix ./services + ./system ./users.nix ]; } diff --git a/modules/system/default.nix b/modules/system/default.nix new file mode 100644 index 0000000..0a79a43 --- /dev/null +++ b/modules/system/default.nix @@ -0,0 +1,8 @@ +# System-related modules +{ ... }: + +{ + imports = [ + # FIXME + ]; +} From 60f1e693d13dbbcc7a118e5d804b1ec069ac8954 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:49:25 +0200 Subject: [PATCH 173/654] modules: system: move 'media' --- modules/default.nix | 1 - modules/system/default.nix | 2 +- modules/{ => system}/media.nix | 0 3 files changed, 1 insertion(+), 2 deletions(-) rename modules/{ => system}/media.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index 352f964..173b621 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -7,7 +7,6 @@ ./hardware ./home.nix ./language.nix - ./media.nix ./nix.nix ./packages.nix ./services diff --git a/modules/system/default.nix b/modules/system/default.nix index 0a79a43..b651ebe 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,6 +3,6 @@ { imports = [ - # FIXME + ./media.nix ]; } diff --git a/modules/media.nix b/modules/system/media.nix similarity index 100% rename from modules/media.nix rename to modules/system/media.nix From 3b9f01e780fb9298d712745cf7f25b155893b486 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:51:17 +0200 Subject: [PATCH 174/654] modules: system: move 'users' --- modules/default.nix | 1 - modules/system/default.nix | 1 + modules/{ => system}/ssh/aramis.pub | 0 modules/{ => system}/ssh/shared.pub | 0 modules/{ => system}/users.nix | 0 5 files changed, 1 insertion(+), 1 deletion(-) rename modules/{ => system}/ssh/aramis.pub (100%) rename modules/{ => system}/ssh/shared.pub (100%) rename modules/{ => system}/users.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index 173b621..fbdbfb4 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -11,6 +11,5 @@ ./packages.nix ./services ./system - ./users.nix ]; } diff --git a/modules/system/default.nix b/modules/system/default.nix index b651ebe..24edcbe 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -4,5 +4,6 @@ { imports = [ ./media.nix + ./users.nix ]; } diff --git a/modules/ssh/aramis.pub b/modules/system/ssh/aramis.pub similarity index 100% rename from modules/ssh/aramis.pub rename to modules/system/ssh/aramis.pub diff --git a/modules/ssh/shared.pub b/modules/system/ssh/shared.pub similarity index 100% rename from modules/ssh/shared.pub rename to modules/system/ssh/shared.pub diff --git a/modules/users.nix b/modules/system/users.nix similarity index 100% rename from modules/users.nix rename to modules/system/users.nix From f660bf94e962deec2227de210ff5445992724338 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:52:14 +0200 Subject: [PATCH 175/654] modules: system: move 'language' --- modules/default.nix | 1 - modules/system/default.nix | 1 + modules/{ => system}/language.nix | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename modules/{ => system}/language.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index fbdbfb4..65c8be1 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,7 +6,6 @@ ./documentation.nix ./hardware ./home.nix - ./language.nix ./nix.nix ./packages.nix ./services diff --git a/modules/system/default.nix b/modules/system/default.nix index 24edcbe..621b79d 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,6 +3,7 @@ { imports = [ + ./language.nix ./media.nix ./users.nix ]; diff --git a/modules/language.nix b/modules/system/language.nix similarity index 100% rename from modules/language.nix rename to modules/system/language.nix From 14d9fc89f17861cc4bb9b4fb5bfa3aa56678f819 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:53:44 +0200 Subject: [PATCH 176/654] modules: system: move 'documentation' --- modules/default.nix | 1 - modules/system/default.nix | 1 + modules/{ => system}/documentation.nix | 4 ++-- 3 files changed, 3 insertions(+), 3 deletions(-) rename modules/{ => system}/documentation.nix (90%) diff --git a/modules/default.nix b/modules/default.nix index 65c8be1..0ec07af 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -3,7 +3,6 @@ { imports = [ - ./documentation.nix ./hardware ./home.nix ./nix.nix diff --git a/modules/system/default.nix b/modules/system/default.nix index 621b79d..4d4173a 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,6 +3,7 @@ { imports = [ + ./documentation.nix ./language.nix ./media.nix ./users.nix diff --git a/modules/documentation.nix b/modules/system/documentation.nix similarity index 90% rename from modules/documentation.nix rename to modules/system/documentation.nix index 8948778..5f58680 100644 --- a/modules/documentation.nix +++ b/modules/system/documentation.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: let - cfg = config.my.module.documentation; + cfg = config.my.system.documentation; in { - options.my.module.documentation = with lib.my; { + options.my.system.documentation = with lib.my; { enable = mkDisableOption "Documentation integration"; dev.enable = mkDisableOption "Documentation aimed at developers"; From 0077ce1f94e6e3c5f9f16b9ebe89f3dd3069c9dc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:54:50 +0200 Subject: [PATCH 177/654] modules: system: move 'nix' --- modules/default.nix | 1 - modules/system/default.nix | 1 + modules/{ => system}/nix.nix | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename modules/{ => system}/nix.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index 0ec07af..4996a78 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,7 +5,6 @@ imports = [ ./hardware ./home.nix - ./nix.nix ./packages.nix ./services ./system diff --git a/modules/system/default.nix b/modules/system/default.nix index 4d4173a..55fb95f 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -6,6 +6,7 @@ ./documentation.nix ./language.nix ./media.nix + ./nix.nix ./users.nix ]; } diff --git a/modules/nix.nix b/modules/system/nix.nix similarity index 100% rename from modules/nix.nix rename to modules/system/nix.nix From 2eaf3bf2c7fb47e818ed22cda0d9416177c54e1a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 16:56:05 +0200 Subject: [PATCH 178/654] modules: system: move 'packages' --- modules/default.nix | 1 - modules/system/default.nix | 1 + modules/{ => system}/packages.nix | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename modules/{ => system}/packages.nix (100%) diff --git a/modules/default.nix b/modules/default.nix index 4996a78..69c0bdc 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,7 +5,6 @@ imports = [ ./hardware ./home.nix - ./packages.nix ./services ./system ]; diff --git a/modules/system/default.nix b/modules/system/default.nix index 55fb95f..48a0770 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -7,6 +7,7 @@ ./language.nix ./media.nix ./nix.nix + ./packages.nix ./users.nix ]; } diff --git a/modules/packages.nix b/modules/system/packages.nix similarity index 100% rename from modules/packages.nix rename to modules/system/packages.nix From 6728b50d3ad6826695af818f916d14927ba3b8fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 20:23:19 +0200 Subject: [PATCH 179/654] modules: system: language: make it configurable --- modules/system/language.nix | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/modules/system/language.nix b/modules/system/language.nix index 48d9f30..f2bbcde 100644 --- a/modules/system/language.nix +++ b/modules/system/language.nix @@ -1,7 +1,22 @@ # Language settings -{ ... }: - +{ config, lib, ... }: +let + cfg = config.my.system.language; +in { - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; + options.my.system.language = with lib; { + enable = my.mkDisableOption "language configuration"; + + locale = mkOption { + type = types.str; + default = "en_US.UTF-8"; + example = "fr_FR.UTF-8"; + description = "Which locale to use for the system"; + }; + }; + + config = lib.mkIf cfg.enable { + # Select internationalisation properties. + i18n.defaultLocale = cfg.locale; + }; } From 003c08cb096051b104e71dcc8bdb4f5cbfb95608 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 20:28:27 +0200 Subject: [PATCH 180/654] modules: system: nix: make it configurable --- modules/system/nix.nix | 46 ++++++++++++++++++++++++++++-------------- 1 file changed, 31 insertions(+), 15 deletions(-) diff --git a/modules/system/nix.nix b/modules/system/nix.nix index bfde967..0f2f8c3 100644 --- a/modules/system/nix.nix +++ b/modules/system/nix.nix @@ -1,19 +1,35 @@ # Nix related settings -{ inputs, pkgs, ... }: - +{ config, inputs, lib, pkgs, ... }: +let + cfg = config.my.system.nix; +in { - nix = { - package = pkgs.nixFlakes; - registry = { - # Allow me to use my custom package using `nix run self#pkg` - self.flake = inputs.self; - # Use pinned nixpkgs when using `nix run pkgs#` - pkgs.flake = inputs.nixpkgs; - # Add NUR to run some packages that are only present there - nur.flake = inputs.nur; - }; - extraOptions = '' - experimental-features = nix-command flakes - ''; + options.my.system.nix = with lib; { + enable = my.mkDisableOption "nix configuration"; + + addToRegistry = my.mkDisableOption "add inputs and self to registry"; }; + + config = lib.mkIf cfg.enable (lib.mkMerge [ + { + nix = { + package = pkgs.nixFlakes; + + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + } + + (lib.mkIf cfg.addToRegistry { + nix.registry = { + # Allow me to use my custom package using `nix run self#pkg` + self.flake = inputs.self; + # Use pinned nixpkgs when using `nix run pkgs#` + pkgs.flake = inputs.nixpkgs; + # Add NUR to run some packages that are only present there + nur.flake = inputs.nur; + }; + }) + ]); } From 2d9b11406a1ed7c9e0dbce458e83c518f0a438af Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 20:34:38 +0200 Subject: [PATCH 181/654] modules: system: packages: make it configurable --- modules/system/packages.nix | 47 +++++++++++++++++++++++-------------- 1 file changed, 30 insertions(+), 17 deletions(-) diff --git a/modules/system/packages.nix b/modules/system/packages.nix index 4560ab1..faee86b 100644 --- a/modules/system/packages.nix +++ b/modules/system/packages.nix @@ -1,23 +1,36 @@ # Common packages -{ config, pkgs, ... }: - +{ config, lib, pkgs, ... }: +let + cfg = config.my.system.packages; +in { - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - git - git-crypt - mosh - vim - wget - ]; + options.my.system.packages = with lib; { + enable = my.mkDisableOption "packages configuration"; - programs.vim.defaultEditor = true; # Modal editing is life - programs.zsh = { - enable = true; # Use integrations - # Disable global compinit when a user config exists - enableGlobalCompInit = !config.my.home.zsh.enable; + allowUnfree = my.mkDisableOption "allow unfree packages"; }; - nixpkgs.config.allowUnfree = true; # Because I don't care *that* much. + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + git + git-crypt + mosh + vim + wget + ]; + + programs = { + vim.defaultEditor = true; # Modal editing is life + + zsh = { + enable = true; # Use integrations + # Disable global compinit when a user config exists + enableGlobalCompInit = !config.my.home.zsh.enable; + }; + }; + + nixpkgs.config = { + allowUnfree = cfg.allowUnfree; # Because I don't care *that* much. + }; + }; } From 8efe75295dff0290d0d14c02458e20dcd5608a92 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 21:13:44 +0200 Subject: [PATCH 182/654] modules: add option to specify username Given that I use it in plenty of places, it makes sense to place it there for reference in other modules. --- modules/default.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/modules/default.nix b/modules/default.nix index 69c0bdc..46c2e8e 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,5 +1,5 @@ # Common modules -{ ... }: +{ lib, ... }: { imports = [ @@ -8,4 +8,13 @@ ./services ./system ]; + + options.my = with lib; { + username = mkOption { + type = types.str; + default = "ambroisie"; + example = "alice"; + description = "my username"; + }; + }; } From ea4c699b81bb41c49ffc9a85a1f54730256c9192 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 21:14:28 +0200 Subject: [PATCH 183/654] modules: system: users: make it configurable Notably, make use of my global 'username' option. --- modules/system/users.nix | 65 ++++++++++++++++++++++++---------------- 1 file changed, 39 insertions(+), 26 deletions(-) diff --git a/modules/system/users.nix b/modules/system/users.nix index 15896e0..4493c75 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -1,36 +1,49 @@ # User setup { config, lib, pkgs, ... }: let - my = config.my; + secrets = config.my.secrets; + cfg = config.my.system.users; groupExists = grp: builtins.hasAttr grp config.users.groups; groupsIfExist = builtins.filter groupExists; in { - users.mutableUsers = false; # I want it to be declarative. + options.my.system.users = with lib; { + enable = my.mkDisableOption "user configuration"; + }; - # Define user accounts and passwords. - users.users.root.hashedPassword = my.secrets.users.root.hashedPassword; - users.users.ambroisie = { - hashedPassword = my.secrets.users.ambroisie.hashedPassword; - description = "Bruno BELANYI"; - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = groupsIfExist [ - "audio" # sound control - "media" # access to media files - "networkmanager" # wireless configuration - "plugdev" # usage of ZSA keyboard tools - "video" # screen control - "wheel" # `sudo` for the user. - ]; - openssh.authorizedKeys.keys = with builtins; - let - keyDir = ./ssh; - contents = readDir keyDir; - names = attrNames contents; - files = filter (name: contents.${name} == "regular") names; - keys = map (basename: readFile (keyDir + "/${basename}")) files; - in - keys; + config = lib.mkIf cfg.enable { + users = { + mutableUsers = false; # I want it to be declarative. + + users = { + root = { + inherit (secrets.users.root) hashedPassword; + }; + + ${config.my.username} = { + inherit (secrets.users.${config.my.username}) hashedPassword; + description = "Bruno BELANYI"; + isNormalUser = true; + shell = pkgs.zsh; + extraGroups = groupsIfExist [ + "audio" # sound control + "media" # access to media files + "networkmanager" # wireless configuration + "plugdev" # usage of ZSA keyboard tools + "video" # screen control + "wheel" # `sudo` for the user. + ]; + openssh.authorizedKeys.keys = with builtins; + let + keyDir = ./ssh; + contents = readDir keyDir; + names = attrNames contents; + files = filter (name: contents.${name} == "regular") names; + keys = map (basename: readFile (keyDir + "/${basename}")) files; + in + keys; + }; + }; + }; }; } From b90be0acdf1d2bed1c361db89e9de430e4913be4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 21:19:51 +0200 Subject: [PATCH 184/654] home: zsh: remove trailing whitespace --- home/zsh/extra-mappings.zsh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/zsh/extra-mappings.zsh b/home/zsh/extra-mappings.zsh index abd6e58..8f7cc4a 100644 --- a/home/zsh/extra-mappings.zsh +++ b/home/zsh/extra-mappings.zsh @@ -1,4 +1,4 @@ -# Fix delete key not working +# Fix delete key not working bindkey "\e[3~" delete-char # Fix Ctrl+u killing from the cursor instead of the whole line From 4f1f687eeadad27d2c56ece7df49d862e582ca0c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 30 May 2021 01:20:14 +0200 Subject: [PATCH 185/654] flake: use 'username' config value --- flake.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index 02c2147..826ce73 100644 --- a/flake.nix +++ b/flake.nix @@ -52,12 +52,12 @@ ]; } home-manager.nixosModules.home-manager - { - home-manager.users.ambroisie = import ./home; + ({ config, ... }: { + home-manager.users.${config.my.username} = import ./home; # Nix Flakes compatibility home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - } + }) # Include generic settings ./modules # Include bundles of settings From 2fe4f1faade32b8b0f8ade30b3774652978efb46 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 30 May 2021 01:31:05 +0200 Subject: [PATCH 186/654] modules: home: use 'username' config value --- modules/home.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/home.nix b/modules/home.nix index f5314b9..a6fbc80 100644 --- a/modules/home.nix +++ b/modules/home.nix @@ -1,7 +1,7 @@ # Simplify setting home options -{ lib, ... }: +{ config, lib, ... }: let - actualPath = [ "home-manager" "users" "ambroisie" "my" "home" ]; + actualPath = [ "home-manager" "users" config.my.username "my" "home" ]; aliasPath = [ "my" "home" ]; in { From 24efa3edca3ec0870a4757dc5dbfade43611ff9b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 May 2021 20:30:36 +0200 Subject: [PATCH 187/654] machines: aramis: hardware: enable trackpoint --- machines/aramis/hardware.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/machines/aramis/hardware.nix b/machines/aramis/hardware.nix index 86eaf28..3ca556c 100644 --- a/machines/aramis/hardware.nix +++ b/machines/aramis/hardware.nix @@ -22,5 +22,13 @@ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = true; + hardware = { + cpu.intel.updateMicrocode = true; + + trackpoint = { + enable = true; + + emulateWheel = true; # Holding middle buttons allows scrolling + }; + }; } From 15db81eb3b0cf2f8742f3cbe3b0c320d20d3eb5e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 May 2021 23:01:21 +0200 Subject: [PATCH 188/654] flake: change format --- flake.nix | 48 ++++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 20 deletions(-) diff --git a/flake.nix b/flake.nix index 826ce73..3ff11ba 100644 --- a/flake.nix +++ b/flake.nix @@ -33,7 +33,14 @@ }; }; - outputs = { self, futils, home-manager, nixpkgs, nur } @ inputs: + outputs = + inputs @ + { self + , futils + , home-manager + , nixpkgs + , nur + }: let inherit (futils.lib) eachDefaultSystem; @@ -81,28 +88,29 @@ in eachDefaultSystem (system: - let - pkgs = nixpkgs.legacyPackages.${system}; - in - rec { - apps = { - diff-flake = futils.lib.mkApp { drv = packages.diff-flake; }; - }; + let + pkgs = nixpkgs.legacyPackages.${system}; + in + rec { + apps = { + diff-flake = futils.lib.mkApp { drv = packages.diff-flake; }; + }; - defaultApp = apps.diff-flake; + defaultApp = apps.diff-flake; - devShell = pkgs.mkShell { - name = "NixOS-config"; - buildInputs = with pkgs; [ - git-crypt - gitAndTools.pre-commit - gnupg - nixpkgs-fmt - ]; - }; + devShell = pkgs.mkShell { + name = "NixOS-config"; - packages = import ./pkgs { inherit pkgs; }; - }) // { + buildInputs = with pkgs; [ + git-crypt + gitAndTools.pre-commit + gnupg + nixpkgs-fmt + ]; + }; + + packages = import ./pkgs { inherit pkgs; }; + }) // { overlay = self.overlays.pkgs; overlays = import ./overlays // { From 59cb038045568c2cfb9d9f8e70b77d636d258158 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 May 2021 23:04:08 +0200 Subject: [PATCH 189/654] flake: add pre-commit-hooks Instead of havin the tool manage versions, use a pinned version. --- .pre-commit-config.yaml | 21 --------------------- flake.lock | 27 ++++++++++++++++++++++++++- flake.nix | 26 ++++++++++++++++++++++++++ 3 files changed, 52 insertions(+), 22 deletions(-) delete mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml deleted file mode 100644 index 0543253..0000000 --- a/.pre-commit-config.yaml +++ /dev/null @@ -1,21 +0,0 @@ -repos: -- repo: 'https://github.com/pre-commit/pre-commit-hooks' - rev: 'v2.3.0' - hooks: - - id: 'trailing-whitespace' - - id: 'end-of-file-fixer' - - id: 'check-yaml' - - id: 'check-added-large-files' -- repo: 'https://github.com/jumanjihouse/pre-commit-hooks' - rev: '2.1.4' - hooks: - - id: 'forbid-binary' -- repo: 'local' - hooks: - - id: 'nixpkgs-fmt' - name: 'nixpkgs-fmt' - description: 'Format nix code with nixpkgs-fmt' - entry: 'nixpkgs-fmt' - language: 'system' - files: '\.nix$' - always_run: true diff --git a/flake.lock b/flake.lock index 23dd0be..29aabff 100644 --- a/flake.lock +++ b/flake.lock @@ -69,12 +69,37 @@ "type": "github" } }, + "pre-commit-hooks": { + "inputs": { + "flake-utils": [ + "futils" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1621411868, + "narHash": "sha256-R+7OQ2JYFCb3E7Jl7LhRifzMVCR6Gl8R98zYsNhZtJ8=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "2e7fac06108b4fc81f5ff9ed9a02bc4f6ede7001", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "master", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { "futils": "futils", "home-manager": "home-manager", "nixpkgs": "nixpkgs", - "nur": "nur" + "nur": "nur", + "pre-commit-hooks": "pre-commit-hooks" } } }, diff --git a/flake.nix b/flake.nix index 3ff11ba..b11dbed 100644 --- a/flake.nix +++ b/flake.nix @@ -31,6 +31,17 @@ repo = "NUR"; ref = "master"; }; + + pre-commit-hooks = { + type = "github"; + owner = "cachix"; + repo = "pre-commit-hooks.nix"; + ref = "master"; + inputs = { + flake-utils.follows = "futils"; + nixpkgs.follows = "nixpkgs"; + }; + }; }; outputs = @@ -40,6 +51,7 @@ , home-manager , nixpkgs , nur + , pre-commit-hooks }: let inherit (futils.lib) eachDefaultSystem; @@ -96,6 +108,18 @@ diff-flake = futils.lib.mkApp { drv = packages.diff-flake; }; }; + checks = { + pre-commit = pre-commit-hooks.lib.${system}.run { + src = ./.; + + hooks = { + nixpkgs-fmt = { + enable = true; + }; + }; + }; + }; + defaultApp = apps.diff-flake; devShell = pkgs.mkShell { @@ -107,6 +131,8 @@ gnupg nixpkgs-fmt ]; + + inherit (self.checks.${system}.pre-commit) shellHook; }; packages = import ./pkgs { inherit pkgs; }; From 610b0f2f4bf37b57f5c9f6c8e364635782eeeaf1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 May 2021 23:06:20 +0200 Subject: [PATCH 190/654] nix: evaluate shell hooks This activates the pre-commit-hook configuration. --- .envrc | 1 + 1 file changed, 1 insertion(+) diff --git a/.envrc b/.envrc index 9556665..4b297a5 100644 --- a/.envrc +++ b/.envrc @@ -6,3 +6,4 @@ use_flake() { ulimit -s unlimited # Bypass current bug in `nix` flakes evaluation use flake +eval "$shellHooks" From a827a3450135eb1dbc633dcda66b6f116497d327 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 31 May 2021 23:06:37 +0200 Subject: [PATCH 191/654] git: ignore generated pre-commit configuration --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..0a10705 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.pre-commit-config.yaml +.pre-commit-config.yaml From 29437d3e3fb24df0c9f5c45ed96d6c74badd0ce1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 17:18:33 +0200 Subject: [PATCH 192/654] home: wm: i3: move script generation out-of-line This makes for a cleaner configuration file. --- home/wm/i3.nix | 91 ++++++++++++++++++++++++++------------------------ 1 file changed, 48 insertions(+), 43 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 853be11..4c763df 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -25,6 +25,45 @@ let addVimKeyBindings = bindings: bindings // (toVimKeyBindings bindings); # Generate an attrset of movement bindings, using the mapper function genMovementBindings = f: addVimKeyBindings (lib.my.genAttrs' movementKeys f); + + # Screen backlight management + changeBacklight = + let + brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl"; + in + pkgs.writeScript "change-backlight" '' + #!/bin/sh + if [ "$1" = "up" ]; then + upDown="+$2%" + else + upDown="$2%-" + fi + + newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)" + ${pkgs.libnotify}/bin/notify-send -u low \ + -h string:x-canonical-private-synchronous:change-backlight \ + -h "int:value:''${newBrightness/\%/}" \ + -- "Set brightness to $newBrightness" + ''; + + # Lock management + toggleXautolock = + let + systemctlUser = "${pkgs.systemd}/bin/systemctl --user"; + notify-send = "${pkgs.libnotify}/bin/notify-send"; + notify = "${notify-send} -u low" + + " -h string:x-canonical-private-synchronous:xautolock-toggle"; + in + pkgs.writeScript "toggle-xautolock" '' + #!/bin/sh + if ${systemctlUser} is-active xautolock-session.service; then + ${systemctlUser} stop --user xautolock-session.service + ${notify} "Disabled Xautolock" + else + ${systemctlUser} start xautolock-session.service + ${notify} "Enabled Xautolock" + fi + ''; in { config = lib.mkIf isEnabled { @@ -221,55 +260,21 @@ in "XF86AudioNext" = "exec playerctl next"; "XF86AudioPrev" = "exec playerctl previous"; } - ( - let - brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl"; - changeBacklight = pkgs.writeScript "change-backlight" '' - #!/bin/sh - if [ "$1" = "up" ]; then - upDown="+$2%" - else - upDown="$2%-" - fi - - newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)" - ${pkgs.libnotify}/bin/notify-send -u low \ - -h string:x-canonical-private-synchronous:change-backlight \ - -h "int:value:''${newBrightness/\%/}" \ - -- "Set brightness to $newBrightness" - ''; - in - { - "XF86Display" = "exec arandr"; - "XF86MonBrightnessUp" = "exec ${changeBacklight} up 10"; - "XF86MonBrightnessDown" = "exec ${changeBacklight} down 10"; - "Control+XF86MonBrightnessUp" = "exec ${changeBacklight} up 1"; - "Control+XF86MonBrightnessDown" = "exec ${changeBacklight} down 1"; - } - ) + { + # Screen management + "XF86Display" = "exec arandr"; + "XF86MonBrightnessUp" = "exec ${changeBacklight} up 10"; + "XF86MonBrightnessDown" = "exec ${changeBacklight} down 10"; + "Control+XF86MonBrightnessUp" = "exec ${changeBacklight} up 1"; + "Control+XF86MonBrightnessDown" = "exec ${changeBacklight} down 1"; + } { # Sub-modes "${modifier}+r" = "mode resize"; "${modifier}+Shift+space" = "mode floating"; } (lib.optionalAttrs config.my.home.wm.screen-lock.enable { - "${modifier}+x" = - let - systemctlUser = "${pkgs.systemd}/bin/systemctl --user"; - notify = "${pkgs.libnotify}/bin/notify-send -u low " + - "-h string:x-canonical-private-synchronous:xautolock-toggle"; - toggleXautolock = pkgs.writeScript "toggle-xautolock" '' - #!/bin/sh - if ${systemctlUser} is-active xautolock-session.service; then - ${systemctlUser} stop --user xautolock-session.service - ${notify} "Disabled Xautolock" - else - ${systemctlUser} start xautolock-session.service - ${notify} "Enabled Xautolock" - fi - ''; - in - "exec ${toggleXautolock}"; + "${modifier}+x" = "exec ${toggleXautolock}"; }) ( let From 1794eefd30794e4bbba70702a92153f3b053edbc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 17:33:09 +0200 Subject: [PATCH 193/654] profiles: wm: enable 'i3' helpers `flameshot` and `udiskie` provide some functionnality that would usually be found in an actual DE. It makes more sense to activate them here instead of in the home configuration, so I will remove it in the next commit. --- profiles/wm.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/profiles/wm.nix b/profiles/wm.nix index a2e9dd2..473d49d 100644 --- a/profiles/wm.nix +++ b/profiles/wm.nix @@ -18,6 +18,10 @@ in services.xserver.windowManager.i3.enable = true; # i3 settings my.home.wm.windowManager = "i3"; + # Screenshot tool + my.home.flameshot.enable = true; + # Auto disk mounter + my.home.udiskie.enable = true; }) ]; } From a43401625271507a28d5636f67a8ef06dec71ab8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 17:34:16 +0200 Subject: [PATCH 194/654] home: wm: i3: remove 'udiskie' and 'flameshot' It makes more sense to activate those at the `profile` level. --- home/wm/i3.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 4c763df..f7a477c 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -67,11 +67,6 @@ let in { config = lib.mkIf isEnabled { - my.home = { - flameshot.enable = true; - udiskie.enable = true; - }; - home.packages = with pkgs; [ ambroisie.i3-get-window-criteria # little helper for i3 configuration arandr # Used by a mapping From 1994ef2b1b29abb6ebb2908a7bf88af046335f6f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 18:10:37 +0200 Subject: [PATCH 195/654] modules: hardware: add mx-ergo This adds the ability to scroll using the ball, which is way better. --- modules/hardware/default.nix | 1 + modules/hardware/mx-ergo.nix | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 modules/hardware/mx-ergo.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 1740080..8e5e003 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -5,6 +5,7 @@ imports = [ ./bluetooth.nix ./ergodox.nix + ./mx-ergo.nix ./networking.nix ./sound.nix ./upower.nix diff --git a/modules/hardware/mx-ergo.nix b/modules/hardware/mx-ergo.nix new file mode 100644 index 0000000..e4e55a1 --- /dev/null +++ b/modules/hardware/mx-ergo.nix @@ -0,0 +1,26 @@ +# Hold down the `next page` button to scroll using the ball +{ config, lib, ... }: +let + cfg = config.my.hardware.mx-ergo; +in +{ + options.my.hardware.mx-ergo = with lib; { + enable = mkEnableOption "MX Ergo configuration"; + }; + + config = lib.mkIf cfg.enable { + services.xserver = { + # This section must be *after* the one configured by `libinput` + # for the `ScrollMethod` configuration to not be overriden + inputClassSections = lib.mkAfter [ + '' + Identifier "MX Ergo scroll button configuration" + MatchProduct "MX Ergo" + MatchIsPointer "on" + Option "ScrollMethod" "button" + Option "ScrollButton" "9" + '' + ]; + }; + }; +} From 7684489c9ab844672c3f3a2eefae993e7b2f497b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 18:10:54 +0200 Subject: [PATCH 196/654] profiles: add devices --- profiles/default.nix | 1 + profiles/devices.nix | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 profiles/devices.nix diff --git a/profiles/default.nix b/profiles/default.nix index 30ec900..0ea4094 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -3,6 +3,7 @@ { imports = [ ./bluetooth.nix + ./devices.nix ./gtk.nix ./laptop.nix ./wm.nix diff --git a/profiles/devices.nix b/profiles/devices.nix new file mode 100644 index 0000000..54088b3 --- /dev/null +++ b/profiles/devices.nix @@ -0,0 +1,17 @@ +{ config, lib, ... }: +let + cfg = config.my.profiles.devices; +in +{ + options.my.profiles.devices = with lib; { + enable = mkEnableOption "devices profile"; + }; + + config = lib.mkIf cfg.enable { + my.hardware = { + ergodox.enable = true; + + mx-ergo.enable = true; + }; + }; +} From e8982b8bc9887d25ab79f47bc80e74f731fb4130 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 18:11:42 +0200 Subject: [PATCH 197/654] machines: aramis: profiles: enable devices --- machines/aramis/profiles.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/profiles.nix b/machines/aramis/profiles.nix index 6d2bef7..4d2ac7d 100644 --- a/machines/aramis/profiles.nix +++ b/machines/aramis/profiles.nix @@ -3,6 +3,8 @@ my.profiles = { # Bluetooth configuration and GUI bluetooth.enable = true; + # Mouse and keyboard configuration + devices.enable = true; # GTK theme configuration gtk.enable = true; # Laptop specific configuration From 6113ad154d4f0e4d4955a0e3e65eec591250b36f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Jun 2021 18:29:08 +0200 Subject: [PATCH 198/654] home: firefox: tridactyl: add tabduplicate mapping --- home/firefox/tridactylrc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/firefox/tridactylrc b/home/firefox/tridactylrc index 869d6e5..d43965f 100644 --- a/home/firefox/tridactylrc +++ b/home/firefox/tridactylrc @@ -35,6 +35,9 @@ bindurl news.ycombinator.com ;F hint -Jtc .age > a bind gd tabdetach bind gD composite tabduplicate; tabdetach +" Duplicate a tab without detaching window +bind d tabduplicate + " Make yy use canonical links on the few websites that support them bind yy clipboard yankcanon " }}} From d43045c6d6629cf8a8e1c2ae0962ddb0a97e473e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Jun 2021 18:32:59 +0200 Subject: [PATCH 199/654] modules: services: matrix: add SMS verification --- modules/services/matrix.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 8dc6cad..8e4c9a1 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -66,6 +66,8 @@ in resources = [{ names = [ "client" ]; compress = false; }]; } ]; + + account_threepid_delegates.msisdn = "https://vector.im"; }; services.nginx.virtualHosts = { From 06c53620f840b0316427a09330abce5e585ff098 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Jun 2021 18:33:54 +0200 Subject: [PATCH 200/654] modules: services: matrix: enable spaces --- modules/services/matrix.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 8e4c9a1..68468f0 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -68,6 +68,11 @@ in ]; account_threepid_delegates.msisdn = "https://vector.im"; + + extraConfig = '' + experimental_features: + spaces_enabled: true + ''; }; services.nginx.virtualHosts = { From 6614b475461948e3894eba1c4e9d0908645b0d49 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Jun 2021 18:53:04 +0200 Subject: [PATCH 201/654] secrets: matrix: add mail configuration --- secrets/default.nix | 5 ++++- secrets/matrix/mail.nix | Bin 0 -> 179 bytes 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 secrets/matrix/mail.nix diff --git a/secrets/default.nix b/secrets/default.nix index 0028899..8c34abe 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -32,7 +32,10 @@ else { lohr.secret = fileContents ./lohr/secret.txt; - matrix.secret = fileContents ./matrix/secret.txt; + matrix = { + mail = import ./matrix/mail.nix; + secret = fileContents ./matrix/secret.txt; + }; miniflux.password = fileContents ./miniflux/password.txt; diff --git a/secrets/matrix/mail.nix b/secrets/matrix/mail.nix new file mode 100644 index 0000000000000000000000000000000000000000..333f8b2aa31ee5f82ae1072b0e2a84aa5616fa8a GIT binary patch literal 179 zcmZQ@_Y83kiVO&0I4;eqE+@4AA3HVOMDeN{!Z|d n#GV7DtZVFx{B+-mDm+|J%xRa+_eA}PzUP8@2Y*;ipSv6Y(gjlV literal 0 HcmV?d00001 From ee21de5b948b08a29f3d79da0c17a6d84b11a119 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Jun 2021 18:54:16 +0200 Subject: [PATCH 202/654] modules: services: matrix: add mail configuration --- machines/porthos/services.nix | 1 + modules/services/matrix.nix | 44 +++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 9773007..44c0b50 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -65,6 +65,7 @@ in # Matrix backend and Element chat front-end matrix = { enable = true; + mail = my.secrets.matrix.mail; secret = my.secrets.matrix.secret; }; miniflux = { diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 68468f0..fd4e90c 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -18,11 +18,46 @@ in { options.my.services.matrix = with lib; { enable = mkEnableOption "Matrix Synapse"; + secret = mkOption { type = types.str; example = "deadbeef"; description = "Shared secret to register users"; }; + + mail = { + host = mkOption { + type = types.str; + default = "smtp.migadu.com"; + example = "smtp.example.com"; + description = "Which host should be used for SMTP"; + }; + + port = mkOption { + type = types.port; + default = 587; + example = 25; + description = "Which port should be used for SMTP"; + }; + + username = mkOption { + type = types.str; + example = "matrix@example.com"; + description = "Which username should be used to connect"; + }; + + password = mkOption { + type = types.str; + example = "password"; + description = "Which password should be used to connect"; + }; + + notifFrom = mkOption { + type = types.str; + example = ""; + description = "Which address should be used for `From` field"; + }; + }; }; config = lib.mkIf cfg.enable { @@ -72,6 +107,15 @@ in extraConfig = '' experimental_features: spaces_enabled: true + + email: + smtp_host: "${cfg.mail.host}" + smtp_port: ${toString cfg.mail.port} + smtp_user: "${cfg.mail.username}" + smtp_pass: "${cfg.mail.password}" + notif_from: "${cfg.mail.notifFrom}" + # Refuse to connect unless the server supports STARTTLS. + require_transport_security: true ''; }; From e6ba569b368c3f195a0d0198808bf4c043f7bb07 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Jun 2021 12:42:55 +0200 Subject: [PATCH 203/654] modules: system: documentation: include POSIX man --- modules/system/documentation.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/system/documentation.nix b/modules/system/documentation.nix index 5f58680..74886ad 100644 --- a/modules/system/documentation.nix +++ b/modules/system/documentation.nix @@ -35,6 +35,9 @@ in nixos.enable = cfg.nixos.enable; }; - environment.systemPackages = lib.optional cfg.man.linux pkgs.manpages; + environment.systemPackages = with pkgs; lib.optionals cfg.man.linux [ + man-pages + man-pages-posix + ]; }; } From e319eaf09f5c9d818307194ff2d7801125dbf344 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Jun 2021 19:29:38 +0200 Subject: [PATCH 204/654] pkgs: bw-pass: fix 'meta.platforms' This makes use of 'keyutils' which only works on Linux. --- pkgs/bw-pass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/bw-pass/default.nix b/pkgs/bw-pass/default.nix index a5297d5..6f27bd3 100644 --- a/pkgs/bw-pass/default.nix +++ b/pkgs/bw-pass/default.nix @@ -39,7 +39,7 @@ stdenvNoCC.mkDerivation rec { description = "A simple script to query a password from bitwarden"; homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; license = with licenses; [ mit ]; - platforms = platforms.unix; + platforms = platforms.linux; maintainers = with maintainers; [ ambroisie ]; }; } From cd1173d2f6a596a60d604af79dd088b304b2ac33 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Jun 2021 19:55:54 +0200 Subject: [PATCH 205/654] flake: filter 'packages' on system --- flake.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index b11dbed..b7fd152 100644 --- a/flake.nix +++ b/flake.nix @@ -135,7 +135,13 @@ inherit (self.checks.${system}.pre-commit) shellHook; }; - packages = import ./pkgs { inherit pkgs; }; + packages = + let + packages = import ./pkgs { inherit pkgs; }; + isSystem = pkg: builtins.elem system pkg.meta.platforms; + finalPackages = lib.flip lib.filterAttrs packages (_: isSystem); + in + finalPackages; }) // { overlay = self.overlays.pkgs; From f8325cc9c73ac8b2459f54ffd64670ce96149571 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Jun 2021 20:12:19 +0200 Subject: [PATCH 206/654] secrets: clean-up 'default.nix' --- secrets/default.nix | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/secrets/default.nix b/secrets/default.nix index 8c34abe..754483d 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -1,14 +1,18 @@ -{ lib, pkgs, ... }: +{ lib, ... }: with lib; let - canaryHash = builtins.hashFile "sha256" ./canary; - expectedHash = - "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; + throwOnCanary = + let + canaryHash = builtins.hashFile "sha256" ./canary; + expectedHash = + "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; + in + if canaryHash != expectedHash + then throw "Secrets are not readable. Have you run `git-crypt unlock`?" + else id; in -if canaryHash != expectedHash then - abort "Secrets are not readable. Have you run `git-crypt unlock`?" -else { +throwOnCanary { options.my.secrets = mkOption { type = types.attrs; }; @@ -50,6 +54,6 @@ else { root.hashedPassword = fileContents ./users/root/password.txt; }; - wireguard = pkgs.callPackage ./wireguard { }; + wireguard = import ./wireguard { inherit lib; }; }; } From 3a471433ed2005c2ebc61b84c9c441d68eac2c37 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 12 Jun 2021 20:35:28 +0200 Subject: [PATCH 207/654] home: secrets: clean-up 'default.nix' --- home/secrets/default.nix | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/home/secrets/default.nix b/home/secrets/default.nix index 3624472..ac0e5b5 100644 --- a/home/secrets/default.nix +++ b/home/secrets/default.nix @@ -2,13 +2,17 @@ with lib; let - canaryHash = builtins.hashFile "sha256" ./canary; - expectedHash = - "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; + throwOnCanary = + let + canaryHash = builtins.hashFile "sha256" ./canary; + expectedHash = + "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; + in + if canaryHash != expectedHash + then throw "Secrets are not readable. Have you run `git-crypt unlock`?" + else id; in -if canaryHash != expectedHash then - abort "Secrets are not readable. Have you run `git-crypt unlock`?" -else { +throwOnCanary { options.my.secrets = mkOption { type = types.attrs; }; From b04c1b09ea6b6e28f30f9ca879c8530105592778 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 13 Jun 2021 18:37:11 +0200 Subject: [PATCH 208/654] pkgs: add matrix-notifier --- pkgs/default.nix | 2 ++ pkgs/matrix-notifier/default.nix | 45 ++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 pkgs/matrix-notifier/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 7419501..ede7620 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -14,6 +14,8 @@ rec { lohr = pkgs.callPackage ./lohr { }; + matrix-notifier = pkgs.callPackage ./matrix-notifier { }; + nolimips = pkgs.callPackage ./nolimips { }; vimix-cursors = pkgs.callPackage ./vimix-cursors { }; diff --git a/pkgs/matrix-notifier/default.nix b/pkgs/matrix-notifier/default.nix new file mode 100644 index 0000000..3f60455 --- /dev/null +++ b/pkgs/matrix-notifier/default.nix @@ -0,0 +1,45 @@ +{ curl, jq, fetchFromGitHub, lib, makeWrapper, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "matrix-notifier"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "ambroisie"; + repo = "matrix-notifier"; + rev = "v${version}"; + sha256 = "sha256-MbtxLUVL4bBS66TJTXky/0blR9lFKzLkRccck7Um2Co="; + }; + + phases = [ "installPhase" "fixupPhase" ]; + + nativeBuildInputs = [ + makeWrapper + ]; + + installPhase = '' + mkdir -p $out/bin + cp $src/${pname} $out/bin/${pname} + chmod a+x $out/bin/${pname} + ''; + + wrapperPath = lib.makeBinPath [ + curl + jq + ]; + + fixupPhase = '' + patchShebangs $out/bin/${pname} + wrapProgram $out/bin/${pname} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = '' + A very simple bash script that can be used to send a message to + a Matrix room + ''; + homepage = "https://gitea.belanyi.fr/ambroisie/${pname}"; + license = licenses.mit; + platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; + }; +} From b8be3d80a8273237ace7238c03236c32c594388e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 13 Jun 2021 18:38:06 +0200 Subject: [PATCH 209/654] ci: migrate to 'exec' runner Now that I have written a script to do the Matrix notification, I can do that. --- .drone.yml | 43 +++++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 20 deletions(-) diff --git a/.drone.yml b/.drone.yml index 7ad1c78..9c5d85d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,24 +1,27 @@ +--- kind: pipeline -name: check config +type: exec +name: NixOS config check steps: - - name: format check - image: nixos/nix - commands: - - nix-shell -p nixpkgs-fmt --run 'nixpkgs-fmt . --check' +- name: format check + commands: + - nix develop -c nixpkgs-fmt . - - name: notify - image: plugins/matrix - settings: - homeserver: - from_secret: matrix_homeserver - roomid: - from_secret: matrix_roomid - username: - from_secret: matrix_username - password: - from_secret: matrix_password - trigger: - status: - - failure - - success +- name: notifiy + commands: + - nix run .#matrix-notifier + environment: + ADDRESS: + from_secret: matrix_homeserver + ROOM: + from_secret: matrix_roomid + USER: + from_secret: matrix_username + PASS: + from_secret: matrix_password + when: + status: + - failure + - success +... From 8f266245eed181ac9de1263eb416a57c1d6ab186 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Jun 2021 16:41:28 +0200 Subject: [PATCH 210/654] modules: system: add boot And enable mounting `/tmp` as tmpfs by default. --- modules/system/boot.nix | 21 +++++++++++++++++++++ modules/system/default.nix | 1 + 2 files changed, 22 insertions(+) create mode 100644 modules/system/boot.nix diff --git a/modules/system/boot.nix b/modules/system/boot.nix new file mode 100644 index 0000000..0fed267 --- /dev/null +++ b/modules/system/boot.nix @@ -0,0 +1,21 @@ +{ config, lib, ... }: +let + cfg = config.my.system.boot; +in +{ + options.my.system.boot = with lib; { + tmp = { + clean = mkEnableOption "clean `/tmp` on boot."; + + tmpfs = my.mkDisableOption "mount `/tmp` as a tmpfs on boot."; + }; + }; + + config = { + boot = { + cleanTmpDir = cfg.tmp.clean; + + tmpOnTmpfs = cfg.tmp.tmpfs; + }; + }; +} diff --git a/modules/system/default.nix b/modules/system/default.nix index 48a0770..a9b251b 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,6 +3,7 @@ { imports = [ + ./boot.nix ./documentation.nix ./language.nix ./media.nix From cff3811cade39de009d1925586aa5a8d514f22d6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 15 Jun 2021 17:45:17 +0200 Subject: [PATCH 211/654] home: wm: screen-lock: use actual assertion Instead of hijacking the type verification, use an assertion. --- home/wm/default.nix | 8 +------- home/wm/screen-lock.nix | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index 508fe76..2547a4e 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -65,13 +65,7 @@ in enable = my.mkDisableOption "Notify when about to lock the screen"; delay = mkOption { - type = with types; - addCheck int (x: - let - cfg = config.my.home.wm.screen-lock.notify; - cornerCfg = config.my.home.wm.screen-lock.cornerLock; - in - (cfg.enable && cornerCfg.enable) -> cornerCfg.delay >= x); + type = types.int; default = 5; example = 15; description = '' diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock.nix index 720e73a..9201f40 100644 --- a/home/wm/screen-lock.nix +++ b/home/wm/screen-lock.nix @@ -12,6 +12,22 @@ let in { config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = + let + inherit (cfg) cornerLock notify; + bothEnabled = cornerLock.enable && notify.enable; + cornerLockHigherThanNotify = cornerLock.delay >= notify.delay; + in + bothEnabled -> cornerLockHigherThanNotify; + message = '' + `config.my.home.wm.notify.delay` cannot have a value higher than + `config.my.home.wm.cornerLock.delay`. + ''; + } + ]; + services.screen-locker = { enable = true; From 212dd299e2cd3374615ee24e18e415a330b75451 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 15 Jun 2021 18:33:16 +0200 Subject: [PATCH 212/654] pkgs: matrix-notifier: 0.1.0 -> 0.1.2 --- pkgs/matrix-notifier/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/matrix-notifier/default.nix b/pkgs/matrix-notifier/default.nix index 3f60455..e4d4c54 100644 --- a/pkgs/matrix-notifier/default.nix +++ b/pkgs/matrix-notifier/default.nix @@ -1,13 +1,13 @@ { curl, jq, fetchFromGitHub, lib, makeWrapper, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "matrix-notifier"; - version = "0.1.0"; + version = "0.1.2"; src = fetchFromGitHub { owner = "ambroisie"; repo = "matrix-notifier"; rev = "v${version}"; - sha256 = "sha256-MbtxLUVL4bBS66TJTXky/0blR9lFKzLkRccck7Um2Co="; + sha256 = "sha256-kEOwROIBzjet0R82/IknRSfCLf56Pp2LBSn3QzCigAM="; }; phases = [ "installPhase" "fixupPhase" ]; From daa69a54fab5c0cf479c26024e8731116aa9d92f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 15 Jun 2021 18:17:37 +0200 Subject: [PATCH 213/654] modules: services: indexers: limit Jackett memory --- modules/services/indexers.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/modules/services/indexers.nix b/modules/services/indexers.nix index 07e0f52..11d525c 100644 --- a/modules/services/indexers.nix +++ b/modules/services/indexers.nix @@ -21,6 +21,15 @@ in enable = true; }; + # Jackett wants to eat *all* my RAM if left to its own devices + systemd.services.jackett = { + serviceConfig = { + MemoryHigh = "15%"; + MemoryMax = "25%"; + }; + }; + + services.nginx.virtualHosts."${jackettDomain}" = lib.mkIf cfg.jackett.enable { forceSSL = true; From cd02cbff45227b2ce23d15f9fb19b751c7f0d0b9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Jun 2021 20:08:44 +0200 Subject: [PATCH 214/654] pkgs: use 'lib' as first input This is the idiomatic style in nixpkgs. --- pkgs/bw-pass/default.nix | 2 +- pkgs/comma/default.nix | 2 +- pkgs/diff-flake/default.nix | 2 +- pkgs/ff2mpv-go/default.nix | 2 +- pkgs/havm/default.nix | 2 +- pkgs/i3-get-window-criteria/default.nix | 2 +- pkgs/lohr/default.nix | 2 +- pkgs/matrix-notifier/default.nix | 2 +- pkgs/nolimips/default.nix | 2 +- pkgs/unbound-zones-adblock/default.nix | 2 +- pkgs/unified-hosts-lists/default.nix | 2 +- pkgs/vimix-cursors/default.nix | 2 +- pkgs/volantes-cursors/default.nix | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/pkgs/bw-pass/default.nix b/pkgs/bw-pass/default.nix index 6f27bd3..95ae0da 100644 --- a/pkgs/bw-pass/default.nix +++ b/pkgs/bw-pass/default.nix @@ -1,4 +1,4 @@ -{ bitwarden-cli, coreutils, jq, keyutils, lib, makeWrapper, rofi, shellcheck, stdenvNoCC }: +{ lib, bitwarden-cli, coreutils, jq, keyutils, makeWrapper, rofi, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "bw-pass"; version = "0.1.0"; diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix index deab009..f932863 100644 --- a/pkgs/comma/default.nix +++ b/pkgs/comma/default.nix @@ -1,4 +1,4 @@ -{ fzf, lib, makeWrapper, nix-index, shellcheck, stdenvNoCC }: +{ lib, fzf, makeWrapper, nix-index, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "comma"; version = "0.1.0"; diff --git a/pkgs/diff-flake/default.nix b/pkgs/diff-flake/default.nix index 4cd7777..090aa6d 100644 --- a/pkgs/diff-flake/default.nix +++ b/pkgs/diff-flake/default.nix @@ -1,4 +1,4 @@ -{ coreutils, git, gnused, makeWrapper, lib, shellcheck, stdenvNoCC }: +{ lib, coreutils, git, gnused, makeWrapper, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "diff-flake"; version = "0.1.0"; diff --git a/pkgs/ff2mpv-go/default.nix b/pkgs/ff2mpv-go/default.nix index 9efcf13..3dc229c 100644 --- a/pkgs/ff2mpv-go/default.nix +++ b/pkgs/ff2mpv-go/default.nix @@ -1,4 +1,4 @@ -{ buildGoModule, fetchgit, lib, mpv }: +{ lib, buildGoModule, fetchgit, mpv }: buildGoModule rec { pname = "ff2mpv-go"; version = "1.0.1"; diff --git a/pkgs/havm/default.nix b/pkgs/havm/default.nix index 97a708f..d8856a5 100644 --- a/pkgs/havm/default.nix +++ b/pkgs/havm/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, ghc, lib, stdenv, which }: +{ lib, fetchurl, ghc, stdenv, which }: stdenv.mkDerivation rec { pname = "havm"; version = "0.28"; diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix index 65cdb0e..2e7ce03 100644 --- a/pkgs/i3-get-window-criteria/default.nix +++ b/pkgs/i3-get-window-criteria/default.nix @@ -1,4 +1,4 @@ -{ coreutils, gnused, makeWrapper, lib, shellcheck, stdenvNoCC, xorg }: +{ lib, coreutils, gnused, makeWrapper, shellcheck, stdenvNoCC, xorg }: stdenvNoCC.mkDerivation rec { pname = "i3-get-window-criteria"; version = "0.1.0"; diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index 34182dd..c71dbd0 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, lib, rustPlatform }: +{ lib, fetchFromGitHub, rustPlatform }: rustPlatform.buildRustPackage rec { pname = "lohr"; version = "0.4.0"; diff --git a/pkgs/matrix-notifier/default.nix b/pkgs/matrix-notifier/default.nix index e4d4c54..92cc964 100644 --- a/pkgs/matrix-notifier/default.nix +++ b/pkgs/matrix-notifier/default.nix @@ -1,4 +1,4 @@ -{ curl, jq, fetchFromGitHub, lib, makeWrapper, stdenvNoCC }: +{ lib, curl, jq, fetchFromGitHub, makeWrapper, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "matrix-notifier"; version = "0.1.2"; diff --git a/pkgs/nolimips/default.nix b/pkgs/nolimips/default.nix index 49cd1b0..2a1dc33 100644 --- a/pkgs/nolimips/default.nix +++ b/pkgs/nolimips/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, gnulib, lib, stdenv }: +{ lib, fetchurl, gnulib, stdenv }: stdenv.mkDerivation rec { pname = "nolimips"; version = "0.11"; diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index e8afbe1..2f7ac3f 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, gawk, lib, stdenvNoCC, unified-hosts-lists }: +{ lib, fetchFromGitHub, gawk, stdenvNoCC, unified-hosts-lists }: stdenvNoCC.mkDerivation rec { name = "unbound-zones-adblock"; version = unified-hosts-lists.version; diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index 2c49924..4801ad0 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, lib, stdenvNoCC }: +{ lib, fetchFromGitHub, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "unified-hosts-lists"; version = "3.6.4"; diff --git a/pkgs/vimix-cursors/default.nix b/pkgs/vimix-cursors/default.nix index 78057ef..1bbbe4e 100644 --- a/pkgs/vimix-cursors/default.nix +++ b/pkgs/vimix-cursors/default.nix @@ -1,4 +1,4 @@ -{ python3, fetchFromGitHub, inkscape, lib, stdenvNoCC, xcursorgen }: +{ lib, python3, fetchFromGitHub, inkscape, stdenvNoCC, xcursorgen }: let py = python3.withPackages (ps: with ps; [ cairosvg ]); in diff --git a/pkgs/volantes-cursors/default.nix b/pkgs/volantes-cursors/default.nix index 08cec66..e300a36 100644 --- a/pkgs/volantes-cursors/default.nix +++ b/pkgs/volantes-cursors/default.nix @@ -1,4 +1,4 @@ -{ fetchFromGitHub, inkscape, lib, stdenvNoCC, xcursorgen }: +{ lib, fetchFromGitHub, inkscape, stdenvNoCC, xcursorgen }: stdenvNoCC.mkDerivation rec { pname = "volantes-cursors"; version = "unstable-2020-06-06"; From c9418cc4d3aae21198b2167059b03e0412ff73c1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 16 Jun 2021 21:17:45 +0200 Subject: [PATCH 215/654] pkgs: matrix-notifier: 0.1.2 -> 0.2.0 `pandoc` is now a dependency. --- pkgs/matrix-notifier/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/matrix-notifier/default.nix b/pkgs/matrix-notifier/default.nix index 92cc964..a7b3a3c 100644 --- a/pkgs/matrix-notifier/default.nix +++ b/pkgs/matrix-notifier/default.nix @@ -1,13 +1,13 @@ -{ lib, curl, jq, fetchFromGitHub, makeWrapper, stdenvNoCC }: +{ lib, curl, jq, fetchFromGitHub, makeWrapper, pandoc, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "matrix-notifier"; - version = "0.1.2"; + version = "0.2.0"; src = fetchFromGitHub { owner = "ambroisie"; repo = "matrix-notifier"; rev = "v${version}"; - sha256 = "sha256-kEOwROIBzjet0R82/IknRSfCLf56Pp2LBSn3QzCigAM="; + sha256 = "sha256-JiKPDrr9wyD2q5Vsac+OkFdvrDkx6mj/oC7XDVnka74="; }; phases = [ "installPhase" "fixupPhase" ]; @@ -25,6 +25,7 @@ stdenvNoCC.mkDerivation rec { wrapperPath = lib.makeBinPath [ curl jq + pandoc ]; fixupPhase = '' From 3fdcfb5b5f354f32bcad9c953d8b641415c214e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 22 Jun 2021 19:39:35 +0200 Subject: [PATCH 216/654] home: wm: dunst: add max icon size Otherwise I end up with icons that are way too big... --- home/wm/dunst.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/dunst.nix b/home/wm/dunst.nix index 334396c..60e8604 100644 --- a/home/wm/dunst.nix +++ b/home/wm/dunst.nix @@ -16,6 +16,7 @@ in frame_width = 3; # small frame geometry = "300x50-15+49"; markup = "full"; # subset of HTML + max_icon_size = 32; # avoid icons that are too big padding = 6; # distance between text and bubble border progress_bar = true; # show a progress bar in notification bubbles separator_color = "frame"; # use frame color to separate bubbles From 23c6093c36af67989b806c4c742a49fb1161c36d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 22 Jun 2021 19:47:53 +0200 Subject: [PATCH 217/654] home: wm: dunst: add line wrapping Once again, trying to make them actually readable. --- home/wm/dunst.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/dunst.nix b/home/wm/dunst.nix index 60e8604..2c3d2f4 100644 --- a/home/wm/dunst.nix +++ b/home/wm/dunst.nix @@ -21,6 +21,7 @@ in progress_bar = true; # show a progress bar in notification bubbles separator_color = "frame"; # use frame color to separate bubbles sort = true; # sort messages by urgency + word_wrap = true; # Break long lines to make them readable }; urgency_low = { From 4cae294cf590c2ec6a552fc2070ec333618ce18b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Jun 2021 23:06:15 +0200 Subject: [PATCH 218/654] home: wm: i3: enable rofi bindings when applicable --- home/wm/i3.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index f7a477c..7b95e4a 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -187,13 +187,13 @@ in # Focus child container "${modifier}+a" = "focus child"; } - { + (lib.optionalAttrs config.my.home.wm.rofi.enable { # Rofi tools "${modifier}+d" = "exec rofi -show drun -disable-history"; "${modifier}+Shift+d" = "exec rofi -show run -disable-history"; "${modifier}+p" = "exec --no-startup-id flameshot gui"; "${modifier}+Shift+p" = "exec rofi -show emoji"; - } + }) ( # Changing container focus genMovementBindings ( From 92c2748747416e4775d38b1e9d425800cece8d8e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Jun 2021 23:08:19 +0200 Subject: [PATCH 219/654] home: wm: dunst: use rofi as 'dmenu' when enabled --- home/wm/dunst.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/wm/dunst.nix b/home/wm/dunst.nix index 2c3d2f4..e90362a 100644 --- a/home/wm/dunst.nix +++ b/home/wm/dunst.nix @@ -11,6 +11,10 @@ in global = { alignment = "center"; # Put message in the middle of the box browser = "xdg-open"; # use default browser to open links + dmenu = + lib.mkIf + config.my.home.wm.rofi.enable + "rofi -p dunst -dmenu"; # use rofi for menu follow = "keyboard"; # follow keyboard focus font = "Monospace 8"; # Simple looking font frame_width = 3; # small frame From 5cebb9b54bc335ccc0aaa5ecfd95a15cca084695 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Jun 2021 23:13:39 +0200 Subject: [PATCH 220/654] home: zsh: explicitly opt out of extended history --- home/zsh/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 8d25552..b602149 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -14,6 +14,7 @@ in history = { size = 500000; + extended = false; ignoreSpace = true; ignoreDups = true; share = true; From c6d21493ef48584c64d84759c0a021abcc84195a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Jun 2021 23:14:01 +0200 Subject: [PATCH 221/654] home: zsh: explicitly set history save size Turns out the `history.save` limit is for what is *loaded into memory*, not what is written to disk. --- home/zsh/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index b602149..96ec251 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -14,6 +14,7 @@ in history = { size = 500000; + save = 500000; extended = false; ignoreSpace = true; ignoreDups = true; From 0f17123d09267df317dc77c5379a8363a7806a9b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Jun 2021 20:40:34 +0200 Subject: [PATCH 222/654] modules: change username configuration option It makes more sense to have a `my.user` option. --- flake.nix | 2 +- modules/default.nix | 12 +++++++----- modules/home.nix | 2 +- modules/system/users.nix | 4 ++-- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/flake.nix b/flake.nix index b7fd152..4f0460f 100644 --- a/flake.nix +++ b/flake.nix @@ -72,7 +72,7 @@ } home-manager.nixosModules.home-manager ({ config, ... }: { - home-manager.users.${config.my.username} = import ./home; + home-manager.users.${config.my.user.name} = import ./home; # Nix Flakes compatibility home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; diff --git a/modules/default.nix b/modules/default.nix index 46c2e8e..061da01 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,11 +10,13 @@ ]; options.my = with lib; { - username = mkOption { - type = types.str; - default = "ambroisie"; - example = "alice"; - description = "my username"; + user = { + name = mkOption { + type = types.str; + default = "ambroisie"; + example = "alice"; + description = "my username"; + }; }; }; } diff --git a/modules/home.nix b/modules/home.nix index a6fbc80..be0aedf 100644 --- a/modules/home.nix +++ b/modules/home.nix @@ -1,7 +1,7 @@ # Simplify setting home options { config, lib, ... }: let - actualPath = [ "home-manager" "users" config.my.username "my" "home" ]; + actualPath = [ "home-manager" "users" config.my.user.name "my" "home" ]; aliasPath = [ "my" "home" ]; in { diff --git a/modules/system/users.nix b/modules/system/users.nix index 4493c75..3897ad7 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -20,8 +20,8 @@ in inherit (secrets.users.root) hashedPassword; }; - ${config.my.username} = { - inherit (secrets.users.${config.my.username}) hashedPassword; + ${config.my.user.name} = { + inherit (secrets.users.${config.my.user.name}) hashedPassword; description = "Bruno BELANYI"; isNormalUser = true; shell = pkgs.zsh; From 7a382368e80e0097823050d0b40a88484b9e921f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Jun 2021 20:43:19 +0200 Subject: [PATCH 223/654] modules: move home configuration from flake --- flake.nix | 7 ------- modules/default.nix | 4 ++++ modules/home.nix | 19 ++++++++++++++++--- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/flake.nix b/flake.nix index 4f0460f..2b0052a 100644 --- a/flake.nix +++ b/flake.nix @@ -70,13 +70,6 @@ nur.overlay ]; } - home-manager.nixosModules.home-manager - ({ config, ... }: { - home-manager.users.${config.my.user.name} = import ./home; - # Nix Flakes compatibility - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - }) # Include generic settings ./modules # Include bundles of settings diff --git a/modules/default.nix b/modules/default.nix index 061da01..798fb0d 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -17,6 +17,10 @@ example = "alice"; description = "my username"; }; + + home = { + enable = my.mkDisableOption "home-manager configuration"; + }; }; }; } diff --git a/modules/home.nix b/modules/home.nix index be0aedf..8ae1b3e 100644 --- a/modules/home.nix +++ b/modules/home.nix @@ -1,11 +1,24 @@ -# Simplify setting home options -{ config, lib, ... }: +{ config, inputs, lib, ... }: let actualPath = [ "home-manager" "users" config.my.user.name "my" "home" ]; aliasPath = [ "my" "home" ]; + + cfg = config.my.user.home; in { imports = [ - (lib.mkAliasOptionModule aliasPath actualPath) + inputs.home-manager.nixosModule # enable home-manager options + (lib.mkAliasOptionModule aliasPath actualPath) # simplify setting home options ]; + + config = lib.mkIf cfg.enable { + home-manager = { + # Not a fan of out-of-directory imports, but this is a good exception + users.${config.my.user.name} = import ../home; + + # Nix Flakes compatibility + useGlobalPkgs = true; + useUserPackages = true; + }; + }; } From 57717d70ef29a52cdb9f84a37d38055fca066972 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Jun 2021 18:38:11 +0200 Subject: [PATCH 224/654] home: wm: i3: also toggle xss-lock --- home/wm/i3.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 7b95e4a..14ec64e 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -58,9 +58,11 @@ let #!/bin/sh if ${systemctlUser} is-active xautolock-session.service; then ${systemctlUser} stop --user xautolock-session.service + xset s off ${notify} "Disabled Xautolock" else ${systemctlUser} start xautolock-session.service + xset s on ${notify} "Enabled Xautolock" fi ''; From 5abe4e929e0ad92d6cc5c69c4377bdcf64c06277 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Jun 2021 23:35:31 +0200 Subject: [PATCH 225/654] modules: hardware: sound: refactor options Do not enable ALSA when using pipewire. Ensure that both pulseaudio and pipewire are not configured at the same time. --- machines/aramis/sound.nix | 2 -- modules/hardware/sound.nix | 22 +++++++++++++++++----- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/machines/aramis/sound.nix b/machines/aramis/sound.nix index f9dd1b0..41ff7f7 100644 --- a/machines/aramis/sound.nix +++ b/machines/aramis/sound.nix @@ -1,8 +1,6 @@ { ... }: { my.hardware.sound = { - enable = true; - pipewire = { enable = true; }; diff --git a/modules/hardware/sound.nix b/modules/hardware/sound.nix index 3a12843..3a48641 100644 --- a/modules/hardware/sound.nix +++ b/modules/hardware/sound.nix @@ -4,8 +4,6 @@ let in { options.my.hardware.sound = with lib; { - enable = mkEnableOption "sound configuration"; - pipewire = { enable = mkEnableOption "pipewire configuration"; }; @@ -15,10 +13,21 @@ in }; }; - config = lib.mkIf cfg.enable (lib.mkMerge [ - # Basic configuration + config = (lib.mkMerge [ + # Sanity check { - sound.enable = true; + assertions = [ + { + assertion = builtins.all (lib.id) [ + (cfg.pipewire.enable -> !cfg.pulse.enable) + (cfg.pulse.enable -> !cfg.pipewire.enable) + ]; + message = '' + `config.my.hardware.sound.pipewire.enable` and + `config.my.hardware.sound.pulse.enable` are incompatible. + ''; + } + ]; } (lib.mkIf cfg.pipewire.enable { @@ -49,6 +58,9 @@ in # Pulseaudio setup (lib.mkIf cfg.pulse.enable { + # ALSA + sound.enable = true; + hardware.pulseaudio.enable = true; }) ]); From d6e9f9786d54c0b4076b1e3e010e37f86c8a7c73 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jun 2021 19:48:26 +0200 Subject: [PATCH 226/654] secrets: use more specific type I will amend it if I need more types, but for now this is fine. --- secrets/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/secrets/default.nix b/secrets/default.nix index 754483d..4a4aa68 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -14,7 +14,15 @@ let in throwOnCanary { options.my.secrets = mkOption { - type = types.attrs; + type = + let + valueType = with types; oneOf [ + int + str + (attrsOf valueType) + ]; + in + valueType; }; config.my.secrets = { From 2232062fd9267090867bda083a9a07051f4b29e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jun 2021 19:48:42 +0200 Subject: [PATCH 227/654] home: secrets: use more specific type I will amend it if I need more types, but for now this is fine. --- home/secrets/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/home/secrets/default.nix b/home/secrets/default.nix index ac0e5b5..76ec2cf 100644 --- a/home/secrets/default.nix +++ b/home/secrets/default.nix @@ -14,7 +14,15 @@ let in throwOnCanary { options.my.secrets = mkOption { - type = types.attrs; + type = + let + valueType = with types; oneOf [ + int + str + (attrsOf valueType) + ]; + in + valueType; }; config.my.secrets = { From 6eb39422705f48864b15223ddd2c6020532f4d5a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jun 2021 19:51:04 +0200 Subject: [PATCH 228/654] home: firefox: add sponsorblock --- home/firefox/firefox.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/firefox.nix b/home/firefox/firefox.nix index d5ecd53..723ecc8 100644 --- a/home/firefox/firefox.nix +++ b/home/firefox/firefox.nix @@ -46,6 +46,7 @@ in https-everywhere i-dont-care-about-cookies reddit-enhancement-suite + sponsorblock ublock-origin ] ++ lib.optional (cfg.tridactyl.enable) tridactyl From 791109c3c171e02df19c634be903809d3ff247a1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 30 Jun 2021 20:07:55 +0200 Subject: [PATCH 229/654] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 29aabff..1fead41 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "futils": { "locked": { - "lastModified": 1620759905, - "narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=", + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", "owner": "numtide", "repo": "flake-utils", - "rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", "type": "github" }, "original": { @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1622145920, - "narHash": "sha256-/tt6IApLuVcGP5auy4zjLzfm5+MBHYLS3Nauvv2U2EQ=", + "lastModified": 1625016439, + "narHash": "sha256-zHf7iCU9nYd6/7xwYx5gwDzXdXcJ9RUagdy0IgX39sQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "0e6c61a44092e98ba1d75b41f4f947843dc7814d", + "rev": "9ad0024d4d292c628d4c9a50c2347f23418d7000", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1622194753, - "narHash": "sha256-76qtvFp/vFEz46lz5iZMJ0mnsWQYmuGYlb0fHgKqqMg=", + "lastModified": 1624922035, + "narHash": "sha256-OiIxJQuMRkICxaUwY3xMBbrPPu20de/n7tVYnWzLvS4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "540dccb2aeaffa9dc69bfdc41c55abd7ccc6baa3", + "rev": "3a8d7958a610cd3fec3a6f424480f91a1b259185", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1622221304, - "narHash": "sha256-aU/BdVGUverHNY9BOmDaAo21G8k9ndhzzjX1RSY1im0=", + "lastModified": 1625064961, + "narHash": "sha256-ErII8vNW+04+eIGtViN8sSZs573I8PQiw6TWd1E0zoo=", "owner": "nix-community", "repo": "NUR", - "rev": "8d8c59d767d854a1bc6fd08952529e10438eaa8d", + "rev": "5f0603506c26d7c97c91e8c6ae27e07f3ab2f0e8", "type": "github" }, "original": { @@ -79,11 +79,11 @@ ] }, "locked": { - "lastModified": 1621411868, - "narHash": "sha256-R+7OQ2JYFCb3E7Jl7LhRifzMVCR6Gl8R98zYsNhZtJ8=", + "lastModified": 1624971177, + "narHash": "sha256-Amf/nBj1E77RmbSSmV+hg6YOpR+rddCbbVgo5C7BS0I=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "2e7fac06108b4fc81f5ff9ed9a02bc4f6ede7001", + "rev": "397f0713d007250a2c7a745e555fa16c5dc8cadb", "type": "github" }, "original": { From ff8e64d601ffd2886973e2cedfe476cb4287eaa5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 22 Jun 2021 17:59:47 +0200 Subject: [PATCH 230/654] home: mail: add himalaya This mail client is very KISS. I like it. --- home/mail/accounts.nix | 4 ++++ home/mail/default.nix | 5 +++++ home/mail/himalaya.nix | 23 +++++++++++++++++++++++ 3 files changed, 32 insertions(+) create mode 100644 home/mail/himalaya.nix diff --git a/home/mail/accounts.nix b/home/mail/accounts.nix index 7f1ad02..2eecb6d 100644 --- a/home/mail/accounts.nix +++ b/home/mail/accounts.nix @@ -15,6 +15,10 @@ let inherit primary; + himalaya = { + enable = cfg.himalaya.enable; + }; + msmtp = { enable = cfg.msmtp.enable; }; diff --git a/home/mail/default.nix b/home/mail/default.nix index cc81d0c..3ec0c9a 100644 --- a/home/mail/default.nix +++ b/home/mail/default.nix @@ -7,12 +7,17 @@ in { imports = [ ./accounts.nix + ./himalaya.nix ./msmtp.nix ]; options.my.home.mail = with lib; { enable = my.mkDisableOption "email configuration"; + himalaya = { + enable = mkRelatedOption "himalaya configuration"; + }; + msmtp = { enable = mkRelatedOption "msmtp configuration"; }; diff --git a/home/mail/himalaya.nix b/home/mail/himalaya.nix new file mode 100644 index 0000000..c2d3b05 --- /dev/null +++ b/home/mail/himalaya.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.mail.himalaya; +in +{ + config.programs.himalaya = lib.mkIf cfg.enable { + enable = true; + + settings = { + notify-cmd = + let + notify-send = "${pkgs.libnotify}/bin/notify-send"; + in + pkgs.writeScript "mail-notifier" '' + SENDER="$1" + SUBJECT="$2" + ${notify-send} \ + -c himalaya \ + -- "$(printf 'Received email from %s\n\n%s' "$SENDER" "$SUBJECT")" + ''; + }; + }; +} From ea7b064546145eb67de8b8a6b4ecb1277f1879f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 27 Jun 2021 00:54:55 +0200 Subject: [PATCH 231/654] home: direnv: update to new option name And enable the flakes option. I don't actually use this on my own projects, but it could be useful for other projects that I contribute to. --- home/direnv.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/home/direnv.nix b/home/direnv.nix index d81cf46..cf32628 100644 --- a/home/direnv.nix +++ b/home/direnv.nix @@ -9,7 +9,11 @@ in config.programs.direnv = lib.mkIf cfg.enable { enable = true; - # A better `use_nix` - enableNixDirenvIntegration = true; + nix-direnv = { + # A better `use_nix` + enable = true; + # And `use_flake` + enableFlakes = true; + }; }; } From a3edf2548b5ee4300afc478b625631fb4b2b706b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 3 Jul 2021 20:46:24 +0200 Subject: [PATCH 232/654] overlays: transgui: correctly use previous patches --- overlays/transgui-fix-duplicate-status/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/overlays/transgui-fix-duplicate-status/default.nix b/overlays/transgui-fix-duplicate-status/default.nix index 6190306..85036ce 100644 --- a/overlays/transgui-fix-duplicate-status/default.nix +++ b/overlays/transgui-fix-duplicate-status/default.nix @@ -1,7 +1,7 @@ final: prev: { transgui = prev.transgui.overrideAttrs (oldAttrs: { - patches = [ + patches = (oldAttrs.patches or [ ]) ++ [ (final.fetchpatch { url = "https://patch-diff.githubusercontent.com/raw/transmission-remote-gui/transgui/pull/1354.patch"; sha256 = "sha256-Q4DAduqnTtNI0Zw9NIWpE8L0G8RusvPbZ3iW29k7XXA="; From 21f48b5f719e0d2457d0c9d5af7a23b33602a83c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 3 Jul 2021 21:42:45 +0200 Subject: [PATCH 233/654] pkgs: bw-pass: change password prompt --- pkgs/bw-pass/bw-pass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/bw-pass/bw-pass b/pkgs/bw-pass/bw-pass index 16c931e..3fddf1f 100755 --- a/pkgs/bw-pass/bw-pass +++ b/pkgs/bw-pass/bw-pass @@ -17,7 +17,7 @@ error_out() { login() { local PASSWORD - PASSWORD="$(prompt_pass "Password")" || error_out "Cannot prompt password" + PASSWORD="$(prompt_pass "Bitwarden Password")" || error_out "Cannot prompt password" export BW_SESSION BW_SESSION="$(bw unlock "$PASSWORD" --raw)" || error_out "Cannot unlock" } From 971b610cd5aeafdf1640c80f2cee9df8a7670f75 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 17:43:26 +0200 Subject: [PATCH 234/654] modules: services: matrix: SSL only for server This is a requirement anyway for homeservers, and the `forceSSL` option tried to create a redirect for non-SSL traffic, except the `listen` option only provided SSL endpoints anyway, so this resulted in additional rules in the nginx config looking like this: ```nginx server { server_name matrix.belanyi.fr ; location /.well-known/acme-challenge { root /var/lib/acme/acme-challenge; auth_basic off; } location / { return 301 https://$host$request_uri; } } ``` --- modules/services/matrix.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index fd4e90c..8f8c82e 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -121,7 +121,7 @@ in services.nginx.virtualHosts = { "matrix.${domain}" = { - forceSSL = true; + onlySSL = true; useACMEHost = domain; locations = @@ -149,7 +149,7 @@ in # same as above, but listening on the federation port "matrix.${domain}_federation" = rec { - forceSSL = true; + onlySSL = true; serverName = "matrix.${domain}"; useACMEHost = domain; From f2dfeeb35ba125b29e9353c870451bfd7520f124 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 17:50:41 +0200 Subject: [PATCH 235/654] home: git: use topological order in log It is the one that makes most sense, rather than some kind of date order... --- home/git/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/git/default.nix b/home/git/default.nix index 718ff27..156731e 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -18,7 +18,7 @@ in package = pkgs.gitAndTools.gitFull; aliases = { - lol = "log --graph --decorate --pretty=oneline --abbrev-commit"; + lol = "log --graph --decorate --pretty=oneline --abbrev-commit --topo-order"; lola = "lol --all"; assume = "update-index --assume-unchanged"; unassume = "update-index --no-assume-unchanged"; From 8927b3182f6b32673ee2dd85a7dbcb5398f25966 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 19:08:54 +0200 Subject: [PATCH 236/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 1fead41..075d5a4 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1625016439, - "narHash": "sha256-zHf7iCU9nYd6/7xwYx5gwDzXdXcJ9RUagdy0IgX39sQ=", + "lastModified": 1626073055, + "narHash": "sha256-vocByfpVu6m9zvtJugDvmd6/9iT2HJuG4tmDICKd0lI=", "owner": "nix-community", "repo": "home-manager", - "rev": "9ad0024d4d292c628d4c9a50c2347f23418d7000", + "rev": "775cb20bd4af7781fbf336fb201df02ee3d544bb", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1624922035, - "narHash": "sha256-OiIxJQuMRkICxaUwY3xMBbrPPu20de/n7tVYnWzLvS4=", + "lastModified": 1626046891, + "narHash": "sha256-Zt8saH+hAehXskW0iFAzk+iMillYoFBxvLReYNqGT9E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3a8d7958a610cd3fec3a6f424480f91a1b259185", + "rev": "d8f8f31af9d77a48220e4e8a301d1e79774cb7d2", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1625064961, - "narHash": "sha256-ErII8vNW+04+eIGtViN8sSZs573I8PQiw6TWd1E0zoo=", + "lastModified": 1626192709, + "narHash": "sha256-REQ9ByMk4crAX37e8YDZOBl9Kxn+nTfnnLwwxczcoP0=", "owner": "nix-community", "repo": "NUR", - "rev": "5f0603506c26d7c97c91e8c6ae27e07f3ab2f0e8", + "rev": "564ec91b61dab796f1af44502ff3a9c124f4d6da", "type": "github" }, "original": { From 2458ddf59d037e080bfc0f0f01855722e83953a4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 19:09:27 +0200 Subject: [PATCH 237/654] modules: services: add monitoring This includes a dashboard to monitor system ressources, using Prometheus. --- modules/services/default.nix | 1 + modules/services/monitoring.nix | 116 ++++++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+) create mode 100644 modules/services/monitoring.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 424e26f..a0f11fd 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -14,6 +14,7 @@ ./lohr.nix ./matrix.nix ./miniflux.nix + ./monitoring.nix ./nextcloud.nix ./nginx.nix ./pirate.nix diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix new file mode 100644 index 0000000..8146eca --- /dev/null +++ b/modules/services/monitoring.nix @@ -0,0 +1,116 @@ +# Grafana dashboards for all the things! +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.monitoring; + + domain = config.networking.domain; + grafanaDomain = "monitoring.${config.networking.domain}"; +in +{ + options.my.services.monitoring = with lib; { + enable = mkEnableOption "monitoring"; + + grafana = { + port = mkOption { + type = types.port; + default = 9500; + example = 3001; + description = "Internal port"; + }; + + username = mkOption { + type = types.str; + default = "ambroisie"; + example = "admin"; + description = "Admin username"; + }; + + passwordFile = mkOption { + type = types.str; + example = "/var/lib/grafana/password.txt"; + description = "Admin password stored in a file"; + }; + }; + + prometheus = { + port = mkOption { + type = types.port; + default = 9501; + example = 3002; + description = "Internal port"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + services.grafana = { + enable = true; + domain = grafanaDomain; + port = cfg.grafana.port; + addr = "127.0.0.1"; # Proxied through Nginx + + security = { + adminUser = cfg.grafana.username; + adminPasswordFile = cfg.grafana.passwordFile; + }; + + provision = { + enable = true; + + datasources = [ + { + name = "Prometheus"; + type = "prometheus"; + url = "http://localhost:${toString cfg.prometheus.port}"; + } + ]; + + dashboards = [ + { + name = "Node Exporter"; + options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.node-exporter; + disableDeletion = true; + } + ]; + }; + }; + + services.prometheus = { + enable = true; + port = cfg.prometheus.port; + listenAddress = "127.0.0.1"; + + retentionTime = "2y"; + + exporters = { + node = { + enable = true; + enabledCollectors = [ "systemd" ]; + port = 9100; + listenAddress = "127.0.0.1"; + }; + }; + + scrapeConfigs = [ + { + job_name = config.networking.hostName; + static_configs = [{ + targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + ]; + }; + + services.nginx = { + virtualHosts.${grafanaDomain} = { + forceSSL = true; + useACMEHost = domain; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString cfg.grafana.port}"; + proxyWebsockets = true; + }; + }; + }; + }; +} From e060476f32fd76a8ff23273b228120c5c418168e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 19:10:17 +0200 Subject: [PATCH 238/654] modules: services: add monitoring dashboard --- modules/services/nginx.nix | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index ab90760..b5d49c1 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -1,7 +1,7 @@ # Configuration shamelessly stolen from [1] # # [1]: https://github.com/delroth/infra.delroth.net/blob/master/common/nginx.nix -{ config, pkgs, lib, ... }: +{ config, lib, pkgs, ... }: { # Whenever something defines an nginx vhost, ensure that nginx defaults are @@ -40,5 +40,34 @@ }; }; }; + # Setup monitoring + services.grafana.provision.dashboards = [ + { + name = "NGINX"; + options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.nginx; + disableDeletion = true; + } + ]; + + services.prometheus = { + exporters.nginx = { + enable = true; + listenAddress = "127.0.0.1"; + }; + + scrapeConfigs = [ + { + job_name = "nginx"; + static_configs = [ + { + targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}" ]; + labels = { + instance = config.networking.hostName; + }; + } + ]; + } + ]; + }; }; } From 4e8045716c8ff3eefbb35a834e272d689d9dfb38 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 13 Jul 2021 19:11:03 +0200 Subject: [PATCH 239/654] secrets: add monitoring password --- secrets/default.nix | 2 ++ secrets/monitoring/password.txt | Bin 0 -> 55 bytes 2 files changed, 2 insertions(+) create mode 100644 secrets/monitoring/password.txt diff --git a/secrets/default.nix b/secrets/default.nix index 4a4aa68..1f2fae8 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -51,6 +51,8 @@ throwOnCanary { miniflux.password = fileContents ./miniflux/password.txt; + monitoring.password = fileContents ./monitoring/password.txt; + nextcloud.password = fileContents ./nextcloud/password.txt; podgrab.password = fileContents ./podgrab/password.txt; diff --git a/secrets/monitoring/password.txt b/secrets/monitoring/password.txt new file mode 100644 index 0000000000000000000000000000000000000000..98d0972e616531b77412a557d98029f6ea66be2c GIT binary patch literal 55 zcmZQ@_Y83kiVO&0@VY)J{Oq~qYyOw9U0L+}U)G-V!(1%aUEiOtv=frPWyTazJax)0 M!|Y Date: Tue, 13 Jul 2021 19:11:15 +0200 Subject: [PATCH 240/654] machines: porthos: services: enable monitoring --- machines/porthos/services.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 44c0b50..c702c84 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -72,6 +72,14 @@ in enable = true; password = my.secrets.miniflux.password; }; + # Various monitoring dashboards + monitoring = { + enable = true; + grafana = { + passwordFile = + builtins.toFile "grafana.txt" my.secrets.monitoring.password; # Insecure, I don't care + }; + }; # Nextcloud self-hosted cloud nextcloud = { enable = true; From a3293277d94abb3ff0487f5c1d092804a9f35263 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 14 Jul 2021 21:48:50 +0200 Subject: [PATCH 241/654] flake: flatten and filter packages w/ flake-utils Instead of my home-grown solution, use one that has been upstreamed. --- flake.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 2b0052a..252e7bd 100644 --- a/flake.nix +++ b/flake.nix @@ -130,9 +130,10 @@ packages = let + inherit (futils.lib) filterPackages flattenTree; packages = import ./pkgs { inherit pkgs; }; - isSystem = pkg: builtins.elem system pkg.meta.platforms; - finalPackages = lib.flip lib.filterAttrs packages (_: isSystem); + flattenedPackages = flattenTree packages; + finalPackages = filterPackages system flattenedPackages; in finalPackages; }) // { From 820b52314f5ae01b700cca1ce3305fc089d76903 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 15 Jul 2021 18:50:04 +0200 Subject: [PATCH 242/654] modules: services: monitoring: add scrape interval --- modules/services/monitoring.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix index 8146eca..f76337a 100644 --- a/modules/services/monitoring.nix +++ b/modules/services/monitoring.nix @@ -39,6 +39,13 @@ in example = 3002; description = "Internal port"; }; + + scrapeInterval = mkOption { + type = types.str; + default = "15s"; + example = "1m"; + description = "Scrape interval"; + }; }; }; @@ -62,6 +69,9 @@ in name = "Prometheus"; type = "prometheus"; url = "http://localhost:${toString cfg.prometheus.port}"; + jsonData = { + timeInterval = cfg.prometheus.scrapeInterval; + }; } ]; @@ -91,6 +101,10 @@ in }; }; + globalConfig = { + scrape_interval = cfg.prometheus.scrapeInterval; + }; + scrapeConfigs = [ { job_name = config.networking.hostName; From 9f00d8a38e5268b4799a32ce94f575e404021452 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 12:05:51 +0200 Subject: [PATCH 243/654] modules: services: add postgresql Enable the service itself in other modules when needed, but pin the package in a single place. --- modules/services/default.nix | 1 + modules/services/drone.nix | 1 + modules/services/matrix.nix | 1 - modules/services/postgresql.nix | 18 ++++++++++++++++++ 4 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 modules/services/postgresql.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index a0f11fd..29ae034 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -20,6 +20,7 @@ ./pirate.nix ./podgrab.nix ./postgresql-backup.nix + ./postgresql.nix ./quassel.nix ./rss-bridge.nix ./sabnzbd.nix diff --git a/modules/services/drone.nix b/modules/services/drone.nix index 50119ac..b1e80ea 100644 --- a/modules/services/drone.nix +++ b/modules/services/drone.nix @@ -81,6 +81,7 @@ in users.groups.drone = { }; services.postgresql = { + enable = true; ensureDatabases = [ "drone" ]; ensureUsers = [{ name = "drone"; diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 8f8c82e..5d81448 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -63,7 +63,6 @@ in config = lib.mkIf cfg.enable { services.postgresql = { enable = true; - package = pkgs.postgresql_12; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix new file mode 100644 index 0000000..8da9ab7 --- /dev/null +++ b/modules/services/postgresql.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.postgresql; +in +{ + options.my.services.postgresql = with lib; { + enable = my.mkDisableOption "postgres configuration"; + }; + + config = lib.mkMerge [ + # Let other services enable postgres when they need it + (lib.mkIf cfg.enable { + services.postgresql = { + package = pkgs.postgresql_12; + }; + }) + ]; +} From bbb1231ad30fb292e4958ebd00bc081496f056a7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 12:44:42 +0200 Subject: [PATCH 244/654] modules: services: postgres: add migration script The process to upgrade is: * Make sure the version number of the script is one major version over the service version. * Activate the script, rebuild configuration. * Run `upgrade-pg-cluster` as `root`. One can give arguments like `--link` or `--jobs 4` to speedup the process. See documentation for some details. * Change package to new version once the upgrade is finished, rebuild configuration. * Optionally, `ANALYZE` the new database. --- modules/services/postgresql.nix | 43 +++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix index 8da9ab7..3c06098 100644 --- a/modules/services/postgresql.nix +++ b/modules/services/postgresql.nix @@ -5,6 +5,9 @@ in { options.my.services.postgresql = with lib; { enable = my.mkDisableOption "postgres configuration"; + + # Transient option to be enabled for migrations + upgradeScript = mkEnableOption "postgres upgrade script"; }; config = lib.mkMerge [ @@ -14,5 +17,45 @@ in package = pkgs.postgresql_12; }; }) + + # Taken from the manual + (lib.mkIf cfg.upgradeScript { + containers.temp-pg.config.services.postgresql = { + enable = true; + package = pkgs.postgresql_13; + }; + + environment.systemPackages = + let + newpg = config.containers.temp-pg.config.services.postgresql; + in + [ + (pkgs.writeScriptBin "upgrade-pg-cluster" '' + #!/usr/bin/env bash + + set -x + export OLDDATA="${config.services.postgresql.dataDir}" + export NEWDATA="${newpg.dataDir}" + export OLDBIN="${config.services.postgresql.package}/bin" + export NEWBIN="${newpg.package}/bin" + + if [ "$OLDDATA" -ef "$NEWDATA" ]; then + echo "Cannot migrate to same data directory" >&2 + exit 1 + fi + + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" + + systemctl stop postgresql # old one + + sudo -u postgres $NEWBIN/pg_upgrade \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir $OLDBIN --new-bindir $NEWBIN \ + "$@" + '') + ]; + }) ]; } From c3203877464eb80f3514e412acc934bd67eeb3d2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:03:10 +0200 Subject: [PATCH 245/654] modules: services: postgres: upgrade version --- modules/services/postgresql.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix index 3c06098..6f51f3e 100644 --- a/modules/services/postgresql.nix +++ b/modules/services/postgresql.nix @@ -14,7 +14,7 @@ in # Let other services enable postgres when they need it (lib.mkIf cfg.enable { services.postgresql = { - package = pkgs.postgresql_12; + package = pkgs.postgresql_13; }; }) From afb683f1cf644c408cc3cd6554991cc15c875bf6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:17:42 +0200 Subject: [PATCH 246/654] flake: bump inputs And update package names for grafana dashboards to avoid breaking the config. --- flake.lock | 18 +++++++++--------- modules/services/monitoring.nix | 2 +- modules/services/nginx.nix | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index 075d5a4..92fe63d 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1626073055, - "narHash": "sha256-vocByfpVu6m9zvtJugDvmd6/9iT2HJuG4tmDICKd0lI=", + "lastModified": 1627501942, + "narHash": "sha256-rG2PUTgzmXvf/fSDCWKhlRwZjZs1/0TySC5eYHVJrmg=", "owner": "nix-community", "repo": "home-manager", - "rev": "775cb20bd4af7781fbf336fb201df02ee3d544bb", + "rev": "2272fc312d5dc477e70816d94e550d08729b307b", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1626046891, - "narHash": "sha256-Zt8saH+hAehXskW0iFAzk+iMillYoFBxvLReYNqGT9E=", + "lastModified": 1627391865, + "narHash": "sha256-tPoWBO9Nzu3wuX37WcnctzL6LoDCErJLnfLGqqmXCm4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d8f8f31af9d77a48220e4e8a301d1e79774cb7d2", + "rev": "8ecc61c91a596df7d3293603a9c2384190c1b89a", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1626192709, - "narHash": "sha256-REQ9ByMk4crAX37e8YDZOBl9Kxn+nTfnnLwwxczcoP0=", + "lastModified": 1627534577, + "narHash": "sha256-cGVIlBkZZA9VvhXRRrWsTpkesJ/bSlGSPYPxafQVjSU=", "owner": "nix-community", "repo": "NUR", - "rev": "564ec91b61dab796f1af44502ff3a9c124f4d6da", + "rev": "0e1a91ef1d0460adfb5c669a9c0114f46e67956c", "type": "github" }, "original": { diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix index f76337a..a86e2ce 100644 --- a/modules/services/monitoring.nix +++ b/modules/services/monitoring.nix @@ -78,7 +78,7 @@ in dashboards = [ { name = "Node Exporter"; - options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.node-exporter; + options.path = pkgs.nur.repos.alarsyo.grafanaDashboards.node-exporter; disableDeletion = true; } ]; diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index b5d49c1..ac70c48 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -44,7 +44,7 @@ services.grafana.provision.dashboards = [ { name = "NGINX"; - options.path = pkgs.nur.repos.alarsyo.grafana-dashboards.nginx; + options.path = pkgs.nur.repos.alarsyo.grafanaDashboards.nginx; disableDeletion = true; } ]; From e215f7aa1d5b8ebc79a2bdcbafe5b55b33aa00d1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 29 Jul 2021 13:14:55 +0200 Subject: [PATCH 247/654] modules: services: nextcloud: upgrade version --- modules/services/nextcloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index d52e32a..eb2e14e 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -30,7 +30,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud21; + package = pkgs.nextcloud22; hostName = nextcloudDomain; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From 1783c2838b4e7c8c151e5756429ccf2ba3cc96ba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 31 Jul 2021 16:56:20 +0200 Subject: [PATCH 248/654] modules: services: tlp: add power scaling --- modules/services/tlp.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/tlp.nix b/modules/services/tlp.nix index a560319..8c9edd6 100644 --- a/modules/services/tlp.nix +++ b/modules/services/tlp.nix @@ -13,6 +13,10 @@ in enable = true; settings = { + # Set CPU scaling aggressively when power is not an issue + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + # Keep charge between 60% and 80% to preserve battery life START_CHARGE_THRESH_BAT0 = 60; STOP_CHARGE_THRESH_BAT0 = 80; From 55a04cfac371769fb6dbdacf78a92c5d04b89c80 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 31 Jul 2021 20:17:37 +0200 Subject: [PATCH 249/654] pkgs: bw-pass: report errors to stderr Useful in case the script can't prompt using `rofi`. --- pkgs/bw-pass/bw-pass | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/bw-pass/bw-pass b/pkgs/bw-pass/bw-pass index 3fddf1f..124714a 100755 --- a/pkgs/bw-pass/bw-pass +++ b/pkgs/bw-pass/bw-pass @@ -11,6 +11,7 @@ prompt_pass() { } error_out() { + printf '%s\n' "$1" >&2 rofi -dmenu -no-fixed-num-lines -p "$1" exit 1 } From 8c298c26f9a7e12ba5aeb7ca6fe52b1e09baba4a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 7 Aug 2021 12:29:41 +0200 Subject: [PATCH 250/654] pkgs: unified-hosts-lists: 3.6.4 -> 3.8.5 --- pkgs/unified-hosts-lists/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index 4801ad0..9fb052a 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -1,13 +1,13 @@ { lib, fetchFromGitHub, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "unified-hosts-lists"; - version = "3.6.4"; + version = "3.8.5"; src = fetchFromGitHub { owner = "StevenBlack"; repo = "hosts"; rev = version; - sha256 = "sha256-U6vRwbFSYka2VS8M1z0n+FaTkKKwdV/cCWIKxp487/I="; + sha256 = "sha256-7oYuGegrHVUvAvA16iR8OEe5eTMeSybShSa1PJOe5No="; }; phases = [ "installPhase" ]; From eb0c5d5895f7780401f4bc8467de44b2fba0d781 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 8 Aug 2021 18:03:19 +0200 Subject: [PATCH 251/654] pkgs: add drone-scp --- pkgs/default.nix | 2 ++ pkgs/drone-scp/default.nix | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 pkgs/drone-scp/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index ede7620..f307304 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -6,6 +6,8 @@ rec { diff-flake = pkgs.callPackage ./diff-flake { }; + drone-scp = pkgs.callPackage ./drone-scp { }; + ff2mpv-go = pkgs.callPackage ./ff2mpv-go { }; havm = pkgs.callPackage ./havm { }; diff --git a/pkgs/drone-scp/default.nix b/pkgs/drone-scp/default.nix new file mode 100644 index 0000000..863befd --- /dev/null +++ b/pkgs/drone-scp/default.nix @@ -0,0 +1,24 @@ +{ lib, buildGoModule, fetchFromGitHub }: +buildGoModule rec { + pname = "drone-scp"; + version = "1.6.2"; + + src = fetchFromGitHub { + owner = "appleboy"; + repo = "drone-scp"; + rev = "v${version}"; + sha256 = "sha256-PNy1HA2qW4RY/VRHhuj/tIrdTuB7COr0Cuzurku+DZw="; + }; + + vendorSha256 = "sha256-7Aro6g3Tka0Cbi9LpqvKpQXlbxnHQWsMOkkNpENKh0U="; + + doCheck = false; # Needs a specific user... + + meta = with lib; { + description = '' + Copy files and artifacts via SSH using a binary, docker or Drone CI + ''; + homepage = "https://github.com/appleboy/drone-scp"; + license = licenses.mit; + }; +} From 2cc1925346c6aac89766342082163309f715fda3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 9 Aug 2021 19:55:45 +0200 Subject: [PATCH 252/654] modules: services: backup: fix exclude files I was using the wrong option... Somehow it didn't error out. --- modules/services/backup.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/services/backup.nix b/modules/services/backup.nix index da45b5e..8462289 100644 --- a/modules/services/backup.nix +++ b/modules/services/backup.nix @@ -92,9 +92,9 @@ in services.restic.backups.backblaze = { # Take care of included and excluded files paths = cfg.paths; - extraOptions = with builtins; with lib;[ - (optionalString ((length cfg.exclude) != 0) excludeArg) - ]; + extraBackupArgs = [ ] + ++ lib.optional (builtins.length cfg.exclude != 0) excludeArg + ; # Take care of creating the repository if it doesn't exist initialize = true; # Hijack S3-related env to give B2 API key From 1335bbfe9d6f4d29464f2dc75106aff1f354602e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 11:23:51 +0200 Subject: [PATCH 253/654] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 92fe63d..faf9162 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "futils": { "locked": { - "lastModified": 1623875721, - "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", + "lastModified": 1629284811, + "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", "owner": "numtide", "repo": "flake-utils", - "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", + "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", "type": "github" }, "original": { @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1627501942, - "narHash": "sha256-rG2PUTgzmXvf/fSDCWKhlRwZjZs1/0TySC5eYHVJrmg=", + "lastModified": 1629347633, + "narHash": "sha256-FGZJ7lmTAMIkjdrh6dIPck5HuB4KMT2GgDV5ZjiCWoc=", "owner": "nix-community", "repo": "home-manager", - "rev": "2272fc312d5dc477e70816d94e550d08729b307b", + "rev": "bf6b85136b47ab1a76df4a90ea4850871147494a", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1627391865, - "narHash": "sha256-tPoWBO9Nzu3wuX37WcnctzL6LoDCErJLnfLGqqmXCm4=", + "lastModified": 1629292755, + "narHash": "sha256-5xMo32NVLnloY9DveqwJO/Cab1+PbTMPqU4WMmawX5M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8ecc61c91a596df7d3293603a9c2384190c1b89a", + "rev": "253aecf69ed7595aaefabde779aa6449195bebb7", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1627534577, - "narHash": "sha256-cGVIlBkZZA9VvhXRRrWsTpkesJ/bSlGSPYPxafQVjSU=", + "lastModified": 1629359626, + "narHash": "sha256-of3obB9km+QnrBpWHm1b1k33qQOqNB0c8grkVcXNP7o=", "owner": "nix-community", "repo": "NUR", - "rev": "0e1a91ef1d0460adfb5c669a9c0114f46e67956c", + "rev": "805c0d529efe652fa85f92527bec68ce26a08723", "type": "github" }, "original": { From ec6b31f4a6d475fe94cbbdc4b598f842c6979c7c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 11:56:32 +0200 Subject: [PATCH 254/654] modules: services: add navidrome --- modules/services/default.nix | 1 + modules/services/navidrome.nix | 62 ++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 modules/services/navidrome.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 29ae034..4760ab1 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -15,6 +15,7 @@ ./matrix.nix ./miniflux.nix ./monitoring.nix + ./navidrome.nix ./nextcloud.nix ./nginx.nix ./pirate.nix diff --git a/modules/services/navidrome.nix b/modules/services/navidrome.nix new file mode 100644 index 0000000..779884e --- /dev/null +++ b/modules/services/navidrome.nix @@ -0,0 +1,62 @@ +# A FLOSS self-hosted, subsonic compatible music server +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.navidrome; + domain = config.networking.domain; + navidromeDomain = "music.${config.networking.domain}"; +in +{ + options.my.services.navidrome = with lib; { + enable = mkEnableOption "Navidrome Music Server"; + + settings = mkOption { + type = (pkgs.formats.json { }).type; + default = { }; + example = { + "LastFM.ApiKey" = "MYKEY"; + "LastFM.Secret" = "MYSECRET"; + "Spotify.ID" = "MYKEY"; + "Spotify.Secret" = "MYSECRET"; + }; + description = '' + Additional settings. + ''; + }; + + privatePort = mkOption { + type = types.port; + default = 4533; + example = 8080; + description = "Internal port for webui"; + }; + + musicFolder = mkOption { + type = types.str; + example = "/mnt/music/"; + description = "Music folder"; + }; + }; + + config = lib.mkIf cfg.enable { + services.navidrome = { + enable = true; + + settings = cfg.settings // { + Port = cfg.privatePort; + Address = "127.0.0.1"; # Behind reverse proxy, so only loopback + MusicFolder = cfg.musicFolder; + LogLevel = "info"; + }; + }; + + services.nginx.virtualHosts."${navidromeDomain}" = { + forceSSL = true; + useACMEHost = domain; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString cfg.privatePort}/"; + proxyWebsockets = true; + }; + }; + }; +} From fe720b2de36a2df88c75d66eb817e1d6b4a8d9e7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 11:57:11 +0200 Subject: [PATCH 255/654] machines: porthos: services: enable navidrome --- machines/porthos/services.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index c702c84..ac33819 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -80,6 +80,11 @@ in builtins.toFile "grafana.txt" my.secrets.monitoring.password; # Insecure, I don't care }; }; + # FLOSS music streaming server + navidrome = { + enable = true; + musicFolder = "/data/media/music"; + }; # Nextcloud self-hosted cloud nextcloud = { enable = true; From 13684ecdc4b70c3c886efa72f78e7647b852c3f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 14:26:32 +0200 Subject: [PATCH 256/654] modules: services: backup: make it verbose --- modules/services/backup.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/backup.nix b/modules/services/backup.nix index 8462289..88c7fde 100644 --- a/modules/services/backup.nix +++ b/modules/services/backup.nix @@ -92,7 +92,7 @@ in services.restic.backups.backblaze = { # Take care of included and excluded files paths = cfg.paths; - extraBackupArgs = [ ] + extraBackupArgs = [ "--verbose=2" ] ++ lib.optional (builtins.length cfg.exclude != 0) excludeArg ; # Take care of creating the repository if it doesn't exist From 30fc01b5ae44bbe395dce75bd106bad862c468cc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 14:27:06 +0200 Subject: [PATCH 257/654] modules: services: nextcloud: exclude previews --- modules/services/nextcloud.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index eb2e14e..d615903 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -70,6 +70,10 @@ in paths = [ config.services.nextcloud.home ]; + exclude = [ + # image previews can take up a lot of space + "${config.services.nextcloud.home}/data/appdata_*/preview" + ]; }; }; } From a48303e66de1a97d3a82914a92e45a0ab7a3f9a0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 20 Aug 2021 20:03:30 +0200 Subject: [PATCH 258/654] home: add gdb --- home/default.nix | 1 + home/gdb/default.nix | 17 +++++++++++++++++ home/gdb/gdbinit | 22 ++++++++++++++++++++++ 3 files changed, 40 insertions(+) create mode 100644 home/gdb/default.nix create mode 100644 home/gdb/gdbinit diff --git a/home/default.nix b/home/default.nix index efc4a81..2668156 100644 --- a/home/default.nix +++ b/home/default.nix @@ -10,6 +10,7 @@ ./firefox ./flameshot.nix ./gammastep.nix + ./gdb ./git ./gpg.nix ./gtk.nix diff --git a/home/gdb/default.nix b/home/gdb/default.nix new file mode 100644 index 0000000..da9434e --- /dev/null +++ b/home/gdb/default.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.gdb; +in +{ + options.my.home.gdb = with lib; { + enable = my.mkDisableOption "gdb configuration"; + }; + + config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + gdb + ]; + + xdg.configFile."gdb/gdbinit".source = ./gdbinit; + }; +} diff --git a/home/gdb/gdbinit b/home/gdb/gdbinit new file mode 100644 index 0000000..8f55b9a --- /dev/null +++ b/home/gdb/gdbinit @@ -0,0 +1,22 @@ + # Keep a history of all commands in each directory +set history save on + +# Enable those pretty-printers +enable pretty-printer + +# Pretty formatting of structures +set print pretty on +# Show derived type based on VTable +set print object on +# Show static members +set print static-members on +# Show VTable +set print vtbl on +# Demangle types +set print demangle on + +# Read python scrips in the load path +set auto-load python-scripts + +# Allow autoloading project-local .gdbinit files +add-auto-load-safe-path ~/git/ From 1a436fd9626982f9cd588ec6ad622eae0688d229 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 20 Aug 2021 21:22:27 +0200 Subject: [PATCH 259/654] home: gdb: fix auto-load safe path --- home/gdb/gdbinit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/gdb/gdbinit b/home/gdb/gdbinit index 8f55b9a..c45c6d2 100644 --- a/home/gdb/gdbinit +++ b/home/gdb/gdbinit @@ -19,4 +19,4 @@ set print demangle on set auto-load python-scripts # Allow autoloading project-local .gdbinit files -add-auto-load-safe-path ~/git/ +set auto-load safe-path ~/git/ From 5916ae631d387b3e46eae5f022107bebab654d16 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 21 Aug 2021 01:13:14 +0200 Subject: [PATCH 260/654] home: gdb: add rr --- home/gdb/default.nix | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/home/gdb/default.nix b/home/gdb/default.nix index da9434e..c498048 100644 --- a/home/gdb/default.nix +++ b/home/gdb/default.nix @@ -5,13 +5,34 @@ in { options.my.home.gdb = with lib; { enable = my.mkDisableOption "gdb configuration"; + + rr = { + enable = my.mkDisableOption "rr configuration"; + + package = mkOption { + type = types.package; + default = pkgs.rr; + defaultText = literalExample "pkgs.rr"; + description = '' + Package providing rr + ''; + }; + }; }; - config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - gdb - ]; + config = lib.mkMerge [ + (lib.mkIf cfg.enable { + home.packages = with pkgs; [ + gdb + ]; - xdg.configFile."gdb/gdbinit".source = ./gdbinit; - }; + xdg.configFile."gdb/gdbinit".source = ./gdbinit; + }) + + (lib.mkIf cfg.rr.enable { + home.packages = [ + cfg.rr.package + ]; + }) + ]; } From 3fd487bbd26b6af444c66160f97cad80d8f0160a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 22 Aug 2021 15:02:54 +0200 Subject: [PATCH 261/654] home: gdb: fix configuration path Turns out the latest version of `gdb` does not yet look for its configuration in `XDG_CONFIG_HOME`... --- home/gdb/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/gdb/default.nix b/home/gdb/default.nix index c498048..f6db2e7 100644 --- a/home/gdb/default.nix +++ b/home/gdb/default.nix @@ -26,7 +26,11 @@ in gdb ]; + # FIXME: waiting for commit 64aaad6349d2b2c45063a5383f877ce9a3a0c354 xdg.configFile."gdb/gdbinit".source = ./gdbinit; + + # FIXME: remove once `gdb` is updated from version 10.2 + home.file.".gdbinit".source = ./gdbinit; }) (lib.mkIf cfg.rr.enable { From 3919a87d9e19fe9544947bf15fe2b06c1cdaf804 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 25 Aug 2021 12:22:21 +0200 Subject: [PATCH 262/654] home: zsh: do not share history accross shells It's more annoying than helpful... --- home/zsh/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 96ec251..27077cf 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -18,7 +18,7 @@ in extended = false; ignoreSpace = true; ignoreDups = true; - share = true; + share = false; path = "${config.xdg.dataHome}/zsh/zsh_history"; }; From d21087ddcd615f27dacf0ea128417adcedb8ee4f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 25 Aug 2021 12:44:42 +0200 Subject: [PATCH 263/654] home: zsh: append to history Otherwise the file is replaced rather than appended to. --- home/zsh/options.zsh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/zsh/options.zsh b/home/zsh/options.zsh index b02ca54..6187f46 100644 --- a/home/zsh/options.zsh +++ b/home/zsh/options.zsh @@ -8,5 +8,7 @@ setopt autopushd pushdminus pushdsilent setopt rcquotes # Single word commands can resume an existing job setopt autoresume +# Append commands to history as they are exectuted +setopt inc_append_history_time # Those options aren't wanted unsetopt beep extendedglob notify From 11fbbd62eba3f7524e2f73ec27fd4ce8cd21ff6a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 25 Aug 2021 12:51:38 +0200 Subject: [PATCH 264/654] home: zsh: clean-up blank in history --- home/zsh/options.zsh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/zsh/options.zsh b/home/zsh/options.zsh index 6187f46..e1e31f4 100644 --- a/home/zsh/options.zsh +++ b/home/zsh/options.zsh @@ -10,5 +10,7 @@ setopt rcquotes setopt autoresume # Append commands to history as they are exectuted setopt inc_append_history_time +# Remove useless whitespace from commands +setopt hist_reduce_blanks # Those options aren't wanted unsetopt beep extendedglob notify From 4f742b69f232e0325f938bf410012e66e295ee13 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Aug 2021 22:25:12 +0200 Subject: [PATCH 265/654] lib: lists: add 'mapFilter' --- lib/lists.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 lib/lists.nix diff --git a/lib/lists.nix b/lib/lists.nix new file mode 100644 index 0000000..a3720bf --- /dev/null +++ b/lib/lists.nix @@ -0,0 +1,13 @@ +{ lib, ... }: +let + inherit (lib) filter; +in +{ + # Filter a list using a predicate function after applying a map. + # + # mapFilter :: + # (value -> bool) + # (any -> value) + # [ any ] + mapFilter = pred: f: attrs: filter pred (map f attrs); +} From b97eff2479814c2c880566cda8b4dcab9480dd1c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Aug 2021 22:26:06 +0200 Subject: [PATCH 266/654] lib: lists: add countValues --- lib/lists.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/lists.nix b/lib/lists.nix index a3720bf..190198e 100644 --- a/lib/lists.nix +++ b/lib/lists.nix @@ -1,8 +1,22 @@ { lib, ... }: let - inherit (lib) filter; + inherit (lib) filter foldl'; in { + # Count the number of appararitions of each value in a list. + # + # countValues :: + # [ any ] -> ({ any = int; }) + countValues = + let + addToCount = acc: x: + let + v = toString x; + in + acc // { ${v} = (acc.${v} or 0) + 1; }; + in + foldl' addToCount { }; + # Filter a list using a predicate function after applying a map. # # mapFilter :: From 81e12969eb48566bbae28d4864abaeee8dcb5c80 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Aug 2021 22:30:44 +0200 Subject: [PATCH 267/654] modules: services: nginx: overhaul modularity This should be all that's needed for almost all my services. --- machines/porthos/services.nix | 3 + modules/services/nginx.nix | 182 ++++++++++++++++++++++++++++++++-- 2 files changed, 175 insertions(+), 10 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index ac33819..cc8672d 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -90,6 +90,9 @@ in enable = true; password = my.secrets.nextcloud.password; }; + nginx = { + enable = true; # FIXME: remove this when done migrating + }; # The whole *arr software suite pirate.enable = true; # Podcast automatic downloader diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index ac70c48..2a64c65 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -1,12 +1,147 @@ -# Configuration shamelessly stolen from [1] -# -# [1]: https://github.com/delroth/infra.delroth.net/blob/master/common/nginx.nix +# A simple abstraction layer for almost all of my services' needs { config, lib, pkgs, ... }: +let + cfg = config.my.services.nginx; + virtualHostOption = with lib; types.submodule { + options = { + subdomain = mkOption { + type = types.str; + example = "dev"; + description = '' + Which subdomain, under config.networking.domain, to use + for this virtual host. + ''; + }; + + port = mkOption { + type = with types; nullOr port; + default = null; + example = 8080; + description = '' + Which port to proxy to, through 127.0.0.1, for this virtual host. + This option is incompatible with `root`. + ''; + }; + + root = mkOption { + type = with types; nullOr path; + default = null; + example = "/var/www/blog"; + description = '' + The root folder for this virtual host. This option is incompatible + with `port`. + ''; + }; + + extraConfig = mkOption { + type = types.attrs; # FIXME: forward type of virtualHosts + example = litteralExample '' + { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; + }; + } + ''; + default = { }; + description = '' + Any extra configuration that should be applied to this virtual host. + ''; + }; + }; + }; +in { - # Whenever something defines an nginx vhost, ensure that nginx defaults are - # properly set. - config = lib.mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ ]) { + options.my.services.nginx = with lib; { + enable = + mkEnableOption "Nginx, activates when `virtualHosts` is not empty" // { + default = builtins.length cfg.virtualHosts != 0; + }; + + monitoring = { + enable = my.mkDisableOption "monitoring through grafana and prometheus"; + }; + + virtualHosts = mkOption { + type = types.listOf virtualHostOption; + default = [ ]; + example = litteralExample '' + [ + { + subdomain = "gitea"; + port = 8080; + } + { + subdomain = "dev"; + root = "/var/www/dev"; + } + { + subdomain = "jellyfin"; + port = 8096; + extraConfig = { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; + }; + }; + } + ] + ''; + description = '' + List of virtual hosts to set-up using default settings. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = [ ] + ++ (lib.flip builtins.map cfg.virtualHosts ({ subdomain, ... } @ args: + let + conflicts = [ "port" "root" ]; + optionsNotNull = builtins.map (v: args.${v} != null) conflicts; + optionsSet = lib.filter lib.id optionsNotNull; + in + { + assertion = builtins.length optionsSet == 1; + message = '' + Subdomain '${subdomain}' must have exactly one of ${ + lib.concatStringsSep ", " (builtins.map (v: "'${v}'") conflicts) + } configured. + ''; + })) + ++ ( + let + ports = lib.my.mapFilter + (v: v != null) + ({ port, ... }: port) + cfg.virtualHosts; + portCounts = lib.my.countValues ports; + nonUniquesCounts = lib.filterAttrs (_: v: v != 1) portCounts; + nonUniques = builtins.attrNames nonUniquesCounts; + mkAssertion = port: { + assertion = false; + message = "Port ${port} cannot appear in multiple virtual hosts."; + }; + in + map mkAssertion nonUniques + ) ++ ( + let + subs = map ({ subdomain, ... }: subdomain) cfg.virtualHosts; + subsCounts = lib.my.countValues subs; + nonUniquesCounts = lib.filterAttrs (_: v: v != 1) subsCounts; + nonUniques = builtins.attrNames nonUniquesCounts; + mkAssertion = v: { + assertion = false; + message = '' + Subdomain '${v}' cannot appear in multiple virtual hosts. + ''; + }; + in + map mkAssertion nonUniques + ) + ; + services.nginx = { enable = true; statusPage = true; # For monitoring scraping. @@ -15,6 +150,33 @@ recommendedOptimisation = true; recommendedTlsSettings = true; recommendedProxySettings = true; + + virtualHosts = + let + domain = config.networking.domain; + mkVHost = ({ subdomain, ... } @ args: lib.nameValuePair + "${subdomain}.${domain}" + (builtins.foldl' lib.recursiveUpdate { } [ + # Base configuration + { + forceSSL = true; + useACMEHost = domain; + } + # Proxy to port + (lib.optionalAttrs (args.port != null) { + locations."/".proxyPass = + "http://127.0.0.1:${toString args.port}"; + }) + # Serve filesystem content + (lib.optionalAttrs (args.root != null) { + inherit (args) root; + }) + # VHost specific configuration + args.extraConfig + ]) + ); + in + lib.my.genAttrs' cfg.virtualHosts mkVHost; }; networking.firewall.allowedTCPPorts = [ 80 443 ]; @@ -22,10 +184,10 @@ # Nginx needs to be able to read the certificates users.users.nginx.extraGroups = [ "acme" ]; - # Use DNS wildcard certificate security.acme = { email = "bruno.acme@belanyi.fr"; acceptTerms = true; + # Use DNS wildcard certificate certs = let domain = config.networking.domain; @@ -40,8 +202,8 @@ }; }; }; - # Setup monitoring - services.grafana.provision.dashboards = [ + + services.grafana.provision.dashboards = lib.mkIf cfg.monitoring.enable [ { name = "NGINX"; options.path = pkgs.nur.repos.alarsyo.grafanaDashboards.nginx; @@ -49,7 +211,7 @@ } ]; - services.prometheus = { + services.prometheus = lib.mkIf cfg.monitoring.enable { exporters.nginx = { enable = true; listenAddress = "127.0.0.1"; From 7032ddef37fcb244d95894c493cc3586b9c9ceb1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 24 Aug 2021 23:05:10 +0200 Subject: [PATCH 268/654] modules: services: use new nginx wrapper And when not possible, document why. Note for the future: there is some repetition in some modules to configure the correct value of the subdomain, which I happen to know will line up correctly thanks to the nginx wrapper. A good way to refactor this in the future would involve avoiding this repetition, allowing use to query the correct domain in some way... --- machines/porthos/services.nix | 3 -- modules/services/blog.nix | 38 +++++++++----------- modules/services/calibre-web.nix | 14 ++++---- modules/services/drone.nix | 21 +++++------ modules/services/flood.nix | 15 ++++---- modules/services/gitea.nix | 60 ++++++++++++++++--------------- modules/services/indexers.nix | 30 ++++++---------- modules/services/jellyfin.nix | 37 ++++++++++--------- modules/services/lohr.nix | 17 ++++----- modules/services/matrix.nix | 57 ++++++++++++++--------------- modules/services/miniflux.nix | 22 +++++------- modules/services/monitoring.nix | 22 ++++-------- modules/services/navidrome.nix | 21 +++++------ modules/services/nextcloud.nix | 11 +++--- modules/services/pirate.nix | 15 +++----- modules/services/podgrab.nix | 15 ++++---- modules/services/rss-bridge.nix | 9 +++-- modules/services/sabnzbd.nix | 15 ++++---- modules/services/transmission.nix | 19 +++++----- 19 files changed, 187 insertions(+), 254 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index cc8672d..ac33819 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -90,9 +90,6 @@ in enable = true; password = my.secrets.nextcloud.password; }; - nginx = { - enable = true; # FIXME: remove this when done migrating - }; # The whole *arr software suite pirate.enable = true; # Podcast automatic downloader diff --git a/modules/services/blog.nix b/modules/services/blog.nix index 0a5fcf1..9149917 100644 --- a/modules/services/blog.nix +++ b/modules/services/blog.nix @@ -4,28 +4,12 @@ let cfg = config.my.services.blog; domain = config.networking.domain; - makeHostInfo = name: { - name = "${name}.${domain}"; - value = "/var/www/${name}"; + makeHostInfo = subdomain: { + inherit subdomain; + root = "/var/www/${subdomain}"; }; - hostsInfo = [ - { - name = domain; - value = "/var/www/blog"; - } - ] ++ builtins.map makeHostInfo [ "cv" "dev" "key" ]; - - hosts = builtins.listToAttrs hostsInfo; - - makeVirtualHost = with lib.attrsets; - name: root: nameValuePair "${name}" { - forceSSL = true; - useACMEHost = domain; - inherit root; - # Make my blog the default landing site - default = (name == domain); - }; + hostsInfo = map makeHostInfo [ "cv" "dev" "key" ]; in { options.my.services.blog = { @@ -33,7 +17,17 @@ in }; config = lib.mkIf cfg.enable { - services.nginx.virtualHosts = with lib.attrsets; - mapAttrs' makeVirtualHost hosts; + services.nginx.virtualHosts = { + # This is not a subdomain, cannot use my nginx wrapper module + ${domain} = { + forceSSL = true; + useACMEHost = domain; + root = "/var/www/blog"; + default = true; # Redirect to my blog + }; + }; + + # Those are all subdomains, no problem + my.services.nginx.virtualHosts = hostsInfo; }; } diff --git a/modules/services/calibre-web.nix b/modules/services/calibre-web.nix index d4d7ece..a62b74c 100644 --- a/modules/services/calibre-web.nix +++ b/modules/services/calibre-web.nix @@ -1,8 +1,6 @@ { config, lib, ... }: let cfg = config.my.services.calibre-web; - domain = config.networking.domain; - calibreDomain = "library.${domain}"; in { options.my.services.calibre-web = with lib; { @@ -39,12 +37,12 @@ in }; }; - services.nginx.virtualHosts."${calibreDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}/"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "library"; + inherit (cfg) port; + } + ]; my.services.backup = { paths = [ diff --git a/modules/services/drone.nix b/modules/services/drone.nix index b1e80ea..7a9b668 100644 --- a/modules/services/drone.nix +++ b/modules/services/drone.nix @@ -6,9 +6,6 @@ let cfg = config.my.services.drone; - domain = config.networking.domain; - droneDomain = "drone.${domain}"; - hasRunner = (name: builtins.elem name cfg.runners); execPkg = pkgs.drone-runner-exec; @@ -59,7 +56,7 @@ in ]; Environment = [ "DRONE_DATABASE_DATASOURCE=postgres:///drone?host=/run/postgresql" - "DRONE_SERVER_HOST=${droneDomain}" + "DRONE_SERVER_HOST=drone.${config.networking.domain}" "DRONE_SERVER_PROTO=https" "DRONE_DATABASE_DRIVER=postgres" "DRONE_SERVER_PORT=:${toString cfg.port}" @@ -91,12 +88,12 @@ in }]; }; - services.nginx.virtualHosts."${droneDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "drone"; + inherit (cfg) port; + } + ]; # Docker runner systemd.services.drone-runner-docker = lib.mkIf (hasRunner "docker") { @@ -107,7 +104,7 @@ in confinement.enable = true; serviceConfig = { Environment = [ - "DRONE_SERVER_HOST=${droneDomain}" + "DRONE_SERVER_HOST=drone.${config.networking.domain}" "DRONE_SERVER_PROTO=https" "DRONE_RUNNER_CAPACITY=10" "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" @@ -156,7 +153,7 @@ in ]; serviceConfig = { Environment = [ - "DRONE_SERVER_HOST=${droneDomain}" + "DRONE_SERVER_HOST=drone.${config.networking.domain}" "DRONE_SERVER_PROTO=https" "DRONE_RUNNER_CAPACITY=10" "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" diff --git a/modules/services/flood.nix b/modules/services/flood.nix index 70988cb..ae8e219 100644 --- a/modules/services/flood.nix +++ b/modules/services/flood.nix @@ -2,9 +2,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.flood; - - domain = config.networking.domain; - webuiDomain = "flood.${domain}"; in { options.my.services.flood = with lib; { @@ -43,11 +40,11 @@ in }; }; - services.nginx.virtualHosts."${webuiDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "flood"; + inherit (cfg) port; + } + ]; }; } diff --git a/modules/services/gitea.nix b/modules/services/gitea.nix index ea739d5..0ece12c 100644 --- a/modules/services/gitea.nix +++ b/modules/services/gitea.nix @@ -2,8 +2,6 @@ { config, lib, ... }: let cfg = config.my.services.gitea; - domain = config.networking.domain; - giteaDomain = "gitea.${config.networking.domain}"; in { options.my.services.gitea = with lib; { @@ -17,34 +15,38 @@ in }; config = lib.mkIf cfg.enable { - services.gitea = { - enable = true; + services.gitea = + let + giteaDomain = "gitea.${config.networking.domain}"; + in + { + enable = true; - appName = "Ambroisie's forge"; - httpPort = cfg.port; - domain = giteaDomain; - rootUrl = "https://${giteaDomain}"; + appName = "Ambroisie's forge"; + httpPort = cfg.port; + domain = giteaDomain; + rootUrl = "https://${giteaDomain}"; - user = "git"; - lfs.enable = true; + user = "git"; + lfs.enable = true; - useWizard = false; - disableRegistration = true; + useWizard = false; + disableRegistration = true; - # only send cookies via HTTPS - cookieSecure = true; + # only send cookies via HTTPS + cookieSecure = true; - database = { - type = "postgres"; # Automatic setup - user = "git"; # User needs to be the same as gitea user + database = { + type = "postgres"; # Automatic setup + user = "git"; # User needs to be the same as gitea user + }; + + # NixOS module uses `gitea dump` to backup repositories and the database, + # but it produces a single .zip file that's not very backup friendly. + # I configure my backup system manually below. + dump.enable = false; }; - # NixOS module uses `gitea dump` to backup repositories and the database, - # but it produces a single .zip file that's not very backup friendly. - # I configure my backup system manually below. - dump.enable = false; - }; - users.users.git = { description = "Gitea Service"; home = config.services.gitea.stateDir; @@ -60,12 +62,12 @@ in users.groups.git = { }; # Proxy to Gitea - services.nginx.virtualHosts."${giteaDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}/"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "gitea"; + inherit (cfg) port; + } + ]; my.services.backup = { paths = [ diff --git a/modules/services/indexers.nix b/modules/services/indexers.nix index 11d525c..6ee32c0 100644 --- a/modules/services/indexers.nix +++ b/modules/services/indexers.nix @@ -3,10 +3,6 @@ let cfg = config.my.services.indexers; - domain = config.networking.domain; - jackettDomain = "jackett.${config.networking.domain}"; - nzbhydraDomain = "nzbhydra.${config.networking.domain}"; - jackettPort = 9117; nzbhydraPort = 5076; in @@ -29,25 +25,19 @@ in }; }; - - services.nginx.virtualHosts."${jackettDomain}" = - lib.mkIf cfg.jackett.enable { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString jackettPort}/"; - }; - services.nzbhydra2 = lib.mkIf cfg.nzbhydra.enable { enable = true; }; - services.nginx.virtualHosts."${nzbhydraDomain}" = - lib.mkIf cfg.nzbhydra.enable { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString nzbhydraPort}/"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "jackett"; + port = jackettPort; + } + { + subdomain = "nzbhydra"; + port = nzbhydraPort; + } + ]; }; } diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin.nix index 122a70c..771f2c5 100644 --- a/modules/services/jellyfin.nix +++ b/modules/services/jellyfin.nix @@ -2,8 +2,6 @@ { config, lib, ... }: let cfg = config.my.services.jellyfin; - domain = config.networking.domain; - jellyfinDomain = "jellyfin.${config.networking.domain}"; in { options.my.services.jellyfin = { @@ -16,22 +14,23 @@ in group = "media"; }; - # Proxy to Jellyfin - services.nginx.virtualHosts."${jellyfinDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/" = { - proxyPass = "http://127.0.0.1:8096/"; - extraConfig = '' - proxy_buffering off; - ''; - }; - - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "jellyfin"; + port = 8096; + extraConfig = { + locations."/" = { + extraConfig = '' + proxy_buffering off; + ''; + }; + # Too bad for the repetition... + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; + }; + }; + } + ]; }; } diff --git a/modules/services/lohr.nix b/modules/services/lohr.nix index 57f4feb..45ae3d7 100644 --- a/modules/services/lohr.nix +++ b/modules/services/lohr.nix @@ -4,9 +4,6 @@ let cfg = config.my.services.lohr; settingsFormat = pkgs.formats.yaml { }; - domain = config.networking.domain; - lohrDomain = "lohr.${config.networking.domain}"; - lohrPkg = pkgs.ambroisie.lohr; in { @@ -75,13 +72,11 @@ in }; users.groups.lohr = { }; - services.nginx.virtualHosts."${lohrDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}/"; - }; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "lohr"; + inherit (cfg) port; + } + ]; }; } diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 5d81448..4d6394e 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -118,6 +118,35 @@ in ''; }; + my.services.nginx.virtualHosts = [ + # Element Web app deployment + { + subdomain = "chat"; + root = pkgs.element-web.override { + conf = { + default_server_config = { + "m.homeserver" = { + "base_url" = "https://matrix.${domain}"; + "server_name" = domain; + }; + "m.identity_server" = { + "base_url" = "https://vector.im"; + }; + }; + showLabsSettings = true; + defaultCountryCode = "FR"; # cocorico + roomDirectory = { + "servers" = [ + "matrix.org" + "mozilla.org" + ]; + }; + }; + }; + } + ]; + + # Those are too complicated to use my wrapper... services.nginx.virtualHosts = { "matrix.${domain}" = { onlySSL = true; @@ -192,34 +221,6 @@ in return 200 '${builtins.toJSON client}'; ''; }; - - # Element Web app deployment - "chat.${domain}" = { - useACMEHost = domain; - forceSSL = true; - - root = pkgs.element-web.override { - conf = { - default_server_config = { - "m.homeserver" = { - "base_url" = "https://matrix.${domain}"; - "server_name" = domain; - }; - "m.identity_server" = { - "base_url" = "https://vector.im"; - }; - }; - showLabsSettings = true; - defaultCountryCode = "FR"; # cocorico - roomDirectory = { - "servers" = [ - "matrix.org" - "mozilla.org" - ]; - }; - }; - }; - }; }; # For administration tools. diff --git a/modules/services/miniflux.nix b/modules/services/miniflux.nix index 035bfaf..d223850 100644 --- a/modules/services/miniflux.nix +++ b/modules/services/miniflux.nix @@ -2,9 +2,6 @@ { config, lib, ... }: let cfg = config.my.services.miniflux; - - domain = config.networking.domain; - minifluxDomain = "reader.${config.networking.domain}"; in { options.my.services.miniflux = with lib; { @@ -23,7 +20,7 @@ in description = "Password of the admin user"; }; - privatePort = mkOption { + port = mkOption { type = types.port; default = 9876; example = 8080; @@ -45,8 +42,8 @@ in config = { # Virtual hosts settings - BASE_URL = "https://${minifluxDomain}"; - LISTEN_ADDR = "localhost:${toString cfg.privatePort}"; + BASE_URL = "https://reader.${config.networking.domain}"; + LISTEN_ADDR = "localhost:${toString cfg.port}"; # I want fast updates POLLING_FREQUENCY = "30"; BATCH_SIZE = "50"; @@ -56,12 +53,11 @@ in }; }; - # Proxy to Jellyfin - services.nginx.virtualHosts."${minifluxDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.privatePort}/"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "reader"; + inherit (cfg) port; + } + ]; }; } diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix index a86e2ce..ba5adf3 100644 --- a/modules/services/monitoring.nix +++ b/modules/services/monitoring.nix @@ -2,9 +2,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.monitoring; - - domain = config.networking.domain; - grafanaDomain = "monitoring.${config.networking.domain}"; in { options.my.services.monitoring = with lib; { @@ -52,7 +49,7 @@ in config = lib.mkIf cfg.enable { services.grafana = { enable = true; - domain = grafanaDomain; + domain = "monitoring.${config.networking.domain}"; port = cfg.grafana.port; addr = "127.0.0.1"; # Proxied through Nginx @@ -115,16 +112,11 @@ in ]; }; - services.nginx = { - virtualHosts.${grafanaDomain} = { - forceSSL = true; - useACMEHost = domain; - - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.grafana.port}"; - proxyWebsockets = true; - }; - }; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "monitoring"; + inherit (cfg.grafana) port; + } + ]; }; } diff --git a/modules/services/navidrome.nix b/modules/services/navidrome.nix index 779884e..6c001fd 100644 --- a/modules/services/navidrome.nix +++ b/modules/services/navidrome.nix @@ -2,8 +2,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.navidrome; - domain = config.networking.domain; - navidromeDomain = "music.${config.networking.domain}"; in { options.my.services.navidrome = with lib; { @@ -23,7 +21,7 @@ in ''; }; - privatePort = mkOption { + port = mkOption { type = types.port; default = 4533; example = 8080; @@ -42,21 +40,18 @@ in enable = true; settings = cfg.settings // { - Port = cfg.privatePort; + Port = cfg.port; Address = "127.0.0.1"; # Behind reverse proxy, so only loopback MusicFolder = cfg.musicFolder; LogLevel = "info"; }; }; - services.nginx.virtualHosts."${navidromeDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.privatePort}/"; - proxyWebsockets = true; - }; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "music"; + inherit (cfg) port; + } + ]; }; } diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index d615903..b66b8ff 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -2,8 +2,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.nextcloud; - domain = config.networking.domain; - nextcloudDomain = "nextcloud.${config.networking.domain}"; in { options.my.services.nextcloud = with lib; { @@ -31,7 +29,7 @@ in services.nextcloud = { enable = true; package = pkgs.nextcloud22; - hostName = nextcloudDomain; + hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; config = { @@ -59,11 +57,10 @@ in after = [ "postgresql.service" ]; }; - services.nginx.virtualHosts."${nextcloudDomain}" = { + # The service above configures the domain, no need for my wrapper + services.nginx.virtualHosts."nextcloud.${config.networking.domain}" = { forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:3000/"; + useACMEHost = config.networking.domain; }; my.services.backup = { diff --git a/modules/services/pirate.nix b/modules/services/pirate.nix index 2eb490b..a2c62ca 100644 --- a/modules/services/pirate.nix +++ b/modules/services/pirate.nix @@ -5,7 +5,6 @@ { config, lib, ... }: let cfg = config.my.services.pirate; - domain = config.networking.domain; ports = { sonarr = 8989; @@ -22,15 +21,8 @@ let }) ports); - redirections = with lib.attrsets; - (mapAttrs' - (service: port: nameValuePair "${service}.${domain}" { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${builtins.toString port}/"; - }) - ports); + redirections = lib.flip lib.mapAttrsToList ports + (subdomain: port: { inherit subdomain port; }); in { options.my.services.pirate = { @@ -38,6 +30,7 @@ in }; config = lib.mkIf cfg.enable { - services = managers // { nginx.virtualHosts = redirections; }; + services = managers; + my.services.nginx.virtualHosts = redirections; }; } diff --git a/modules/services/podgrab.nix b/modules/services/podgrab.nix index 7926fc2..bc16178 100644 --- a/modules/services/podgrab.nix +++ b/modules/services/podgrab.nix @@ -2,9 +2,6 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.podgrab; - - domain = config.networking.domain; - podgrabDomain = "podgrab.${domain}"; in { options.my.services.podgrab = with lib; { @@ -34,11 +31,11 @@ in inherit (cfg) passwordFile port; }; - services.nginx.virtualHosts."${podgrabDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "podgrab"; + inherit (cfg) port; + } + ]; }; } diff --git a/modules/services/rss-bridge.nix b/modules/services/rss-bridge.nix index ad5141b..85e37c2 100644 --- a/modules/services/rss-bridge.nix +++ b/modules/services/rss-bridge.nix @@ -2,8 +2,6 @@ { config, lib, ... }: let cfg = config.my.services.rss-bridge; - domain = config.networking.domain; - rss-bridgeDomain = "rss-bridge.${config.networking.domain}"; in { options.my.services.rss-bridge = { @@ -14,12 +12,13 @@ in services.rss-bridge = { enable = true; whitelist = [ "*" ]; # Whitelist all - virtualHost = rss-bridgeDomain; # Setup virtual host + virtualHost = "rss-bridge.${config.networking.domain}"; }; - services.nginx.virtualHosts."${rss-bridgeDomain}" = { + # The service above configures the domain, no need for my wrapper + services.nginx.virtualHosts."rss-bridge.${config.networking.domain}" = { forceSSL = true; - useACMEHost = domain; + useACMEHost = config.networking.domain; }; }; } diff --git a/modules/services/sabnzbd.nix b/modules/services/sabnzbd.nix index ebeef8b..653f853 100644 --- a/modules/services/sabnzbd.nix +++ b/modules/services/sabnzbd.nix @@ -2,9 +2,6 @@ { config, lib, ... }: let cfg = config.my.services.sabnzbd; - - domain = config.networking.domain; - sabnzbdDomain = "sabnzbd.${domain}"; port = 9090; # NOTE: not declaratively set... in { @@ -18,11 +15,11 @@ in group = "media"; }; - services.nginx.virtualHosts."${sabnzbdDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString port}"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "sabnzbd"; + inherit port; + } + ]; }; } diff --git a/modules/services/transmission.nix b/modules/services/transmission.nix index 29e181b..2f27990 100644 --- a/modules/services/transmission.nix +++ b/modules/services/transmission.nix @@ -6,9 +6,6 @@ { config, lib, ... }: let cfg = config.my.services.transmission; - - domain = config.networking.domain; - webuiDomain = "transmission.${domain}"; in { options.my.services.transmission = with lib; { @@ -34,7 +31,7 @@ in description = "Download base directory"; }; - privatePort = mkOption { + port = mkOption { type = types.port; default = 9091; example = 8080; @@ -63,7 +60,7 @@ in peer-port = cfg.peerPort; rpc-enabled = true; - rpc-port = cfg.privatePort; + rpc-port = cfg.port; rpc-authentication-required = true; rpc-username = cfg.username; @@ -77,12 +74,12 @@ in # Default transmission webui, I prefer combustion but its development # seems to have stalled - services.nginx.virtualHosts."${webuiDomain}" = { - forceSSL = true; - useACMEHost = domain; - - locations."/".proxyPass = "http://127.0.0.1:${toString cfg.privatePort}"; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "transmission"; + inherit (cfg) port; + } + ]; networking.firewall = { allowedTCPPorts = [ cfg.peerPort ]; From 2049e7a2c50a49ae527b8579f04b81f6df39475f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 15:34:52 +0200 Subject: [PATCH 269/654] secrets: allow lists in types --- secrets/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/secrets/default.nix b/secrets/default.nix index 1f2fae8..d0c891c 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -20,6 +20,7 @@ throwOnCanary { int str (attrsOf valueType) + (listOf valueType) ]; in valueType; From 894b57174551e325722bae4e55301688e73d8285 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 14:17:18 +0200 Subject: [PATCH 270/654] secrets: add sso --- secrets/default.nix | 2 ++ secrets/sso/.gitattributes | 1 + secrets/sso/ambroisie/password-hash.txt | Bin 0 -> 83 bytes secrets/sso/ambroisie/totp-secret.txt | Bin 0 -> 75 bytes secrets/sso/auth-key.txt | Bin 0 -> 151 bytes secrets/sso/default.nix | 21 +++++++++++++++++++++ 6 files changed, 24 insertions(+) create mode 100644 secrets/sso/.gitattributes create mode 100644 secrets/sso/ambroisie/password-hash.txt create mode 100644 secrets/sso/ambroisie/totp-secret.txt create mode 100644 secrets/sso/auth-key.txt create mode 100644 secrets/sso/default.nix diff --git a/secrets/default.nix b/secrets/default.nix index d0c891c..5b6c94b 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -58,6 +58,8 @@ throwOnCanary { podgrab.password = fileContents ./podgrab/password.txt; + sso = import ./sso { inherit lib; }; + transmission.password = fileContents ./transmission/password.txt; users = { diff --git a/secrets/sso/.gitattributes b/secrets/sso/.gitattributes new file mode 100644 index 0000000..d4bba55 --- /dev/null +++ b/secrets/sso/.gitattributes @@ -0,0 +1 @@ +/default.nix filter diff diff --git a/secrets/sso/ambroisie/password-hash.txt b/secrets/sso/ambroisie/password-hash.txt new file mode 100644 index 0000000000000000000000000000000000000000..9b2c759b3116766d1b2f9ca81a6cf31c5e1dbb1b GIT binary patch literal 83 zcmZQ@_Y83kiVO&0_~w0~*lm5ox%#Dbp^FJF0%WZi5(NorN i<1gKBc5fmS{Zf}WC!ew0x#iu_PsJhsGUM*QHvs@n^Cr>& literal 0 HcmV?d00001 diff --git a/secrets/sso/auth-key.txt b/secrets/sso/auth-key.txt new file mode 100644 index 0000000000000000000000000000000000000000..785d8d0f92f43a3dfa95dd856655a33beb176a20 GIT binary patch literal 151 zcmZQ@_Y83kiVO&0nETx9_6DP~zyD=$CBJ*{*f)!L&+Ibw1DiideehSh?)j`t_{(+y zj-I5Cmpfc$+Hih6!SwOhso#28?=MU_y3JRsek->ekDE^5%y%cI+x#ec)g)SSRLEn6 zC#%?Rw?`HVdLDb{h|Y' | base32 | tr -d =` + totpSecret = fileContents (./. + "/${user}/totp-secret.txt"); + }); +in +{ + auth_key = fileContents ./auth-key.txt; + + users = lib.flip lib.genAttrs importUser [ + "ambroisie" + ]; + + groups = { + root = [ "ambroisie" ]; + }; +} From dc2a3610a68d708ec4e57b55594314cc1ec5b734 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 15:37:31 +0200 Subject: [PATCH 271/654] modules: services: nginx: enable explicitly --- machines/porthos/services.nix | 3 +++ modules/services/nginx.nix | 5 +---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index ac33819..28b2494 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -90,6 +90,9 @@ in enable = true; password = my.secrets.nextcloud.password; }; + nginx = { + enable = true; + }; # The whole *arr software suite pirate.enable = true; # Podcast automatic downloader diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index 2a64c65..c2c3a4d 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -54,10 +54,7 @@ let in { options.my.services.nginx = with lib; { - enable = - mkEnableOption "Nginx, activates when `virtualHosts` is not empty" // { - default = builtins.length cfg.virtualHosts != 0; - }; + enable = mkEnableOption "Nginx"; monitoring = { enable = my.mkDisableOption "monitoring through grafana and prometheus"; From 70af0ba99a11ffe295054c4d6a598b6dfb9daa60 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 14:53:13 +0200 Subject: [PATCH 272/654] modules: services: nginx: add SSO --- modules/services/nginx.nix | 125 +++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index c2c3a4d..f78c2df 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -34,6 +34,10 @@ let ''; }; + sso = { + enable = mkEnableOption "SSO authentication"; + }; + extraConfig = mkOption { type = types.attrs; # FIXME: forward type of virtualHosts example = litteralExample '' @@ -89,6 +93,22 @@ in List of virtual hosts to set-up using default settings. ''; }; + + sso = { + subdomain = mkOption { + type = types.str; + default = "login"; + example = "auth"; + description = "Which subdomain, to use for SSO."; + }; + + port = mkOption { + type = types.port; + default = 8082; + example = 8080; + description = "Port to use for internal webui."; + }; + }; }; config = lib.mkIf cfg.enable { @@ -170,12 +190,117 @@ in }) # VHost specific configuration args.extraConfig + # SSO configuration + (lib.optionalAttrs args.sso.enable { + extraConfig = (args.extraConfig.extraConfig or "") + '' + error_page 401 = @error401; + ''; + + locations."@error401".return = '' + 302 https://${cfg.sso.subdomain}.${config.networking.domain}/login?go=$scheme://$http_host$request_uri + ''; + + locations."/" = { + extraConfig = + (args.extraConfig.locations."/".extraConfig or "") + '' + # Use SSO + auth_request /sso-auth; + + # Set username through header + auth_request_set $username $upstream_http_x_username; + proxy_set_header X-User $username; + + # Renew SSO cookie on request + auth_request_set $cookie $upstream_http_set_cookie; + add_header Set-Cookie $cookie; + ''; + }; + + locations."/sso-auth" = { + proxyPass = "http://localhost:${toString cfg.sso.port}/auth"; + extraConfig = '' + # Do not allow requests from outside + internal; + + # Do not forward the request body + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + + # Set X-Application according to subdomain for matching + proxy_set_header X-Application "${subdomain}"; + + # Set origin URI for matching + proxy_set_header X-Origin-URI $request_uri; + ''; + }; + }) ]) ); in lib.my.genAttrs' cfg.virtualHosts mkVHost; + + sso = { + enable = true; + + configuration = { + listen = { + addr = "127.0.0.1"; + inherit (cfg.sso) port; + }; + + cookie = { + domain = ".${config.networking.domain}"; + secure = true; + authentication_key = config.my.secrets.sso.auth_key; + }; + + login = { + title = "Ambroisie's SSO"; + default_method = "simple"; + hide_mfa_field = false; + names = { + simple = "Username / Password"; + }; + }; + + providers = { + simple = + let + applyUsers = lib.flip lib.mapAttrs config.my.secrets.sso.users; + in + { + users = applyUsers (_: v: v.passwordHash); + + mfa = applyUsers (_: v: [{ + provider = "totp"; + attributes = { + secret = v.totpSecret; + }; + }]); + + inherit (config.my.secrets.sso) groups; + }; + }; + + acl = { + rule_sets = [ + { + rules = [{ field = "x-application"; present = true; }]; + allow = [ "@root" ]; + } + ]; + }; + }; + }; }; + my.services.nginx.virtualHosts = [ + { + subdomain = "login"; + inherit (cfg.sso) port; + } + ]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; # Nginx needs to be able to read the certificates From 78064bb2a1910c6fbd0956d8e9290ee0fa10621c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 17:34:26 +0200 Subject: [PATCH 273/654] modules: services: nginx: nginx-sso verbose logs For some reason it still doesn't appear in the systemd log... --- modules/services/nginx.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index f78c2df..e7ab566 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -248,6 +248,23 @@ in inherit (cfg.sso) port; }; + audit_log = { + target = [ + "fd://stdout" + ]; + events = [ + "access_denied" + "login_success" + "login_failure" + "logout" + "validate" + ]; + headers = [ + "x-origin-uri" + "x-application" + ]; + }; + cookie = { domain = ".${config.networking.domain}"; secure = true; From 9aba0d3ce0af402cbeb391711fd7a5403e0fc6ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 21:22:37 +0200 Subject: [PATCH 274/654] home: pager: remove lesspipe I don't use it anymore. --- home/pager.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/home/pager.nix b/home/pager.nix index 9f0dc5e..00d29c0 100644 --- a/home/pager.nix +++ b/home/pager.nix @@ -9,8 +9,6 @@ in config = lib.mkIf cfg.enable { - programs.lesspipe.enable = true; - home.sessionVariables = { # My default pager PAGER = "less"; From a78091c57c35499454037b75381fa91f74729257 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 17:54:15 +0200 Subject: [PATCH 275/654] flake: bump inputs --- flake.lock | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/flake.lock b/flake.lock index faf9162..3125d0e 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "futils": { "locked": { - "lastModified": 1629284811, + "lastModified": 1629481132, "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", + "rev": "997f7efcb746a9c140ce1f13c72263189225f482", "type": "github" }, "original": { @@ -23,11 +23,11 @@ ] }, "locked": { - "lastModified": 1629347633, - "narHash": "sha256-FGZJ7lmTAMIkjdrh6dIPck5HuB4KMT2GgDV5ZjiCWoc=", + "lastModified": 1630294974, + "narHash": "sha256-9e3AKxbCoexrsWFXxQ4QUETNxQlXaffnntEnPOO19oI=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf6b85136b47ab1a76df4a90ea4850871147494a", + "rev": "61ca2fc1c00a275b8bd61582b23195d60fe0fa40", "type": "github" }, "original": { @@ -39,11 +39,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1629292755, - "narHash": "sha256-5xMo32NVLnloY9DveqwJO/Cab1+PbTMPqU4WMmawX5M=", + "lastModified": 1630248577, + "narHash": "sha256-9d/yq96TTrnF7qjA6wPYk+rYjWAXwfUmwk3qewezSeg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "253aecf69ed7595aaefabde779aa6449195bebb7", + "rev": "8d8a28b47b7c41aeb4ad01a2bd8b7d26986c3512", "type": "github" }, "original": { @@ -55,11 +55,11 @@ }, "nur": { "locked": { - "lastModified": 1629359626, - "narHash": "sha256-of3obB9km+QnrBpWHm1b1k33qQOqNB0c8grkVcXNP7o=", + "lastModified": 1630395220, + "narHash": "sha256-Nb5SppZmj+0MH33c2/qdRFqGTo/8g0CTfVtsGZ/sQf0=", "owner": "nix-community", "repo": "NUR", - "rev": "805c0d529efe652fa85f92527bec68ce26a08723", + "rev": "607b9cebfdbf57ec864aacf14efa64fac920016d", "type": "github" }, "original": { From 47d19e5b3f027d25918adcd0d6a8dda8160f1349 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 13:07:51 +0200 Subject: [PATCH 276/654] secrets: add paperless --- secrets/default.nix | 2 ++ secrets/paperless/secretKey.txt | Bin 0 -> 87 bytes 2 files changed, 2 insertions(+) create mode 100644 secrets/paperless/secretKey.txt diff --git a/secrets/default.nix b/secrets/default.nix index 5b6c94b..97d9da0 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -56,6 +56,8 @@ throwOnCanary { nextcloud.password = fileContents ./nextcloud/password.txt; + paperless.secretKey = fileContents ./paperless/secretKey.txt; + podgrab.password = fileContents ./podgrab/password.txt; sso = import ./sso { inherit lib; }; diff --git a/secrets/paperless/secretKey.txt b/secrets/paperless/secretKey.txt new file mode 100644 index 0000000000000000000000000000000000000000..fe31bc4999a48ec5a37340217454c558fb360041 GIT binary patch literal 87 zcmZQ@_Y83kiVO&0aMfD6P4Vn^t+S8fUVr}knLjkQEB_u(4g2krpWZXcc{O)w*)nk% uAJlsim9ukkx0d^(%CL)WXE$4}Ge{|3wBYH_w>oG33$$Hh@HDCReE Date: Thu, 19 Aug 2021 13:05:08 +0200 Subject: [PATCH 277/654] modules: services: add paperless --- modules/services/default.nix | 1 + modules/services/paperless.nix | 113 +++++++++++++++++++++++++++++++++ modules/system/media.nix | 1 + 3 files changed, 115 insertions(+) create mode 100644 modules/services/paperless.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 4760ab1..9f132d0 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -18,6 +18,7 @@ ./navidrome.nix ./nextcloud.nix ./nginx.nix + ./paperless.nix ./pirate.nix ./podgrab.nix ./postgresql-backup.nix diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix new file mode 100644 index 0000000..dd3a98b --- /dev/null +++ b/modules/services/paperless.nix @@ -0,0 +1,113 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.paperless; +in +{ + options.my.services.paperless = with lib; { + enable = mkEnableOption "Paperless service"; + + port = mkOption { + type = types.port; + default = 4535; + example = 8080; + description = "Internal port for webui"; + }; + + secretKey = mkOption { + type = types.str; + example = "e11fl1oa-*ytql8p)(06fbj4ukrlo+n7k&q5+$1md7i+mge=ee"; + description = "Secret key used for sessions tokens"; + }; + + documentPath = mkOption { + type = with types; nullOr str; + default = null; + example = "/mnt/paperless"; + description = '' + Path to the directory to store the documents. Use default if null + ''; + }; + + username = mkOption { + type = types.str; + default = "ambroisie"; + example = "username"; + description = "Name of the administrator"; + }; + }; + + config = lib.mkIf cfg.enable { + services.paperless-ng = { + enable = true; + + port = cfg.port; + + mediaDir = lib.mkIf (cfg.documentPath != null) cfg.documentPath; + + extraConfig = + let + paperlessDomain = "paperless.${config.networking.domain}"; + in + { + # Use SSO + PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; + PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_USER"; + + # Use PostgreSQL + PAPERLESS_DBHOST = "/run/postgresql"; + PAPERLESS_DBUSER = "paperless"; + PAPERLESS_DBNAME = "paperless"; + + # Security settings + PAPERLESS_SECRET_KEY = cfg.secretKey; # Insecure, I don't care + PAPERLESS_ALLOWED_HOSTS = paperlessDomain; + PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}"; + + # OCR settings + PAPERLESS_OCR_LANGUAGE = "fra+eng"; + + # Misc + PAPERLESS_TIME_ZONE = config.time.timeZone; + PAPERLESS_ADMIN_USER = cfg.username; + }; + }; + + # Set-up database + services.postgresql = { + enable = true; + ensureDatabases = [ "paperless" ]; + ensureUsers = [ + { + name = "paperless"; + ensurePermissions."DATABASE paperless" = "ALL PRIVILEGES"; + } + ]; + }; + + systemd.services.paperless-ng-server = { + # Make sure the DB is available + after = [ "postgresql.service" ]; + }; + + + users.users.${config.services.paperless-ng.user} = { + extraGroups = [ "media" ]; + }; + + my.services.nginx.virtualHosts = [ + { + subdomain = "paperless"; + inherit (cfg) port; + sso = { + enable = true; + }; + } + ]; + + my.services.backup = { + paths = [ + config.services.paperless-ng.mediaDir + ]; + }; + }; +} diff --git a/modules/system/media.nix b/modules/system/media.nix index 4ad2fee..630a351 100644 --- a/modules/system/media.nix +++ b/modules/system/media.nix @@ -5,6 +5,7 @@ let mediaServices = with config.my.services; [ calibre-web jellyfin + paperless pirate sabnzbd transmission From 5ae7b593e4cc1a7f2eec8e8b3c53b2a7191298f2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 20:33:27 +0200 Subject: [PATCH 278/654] secrets: add paperless password To be used as a fallback. --- secrets/default.nix | 5 ++++- secrets/paperless/password.txt | Bin 0 -> 55 bytes 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 secrets/paperless/password.txt diff --git a/secrets/default.nix b/secrets/default.nix index 97d9da0..fbc1bfa 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -56,7 +56,10 @@ throwOnCanary { nextcloud.password = fileContents ./nextcloud/password.txt; - paperless.secretKey = fileContents ./paperless/secretKey.txt; + paperless = { + password = fileContents ./paperless/password.txt; + secretKey = fileContents ./paperless/secretKey.txt; + }; podgrab.password = fileContents ./podgrab/password.txt; diff --git a/secrets/paperless/password.txt b/secrets/paperless/password.txt new file mode 100644 index 0000000000000000000000000000000000000000..5e2cb81f855fcb4517cbd1f6ee8adb9b268574d0 GIT binary patch literal 55 zcmZQ@_Y83kiVO&0h}b1>v7hDrDYtK@-)r)9asBQ8<#yiZbkUJ{rUh=_Qtl^Z%YD0h M|F4v7G20q90H7)wBLDyZ literal 0 HcmV?d00001 From 52706ab4c49b6141931b91d7b7e0e193a35b7842 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 20:37:18 +0200 Subject: [PATCH 279/654] modules: services: paperless: add admin password This is a fallback in case SSO stops working... --- modules/services/paperless.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix index dd3a98b..ebb655f 100644 --- a/modules/services/paperless.nix +++ b/modules/services/paperless.nix @@ -34,6 +34,12 @@ in example = "username"; description = "Name of the administrator"; }; + + passwordFile = mkOption { + type = types.str; + example = "/var/lib/paperless/password.txt"; + description = "Read the administrator's password from this path"; + }; }; config = lib.mkIf cfg.enable { @@ -70,6 +76,9 @@ in PAPERLESS_TIME_ZONE = config.time.timeZone; PAPERLESS_ADMIN_USER = cfg.username; }; + + # Admin password + passwordFile = cfg.passwordFile; }; # Set-up database From 8ffad5d41b3ec6fa2ce811ff1aed1479c591af29 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 Aug 2021 13:05:25 +0200 Subject: [PATCH 280/654] machines: porthos: services: enable paperless --- machines/porthos/services.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 28b2494..d26bb10 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -93,6 +93,14 @@ in nginx = { enable = true; }; + paperless = { + enable = true; + documentPath = "/data/media/paperless"; + # Insecure, I don't care + passwordFile = + builtins.toFile "paperless.env" my.secrets.paperless.password; + secretKey = my.secrets.paperless.secretKey; + }; # The whole *arr software suite pirate.enable = true; # Podcast automatic downloader From 808058d576ea24e0574bc16b56cd9a32e798a108 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 30 Aug 2021 21:02:47 +0200 Subject: [PATCH 281/654] modules: services: paperless: proxy websockets --- modules/services/paperless.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix index ebb655f..b22628f 100644 --- a/modules/services/paperless.nix +++ b/modules/services/paperless.nix @@ -110,6 +110,11 @@ in sso = { enable = true; }; + + # Enable websockets on root + extraConfig = { + locations."/".proxyWebsockets = true; + }; } ]; From 8596ce863871d8219b91e8acf1d2aa363aa688db Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 18:29:02 +0200 Subject: [PATCH 282/654] home: wm: i3bar: remove redundant '%' --- home/wm/i3bar.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/wm/i3bar.nix b/home/wm/i3bar.nix index e9c85de..62d0d7b 100644 --- a/home/wm/i3bar.nix +++ b/home/wm/i3bar.nix @@ -40,8 +40,8 @@ in } { block = "battery"; - format = "{percentage}% ({time})"; - full_format = "{percentage}%"; + format = "{percentage} ({time})"; + full_format = "{percentage}"; } { block = "temperature"; From 878c92b67ebdd381e10fe13be8f9c464989fa49b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 18:44:10 +0200 Subject: [PATCH 283/654] pkgs: havm: use 'checkInputs' for test dependency --- pkgs/havm/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/havm/default.nix b/pkgs/havm/default.nix index d8856a5..2e15de7 100644 --- a/pkgs/havm/default.nix +++ b/pkgs/havm/default.nix @@ -10,7 +10,10 @@ stdenv.mkDerivation rec { buildInputs = [ ghc - which # Used by tests + ]; + + checkInputs = [ + which ]; doCheck = true; From 02ffbcf970a1992ea2396dcd8e3510120e2829c3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 18:59:05 +0200 Subject: [PATCH 284/654] pkgs: bw-pass: do not set 'phases' --- pkgs/bw-pass/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/bw-pass/default.nix b/pkgs/bw-pass/default.nix index 95ae0da..b11e7ea 100644 --- a/pkgs/bw-pass/default.nix +++ b/pkgs/bw-pass/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { src = ./bw-pass; - phases = [ "buildPhase" "installPhase" "fixupPhase" ]; - buildInputs = [ makeWrapper shellcheck ]; + dontUnpack = true; + buildPhase = '' shellcheck $src ''; From 4fe18ff4cdafb5f98054246d9aecc19a42d87fc5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 19:00:29 +0200 Subject: [PATCH 285/654] pkgs: comma: give path to source directly --- pkgs/comma/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix index f932863..b034b9a 100644 --- a/pkgs/comma/default.nix +++ b/pkgs/comma/default.nix @@ -3,7 +3,7 @@ stdenvNoCC.mkDerivation rec { pname = "comma"; version = "0.1.0"; - src = ./. + "/comma"; + src = ./comma; phases = [ "buildPhase" "installPhase" "fixupPhase" ]; From 99462199bda9c15f88634a06a557c1be44ff688f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 19:00:46 +0200 Subject: [PATCH 286/654] pkgs: comma: do not set 'phases' --- pkgs/comma/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix index b034b9a..1c10eb2 100644 --- a/pkgs/comma/default.nix +++ b/pkgs/comma/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { src = ./comma; - phases = [ "buildPhase" "installPhase" "fixupPhase" ]; - buildInputs = [ makeWrapper shellcheck ]; + dontUnpack = true; + buildPhase = '' shellcheck $src ''; From 60e977611c5baa03fbb7c260557f4a0afc5d13c9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 19:01:18 +0200 Subject: [PATCH 287/654] pkgs: diff-flake: do not set 'phases' --- pkgs/diff-flake/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/diff-flake/default.nix b/pkgs/diff-flake/default.nix index 090aa6d..c085e67 100644 --- a/pkgs/diff-flake/default.nix +++ b/pkgs/diff-flake/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { src = ./diff-flake; - phases = [ "buildPhase" "installPhase" "fixupPhase" ]; - buildInputs = [ makeWrapper shellcheck ]; + dontUnpack = true; + buildPhase = '' shellcheck $src ''; From 5c1dd6500affe888de6b8051e7f416590cc9036c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 19:50:44 +0200 Subject: [PATCH 288/654] pkgs: havm: use 'nativeBuildInputs' This is the correct one to use for a compiler like 'ghc'. --- pkgs/havm/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/havm/default.nix b/pkgs/havm/default.nix index 2e15de7..51eb9f0 100644 --- a/pkgs/havm/default.nix +++ b/pkgs/havm/default.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-FDi4FZ8rjGqRkFlROtcJsv+mks7MmIXQGV4bZrwkQrA="; }; - buildInputs = [ + nativeBuildInputs = [ ghc ]; From b0e44755863d4a21adb9211a91adae51ff96f9e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 20:08:22 +0200 Subject: [PATCH 289/654] pkgs: i3-get-window-criteria: do not set 'phases' --- pkgs/i3-get-window-criteria/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix index 2e7ce03..acfde93 100644 --- a/pkgs/i3-get-window-criteria/default.nix +++ b/pkgs/i3-get-window-criteria/default.nix @@ -5,13 +5,13 @@ stdenvNoCC.mkDerivation rec { src = ./i3-get-window-criteria; - phases = [ "buildPhase" "installPhase" "fixupPhase" ]; - buildInputs = [ makeWrapper shellcheck ]; + dontUnpack = true; + buildPhase = '' shellcheck $src ''; From add6326fdf101fa2a35da3902d194efb7c9f5bfb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 20:10:41 +0200 Subject: [PATCH 290/654] pkgs: matrix-notifier: do not set 'phases' --- pkgs/matrix-notifier/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkgs/matrix-notifier/default.nix b/pkgs/matrix-notifier/default.nix index a7b3a3c..76765a7 100644 --- a/pkgs/matrix-notifier/default.nix +++ b/pkgs/matrix-notifier/default.nix @@ -10,8 +10,6 @@ stdenvNoCC.mkDerivation rec { sha256 = "sha256-JiKPDrr9wyD2q5Vsac+OkFdvrDkx6mj/oC7XDVnka74="; }; - phases = [ "installPhase" "fixupPhase" ]; - nativeBuildInputs = [ makeWrapper ]; From 5937d439937cf32029c1e90523aef01ade90934b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 20:11:00 +0200 Subject: [PATCH 291/654] pkgs: unbound-zones-adblock: do not set 'phases' --- pkgs/unbound-zones-adblock/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index 2f7ac3f..845c123 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -5,7 +5,7 @@ stdenvNoCC.mkDerivation rec { src = unified-hosts-lists; - phases = [ "installPhase" ]; + dontUnpack = true; installPhase = let From aceb4ef901d410f61fd5da8efff68b5a02c94ef5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 Aug 2021 20:11:11 +0200 Subject: [PATCH 292/654] pkgs: unified-hosts-lists: do not set 'phases' --- pkgs/unified-hosts-lists/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index 9fb052a..0da6354 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -10,7 +10,7 @@ stdenvNoCC.mkDerivation rec { sha256 = "sha256-7oYuGegrHVUvAvA16iR8OEe5eTMeSybShSa1PJOe5No="; }; - phases = [ "installPhase" ]; + dontUnpack = true; installPhase = '' mkdir -p $out From c8633abf6debd23bdc0bb285f13902cf74443c72 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 1 Sep 2021 14:51:27 +0200 Subject: [PATCH 293/654] flake: use 'nativeBuildInputs' --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 252e7bd..5abaac9 100644 --- a/flake.nix +++ b/flake.nix @@ -118,7 +118,7 @@ devShell = pkgs.mkShell { name = "NixOS-config"; - buildInputs = with pkgs; [ + nativeBuildInputs = with pkgs; [ git-crypt gitAndTools.pre-commit gnupg From 9a061086039a75046f3b025aa9dc6ebc4b9aa0c0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 1 Sep 2021 14:52:38 +0200 Subject: [PATCH 294/654] git: remove duplicate ignore directive --- .gitignore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 0a10705..fcf7246 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -.pre-commit-config.yaml -.pre-commit-config.yaml +/.pre-commit-config.yaml From 680d0c9f37026167759f7802efbf735061aee960 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 3 Sep 2021 17:34:34 +0200 Subject: [PATCH 295/654] home: gdb: add nix store to safe path For now, the nix store path is hard-coded rather than substituted. This is useful for pretty-printing C++ types compiled with a different C++ library from my gdb. --- home/gdb/gdbinit | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/gdb/gdbinit b/home/gdb/gdbinit index c45c6d2..bdf7bfd 100644 --- a/home/gdb/gdbinit +++ b/home/gdb/gdbinit @@ -20,3 +20,5 @@ set auto-load python-scripts # Allow autoloading project-local .gdbinit files set auto-load safe-path ~/git/ +# Allow autoloading from the Nix store +set auto-load safe-path /nix/store From ad848ef89dd2d77f4ccfc75b5002282670dcdd0a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 15:33:18 +0200 Subject: [PATCH 296/654] pkgs: make use of scoping This is the way to make sure `callPackage` picks up my custom packages to be used in the set. --- pkgs/default.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkgs/default.nix b/pkgs/default.nix index f307304..4e35cff 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,5 @@ { pkgs }: -rec { +pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; comma = pkgs.callPackage ./comma { }; @@ -24,9 +24,7 @@ rec { volantes-cursors = pkgs.callPackage ./volantes-cursors { }; - unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { - inherit unified-hosts-lists; - }; + unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; unified-hosts-lists = pkgs.callPackage ./unified-hosts-lists { }; -} +}) From ed456c999dd1b5bdd7626edff2d11c252e7c8b4d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 15:57:23 +0200 Subject: [PATCH 297/654] modules: system: remove 'media' It was not the idiomatic way to do this. --- modules/services/calibre-web.nix | 3 +++ modules/services/jellyfin.nix | 3 +++ modules/services/paperless.nix | 3 +++ modules/services/pirate.nix | 2 ++ modules/services/sabnzbd.nix | 3 +++ modules/services/transmission.nix | 3 +++ modules/system/default.nix | 1 - modules/system/media.nix | 17 ----------------- 8 files changed, 17 insertions(+), 18 deletions(-) delete mode 100644 modules/system/media.nix diff --git a/modules/services/calibre-web.nix b/modules/services/calibre-web.nix index a62b74c..d4beff9 100644 --- a/modules/services/calibre-web.nix +++ b/modules/services/calibre-web.nix @@ -37,6 +37,9 @@ in }; }; + # Set-up media group + users.groups.media = { }; + my.services.nginx.virtualHosts = [ { subdomain = "library"; diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin.nix index 771f2c5..2fcf51e 100644 --- a/modules/services/jellyfin.nix +++ b/modules/services/jellyfin.nix @@ -14,6 +14,9 @@ in group = "media"; }; + # Set-up media group + users.groups.media = { }; + my.services.nginx.virtualHosts = [ { subdomain = "jellyfin"; diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix index b22628f..b4e1f44 100644 --- a/modules/services/paperless.nix +++ b/modules/services/paperless.nix @@ -93,6 +93,9 @@ in ]; }; + # Set-up media group + users.groups.media = { }; + systemd.services.paperless-ng-server = { # Make sure the DB is available after = [ "postgresql.service" ]; diff --git a/modules/services/pirate.nix b/modules/services/pirate.nix index a2c62ca..89dba55 100644 --- a/modules/services/pirate.nix +++ b/modules/services/pirate.nix @@ -32,5 +32,7 @@ in config = lib.mkIf cfg.enable { services = managers; my.services.nginx.virtualHosts = redirections; + # Set-up media group + users.groups.media = { }; }; } diff --git a/modules/services/sabnzbd.nix b/modules/services/sabnzbd.nix index 653f853..b9b99cf 100644 --- a/modules/services/sabnzbd.nix +++ b/modules/services/sabnzbd.nix @@ -15,6 +15,9 @@ in group = "media"; }; + # Set-up media group + users.groups.media = { }; + my.services.nginx.virtualHosts = [ { subdomain = "sabnzbd"; diff --git a/modules/services/transmission.nix b/modules/services/transmission.nix index 2f27990..807fc0a 100644 --- a/modules/services/transmission.nix +++ b/modules/services/transmission.nix @@ -72,6 +72,9 @@ in }; }; + # Set-up media group + users.groups.media = { }; + # Default transmission webui, I prefer combustion but its development # seems to have stalled my.services.nginx.virtualHosts = [ diff --git a/modules/system/default.nix b/modules/system/default.nix index a9b251b..2b2bf97 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -6,7 +6,6 @@ ./boot.nix ./documentation.nix ./language.nix - ./media.nix ./nix.nix ./packages.nix ./users.nix diff --git a/modules/system/media.nix b/modules/system/media.nix deleted file mode 100644 index 630a351..0000000 --- a/modules/system/media.nix +++ /dev/null @@ -1,17 +0,0 @@ -# Abstracting away the need for a common 'media' group - -{ config, lib, ... }: -let - mediaServices = with config.my.services; [ - calibre-web - jellyfin - paperless - pirate - sabnzbd - transmission - ]; - needed = builtins.any (service: service.enable) mediaServices; -in -{ - config.users.groups.media = lib.mkIf needed { }; -} From 45321072fc40b94bf7f1ef87401a9a3ac391b374 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 16:47:49 +0200 Subject: [PATCH 298/654] modules: add 'programs' directory --- modules/default.nix | 1 + modules/programs/default.nix | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 modules/programs/default.nix diff --git a/modules/default.nix b/modules/default.nix index 798fb0d..d9c6c68 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,6 +5,7 @@ imports = [ ./hardware ./home.nix + ./programs ./services ./system ]; diff --git a/modules/programs/default.nix b/modules/programs/default.nix new file mode 100644 index 0000000..85be70e --- /dev/null +++ b/modules/programs/default.nix @@ -0,0 +1,8 @@ +# Program-related modules +{ ... }: + +{ + imports = [ + # FIXME + ]; +} From 37bb7fd6256093f2f305c5a4ec672370975ca9fb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 16:48:39 +0200 Subject: [PATCH 299/654] modules: programs: add steam --- modules/programs/default.nix | 2 +- modules/programs/steam.nix | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 modules/programs/steam.nix diff --git a/modules/programs/default.nix b/modules/programs/default.nix index 85be70e..a6f14ed 100644 --- a/modules/programs/default.nix +++ b/modules/programs/default.nix @@ -3,6 +3,6 @@ { imports = [ - # FIXME + ./steam.nix ]; } diff --git a/modules/programs/steam.nix b/modules/programs/steam.nix new file mode 100644 index 0000000..e9f2a2b --- /dev/null +++ b/modules/programs/steam.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +let + cfg = config.my.programs.steam; +in +{ + options.my.programs.steam = with lib; { + enable = mkEnableOption "steam configuration"; + }; + + config = lib.mkIf cfg.enable { + programs.steam = { + enable = true; + }; + }; +} From 5c95ba11136f6025bd26ee59005dc340f0472c51 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 16:49:22 +0200 Subject: [PATCH 300/654] machines: aramis: programs: enable steam --- machines/aramis/default.nix | 1 + machines/aramis/programs.nix | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 machines/aramis/programs.nix diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index bb78127..878f2c9 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -11,6 +11,7 @@ ./home.nix ./networking.nix ./profiles.nix + ./programs.nix ./services.nix ./sound.nix ]; diff --git a/machines/aramis/programs.nix b/machines/aramis/programs.nix new file mode 100644 index 0000000..426ca2a --- /dev/null +++ b/machines/aramis/programs.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + my.programs = { + # Steam configuration + steam.enable = true; + }; +} From 9f3811ea3b76d0feae75540157310351b9d7ce76 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Sep 2021 18:13:47 +0200 Subject: [PATCH 301/654] modules: programs: steam: respect XDG conventions Steam wants to pollute HOME with `.steam*` files and folders, which are useless and annoying. We want to make sure the wrappers are preferred when installing, so use `lib.hiPrio` to ensure they get chosen. --- modules/programs/steam.nix | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/modules/programs/steam.nix b/modules/programs/steam.nix index e9f2a2b..dbdc0ce 100644 --- a/modules/programs/steam.nix +++ b/modules/programs/steam.nix @@ -1,15 +1,39 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.programs.steam; in { options.my.programs.steam = with lib; { enable = mkEnableOption "steam configuration"; + + dataDir = mkOption { + type = types.str; + default = "$XDG_DATA_HOME/steamlib"; + example = "/mnt/steam/"; + description = '' + Which directory should be used as HOME to run steam. + ''; + }; }; config = lib.mkIf cfg.enable { programs.steam = { enable = true; }; + + environment.systemPackages = builtins.map lib.hiPrio [ + # Respect XDG conventions, leave my HOME alone + (pkgs.writeScriptBin "steam" '' + #!/bin/sh + mkdir -p "${cfg.dataDir}" + HOME="${cfg.dataDir}" exec ${pkgs.steam}/bin/steam "$@" + '') + # Same, for GOG and other such games + (pkgs.writeScriptBin "steam-run" '' + #!/bin/sh + mkdir -p "${cfg.dataDir}" + HOME="${cfg.dataDir}" exec ${pkgs.steam-run-native}/bin/steam-run "$@" + '') + ]; }; } From 4a0c10b897ba8aa6c5235a8bbbcae9b13969451a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Sep 2021 21:28:29 +0200 Subject: [PATCH 302/654] modules: system: users: use 'ambroisie' password Do not rely on `my.user.name` which could be changed to a value not available in the secrets. --- modules/system/users.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/users.nix b/modules/system/users.nix index 3897ad7..65c0ed5 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -21,7 +21,7 @@ in }; ${config.my.user.name} = { - inherit (secrets.users.${config.my.user.name}) hashedPassword; + inherit (secrets.users.ambroisie) hashedPassword; description = "Bruno BELANYI"; isNormalUser = true; shell = pkgs.zsh; From bd1a2000feb724f56e84f11c929847dbf80c1591 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Sep 2021 21:30:19 +0200 Subject: [PATCH 303/654] modules: system: users: use 'initialHashedPassword' This is the better option to use in case I want to have a stateless system. --- modules/system/users.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/system/users.nix b/modules/system/users.nix index 65c0ed5..32b46ca 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -17,11 +17,11 @@ in users = { root = { - inherit (secrets.users.root) hashedPassword; + initialHashedPassword = secrets.users.root.hashedPassword; }; ${config.my.user.name} = { - inherit (secrets.users.ambroisie) hashedPassword; + initialHashedPassword = secrets.users.ambroisie.hashedPassword; description = "Bruno BELANYI"; isNormalUser = true; shell = pkgs.zsh; From 3fa14ebe71e8384b90794688bbefc680644ca1e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Sep 2021 21:55:17 +0200 Subject: [PATCH 304/654] lib: attrs: add 'recursiveMerge' --- lib/attrs.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/attrs.nix b/lib/attrs.nix index 84b63c7..75114b2 100644 --- a/lib/attrs.nix +++ b/lib/attrs.nix @@ -1,6 +1,13 @@ { lib, ... }: let - inherit (lib) filterAttrs listToAttrs mapAttrs' nameValuePair; + inherit (lib) + filterAttrs + foldl + listToAttrs + mapAttrs' + nameValuePair + recursiveUpdate + ; in { # Filter a generated set of attrs using a predicate function. @@ -19,6 +26,13 @@ in # attrs genAttrs' = values: f: listToAttrs (map f values); + # Merge a list of attrs recursively, later values override previous ones. + # + # recursiveMerge :: + # [ attrs ] + # attrs + recursiveMerge = foldl recursiveUpdate { }; + # Rename each of the attributes in an attribute set using the mapping function # # renameAttrs :: From c93a9e5a98578ecb6298a5c4cb1704a98b7dadbd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Sep 2021 21:57:47 +0200 Subject: [PATCH 305/654] home: wm: i3: use 'recursiveMerge' --- home/wm/i3.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/wm/i3.nix b/home/wm/i3.nix index 14ec64e..f8080ad 100644 --- a/home/wm/i3.nix +++ b/home/wm/i3.nix @@ -154,7 +154,7 @@ in }; # I don't care for i3's default values, I specify them all explicitly - keybindings = builtins.foldl' (lhs: rhs: lhs // rhs) { } [ + keybindings = lib.my.recursiveMerge [ { # The basics "${modifier}+Return" = "exec ${terminal}"; @@ -298,7 +298,7 @@ in in lib.my.genAttrs' oneToNine createWorkspaceBinding; in - builtins.foldl' (lhs: rhs: lhs // rhs) { } [ + lib.my.recursiveMerge [ (createWorkspaceBindings modifier "workspace number") (createWorkspaceBindings "${modifier}+Shift" "move container to workspace number") { From 2d26b36e31ee449e0f01fdc2b3d41101f838bc22 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Sep 2021 22:11:14 +0200 Subject: [PATCH 306/654] modules: services: nginx: use 'recursiveMerge' --- modules/services/nginx.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index e7ab566..a68c8b9 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -173,7 +173,7 @@ in domain = config.networking.domain; mkVHost = ({ subdomain, ... } @ args: lib.nameValuePair "${subdomain}.${domain}" - (builtins.foldl' lib.recursiveUpdate { } [ + (lib.my.recursiveMerge [ # Base configuration { forceSSL = true; From bad9b8a06b1e24f732a32c5122af14d435e549ea Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 00:18:19 +0200 Subject: [PATCH 307/654] lib: modules: document 'mapModules' --- lib/modules.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/modules.nix b/lib/modules.nix index 92e8476..455015b 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -5,6 +5,14 @@ let inherit (self.attrs) mapFilterAttrs; in { + # Find all nix modules in a directory, discard any prefixed with "_", + # map a function to each resulting path, and generate an attribute set + # to associate module name to resulting value. + # + # mapModules :: + # path + # (path -> any) + # attrs mapModules = dir: fn: mapFilterAttrs (n: v: From 8467fda721733b881d81c9cee250a2860c365e09 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 00:54:00 +0200 Subject: [PATCH 308/654] lib: modules: refactor 'mapModules' Introduce the recursive version of this function, then refactor to reduce repetition. --- lib/modules.nix | 49 ++++++++++++++++++++++++++++++++++--------------- 1 file changed, 34 insertions(+), 15 deletions(-) diff --git a/lib/modules.nix b/lib/modules.nix index 455015b..5b8c4c3 100644 --- a/lib/modules.nix +++ b/lib/modules.nix @@ -3,6 +3,31 @@ let inherit (builtins) readDir pathExists; inherit (lib) hasPrefix hasSuffix nameValuePair removeSuffix; inherit (self.attrs) mapFilterAttrs; + + implOptionalRecursion = recurse: + let + recurseStep = + if recurse + then (n: path: fn: nameValuePair n (impl path fn)) + else (_: _: _: nameValuePair "" null); + impl = dir: fn: + mapFilterAttrs + (n: _: n != "" && !(hasPrefix "_" n)) + (n: v: + let + path = "${toString dir}/${n}"; + in + if v == "directory" + then + if pathExists "${path}/default.nix" + then nameValuePair n (fn path) + else recurseStep n path fn + else if v == "regular" && n != "default.nix" && hasSuffix ".nix" n + then nameValuePair (removeSuffix ".nix" n) (fn path) + else nameValuePair "" null) + (readDir dir); + in + impl; in { # Find all nix modules in a directory, discard any prefixed with "_", @@ -13,19 +38,13 @@ in # path # (path -> any) # attrs - mapModules = dir: fn: - mapFilterAttrs - (n: v: - v != null && - !(hasPrefix "_" n)) - (n: v: - let path = "${toString dir}/${n}"; in - if v == "directory" && pathExists "${path}/default.nix" - then nameValuePair n (fn path) - else if v == "regular" && - n != "default.nix" && - hasSuffix ".nix" n - then nameValuePair (removeSuffix ".nix" n) (fn path) - else nameValuePair "" null) - (readDir dir); + mapModules = implOptionalRecursion false; + + # Recursive version of mapModules. + # + # mapModulesRec :: + # path + # (path -> any) + # attrs + mapModulesRec = implOptionalRecursion true; } From 604b99a7ac6ab29e38aa2d01bdb40ebaeb170701 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 00:57:46 +0200 Subject: [PATCH 309/654] lib: remove 'with self;' --- lib/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/default.nix b/lib/default.nix index 9014f85..fa37c23 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -12,8 +12,7 @@ let }; mylib = makeExtensible (self: - with self; mapModules ./. - (file: import file { inherit self lib pkgs inputs; }) + mapModules ./. (file: import file { inherit self lib pkgs inputs; }) ); in mylib.extend (self: super: From 9d362655e20dc368a5993859e26fb3b0bf1ff047 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 01:01:29 +0200 Subject: [PATCH 310/654] pkgs: remove unused arguments --- pkgs/nolimips/default.nix | 2 +- pkgs/unbound-zones-adblock/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/nolimips/default.nix b/pkgs/nolimips/default.nix index 2a1dc33..65d847d 100644 --- a/pkgs/nolimips/default.nix +++ b/pkgs/nolimips/default.nix @@ -1,4 +1,4 @@ -{ lib, fetchurl, gnulib, stdenv }: +{ lib, fetchurl, stdenv }: stdenv.mkDerivation rec { pname = "nolimips"; version = "0.11"; diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index 845c123..ecec917 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -1,4 +1,4 @@ -{ lib, fetchFromGitHub, gawk, stdenvNoCC, unified-hosts-lists }: +{ lib, gawk, stdenvNoCC, unified-hosts-lists }: stdenvNoCC.mkDerivation rec { name = "unbound-zones-adblock"; version = unified-hosts-lists.version; From 68be7743adbcf23f50d16f633dce74201720a243 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 01:04:34 +0200 Subject: [PATCH 311/654] machines: remove unused arguments --- machines/aramis/default.nix | 2 +- machines/aramis/services.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/aramis/default.nix b/machines/aramis/default.nix index 878f2c9..e2211f4 100644 --- a/machines/aramis/default.nix +++ b/machines/aramis/default.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ ... }: { imports = [ diff --git a/machines/aramis/services.nix b/machines/aramis/services.nix index 30dc47d..0287c30 100644 --- a/machines/aramis/services.nix +++ b/machines/aramis/services.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ ... }: { config.my.services = { wireguard = { From 75312c747bbeb7a831361de50f2fdca6d7f7a13a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 01:15:40 +0200 Subject: [PATCH 312/654] modules: remove unused arguments --- modules/hardware/upower.nix | 2 +- modules/services/paperless.nix | 2 +- modules/services/podgrab.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/hardware/upower.nix b/modules/hardware/upower.nix index f21b9d2..95fa282 100644 --- a/modules/hardware/upower.nix +++ b/modules/hardware/upower.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.hardware.upower; in diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix index b4e1f44..0e29325 100644 --- a/modules/services/paperless.nix +++ b/modules/services/paperless.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.services.paperless; in diff --git a/modules/services/podgrab.nix b/modules/services/podgrab.nix index bc16178..9793d60 100644 --- a/modules/services/podgrab.nix +++ b/modules/services/podgrab.nix @@ -1,5 +1,5 @@ # A simple podcast fetcher -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.services.podgrab; in From 3d10461a6e716094c1011bbc4883feffda0f111d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 01:16:04 +0200 Subject: [PATCH 313/654] home: remove unused arguments --- home/mail/msmtp.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/mail/msmtp.nix b/home/mail/msmtp.nix index 3e725e8..c469982 100644 --- a/home/mail/msmtp.nix +++ b/home/mail/msmtp.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.home.mail.msmtp; in From 673ead7863bec924ffc3ba7c971423c9b5d02e27 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 01:13:23 +0200 Subject: [PATCH 314/654] home: ssh: add missing 'mkIf cfg.enable' --- home/ssh.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/ssh.nix b/home/ssh.nix index 22f85d3..3bd7f28 100644 --- a/home/ssh.nix +++ b/home/ssh.nix @@ -7,7 +7,7 @@ in enable = mkDisableOption "ssh configuration"; }; - config.programs.ssh = { + config.programs.ssh = lib.mkIf cfg.enable { enable = true; matchBlocks = { From df302465c9deb121a59f44e93a0d55ebb243d083 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 20:12:18 +0200 Subject: [PATCH 315/654] home: remove unused 'secrets' module --- home/default.nix | 1 - home/secrets/.gitattributes | 3 --- home/secrets/canary | Bin 32 -> 0 bytes home/secrets/default.nix | 31 ------------------------------- 4 files changed, 35 deletions(-) delete mode 100644 home/secrets/.gitattributes delete mode 100644 home/secrets/canary delete mode 100644 home/secrets/default.nix diff --git a/home/default.nix b/home/default.nix index 2668156..fee7a8b 100644 --- a/home/default.nix +++ b/home/default.nix @@ -23,7 +23,6 @@ ./packages.nix ./pager.nix ./power-alert.nix - ./secrets # Home-manager specific secrets ./ssh.nix ./terminal ./tmux.nix diff --git a/home/secrets/.gitattributes b/home/secrets/.gitattributes deleted file mode 100644 index a741d4d..0000000 --- a/home/secrets/.gitattributes +++ /dev/null @@ -1,3 +0,0 @@ -* filter=git-crypt diff=git-crypt -.gitattributes !filter !diff -/default.nix !filter !diff diff --git a/home/secrets/canary b/home/secrets/canary deleted file mode 100644 index e910ea3aafe746337b1ea57a9ff37d62d58d350f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 32 ocmZQ@_Y83kiVO&0c*b>ed6DJsmgBoNPv87j#HqYCqGs6~0N0cb+yDRo diff --git a/home/secrets/default.nix b/home/secrets/default.nix deleted file mode 100644 index 76ec2cf..0000000 --- a/home/secrets/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib, ... }: - -with lib; -let - throwOnCanary = - let - canaryHash = builtins.hashFile "sha256" ./canary; - expectedHash = - "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; - in - if canaryHash != expectedHash - then throw "Secrets are not readable. Have you run `git-crypt unlock`?" - else id; -in -throwOnCanary { - options.my.secrets = mkOption { - type = - let - valueType = with types; oneOf [ - int - str - (attrsOf valueType) - ]; - in - valueType; - }; - - config.my.secrets = { - # Home-manager secrets go here - }; -} From 1e3c633c72ef733376f1508b116ea5cbb28b3173 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:30:51 +0200 Subject: [PATCH 316/654] flake: add 'agenix' --- flake.lock | 22 ++++++++++++++++++++++ flake.nix | 11 +++++++++++ 2 files changed, 33 insertions(+) diff --git a/flake.lock b/flake.lock index 3125d0e..775651c 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,26 @@ { "nodes": { + "agenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1631896269, + "narHash": "sha256-DAyCxJ8JacayOzGgGSfzrn7ghtsfL/EsCyk1NEUaAR8=", + "owner": "ryantm", + "repo": "agenix", + "rev": "daf1d773989ac5d949aeef03fce0fe27e583dbca", + "type": "github" + }, + "original": { + "owner": "ryantm", + "ref": "master", + "repo": "agenix", + "type": "github" + } + }, "futils": { "locked": { "lastModified": 1629481132, @@ -95,6 +116,7 @@ }, "root": { "inputs": { + "agenix": "agenix", "futils": "futils", "home-manager": "home-manager", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index 5abaac9..84186e0 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,16 @@ { description = "NixOS configuration with flakes"; inputs = { + agenix = { + type = "github"; + owner = "ryantm"; + repo = "agenix"; + ref = "master"; + inputs = { + nixpkgs.follows = "nixpkgs"; + }; + }; + futils = { type = "github"; owner = "numtide"; @@ -47,6 +57,7 @@ outputs = inputs @ { self + , agenix , futils , home-manager , nixpkgs From 018394b61d9656a719052a05a0a4696ef6556b2d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:31:43 +0200 Subject: [PATCH 317/654] secrets: import 'agenix' module --- secrets/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/secrets/default.nix b/secrets/default.nix index fbc1bfa..5baf964 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ inputs, lib, ... }: with lib; let @@ -13,6 +13,10 @@ let else id; in throwOnCanary { + imports = [ + inputs.agenix.nixosModules.age + ]; + options.my.secrets = mkOption { type = let From 8a2aad9b544edb464d638e10ed61c3d7422aa1fe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 18:52:26 +0200 Subject: [PATCH 318/654] secrets: migrate to agenix It is finally time to graduate to an actually secure, stateless solution. --- secrets/.gitattributes | 2 + secrets/acme/dns-key.age | 10 ++++ secrets/backup/credentials.age | 9 ++++ secrets/backup/password.age | 8 ++++ secrets/drone/gitea.age | 10 ++++ secrets/drone/secret.age | 9 ++++ secrets/drone/ssh/key.pub | Bin 765 -> 0 bytes secrets/drone/ssh/private-key.age | Bin 0 -> 3799 bytes secrets/lohr/secret.age | 9 ++++ secrets/matrix/mail.age | 9 ++++ secrets/matrix/secret.age | 9 ++++ secrets/miniflux/credentials.age | Bin 0 -> 477 bytes secrets/monitoring/password.age | 10 ++++ secrets/nextcloud/password.age | Bin 0 -> 440 bytes secrets/paperless/password.age | 10 ++++ secrets/paperless/secret-key.age | 10 ++++ secrets/podgrab/password.age | 9 ++++ secrets/secrets.nix | 49 ++++++++++++++++++++ secrets/sso/ambroisie/password-hash.age | Bin 0 -> 459 bytes secrets/sso/ambroisie/totp-secret.age | Bin 0 -> 442 bytes secrets/sso/auth-key.age | Bin 0 -> 483 bytes secrets/transmission/credentials.age | 10 ++++ secrets/users/ambroisie/hashed-password.age | 9 ++++ secrets/users/root/hashed-password.age | Bin 0 -> 581 bytes secrets/wireguard/.gitattributes | 1 + secrets/wireguard/aramis/private-key.age | Bin 0 -> 417 bytes secrets/wireguard/porthos/private-key.age | 10 ++++ secrets/wireguard/richelieu/private-key.age | 10 ++++ 28 files changed, 203 insertions(+) create mode 100644 secrets/acme/dns-key.age create mode 100644 secrets/backup/credentials.age create mode 100644 secrets/backup/password.age create mode 100644 secrets/drone/gitea.age create mode 100644 secrets/drone/secret.age delete mode 100644 secrets/drone/ssh/key.pub create mode 100644 secrets/drone/ssh/private-key.age create mode 100644 secrets/lohr/secret.age create mode 100644 secrets/matrix/mail.age create mode 100644 secrets/matrix/secret.age create mode 100644 secrets/miniflux/credentials.age create mode 100644 secrets/monitoring/password.age create mode 100644 secrets/nextcloud/password.age create mode 100644 secrets/paperless/password.age create mode 100644 secrets/paperless/secret-key.age create mode 100644 secrets/podgrab/password.age create mode 100644 secrets/secrets.nix create mode 100644 secrets/sso/ambroisie/password-hash.age create mode 100644 secrets/sso/ambroisie/totp-secret.age create mode 100644 secrets/sso/auth-key.age create mode 100644 secrets/transmission/credentials.age create mode 100644 secrets/users/ambroisie/hashed-password.age create mode 100644 secrets/users/root/hashed-password.age create mode 100644 secrets/wireguard/aramis/private-key.age create mode 100644 secrets/wireguard/porthos/private-key.age create mode 100644 secrets/wireguard/richelieu/private-key.age diff --git a/secrets/.gitattributes b/secrets/.gitattributes index a741d4d..7ca9979 100644 --- a/secrets/.gitattributes +++ b/secrets/.gitattributes @@ -1,3 +1,5 @@ * filter=git-crypt diff=git-crypt .gitattributes !filter !diff /default.nix !filter !diff +/secrets.nix !filter !diff +*.age !filter !diff diff --git a/secrets/acme/dns-key.age b/secrets/acme/dns-key.age new file mode 100644 index 0000000..97d397c --- /dev/null +++ b/secrets/acme/dns-key.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg 0bz3W8QcGaulxy+kDmM717jTthQpFOCwV9HkenFJEyo +NKeh1/JkX4WAWbOjUeKLMbsyCevnDf3a70FfYUav26c +-> ssh-ed25519 jPowng Q59ybJMMteOSB6hZ5m6UPP0N2p8jrDSu5vBYwPgGcRw +j420on2jSsfMsv4MDtiOTMIFjaXV7sIsrS+g4iab+68 +-> z}.q-grease s2W ssh-ed25519 cKojmg YlDuj9wwBKSHHvQOhfti1ah95vxDV3bLE+GElBkyTB0 +KsMyd3L4GaQa0eDQps+bJXj+cpy0zUNvFXU8NAmtThI +-> ssh-ed25519 jPowng JB4UtNyZab4ab4Pep3acyMjwCbluuEPuI6YOQ/045Fo +P9qnrPDGpHJL1TyNqYdNfqkd21Yjn/5mlovorWy60j4 +-> _6l|s-grease M ]2qMsa'w P] j0EE +W3CToUTg +--- 8aWYUi33mEIKFcFbphlDZumnBu9Xbj+j18dQbElx1v8 +3$m(TKeAZ>dn:-킥h.(U!rx D3493~Ȼf{L ƣ>^vl-=䣐U'(,#;H@M%|ʦ \ No newline at end of file diff --git a/secrets/backup/password.age b/secrets/backup/password.age new file mode 100644 index 0000000..3af9fbe --- /dev/null +++ b/secrets/backup/password.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg dgS4bezgtDi44R1A8am+J6zh80kUVYTo1heaxJCtzX4 +F3w/62xwtqYa40NU7OvF9pnZzYz/5hACAGJfMA4e2zw +-> ssh-ed25519 jPowng lx81CK3yeNp9RjHCUFJeKYZlRzxBmXuADVBvRc13zCI +P7e75t8xU+ZkYmeQ8mmMfyZZsRdG1J8yrvSUkiWzkFQ +-> *z4/`-grease S/)a{e sFd";= +--- 15FVhqRTkoPFEeETRRyFQhsv4Fn19Ozlax0u8Zy9mNA +#+vS4}R%ίF4fnDJZA,_ \ No newline at end of file diff --git a/secrets/drone/gitea.age b/secrets/drone/gitea.age new file mode 100644 index 0000000..d1c14e7 --- /dev/null +++ b/secrets/drone/gitea.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg vLLu1kbzyGxr5sU/Dl4xf0uGO+gVsvODiqEJU21lwyI +LbJO4Go+8G7/UtFWjv+x7Nqhn7n+kge/oHP8dGCBnM8 +-> ssh-ed25519 jPowng obxX4ojPwp/DaerFzVbK5hUnshebh/chriT3a7uqYEw +x9jpbBefJZHz8o1lEkr48XhT7sVAM5tq3tZ8M91CDDo +-> eZ.G`B3W-grease 6k|.\v +D0u3P4oCpPNnueqZAAYn71xEUGWlavwLTrEXJ+2tdYOX6BwwFReOlMZWIA+FikmZ +8Pg7dHnbYPWc33jMjv3UnNsxCGUsDw9C9NkI5vfZSLvUxQ +--- Cea09ivsGZeoWif7xbdrvfoGsoiD+tRh7HQsOL75cqE +tFa|G,o6$U"wi߹Swgh6^*=[g1%Vup-{`P(?&QV#KeX4dK:xt0LsbÆ6ޜ [ #E[>)|cwq+cw1$^I(wG9>jI(y!@OƉkEz]Pk \ No newline at end of file diff --git a/secrets/drone/secret.age b/secrets/drone/secret.age new file mode 100644 index 0000000..c529200 --- /dev/null +++ b/secrets/drone/secret.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg 1+cLlzctgcM0FnVDwMPOAqBkvMcDBRg8SvCw4djI93Y +oV2XI4f1AvM9P591kZZ6NgJXa+SDtqGzCSgc4psOmxM +-> ssh-ed25519 jPowng Ufjfh1p350XxRPg95+/DHdmnl4lC0bbzUUlaxd1Bmxc +/RHwFDSn2ov+60r1uHUigrsn99+GmmKmlk4h4T2gbA0 +-> *Lc$@-grease +pzVJAHy1qRq3jUrnFV0DDO7/hwV1US4Ogf0RsrVfX0xzbr73uJ003YjieVB25LqN +--- ME7/iVevyiguyhXugbkVFGzJV0yDccyKNlWbEZa/FmY +YXjb2und;i0X]0jLPT~^kc$DrufreOո+p&wϨ \ No newline at end of file diff --git a/secrets/drone/ssh/key.pub b/secrets/drone/ssh/key.pub deleted file mode 100644 index ca1b5e82b9728bd52f282384f892bd32fbc69e84..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 765 zcmZQ@_Y83kiVO&0FxD;zapK5!HNVz-X+`miowIJU{Zwi;Jlk|kD}piMFsEGh(q*h& zjcaCaYvD~hWtgu| zQ-PFYM!%jVNtSy2lZp!B$ou#??uaPAb_~bWl>JMU1fD-AJ-G?rMje<+qXRV~;b$2Hk##m8&asSIq)T}LmRSitV(z4^k4 zy$|D~jDz;9OQ~B|!?8qS*~M)2u$>3D z`CVj>>b>-zx9R7XZm0AVj+2?#|M-o^^JXrCZFq+vj#~lXm^^Fs;-{ zz5OKz*X9kApT0Wz=kwm`z|-=6O8k+0`_`G6tyZ6q?R494Ca(n3x2_kz>?fb$?73qN$ z<@dL>AKv@VQ%$}9%(H81S6@Uuj<|P5N+daV&H4k%>1%jwId^$_T3tC_`%`HCxt0Af zvc3kl?tOjHQgtMcEqJk0yJYeXulOQ4^R$U&^CNdFioJNyT(luz9uHsVk?a5GM5uVy zAC{P*f2|{Dd;2z{h1b89NI$w*);>MJ+3L6X^Cb;|7frS^?8#?c^TcGEjGa;C4evAjhhTv$lJElIjtQ1)u^@q!jJ9k=A2 z=Tk-I{ohucx@UJ?+vKxXDyR7*RnK~75mD%VBwRJB&AGzVRwAYAv07h~_?@SP-`fB8 f*vU>0j@p#nyztKHbL)a8RK1k{d6u#7@$Ym1B7k_W diff --git a/secrets/drone/ssh/private-key.age b/secrets/drone/ssh/private-key.age new file mode 100644 index 0000000000000000000000000000000000000000..0211701ba0ee3d8ef341b6d69d70ccaa25b8379b GIT binary patch literal 3799 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;@NW2`?`+ zPsvL6@G|jp@hZ%UO3L;q%Zo4!s&bAj3-wF$O?S>MaP@c3%;t(nPc}*Rbj)*&2-45? zt$}K!Jt=vC5xwJIW zA|k`2FfTVh!ptQ@Kg1nMm~MJeYGQG!LVTr>LU~SJgonL}f|{R~t%47i zuTO=UkCS(1s;R4!M{bIDZc2V+MpAKpl!u|CpIMcUaam5TV^ErRS&nbENkv*vWk5<; zepp^|kcE-AYd}>lm#(g^LXd?~nR`)WzGJ3&MqX;Fe@I1;WkF!6nY&M+ziEzJc$sUk zn`LpaftPt8*MVa{E@+%JKU2KHS^m_5%||zQ+rRbaOg>X{_QmSIrWLO5UFA-5ewp!) zOSUxdeO!O3NZE|HhgF(a%uR4S^y^miX_>(81G^Qr{f;d;`E1?RdpiFwWGnh7Ik?^b zA7v8hwmQ0f%F*Rsd=ghVa?P9$OxSnP;KuPCEw3#;>xx?5SikVx7T*ekph=ADtS4~Z zm@#RKQbNz+i-%r*opJY{hDwJ`(}tv~n+*aL7cVq=nU-)u;2o$>Y^_xHqCU%njTxvV#L z$-CKi&g%5PmY){KuuP$l0hj~oKM@6Ir&!WrZZ=xDL&ccq58q`$HUlI`4vV{jc3Ca zyFc#{-0;lLuHcDJmf^wGXH3E^j@|5>E_i1(ukpb^VX1%}0`K4T-&_3t+(n*~Z=)ht z-l*kS>QsK-T%UQ}#VHy0ABRbwMY4{ulX| zDG9711~R9oZsXgc_O+HjIrz|a=QfMm-oi_j~>BZT__>%&v0J^c(V(dQ(}JtXUYoZV4kVd#>D!z_qN~1i5}1 zCa}!d!Lf+lFwt6(FWP>4{-=9qR&8_<_cXJd=$N)M{)@j#WkY-;~-%VQlvpG}G9 z%oYqkb^rde_D{3=QY}-I7%bPDZiu|MC1B|lwWYT2rmxz$t0i+s{F3jk(V4T2qE4Q? zS-=`SeYRqO_SeXJ7x)%P3!JF?xaTCd{yGiUzBghMV}8B+zbZqn$oRtAyM|J;I$o)* zWi`kQoI5q<&duZNPO$~vT03$dSm^7+q~PbXQs zglQ~w`}5iP;+-QMPqxYhBuudPdiN+;f!`=^p2^C0o4%gcvDl_Kjm>0f2kSDHNw*{Q zzr0tre-$>%{)pi3z&+(@%%QU4*7mG69~GGs8|Kg7{wVnPtOduKCU4%bO3H8T@8Fc{ z@`qkskKty$QTBABk%e1`$#>?G+Vbh|zVP;*{~T%}ulitu)C!iSna>>`ucF0{jn)F{jQ&(xL;JY1+n?LzDPm-}q`26+29KlTv z+iJ27d(2v~b}rY4KgL19M+}{F;y&b%4yZJ+Juj!;(il|Lj@c32ezbZ(e@-YEI3kd-Y-S_eFbgSq4tnFIL&{J?dlL*8R4z zWs4&Y1sT;Uv^f8jHQmG-=#(7YxcU@pr|`*s-lDA^&VLZ86XGrSDXOpWc%_P^-@B;^ z@>NV`*X>_g|7)4L{@(OFVY^vHrvztqd~$Jp_|`Im?Y&lSgWTfq|2tL*Z&>;G(yyzU zk-7^EX2+>b<=FJ`e1@QHU;DqD9V%6}Dy|uK?k1f1cX`RCh_;o!KWkR#Zq><YC%-|0chgCFCW)chikSi&s@CWj?kNZ762H_}nSsUiqA?t38|A^tGED zX1%hhnpAad?X!rJsSi$BhhN@y_uzW_Sw6a%52Y_eKMQvj-oVqWY@ws6bn+%&F6-y- zJLXudoPGMg56?Y6jf*}vB+rwK5Xj0;HLHOm#%RCeR93@>%8zIt?7NX zdAF*qcI>KNdTOJ}*6Vx^8dg`XogTHo-!D;p*_?CA39d@7XZI8bKCks_UnLe}+VFJF zbyuKKUow{pwXSqqutuZYP!y{pru+@kb2nQhPfh)u04KZaRv+tXt6#eh$lu`BY5 z+H&4W3Z6UcdXA+&@^to^Z^lM=*HZ{s`MmH4|Bu zEqU*%{7Gu&nN;5I{U>6+O;p^vZP(<$OQ-Trtuy@3)GBJ6aH_DUeaDuJ`TO5A_uUZ| z^Z8gcQDfK7qmEyn-L+QmGS6QoyudoOwQ%0<8NFR|`}u9#ORvXy{!Gb_4!&T=byGxp z#pMaMbJj*YT)28m%+f!yH#wA35+g&r8QlJrZ<#h=#EwT z{4P(QujkSWzFFGt{dY?K+J0oVx_;GpM?rj~xu!;l?H})Askg2FPCK+F75mw8FqW~i zdCPc|Zk%iR{{`ov5BJTMWkkKsGj+6Y{IS7Tq9*vawA`e5MOYZWXr zimX?k2{lyR!9TC^$>K>f@6hNrt(_5>&F7*^s{&5oH0ceA4gRW~Z{w4s#wkN0SaJBrpb!9JE!ul;pMLGZktQz=Sjam{-E_rO={(K_Z$1Zd}v#B;isfd z_0jZqPH#WyYc4<27T5E?Yn7a>(>j&+<=mbTGd)E07aB?J^Im#1-RJrzcl2Ycle|9 zs#n`57i7QAUU+FC<5N3}vsVS~owWXuy4cw4_;l+=`9+t-?yvD?nJKpR+kvxR%IC&( zRo+`#KX3Q3r(dqW5&5PSU>AGfhI4PWHFk;;Yqk-Egks>qE8v-Ul*&M6+!d5WDH0C-7p{ zqED@F&#l^X?s*mSOYRv>9l5pK;ft2O@D2F(_w9wnoEgcj)6YD;I@5D&(%i~h!E@iA zDZamFs&mQw#gCdly47-v9S_fPOyIm9J^kzvuf0-h93+cBpLr*Jc6sj7&86CAHIJ?* dKeP;5bk>p0qW`T_@y>laN{U{!uw>4i0{~1wH){X@ literal 0 HcmV?d00001 diff --git a/secrets/lohr/secret.age b/secrets/lohr/secret.age new file mode 100644 index 0000000..fa310b4 --- /dev/null +++ b/secrets/lohr/secret.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg HCVbkI26JjkBgm1L2cpunVui0PfHLNfnx6VczErF3A4 +3jEHfT6wUqNNFZFaVeiNBUhSKZmuKclPmubDMsda5O8 +-> ssh-ed25519 jPowng SyClv9kGtjRKSXdig27tiqp66wD1T8QsHeOD2JQl4QA +8zdtfSJEh5/bfu5tb6M8Jgy5CZPiWD8TLQDpzp6cTr0 +-> 3r2-grease +Lg/G911eZjeZTw5xhqje26vDfJkcSro+gKQ5SUboxLMnaibNi1qTeRLR +--- Q5/fikhVPoK+NFujTso5V7cty4k/dQlzFlz5z9DkzYk + t/WAMu"-!@ E1 R[eh3 ScoBt1Tb3mPTcfeP \ No newline at end of file diff --git a/secrets/matrix/mail.age b/secrets/matrix/mail.age new file mode 100644 index 0000000..1fe3a71 --- /dev/null +++ b/secrets/matrix/mail.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg lmu3MinmydRHD0A/YVRRtopermfoBC8M8cTHfVanY1s +ygrtpZZJ7aeQTblNazpoP7DdifmDxHsE3DFJsIrWX5M +-> ssh-ed25519 jPowng X0cihOc+fBtmtrkEivIHQngdYIobezXEF1x+pHqNzAw +/+sw9x1NWY0anZhDMpAywBPrR0F4XCHaF9e8j/Yo/kI +-> 32;%1s-grease +JafjuSZty6a4NSO/y4y5wHWL8Mw +--- dwCl66vdpsL0MR5NWWvg3JUnQ2QZQBeW0Dj0l5tvOKY +oi,`#uwW%Poubڭcy8 ><FqKÂk0k/h5势F+u eb>1Q2wnWb֖Bi^xur- /ll-=7;j0I%FiA;YUd]KI0( Ag^uG:pkJ:qWSaLw!M4L/ZD-XUbvbP0f9 J`XO!s{QAcc;4Mچݹ lxH&{}zZ9ûXܓg]V0gtw \ No newline at end of file diff --git a/secrets/matrix/secret.age b/secrets/matrix/secret.age new file mode 100644 index 0000000..a287435 --- /dev/null +++ b/secrets/matrix/secret.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg ociW6AZww4nfW0Dw0DB0WNgQbJ3MNkHPPZlA0z+o/mI +THAz89pjyrkxJB9tPQGgEwZrZX9OudWMnyzr0JiwzTA +-> ssh-ed25519 jPowng 1werbtuWK0DUFxq9mAWp/QzMHC1B8UfadutvK6+j9XE +YmAwYo3X00gMB9AyQfOsR82CUPAtxfuzCzP4OyYFxjc +-> 8g-grease N9DR4 .U< +--- Cwh2hPrM2RzRroJRw3XrP1khcpL0leTXfJ+T7WG57To +±jϰLDF xux1 +U/oGgo)*/d"L#RhWP \ No newline at end of file diff --git a/secrets/miniflux/credentials.age b/secrets/miniflux/credentials.age new file mode 100644 index 0000000000000000000000000000000000000000..979015965f433e63c6451fefcfa5511c614dc814 GIT binary patch literal 477 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;<2BOLB2? zDkwDcEH;ZOFex$cO-U|`vdk?FsdOvWPcL&1$hI^~PIS&F_vJE5^A7Mz3-)&P_DwBL z^r_78@pCQk_IJ;z2y=|A%rA*@w@5U#2=K`9^+mTWDWY!hlOZ!!sf)w9ueDsH!B`*)=NA*wfHc zJHpr{EIlCEG{Pg*&CjyJFeF3UJRM}4b4E%;wWV%)QEFmwszRuJRjpB-qJooOUbTXW zJ(qD|pkc66v2U2UsavAIc4}f!nOT`nc({IfVuXpKyJ@IJc9M~Pghg<8WM-&^b0n9p zuC9VXxvPh^WmZK)~+hXL2l4Nf-6 z2?ftxruwM9um2b2RTAG6a+vY1|N2`~l&ur$w=#tEFU`57ld*z#`RSY)tT*SCoZP*` zLt8l7D1TqnpKzY@;PN%{gpHLZ|nS@ Fe*sx+sqO#( literal 0 HcmV?d00001 diff --git a/secrets/monitoring/password.age b/secrets/monitoring/password.age new file mode 100644 index 0000000..410536f --- /dev/null +++ b/secrets/monitoring/password.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg OdLtFHbHbc28rUn47vgsVvXxFNg9nF+9y9R6XOK390Y +yQQYUPQGjN2+xrSqqBYa7/zS618KrVjX5Amw2MFuSLg +-> ssh-ed25519 jPowng NwUjiLtiXVi6XFmht5l1CxEs3gm0oN4vHYwDZyda7Q4 +di6znVjNRO6QdqteVNkeot5Ko2NwWLe6v+zVR3f+o10 +-> 4Vx%\(-grease ^^Z>EC91 R 2BJ d48Wip*s +yPiBgChRF31XgxccQFLO3MzRL7+5s29sfRoF3W1yUX6Bu59MpxD4D+n/jhLcxSH/ +CxW7KaiOctNmPm5tWh6qjmgQ+V4bcAji5vo4FKs40l56cfyueEJj+Q +--- WUGF28zqK9E1AlOeeCtSHxFg6ikRy85gOoLtBd4m0y0 +.|rr>12Sɞ.hww q%i *U^)'qO2ӜmQ7m` \ No newline at end of file diff --git a/secrets/nextcloud/password.age b/secrets/nextcloud/password.age new file mode 100644 index 0000000000000000000000000000000000000000..9fd3c53f866f5e1785e63ec681d2c37ca7762d10 GIT binary patch literal 440 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;>RBsI1aA ztMp8?FbcCU*Y*z%OiL^Yb#V$v%B##u4k}K~C@?G0H#H0j^X2jhC=M}o&niv~b@4Aq z*Eh;9PO=COt0?s;GxMlOjk5F(GfxT0H!}6kh(xz7Dh<$b_rXD=6GdKeE8Y$*{aEDKp$RE7{23 z+tfce&#ycnyDHz)(W1goyTZ%Y!USYnVu-D_m1Bf%dQoa(ajJr9yuNmLL8YNWM!15O zTA*`Ec??&!rFM` ssh-ed25519 cKojmg zhpo89xef68JoeOFWzhdFshrj2BXXUCFPMLVJzv6EyE +fmJxJi5rmyai9qGwDo7iHg4BrObGre96KCpl+g91O6I +-> ssh-ed25519 jPowng INA6EZdy4J1p3QY5mfVOQXiLdOjIDaZR+CZMP+GfkXM +8Nf5soaxY5SEzeJca5kaJkx7ByOvc4NkJVetB7wpEmo +-> xjK'w-grease +f5v0cvlt4JbHlAwDOob86qOInWdlN/oohTg +--- NTGv4rr+MhJ/YeZhVHOjoS1V+zCHFf2itJYfK36R+wE +חJ d o'YFU@ +r7_N$>]hq-F۰qX?| ? \ No newline at end of file diff --git a/secrets/paperless/secret-key.age b/secrets/paperless/secret-key.age new file mode 100644 index 0000000..eae5c56 --- /dev/null +++ b/secrets/paperless/secret-key.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg tZwn2usN6K62oS4vBa6boh9zEp/+cS4chP8boXG6SH4 +Fr3kV8gUDoiDqMxPYWsHyww8umYhQEKhqbVBiVw5NeI +-> ssh-ed25519 jPowng wRbJl4G85obH/GluQBBsXE7MOvooEui65eqHfurvuQs +KqVZMBSyHhkayEdwI6ocmA4qhHY9zYJvg1CEKM1SOa0 +-> 2E"/OFW-grease o Qp3HFe^ +bGhCNicPqt7txqxUiEWXCFs1OuQLqOqHmjHSqYQv919dqYep/xBXzi/aRf3dsdvh +TCJCTvZG31Qxvikp +--- xKJGbdVp+Z5h0vCBleSF2zYYYd2S5i0y4szNqjRwrDY +T /Ni7m4#MhiPޛ-gI%@E(i7Ygk"+㸠(]o@bާ+[Y"BCR[ >-.4db9v \ No newline at end of file diff --git a/secrets/podgrab/password.age b/secrets/podgrab/password.age new file mode 100644 index 0000000..90e2501 --- /dev/null +++ b/secrets/podgrab/password.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg 8rcBI7fYHuA3jO6EzJNFaAj2niIApKDt1HQEv61AKTs +ANxkIX/CeI7t7Zqp6wmjt/D194Z+xpeiidb+qvYzoQU +-> ssh-ed25519 jPowng oruewwTM9X/HjjcmOPcQVdp02rQBlgJPdzvlAffs3T0 +MrO0kaNhjgOkNHuz3NrIMWXNrXOHH9dT/Fk6hoQNKyY +-> COK%H7-grease +6yfI90QurOKlM+kgpW8KZ/iBzDYD9yhNmjG1LQ +--- uArz8eHg8sLO0sdlkM6cELFh+FHiI5BrM0+iXJxxiDo +vvNb@FMMY&/%mt֓dh|ߩ8 ڽ9C/ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix new file mode 100644 index 0000000..dcaa6d6 --- /dev/null +++ b/secrets/secrets.nix @@ -0,0 +1,49 @@ +let + # FIXME: read them from directories + ambroisie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIVd6Oh08iUNb1vTULbxGpevnh++wxsWW9wqhaDryIq ambroisie@agenix"; + users = [ ambroisie ]; + + porthos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGzznQ3LSmBYHx6fXthgMDiTcU5i/Nvj020SbmhzAFb root@porthos"; + machines = [ porthos ]; + + all = users ++ machines; +in +{ + "acme/dns-key.age".publicKeys = all; + + "backup/password.age".publicKeys = all; + "backup/credentials.age".publicKeys = all; + + "drone/gitea.age".publicKeys = all; + "drone/secret.age".publicKeys = all; + "drone/ssh/private-key.age".publicKeys = all; + + "lohr/secret.age".publicKeys = all; + + "matrix/mail.age".publicKeys = all; + "matrix/secret.age".publicKeys = all; + + "miniflux/credentials.age".publicKeys = all; + + "monitoring/password.age".publicKeys = all; + + "nextcloud/password.age".publicKeys = all; + + "paperless/password.age".publicKeys = all; + "paperless/secret-key.age".publicKeys = all; + + "podgrab/password.age".publicKeys = all; + + "sso/auth-key.age".publicKeys = all; + "sso/ambroisie/password-hash.age".publicKeys = all; + "sso/ambroisie/totp-secret.age".publicKeys = all; + + "transmission/credentials.age".publicKeys = all; + + "users/ambroisie/hashed-password.age".publicKeys = all; + "users/root/hashed-password.age".publicKeys = all; + + "wireguard/aramis/private-key.age".publicKeys = all; + "wireguard/porthos/private-key.age".publicKeys = all; + "wireguard/richelieu/private-key.age".publicKeys = all; +} diff --git a/secrets/sso/ambroisie/password-hash.age b/secrets/sso/ambroisie/password-hash.age new file mode 100644 index 0000000000000000000000000000000000000000..10d9eaa37c8cc1c8795083db6f5b34d20a30b9db GIT binary patch literal 459 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;?Btbqq^! zH7`vnFf~mNagGWPb}_E-(suR>HZ}0^@F?;$u&~TGEA%lmG~miI)=mnyaLP^2D2%EI zh_a|MNOyEJ3-T>=b15m#H&4pY*RD$PF3a_D3PraqDIO z*|?x2J<`m=Crmq}Al22h!YL`F+%wq7*ib*mIh`vx-BdfvH7X-Kqd3$eG14>5CoxFd z-_)(bGax^?B)h^fJTl8UDlyNy+Nc!sB0aA|&Wn4fEAp@FLfm#(g^LO_yh zNr+3jXPA4XcT{DtOO9o!d6uE8lb2UnKu)kraCWLsR#|{|iiM>s*WD%M^BT%y92Wlw zUe8gHbfWTm>zNlj^Nn7L2~SE`Fso)403Q;h(EtDd literal 0 HcmV?d00001 diff --git a/secrets/sso/ambroisie/totp-secret.age b/secrets/sso/ambroisie/totp-secret.age new file mode 100644 index 0000000000000000000000000000000000000000..c5ce19b60a266757ce1389831e273adcd6b6abba GIT binary patch literal 442 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;>O;a87n} z333k%aVfGakBG3$2nbIr^)2vl3XiDBN;kJO&T%U!O!KmIF6Z)0_bN>-sxS>OGY&Ql zwJ0(+4mB=u%*$|bF$i{yi0~|R@ps8{E^rI=a7DK*D7MMn{SkxiMeljig#vWs=HHpsA)QvuCA^^N|~ciQmB89L8?b~ zsIjkyud%shNT$9~rMr2Bd8DyHcyLO(OR$eoWN9SV#@2`>DfX4FU(4f-cgy`Yy%Cai zZJ)uuV~bz-ew)v*bb`yhD1}|GJ1_2N+`7Kn*t6%tkE9F%t2wFmb>d!;6_XD+-aZ>E WR1`eZjcH4{na!>bgS|-G)nO`^35tw zG^{dDD#*ymGz<%JO?7j3)y|Eqbgj&Fi*$E(G(op5D9 z%d)6EDKk5uFf^mW%fmZ8+&4QZ$4}qQG|?;4&6CThuqxQZ$=@g>#LvAjuPC`VBFE1> zC)6t=!ztC(q%74fsw6WwCEL`{B@|?vo>O*`NtJGTQEFmwDpy%RP ssh-ed25519 cKojmg mP2H3PWJN6Pv3q6C2wci3KnXjtFAIiuGy0YH0sGIy2g +f43QqyUQfTYznszub47kgc2Mz95zVScTDkwnG3INi9U +-> ssh-ed25519 jPowng fENbu7+FZ1mnQQHQCLm1spLHmsQGlRoJResUJtGzYkY +hX+AqCkLCca6m/aKtGCThi7/mCCz/TZQNJNOlOmlqyA +-> J<-grease +n7+CPRr4oazWnE7yzpJN2ZAI4QrGsAerloP4wNeebjQDx8+IxJq1JE0g3Yi0RxzN +chDccuSPLYk45Ov+SD/qqqFZlQ +--- p81HYw3LFj+qz2kiZsDcevM4ZBfvN743P9Jdi7J9XkM +۱S7VBOlEtq_D,PVFp\"AM}g?/\;y Ӛ(SK \ No newline at end of file diff --git a/secrets/users/ambroisie/hashed-password.age b/secrets/users/ambroisie/hashed-password.age new file mode 100644 index 0000000..09a80f4 --- /dev/null +++ b/secrets/users/ambroisie/hashed-password.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg vOaL2ZKsFEjX9mzQvw8Je7x2Dq8cMhrZEyBTXpH4QnE +HXO4fbWdJsbsRmGq0IYzq8/szObxzpsGfQNNTJ4vNzg +-> ssh-ed25519 jPowng WPxg0pP6O3ZS4dPc1WcDvzig22Fylk3mR/W9STaWbW4 +GuhFwt7M5Lc38q2LC/0eul0yP60UxmWwi9I8ToHv7bE +-> :;V8\-grease ZC#7~eR# P<'e?vI3 9R +lZlb44QiAaIxd0SYiRNT/QRnxxUt7npbksg +--- 9xv4lt8IcGR8jP0UcKYYnTuh1Ix/pqXgDmevkTH9j1A +]c3x w' ` h=XǑg3]~q.Xna*W:,zvyzI }DO=`w7:Rx5$6:",HM"_MMBJeF \ No newline at end of file diff --git a/secrets/users/root/hashed-password.age b/secrets/users/root/hashed-password.age new file mode 100644 index 0000000000000000000000000000000000000000..14986f1b48c218872964e33632da91cd5e7cc931 GIT binary patch literal 581 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;<1v_R4WD z%5Y8gum~#1Ft7;pcJa;%EJ?B~_4G+DGzthw)h{v*%*-nZF6Q!a%FFV}%k?fY%`;Cd z&Mqv|_V+DF&MQkd3ePj}^UQLON{$K*&vf+mD@V62D}G_@=;)7YyrJuoArMBm#nBE!YmDBL78FP+Pz$T&UC+dVSZ!!oV%`qh`%CagvGCefeD=F7MJQ8G^g}%3LdQoa(ajHTbRK9{%MID!`XGnHs zXrV!FPDpB)i(!SiUqw(wX_>jNiA!=$zE`HJN2pmgoUYPT8>Yoc49$E zuxqZdN1;=(VX1jaaZze{d0;k|uCA_vxqqldzK>sKpmw55ikne!Ku$rPhnsIipm|nt zxxTT!WqGKNc5$dnxpq2N+`*UG?asHaC^B2`)osydSZTX2HqPs5ud4F|ws3V3tJD_- z^KM@Go3=mLx7ofgJ?c!1p|+Dk;v~_M>o?~yeq<}*_YuEdYkybwtKVHY2Mwjbvq?|9 zJvxLmzMOLX__O+9&-=Z~;aBnurqS$S=(H$mc4LN{aBQ%y2UebSw-G z3C;8HEUZZKG>^;-&dSg?c5=3eEOT~Fc8YQgu|T&iD@x!G9}3`-7_+dJhVhV(-CA_vTk}&YGQG!g04bQ3|DBDWnh$PEuL2UlNzDuC79Il8b9@slHo@d2y1yVN`aKkw;mfNl=JkR$h8g zfN?~sZ(3lXzgeYYkOkMRps!+`jY^Vk=@}NPTe&WVT+`*c&ANA{LfnGc_Eic|yj5A( w&dE>Ou%<~f=FtLICX4nNsb3wuY~?-+95|eD^u|5!WdGR_7D ssh-ed25519 cKojmg +WwRpd2MzycutQFXyLsr2+GzSgF67Z6UuvyqYZaLd3w +sppt8HzaZP3yxnvnhzjl18Trnz8g3VyXJ6CaVBWd7jA +-> ssh-ed25519 jPowng wanoqGB7T8bim/WZ4IAYViFQoGzaIZSgeoTr3YKpeTY +ihDAdGa1XVW/qQz40V1v7a7iK7tu0EHMa7ayIogpcRw +-> l-grease |PIcZ NIr >0;* +4o8o0bevQZ6uDSx1WxxlDCURbFCM+yK1XPdrb9aztCSvG2a+ne78E42l5rBcoH7I +m51A8uWS4nSj36N/76v6K4kelxKzWUg +--- O6cGbTAVbDcdmPHf7UzfZiyiRtu1yfL4sBI+CkJA1qw +q$`w'SX]?6/N(BNa.H7Ioz/4:sK",7J \ No newline at end of file diff --git a/secrets/wireguard/richelieu/private-key.age b/secrets/wireguard/richelieu/private-key.age new file mode 100644 index 0000000..e796688 --- /dev/null +++ b/secrets/wireguard/richelieu/private-key.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg rYhrpoTaFjLBGtbCXxEK7jZa+KnriEV/kWViIEjmuQs +jHMSjxKIIqjUnpAcEo3JgsieI1iiA5/gKEx8+QFhDgY +-> ssh-ed25519 jPowng 6sQQFvSbWdjgDYSKmJ/CBG+BTzxFghX4SaJ4GyACKWc +OABJuh+Ta8q+G0onF/9bz3xxv4zTlHYlF4AjC5P6Y6I +-> xwW|#D`-grease $xYH C m8lBk9 +OBqgvLNIurE0qNaSB7dO2/6dQkVXeLgf/3l9gGlRJ6ynhqwmbXOUa0vyj+OBz27O +uI97+0y1TFAs3HN0Y8nj8LrwsafbDENu99JuVow2OuLKeSqc7sxOQQ +--- 9filSHStPTJJGDLY7AWzIXu/6tK4X0okT522sc4OJTc +M{$:N[ݶ2xy8&J_{RLX`Wͻx*Pr`UpJɔF#YXPS s \ No newline at end of file From 1cf93825b21580bd9ad7f7cf1884ca7539dcf146 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 24 Sep 2021 18:37:36 +0200 Subject: [PATCH 319/654] secrets: register agenix secrets automatically --- secrets/default.nix | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/secrets/default.nix b/secrets/default.nix index 5baf964..ed7cae5 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -1,4 +1,4 @@ -{ inputs, lib, ... }: +{ inputs, lib, options, ... }: with lib; let @@ -30,6 +30,25 @@ throwOnCanary { valueType; }; + config.age = { + secrets = + let + toName = removeSuffix ".age"; + toSecret = name: _: { + file = ./. + "/${name}"; + owner = mkDefault "root"; + }; + convertSecrets = n: v: nameValuePair (toName n) (toSecret n v); + secrets = import ./secrets.nix; + in + lib.mapAttrs' convertSecrets secrets; + + sshKeyPaths = options.age.sshKeyPaths.default ++ [ + # FIXME: hard-coded path, could be inexistent + "/home/ambroisie/.ssh/id_ed25519" + ]; + }; + config.my.secrets = { acme.key = fileContents ./acme/key.env; From db37cea9072b0827fd7c445d5e2d5373610da577 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 12:52:49 +0200 Subject: [PATCH 320/654] modules: services: transmission: secrets w/ file In preparation for the migration to using agenix. --- machines/porthos/services.nix | 8 ++++++-- modules/services/transmission.nix | 21 ++++++++------------- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index d26bb10..4c9ca7d 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -126,8 +126,12 @@ in # Torrent client and webui transmission = { enable = true; - username = "Ambroisie"; - password = my.secrets.transmission.password; + credentialsFile = builtins.toFile "transmission-creds.txt" '' + { + "rpc-username": "Ambroisie", + "rpc-password": "${my.secrets.transmission.password}" + } + ''; }; # Simple, in-kernel VPN wireguard = { diff --git a/modules/services/transmission.nix b/modules/services/transmission.nix index 807fc0a..cac075f 100644 --- a/modules/services/transmission.nix +++ b/modules/services/transmission.nix @@ -11,17 +11,13 @@ in options.my.services.transmission = with lib; { enable = mkEnableOption "Transmission torrent client"; - username = mkOption { + credentialsFile = mkOption { type = types.str; - default = "Ambroisie"; - example = "username"; - description = "Name of the transmission RPC user"; - }; - - password = mkOption { - type = types.str; - example = "password"; - description = "Password of the transmission RPC user"; + example = "/var/lib/transmission/creds.json"; + description = '' + Credential file as an json configuration file to be merged with + the main one. + ''; }; downloadBase = mkOption { @@ -53,6 +49,8 @@ in downloadDirPermissions = "775"; + inherit (cfg) credentialsFile; + settings = { download-dir = "${cfg.downloadBase}/complete"; incomplete-dir = "${cfg.downloadBase}/incomplete"; @@ -63,9 +61,6 @@ in rpc-port = cfg.port; rpc-authentication-required = true; - rpc-username = cfg.username; - rpc-password = cfg.password; # Insecure, but I don't care. - # Proxied behind Nginx. rpc-whitelist-enabled = true; rpc-whitelist = "127.0.0.1"; From ac5fd7f4724b0690caa0464a3e72fbdee90b3cf6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 12:59:24 +0200 Subject: [PATCH 321/654] modules: services: miniflux: use 'credentialsFiles' In preparation for the migration to agenix. --- machines/porthos/services.nix | 5 ++++- modules/services/miniflux.nix | 22 ++++++---------------- 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 4c9ca7d..e5d5eed 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -70,7 +70,10 @@ in }; miniflux = { enable = true; - password = my.secrets.miniflux.password; + credentialsFiles = builtins.toFile "miniflux-creds.txt" '' + ADMIN_USERNAME=Ambroisie + ADMIN_PASSWORD=${my.secrets.miniflux.password} + ''; }; # Various monitoring dashboards monitoring = { diff --git a/modules/services/miniflux.nix b/modules/services/miniflux.nix index d223850..6d9ffc8 100644 --- a/modules/services/miniflux.nix +++ b/modules/services/miniflux.nix @@ -7,17 +7,12 @@ in options.my.services.miniflux = with lib; { enable = mkEnableOption "Miniflux feed reader"; - username = mkOption { + credentialsFiles = mkOption { type = types.str; - default = "Ambroisie"; - example = "username"; - description = "Name of the admin user"; - }; - - password = mkOption { - type = types.str; - example = "password"; - description = "Password of the admin user"; + example = "/var/lib/miniflux/creds.env"; + description = '' + Credential file as an 'EnvironmentFile' (see `systemd.exec(5)`) + ''; }; port = mkOption { @@ -33,12 +28,7 @@ in services.miniflux = { enable = true; - adminCredentialsFile = - # Insecure, I don't care. - builtins.toFile "credentials.env" '' - ADMIN_USERNAME=${cfg.username} - ADMIN_PASSWORD=${cfg.password} - ''; + adminCredentialsFile = cfg.credentialsFiles; config = { # Virtual hosts settings From ca218730ff18e55460df1b73ce200f4eea515ac4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:02:13 +0200 Subject: [PATCH 322/654] modules: services: nextcloud: use 'credentialsfile' In preparation for the migration to agenix. --- machines/porthos/services.nix | 3 ++- modules/services/nextcloud.nix | 11 +++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index e5d5eed..bd92b14 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -91,7 +91,8 @@ in # Nextcloud self-hosted cloud nextcloud = { enable = true; - password = my.secrets.nextcloud.password; + passwordFile = + builtins.toFile "nextcloud-pass.txt" my.secrets.nextcloud.password; }; nginx = { enable = true; diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index b66b8ff..d1461b8 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -18,10 +18,13 @@ in example = "admin"; description = "Name of the admin user"; }; - password = mkOption { + passwordFile = mkOption { type = types.str; - example = "password"; - description = "The admin user's password"; + example = "/var/lib/nextcloud/password.txt"; + description = '' + Path to a file containing the admin's password, must be readable by + 'nextcloud' user. + ''; }; }; @@ -34,7 +37,7 @@ in maxUploadSize = cfg.maxSize; config = { adminuser = cfg.admin; - adminpass = cfg.password; # Insecure, but I don't care + adminpassFile = cfg.passwordFile; dbtype = "pgsql"; dbhost = "/run/postgresql"; overwriteProtocol = "https"; # Nginx only allows SSL From 0f2c20e51dd3b794c0c741fa66a15932ec22eb06 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:15:34 +0200 Subject: [PATCH 323/654] modules: services: paperless: use 'secretKeyFile' In preparation for the migration to agenix. --- machines/porthos/services.nix | 4 +++- modules/services/paperless.nix | 23 +++++++++++++++++++---- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index bd92b14..84f4d2f 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -103,7 +103,9 @@ in # Insecure, I don't care passwordFile = builtins.toFile "paperless.env" my.secrets.paperless.password; - secretKey = my.secrets.paperless.secretKey; + secretKeyFile = builtins.toFile "paperless-key.env" '' + PAPERLESS_SECRET_KEY=${my.secrets.paperless.secretKey} + ''; }; # The whole *arr software suite pirate.enable = true; diff --git a/modules/services/paperless.nix b/modules/services/paperless.nix index 0e29325..2f688ec 100644 --- a/modules/services/paperless.nix +++ b/modules/services/paperless.nix @@ -13,10 +13,12 @@ in description = "Internal port for webui"; }; - secretKey = mkOption { + secretKeyFile = mkOption { type = types.str; - example = "e11fl1oa-*ytql8p)(06fbj4ukrlo+n7k&q5+$1md7i+mge=ee"; - description = "Secret key used for sessions tokens"; + example = "/var/lib/paperless/secret-key.env"; + description = '' + Secret key as an 'EnvironmentFile' (see `systemd.exec(5)`) + ''; }; documentPath = mkOption { @@ -65,7 +67,6 @@ in PAPERLESS_DBNAME = "paperless"; # Security settings - PAPERLESS_SECRET_KEY = cfg.secretKey; # Insecure, I don't care PAPERLESS_ALLOWED_HOSTS = paperlessDomain; PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}"; @@ -81,6 +82,20 @@ in passwordFile = cfg.passwordFile; }; + systemd.services = { + paperless-ng-server.serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; + + paperless-ng-consumer.serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; + + paperless-ng-web.serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; + }; + # Set-up database services.postgresql = { enable = true; From ba10af0644010ff0f6c1b9e66104b3c8aa012def Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:20:22 +0200 Subject: [PATCH 324/654] modules: services: matrix: use 'mailConfigFile' In preparation of the migration to agenix. --- machines/porthos/services.nix | 14 +++++++-- modules/services/matrix.nix | 54 ++++++++--------------------------- 2 files changed, 24 insertions(+), 44 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 84f4d2f..9c74276 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -65,8 +65,18 @@ in # Matrix backend and Element chat front-end matrix = { enable = true; - mail = my.secrets.matrix.mail; - secret = my.secrets.matrix.secret; + mailConfigFile = builtins.toFile "matrix-mail.yaml" '' + email: + smtp_host: "smtp.migadu.com" + smtp_port: 587 + smtp_user: "${my.secrets.matrix.mail.username}" + smtp_pass: "${my.secrets.matrix.mail.password}" + notif_from: "${my.secrets.matrix.mail.notifFrom}" + # Refuse to connect unless the server supports STARTTLS. + require_transport_security: true + ''; + # Only necessary when doing the initial registration + # secret = "change-me"; }; miniflux = { enable = true; diff --git a/modules/services/matrix.nix b/modules/services/matrix.nix index 4d6394e..af26a83 100644 --- a/modules/services/matrix.nix +++ b/modules/services/matrix.nix @@ -20,43 +20,18 @@ in enable = mkEnableOption "Matrix Synapse"; secret = mkOption { - type = types.str; + type = with types; nullOr str; + default = null; example = "deadbeef"; description = "Shared secret to register users"; }; - mail = { - host = mkOption { - type = types.str; - default = "smtp.migadu.com"; - example = "smtp.example.com"; - description = "Which host should be used for SMTP"; - }; - - port = mkOption { - type = types.port; - default = 587; - example = 25; - description = "Which port should be used for SMTP"; - }; - - username = mkOption { - type = types.str; - example = "matrix@example.com"; - description = "Which username should be used to connect"; - }; - - password = mkOption { - type = types.str; - example = "password"; - description = "Which password should be used to connect"; - }; - - notifFrom = mkOption { - type = types.str; - example = ""; - description = "Which address should be used for `From` field"; - }; + mailConfigFile = mkOption { + type = types.str; + example = "/var/lib/matrix/email-config.yaml"; + description = '' + Configuration file for mail setup. + ''; }; }; @@ -106,16 +81,11 @@ in extraConfig = '' experimental_features: spaces_enabled: true - - email: - smtp_host: "${cfg.mail.host}" - smtp_port: ${toString cfg.mail.port} - smtp_user: "${cfg.mail.username}" - smtp_pass: "${cfg.mail.password}" - notif_from: "${cfg.mail.notifFrom}" - # Refuse to connect unless the server supports STARTTLS. - require_transport_security: true ''; + + extraConfigFiles = [ + cfg.mailConfigFile + ]; }; my.services.nginx.virtualHosts = [ From ca5e5a53cd32ebad9a730646c4a244df5cc1b303 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:24:23 +0200 Subject: [PATCH 325/654] modules: services: nginx: use 'credentialsFile' In preparation for the migration to agenix. --- machines/porthos/services.nix | 3 +++ modules/services/nginx.nix | 13 +++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 9c74276..824265c 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -106,6 +106,9 @@ in }; nginx = { enable = true; + acme = { + credentialsFile = builtins.toFile "gandi-key.env" my.secrets.acme.key; + }; }; paperless = { enable = true; diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index a68c8b9..bb773c9 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -60,6 +60,16 @@ in options.my.services.nginx = with lib; { enable = mkEnableOption "Nginx"; + acme = { + credentialsFile = mkOption { + type = types.str; + example = "/var/lib/acme/creds.env"; + description = '' + Gandi API key file as an 'EnvironmentFile' (see `systemd.exec(5)`) + ''; + }; + }; + monitoring = { enable = my.mkDisableOption "monitoring through grafana and prometheus"; }; @@ -330,14 +340,13 @@ in certs = let domain = config.networking.domain; - key = config.my.secrets.acme.key; in with pkgs; { "${domain}" = { extraDomainNames = [ "*.${domain}" ]; dnsProvider = "gandiv5"; - credentialsFile = writeText "key.env" key; # Unsecure, I don't care. + inherit (cfg.acme) credentialsFile; }; }; }; From b6af75419951d16930a2ad27eca8f0625fc6af5b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 14:41:43 +0200 Subject: [PATCH 326/654] modules: services: wireguard: use agenix secrets --- modules/services/wireguard.nix | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/modules/services/wireguard.nix b/modules/services/wireguard.nix index 977c6c5..d919803 100644 --- a/modules/services/wireguard.nix +++ b/modules/services/wireguard.nix @@ -5,9 +5,37 @@ { config, lib, pkgs, ... }: let cfg = config.my.services.wireguard; + secrets = config.age.secrets; hostName = config.networking.hostName; - peers = config.my.secrets.wireguard.peers; + peers = + let + mkPeer = name: attrs: { + inherit (attrs) clientNum publicKey; + privateKeyFile = secrets."wireguard/${name}/private-key".path; + } // lib.optionalAttrs (attrs ? externalIp) { + inherit (attrs) externalIp; + }; + in + lib.mapAttrs mkPeer { + # "Server" + porthos = { + clientNum = 1; + publicKey = "PLdgsizztddri0LYtjuNHr5r2E8D+yI+gM8cm5WDfHQ="; + externalIp = "91.121.177.163"; + }; + + # "Clients" + aramis = { + clientNum = 2; + publicKey = "QJSWIBS1mXTpxYybLlKu/Y5wy0GFbUfn4yPzpF1DZDc="; + }; + + richelieu = { + clientNum = 3; + publicKey = "w4IADAj2Tt7Qe95a0RxDv9ovg/Dr/f3q1LrVOPF48Rk="; + }; + }; thisPeer = peers."${hostName}"; thisPeerIsServer = thisPeer ? externalIp; # Only connect to clients from server, and only connect to server from clients @@ -26,8 +54,7 @@ let "${v4.subnet}.${toString thisPeer.clientNum}/${toString v4.mask}" "${v6.subnet}::${toString thisPeer.clientNum}/${toHexString v6.mask}" ]; - # Insecure, I don't care - privateKey = thisPeer.privateKey; + inherit (thisPeer) privateKeyFile; peers = let From 409e0ef35745a55ea87cc8a5c47dcd86155d5820 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 12:46:58 +0200 Subject: [PATCH 327/654] modules: system: users: use agenix secrets --- modules/system/users.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/system/users.nix b/modules/system/users.nix index 32b46ca..b36114f 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -1,7 +1,7 @@ # User setup { config, lib, pkgs, ... }: let - secrets = config.my.secrets; + secrets = config.age.secrets; cfg = config.my.system.users; groupExists = grp: builtins.hasAttr grp config.users.groups; groupsIfExist = builtins.filter groupExists; @@ -17,11 +17,11 @@ in users = { root = { - initialHashedPassword = secrets.users.root.hashedPassword; + passwordFile = secrets."users/root/hashed-password".path; }; ${config.my.user.name} = { - initialHashedPassword = secrets.users.ambroisie.hashedPassword; + passwordFile = secrets."users/ambroisie/hashed-password".path; description = "Bruno BELANYI"; isNormalUser = true; shell = pkgs.zsh; From 875a3d85870e98dfd04529f57e4dc983f0519e4f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 14:45:16 +0200 Subject: [PATCH 328/654] machines: porthos: users: use clear-text ssh key --- machines/porthos/ssh/drone.pub | 1 + machines/porthos/users.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 machines/porthos/ssh/drone.pub diff --git a/machines/porthos/ssh/drone.pub b/machines/porthos/ssh/drone.pub new file mode 100644 index 0000000..d1f971c --- /dev/null +++ b/machines/porthos/ssh/drone.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWVUvOT1/triPcj7wiLAmiVkPZ71crySbReetHaGxMYYdKNFurJQsP6BqsdCAwrGbduLUDJovLtjOM7SxghjkGqh2RZucj/zqpja8YoFqYTcLutlqa1NwUqQTq21azKBDSdvkBPWWyZhOKssnag+0bZRN3vVajoDrwAU6zJLhHh9eNESTEytAnZnllXsHB1dKF1p7FWVwYTGAc1PdHHSQNMkjg9aCM+VBzTHhp8nF+GOtGzt0A0XnoZGdhn6KqhKyH7KxwPMmeD3RNeCEmQY/TXjthOx/mBkgTEa8LWOBxdy/Rs6edUenvPcQ5tK5nX0GSxxqtbORlhT+tGiqq1UHeIUhXirBUaS7pnDo+Edc0m8ruLcwHwyQ5yVn2ts3daKxb87+PyjYiRxxeQXvbF84ef7ZOkLTEn0tnftFHLqszBfOjoV1DmMNSWPDULD3krObzNbr1I0xHE7bDRXw2t8L1cwHOLHTL9KwsTCw1d25JSxINp2wAZxlGVZLXoXVMKTjfx1xSGbUuRzA1Q6+1IH9WDvSSixDzvc2Dqnj91/xardivApK+T+OxTBurwWsxzEezIAbTCpoKW9ulzu06xWGWhxATkzUmVh/qhFUHAVlmhEvn0KqlYbWteEcUxgKS1uSAoA6+pZh5NMG1u1hLEktBQbDnS0VdyKYBUHZidLuR4w== ambroisie@porthos diff --git a/machines/porthos/users.nix b/machines/porthos/users.nix index 1a26e3c..645c942 100644 --- a/machines/porthos/users.nix +++ b/machines/porthos/users.nix @@ -10,6 +10,6 @@ in group = "nginx"; createHome = false; # Messes with permissions home = "/var/www/"; - openssh.authorizedKeys.keys = [ my.secrets.drone.ssh.publicKey ]; + openssh.authorizedKeys.keyFiles = [ ./ssh/drone.pub ]; }; } From c6cc64e1566485202da94ae96f26ac62f661e24c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:10:20 +0200 Subject: [PATCH 329/654] modules: home: put into folder --- modules/default.nix | 2 +- modules/{home.nix => home/default.nix} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename modules/{home.nix => home/default.nix} (91%) diff --git a/modules/default.nix b/modules/default.nix index d9c6c68..d9b4ce2 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -4,7 +4,7 @@ { imports = [ ./hardware - ./home.nix + ./home ./programs ./services ./system diff --git a/modules/home.nix b/modules/home/default.nix similarity index 91% rename from modules/home.nix rename to modules/home/default.nix index 8ae1b3e..4745c0c 100644 --- a/modules/home.nix +++ b/modules/home/default.nix @@ -14,7 +14,7 @@ in config = lib.mkIf cfg.enable { home-manager = { # Not a fan of out-of-directory imports, but this is a good exception - users.${config.my.user.name} = import ../home; + users.${config.my.user.name} = import ../../home; # Nix Flakes compatibility useGlobalPkgs = true; From 62a18cd3f6d596e235ffc33eff966fbda6b92828 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:09:12 +0200 Subject: [PATCH 330/654] modules: programs: put modules into folders --- modules/programs/default.nix | 2 +- modules/programs/{steam.nix => steam/default.nix} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename modules/programs/{steam.nix => steam/default.nix} (100%) diff --git a/modules/programs/default.nix b/modules/programs/default.nix index a6f14ed..73f4e4b 100644 --- a/modules/programs/default.nix +++ b/modules/programs/default.nix @@ -3,6 +3,6 @@ { imports = [ - ./steam.nix + ./steam ]; } diff --git a/modules/programs/steam.nix b/modules/programs/steam/default.nix similarity index 100% rename from modules/programs/steam.nix rename to modules/programs/steam/default.nix From 5c2921e00d094488ba91ae92eaf2045aaed1ed76 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:07:55 +0200 Subject: [PATCH 331/654] modules: system: put modules into folders --- modules/system/{boot.nix => boot/default.nix} | 0 modules/system/default.nix | 12 ++++++------ .../{documentation.nix => documentation/default.nix} | 0 .../system/{language.nix => language/default.nix} | 0 modules/system/{nix.nix => nix/default.nix} | 0 .../system/{packages.nix => packages/default.nix} | 0 modules/system/{users.nix => users/default.nix} | 0 modules/system/{ => users}/ssh/aramis.pub | 0 modules/system/{ => users}/ssh/shared.pub | 0 9 files changed, 6 insertions(+), 6 deletions(-) rename modules/system/{boot.nix => boot/default.nix} (100%) rename modules/system/{documentation.nix => documentation/default.nix} (100%) rename modules/system/{language.nix => language/default.nix} (100%) rename modules/system/{nix.nix => nix/default.nix} (100%) rename modules/system/{packages.nix => packages/default.nix} (100%) rename modules/system/{users.nix => users/default.nix} (100%) rename modules/system/{ => users}/ssh/aramis.pub (100%) rename modules/system/{ => users}/ssh/shared.pub (100%) diff --git a/modules/system/boot.nix b/modules/system/boot/default.nix similarity index 100% rename from modules/system/boot.nix rename to modules/system/boot/default.nix diff --git a/modules/system/default.nix b/modules/system/default.nix index 2b2bf97..5165e64 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -3,11 +3,11 @@ { imports = [ - ./boot.nix - ./documentation.nix - ./language.nix - ./nix.nix - ./packages.nix - ./users.nix + ./boot + ./documentation + ./language + ./nix + ./packages + ./users ]; } diff --git a/modules/system/documentation.nix b/modules/system/documentation/default.nix similarity index 100% rename from modules/system/documentation.nix rename to modules/system/documentation/default.nix diff --git a/modules/system/language.nix b/modules/system/language/default.nix similarity index 100% rename from modules/system/language.nix rename to modules/system/language/default.nix diff --git a/modules/system/nix.nix b/modules/system/nix/default.nix similarity index 100% rename from modules/system/nix.nix rename to modules/system/nix/default.nix diff --git a/modules/system/packages.nix b/modules/system/packages/default.nix similarity index 100% rename from modules/system/packages.nix rename to modules/system/packages/default.nix diff --git a/modules/system/users.nix b/modules/system/users/default.nix similarity index 100% rename from modules/system/users.nix rename to modules/system/users/default.nix diff --git a/modules/system/ssh/aramis.pub b/modules/system/users/ssh/aramis.pub similarity index 100% rename from modules/system/ssh/aramis.pub rename to modules/system/users/ssh/aramis.pub diff --git a/modules/system/ssh/shared.pub b/modules/system/users/ssh/shared.pub similarity index 100% rename from modules/system/ssh/shared.pub rename to modules/system/users/ssh/shared.pub From 78ade4c6051e8ad4f8296ec940ad9d64390e0404 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:08:43 +0200 Subject: [PATCH 332/654] modules: hardware: put modules into folders --- .../{bluetooth.nix => bluetooth/default.nix} | 0 modules/hardware/default.nix | 12 ++++++------ .../hardware/{ergodox.nix => ergodox/default.nix} | 0 .../hardware/{mx-ergo.nix => mx-ergo/default.nix} | 0 .../{networking.nix => networking/default.nix} | 0 modules/hardware/{sound.nix => sound/default.nix} | 0 modules/hardware/{upower.nix => upower/default.nix} | 0 7 files changed, 6 insertions(+), 6 deletions(-) rename modules/hardware/{bluetooth.nix => bluetooth/default.nix} (100%) rename modules/hardware/{ergodox.nix => ergodox/default.nix} (100%) rename modules/hardware/{mx-ergo.nix => mx-ergo/default.nix} (100%) rename modules/hardware/{networking.nix => networking/default.nix} (100%) rename modules/hardware/{sound.nix => sound/default.nix} (100%) rename modules/hardware/{upower.nix => upower/default.nix} (100%) diff --git a/modules/hardware/bluetooth.nix b/modules/hardware/bluetooth/default.nix similarity index 100% rename from modules/hardware/bluetooth.nix rename to modules/hardware/bluetooth/default.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 8e5e003..9ab5d40 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -3,11 +3,11 @@ { imports = [ - ./bluetooth.nix - ./ergodox.nix - ./mx-ergo.nix - ./networking.nix - ./sound.nix - ./upower.nix + ./bluetooth + ./ergodox + ./mx-ergo + ./networking + ./sound + ./upower ]; } diff --git a/modules/hardware/ergodox.nix b/modules/hardware/ergodox/default.nix similarity index 100% rename from modules/hardware/ergodox.nix rename to modules/hardware/ergodox/default.nix diff --git a/modules/hardware/mx-ergo.nix b/modules/hardware/mx-ergo/default.nix similarity index 100% rename from modules/hardware/mx-ergo.nix rename to modules/hardware/mx-ergo/default.nix diff --git a/modules/hardware/networking.nix b/modules/hardware/networking/default.nix similarity index 100% rename from modules/hardware/networking.nix rename to modules/hardware/networking/default.nix diff --git a/modules/hardware/sound.nix b/modules/hardware/sound/default.nix similarity index 100% rename from modules/hardware/sound.nix rename to modules/hardware/sound/default.nix diff --git a/modules/hardware/upower.nix b/modules/hardware/upower/default.nix similarity index 100% rename from modules/hardware/upower.nix rename to modules/hardware/upower/default.nix From 51067582e07cf5feec1a59c85b9ae4c998ed74e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:09:54 +0200 Subject: [PATCH 333/654] modules: services: put modules into folders --- .../{adblock.nix => adblock/default.nix} | 0 .../{backup.nix => backup/default.nix} | 0 .../services/{blog.nix => blog/default.nix} | 0 .../default.nix} | 0 modules/services/default.nix | 56 +++++++++---------- .../services/{drone.nix => drone/default.nix} | 0 .../services/{flood.nix => flood/default.nix} | 0 .../services/{gitea.nix => gitea/default.nix} | 0 .../{indexers.nix => indexers/default.nix} | 0 .../{jellyfin.nix => jellyfin/default.nix} | 0 .../services/{lohr.nix => lohr/default.nix} | 0 .../{matrix.nix => matrix/default.nix} | 0 .../{miniflux.nix => miniflux/default.nix} | 0 .../default.nix} | 0 .../{navidrome.nix => navidrome/default.nix} | 0 .../{nextcloud.nix => nextcloud/default.nix} | 0 .../services/{nginx.nix => nginx/default.nix} | 0 .../{paperless.nix => paperless/default.nix} | 0 .../{pirate.nix => pirate/default.nix} | 0 .../{podgrab.nix => podgrab/default.nix} | 0 .../default.nix} | 0 .../default.nix} | 0 .../{quassel.nix => quassel/default.nix} | 0 .../default.nix} | 0 .../{sabnzbd.nix => sabnzbd/default.nix} | 0 .../default.nix} | 0 modules/services/{tlp.nix => tlp/default.nix} | 0 .../default.nix} | 0 .../{wireguard.nix => wireguard/default.nix} | 0 29 files changed, 28 insertions(+), 28 deletions(-) rename modules/services/{adblock.nix => adblock/default.nix} (100%) rename modules/services/{backup.nix => backup/default.nix} (100%) rename modules/services/{blog.nix => blog/default.nix} (100%) rename modules/services/{calibre-web.nix => calibre-web/default.nix} (100%) rename modules/services/{drone.nix => drone/default.nix} (100%) rename modules/services/{flood.nix => flood/default.nix} (100%) rename modules/services/{gitea.nix => gitea/default.nix} (100%) rename modules/services/{indexers.nix => indexers/default.nix} (100%) rename modules/services/{jellyfin.nix => jellyfin/default.nix} (100%) rename modules/services/{lohr.nix => lohr/default.nix} (100%) rename modules/services/{matrix.nix => matrix/default.nix} (100%) rename modules/services/{miniflux.nix => miniflux/default.nix} (100%) rename modules/services/{monitoring.nix => monitoring/default.nix} (100%) rename modules/services/{navidrome.nix => navidrome/default.nix} (100%) rename modules/services/{nextcloud.nix => nextcloud/default.nix} (100%) rename modules/services/{nginx.nix => nginx/default.nix} (100%) rename modules/services/{paperless.nix => paperless/default.nix} (100%) rename modules/services/{pirate.nix => pirate/default.nix} (100%) rename modules/services/{podgrab.nix => podgrab/default.nix} (100%) rename modules/services/{postgresql-backup.nix => postgresql-backup/default.nix} (100%) rename modules/services/{postgresql.nix => postgresql/default.nix} (100%) rename modules/services/{quassel.nix => quassel/default.nix} (100%) rename modules/services/{rss-bridge.nix => rss-bridge/default.nix} (100%) rename modules/services/{sabnzbd.nix => sabnzbd/default.nix} (100%) rename modules/services/{ssh-server.nix => ssh-server/default.nix} (100%) rename modules/services/{tlp.nix => tlp/default.nix} (100%) rename modules/services/{transmission.nix => transmission/default.nix} (100%) rename modules/services/{wireguard.nix => wireguard/default.nix} (100%) diff --git a/modules/services/adblock.nix b/modules/services/adblock/default.nix similarity index 100% rename from modules/services/adblock.nix rename to modules/services/adblock/default.nix diff --git a/modules/services/backup.nix b/modules/services/backup/default.nix similarity index 100% rename from modules/services/backup.nix rename to modules/services/backup/default.nix diff --git a/modules/services/blog.nix b/modules/services/blog/default.nix similarity index 100% rename from modules/services/blog.nix rename to modules/services/blog/default.nix diff --git a/modules/services/calibre-web.nix b/modules/services/calibre-web/default.nix similarity index 100% rename from modules/services/calibre-web.nix rename to modules/services/calibre-web/default.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 9f132d0..4ed40f0 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -2,33 +2,33 @@ { imports = [ - ./adblock.nix - ./backup.nix - ./blog.nix - ./calibre-web.nix - ./drone.nix - ./flood.nix - ./gitea.nix - ./indexers.nix - ./jellyfin.nix - ./lohr.nix - ./matrix.nix - ./miniflux.nix - ./monitoring.nix - ./navidrome.nix - ./nextcloud.nix - ./nginx.nix - ./paperless.nix - ./pirate.nix - ./podgrab.nix - ./postgresql-backup.nix - ./postgresql.nix - ./quassel.nix - ./rss-bridge.nix - ./sabnzbd.nix - ./ssh-server.nix - ./tlp.nix - ./transmission.nix - ./wireguard.nix + ./adblock + ./backup + ./blog + ./calibre-web + ./drone + ./flood + ./gitea + ./indexers + ./jellyfin + ./lohr + ./matrix + ./miniflux + ./monitoring + ./navidrome + ./nextcloud + ./nginx + ./paperless + ./pirate + ./podgrab + ./postgresql-backup + ./postgresql + ./quassel + ./rss-bridge + ./sabnzbd + ./ssh-server + ./tlp + ./transmission + ./wireguard ]; } diff --git a/modules/services/drone.nix b/modules/services/drone/default.nix similarity index 100% rename from modules/services/drone.nix rename to modules/services/drone/default.nix diff --git a/modules/services/flood.nix b/modules/services/flood/default.nix similarity index 100% rename from modules/services/flood.nix rename to modules/services/flood/default.nix diff --git a/modules/services/gitea.nix b/modules/services/gitea/default.nix similarity index 100% rename from modules/services/gitea.nix rename to modules/services/gitea/default.nix diff --git a/modules/services/indexers.nix b/modules/services/indexers/default.nix similarity index 100% rename from modules/services/indexers.nix rename to modules/services/indexers/default.nix diff --git a/modules/services/jellyfin.nix b/modules/services/jellyfin/default.nix similarity index 100% rename from modules/services/jellyfin.nix rename to modules/services/jellyfin/default.nix diff --git a/modules/services/lohr.nix b/modules/services/lohr/default.nix similarity index 100% rename from modules/services/lohr.nix rename to modules/services/lohr/default.nix diff --git a/modules/services/matrix.nix b/modules/services/matrix/default.nix similarity index 100% rename from modules/services/matrix.nix rename to modules/services/matrix/default.nix diff --git a/modules/services/miniflux.nix b/modules/services/miniflux/default.nix similarity index 100% rename from modules/services/miniflux.nix rename to modules/services/miniflux/default.nix diff --git a/modules/services/monitoring.nix b/modules/services/monitoring/default.nix similarity index 100% rename from modules/services/monitoring.nix rename to modules/services/monitoring/default.nix diff --git a/modules/services/navidrome.nix b/modules/services/navidrome/default.nix similarity index 100% rename from modules/services/navidrome.nix rename to modules/services/navidrome/default.nix diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud/default.nix similarity index 100% rename from modules/services/nextcloud.nix rename to modules/services/nextcloud/default.nix diff --git a/modules/services/nginx.nix b/modules/services/nginx/default.nix similarity index 100% rename from modules/services/nginx.nix rename to modules/services/nginx/default.nix diff --git a/modules/services/paperless.nix b/modules/services/paperless/default.nix similarity index 100% rename from modules/services/paperless.nix rename to modules/services/paperless/default.nix diff --git a/modules/services/pirate.nix b/modules/services/pirate/default.nix similarity index 100% rename from modules/services/pirate.nix rename to modules/services/pirate/default.nix diff --git a/modules/services/podgrab.nix b/modules/services/podgrab/default.nix similarity index 100% rename from modules/services/podgrab.nix rename to modules/services/podgrab/default.nix diff --git a/modules/services/postgresql-backup.nix b/modules/services/postgresql-backup/default.nix similarity index 100% rename from modules/services/postgresql-backup.nix rename to modules/services/postgresql-backup/default.nix diff --git a/modules/services/postgresql.nix b/modules/services/postgresql/default.nix similarity index 100% rename from modules/services/postgresql.nix rename to modules/services/postgresql/default.nix diff --git a/modules/services/quassel.nix b/modules/services/quassel/default.nix similarity index 100% rename from modules/services/quassel.nix rename to modules/services/quassel/default.nix diff --git a/modules/services/rss-bridge.nix b/modules/services/rss-bridge/default.nix similarity index 100% rename from modules/services/rss-bridge.nix rename to modules/services/rss-bridge/default.nix diff --git a/modules/services/sabnzbd.nix b/modules/services/sabnzbd/default.nix similarity index 100% rename from modules/services/sabnzbd.nix rename to modules/services/sabnzbd/default.nix diff --git a/modules/services/ssh-server.nix b/modules/services/ssh-server/default.nix similarity index 100% rename from modules/services/ssh-server.nix rename to modules/services/ssh-server/default.nix diff --git a/modules/services/tlp.nix b/modules/services/tlp/default.nix similarity index 100% rename from modules/services/tlp.nix rename to modules/services/tlp/default.nix diff --git a/modules/services/transmission.nix b/modules/services/transmission/default.nix similarity index 100% rename from modules/services/transmission.nix rename to modules/services/transmission/default.nix diff --git a/modules/services/wireguard.nix b/modules/services/wireguard/default.nix similarity index 100% rename from modules/services/wireguard.nix rename to modules/services/wireguard/default.nix From fb6e2afe8964019f26565c2c31b268b470410014 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:22:52 +0200 Subject: [PATCH 334/654] modules: services: drone: split into files This is cleaner to read. --- modules/services/drone/default.nix | 162 +----------------- .../services/drone/runner-docker/default.nix | 44 +++++ .../services/drone/runner-exec/default.nix | 68 ++++++++ modules/services/drone/server/default.nix | 56 ++++++ 4 files changed, 174 insertions(+), 156 deletions(-) create mode 100644 modules/services/drone/runner-docker/default.nix create mode 100644 modules/services/drone/runner-exec/default.nix create mode 100644 modules/services/drone/server/default.nix diff --git a/modules/services/drone/default.nix b/modules/services/drone/default.nix index 7a9b668..3e84ddd 100644 --- a/modules/services/drone/default.nix +++ b/modules/services/drone/default.nix @@ -3,16 +3,13 @@ # Inspired by [1] # [1]: https://github.com/Mic92/dotfiles/blob/master/nixos/eve/modules/drone.nix { config, lib, pkgs, ... }: -let - cfg = config.my.services.drone; - - hasRunner = (name: builtins.elem name cfg.runners); - - execPkg = pkgs.drone-runner-exec; - - dockerPkg = pkgs.drone-runner-docker; -in { + imports = [ + ./runner-docker + ./runner-exec + ./server + ]; + options.my.services.drone = with lib; { enable = mkEnableOption "Drone CI"; runners = mkOption { @@ -44,151 +41,4 @@ in description = "Shared RPC secret to inject into server and runners"; }; }; - - config = lib.mkIf cfg.enable { - systemd.services.drone-server = { - wantedBy = [ "multi-user.target" ]; - after = [ "postgresql.service" ]; - serviceConfig = { - EnvironmentFile = [ - cfg.secretFile - cfg.sharedSecretFile - ]; - Environment = [ - "DRONE_DATABASE_DATASOURCE=postgres:///drone?host=/run/postgresql" - "DRONE_SERVER_HOST=drone.${config.networking.domain}" - "DRONE_SERVER_PROTO=https" - "DRONE_DATABASE_DRIVER=postgres" - "DRONE_SERVER_PORT=:${toString cfg.port}" - "DRONE_USER_CREATE=username:${cfg.admin},admin:true" - "DRONE_JSONNET_ENABLED=true" - "DRONE_STARLARK_ENABLED=true" - ]; - ExecStart = "${pkgs.drone}/bin/drone-server"; - User = "drone"; - Group = "drone"; - }; - }; - - users.users.drone = { - isSystemUser = true; - createHome = true; - group = "drone"; - }; - users.groups.drone = { }; - - services.postgresql = { - enable = true; - ensureDatabases = [ "drone" ]; - ensureUsers = [{ - name = "drone"; - ensurePermissions = { - "DATABASE drone" = "ALL PRIVILEGES"; - }; - }]; - }; - - my.services.nginx.virtualHosts = [ - { - subdomain = "drone"; - inherit (cfg) port; - } - ]; - - # Docker runner - systemd.services.drone-runner-docker = lib.mkIf (hasRunner "docker") { - wantedBy = [ "multi-user.target" ]; - after = [ "docker.socket" ]; # Needs the socket to be available - # might break deployment - restartIfChanged = false; - confinement.enable = true; - serviceConfig = { - Environment = [ - "DRONE_SERVER_HOST=drone.${config.networking.domain}" - "DRONE_SERVER_PROTO=https" - "DRONE_RUNNER_CAPACITY=10" - "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" - ]; - BindPaths = [ - "/var/run/docker.sock" - ]; - EnvironmentFile = [ - cfg.sharedSecretFile - ]; - ExecStart = "${dockerPkg}/bin/drone-runner-docker"; - User = "drone-runner-docker"; - Group = "drone-runner-docker"; - }; - }; - - # Make sure it is activated in that case - virtualisation.docker.enable = lib.mkIf (hasRunner "docker") true; - - users.users.drone-runner-docker = lib.mkIf (hasRunner "docker") { - isSystemUser = true; - group = "drone-runner-docker"; - extraGroups = [ "docker" ]; # Give access to the daemon - }; - users.groups.drone-runner-docker = lib.mkIf (hasRunner "docker") { }; - - # Exec runner - systemd.services.drone-runner-exec = lib.mkIf (hasRunner "exec") { - wantedBy = [ "multi-user.target" ]; - # might break deployment - restartIfChanged = false; - confinement.enable = true; - confinement.packages = with pkgs; [ - git - gnutar - bash - nixUnstable - gzip - ]; - path = with pkgs; [ - git - gnutar - bash - nixUnstable - gzip - ]; - serviceConfig = { - Environment = [ - "DRONE_SERVER_HOST=drone.${config.networking.domain}" - "DRONE_SERVER_PROTO=https" - "DRONE_RUNNER_CAPACITY=10" - "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" - "NIX_REMOTE=daemon" - "PAGER=cat" - ]; - BindPaths = [ - "/nix/var/nix/daemon-socket/socket" - "/run/nscd/socket" - ]; - BindReadOnlyPaths = [ - "/etc/resolv.conf:/etc/resolv.conf" - "/etc/resolvconf.conf:/etc/resolvconf.conf" - "/etc/passwd:/etc/passwd" - "/etc/group:/etc/group" - "/nix/var/nix/profiles/system/etc/nix:/etc/nix" - "${config.environment.etc."ssl/certs/ca-certificates.crt".source}:/etc/ssl/certs/ca-certificates.crt" - "${config.environment.etc."ssh/ssh_known_hosts".source}:/etc/ssh/ssh_known_hosts" - "/etc/machine-id" - # channels are dynamic paths in the nix store, therefore we need to bind mount the whole thing - "/nix/" - ]; - EnvironmentFile = [ - cfg.sharedSecretFile - ]; - ExecStart = "${execPkg}/bin/drone-runner-exec"; - User = "drone-runner-exec"; - Group = "drone-runner-exec"; - }; - }; - - users.users.drone-runner-exec = lib.mkIf (hasRunner "exec") { - isSystemUser = true; - group = "drone-runner-exec"; - }; - users.groups.drone-runner-exec = lib.mkIf (hasRunner "exec") { }; - }; } diff --git a/modules/services/drone/runner-docker/default.nix b/modules/services/drone/runner-docker/default.nix new file mode 100644 index 0000000..0f2e3b3 --- /dev/null +++ b/modules/services/drone/runner-docker/default.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.drone; + hasRunner = (name: builtins.elem name cfg.runners); + dockerPkg = pkgs.drone-runner-docker; +in +{ + config = lib.mkIf (cfg.enable && hasRunner "docker") { + systemd.services.drone-runner-docker = { + wantedBy = [ "multi-user.target" ]; + after = [ "docker.socket" ]; # Needs the socket to be available + # might break deployment + restartIfChanged = false; + confinement.enable = true; + serviceConfig = { + Environment = [ + "DRONE_SERVER_HOST=drone.${config.networking.domain}" + "DRONE_SERVER_PROTO=https" + "DRONE_RUNNER_CAPACITY=10" + "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" + ]; + BindPaths = [ + "/var/run/docker.sock" + ]; + EnvironmentFile = [ + cfg.sharedSecretFile + ]; + ExecStart = "${dockerPkg}/bin/drone-runner-docker"; + User = "drone-runner-docker"; + Group = "drone-runner-docker"; + }; + }; + + # Make sure it is activated in that case + virtualisation.docker.enable = true; + + users.users.drone-runner-docker = { + isSystemUser = true; + group = "drone-runner-docker"; + extraGroups = [ "docker" ]; # Give access to the daemon + }; + users.groups.drone-runner-docker = { }; + }; +} diff --git a/modules/services/drone/runner-exec/default.nix b/modules/services/drone/runner-exec/default.nix new file mode 100644 index 0000000..6c776b4 --- /dev/null +++ b/modules/services/drone/runner-exec/default.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.drone; + hasRunner = (name: builtins.elem name cfg.runners); + execPkg = pkgs.drone-runner-exec; +in +{ + config = lib.mkIf (cfg.enable && hasRunner "exec") { + systemd.services.drone-runner-exec = { + wantedBy = [ "multi-user.target" ]; + # might break deployment + restartIfChanged = false; + confinement.enable = true; + confinement.packages = with pkgs; [ + git + gnutar + bash + nixUnstable + gzip + ]; + path = with pkgs; [ + git + gnutar + bash + nixUnstable + gzip + ]; + serviceConfig = { + Environment = [ + "DRONE_SERVER_HOST=drone.${config.networking.domain}" + "DRONE_SERVER_PROTO=https" + "DRONE_RUNNER_CAPACITY=10" + "CLIENT_DRONE_RPC_HOST=127.0.0.1:${toString cfg.port}" + "NIX_REMOTE=daemon" + "PAGER=cat" + ]; + BindPaths = [ + "/nix/var/nix/daemon-socket/socket" + "/run/nscd/socket" + ]; + BindReadOnlyPaths = [ + "/etc/resolv.conf:/etc/resolv.conf" + "/etc/resolvconf.conf:/etc/resolvconf.conf" + "/etc/passwd:/etc/passwd" + "/etc/group:/etc/group" + "/nix/var/nix/profiles/system/etc/nix:/etc/nix" + "${config.environment.etc."ssl/certs/ca-certificates.crt".source}:/etc/ssl/certs/ca-certificates.crt" + "${config.environment.etc."ssh/ssh_known_hosts".source}:/etc/ssh/ssh_known_hosts" + "/etc/machine-id" + # channels are dynamic paths in the nix store, therefore we need to bind mount the whole thing + "/nix/" + ]; + EnvironmentFile = [ + cfg.sharedSecretFile + ]; + ExecStart = "${execPkg}/bin/drone-runner-exec"; + User = "drone-runner-exec"; + Group = "drone-runner-exec"; + }; + }; + + users.users.drone-runner-exec = { + isSystemUser = true; + group = "drone-runner-exec"; + }; + users.groups.drone-runner-exec = { }; + }; +} diff --git a/modules/services/drone/server/default.nix b/modules/services/drone/server/default.nix new file mode 100644 index 0000000..1202010 --- /dev/null +++ b/modules/services/drone/server/default.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.services.drone; +in +{ + config = lib.mkIf cfg.enable { + systemd.services.drone-server = { + wantedBy = [ "multi-user.target" ]; + after = [ "postgresql.service" ]; + serviceConfig = { + EnvironmentFile = [ + cfg.secretFile + cfg.sharedSecretFile + ]; + Environment = [ + "DRONE_DATABASE_DATASOURCE=postgres:///drone?host=/run/postgresql" + "DRONE_SERVER_HOST=drone.${config.networking.domain}" + "DRONE_SERVER_PROTO=https" + "DRONE_DATABASE_DRIVER=postgres" + "DRONE_SERVER_PORT=:${toString cfg.port}" + "DRONE_USER_CREATE=username:${cfg.admin},admin:true" + "DRONE_JSONNET_ENABLED=true" + "DRONE_STARLARK_ENABLED=true" + ]; + ExecStart = "${pkgs.drone}/bin/drone-server"; + User = "drone"; + Group = "drone"; + }; + }; + + users.users.drone = { + isSystemUser = true; + createHome = true; + group = "drone"; + }; + users.groups.drone = { }; + + services.postgresql = { + enable = true; + ensureDatabases = [ "drone" ]; + ensureUsers = [{ + name = "drone"; + ensurePermissions = { + "DATABASE drone" = "ALL PRIVILEGES"; + }; + }]; + }; + + my.services.nginx.virtualHosts = [ + { + subdomain = "drone"; + inherit (cfg) port; + } + ]; + }; +} From 7b75ea43ad3ce13bd9646137a2a379692071a803 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:26:21 +0200 Subject: [PATCH 335/654] profiles: put modules into folders --- profiles/{bluetooth.nix => bluetooth/default.nix} | 0 profiles/default.nix | 12 ++++++------ profiles/{devices.nix => devices/default.nix} | 0 profiles/{gtk.nix => gtk/default.nix} | 0 profiles/{laptop.nix => laptop/default.nix} | 0 profiles/{wm.nix => wm/default.nix} | 0 profiles/{x.nix => x/default.nix} | 0 7 files changed, 6 insertions(+), 6 deletions(-) rename profiles/{bluetooth.nix => bluetooth/default.nix} (100%) rename profiles/{devices.nix => devices/default.nix} (100%) rename profiles/{gtk.nix => gtk/default.nix} (100%) rename profiles/{laptop.nix => laptop/default.nix} (100%) rename profiles/{wm.nix => wm/default.nix} (100%) rename profiles/{x.nix => x/default.nix} (100%) diff --git a/profiles/bluetooth.nix b/profiles/bluetooth/default.nix similarity index 100% rename from profiles/bluetooth.nix rename to profiles/bluetooth/default.nix diff --git a/profiles/default.nix b/profiles/default.nix index 0ea4094..43d5a84 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -2,11 +2,11 @@ { ... }: { imports = [ - ./bluetooth.nix - ./devices.nix - ./gtk.nix - ./laptop.nix - ./wm.nix - ./x.nix + ./bluetooth + ./devices + ./gtk + ./laptop + ./wm + ./x ]; } diff --git a/profiles/devices.nix b/profiles/devices/default.nix similarity index 100% rename from profiles/devices.nix rename to profiles/devices/default.nix diff --git a/profiles/gtk.nix b/profiles/gtk/default.nix similarity index 100% rename from profiles/gtk.nix rename to profiles/gtk/default.nix diff --git a/profiles/laptop.nix b/profiles/laptop/default.nix similarity index 100% rename from profiles/laptop.nix rename to profiles/laptop/default.nix diff --git a/profiles/wm.nix b/profiles/wm/default.nix similarity index 100% rename from profiles/wm.nix rename to profiles/wm/default.nix diff --git a/profiles/x.nix b/profiles/x/default.nix similarity index 100% rename from profiles/x.nix rename to profiles/x/default.nix From 8a9337710f50e8baa942af2b03d9d9d821ebea62 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:28:27 +0200 Subject: [PATCH 336/654] home: firefox: put modules into folders --- home/firefox/default.nix | 4 ++-- home/firefox/{firefox.nix => firefox/default.nix} | 0 home/firefox/{tridactyl.nix => tridactyl/default.nix} | 0 home/firefox/{ => tridactyl}/tridactylrc | 0 4 files changed, 2 insertions(+), 2 deletions(-) rename home/firefox/{firefox.nix => firefox/default.nix} (100%) rename home/firefox/{tridactyl.nix => tridactyl/default.nix} (100%) rename home/firefox/{ => tridactyl}/tridactylrc (100%) diff --git a/home/firefox/default.nix b/home/firefox/default.nix index 601644b..3d310dc 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -23,7 +23,7 @@ }; imports = [ - ./firefox.nix - ./tridactyl.nix + ./firefox + ./tridactyl ]; } diff --git a/home/firefox/firefox.nix b/home/firefox/firefox/default.nix similarity index 100% rename from home/firefox/firefox.nix rename to home/firefox/firefox/default.nix diff --git a/home/firefox/tridactyl.nix b/home/firefox/tridactyl/default.nix similarity index 100% rename from home/firefox/tridactyl.nix rename to home/firefox/tridactyl/default.nix diff --git a/home/firefox/tridactylrc b/home/firefox/tridactyl/tridactylrc similarity index 100% rename from home/firefox/tridactylrc rename to home/firefox/tridactyl/tridactylrc From 2449a966520fbdc616abe77d6007e3cdbc5e80b1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:28:45 +0200 Subject: [PATCH 337/654] home: mail: put modules into folders --- home/mail/{accounts.nix => accounts/default.nix} | 0 home/mail/default.nix | 6 +++--- home/mail/{himalaya.nix => himalaya/default.nix} | 0 home/mail/{msmtp.nix => msmtp/default.nix} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename home/mail/{accounts.nix => accounts/default.nix} (100%) rename home/mail/{himalaya.nix => himalaya/default.nix} (100%) rename home/mail/{msmtp.nix => msmtp/default.nix} (100%) diff --git a/home/mail/accounts.nix b/home/mail/accounts/default.nix similarity index 100% rename from home/mail/accounts.nix rename to home/mail/accounts/default.nix diff --git a/home/mail/default.nix b/home/mail/default.nix index 3ec0c9a..ac44593 100644 --- a/home/mail/default.nix +++ b/home/mail/default.nix @@ -6,9 +6,9 @@ let in { imports = [ - ./accounts.nix - ./himalaya.nix - ./msmtp.nix + ./accounts + ./himalaya + ./msmtp ]; options.my.home.mail = with lib; { diff --git a/home/mail/himalaya.nix b/home/mail/himalaya/default.nix similarity index 100% rename from home/mail/himalaya.nix rename to home/mail/himalaya/default.nix diff --git a/home/mail/msmtp.nix b/home/mail/msmtp/default.nix similarity index 100% rename from home/mail/msmtp.nix rename to home/mail/msmtp/default.nix From 37c20529c1cfb312601fc4e9e71611f93462a016 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:29:07 +0200 Subject: [PATCH 338/654] home: wm: put modules into folders --- home/wm/default.nix | 10 +++++----- home/wm/{dunst.nix => dunst/default.nix} | 0 home/wm/{i3.nix => i3/default.nix} | 0 home/wm/{i3bar.nix => i3bar/default.nix} | 0 home/wm/{rofi.nix => rofi/default.nix} | 0 home/wm/{screen-lock.nix => screen-lock/default.nix} | 0 6 files changed, 5 insertions(+), 5 deletions(-) rename home/wm/{dunst.nix => dunst/default.nix} (100%) rename home/wm/{i3.nix => i3/default.nix} (100%) rename home/wm/{i3bar.nix => i3bar/default.nix} (100%) rename home/wm/{rofi.nix => rofi/default.nix} (100%) rename home/wm/{screen-lock.nix => screen-lock/default.nix} (100%) diff --git a/home/wm/default.nix b/home/wm/default.nix index 2547a4e..eae9f14 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -10,11 +10,11 @@ let in { imports = [ - ./dunst.nix - ./i3.nix - ./i3bar.nix - ./rofi.nix - ./screen-lock.nix + ./dunst + ./i3 + ./i3bar + ./rofi + ./screen-lock ]; options.my.home.wm = with lib; { diff --git a/home/wm/dunst.nix b/home/wm/dunst/default.nix similarity index 100% rename from home/wm/dunst.nix rename to home/wm/dunst/default.nix diff --git a/home/wm/i3.nix b/home/wm/i3/default.nix similarity index 100% rename from home/wm/i3.nix rename to home/wm/i3/default.nix diff --git a/home/wm/i3bar.nix b/home/wm/i3bar/default.nix similarity index 100% rename from home/wm/i3bar.nix rename to home/wm/i3bar/default.nix diff --git a/home/wm/rofi.nix b/home/wm/rofi/default.nix similarity index 100% rename from home/wm/rofi.nix rename to home/wm/rofi/default.nix diff --git a/home/wm/screen-lock.nix b/home/wm/screen-lock/default.nix similarity index 100% rename from home/wm/screen-lock.nix rename to home/wm/screen-lock/default.nix From 0d44b3b9f2a947f04aeac27aaef91916fd09ca0c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:29:30 +0200 Subject: [PATCH 339/654] home: x: put modules into folders --- home/x/{cursor.nix => cursor/default.nix} | 0 home/x/default.nix | 4 ++-- home/x/{keyboard.nix => keyboard/default.nix} | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename home/x/{cursor.nix => cursor/default.nix} (100%) rename home/x/{keyboard.nix => keyboard/default.nix} (100%) diff --git a/home/x/cursor.nix b/home/x/cursor/default.nix similarity index 100% rename from home/x/cursor.nix rename to home/x/cursor/default.nix diff --git a/home/x/default.nix b/home/x/default.nix index a2820ba..ac66a50 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -4,8 +4,8 @@ let in { imports = [ - ./cursor.nix - ./keyboard.nix + ./cursor + ./keyboard ]; options.my.home.x = with lib; { diff --git a/home/x/keyboard.nix b/home/x/keyboard/default.nix similarity index 100% rename from home/x/keyboard.nix rename to home/x/keyboard/default.nix From 67090494e22cab92597b8f2de73831fa48ff6806 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:29:48 +0200 Subject: [PATCH 340/654] home: terminal: put modules into folders --- home/terminal/default.nix | 2 +- home/terminal/{termite.nix => termite/default.nix} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename home/terminal/{termite.nix => termite/default.nix} (100%) diff --git a/home/terminal/default.nix b/home/terminal/default.nix index 5d32556..68ff44e 100644 --- a/home/terminal/default.nix +++ b/home/terminal/default.nix @@ -10,7 +10,7 @@ let in { imports = [ - ./termite.nix + ./termite ]; options.my.home = with lib; { diff --git a/home/terminal/termite.nix b/home/terminal/termite/default.nix similarity index 100% rename from home/terminal/termite.nix rename to home/terminal/termite/default.nix From f6faa11ff78329800fe36241053ba0a54ba430aa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 15:28:10 +0200 Subject: [PATCH 341/654] home: put modules into folders --- home/{bat.nix => bat/default.nix} | 0 home/{bluetooth.nix => bluetooth/default.nix} | 0 home/{comma.nix => comma/default.nix} | 0 home/default.nix | 46 +++++++++---------- home/{direnv.nix => direnv/default.nix} | 0 .../default.nix} | 0 home/{feh.nix => feh/default.nix} | 0 home/{flameshot.nix => flameshot/default.nix} | 0 home/{gammastep.nix => gammastep/default.nix} | 0 home/{gpg.nix => gpg/default.nix} | 0 home/{gtk.nix => gtk/default.nix} | 0 home/{htop.nix => htop/default.nix} | 0 home/{jq.nix => jq/default.nix} | 0 home/{mpv.nix => mpv/default.nix} | 0 home/{nix-index.nix => nix-index/default.nix} | 0 home/{nm-applet.nix => nm-applet/default.nix} | 0 home/{packages.nix => packages/default.nix} | 0 home/{pager.nix => pager/default.nix} | 0 .../default.nix} | 0 home/{ssh.nix => ssh/default.nix} | 0 home/{tmux.nix => tmux/default.nix} | 0 home/{udiskie.nix => udiskie/default.nix} | 0 home/{xdg.nix => xdg/default.nix} | 0 home/{zathura.nix => zathura/default.nix} | 0 24 files changed, 23 insertions(+), 23 deletions(-) rename home/{bat.nix => bat/default.nix} (100%) rename home/{bluetooth.nix => bluetooth/default.nix} (100%) rename home/{comma.nix => comma/default.nix} (100%) rename home/{direnv.nix => direnv/default.nix} (100%) rename home/{documentation.nix => documentation/default.nix} (100%) rename home/{feh.nix => feh/default.nix} (100%) rename home/{flameshot.nix => flameshot/default.nix} (100%) rename home/{gammastep.nix => gammastep/default.nix} (100%) rename home/{gpg.nix => gpg/default.nix} (100%) rename home/{gtk.nix => gtk/default.nix} (100%) rename home/{htop.nix => htop/default.nix} (100%) rename home/{jq.nix => jq/default.nix} (100%) rename home/{mpv.nix => mpv/default.nix} (100%) rename home/{nix-index.nix => nix-index/default.nix} (100%) rename home/{nm-applet.nix => nm-applet/default.nix} (100%) rename home/{packages.nix => packages/default.nix} (100%) rename home/{pager.nix => pager/default.nix} (100%) rename home/{power-alert.nix => power-alert/default.nix} (100%) rename home/{ssh.nix => ssh/default.nix} (100%) rename home/{tmux.nix => tmux/default.nix} (100%) rename home/{udiskie.nix => udiskie/default.nix} (100%) rename home/{xdg.nix => xdg/default.nix} (100%) rename home/{zathura.nix => zathura/default.nix} (100%) diff --git a/home/bat.nix b/home/bat/default.nix similarity index 100% rename from home/bat.nix rename to home/bat/default.nix diff --git a/home/bluetooth.nix b/home/bluetooth/default.nix similarity index 100% rename from home/bluetooth.nix rename to home/bluetooth/default.nix diff --git a/home/comma.nix b/home/comma/default.nix similarity index 100% rename from home/comma.nix rename to home/comma/default.nix diff --git a/home/default.nix b/home/default.nix index fee7a8b..e68c53b 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,37 +1,37 @@ { ... }: { imports = [ - ./bat.nix - ./bluetooth.nix - ./comma.nix - ./direnv.nix - ./documentation.nix - ./feh.nix + ./bat + ./bluetooth + ./comma + ./direnv + ./documentation + ./feh ./firefox - ./flameshot.nix - ./gammastep.nix + ./flameshot + ./gammastep ./gdb ./git - ./gpg.nix - ./gtk.nix - ./htop.nix - ./jq.nix + ./gpg + ./gtk + ./htop + ./jq ./mail - ./mpv.nix - ./nix-index.nix - ./nm-applet.nix - ./packages.nix - ./pager.nix - ./power-alert.nix - ./ssh.nix + ./mpv + ./nix-index + ./nm-applet + ./packages + ./pager + ./power-alert + ./ssh ./terminal - ./tmux.nix - ./udiskie.nix + ./tmux + ./udiskie ./vim ./wm ./x - ./xdg.nix - ./zathura.nix + ./xdg + ./zathura ./zsh ]; diff --git a/home/direnv.nix b/home/direnv/default.nix similarity index 100% rename from home/direnv.nix rename to home/direnv/default.nix diff --git a/home/documentation.nix b/home/documentation/default.nix similarity index 100% rename from home/documentation.nix rename to home/documentation/default.nix diff --git a/home/feh.nix b/home/feh/default.nix similarity index 100% rename from home/feh.nix rename to home/feh/default.nix diff --git a/home/flameshot.nix b/home/flameshot/default.nix similarity index 100% rename from home/flameshot.nix rename to home/flameshot/default.nix diff --git a/home/gammastep.nix b/home/gammastep/default.nix similarity index 100% rename from home/gammastep.nix rename to home/gammastep/default.nix diff --git a/home/gpg.nix b/home/gpg/default.nix similarity index 100% rename from home/gpg.nix rename to home/gpg/default.nix diff --git a/home/gtk.nix b/home/gtk/default.nix similarity index 100% rename from home/gtk.nix rename to home/gtk/default.nix diff --git a/home/htop.nix b/home/htop/default.nix similarity index 100% rename from home/htop.nix rename to home/htop/default.nix diff --git a/home/jq.nix b/home/jq/default.nix similarity index 100% rename from home/jq.nix rename to home/jq/default.nix diff --git a/home/mpv.nix b/home/mpv/default.nix similarity index 100% rename from home/mpv.nix rename to home/mpv/default.nix diff --git a/home/nix-index.nix b/home/nix-index/default.nix similarity index 100% rename from home/nix-index.nix rename to home/nix-index/default.nix diff --git a/home/nm-applet.nix b/home/nm-applet/default.nix similarity index 100% rename from home/nm-applet.nix rename to home/nm-applet/default.nix diff --git a/home/packages.nix b/home/packages/default.nix similarity index 100% rename from home/packages.nix rename to home/packages/default.nix diff --git a/home/pager.nix b/home/pager/default.nix similarity index 100% rename from home/pager.nix rename to home/pager/default.nix diff --git a/home/power-alert.nix b/home/power-alert/default.nix similarity index 100% rename from home/power-alert.nix rename to home/power-alert/default.nix diff --git a/home/ssh.nix b/home/ssh/default.nix similarity index 100% rename from home/ssh.nix rename to home/ssh/default.nix diff --git a/home/tmux.nix b/home/tmux/default.nix similarity index 100% rename from home/tmux.nix rename to home/tmux/default.nix diff --git a/home/udiskie.nix b/home/udiskie/default.nix similarity index 100% rename from home/udiskie.nix rename to home/udiskie/default.nix diff --git a/home/xdg.nix b/home/xdg/default.nix similarity index 100% rename from home/xdg.nix rename to home/xdg/default.nix diff --git a/home/zathura.nix b/home/zathura/default.nix similarity index 100% rename from home/zathura.nix rename to home/zathura/default.nix From 3bf3980e45397d2a8abb23bbf0cfa711f40e3205 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 13:41:43 +0200 Subject: [PATCH 342/654] modules: services: nginx: allow sso secret files This is in preparation of the migration to agenix, which does not allow access to the secrets at build time. --- machines/porthos/services.nix | 16 ++++++++ modules/services/nginx/default.nix | 61 +++++++++++++++++++++++++++--- 2 files changed, 71 insertions(+), 6 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 824265c..02ae69e 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -109,6 +109,22 @@ in acme = { credentialsFile = builtins.toFile "gandi-key.env" my.secrets.acme.key; }; + sso = { + authKeyFile = secrets."sso/auth-key".path; + users = { + ambroisie = { + passwordHashFile = builtins.toFile + "ambroisie-sso-pass.txt" + my.secrets.sso.ambroisie.passwordHash; + totpSecretFile = builtins.toFile + "ambroisie-sso-totp.txt" + my.secrets.sso.ambroisie.totpSecret; + }; + }; + groups = { + root = [ "ambroisie" ]; + }; + }; }; paperless = { enable = true; diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index bb773c9..d5d8b31 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -1,5 +1,5 @@ # A simple abstraction layer for almost all of my services' needs -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, utils, ... }: let cfg = config.my.services.nginx; @@ -105,6 +105,14 @@ in }; sso = { + authKeyFile = mkOption { + type = types.str; + example = "/var/lib/nginx-sso/auth-key.txt"; + description = '' + Path to the auth key. + ''; + }; + subdomain = mkOption { type = types.str; default = "login"; @@ -118,6 +126,43 @@ in example = 8080; description = "Port to use for internal webui."; }; + + users = mkOption { + type = types.attrsOf (types.submodule { + options = { + passwordHashFile = mkOption { + type = types.str; + example = "/var/lib/nginx-sso/alice/password-hash.txt"; + description = "Path to file containing the user's password hash."; + }; + totpSecretFile = mkOption { + type = types.str; + example = "/var/lib/nginx-sso/alice/totp-secret.txt"; + description = "Path to file containing the user's TOTP secret."; + }; + }; + }); + example = litteralExample '' + { + alice = { + passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; + totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; + }; + } + ''; + description = "Definition of users"; + }; + + groups = mkOption { + type = with types; attrsOf (listOf str); + example = litteralExample '' + { + root = [ "alice" ]; + users = [ "alice" "bob" ]; + } + ''; + description = "Groups of users"; + }; }; }; @@ -278,7 +323,9 @@ in cookie = { domain = ".${config.networking.domain}"; secure = true; - authentication_key = config.my.secrets.sso.auth_key; + authentication_key = { + _secret = cfg.sso.authKeyFile; + }; }; login = { @@ -293,19 +340,21 @@ in providers = { simple = let - applyUsers = lib.flip lib.mapAttrs config.my.secrets.sso.users; + applyUsers = lib.flip lib.mapAttrs cfg.sso.users; in { - users = applyUsers (_: v: v.passwordHash); + users = applyUsers (_: v: { _secret = v.passwordHashFile; }); mfa = applyUsers (_: v: [{ provider = "totp"; attributes = { - secret = v.totpSecret; + secret = { + _secret = v.totpSecretFile; + }; }; }]); - inherit (config.my.secrets.sso) groups; + inherit (cfg.sso) groups; }; }; From 1c0d671fffc1d553f703a6cd5963ecb21e14098f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 12:49:08 +0200 Subject: [PATCH 343/654] machines: porthos: services: switch to agenix The prep-work should be done now, time to hit the switch. --- machines/porthos/default.nix | 1 + machines/porthos/secrets.nix | 8 ++++ machines/porthos/services.nix | 75 ++++++++--------------------------- 3 files changed, 26 insertions(+), 58 deletions(-) create mode 100644 machines/porthos/secrets.nix diff --git a/machines/porthos/default.nix b/machines/porthos/default.nix index abfc01a..eb9f207 100644 --- a/machines/porthos/default.nix +++ b/machines/porthos/default.nix @@ -6,6 +6,7 @@ ./boot.nix ./hardware.nix ./networking.nix + ./secrets.nix ./services.nix ./users.nix ]; diff --git a/machines/porthos/secrets.nix b/machines/porthos/secrets.nix new file mode 100644 index 0000000..d89a917 --- /dev/null +++ b/machines/porthos/secrets.nix @@ -0,0 +1,8 @@ +# Secrets configuration +{ ... }: +{ + config.age.secrets = { + # Must be readable by the service + "nextcloud/password".owner = "nextcloud"; + }; +} diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 02ae69e..b03977d 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -1,7 +1,7 @@ # Deployed services { config, ... }: let - my = config.my; + secrets = config.age.secrets; in { # List services that you want to enable: @@ -19,11 +19,8 @@ in OnActiveSec = "6h"; OnUnitActiveSec = "6h"; }; - # Insecure, I don't care. - passwordFile = - builtins.toFile "password.txt" my.secrets.backup.password; - credentialsFile = - builtins.toFile "creds.env" my.secrets.backup.credentials; + passwordFile = secrets."backup/password".path; + credentialsFile = secrets."backup/credentials".path; }; # My blog and related hosts blog.enable = true; @@ -34,11 +31,8 @@ in drone = { enable = true; runners = [ "docker" "exec" ]; - # Insecure, I don't care. - secretFile = - builtins.toFile "gitea.env" my.secrets.drone.gitea; - sharedSecretFile = - builtins.toFile "rpc.env" my.secrets.drone.secret; + secretFile = secrets."drone/gitea".path; + sharedSecretFile = secrets."drone/secret".path; }; # Flood UI for transmission flood = { @@ -56,41 +50,24 @@ in # Gitea mirrorig service lohr = { enable = true; - sharedSecretFile = - let - content = "LOHR_SECRET=${my.secrets.lohr.secret}"; - in - builtins.toFile "lohr-secret.env" content; + sharedSecretFile = secrets."lohr/secret".path; }; # Matrix backend and Element chat front-end matrix = { enable = true; - mailConfigFile = builtins.toFile "matrix-mail.yaml" '' - email: - smtp_host: "smtp.migadu.com" - smtp_port: 587 - smtp_user: "${my.secrets.matrix.mail.username}" - smtp_pass: "${my.secrets.matrix.mail.password}" - notif_from: "${my.secrets.matrix.mail.notifFrom}" - # Refuse to connect unless the server supports STARTTLS. - require_transport_security: true - ''; + mailConfigFile = secrets."matrix/mail".path; # Only necessary when doing the initial registration # secret = "change-me"; }; miniflux = { enable = true; - credentialsFiles = builtins.toFile "miniflux-creds.txt" '' - ADMIN_USERNAME=Ambroisie - ADMIN_PASSWORD=${my.secrets.miniflux.password} - ''; + credentialsFiles = secrets."miniflux/credentials".path; }; # Various monitoring dashboards monitoring = { enable = true; grafana = { - passwordFile = - builtins.toFile "grafana.txt" my.secrets.monitoring.password; # Insecure, I don't care + passwordFile = secrets."monitoring/password".path; }; }; # FLOSS music streaming server @@ -101,24 +78,19 @@ in # Nextcloud self-hosted cloud nextcloud = { enable = true; - passwordFile = - builtins.toFile "nextcloud-pass.txt" my.secrets.nextcloud.password; + passwordFile = secrets."nextcloud/password".path; }; nginx = { enable = true; acme = { - credentialsFile = builtins.toFile "gandi-key.env" my.secrets.acme.key; + credentialsFile = secrets."acme/dns-key".path; }; sso = { authKeyFile = secrets."sso/auth-key".path; users = { ambroisie = { - passwordHashFile = builtins.toFile - "ambroisie-sso-pass.txt" - my.secrets.sso.ambroisie.passwordHash; - totpSecretFile = builtins.toFile - "ambroisie-sso-totp.txt" - my.secrets.sso.ambroisie.totpSecret; + passwordHashFile = secrets."sso/ambroisie/password-hash".path; + totpSecretFile = secrets."sso/ambroisie/totp-secret".path; }; }; groups = { @@ -129,23 +101,15 @@ in paperless = { enable = true; documentPath = "/data/media/paperless"; - # Insecure, I don't care - passwordFile = - builtins.toFile "paperless.env" my.secrets.paperless.password; - secretKeyFile = builtins.toFile "paperless-key.env" '' - PAPERLESS_SECRET_KEY=${my.secrets.paperless.secretKey} - ''; + passwordFile = secrets."paperless/password".path; + secretKeyFile = secrets."paperless/secret-key".path; }; # The whole *arr software suite pirate.enable = true; # Podcast automatic downloader podgrab = { enable = true; - passwordFile = - let - contents = "PASSWORD=${my.secrets.podgrab.password}"; - in - builtins.toFile "podgrab.env" contents; + passwordFile = secrets."podgrab/password".path; port = 9598; }; # Regular backups @@ -161,12 +125,7 @@ in # Torrent client and webui transmission = { enable = true; - credentialsFile = builtins.toFile "transmission-creds.txt" '' - { - "rpc-username": "Ambroisie", - "rpc-password": "${my.secrets.transmission.password}" - } - ''; + credentialsFile = secrets."transmission/credentials".path; }; # Simple, in-kernel VPN wireguard = { From e962d4c574dee34531e3b936b2ca5042d1aada4c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 16:01:41 +0200 Subject: [PATCH 344/654] modules: services: nginx: sso: use runtime secrets --- modules/services/nginx/default.nix | 4 ++ modules/services/nginx/sso/default.nix | 89 ++++++++++++++++++++++++++ 2 files changed, 93 insertions(+) create mode 100644 modules/services/nginx/sso/default.nix diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index d5d8b31..492f6c8 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -57,6 +57,10 @@ let }; in { + imports = [ + ./sso + ]; + options.my.services.nginx = with lib; { enable = mkEnableOption "Nginx"; diff --git a/modules/services/nginx/sso/default.nix b/modules/services/nginx/sso/default.nix new file mode 100644 index 0000000..987e926 --- /dev/null +++ b/modules/services/nginx/sso/default.nix @@ -0,0 +1,89 @@ +# I must override the module to allow having runtime secrets +{ config, lib, pkgs, utils, ... }: +let + cfg = config.services.nginx.sso; + pkg = lib.getBin cfg.package; + confPath = "/var/lib/nginx-sso/config.json"; +in +{ + disabledModules = [ "services/security/nginx-sso.nix" ]; + + + options.services.nginx.sso = with lib; { + enable = mkEnableOption "nginx-sso service"; + + package = mkOption { + type = types.package; + default = pkgs.nginx-sso; + defaultText = "pkgs.nginx-sso"; + description = '' + The nginx-sso package that should be used. + ''; + }; + + configuration = mkOption { + type = types.attrsOf types.unspecified; + default = { }; + example = literalExample '' + { + listen = { addr = "127.0.0.1"; port = 8080; }; + + providers.token.tokens = { + myuser = "MyToken"; + }; + + acl = { + rule_sets = [ + { + rules = [ { field = "x-application"; equals = "MyApp"; } ]; + allow = [ "myuser" ]; + } + ]; + }; + } + ''; + description = '' + nginx-sso configuration + (documentation) + as a Nix attribute set. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.nginx-sso = { + description = "Nginx SSO Backend"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + StateDirectory = "nginx-sso"; + WorkingDirectory = "/var/lib/nginx-sso"; + # The files to be merged might not have the correct permissions + ExecStartPre = ''+${pkgs.writeScript "merge-nginx-sso-config" '' + #!${pkgs.bash}/bin/bash + ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} + + # Fix permissions + chown nginx-sso:nginx-sso ${confPath} + chmod 0600 ${confPath} + '' + }''; + ExecStart = lib.mkForce '' + ${pkg}/bin/nginx-sso \ + --config ${confPath} \ + --frontend-dir ${pkg}/share/frontend + ''; + Restart = "always"; + User = "nginx-sso"; + Group = "nginx-sso"; + }; + }; + + users.users.nginx-sso = { + isSystemUser = true; + group = "nginx-sso"; + }; + + users.groups.nginx-sso = { }; + }; +} From 738d1760c33fb1fd72e18a4230bc715ba93f6c52 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 16:36:57 +0200 Subject: [PATCH 345/654] secrets: remove git-crypt secrets --- secrets/.gitattributes | 5 -- secrets/acme/key.env | Bin 63 -> 0 bytes secrets/backup/credentials.env | Bin 109 -> 0 bytes secrets/backup/password.txt | Bin 33 -> 0 bytes secrets/canary | Bin 32 -> 0 bytes secrets/default.nix | 75 +----------------------- secrets/drone/gitea.env | Bin 196 -> 0 bytes secrets/drone/secret.env | Bin 72 -> 0 bytes secrets/drone/ssh/key | Bin 3403 -> 0 bytes secrets/lohr/secret.txt | Bin 55 -> 0 bytes secrets/matrix/mail.nix | Bin 179 -> 0 bytes secrets/matrix/secret.txt | Bin 55 -> 0 bytes secrets/miniflux/password.txt | Bin 55 -> 0 bytes secrets/monitoring/password.txt | Bin 55 -> 0 bytes secrets/nextcloud/password.txt | Bin 55 -> 0 bytes secrets/paperless/password.txt | Bin 55 -> 0 bytes secrets/paperless/secretKey.txt | Bin 87 -> 0 bytes secrets/podgrab/password.txt | Bin 55 -> 0 bytes secrets/sso/.gitattributes | 1 - secrets/sso/ambroisie/password-hash.txt | Bin 83 -> 0 bytes secrets/sso/ambroisie/totp-secret.txt | Bin 75 -> 0 bytes secrets/sso/auth-key.txt | Bin 151 -> 0 bytes secrets/transmission/password.txt | Bin 55 -> 0 bytes secrets/users/ambroisie/password.txt | Bin 124 -> 0 bytes secrets/users/root/password.txt | Bin 126 -> 0 bytes secrets/wireguard/.gitattributes | 2 - secrets/wireguard/aramis/public.key | Bin 67 -> 0 bytes secrets/wireguard/aramis/secret.key | Bin 67 -> 0 bytes secrets/wireguard/porthos/public.key | Bin 67 -> 0 bytes secrets/wireguard/porthos/secret.key | Bin 67 -> 0 bytes secrets/wireguard/richelieu/public.key | Bin 67 -> 0 bytes secrets/wireguard/richelieu/secret.key | Bin 67 -> 0 bytes 32 files changed, 1 insertion(+), 82 deletions(-) delete mode 100644 secrets/.gitattributes delete mode 100644 secrets/acme/key.env delete mode 100644 secrets/backup/credentials.env delete mode 100644 secrets/backup/password.txt delete mode 100644 secrets/canary delete mode 100644 secrets/drone/gitea.env delete mode 100644 secrets/drone/secret.env delete mode 100644 secrets/drone/ssh/key delete mode 100644 secrets/lohr/secret.txt delete mode 100644 secrets/matrix/mail.nix delete mode 100644 secrets/matrix/secret.txt delete mode 100644 secrets/miniflux/password.txt delete mode 100644 secrets/monitoring/password.txt delete mode 100644 secrets/nextcloud/password.txt delete mode 100644 secrets/paperless/password.txt delete mode 100644 secrets/paperless/secretKey.txt delete mode 100644 secrets/podgrab/password.txt delete mode 100644 secrets/sso/.gitattributes delete mode 100644 secrets/sso/ambroisie/password-hash.txt delete mode 100644 secrets/sso/ambroisie/totp-secret.txt delete mode 100644 secrets/sso/auth-key.txt delete mode 100644 secrets/transmission/password.txt delete mode 100644 secrets/users/ambroisie/password.txt delete mode 100644 secrets/users/root/password.txt delete mode 100644 secrets/wireguard/.gitattributes delete mode 100644 secrets/wireguard/aramis/public.key delete mode 100644 secrets/wireguard/aramis/secret.key delete mode 100644 secrets/wireguard/porthos/public.key delete mode 100644 secrets/wireguard/porthos/secret.key delete mode 100644 secrets/wireguard/richelieu/public.key delete mode 100644 secrets/wireguard/richelieu/secret.key diff --git a/secrets/.gitattributes b/secrets/.gitattributes deleted file mode 100644 index 7ca9979..0000000 --- a/secrets/.gitattributes +++ /dev/null @@ -1,5 +0,0 @@ -* filter=git-crypt diff=git-crypt -.gitattributes !filter !diff -/default.nix !filter !diff -/secrets.nix !filter !diff -*.age !filter !diff diff --git a/secrets/acme/key.env b/secrets/acme/key.env deleted file mode 100644 index 061d6c1a28d951665652cbe732117438e6b119c6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 63 zcmZQ@_Y83kiVO&0xVd9yV${FzDQ{;KmOlT)uz$AC{5KB9rVe@&cmy+kzP=x`uzAC; V_Dx?CzU<+guivWD(#)MW1pul+9+vAet7ydcx8*P}H&~@d__b(x5(v3ZoFLX1tMBkcRJC!pssnh?_^}Dh2 SQi@g|e|l$T)su|!OC13C4LULa diff --git a/secrets/backup/password.txt b/secrets/backup/password.txt deleted file mode 100644 index a8f640cfd4cfb5b37e92b6aa640c4a80dea6f76d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 33 pcmZQ@_Y83kiVO&0xb!;d=#D1+9gjCI*6pgR-?nYZ4T%TkkpS_J5ElRd diff --git a/secrets/canary b/secrets/canary deleted file mode 100644 index e910ea3aafe746337b1ea57a9ff37d62d58d350f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 32 ocmZQ@_Y83kiVO&0c*b>ed6DJsmgBoNPv87j#HqYCqGs6~0N0cb+yDRo diff --git a/secrets/default.nix b/secrets/default.nix index ed7cae5..3d13588 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -1,35 +1,11 @@ { inputs, lib, options, ... }: with lib; -let - throwOnCanary = - let - canaryHash = builtins.hashFile "sha256" ./canary; - expectedHash = - "9df8c065663197b5a1095122d48e140d3677d860343256abd5ab6e4fb4c696ab"; - in - if canaryHash != expectedHash - then throw "Secrets are not readable. Have you run `git-crypt unlock`?" - else id; -in -throwOnCanary { +{ imports = [ inputs.agenix.nixosModules.age ]; - options.my.secrets = mkOption { - type = - let - valueType = with types; oneOf [ - int - str - (attrsOf valueType) - (listOf valueType) - ]; - in - valueType; - }; - config.age = { secrets = let @@ -48,53 +24,4 @@ throwOnCanary { "/home/ambroisie/.ssh/id_ed25519" ]; }; - - config.my.secrets = { - acme.key = fileContents ./acme/key.env; - - backup = { - password = fileContents ./backup/password.txt; - credentials = readFile ./backup/credentials.env; - }; - - drone = { - gitea = readFile ./drone/gitea.env; - secret = readFile ./drone/secret.env; - ssh = { - publicKey = readFile ./drone/ssh/key.pub; - privateKey = readFile ./drone/ssh/key; - }; - }; - - lohr.secret = fileContents ./lohr/secret.txt; - - matrix = { - mail = import ./matrix/mail.nix; - secret = fileContents ./matrix/secret.txt; - }; - - miniflux.password = fileContents ./miniflux/password.txt; - - monitoring.password = fileContents ./monitoring/password.txt; - - nextcloud.password = fileContents ./nextcloud/password.txt; - - paperless = { - password = fileContents ./paperless/password.txt; - secretKey = fileContents ./paperless/secretKey.txt; - }; - - podgrab.password = fileContents ./podgrab/password.txt; - - sso = import ./sso { inherit lib; }; - - transmission.password = fileContents ./transmission/password.txt; - - users = { - ambroisie.hashedPassword = fileContents ./users/ambroisie/password.txt; - root.hashedPassword = fileContents ./users/root/password.txt; - }; - - wireguard = import ./wireguard { inherit lib; }; - }; } diff --git a/secrets/drone/gitea.env b/secrets/drone/gitea.env deleted file mode 100644 index 82b190c91a7f090594286b2f85ee047bc4833ff9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 196 zcmZQ@_Y83kiVO&0U=mz@$Jtpat?kFFUvJ;8zULq(B3Kv^d`*=CsZ1{|SOWRumk+HRopG+%*cm)8r@DyqXkYpThpdNoC!n$>PP;@ypii z|M6niv4=aJ{Hoa<> HHy;83)&pcM diff --git a/secrets/drone/secret.env b/secrets/drone/secret.env deleted file mode 100644 index 647d161341e74453881d47e0435e73c556ea0ca5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 72 zcmZQ@_Y83kiVO&0(9O?xEl>R_P+BWg`6S`+mWZlL@$+JtT8>3cw|Zk}rB>C?>!Z)G cGLpZ)r0-z9RZCZf;ELIqIvV~)+HL`-0PedS0ssI2 diff --git a/secrets/drone/ssh/key b/secrets/drone/ssh/key deleted file mode 100644 index 1b70a143467e0ec4b458a5ec2696ae7f5ee66575..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3403 zcmZQ@_Y83kiVO&05Z5>+%D=^~X8P7v>p#9y@50-b{aCrN{;$(iP9MIK1FakFByD!u z-I6)J^XUHlOHyY|^zp1W`orD+ar1%JKYjBw&B7n4UD%{%@Z)*dIv$7k1E1eskM2A7 zGxtNp946~$S-(q9|C~H;*`H=l3%kz74f*#pydCznd=?d`{?*d{Tv;Wj=whY zk+V0)`-HzQ5s6(SIP33ixuC;xoPAk3mnJOyF^z5Ux7v~;XDmOqY_E8B_5L-t#J|^` zDg5RST44L+z~7IX{34sabg)W3%izDx$FcjpMDD{WY_*>Jd-hMXD4VY7I>E*uX~p^* zJgtHr1yY|*`XnT&c>jN-(zM8jUvBUAl@~MfWxj{kU){s7Gp8tZmeUL2r$vn+#}6oE z+qEm??lrvq_^@n8P|OVn?Qb4@YFEl$*Q_!A=Djp$Wzpq1!SQqS|L-`Z^`4ElHZH$Z z@Bcxs8zu>pYu-4!x99ZzI-1_m<-FNmanlp`vwnFw(;U~zSp7d(wm$gSL%rm<-Jhfw z|HQ{kR`?_Frl5E|yWEC5K~n{ldfrF2g!m`Ucyja;Y@9a53x578} zY`s5|vA0y+u_(`L<>c!4lmBBEFDU$T()yb6hi9|zM)i8Ne~n1ZUo_QYUVZCdCHKg0 z^Fn|53qG(~bHw{}ZREwfofjvuAFjLAu{BLz=lmRg*|6B9%u9;4#}Y3@wK*Bl;*QJNS|O;-s|P_;9lPDN2kNJA}p9n66zD~?3c9Lku`J0iVbUz zFdwly(7x;ySMlvGA7R1UQVY%*f1DUybnIwS_4P#We3sX`J>45N9)BL(nBZ+Jlo=oq zu-;R?Zt3o)7iEro|Ch9q_uG>r({9)Ku(69cy!~9VW^Imv$E_Qa88$I1E|roEVOxF9 znfKRgLq*F^7hf4|eD#GR{VmHy^yVT(JO)*n_$@k-?>h8N~b}P8&=x5Jp zTal__@~pU${j1ZDRh$>68ZgBW2yYul*qn(UA8+9`i-Y1;Ax9L^xo5L!(dvX@O z{A`oq=P;>#>az$ro~P+jf?I7Y9v0i7 zR}>1d9a$`~zR`c3aCn?i+S0p>%lM_#_&*nGd|br6$Vum%(Hhl~8^^WRa?VNqaB1?^ z7m=n)8zVS7etU@ZrMqua+gty!;gs;9*Nat@{NBCg*pTkCJ^ZZns^s%ICl@4axqVk| z%0Ca$LngnX?`-~e;Fj^^kcS&zUllo9n=ER4%IrwRKE|4M$GX;1?`J`47oN0F<4=!1 znK_gDZ{_NfpL!;r35pK=zogRSvu~n>vB!pg8*Z36W+aFRxExyeJwR(W*H`f>*FAav zc@8!4`%O=lGq4IacK;>nemU0oWm1aGVe#4v%=-Tq3U7TXzvF?4#sMh}YsN`|l zJeynUsaA3#Pr2b2d+}fGh1QpLJWeultvt#V|9Rzu4cw3SewqA8?fI-trRGH&o=waQ zef@Qp^Oij2ZId&Y-hNr9?7F#Kc+rwGt~w7dzt^A5FI=!@M^g*iLc4;mpYBUV`IIVL z+G5DK%JW{imB`c8);d>1nK^8E_NqTMIP?9>k9u|e)HSM;Dpnmn`71Ha(eUW> zwOeK@lqTeP$N&CsoYcEw`*vxA1&SupEf;Eju2iZ$cjo)`Z;gfSx1V>hecWzwSAK%; zc1g~@51iNZXS=*y;qr94lg_p4C&e;W_=qJp+FzJ2da6pF<-na{2K{R>=^L&d77v;o zy(QCe^@8ocOpEW&e4O*KHEBX`^0~d&ExGMoI5d5(pF1ZkbVwooZi<2Zp5KSugBbR* zow(rK=Aco{Q?8=ClI6Z#OgcK%yK9gW~cuMoucb_b72ds6seIa~fX5Es?1vk&1KEE>TMeDX0+fV0h z3^q<%mi_bG+{2Y8Pkm9zR%p=Ip$MDH&VN-C%D`VQh#!aee8e4F|bDZ%J#7_-T?J&ido>l?o^8 znc`I+>I6bN-?TqTz5S=hc7p5EYiqR=v_&fqy|uSbN|iE7lIJeE<-_-4sn40~+n(*d zW~h6&Yt@sN?I#Q7wS0QB@WsSy`PthKee{1<=@@qAOIsq#qL)=wE8i}u+?7^TR>8OM zkD|Eahx4Dr+m2YgYSp&f_V$+P_q8jXrZqJGNKfW)H-5Kt?a2pTA15E4A>}x>P zu~|*i`n4bT)Sgk>taETm(}$$jOL!*lRm|wWAZ4^ZVg3r=i*Mbn+JdFO{I$+F@Xz$a z)(H%oAM7|U@ixZY_2@LW*55&4NgF?j9^_jRxPJ4;9YJ4ihB5kU@}_Q`XWen$(!F!L zmWkl`E4OiZ0D#x%m4S=BT7d) z_sP8UYdIIRPU`I3f5_cog<#(22EkCb3BmqtvLAX4_UxNnw!nH;(i4B(^;4FoY4vF3 z?UB;bI@q#amf>#G{q}uJ9e*@TNUh{BN|kLZmbz2_|7(?*>&v)=W0`X~7pvOKW-nVX zL!?@_$~;lrN28!~)vT8{9x(lPtdx)t=_>LT*FWXM6dTDlf91k&S8xCMuAjeVnN*sb z7Tf3NQi{eN+y`yE0z6t2^scP^QGKRz(Y6IMPR!>I@|m-@C{SMFz8U95-(`^(ISw5- z+8R)v)94jbk>2{ynz1tQJx9p8`LEYie4lNR&2{TY_X(LDc`x`igcq9T7FrZr*Z6+v zKD6szo^tEQ{eO~fteTp>+R*Z4tVivk$=^$pY#63`n*}BX z9(tOxWm0F+{Etfx-jC?k+U4`|^pbZ`mlrkKPxjuTnX{VX>oxstA-^Y2k-NU1!TZm~ zWA;uH&;8vqt%^;2zFAHg-^{1l(cYffGVV_u_-|=k_;%{oyT#rD*DTDZ$dzh;e5Vv? zXvS@H;L^=!D>iQGuJGSsDp>QLb!|)frLse7%Vyj;z~oq7p|SW+vctkkiyf~`|LUB4 z$G#!3%kOOV>R+4Z*k_5&-08d^QT~ieK+4muvST(LYj`e%Jv2%@{_x}eX04TT_b4-+ zSg}GU`hmaq;$>@gNys}r(r|sgX^vvs+L%clw-r`uYyK^oX3lxLxb$1famGZ|e@C6S z_MMmQU%%%vQ~4A}73PWOjMWzH?~DFfc>YyzBkTHmE1IY4-u84zS$*uh<2=_35APZs z(0`eII{Au8+SKzeBOV@}xO|Jw`Ex5S@JMAY-Vj|`960BLb%JHq!)cI5#|yo5nVAxn;wxZGsWEo>u98xW=`A^{ltbk=uEq O{Z?3fzU_0us}=yIE4YsU diff --git a/secrets/lohr/secret.txt b/secrets/lohr/secret.txt deleted file mode 100644 index cbc3a26bff029c14b36638ae38659c561efb0c4e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQ@_Y83kiVO&0h-8%c^FrB5!CitUIcMt$jj9hyH?r4qN<=Y~SIm*@$o>+4RQu8Q MU5}3x=|)=s03GQTY5)KL diff --git a/secrets/matrix/mail.nix b/secrets/matrix/mail.nix deleted file mode 100644 index 333f8b2aa31ee5f82ae1072b0e2a84aa5616fa8a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 179 zcmZQ@_Y83kiVO&0I4;eqE+@4AA3HVOMDeN{!Z|d n#GV7DtZVFx{B+-mDm+|J%xRa+_eA}PzUP8@2Y*;ipSv6Y(gjlV diff --git a/secrets/matrix/secret.txt b/secrets/matrix/secret.txt deleted file mode 100644 index ce6473097f692e7cf3cdfb3e2ae76ccdf5f5c5ad..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQ@_Y83kiVO&0Sfp%z|AL>C>6~W^9!R-(Exebr{*L>v6G@rp&m}jqbsgrMeaOuu M!f>aYK*yCx0E*xki~s-t diff --git a/secrets/miniflux/password.txt b/secrets/miniflux/password.txt deleted file mode 100644 index 482d1b77424776545ed2c59d4bdea45581ec306c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQ@_Y83kiVO&0csGs3v0~}%g*hS9+4VJ~o}T?((RynE_s7JgE?cB8iELc;*}>NR MRFQdJC&Ru+0Drs~;{X5v diff --git a/secrets/monitoring/password.txt b/secrets/monitoring/password.txt deleted file mode 100644 index 98d0972e616531b77412a557d98029f6ea66be2c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQ@_Y83kiVO&0@VY)J{Oq~qYyOw9U0L+}U)G-V!(1%aUEiOtv=frPWyTazJax)0 M!|Yt0AB?dt^fc4 diff --git a/secrets/paperless/password.txt b/secrets/paperless/password.txt deleted file mode 100644 index 5e2cb81f855fcb4517cbd1f6ee8adb9b268574d0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 55 zcmZQ@_Y83kiVO&0h}b1>v7hDrDYtK@-)r)9asBQ8<#yiZbkUJ{rUh=_Qtl^Z%YD0h M|F4v7G20q90H7)wBLDyZ diff --git a/secrets/paperless/secretKey.txt b/secrets/paperless/secretKey.txt deleted file mode 100644 index fe31bc4999a48ec5a37340217454c558fb360041..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 87 zcmZQ@_Y83kiVO&0aMfD6P4Vn^t+S8fUVr}knLjkQEB_u(4g2krpWZXcc{O)w*)nk% uAJlsim9ukkx0d^(%CL)WXE$4}Ge{|3wBYH_w>oG33$$Hh@HDCReE#Dbp^FJF0%WZi5(NorN i<1gKBc5fmS{Zf}WC!ew0x#iu_PsJhsGUM*QHvs@n^Cr>& diff --git a/secrets/sso/auth-key.txt b/secrets/sso/auth-key.txt deleted file mode 100644 index 785d8d0f92f43a3dfa95dd856655a33beb176a20..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 151 zcmZQ@_Y83kiVO&0nETx9_6DP~zyD=$CBJ*{*f)!L&+Ibw1DiideehSh?)j`t_{(+y zj-I5Cmpfc$+Hih6!SwOhso#28?=MU_y3JRsek->ekDE^5%y%cI+x#ec)g)SSRLEn6 zC#%?Rw?`HVdLDb{h|YH07_FA4FCWD diff --git a/secrets/users/ambroisie/password.txt b/secrets/users/ambroisie/password.txt deleted file mode 100644 index 65fbdfb1aae3c1e3179762bdc36d446ba6787933..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 124 zcmZQ@_Y83kiVO&0xYt;D%JGO7;|6XRuzx9$);cR5>zLz{9iI1o7^HrBJm-EGk za^~GQ@OR#{jc*kf-Q2((^W)2#uJ1<ptF`~UH j<{~{62~$6~PFZ8E+A_7vG-{2@rP_|ybA>{u)u{jglX*F6 diff --git a/secrets/wireguard/.gitattributes b/secrets/wireguard/.gitattributes deleted file mode 100644 index 714f3f9..0000000 --- a/secrets/wireguard/.gitattributes +++ /dev/null @@ -1,2 +0,0 @@ -/default.nix filter diff -public-key.txt filter diff diff --git a/secrets/wireguard/aramis/public.key b/secrets/wireguard/aramis/public.key deleted file mode 100644 index 892536e4f0622789432144051f670bbf845863a6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 67 zcmZQ@_Y83kiVO&0P?jz9wq{n1nw-vY#A176W#OzihM=4`J+YHn%?#t#M!j%(Y)Lx diff --git a/secrets/wireguard/porthos/public.key b/secrets/wireguard/porthos/public.key deleted file mode 100644 index d89e768ff898ea673775ff0576b9df2d74be3a66..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 67 zcmZQ@_Y83kiVO&0VB)^;Pb05ECg#cF4U^u@S5QdUEMFJgxA^d3ghA1RWU8^aMk6y Ze-pRPKezhNCu_szBm4B$+N^r_9RRQ=AMF4D diff --git a/secrets/wireguard/richelieu/public.key b/secrets/wireguard/richelieu/public.key deleted file mode 100644 index 2ad8bbcb12a80a9ff44598fe70522a5439d0f6ab..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 67 zcmZQ@_Y83kiVO&0m{L_gd58KzX+{1AH%^>ky17@jp{S$m?5gvHyE_)EzU9A~nB(GB Z(j#yrS#Qy~EsLhEpW)iwSS;7O4FKp6ABg|} diff --git a/secrets/wireguard/richelieu/secret.key b/secrets/wireguard/richelieu/secret.key deleted file mode 100644 index 8b351b6530f2a4aa28057c2747451566e6f71401..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 67 zcmZQ@_Y83kiVO&0c(rfNY!lX{&!Uabu&IWKMuoaGc~@pnv)pVx&B8;$oYQepP(1l-52r+%%l~%M=en)2*v0bz07?uQ_y7O^ From 167db81c6c1f21c9e7905b9f7ba93944818674f9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 16:37:33 +0200 Subject: [PATCH 346/654] secrets: remove git-crypt --- .git-crypt/.gitattributes | 4 ---- .../06B6C818917564FD1014DD342E4F270130BBF854.gpg | Bin 725 -> 0 bytes 2 files changed, 4 deletions(-) delete mode 100644 .git-crypt/.gitattributes delete mode 100644 .git-crypt/keys/default/0/06B6C818917564FD1014DD342E4F270130BBF854.gpg diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes deleted file mode 100644 index 665b10e..0000000 --- a/.git-crypt/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -# Do not edit this file. To specify the files to encrypt, create your own -# .gitattributes file in the directory where your files are. -* !filter !diff -*.gpg binary diff --git a/.git-crypt/keys/default/0/06B6C818917564FD1014DD342E4F270130BBF854.gpg b/.git-crypt/keys/default/0/06B6C818917564FD1014DD342E4F270130BBF854.gpg deleted file mode 100644 index c941bd55553ec74224c97ae8584a4da5a8473a0a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 725 zcmZo=;$hZVpJG*A_*avW|F7u5qRM3#BTfgtdcWl{)6b9GWr?3RJnrWSxuiIoCEF#b z=)A*+1&g_FE8Y3L`?fw~sIza=>lrI-6xle#Vy5j+Px!E9)8qG*W!I0tRQEdC=qk@! zeZw(I+WO>Fv2PW%d&QmoYi37k*%T#gYuma}pWTelA+q+7f#i;y{;kqG=kLh5R@$TS za&f8tT)wKOdt}W%s_4&pq`7Q)Y2U#^53-Ee`6q`hQJmmbF>?mf{RglA*GKctDL5rn zR=c=1-(x@j--YRh%u)}HCK(z!*4i2cy)ZbM^df8_+vLr!_OV=;p|I1VgyTbe)9Xo5 zw;Lu$)V=#}Hf4KO?E}U47CoQWNVsfW$#eSp$;9~|r>|{Gk#I6&TX`%^qbhphM8ldx z+r@&)!$dZUJJ08PB++>&;OgD*#bLK!tA+~o=?d=pk{rD?atD*_q2I|IVPCSQe@x1dXW!ARv%RKy@w<*k4~{hI{=Ave|LwH53p?9 z)62Mkr7`2;+L>Bav*g1cHeOvYPtwT$-s;;@KmI*e$&C7ZWJyV6<)dHM%r?(azu4CM z>-C&_jvpUPn<;hj;j9wH%5#5}{4GI{R? zr^eI1>n&D?8I=3nd~rj&T;TVCGBzMWkyOjZBV0cOS*J3B9AO}XmF zb}nzt{xijME-$n?+Pm%clj4(M|KeYE9xp!|?l9%%vCyqvofZWp*9G?%ZLj>MZ}Mlc z&W}dJs0SWa>MQ&OKm0sr{PUhtYrHkXbir4z*Re0-pUkxTU&N*c>1!3%jo$uAeLK#t z*1WUp)){{@<`2)_x%_#cdi0K%T4CYyB;mlS<^?{IzhnL{3*7AUh>br;aDmFL`B%1I t@f0dLvA<^J9WDRAhjta3zP)uN^{i~`0@K{qp2oe$^|R)AE Date: Sat, 25 Sep 2021 16:38:00 +0200 Subject: [PATCH 347/654] flake: remove 'git-crypt' --- flake.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/flake.nix b/flake.nix index 84186e0..12d7ca8 100644 --- a/flake.nix +++ b/flake.nix @@ -130,7 +130,6 @@ name = "NixOS-config"; nativeBuildInputs = with pkgs; [ - git-crypt gitAndTools.pre-commit gnupg nixpkgs-fmt From 2cc13dddb51e50a46f17e0d64e2d072e6e9c8d93 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 17:04:42 +0200 Subject: [PATCH 348/654] ci: use 'nix flake check' Now that I am using agenix, secrets stays encrypted at rest. --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 9c5d85d..b192230 100644 --- a/.drone.yml +++ b/.drone.yml @@ -4,9 +4,9 @@ type: exec name: NixOS config check steps: -- name: format check +- name: nix flake check commands: - - nix develop -c nixpkgs-fmt . + - nix flake check - name: notifiy commands: From a62c0ad126758bbc88e8ee81e675ebcef0e00350 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 18:14:01 +0200 Subject: [PATCH 349/654] project: bootstrap: retrieve agenix key --- bootstrap.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/bootstrap.sh b/bootstrap.sh index 8f97c5e..df41c29 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -58,6 +58,8 @@ get_ssh() { get_doc "SysAdmin/SSH" "shared-key-public" "$HOME/.ssh/shared_rsa.pub" 644 get_doc "SysAdmin/SSH" "shared-key-private" "$HOME/.ssh/shared_rsa" 600 + get_doc "SysAdmin/SSH" "agenix-public" "$HOME/.ssh/id_ed25519.pub" 644 + get_doc "SysAdmin/SSH" "agenix-private" "$HOME/.ssh/id_ed25519" 600 } get_pgp() { From fec49560639abb3ea8aca78ce287b04aa8be981a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 18:15:40 +0200 Subject: [PATCH 350/654] secrets: move into 'modules' --- flake.nix | 2 -- modules/default.nix | 1 + {secrets => modules/secrets}/acme/dns-key.age | 0 {secrets => modules/secrets}/backup/credentials.age | 0 {secrets => modules/secrets}/backup/password.age | 0 {secrets => modules/secrets}/default.nix | 0 {secrets => modules/secrets}/drone/gitea.age | 0 {secrets => modules/secrets}/drone/secret.age | 0 .../secrets}/drone/ssh/private-key.age | Bin {secrets => modules/secrets}/lohr/secret.age | 0 {secrets => modules/secrets}/matrix/mail.age | 0 {secrets => modules/secrets}/matrix/secret.age | 0 .../secrets}/miniflux/credentials.age | Bin .../secrets}/monitoring/password.age | 0 {secrets => modules/secrets}/nextcloud/password.age | Bin {secrets => modules/secrets}/paperless/password.age | 0 .../secrets}/paperless/secret-key.age | 0 {secrets => modules/secrets}/podgrab/password.age | 0 {secrets => modules/secrets}/secrets.nix | 0 .../secrets}/sso/ambroisie/password-hash.age | Bin .../secrets}/sso/ambroisie/totp-secret.age | Bin {secrets => modules/secrets}/sso/auth-key.age | Bin {secrets => modules/secrets}/sso/default.nix | 0 .../secrets}/transmission/credentials.age | 0 .../secrets}/users/ambroisie/hashed-password.age | 0 .../secrets}/users/root/hashed-password.age | Bin .../secrets}/wireguard/aramis/private-key.age | Bin {secrets => modules/secrets}/wireguard/default.nix | 0 .../secrets}/wireguard/porthos/private-key.age | 0 .../secrets}/wireguard/richelieu/private-key.age | 0 30 files changed, 1 insertion(+), 2 deletions(-) rename {secrets => modules/secrets}/acme/dns-key.age (100%) rename {secrets => modules/secrets}/backup/credentials.age (100%) rename {secrets => modules/secrets}/backup/password.age (100%) rename {secrets => modules/secrets}/default.nix (100%) rename {secrets => modules/secrets}/drone/gitea.age (100%) rename {secrets => modules/secrets}/drone/secret.age (100%) rename {secrets => modules/secrets}/drone/ssh/private-key.age (100%) rename {secrets => modules/secrets}/lohr/secret.age (100%) rename {secrets => modules/secrets}/matrix/mail.age (100%) rename {secrets => modules/secrets}/matrix/secret.age (100%) rename {secrets => modules/secrets}/miniflux/credentials.age (100%) rename {secrets => modules/secrets}/monitoring/password.age (100%) rename {secrets => modules/secrets}/nextcloud/password.age (100%) rename {secrets => modules/secrets}/paperless/password.age (100%) rename {secrets => modules/secrets}/paperless/secret-key.age (100%) rename {secrets => modules/secrets}/podgrab/password.age (100%) rename {secrets => modules/secrets}/secrets.nix (100%) rename {secrets => modules/secrets}/sso/ambroisie/password-hash.age (100%) rename {secrets => modules/secrets}/sso/ambroisie/totp-secret.age (100%) rename {secrets => modules/secrets}/sso/auth-key.age (100%) rename {secrets => modules/secrets}/sso/default.nix (100%) rename {secrets => modules/secrets}/transmission/credentials.age (100%) rename {secrets => modules/secrets}/users/ambroisie/hashed-password.age (100%) rename {secrets => modules/secrets}/users/root/hashed-password.age (100%) rename {secrets => modules/secrets}/wireguard/aramis/private-key.age (100%) rename {secrets => modules/secrets}/wireguard/default.nix (100%) rename {secrets => modules/secrets}/wireguard/porthos/private-key.age (100%) rename {secrets => modules/secrets}/wireguard/richelieu/private-key.age (100%) diff --git a/flake.nix b/flake.nix index 12d7ca8..62a3a52 100644 --- a/flake.nix +++ b/flake.nix @@ -85,8 +85,6 @@ ./modules # Include bundles of settings ./profiles - # Include my secrets - ./secrets ]; buildHost = name: system: lib.nixosSystem { diff --git a/modules/default.nix b/modules/default.nix index d9b4ce2..2eaa2e6 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,6 +6,7 @@ ./hardware ./home ./programs + ./secrets ./services ./system ]; diff --git a/secrets/acme/dns-key.age b/modules/secrets/acme/dns-key.age similarity index 100% rename from secrets/acme/dns-key.age rename to modules/secrets/acme/dns-key.age diff --git a/secrets/backup/credentials.age b/modules/secrets/backup/credentials.age similarity index 100% rename from secrets/backup/credentials.age rename to modules/secrets/backup/credentials.age diff --git a/secrets/backup/password.age b/modules/secrets/backup/password.age similarity index 100% rename from secrets/backup/password.age rename to modules/secrets/backup/password.age diff --git a/secrets/default.nix b/modules/secrets/default.nix similarity index 100% rename from secrets/default.nix rename to modules/secrets/default.nix diff --git a/secrets/drone/gitea.age b/modules/secrets/drone/gitea.age similarity index 100% rename from secrets/drone/gitea.age rename to modules/secrets/drone/gitea.age diff --git a/secrets/drone/secret.age b/modules/secrets/drone/secret.age similarity index 100% rename from secrets/drone/secret.age rename to modules/secrets/drone/secret.age diff --git a/secrets/drone/ssh/private-key.age b/modules/secrets/drone/ssh/private-key.age similarity index 100% rename from secrets/drone/ssh/private-key.age rename to modules/secrets/drone/ssh/private-key.age diff --git a/secrets/lohr/secret.age b/modules/secrets/lohr/secret.age similarity index 100% rename from secrets/lohr/secret.age rename to modules/secrets/lohr/secret.age diff --git a/secrets/matrix/mail.age b/modules/secrets/matrix/mail.age similarity index 100% rename from secrets/matrix/mail.age rename to modules/secrets/matrix/mail.age diff --git a/secrets/matrix/secret.age b/modules/secrets/matrix/secret.age similarity index 100% rename from secrets/matrix/secret.age rename to modules/secrets/matrix/secret.age diff --git a/secrets/miniflux/credentials.age b/modules/secrets/miniflux/credentials.age similarity index 100% rename from secrets/miniflux/credentials.age rename to modules/secrets/miniflux/credentials.age diff --git a/secrets/monitoring/password.age b/modules/secrets/monitoring/password.age similarity index 100% rename from secrets/monitoring/password.age rename to modules/secrets/monitoring/password.age diff --git a/secrets/nextcloud/password.age b/modules/secrets/nextcloud/password.age similarity index 100% rename from secrets/nextcloud/password.age rename to modules/secrets/nextcloud/password.age diff --git a/secrets/paperless/password.age b/modules/secrets/paperless/password.age similarity index 100% rename from secrets/paperless/password.age rename to modules/secrets/paperless/password.age diff --git a/secrets/paperless/secret-key.age b/modules/secrets/paperless/secret-key.age similarity index 100% rename from secrets/paperless/secret-key.age rename to modules/secrets/paperless/secret-key.age diff --git a/secrets/podgrab/password.age b/modules/secrets/podgrab/password.age similarity index 100% rename from secrets/podgrab/password.age rename to modules/secrets/podgrab/password.age diff --git a/secrets/secrets.nix b/modules/secrets/secrets.nix similarity index 100% rename from secrets/secrets.nix rename to modules/secrets/secrets.nix diff --git a/secrets/sso/ambroisie/password-hash.age b/modules/secrets/sso/ambroisie/password-hash.age similarity index 100% rename from secrets/sso/ambroisie/password-hash.age rename to modules/secrets/sso/ambroisie/password-hash.age diff --git a/secrets/sso/ambroisie/totp-secret.age b/modules/secrets/sso/ambroisie/totp-secret.age similarity index 100% rename from secrets/sso/ambroisie/totp-secret.age rename to modules/secrets/sso/ambroisie/totp-secret.age diff --git a/secrets/sso/auth-key.age b/modules/secrets/sso/auth-key.age similarity index 100% rename from secrets/sso/auth-key.age rename to modules/secrets/sso/auth-key.age diff --git a/secrets/sso/default.nix b/modules/secrets/sso/default.nix similarity index 100% rename from secrets/sso/default.nix rename to modules/secrets/sso/default.nix diff --git a/secrets/transmission/credentials.age b/modules/secrets/transmission/credentials.age similarity index 100% rename from secrets/transmission/credentials.age rename to modules/secrets/transmission/credentials.age diff --git a/secrets/users/ambroisie/hashed-password.age b/modules/secrets/users/ambroisie/hashed-password.age similarity index 100% rename from secrets/users/ambroisie/hashed-password.age rename to modules/secrets/users/ambroisie/hashed-password.age diff --git a/secrets/users/root/hashed-password.age b/modules/secrets/users/root/hashed-password.age similarity index 100% rename from secrets/users/root/hashed-password.age rename to modules/secrets/users/root/hashed-password.age diff --git a/secrets/wireguard/aramis/private-key.age b/modules/secrets/wireguard/aramis/private-key.age similarity index 100% rename from secrets/wireguard/aramis/private-key.age rename to modules/secrets/wireguard/aramis/private-key.age diff --git a/secrets/wireguard/default.nix b/modules/secrets/wireguard/default.nix similarity index 100% rename from secrets/wireguard/default.nix rename to modules/secrets/wireguard/default.nix diff --git a/secrets/wireguard/porthos/private-key.age b/modules/secrets/wireguard/porthos/private-key.age similarity index 100% rename from secrets/wireguard/porthos/private-key.age rename to modules/secrets/wireguard/porthos/private-key.age diff --git a/secrets/wireguard/richelieu/private-key.age b/modules/secrets/wireguard/richelieu/private-key.age similarity index 100% rename from secrets/wireguard/richelieu/private-key.age rename to modules/secrets/wireguard/richelieu/private-key.age From 5f41bb164768ed12a974acf479d21d9f4420dc11 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 19:01:03 +0200 Subject: [PATCH 351/654] modules: secrets: remove 'with lib;' --- modules/secrets/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index 3d13588..62ed854 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -1,6 +1,5 @@ { inputs, lib, options, ... }: -with lib; { imports = [ inputs.agenix.nixosModules.age @@ -9,12 +8,12 @@ with lib; config.age = { secrets = let - toName = removeSuffix ".age"; + toName = lib.removeSuffix ".age"; toSecret = name: _: { file = ./. + "/${name}"; - owner = mkDefault "root"; + owner = lib.mkDefault "root"; }; - convertSecrets = n: v: nameValuePair (toName n) (toSecret n v); + convertSecrets = n: v: lib.nameValuePair (toName n) (toSecret n v); secrets = import ./secrets.nix; in lib.mapAttrs' convertSecrets secrets; From 30eaefc1d1ff8e1f081f436c3dcc733664f3d4fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 26 Sep 2021 19:19:35 +0200 Subject: [PATCH 352/654] modules: secrets: add 'owner' logic --- machines/porthos/default.nix | 1 - machines/porthos/secrets.nix | 8 -------- modules/secrets/default.nix | 9 ++++++--- modules/secrets/secrets.nix | 6 +++++- 4 files changed, 11 insertions(+), 13 deletions(-) delete mode 100644 machines/porthos/secrets.nix diff --git a/machines/porthos/default.nix b/machines/porthos/default.nix index eb9f207..abfc01a 100644 --- a/machines/porthos/default.nix +++ b/machines/porthos/default.nix @@ -6,7 +6,6 @@ ./boot.nix ./hardware.nix ./networking.nix - ./secrets.nix ./services.nix ./users.nix ]; diff --git a/machines/porthos/secrets.nix b/machines/porthos/secrets.nix deleted file mode 100644 index d89a917..0000000 --- a/machines/porthos/secrets.nix +++ /dev/null @@ -1,8 +0,0 @@ -# Secrets configuration -{ ... }: -{ - config.age.secrets = { - # Must be readable by the service - "nextcloud/password".owner = "nextcloud"; - }; -} diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index 62ed854..eb17892 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -1,4 +1,4 @@ -{ inputs, lib, options, ... }: +{ config, inputs, lib, options, ... }: { imports = [ @@ -9,9 +9,12 @@ secrets = let toName = lib.removeSuffix ".age"; - toSecret = name: _: { + userExists = u: builtins.hasAttr u config.users.users; + # Only set the user if it exists, to avoid warnings + userIfExists = u: if userExists u then u else "root"; + toSecret = name: { owner ? "root", ... }: { file = ./. + "/${name}"; - owner = lib.mkDefault "root"; + owner = lib.mkDefault (userIfExists owner); }; convertSecrets = n: v: lib.nameValuePair (toName n) (toSecret n v); secrets = import ./secrets.nix; diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index dcaa6d6..3737509 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -27,7 +27,11 @@ in "monitoring/password.age".publicKeys = all; - "nextcloud/password.age".publicKeys = all; + "nextcloud/password.age" = { + # Must be readable by the service + owner = "nextcloud"; + publicKeys = all; + }; "paperless/password.age".publicKeys = all; "paperless/secret-key.age".publicKeys = all; From 3201445c0880aaf056c57f76cee00c9c9460d027 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 26 Sep 2021 22:50:18 +0200 Subject: [PATCH 353/654] modules: secrets: fix permission of 'matrix/mail' --- modules/secrets/secrets.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 3737509..8ee9892 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -20,7 +20,10 @@ in "lohr/secret.age".publicKeys = all; - "matrix/mail.age".publicKeys = all; + "matrix/mail.age" = { + owner = "matrix-synapse"; + publicKeys = all; + }; "matrix/secret.age".publicKeys = all; "miniflux/credentials.age".publicKeys = all; From e8054965889e634163caebea41c507f640d4c268 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 26 Sep 2021 22:51:13 +0200 Subject: [PATCH 354/654] modules: secrets: fix permission for grafana --- modules/secrets/secrets.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index 8ee9892..d9196f4 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -28,7 +28,10 @@ in "miniflux/credentials.age".publicKeys = all; - "monitoring/password.age".publicKeys = all; + "monitoring/password.age" = { + owner = "grafana"; + publicKeys = all; + }; "nextcloud/password.age" = { # Must be readable by the service From 9f86615e77f0497e095dc72ab490812494f310e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 27 Sep 2021 17:06:52 +0200 Subject: [PATCH 355/654] profiles: gtk: new best practices for dconf --- profiles/gtk/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/profiles/gtk/default.nix b/profiles/gtk/default.nix index 9eebe23..f9fcd5d 100644 --- a/profiles/gtk/default.nix +++ b/profiles/gtk/default.nix @@ -9,9 +9,7 @@ in config = lib.mkIf cfg.enable { # Allow setting GTK configuration using home-manager - services.dbus.packages = with pkgs; [ - gnome3.dconf - ]; + programs.dconf.enable = true; # GTK theme configuration my.home.gtk.enable = true; From 7ce69233c16ce24a3005c8864f63b0fdf71a62d8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 29 Sep 2021 17:37:15 +0200 Subject: [PATCH 356/654] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 775651c..da3b5c7 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1629481132, - "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", + "lastModified": 1631561581, + "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", "owner": "numtide", "repo": "flake-utils", - "rev": "997f7efcb746a9c140ce1f13c72263189225f482", + "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1630294974, - "narHash": "sha256-9e3AKxbCoexrsWFXxQ4QUETNxQlXaffnntEnPOO19oI=", + "lastModified": 1632838573, + "narHash": "sha256-0GJKyDy7YYhN6s0qji+wzwnawvPzuovqfbmVloeYDcI=", "owner": "nix-community", "repo": "home-manager", - "rev": "61ca2fc1c00a275b8bd61582b23195d60fe0fa40", + "rev": "959217e51dbd07d0de6dcbddfbfcb4f2efdc0c1e", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1630248577, - "narHash": "sha256-9d/yq96TTrnF7qjA6wPYk+rYjWAXwfUmwk3qewezSeg=", + "lastModified": 1632660378, + "narHash": "sha256-sjA8eQlnyDjDLyAyq3XlJmN0nqW0ftl/pb7VnMg86L0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8d8a28b47b7c41aeb4ad01a2bd8b7d26986c3512", + "rev": "31ffc50c571e6683e9ecc9dbcbd4a8e9914b4497", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1630395220, - "narHash": "sha256-Nb5SppZmj+0MH33c2/qdRFqGTo/8g0CTfVtsGZ/sQf0=", + "lastModified": 1632922805, + "narHash": "sha256-tii+JuTTx6pLGJ90EkWc0NgGU1hZLEoJ8CH3uyA9i5E=", "owner": "nix-community", "repo": "NUR", - "rev": "607b9cebfdbf57ec864aacf14efa64fac920016d", + "rev": "2522970cd3888df74f0c433cd1bc08442fd126c3", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1624971177, - "narHash": "sha256-Amf/nBj1E77RmbSSmV+hg6YOpR+rddCbbVgo5C7BS0I=", + "lastModified": 1631170176, + "narHash": "sha256-RLN/kur2Kpxt0cJp0Fms8ixuGpT8IHX0OpeQ8u8f0X4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "397f0713d007250a2c7a745e555fa16c5dc8cadb", + "rev": "3ed0e618cebc1ff291c27b749cf7568959cac028", "type": "github" }, "original": { From 4055ef17f035b5cbd0dd47cbd308d1307d336c77 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 29 Sep 2021 18:43:37 +0200 Subject: [PATCH 357/654] home: vim: switch back to gruvbox theme Onedark is too annoying to deal with, and I still like gruvbox's colors best. --- home/vim/default.nix | 5 +---- home/vim/init.vim | 10 ++++++---- home/vim/plugin/settings/lightline.vim | 2 +- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/home/vim/default.nix b/home/vim/default.nix index 08f5ecd..eb79fe9 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -31,10 +31,7 @@ in plugins = with pkgs.vimPlugins; [ # Theming lightline-vim # Fancy status bar - { - plugin = onedark-vim; # Nice dark theme - optional = true; # Needs to be `packadd`-ed manually... - } + vim-gruvbox8 # Nice dark theme # tpope essentials vim-commentary # Easy comments diff --git a/home/vim/init.vim b/home/vim/init.vim index 8968204..23717e1 100644 --- a/home/vim/init.vim +++ b/home/vim/init.vim @@ -68,10 +68,12 @@ set timeoutlen=500 " Set dark mode by default set background=dark -" Load it manually because of autoload functions... -packadd! onedark-vim -" Use onedark -colorscheme onedark +" Include plug-in integration +let g:gruvbox_plugin_hi_groups=1 +" Include filetype integration +let g:gruvbox_filetype_hi_groups=1 +" Use my preferred colorscheme +colorscheme gruvbox8 " }}} " Search parameters {{{ diff --git a/home/vim/plugin/settings/lightline.vim b/home/vim/plugin/settings/lightline.vim index 0513160..feaa733 100644 --- a/home/vim/plugin/settings/lightline.vim +++ b/home/vim/plugin/settings/lightline.vim @@ -2,7 +2,7 @@ let g:lightline={} " Use the wombat colorscheme -let g:lightline.colorscheme='onedark' +let g:lightline.colorscheme='wombat' " Status-line for active buffer let g:lightline.active={ From 24de1890fcb9de9085350f97091a4828491782fa Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 30 Sep 2021 15:34:16 +0200 Subject: [PATCH 358/654] home: zsh: launch tmux when starting a shell --- home/zsh/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 27077cf..5dc9a63 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -46,6 +46,16 @@ in # Modal editing is life, but CLI benefits from emacs gymnastics defaultKeymap = "emacs"; + # Make those happen early to avoid doing double the work + initExtraFirst = + lib.optionalString config.my.home.tmux.enable '' + # Launch tmux unless already inside one + if [ -z "$TMUX" ]; then + exec tmux new-session + fi + '' + ; + initExtra = lib.concatMapStrings builtins.readFile [ ./completion-styles.zsh ./extra-mappings.zsh From 07cf0fa4daff74e9d3d9916da4c4056c6f1b7c7f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 30 Sep 2021 15:36:29 +0200 Subject: [PATCH 359/654] home: wm: i3: launch tmux when starting terminal Similarly to the `zsh` snippet, launch tmux unless I explicitly do not want it. The reason I also add it in `i3` is to make the launch happen sooner, and to avoid doing double work on some shell startup shenanigans if I can. --- home/wm/i3/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index f8080ad..2a99958 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -157,7 +157,9 @@ in keybindings = lib.my.recursiveMerge [ { # The basics - "${modifier}+Return" = "exec ${terminal}"; + "${modifier}+Return" = "exec ${terminal} ${ + lib.optionalString config.my.home.tmux.enable "-e tmux new-session" + }"; "${modifier}+Shift+Return" = "exec env TMUX=nil ${terminal}"; "${modifier}+Shift+q" = "kill"; "${modifier}+f" = "fullscreen toggle"; From 84cdc30037e390b8eab213f08e331f163f7d921b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 30 Sep 2021 16:47:52 +0200 Subject: [PATCH 360/654] home: tmux: make history longer We got tons of RAM! --- home/tmux/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/tmux/default.nix b/home/tmux/default.nix index 6b05414..8e0c901 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -13,7 +13,7 @@ in keyMode = "vi"; # Home-row keys and other niceties clock24 = true; # I'm one of those heathens escapeTime = 0; # Let vim do its thing instead - historyLimit = 5000; # Bigger buffer + historyLimit = 50000; # Bigger buffer terminal = "tmux-256color"; # I want accurate termcap info plugins = with pkgs.tmuxPlugins; [ From cc21d84808dfd79736b3c44e72ea2c3a8e1476a6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 30 Sep 2021 16:48:26 +0200 Subject: [PATCH 361/654] home: tmux: add tmux service The service definition is pretty awful, but it deals with the secure socket correctly... This avoids having a small lapse when starting the very first shell of a session, which must first launch the server. --- home/tmux/default.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/home/tmux/default.nix b/home/tmux/default.nix index 8e0c901..0a8a355 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -5,6 +5,10 @@ in { options.my.home.tmux = with lib.my; { enable = mkDisableOption "tmux terminal multiplexer"; + + service = { + enable = mkDisableOption "tmux server service"; + }; }; config.programs.tmux = lib.mkIf cfg.enable { @@ -44,4 +48,30 @@ in bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel ''; }; + + config.systemd.user.services.tmux = lib.mkIf cfg.service.enable { + Unit = { + Description = "tmux server"; + }; + + Install = { + WantedBy = [ "default.target" ]; + }; + + Service = + let + # Wrap `tmux` in a login shell and set the socket path + tmuxCmd = "${config.programs.tmux.package}/bin/tmux"; + socketExport = lib.optionalString + config.programs.tmux.secureSocket + ''export TMUX_TMPDIR=''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"};''; + mkTmuxCommand = + c: "${pkgs.runtimeShell} -l -c '${socketExport} ${tmuxCmd} ${c}'"; + in + { + Type = "forking"; + ExecStart = mkTmuxCommand "new -d -s ambroisie"; + ExecStop = mkTmuxCommand "kill-server"; + }; + }; } From d64a867afc73bfda64859d79f3eda07f36db6995 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Oct 2021 14:45:41 +0200 Subject: [PATCH 362/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index da3b5c7..b668797 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1632838573, - "narHash": "sha256-0GJKyDy7YYhN6s0qji+wzwnawvPzuovqfbmVloeYDcI=", + "lastModified": 1633296444, + "narHash": "sha256-DnC7yVyoYFSsvFze16AWDa5iSHgtT1MbDGgp8rSC3H4=", "owner": "nix-community", "repo": "home-manager", - "rev": "959217e51dbd07d0de6dcbddfbfcb4f2efdc0c1e", + "rev": "099cbcf13e8219f07b493980a66fe64df0e32d09", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1632660378, - "narHash": "sha256-sjA8eQlnyDjDLyAyq3XlJmN0nqW0ftl/pb7VnMg86L0=", + "lastModified": 1633263894, + "narHash": "sha256-InuWViZr3SL8PqRROkWhmSd3N8gGkiP7YaA7BRdjmhk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "31ffc50c571e6683e9ecc9dbcbd4a8e9914b4497", + "rev": "01f2f2842aaa7f3af957fef93439d639e6941e6c", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1632922805, - "narHash": "sha256-tii+JuTTx6pLGJ90EkWc0NgGU1hZLEoJ8CH3uyA9i5E=", + "lastModified": 1633342505, + "narHash": "sha256-UgXnO+jX6V33mtbFgQKPLndNQid1DqOnMcsPlxqeWdk=", "owner": "nix-community", "repo": "NUR", - "rev": "2522970cd3888df74f0c433cd1bc08442fd126c3", + "rev": "061e44abde1dc11b10ff93fe6a388272850f473c", "type": "github" }, "original": { From d1cd5bfa329af9ad2c696c5381b8676052446bc2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Oct 2021 14:48:54 +0200 Subject: [PATCH 363/654] overlays: add sabnzbd-fix-missing-dependencies While waiting for my PR to fix this [1]. [1]: https://github.com/NixOS/nixpkgs/pull/140478 --- overlays/default.nix | 2 + .../default.nix | 4 ++ .../sabnzbd.nix | 60 +++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 overlays/sabnzbd-fix-missing-dependencies/default.nix create mode 100644 overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix diff --git a/overlays/default.nix b/overlays/default.nix index d52dcd3..3f5a246 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,3 +1,5 @@ { + sabnzbd-fix-missing-packages = import ./sabnzbd-fix-missing-dependencies; + transgui-fix-duplicate-status = import ./transgui-fix-duplicate-status; } diff --git a/overlays/sabnzbd-fix-missing-dependencies/default.nix b/overlays/sabnzbd-fix-missing-dependencies/default.nix new file mode 100644 index 0000000..e2e8eec --- /dev/null +++ b/overlays/sabnzbd-fix-missing-dependencies/default.nix @@ -0,0 +1,4 @@ +final: prev: +{ + sabnzbd = final.callPackage ./sabnzbd.nix { }; +} diff --git a/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix b/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix new file mode 100644 index 0000000..3da9b28 --- /dev/null +++ b/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix @@ -0,0 +1,60 @@ +{ lib +, stdenv +, fetchFromGitHub +, python3 +, par2cmdline +, unzip +, unrar +, p7zip +, makeWrapper +}: + +let + pythonEnv = python3.withPackages (ps: with ps; [ + chardet + cheetah3 + cherrypy + configobj + cryptography + feedparser + guessit + puremagic + sabyenc3 + ]); + path = lib.makeBinPath [ par2cmdline unrar unzip p7zip ]; +in +stdenv.mkDerivation rec { + version = "3.4.0"; + pname = "sabnzbd"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = version; + sha256 = "sha256-zax+PuvCmYOlEhRmiCp7UOd9VI0i8dbgTPyTtqLuGUM="; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ pythonEnv ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out + cp -R * $out/ + mkdir $out/bin + echo "${pythonEnv}/bin/python $out/SABnzbd.py \$*" > $out/bin/sabnzbd + chmod +x $out/bin/sabnzbd + wrapProgram $out/bin/sabnzbd --set PATH ${path} + + runHook postInstall + ''; + + meta = with lib; { + description = "Usenet NZB downloader, par2 repairer and auto extracting server"; + homepage = "https://sabnzbd.org"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with lib.maintainers; [ fridh ]; + }; +} From a85922b3b3e4a868e3836fe38d6f97cd204f60cf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Oct 2021 15:51:24 +0200 Subject: [PATCH 364/654] home: firefox: add 'refined-github' --- home/firefox/firefox/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/firefox/default.nix b/home/firefox/firefox/default.nix index 723ecc8..5d4b05e 100644 --- a/home/firefox/firefox/default.nix +++ b/home/firefox/firefox/default.nix @@ -46,6 +46,7 @@ in https-everywhere i-dont-care-about-cookies reddit-enhancement-suite + refined-github sponsorblock ublock-origin ] From 6d393fdef2ca7008b248b1a299f4469d93931f3a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Oct 2021 15:53:04 +0200 Subject: [PATCH 365/654] home: firefox: re-organise module --- home/firefox/default.nix | 64 +++++++++++++++++++++++++++++--- home/firefox/firefox/default.nix | 57 ---------------------------- 2 files changed, 59 insertions(+), 62 deletions(-) delete mode 100644 home/firefox/firefox/default.nix diff --git a/home/firefox/default.nix b/home/firefox/default.nix index 3d310dc..cbcc233 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -1,5 +1,12 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.firefox; +in { + imports = [ + ./tridactyl + ]; + options.my.home.firefox = with lib; { enable = mkEnableOption "firefox configuration"; @@ -22,8 +29,55 @@ }; }; - imports = [ - ./firefox - ./tridactyl - ]; + config.programs.firefox = lib.mkIf cfg.enable { + enable = true; + + package = pkgs.firefox.override { + cfg = { + enableTridactylNative = cfg.tridactyl.enable; + }; + + extraNativeMessagingHosts = with pkgs; ([ ] + # Watch videos using mpv + ++ lib.optional cfg.ff2mpv.enable ambroisie.ff2mpv-go + ); + }; + + profiles = { + default = { + id = 0; + + settings = { + "browser.bookmarks.showMobileBookmarks" = true; # Mobile bookmarks + "browser.download.useDownloadDir" = false; # Ask for download location + "browser.in-content.dark-mode" = true; # Dark mode + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; # Disable top stories + "browser.newtabpage.activity-stream.feeds.sections" = false; + "browser.newtabpage.activity-stream.feeds.system.topstories" = false; # Disable top stories + "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; # Disable pocket + "extensions.pocket.enabled" = false; # Disable pocket + "media.eme.enabled" = true; # Enable DRM + "media.gmp-widevinecdm.visible" = true; # Enable DRM + "media.gmp-widevinecdm.enabled" = true; # Enable DRM + "signon.autofillForms" = false; # Disable built-in form-filling + "signon.rememberSignons" = false; # Disable built-in password manager + "ui.systemUsesDarkTheme" = true; # Dark mode + }; + }; + }; + + extensions = with pkgs.nur.repos.rycee.firefox-addons; ([ + bitwarden + form-history-control + https-everywhere + i-dont-care-about-cookies + reddit-enhancement-suite + refined-github + sponsorblock + ublock-origin + ] + ++ lib.optional (cfg.tridactyl.enable) tridactyl + ++ lib.optional (cfg.ff2mpv.enable) ff2mpv + ); + }; } diff --git a/home/firefox/firefox/default.nix b/home/firefox/firefox/default.nix deleted file mode 100644 index 5d4b05e..0000000 --- a/home/firefox/firefox/default.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.my.home.firefox; -in -{ - config.programs.firefox = lib.mkIf cfg.enable { - enable = true; - - package = pkgs.firefox.override { - cfg = { - enableTridactylNative = cfg.tridactyl.enable; - }; - - extraNativeMessagingHosts = with pkgs; ([ ] - # Watch videos using mpv - ++ lib.optional cfg.ff2mpv.enable ambroisie.ff2mpv-go - ); - }; - - profiles = { - default = { - id = 0; - - settings = { - "browser.bookmarks.showMobileBookmarks" = true; # Mobile bookmarks - "browser.download.useDownloadDir" = false; # Ask for download location - "browser.in-content.dark-mode" = true; # Dark mode - "browser.newtabpage.activity-stream.feeds.section.topstories" = false; # Disable top stories - "browser.newtabpage.activity-stream.feeds.sections" = false; - "browser.newtabpage.activity-stream.feeds.system.topstories" = false; # Disable top stories - "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; # Disable pocket - "extensions.pocket.enabled" = false; # Disable pocket - "media.eme.enabled" = true; # Enable DRM - "media.gmp-widevinecdm.visible" = true; # Enable DRM - "media.gmp-widevinecdm.enabled" = true; # Enable DRM - "signon.autofillForms" = false; # Disable built-in form-filling - "signon.rememberSignons" = false; # Disable built-in password manager - "ui.systemUsesDarkTheme" = true; # Dark mode - }; - }; - }; - - extensions = with pkgs.nur.repos.rycee.firefox-addons; ([ - bitwarden - form-history-control - https-everywhere - i-dont-care-about-cookies - reddit-enhancement-suite - refined-github - sponsorblock - ublock-origin - ] - ++ lib.optional (cfg.tridactyl.enable) tridactyl - ++ lib.optional (cfg.ff2mpv.enable) ff2mpv - ); - }; -} From 8569a8eb55324c36d9c97c376d451513f11fd233 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 3 Oct 2021 16:08:04 +0200 Subject: [PATCH 366/654] home: firefox: add 'reddit-comment-collapser' --- home/firefox/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/default.nix b/home/firefox/default.nix index cbcc233..b161834 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -71,6 +71,7 @@ in form-history-control https-everywhere i-dont-care-about-cookies + reddit-comment-collapser reddit-enhancement-suite refined-github sponsorblock From 323e99bbb0c9b5d60ef6dd7953c21fc19610ea81 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 12:15:34 +0200 Subject: [PATCH 367/654] home: xdg: make gdb store history in XDG_DATA_HOME --- home/xdg/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/xdg/default.nix b/home/xdg/default.nix index bdeb326..1aa69ac 100644 --- a/home/xdg/default.nix +++ b/home/xdg/default.nix @@ -31,6 +31,7 @@ in # A tidy home is a tidy mind dataFile = { "bash/.keep".text = ""; + "gdb/.keep".text = ""; "tig/.keep".text = ""; }; }; @@ -39,6 +40,7 @@ in config.home.sessionVariables = with config.xdg; lib.mkIf cfg.enable { CARGO_HOME = "${dataHome}/cargo"; DOCKER_CONFIG = "${configHome}/docker"; + GDBHISTFILE = "${dataHome}/gdb/gdb_history"; HISTFILE = "${dataHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; LESSHISTFILE = "${dataHome}/less/history"; From 7d787a2770166fb01cb4f669b40c67650b147831 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 14:59:03 +0200 Subject: [PATCH 368/654] pkgs: add dragger --- pkgs/default.nix | 2 ++ pkgs/dragger/default.nix | 29 +++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 pkgs/dragger/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index 4e35cff..a420a7e 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -6,6 +6,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { diff-flake = pkgs.callPackage ./diff-flake { }; + dragger = pkgs.callPackage ./dragger { }; + drone-scp = pkgs.callPackage ./drone-scp { }; ff2mpv-go = pkgs.callPackage ./ff2mpv-go { }; diff --git a/pkgs/dragger/default.nix b/pkgs/dragger/default.nix new file mode 100644 index 0000000..a4ccd61 --- /dev/null +++ b/pkgs/dragger/default.nix @@ -0,0 +1,29 @@ +{ lib, fetchFromGitHub, qt5 }: +qt5.mkDerivation rec { + pname = "dragger"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "ambroisie"; + repo = "dragger"; + rev = "v${version}"; + sha256 = "sha256-WAC720DxfkQxy1BeeGzE6IerFb4ejoMRAPEJv5HGDHM="; + }; + + configurePhase = '' + qmake + ''; + + installPhase = '' + mkdir -p $out/bin + cp dragger $out/bin + ''; + + meta = with lib; { + description = "A CLI drag-and-drop tool"; + homepage = "https://gitea.belanyi.fr/ambroisie/dragger"; + license = licenses.mit; + maintainers = [ ambroisie ]; + platforms = platforms.all; + }; +} From 76f33fbd577d1988aab76e3e78bce1f73c33b5be Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 15:00:44 +0200 Subject: [PATCH 369/654] flake: use 'recurseIntoAttrs' in 'pkgs' overlay --- flake.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 62a3a52..9c33d34 100644 --- a/flake.nix +++ b/flake.nix @@ -149,7 +149,9 @@ overlays = import ./overlays // { lib = final: prev: { inherit lib; }; - pkgs = final: prev: { ambroisie = import ./pkgs { pkgs = prev; }; }; + pkgs = final: prev: { + ambroisie = prev.recurseIntoAttrs (import ./pkgs { pkgs = prev; }); + }; }; nixosConfigurations = lib.mapAttrs buildHost { From 8c103a2261c9fe84e2000da4064871b34c5e7c62 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 15:03:45 +0200 Subject: [PATCH 370/654] home: gammastep: fix typo --- home/gammastep/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/gammastep/default.nix b/home/gammastep/default.nix index 24c595c..3e20094 100644 --- a/home/gammastep/default.nix +++ b/home/gammastep/default.nix @@ -25,7 +25,7 @@ in times = { dawn = mkTimeOption "Dawn time" "6:00-7:30"; - dusk = mkTimeOption "Dawn time" "18:30-20:00"; + dusk = mkTimeOption "Dusk time" "18:30-20:00"; }; }; From 971b6e9b65070762fcb938305dce69c8686340b9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 15:05:45 +0200 Subject: [PATCH 371/654] profiles: wm: add 'dragger' when a WM is set up --- profiles/wm/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/profiles/wm/default.nix b/profiles/wm/default.nix index 473d49d..1eeb7a8 100644 --- a/profiles/wm/default.nix +++ b/profiles/wm/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.profiles.wm; in @@ -23,5 +23,11 @@ in # Auto disk mounter my.home.udiskie.enable = true; }) + + (lib.mkIf (cfg.windowManager != null) { + environment.systemPackages = with pkgs; [ + ambroisie.dragger + ]; + }) ]; } From 069987f47e69b15f3086f3221a8e46a3a0d737b3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Oct 2021 19:39:43 +0200 Subject: [PATCH 372/654] pkgs: dragger: change platforms to linux I haven't tested it on darwin, and it just so happens that some dependency is broken on that system (breaking `nix flake check`)... Will revisit this later in case I ever happen to use a darwin system. --- pkgs/dragger/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/dragger/default.nix b/pkgs/dragger/default.nix index a4ccd61..1a43a1b 100644 --- a/pkgs/dragger/default.nix +++ b/pkgs/dragger/default.nix @@ -1,4 +1,4 @@ -{ lib, fetchFromGitHub, qt5 }: +{ lib, fetchFromGitHub, qt5, stdenv }: qt5.mkDerivation rec { pname = "dragger"; version = "0.1.0"; @@ -24,6 +24,6 @@ qt5.mkDerivation rec { homepage = "https://gitea.belanyi.fr/ambroisie/dragger"; license = licenses.mit; maintainers = [ ambroisie ]; - platforms = platforms.all; + platforms = platforms.linux; }; } From 6f3bee895c20bf4407f71564fe406d1ba5680ce2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 10 Oct 2021 17:14:58 +0200 Subject: [PATCH 373/654] modules: secrets: wireguard: add 'milady' --- modules/secrets/secrets.nix | 1 + modules/secrets/wireguard/milady/private-key.age | 9 +++++++++ 2 files changed, 10 insertions(+) create mode 100644 modules/secrets/wireguard/milady/private-key.age diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index d9196f4..ee5aba5 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -54,6 +54,7 @@ in "users/root/hashed-password.age".publicKeys = all; "wireguard/aramis/private-key.age".publicKeys = all; + "wireguard/milady/private-key.age".publicKeys = all; "wireguard/porthos/private-key.age".publicKeys = all; "wireguard/richelieu/private-key.age".publicKeys = all; } diff --git a/modules/secrets/wireguard/milady/private-key.age b/modules/secrets/wireguard/milady/private-key.age new file mode 100644 index 0000000..fb84f91 --- /dev/null +++ b/modules/secrets/wireguard/milady/private-key.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg gWB20jfimPCJHYjqxBSHYkL9Z/kGZ23dRu4PHp7oJj8 +z3dBymvgrGNtIXe3yQAzpm36uExPmD7DKjU6mMNw99U +-> ssh-ed25519 jPowng aeWv6an+PmWRuk2eHOQhF7jvmld1I5p2LbSmehjUBBw +Rn+ApMvZlO0ji6TCakCUc+1jK762UxOqVanmCsjB+80 +-> jDh})['\-grease |Y6J(8{ +v.7nKx +WID+ZDtsOlPI0AW8ROvXH1s +--- ZlSk2uv95UoKi5D94+tiQdZyxCVv6dlj6ajwYeDzmp0 +n`Wm!Q3]Q}}By kuƀE^zO[V p f>Ĕ \ No newline at end of file From d918bf279d8149168bde3580402306ad7523c805 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 10 Oct 2021 17:16:21 +0200 Subject: [PATCH 374/654] modules: services: wireguard: add 'milady' --- modules/services/wireguard/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/services/wireguard/default.nix b/modules/services/wireguard/default.nix index d919803..656fdb2 100644 --- a/modules/services/wireguard/default.nix +++ b/modules/services/wireguard/default.nix @@ -35,6 +35,12 @@ let clientNum = 3; publicKey = "w4IADAj2Tt7Qe95a0RxDv9ovg/Dr/f3q1LrVOPF48Rk="; }; + + # Sarah's iPhone + milady = { + clientNum = 4; + publicKey = "3MKEu4F6o8kww54xeAao5Uet86fv8z/QsZ2L2mOzqDQ="; + }; }; thisPeer = peers."${hostName}"; thisPeerIsServer = thisPeer ? externalIp; From b298607ea764e9e22d0301ce1a8e88e66280b98a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 16:33:33 +0200 Subject: [PATCH 375/654] home: git: add 'git' alias --- home/git/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/git/default.nix b/home/git/default.nix index 156731e..150fb59 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -18,6 +18,7 @@ in package = pkgs.gitAndTools.gitFull; aliases = { + git = "!git"; lol = "log --graph --decorate --pretty=oneline --abbrev-commit --topo-order"; lola = "lol --all"; assume = "update-index --assume-unchanged"; From ce5a8a20b9c02d94dae475edbee1ddb287a92aed Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 17:53:10 +0200 Subject: [PATCH 376/654] lib: add strings --- lib/strings.nix | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 lib/strings.nix diff --git a/lib/strings.nix b/lib/strings.nix new file mode 100644 index 0000000..0b58caf --- /dev/null +++ b/lib/strings.nix @@ -0,0 +1,6 @@ +{ ... }: +let +in +{ + # FIXME +} From 97fa58c220a73fc30f70276fdd3a644dbe25d55d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 17:53:23 +0200 Subject: [PATCH 377/654] lib: strings: add 'mkMailAddress' --- lib/strings.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/strings.nix b/lib/strings.nix index 0b58caf..2a3ec77 100644 --- a/lib/strings.nix +++ b/lib/strings.nix @@ -2,5 +2,8 @@ let in { - # FIXME + # Make an email address from the name and domain stems + # + # mkMailAddress :: String -> String -> String + mkMailAddress = name: domain: "${name}@${domain}"; } From 8d8904ccef94efcff899053b7525dcd2b90b2efb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 17:54:54 +0200 Subject: [PATCH 378/654] home: mail: accounts: use 'mkMailAccount' --- home/mail/accounts/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/home/mail/accounts/default.nix b/home/mail/accounts/default.nix index 2eecb6d..80d95ae 100644 --- a/home/mail/accounts/default.nix +++ b/home/mail/accounts/default.nix @@ -2,16 +2,16 @@ let cfg = config.my.home.mail; - mkAddress = address: domain: "${address}@${domain}"; + inherit (lib.my) mkMailAddress; mkConfig = { domain, address, passName, aliases ? [ ], primary ? false }: { realName = lib.mkDefault "Bruno BELANYI"; - userName = lib.mkDefault (mkAddress address domain); + userName = lib.mkDefault (mkMailAddress address domain); passwordCommand = lib.mkDefault [ "${pkgs.ambroisie.bw-pass}/bin/bw-pass" "Mail" passName ]; - address = mkAddress address domain; - aliases = builtins.map (lib.flip mkAddress domain) aliases; + address = mkMailAddress address domain; + aliases = builtins.map (lib.flip mkMailAddress domain) aliases; inherit primary; From 111ee136c8e8fc24f7f434ef277eee66a8c5f97b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 17:55:48 +0200 Subject: [PATCH 379/654] home: git: use 'mkMailAccount' --- home/git/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/git/default.nix b/home/git/default.nix index 150fb59..bd361a6 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -1,6 +1,8 @@ { config, pkgs, lib, ... }: let cfg = config.my.home.git; + + inherit (lib.my) mkMailAddress; in { options.my.home.git = with lib.my; { @@ -11,7 +13,7 @@ in enable = true; # Who am I? - userEmail = "bruno@belanyi.fr"; + userEmail = mkMailAddress "bruno" "belanyi.fr"; userName = "Bruno BELANYI"; # I want the full experience From ef07c9ff438130d35ae92eea11ffcfd1c9af6518 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 17:56:04 +0200 Subject: [PATCH 380/654] modules: services: nginx: use 'mkMailAccount' --- modules/services/nginx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index 492f6c8..46710d2 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -387,7 +387,7 @@ in users.users.nginx.extraGroups = [ "acme" ]; security.acme = { - email = "bruno.acme@belanyi.fr"; + email = lib.my.mkMailAddress "bruno.acme" "belanyi.fr"; acceptTerms = true; # Use DNS wildcard certificate certs = From e475855e18087cb6ddfc00e656d20b5a495896d3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 21:11:46 +0200 Subject: [PATCH 381/654] home: git: inline EPITA configuration include --- home/git/default.nix | 10 +++++++++- home/git/epita.config | 4 ---- 2 files changed, 9 insertions(+), 5 deletions(-) delete mode 100644 home/git/epita.config diff --git a/home/git/default.nix b/home/git/default.nix index bd361a6..ae96216 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -122,7 +122,15 @@ in # Multiple identities includes = [ - { path = ./epita.config; condition = "gitdir:~/git/EPITA/"; } + { + condition = "gitdir:~/git/EPITA/"; + contents = { + user = { + name = "Bruno BELANYI"; + email = mkMailAddress "bruno.belanyi" "epita.fr"; + }; + }; + } ]; ignores = diff --git a/home/git/epita.config b/home/git/epita.config deleted file mode 100644 index a6e8cf4..0000000 --- a/home/git/epita.config +++ /dev/null @@ -1,4 +0,0 @@ -[user] - email = bruno.belanyi@epita.fr - name = Bruno BELANYI -# vim: set ft=gitconfig: From b1cff1b8a310570d3c5503b4ca0e1e02b243478e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Oct 2021 21:32:13 +0200 Subject: [PATCH 382/654] home: git: add git-related packages when enabled Instead of adding them in the general packages section. --- home/git/default.nix | 6 ++++++ home/packages/default.nix | 3 --- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/home/git/default.nix b/home/git/default.nix index ae96216..aff0ac6 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -9,6 +9,12 @@ in enable = mkDisableOption "git configuration"; }; + config.home.packages = with pkgs.gitAndTools; lib.mkIf cfg.enable [ + gitAndTools.git-absorb + gitAndTools.git-revise + gitAndTools.tig + ]; + config.programs.git = lib.mkIf cfg.enable { enable = true; diff --git a/home/packages/default.nix b/home/packages/default.nix index 0d57840..acb1f79 100644 --- a/home/packages/default.nix +++ b/home/packages/default.nix @@ -19,9 +19,6 @@ in config.home.packages = with pkgs; lib.mkIf cfg.enable ([ file - gitAndTools.git-absorb - gitAndTools.git-revise - gitAndTools.tig rr termite.terminfo ] ++ cfg.additionalPackages); From 158d39bb6e4ffdc3903535c4c9fcd1e9dc8cd260 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 17:01:40 +0200 Subject: [PATCH 383/654] pkgs: sort packages alphabetically --- pkgs/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/default.nix b/pkgs/default.nix index a420a7e..c599247 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -22,11 +22,11 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { nolimips = pkgs.callPackage ./nolimips { }; - vimix-cursors = pkgs.callPackage ./vimix-cursors { }; - - volantes-cursors = pkgs.callPackage ./volantes-cursors { }; - unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; unified-hosts-lists = pkgs.callPackage ./unified-hosts-lists { }; + + vimix-cursors = pkgs.callPackage ./vimix-cursors { }; + + volantes-cursors = pkgs.callPackage ./volantes-cursors { }; }) From 296833651a6adfe5928486a1654a242d710a2005 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 17:09:03 +0200 Subject: [PATCH 384/654] pkgs: add rofi-bluetooth --- pkgs/default.nix | 2 ++ pkgs/rofi-bluetooth/default.nix | 40 +++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 pkgs/rofi-bluetooth/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index c599247..46fa4ab 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -22,6 +22,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { nolimips = pkgs.callPackage ./nolimips { }; + rofi-bluetooth = pkgs.callPackage ./rofi-bluetooth { }; + unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; unified-hosts-lists = pkgs.callPackage ./unified-hosts-lists { }; diff --git a/pkgs/rofi-bluetooth/default.nix b/pkgs/rofi-bluetooth/default.nix new file mode 100644 index 0000000..2ff40a1 --- /dev/null +++ b/pkgs/rofi-bluetooth/default.nix @@ -0,0 +1,40 @@ +{ lib, bluez, fetchFromGitHub, makeWrapper, rofi, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "rofi-bluetooth"; + version = "unstable-2021-10-15"; + + src = fetchFromGitHub { + owner = "nickclyde"; + repo = "rofi-bluetooth"; + rev = "893db1f2b549e7bc0e9c62e7670314349a29cdf2"; + sha256 = "sha256-3oROJKEQCuSnLfbJ+JSSc9hcmJTPrLHRQJsrUcaOMss="; + }; + + buildInputs = [ + makeWrapper + ]; + + installPhase = '' + mkdir -p $out/bin + cp $src/rofi-bluetooth $out/bin/ + chmod a+x $out/bin/rofi-bluetooth + ''; + + wrapperPath = lib.makeBinPath [ + rofi + bluez + ]; + + fixupPhase = '' + patchShebangs $out/bin/${pname} + wrapProgram $out/bin/${pname} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = "A rofi menu for managing bluetooth connections"; + homepage = "https://github.com/nickclyde/rofi-bluetooth/commit/"; + license = with licenses; [ gpl3Only ]; + platforms = platforms.linux; + maintainers = with maintainers; [ ambroisie ]; + }; +} From 9117df1e721ee7037ae6bc5f630319c561a08485 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 17:12:20 +0200 Subject: [PATCH 385/654] home: wm: i3: don't add 'dragger' through profile --- home/wm/i3/default.nix | 1 + profiles/wm/default.nix | 6 ------ 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 2a99958..a0b63be 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -70,6 +70,7 @@ in { config = lib.mkIf isEnabled { home.packages = with pkgs; [ + ambroisie.dragger # drag-and-drop from the CLI ambroisie.i3-get-window-criteria # little helper for i3 configuration arandr # Used by a mapping pamixer # Used by a mapping diff --git a/profiles/wm/default.nix b/profiles/wm/default.nix index 1eeb7a8..bf9d3f9 100644 --- a/profiles/wm/default.nix +++ b/profiles/wm/default.nix @@ -23,11 +23,5 @@ in # Auto disk mounter my.home.udiskie.enable = true; }) - - (lib.mkIf (cfg.windowManager != null) { - environment.systemPackages = with pkgs; [ - ambroisie.dragger - ]; - }) ]; } From 8a8256e55569a1b23bc07fce7fcc55707788e076 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 17:13:02 +0200 Subject: [PATCH 386/654] home: tmux: add binding for block selection --- home/tmux/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/tmux/default.nix b/home/tmux/default.nix index 0a8a355..c9ccf16 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -46,6 +46,8 @@ in # Better vim mode bind-key -T copy-mode-vi 'v' send -X begin-selection bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel + # Block selection in vim mode + bind-key -Tcopy-mode-vi 'C-v' send -X begin-selection \; send -X rectangle-toggle ''; }; From 537fa5c909216ba27cfa89e5c645a90142286ea9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 17:19:12 +0200 Subject: [PATCH 387/654] home: wm: i3: add 'rofi-bluetooth' binding --- home/wm/i3/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index a0b63be..94cec6d 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -198,6 +198,12 @@ in "${modifier}+Shift+d" = "exec rofi -show run -disable-history"; "${modifier}+p" = "exec --no-startup-id flameshot gui"; "${modifier}+Shift+p" = "exec rofi -show emoji"; + "${modifier}+b" = + let + inherit (config.my.home.bluetooth) enable; + prog = "${pkgs.ambroisie.rofi-bluetooth}/bin/rofi-bluetooth"; + in + lib.mkIf enable "exec ${prog}"; }) ( # Changing container focus From 6c25380d5d80c3429f864b11f41d376abcc7264a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 16 Oct 2021 14:56:13 +0200 Subject: [PATCH 388/654] machines: aramis: networking: remove 'domain' Now that services handle subdomains through my Nginx abstraction, we can remove this. --- machines/aramis/networking.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix index 9322f1f..2759e9c 100644 --- a/machines/aramis/networking.nix +++ b/machines/aramis/networking.nix @@ -2,7 +2,6 @@ { networking = { hostName = "aramis"; - domain = "nodomain.local"; # FIXME: gotta fix domain handling # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config From c55708ab54682ebde8dcd40333df08918aa1f73a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 16 Oct 2021 17:59:18 +0200 Subject: [PATCH 389/654] home: wm: i3bar: use dynamic width on music block --- home/wm/i3bar/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar/default.nix b/home/wm/i3bar/default.nix index 62d0d7b..61df862 100644 --- a/home/wm/i3bar/default.nix +++ b/home/wm/i3bar/default.nix @@ -22,6 +22,7 @@ in block = "music"; buttons = [ "prev" "play" "next" ]; max_width = 50; + dynamic_width = true; hide_when_empty = true; } { From 9e33f4ca829d0c706300525c08f5361b03bf7c71 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Oct 2021 14:44:08 +0200 Subject: [PATCH 390/654] home: git: rewrite personal gitea URLs to use ssh --- home/git/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/git/default.nix b/home/git/default.nix index aff0ac6..e05a100 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -124,6 +124,12 @@ in autoSquash = true; autoStash = true; }; + + url = { + "git@gitea.belanyi.fr:" = { + insteadOf = "https://gitea.belanyi.fr/"; + }; + }; }; # Multiple identities From 5e438f9e77a2c4375f41b34d091325c11d96c01a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Oct 2021 14:44:19 +0200 Subject: [PATCH 391/654] home: git: rewrite github URLs to use ssh --- home/git/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/git/default.nix b/home/git/default.nix index e05a100..6748bab 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -129,6 +129,10 @@ in "git@gitea.belanyi.fr:" = { insteadOf = "https://gitea.belanyi.fr/"; }; + + "git@github.com:" = { + insteadOf = "https://github.com/"; + }; }; }; From 708d60bcc6e7abd2b3a9392bccf8134a370b6b82 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Oct 2021 14:45:23 +0200 Subject: [PATCH 392/654] home: git: rewrite gitlab URLs to use ssh --- home/git/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/git/default.nix b/home/git/default.nix index 6748bab..e9ccde8 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -133,6 +133,10 @@ in "git@github.com:" = { insteadOf = "https://github.com/"; }; + + "git@gitlab.com:" = { + insteadOf = "https://gitlab.com/"; + }; }; }; From 8edef9d528b2169d8bbaa7a9b003d56ff2290eaf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 16 Oct 2021 17:55:59 +0200 Subject: [PATCH 393/654] home: wm: i3bar: add bluetooth blocks I have decided that the potential security and privacy risk of exposing my MAC addresses is fine by me. My earphones and headphones do not seem to expose their battery level, would need more investigation. --- home/wm/i3bar/default.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/home/wm/i3bar/default.nix b/home/wm/i3bar/default.nix index 61df862..664f11c 100644 --- a/home/wm/i3bar/default.nix +++ b/home/wm/i3bar/default.nix @@ -25,6 +25,24 @@ in dynamic_width = true; hide_when_empty = true; } + (lib.optionalAttrs config.my.home.bluetooth.enable { + block = "bluetooth"; + mac = "4C:87:5D:06:40:D9"; + hide_disconnected = true; + format = "Boson {percentage}"; + }) + (lib.optionalAttrs config.my.home.bluetooth.enable { + block = "bluetooth"; + mac = "94:DB:56:00:EE:93"; + hide_disconnected = true; + format = "Protons {percentage}"; + }) + (lib.optionalAttrs config.my.home.bluetooth.enable { + block = "bluetooth"; + mac = "F7:78:BA:76:52:F7"; + hide_disconnected = true; + format = "MX Ergo {percentage}"; + }) { block = "cpu"; } From cbf6ea9ac93c8bc140396395cdcae0c12fb9c608 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Oct 2021 18:49:03 +0200 Subject: [PATCH 394/654] modules: system: nix: change nix build niceness 19 is the lowest priority. --- modules/system/nix/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/system/nix/default.nix b/modules/system/nix/default.nix index 0f2f8c3..04888ac 100644 --- a/modules/system/nix/default.nix +++ b/modules/system/nix/default.nix @@ -18,6 +18,9 @@ in extraOptions = '' experimental-features = nix-command flakes ''; + + # Keep my system responsive during builds + daemonNiceLevel = 19; }; } From c280f0cae8eced2ee2a90e5264d1ce27d0f85d3c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Oct 2021 19:28:46 +0200 Subject: [PATCH 395/654] pkgs: unified-hosts-lists: 3.8.5 -> 3.9.11 --- pkgs/unified-hosts-lists/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index 0da6354..4b0e0c6 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -1,13 +1,13 @@ { lib, fetchFromGitHub, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "unified-hosts-lists"; - version = "3.8.5"; + version = "3.9.11"; src = fetchFromGitHub { owner = "StevenBlack"; repo = "hosts"; rev = version; - sha256 = "sha256-7oYuGegrHVUvAvA16iR8OEe5eTMeSybShSa1PJOe5No="; + sha256 = "sha256-JFz6M0Mkwoby7I6LLWx0QfvZMzwET2FEQ1OGKQnFfho="; }; dontUnpack = true; From 760e24a356520e2076acd8a914db7e716d8b9eb7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 15:09:48 +0200 Subject: [PATCH 396/654] modules: services: indexers: fix typo --- modules/services/indexers/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/indexers/default.nix b/modules/services/indexers/default.nix index 6ee32c0..0d272f8 100644 --- a/modules/services/indexers/default.nix +++ b/modules/services/indexers/default.nix @@ -9,7 +9,7 @@ in { options.my.services.indexers = with lib; { jackett.enable = mkEnableOption "Jackett torrent meta-indexer"; - nzbhydra.enable = mkEnableOption "NZBHydra2 torrent meta-indexer"; + nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; }; config = { From df1bc0d0d518e151983d562516ae6a77870a5dcc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 15:10:03 +0200 Subject: [PATCH 397/654] modules: services: indexers: refactor This is cleaner and more correct. --- modules/services/indexers/default.nix | 57 +++++++++++++++------------ 1 file changed, 32 insertions(+), 25 deletions(-) diff --git a/modules/services/indexers/default.nix b/modules/services/indexers/default.nix index 0d272f8..af0f482 100644 --- a/modules/services/indexers/default.nix +++ b/modules/services/indexers/default.nix @@ -12,32 +12,39 @@ in nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; }; - config = { - services.jackett = lib.mkIf cfg.jackett.enable { - enable = true; - }; - - # Jackett wants to eat *all* my RAM if left to its own devices - systemd.services.jackett = { - serviceConfig = { - MemoryHigh = "15%"; - MemoryMax = "25%"; + config = lib.mkMerge [ + (lib.mkIf cfg.jackett.enable { + services.jackett = { + enable = true; }; - }; - services.nzbhydra2 = lib.mkIf cfg.nzbhydra.enable { - enable = true; - }; + # Jackett wants to eat *all* my RAM if left to its own devices + systemd.services.jackett = { + serviceConfig = { + MemoryHigh = "15%"; + MemoryMax = "25%"; + }; + }; - my.services.nginx.virtualHosts = [ - { - subdomain = "jackett"; - port = jackettPort; - } - { - subdomain = "nzbhydra"; - port = nzbhydraPort; - } - ]; - }; + my.services.nginx.virtualHosts = [ + { + subdomain = "jackett"; + port = jackettPort; + } + ]; + }) + + (lib.mkIf cfg.nzbhydra.enable { + services.nzbhydra2 = { + enable = true; + }; + + my.services.nginx.virtualHosts = [ + { + subdomain = "nzbhydra"; + port = nzbhydraPort; + } + ]; + }) + ]; } From 9582f8403e325781b755212eac9834c23d8eaefe Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 15:13:46 +0200 Subject: [PATCH 398/654] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index b668797..9d368ca 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1633296444, - "narHash": "sha256-DnC7yVyoYFSsvFze16AWDa5iSHgtT1MbDGgp8rSC3H4=", + "lastModified": 1634230035, + "narHash": "sha256-tS0dyWxVgb79Jk8elMthWv/oycj/Q4HHDoNL5V43kz8=", "owner": "nix-community", "repo": "home-manager", - "rev": "099cbcf13e8219f07b493980a66fe64df0e32d09", + "rev": "309808afbc2a07e340067f66029a4202b4c4b959", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1633263894, - "narHash": "sha256-InuWViZr3SL8PqRROkWhmSd3N8gGkiP7YaA7BRdjmhk=", + "lastModified": 1634172192, + "narHash": "sha256-FBF4U/T+bMg4sEyT/zkgasvVquGzgdAf4y8uCosKMmo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "01f2f2842aaa7f3af957fef93439d639e6941e6c", + "rev": "2cf9db0e3d45b9d00f16f2836cb1297bcadc475e", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1633342505, - "narHash": "sha256-UgXnO+jX6V33mtbFgQKPLndNQid1DqOnMcsPlxqeWdk=", + "lastModified": 1634283744, + "narHash": "sha256-XqRqt1RbEz6MAO1ZkAkcjNZTJCOJ+3LJJ2JWyEkUXsQ=", "owner": "nix-community", "repo": "NUR", - "rev": "061e44abde1dc11b10ff93fe6a388272850f473c", + "rev": "2dbf2b986c523b728ead324baaba9e0d28322557", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1631170176, - "narHash": "sha256-RLN/kur2Kpxt0cJp0Fms8ixuGpT8IHX0OpeQ8u8f0X4=", + "lastModified": 1633788342, + "narHash": "sha256-wx+aRtR5FwbMOV/0N3PSC4au92aXl6tfwHOk4xgYXRQ=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "3ed0e618cebc1ff291c27b749cf7568959cac028", + "rev": "475b1f7f7ddcb6415e6624a68c4fe90f55ee9e73", "type": "github" }, "original": { From 927dd9e02a8a33c39d749dc4c1b38413e79616d9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 15:11:15 +0200 Subject: [PATCH 399/654] modules: services: indexers: add prowlarr --- modules/services/indexers/default.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/services/indexers/default.nix b/modules/services/indexers/default.nix index af0f482..66f1604 100644 --- a/modules/services/indexers/default.nix +++ b/modules/services/indexers/default.nix @@ -5,11 +5,13 @@ let jackettPort = 9117; nzbhydraPort = 5076; + prowlarrPort = 9696; in { options.my.services.indexers = with lib; { jackett.enable = mkEnableOption "Jackett torrent meta-indexer"; nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer"; + prowlarr.enable = mkEnableOption "Prowlarr torrent & usenet meta-indexer"; }; config = lib.mkMerge [ @@ -46,5 +48,18 @@ in } ]; }) + + (lib.mkIf cfg.prowlarr.enable { + services.prowlarr = { + enable = true; + }; + + my.services.nginx.virtualHosts = [ + { + subdomain = "prowlarr"; + port = prowlarrPort; + } + ]; + }) ]; } From 4f11cf3a9ae98361026f95a345b8b62867bf9844 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 15:11:48 +0200 Subject: [PATCH 400/654] machines: porthos: services: enable prowlarr --- machines/porthos/services.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index b03977d..07cf8eb 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -44,6 +44,7 @@ in indexers = { jackett.enable = true; nzbhydra.enable = true; + prowlarr.enable = true; }; # Jellyfin media server jellyfin.enable = true; From 5241bce29bb16697e9f4258338df0e56fbe432f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Oct 2021 16:46:12 +0200 Subject: [PATCH 401/654] project: readme: mention manual prowlarr step --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a68f7dc..3aa6453 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Secondly, take care of a few manual steps: * Configure Gitea and Drone * Configure Lohr webhook and SSH key * Configure Jellyfin -* Configure Jackett and NZBHydra2 +* Configure Prowlarr,Jackett and NZBHydra2 * Configure Sonarr, Radarr, Bazarr * Configure Transmission's webui port * Configure Quassel user From 6bec62073bda8204e6eb38b60c1d729363a1c623 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Oct 2021 16:42:10 +0200 Subject: [PATCH 402/654] home: start services when switching As I use home-manager with its NixOS module, I do not see the message suggesting to start the services otherwise. --- home/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/default.nix b/home/default.nix index e68c53b..b88dfed 100644 --- a/home/default.nix +++ b/home/default.nix @@ -40,4 +40,7 @@ # Who am I? home.username = "ambroisie"; + + # Start services automatically + systemd.user.startServices = "sd-switch"; } From 3058636c87f5c5341265d02ddddbcf5836b5a609 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 13:06:50 +0200 Subject: [PATCH 403/654] modules: home: forward inputs to home-manager This will be useful if and when I end up adding inputs with home-manager modules defined. --- modules/home/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/home/default.nix b/modules/home/default.nix index 4745c0c..a287f35 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -19,6 +19,11 @@ in # Nix Flakes compatibility useGlobalPkgs = true; useUserPackages = true; + + # Forward inputs to home-manager configuration + extraSpecialArgs = { + inherit inputs; + }; }; }; } From 14e4e681aa61d5f2c5d2859aa82e3d111045e813 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 13:15:16 +0200 Subject: [PATCH 404/654] home: wm: screen-lock: rename changed option --- home/wm/screen-lock/default.nix | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/home/wm/screen-lock/default.nix b/home/wm/screen-lock/default.nix index 9201f40..95060b8 100644 --- a/home/wm/screen-lock/default.nix +++ b/home/wm/screen-lock/default.nix @@ -35,20 +35,22 @@ in lockCmd = cfg.command; - xautolockExtraOptions = lib.optionals cfg.cornerLock.enable [ - # Mouse corners: instant lock on upper-left, never lock on lower-right - "-cornerdelay" - "${toString cfg.cornerLock.delay}" - "-cornerredelay" - "${toString cfg.cornerLock.delay}" - "-corners" - "+00-" - ] ++ lib.optionals cfg.notify.enable [ - "-notify" - "${toString cfg.notify.delay}" - "-notifier" - notficationCmd - ]; + xautolock = { + extraOptions = lib.optionals cfg.cornerLock.enable [ + # Mouse corners: instant lock on upper-left, never lock on lower-right + "-cornerdelay" + "${toString cfg.cornerLock.delay}" + "-cornerredelay" + "${toString cfg.cornerLock.delay}" + "-corners" + "+00-" + ] ++ lib.optionals cfg.notify.enable [ + "-notify" + "${toString cfg.notify.delay}" + "-notifier" + notficationCmd + ]; + }; }; }; } From 148d6609ecf1e90cf57d6312ce5a1b9ce84d0d4c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 25 Oct 2021 15:01:04 +0200 Subject: [PATCH 405/654] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 9d368ca..9244a9c 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1631896269, - "narHash": "sha256-DAyCxJ8JacayOzGgGSfzrn7ghtsfL/EsCyk1NEUaAR8=", + "lastModified": 1634404028, + "narHash": "sha256-JyP2Y6JCCYvUcVz7CXX5pXUfTGTU4GX51Yza82BgMfk=", "owner": "ryantm", "repo": "agenix", - "rev": "daf1d773989ac5d949aeef03fce0fe27e583dbca", + "rev": "53aa91b4170da35a96fab1577c9a34bc0da44e27", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1631561581, - "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", + "lastModified": 1634851050, + "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=", "owner": "numtide", "repo": "flake-utils", - "rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19", + "rev": "c91f3de5adaf1de973b797ef7485e441a65b8935", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1634230035, - "narHash": "sha256-tS0dyWxVgb79Jk8elMthWv/oycj/Q4HHDoNL5V43kz8=", + "lastModified": 1634851225, + "narHash": "sha256-fwtGHHl7fTELucIRBKO5JORD8QP9Lo9PwY9nrJuEybE=", "owner": "nix-community", "repo": "home-manager", - "rev": "309808afbc2a07e340067f66029a4202b4c4b959", + "rev": "cfe82d9f444a1b77f135070f1c1ee63fa061f2fd", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1634172192, - "narHash": "sha256-FBF4U/T+bMg4sEyT/zkgasvVquGzgdAf4y8uCosKMmo=", + "lastModified": 1634782485, + "narHash": "sha256-psfh4OQSokGXG0lpq3zKFbhOo3QfoeudRcaUnwMRkQo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2cf9db0e3d45b9d00f16f2836cb1297bcadc475e", + "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1634283744, - "narHash": "sha256-XqRqt1RbEz6MAO1ZkAkcjNZTJCOJ+3LJJ2JWyEkUXsQ=", + "lastModified": 1634894948, + "narHash": "sha256-CRrIz4o/eC/PYJ1Hph501aZv0pfnOMVTvH0PMMDkSSM=", "owner": "nix-community", "repo": "NUR", - "rev": "2dbf2b986c523b728ead324baaba9e0d28322557", + "rev": "c4f9bb6ada83e3fc7fe98d35b41013fee207b603", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1633788342, - "narHash": "sha256-wx+aRtR5FwbMOV/0N3PSC4au92aXl6tfwHOk4xgYXRQ=", + "lastModified": 1634595438, + "narHash": "sha256-hV9D41fqTateTligwNd9dmJKQ0R0w6RpCN92xR3LhHk=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "475b1f7f7ddcb6415e6624a68c4fe90f55ee9e73", + "rev": "06fa80325b6fe3b28d136071dd0ce55d4817e9fd", "type": "github" }, "original": { From b83f28f2ba92381ab2659971d722e6fadf9b62f9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Oct 2021 15:07:24 +0200 Subject: [PATCH 406/654] home: wm: i3: use 'i3status-rust.package' value --- home/wm/i3/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 94cec6d..8929c6e 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -87,10 +87,12 @@ in let barConfigPath = config.xdg.configFile."i3status-rust/config-top.toml".target; + i3status-rs = + "${config.programs.i3status-rust.package}/bin/i3status-rs"; in [ { - statusCommand = "i3status-rs ${barConfigPath}"; + statusCommand = "${i3status-rs} ${barConfigPath}"; trayOutput = "primary"; position = "top"; From a94f349dde7e2a12565a49ff28714b7c92fc3b3d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Oct 2021 15:12:16 +0200 Subject: [PATCH 407/654] home: do not restart services automatically Turns out it is *not* ideal when modifying my WM configuration in any way... Having i3 restart due to changing a keybinding is not great. This reverts commit 6bec62073bda8204e6eb38b60c1d729363a1c623. --- home/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/home/default.nix b/home/default.nix index b88dfed..e68c53b 100644 --- a/home/default.nix +++ b/home/default.nix @@ -40,7 +40,4 @@ # Who am I? home.username = "ambroisie"; - - # Start services automatically - systemd.user.startServices = "sd-switch"; } From 40ec169d6ec036079f5990d26bf11d24dd29eee3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Oct 2021 18:14:40 +0200 Subject: [PATCH 408/654] flake: remove gnupg from devShell --- flake.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/flake.nix b/flake.nix index 9c33d34..8c2e923 100644 --- a/flake.nix +++ b/flake.nix @@ -129,7 +129,6 @@ nativeBuildInputs = with pkgs; [ gitAndTools.pre-commit - gnupg nixpkgs-fmt ]; From ea6c3727be6aae8bb6add0d991fe509d1a304fb6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 14:09:48 +0100 Subject: [PATCH 409/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 9244a9c..5226554 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1634851225, - "narHash": "sha256-fwtGHHl7fTELucIRBKO5JORD8QP9Lo9PwY9nrJuEybE=", + "lastModified": 1635839387, + "narHash": "sha256-2B6DqfTiwY5w2TljC4+AxEUuVYMTP5Fo2h5iGNIONvk=", "owner": "nix-community", "repo": "home-manager", - "rev": "cfe82d9f444a1b77f135070f1c1ee63fa061f2fd", + "rev": "288faaa5a65e72e37e6027024829b15c8bb69286", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1634782485, - "narHash": "sha256-psfh4OQSokGXG0lpq3zKFbhOo3QfoeudRcaUnwMRkQo=", + "lastModified": 1635844945, + "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", + "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1634894948, - "narHash": "sha256-CRrIz4o/eC/PYJ1Hph501aZv0pfnOMVTvH0PMMDkSSM=", + "lastModified": 1635930672, + "narHash": "sha256-nNqwxC17Z+4WTdV8D5BfsfCOxSJl4rnDWbVSUMXGgxU=", "owner": "nix-community", "repo": "NUR", - "rev": "c4f9bb6ada83e3fc7fe98d35b41013fee207b603", + "rev": "15697042f0863030801ba9594fe9b3bc7cc62fe8", "type": "github" }, "original": { From ddeeb974a4e02be9ae2681f1ece5f9ecc62d99f7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:16:40 +0100 Subject: [PATCH 410/654] modules: services: backup: remove deprecated name --- modules/services/backup/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/services/backup/default.nix b/modules/services/backup/default.nix index 88c7fde..ff0fc7f 100644 --- a/modules/services/backup/default.nix +++ b/modules/services/backup/default.nix @@ -97,8 +97,8 @@ in ; # Take care of creating the repository if it doesn't exist initialize = true; - # Hijack S3-related env to give B2 API key - s3CredentialsFile = cfg.credentialsFile; + # give B2 API key securely + environmentFile = cfg.credentialsFile; inherit (cfg) passwordFile pruneOpts timerConfig repository; }; From 3f7fb26b8f134ed1d5991f243144f5a20f38aa3c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:49:47 +0100 Subject: [PATCH 411/654] home: wm: i3: extract 'notify-send' variable It is used in multiple scripts, might as well centralise it. --- home/wm/i3/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 8929c6e..38971dc 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -26,6 +26,9 @@ let # Generate an attrset of movement bindings, using the mapper function genMovementBindings = f: addVimKeyBindings (lib.my.genAttrs' movementKeys f); + # Used in multiple scripts to show messages through keybindings + notify-send = "${pkgs.libnotify}/bin/notify-send"; + # Screen backlight management changeBacklight = let @@ -40,7 +43,7 @@ let fi newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)" - ${pkgs.libnotify}/bin/notify-send -u low \ + ${notify-send} -u low \ -h string:x-canonical-private-synchronous:change-backlight \ -h "int:value:''${newBrightness/\%/}" \ -- "Set brightness to $newBrightness" @@ -50,7 +53,6 @@ let toggleXautolock = let systemctlUser = "${pkgs.systemd}/bin/systemctl --user"; - notify-send = "${pkgs.libnotify}/bin/notify-send"; notify = "${notify-send} -u low" + " -h string:x-canonical-private-synchronous:xautolock-toggle"; in From da4acebddeb7b58701d0a4ae619bf005f992aae7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:50:28 +0100 Subject: [PATCH 412/654] home: wm: i3: notify when changing audio volume --- home/wm/i3/default.nix | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 38971dc..6a8144a 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -49,6 +49,28 @@ let -- "Set brightness to $newBrightness" ''; + # Audio and volume management + changeAudio = + let + pamixer = "${pkgs.pamixer}/bin/pamixer"; + in + pkgs.writeScript "change-audio" '' + #!/bin/sh + if [ "$1" = "up" ]; then + upDown="-i" + else + upDown="-d" + fi + + ${pamixer} --allow-boost "$upDown" "$2" + newVolume="$(${pamixer} --get-volume)" + + ${notify-send} -u low \ + -h string:x-canonical-private-synchronous:change-audio \ + -h "int:value:$newVolume" \ + -- "Set volume to $newVolume " + ''; + # Lock management toggleXautolock = let @@ -259,10 +281,10 @@ in ) { # Media keys - "XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 5"; - "XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 5"; - "Control+XF86AudioRaiseVolume" = "exec pamixer --allow-boost -i 1"; - "Control+XF86AudioLowerVolume" = "exec pamixer --allow-boost -d 1"; + "XF86AudioRaiseVolume" = "exec ${changeAudio} up 5"; + "XF86AudioLowerVolume" = "exec ${changeAudio} down 5"; + "Control+XF86AudioRaiseVolume" = "exec ${changeAudio} up 1"; + "Control+XF86AudioLowerVolume" = "exec ${changeAudio} down 1"; "XF86AudioMute" = "exec pamixer --toggle-mute"; "XF86AudioMicMute" = "exec pamixer --default-source --toggle-mute"; From 7dc177cf44a1d86ef99843275bb0a5afb3ebca11 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:57:31 +0100 Subject: [PATCH 413/654] home: wm: i3: avoid loading icon on notifications Because my script are obviously not startup id aware, hovering on the notification leads to having a loading cursor. --- home/wm/i3/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 6a8144a..ad2eb36 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -281,10 +281,10 @@ in ) { # Media keys - "XF86AudioRaiseVolume" = "exec ${changeAudio} up 5"; - "XF86AudioLowerVolume" = "exec ${changeAudio} down 5"; - "Control+XF86AudioRaiseVolume" = "exec ${changeAudio} up 1"; - "Control+XF86AudioLowerVolume" = "exec ${changeAudio} down 1"; + "XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up 5"; + "XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 5"; + "Control+XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up 1"; + "Control+XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 1"; "XF86AudioMute" = "exec pamixer --toggle-mute"; "XF86AudioMicMute" = "exec pamixer --default-source --toggle-mute"; @@ -295,10 +295,10 @@ in { # Screen management "XF86Display" = "exec arandr"; - "XF86MonBrightnessUp" = "exec ${changeBacklight} up 10"; - "XF86MonBrightnessDown" = "exec ${changeBacklight} down 10"; - "Control+XF86MonBrightnessUp" = "exec ${changeBacklight} up 1"; - "Control+XF86MonBrightnessDown" = "exec ${changeBacklight} down 1"; + "XF86MonBrightnessUp" = "exec --no-startup-id ${changeBacklight} up 10"; + "XF86MonBrightnessDown" = "exec --no-startup-id ${changeBacklight} down 10"; + "Control+XF86MonBrightnessUp" = "exec --no-startup-id ${changeBacklight} up 1"; + "Control+XF86MonBrightnessDown" = "exec --no-startup-id ${changeBacklight} down 1"; } { # Sub-modes From f6381b14b0b53c2f29f97f047e6a2d59313bf1f0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Nov 2021 15:55:33 +0100 Subject: [PATCH 414/654] pkgs: add change-backlight --- pkgs/change-backlight/change-backlight | 15 +++++++++ pkgs/change-backlight/default.nix | 44 ++++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 3 files changed, 61 insertions(+) create mode 100755 pkgs/change-backlight/change-backlight create mode 100644 pkgs/change-backlight/default.nix diff --git a/pkgs/change-backlight/change-backlight b/pkgs/change-backlight/change-backlight new file mode 100755 index 0000000..e178151 --- /dev/null +++ b/pkgs/change-backlight/change-backlight @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ "$1" = "up" ]; then + upDown="+$2%" +else + upDown="$2%-" +fi + +newBrightness="$(brightnessctl -m set "$upDown" | cut -d, -f4)" +notify-send -u low \ + -h string:x-canonical-private-synchronous:change-backlight \ + -h "int:value:${newBrightness/\%/}" \ + -- "Set brightness to $newBrightness" diff --git a/pkgs/change-backlight/default.nix b/pkgs/change-backlight/default.nix new file mode 100644 index 0000000..799c814 --- /dev/null +++ b/pkgs/change-backlight/default.nix @@ -0,0 +1,44 @@ +{ lib, brightnessctl, libnotify, makeWrapper, shellcheck, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "change-backlight"; + version = "0.1.0"; + + src = ./change-backlight; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + dontUnpack = true; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/change-backlight + chmod a+x $out/bin/change-backlight + ''; + + wrapperPath = lib.makeBinPath [ + brightnessctl + libnotify + ]; + + fixupPhase = '' + patchShebangs $out/bin/change-backlight + wrapProgram $out/bin/change-backlight --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = '' + A script to change a screen's brightness and notify about it + ''; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.linux; + maintainers = with maintainers; [ ambroisie ]; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 46fa4ab..3f7b1df 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,6 +2,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; + change-backlight = pkgs.callPackage ./change-backlight { }; + comma = pkgs.callPackage ./comma { }; diff-flake = pkgs.callPackage ./diff-flake { }; From fe455ffe9f79a8c674d79e82969434ef13b9290c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Nov 2021 15:56:01 +0100 Subject: [PATCH 415/654] pkgs: add change-audio --- pkgs/change-audio/change-audio | 17 +++++++++++++ pkgs/change-audio/default.nix | 44 ++++++++++++++++++++++++++++++++++ pkgs/default.nix | 2 ++ 3 files changed, 63 insertions(+) create mode 100755 pkgs/change-audio/change-audio create mode 100644 pkgs/change-audio/default.nix diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio new file mode 100755 index 0000000..9f7f1d2 --- /dev/null +++ b/pkgs/change-audio/change-audio @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +set -euo pipefail + +if [ "$1" = "up" ]; then + upDown="-i" +else + upDown="-d" +fi + +pamixer --allow-boost "$upDown" "$2" +newVolume="$(pamixer --get-volume)" + +notify-send -u low \ + -h string:x-canonical-private-synchronous:change-audio \ + -h "int:value:$newVolume" \ + -- "Set volume to $newVolume%" diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix new file mode 100644 index 0000000..5027826 --- /dev/null +++ b/pkgs/change-audio/default.nix @@ -0,0 +1,44 @@ +{ lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "change-audio"; + version = "0.1.0"; + + src = ./change-audio; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + dontUnpack = true; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/change-audio + chmod a+x $out/bin/change-audio + ''; + + wrapperPath = lib.makeBinPath [ + libnotify + pamixer + ]; + + fixupPhase = '' + patchShebangs $out/bin/change-audio + wrapProgram $out/bin/change-audio --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = '' + A script to change the volume and notify about it + ''; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.linux; + maintainers = with maintainers; [ ambroisie ]; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 3f7b1df..a179dfb 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,6 +2,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; + change-audio = pkgs.callPackage ./change-audio { }; + change-backlight = pkgs.callPackage ./change-backlight { }; comma = pkgs.callPackage ./comma { }; From 2af0fe542fabee62f55bd1e9ac7134acbf1a98d3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Nov 2021 15:56:07 +0100 Subject: [PATCH 416/654] home: wm: i3: use packaged scripts Instead of inlining them in the configuration, use an actual package for those. --- home/wm/i3/default.nix | 40 ++-------------------------------------- 1 file changed, 2 insertions(+), 38 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index ad2eb36..4465bb0 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -30,46 +30,10 @@ let notify-send = "${pkgs.libnotify}/bin/notify-send"; # Screen backlight management - changeBacklight = - let - brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl"; - in - pkgs.writeScript "change-backlight" '' - #!/bin/sh - if [ "$1" = "up" ]; then - upDown="+$2%" - else - upDown="$2%-" - fi - - newBrightness="$(${brightnessctl} -m set "$upDown" | cut -d, -f4)" - ${notify-send} -u low \ - -h string:x-canonical-private-synchronous:change-backlight \ - -h "int:value:''${newBrightness/\%/}" \ - -- "Set brightness to $newBrightness" - ''; + changeBacklight = "${pkgs.ambroisie.change-backlight}/bin/change-backlight"; # Audio and volume management - changeAudio = - let - pamixer = "${pkgs.pamixer}/bin/pamixer"; - in - pkgs.writeScript "change-audio" '' - #!/bin/sh - if [ "$1" = "up" ]; then - upDown="-i" - else - upDown="-d" - fi - - ${pamixer} --allow-boost "$upDown" "$2" - newVolume="$(${pamixer} --get-volume)" - - ${notify-send} -u low \ - -h string:x-canonical-private-synchronous:change-audio \ - -h "int:value:$newVolume" \ - -- "Set volume to $newVolume " - ''; + changeAudio = "${pkgs.ambroisie.change-audio}/bin/change-audio"; # Lock management toggleXautolock = From 9b4a92895fd73e98dd3e4fdf9a8fa41ac52776e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 4 Nov 2021 16:24:09 +0100 Subject: [PATCH 417/654] home: wm: dunst: replace deprecated 'geometry' --- home/wm/dunst/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/home/wm/dunst/default.nix b/home/wm/dunst/default.nix index e90362a..949db32 100644 --- a/home/wm/dunst/default.nix +++ b/home/wm/dunst/default.nix @@ -18,7 +18,6 @@ in follow = "keyboard"; # follow keyboard focus font = "Monospace 8"; # Simple looking font frame_width = 3; # small frame - geometry = "300x50-15+49"; markup = "full"; # subset of HTML max_icon_size = 32; # avoid icons that are too big padding = 6; # distance between text and bubble border @@ -26,6 +25,12 @@ in separator_color = "frame"; # use frame color to separate bubbles sort = true; # sort messages by urgency word_wrap = true; # Break long lines to make them readable + + # Fixed size notifications, slightly recessed from the top right + width = 300; + height = 50; + origin = "top-right"; + offset = "15x50"; }; urgency_low = { From 680eeffd3a675cf45a14b004518a40db509d096d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:12:54 +0100 Subject: [PATCH 418/654] machines: porthos: users: remove unused let block --- machines/porthos/users.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/machines/porthos/users.nix b/machines/porthos/users.nix index 645c942..fbbe368 100644 --- a/machines/porthos/users.nix +++ b/machines/porthos/users.nix @@ -1,8 +1,5 @@ # User setup -{ config, ... }: -let - my = config.my; -in +{ ... }: { users.users.blog = { description = "Blog Publisher"; From 74a5c50fbea9934c724824ec8c0494ba436a6306 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:13:58 +0100 Subject: [PATCH 419/654] modules: services: drone: remove unused arguments --- modules/services/drone/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/drone/default.nix b/modules/services/drone/default.nix index 3e84ddd..79c48dd 100644 --- a/modules/services/drone/default.nix +++ b/modules/services/drone/default.nix @@ -2,7 +2,7 @@ # # Inspired by [1] # [1]: https://github.com/Mic92/dotfiles/blob/master/nixos/eve/modules/drone.nix -{ config, lib, pkgs, ... }: +{ lib, ... }: { imports = [ ./runner-docker From 79265008d2d8a6548c1ca794f3b8f4aeac391927 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:14:10 +0100 Subject: [PATCH 420/654] modules: services: nginx: remove unused argument --- modules/services/nginx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index 46710d2..7e4d6f4 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -1,5 +1,5 @@ # A simple abstraction layer for almost all of my services' needs -{ config, lib, pkgs, utils, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.services.nginx; From e7ff83b1bb804b6cdeff03e937cf7f50e4b87c36 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:14:24 +0100 Subject: [PATCH 421/654] pkgs: dragger: remove unused argument --- pkgs/dragger/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/dragger/default.nix b/pkgs/dragger/default.nix index 1a43a1b..cd0d453 100644 --- a/pkgs/dragger/default.nix +++ b/pkgs/dragger/default.nix @@ -1,4 +1,4 @@ -{ lib, fetchFromGitHub, qt5, stdenv }: +{ lib, fetchFromGitHub, qt5, }: qt5.mkDerivation rec { pname = "dragger"; version = "0.1.0"; From e428895ba7f990b2b1959b31d6265a0b6ca1af4c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:14:36 +0100 Subject: [PATCH 422/654] profiles: gtk: remove unused argument --- profiles/gtk/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/gtk/default.nix b/profiles/gtk/default.nix index f9fcd5d..61a3edc 100644 --- a/profiles/gtk/default.nix +++ b/profiles/gtk/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.profiles.gtk; in From a602cf41439d960dd07b8a4bcf3562112b8f02b4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:14:41 +0100 Subject: [PATCH 423/654] profiles: wm: remove unused argument --- profiles/wm/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/wm/default.nix b/profiles/wm/default.nix index bf9d3f9..473d49d 100644 --- a/profiles/wm/default.nix +++ b/profiles/wm/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let cfg = config.my.profiles.wm; in From e91ebb24f09f74d68bd271ea2d3245e17de5976b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:31:59 +0100 Subject: [PATCH 424/654] modules: secrets: lohr: add 'ssh-key' --- modules/secrets/lohr/ssh-key.age | Bin 0 -> 839 bytes modules/secrets/secrets.nix | 1 + 2 files changed, 1 insertion(+) create mode 100644 modules/secrets/lohr/ssh-key.age diff --git a/modules/secrets/lohr/ssh-key.age b/modules/secrets/lohr/ssh-key.age new file mode 100644 index 0000000000000000000000000000000000000000..30a5e254eb0031110173e2d83b1ad9fba44a8255 GIT binary patch literal 839 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;^ZrPl*UC z4+#wlNe!vWEOE=%FDppSON_E~$_&mdD>IHtbagb1(#|i)GU2jF&d)c`E^>AaGV%5Z zj`GWJFD~)RGWSh3Fo`N~^-0ey3C#)gjtX&fD@M01DDJ7%C zB+;`tG%zyVC)7Bv%-1cVB&E{3Dj#HAw#Z--|l7uGrwtFXwf_ zIqP3v)H1%E!)<#e^o%@L*DIUJxBSd}qqUr7I6R&CDY5p<-1W@==F2=h7WMC8Cs*>< z-S0A(^(-H9Y+5_Lr{u}`9pNAEEt~gwR{M?M;ukfsa&8T_E*HP69y_?MK6CSjuTkq> z{(4;ODDdrig^hTPT~EAIyu)mZc>9Y12DY;l&dc4&SlLyeztjJ^pm&p3;`hEd&G)k> zEV0h#s@2!`^j`TpcB`R6NNM`OU-69h(HSS12H8Dww&%7f zKYwSD7Q5fB{_CeKcWIBEZB{&IcjkWgZhOQlXEN)x`Mp0YwE~t%YPVeFYUUNN64unL z5MngiZueSsyWb6k$jFQi|7X=^2R2LzpS5Ar_e@=veuI_I@Air6Zogq?zx*?sR@mOp zY&xQON9QUO>s6dFRQ!`Hrf|SODo`+`W$k$-Q-v(i7Y6+t58u7bo4|6V%uXjq#CY4K z;01rzuHLsw^1PlugRRape+My%bzW!P0~Xv@nO&5&uQtxWpujaKAfwChQRElvElP@; Uz4P{QuWxOxb-r#rr7DdN0H8=xJpcdz literal 0 HcmV?d00001 diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index ee5aba5..d8e289e 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -19,6 +19,7 @@ in "drone/ssh/private-key.age".publicKeys = all; "lohr/secret.age".publicKeys = all; + "lohr/ssh-key.age".publicKeys = all; "matrix/mail.age" = { owner = "matrix-synapse"; From 7c1f379d82df8947ccc995164bf3720429af6834 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 16:31:22 +0100 Subject: [PATCH 425/654] modules: services: lohr: declarative ssh key --- modules/services/lohr/default.nix | 35 +++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/modules/services/lohr/default.nix b/modules/services/lohr/default.nix index 45ae3d7..af218ac 100644 --- a/modules/services/lohr/default.nix +++ b/modules/services/lohr/default.nix @@ -5,6 +5,9 @@ let settingsFormat = pkgs.formats.yaml { }; lohrPkg = pkgs.ambroisie.lohr; + + lohrStateDirectory = "lohr"; + lohrHome = "/var/lib/lohr/"; in { options.my.services.lohr = with lib; { @@ -34,6 +37,15 @@ in example = "/run/secrets/lohr.env"; description = "Shared secret between lohr and Gitea hook"; }; + + sshKeyFile = mkOption { + type = with types; nullOr str; + default = null; + example = "/run/secrets/lohr/ssh-key"; + description = '' + The ssh key that should be used by lohr to mirror repositories + ''; + }; }; config = lib.mkIf cfg.enable { @@ -46,16 +58,31 @@ in Environment = [ "ROCKET_PORT=${toString cfg.port}" "ROCKET_LOG_LEVEL=normal" - "LOHR_HOME=/var/lib/lohr/" + "LOHR_HOME=${lohrHome}" "LOHR_CONFIG=" ]; + ExecStartPre = lib.mkIf (cfg.sshKeyFile != null) ''+${ + pkgs.writeScript "copy-ssh-key" '' + #!${pkgs.bash}/bin/bash + # Ensure the key is not there + mkdir -p '${lohrHome}/.ssh' + rm -f '${lohrHome}/.ssh/id_ed25519' + + # Move the key into place + cp ${cfg.sshKeyFile} '${lohrHome}/.ssh/id_ed25519' + + # Fix permissions + chown -R lohr:lohr '${lohrHome}/.ssh' + chmod -R 0700 '${lohrHome}/.ssh' + '' + }''; ExecStart = let configFile = settingsFormat.generate "lohr-config.yaml" cfg.setting; in "${lohrPkg}/bin/lohr --config ${configFile}"; - StateDirectory = "lohr"; - WorkingDirectory = "/var/lib/lohr"; + StateDirectory = lohrStateDirectory; + WorkingDirectory = lohrHome; User = "lohr"; Group = "lohr"; }; @@ -66,7 +93,7 @@ in users.users.lohr = { isSystemUser = true; - home = "/var/lib/lohr"; + home = lohrHome; createHome = true; group = "lohr"; }; From 21f0199791c1dacecefa633db1e1834b06a4dda7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 16:56:45 +0100 Subject: [PATCH 426/654] machines: porthos: services: use 'lohr.sshKeyFile' --- machines/porthos/services.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 07cf8eb..5661773 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -52,6 +52,7 @@ in lohr = { enable = true; sharedSecretFile = secrets."lohr/secret".path; + sshKeyFile = secrets."lohr/ssh-key".path; }; # Matrix backend and Element chat front-end matrix = { From 6633405e428391f0ab9e335e076f60c959a8901f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:55:20 +0100 Subject: [PATCH 427/654] modules: services: pirate: sort 'ports' values --- modules/services/pirate/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/services/pirate/default.nix b/modules/services/pirate/default.nix index 89dba55..42dd12b 100644 --- a/modules/services/pirate/default.nix +++ b/modules/services/pirate/default.nix @@ -7,10 +7,10 @@ let cfg = config.my.services.pirate; ports = { - sonarr = 8989; - radarr = 7878; bazarr = 6767; lidarr = 8686; + radarr = 7878; + sonarr = 8989; }; managers = with lib.attrsets; From 5f47ec564c2b207a938ea7e8141a89f367b31a03 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:54:02 +0100 Subject: [PATCH 428/654] modules: services: calibre-web: use 'dataDir' --- modules/services/calibre-web/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/calibre-web/default.nix b/modules/services/calibre-web/default.nix index d4beff9..e6ba10d 100644 --- a/modules/services/calibre-web/default.nix +++ b/modules/services/calibre-web/default.nix @@ -49,7 +49,7 @@ in my.services.backup = { paths = [ - "/var/lib/calibre-web" # For `app.db` and `gdrive.db` + "/var/lib/${config.services.calibre-web.dataDir}" # For `app.db` and `gdrive.db` cfg.libraryPath ]; }; From 4491eaea49ba898209b745634a57d9dc8871edb0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:04:10 +0100 Subject: [PATCH 429/654] modules: services: paperless: backup 'dataDir' --- modules/services/paperless/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/services/paperless/default.nix b/modules/services/paperless/default.nix index 2f688ec..e9ec6a3 100644 --- a/modules/services/paperless/default.nix +++ b/modules/services/paperless/default.nix @@ -138,6 +138,7 @@ in my.services.backup = { paths = [ + config.services.paperless-ng.dataDir config.services.paperless-ng.mediaDir ]; }; From 10d35f73c86d3bec79e6256ab5173ee966085aa6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:12:14 +0100 Subject: [PATCH 430/654] modules: services: nginx-sso: always rewrite conf --- modules/services/nginx/sso/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/services/nginx/sso/default.nix b/modules/services/nginx/sso/default.nix index 987e926..13292ec 100644 --- a/modules/services/nginx/sso/default.nix +++ b/modules/services/nginx/sso/default.nix @@ -61,6 +61,7 @@ in # The files to be merged might not have the correct permissions ExecStartPre = ''+${pkgs.writeScript "merge-nginx-sso-config" '' #!${pkgs.bash}/bin/bash + rm -f '${confPath}' ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} # Fix permissions From 4c5b556bb8f93bee51bdb84828dafd4ee140f41d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 9 Nov 2021 15:16:20 +0100 Subject: [PATCH 431/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 5226554..5f75c7f 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1635839387, - "narHash": "sha256-2B6DqfTiwY5w2TljC4+AxEUuVYMTP5Fo2h5iGNIONvk=", + "lastModified": 1636274622, + "narHash": "sha256-tZYuGhqcfH7piCsrUrIYM0P3oPJcoBxGkuxeFNVxkCc=", "owner": "nix-community", "repo": "home-manager", - "rev": "288faaa5a65e72e37e6027024829b15c8bb69286", + "rev": "2917ef23b398a22ee33fb34b5766b28728228ab1", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1635844945, - "narHash": "sha256-tZcL307dj28jgEU1Wdn+zwG9neyW0H2+ZjdVhvJxh9g=", + "lastModified": 1636267212, + "narHash": "sha256-KDS173KqmqrYUPY9N4vf750GxIo+S6E0djyq2BsQm8s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b67e752c29f18a0ca5534a07661366d6a2c2e649", + "rev": "c935f5e0add2cf0ae650d072c8357533e21b0c35", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1635930672, - "narHash": "sha256-nNqwxC17Z+4WTdV8D5BfsfCOxSJl4rnDWbVSUMXGgxU=", + "lastModified": 1636465115, + "narHash": "sha256-XgCV91RrYNRJbXk5jEtiVVgvMq9kSRKVOCvN3ajsooo=", "owner": "nix-community", "repo": "NUR", - "rev": "15697042f0863030801ba9594fe9b3bc7cc62fe8", + "rev": "bfe7c1693a87c72201d8914356374a4798bfbb39", "type": "github" }, "original": { From cef430ed39732793e6c41a54b2bf141a2c762fb1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 9 Nov 2021 15:32:59 +0100 Subject: [PATCH 432/654] home: tmux: remove tmux service Turns out it is more trouble than it is worth trying to make this work: with the secure socket problem etc... The first start up is fast enough for me in the end. This reverts commit cc21d84808dfd79736b3c44e72ea2c3a8e1476a6. --- home/tmux/default.nix | 30 ------------------------------ 1 file changed, 30 deletions(-) diff --git a/home/tmux/default.nix b/home/tmux/default.nix index c9ccf16..ac2e1d2 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -5,10 +5,6 @@ in { options.my.home.tmux = with lib.my; { enable = mkDisableOption "tmux terminal multiplexer"; - - service = { - enable = mkDisableOption "tmux server service"; - }; }; config.programs.tmux = lib.mkIf cfg.enable { @@ -50,30 +46,4 @@ in bind-key -Tcopy-mode-vi 'C-v' send -X begin-selection \; send -X rectangle-toggle ''; }; - - config.systemd.user.services.tmux = lib.mkIf cfg.service.enable { - Unit = { - Description = "tmux server"; - }; - - Install = { - WantedBy = [ "default.target" ]; - }; - - Service = - let - # Wrap `tmux` in a login shell and set the socket path - tmuxCmd = "${config.programs.tmux.package}/bin/tmux"; - socketExport = lib.optionalString - config.programs.tmux.secureSocket - ''export TMUX_TMPDIR=''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"};''; - mkTmuxCommand = - c: "${pkgs.runtimeShell} -l -c '${socketExport} ${tmuxCmd} ${c}'"; - in - { - Type = "forking"; - ExecStart = mkTmuxCommand "new -d -s ambroisie"; - ExecStop = mkTmuxCommand "kill-server"; - }; - }; } From 7d31aa93dba84bfe6a73182255ccbc7271da3a6d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Nov 2021 09:40:37 +0100 Subject: [PATCH 433/654] pkgs: change-audio: 0.1.0 -> 0.1.1 Fix issue with not showing notification at 0% volume. --- pkgs/change-audio/change-audio | 2 +- pkgs/change-audio/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio index 9f7f1d2..22479d4 100755 --- a/pkgs/change-audio/change-audio +++ b/pkgs/change-audio/change-audio @@ -9,7 +9,7 @@ else fi pamixer --allow-boost "$upDown" "$2" -newVolume="$(pamixer --get-volume)" +newVolume="$(pamixer --get-volume || true)" notify-send -u low \ -h string:x-canonical-private-synchronous:change-audio \ diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix index 5027826..c931ee6 100644 --- a/pkgs/change-audio/default.nix +++ b/pkgs/change-audio/default.nix @@ -1,7 +1,7 @@ { lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-audio"; - version = "0.1.0"; + version = "0.1.1"; src = ./change-audio; From 6ebfa1a8cc63bb9117d40529307da5ffb379204f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Nov 2021 09:42:39 +0100 Subject: [PATCH 434/654] flake: enable shellcheck pre-commit hook --- flake.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/flake.nix b/flake.nix index 8c2e923..39e0eb6 100644 --- a/flake.nix +++ b/flake.nix @@ -118,6 +118,10 @@ nixpkgs-fmt = { enable = true; }; + + shellcheck = { + enable = true; + }; }; }; }; From 2d7f01f035c0b475027f06bf43437cd9ec7a209b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Nov 2021 09:49:00 +0100 Subject: [PATCH 435/654] pkgs: change-audio: 0.1.1 -> 0.1.2 Show if volume is currently muted. --- pkgs/change-audio/change-audio | 8 +++++++- pkgs/change-audio/default.nix | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio index 22479d4..836e0c1 100755 --- a/pkgs/change-audio/change-audio +++ b/pkgs/change-audio/change-audio @@ -10,8 +10,14 @@ fi pamixer --allow-boost "$upDown" "$2" newVolume="$(pamixer --get-volume || true)" +[ "$(pamixer --get-volume-human)" = "muted" ] && isMuted=true + +MSG="Set volume to $newVolume%" +if [ "${isMuted:-false}" = true ]; then + MSG="$MSG (muted)" +fi notify-send -u low \ -h string:x-canonical-private-synchronous:change-audio \ -h "int:value:$newVolume" \ - -- "Set volume to $newVolume%" + -- "$MSG" diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix index c931ee6..de050ff 100644 --- a/pkgs/change-audio/default.nix +++ b/pkgs/change-audio/default.nix @@ -1,7 +1,7 @@ { lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-audio"; - version = "0.1.1"; + version = "0.1.2"; src = ./change-audio; From 119504d0b587e97ca6a2130b665b7cb6d9ba8c67 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Nov 2021 10:17:39 +0100 Subject: [PATCH 436/654] pkgs: change-audio: 0.1.2 -> 0.2.0 Allow muting microphone and speakers, with refactor to make it DRY. --- pkgs/change-audio/change-audio | 71 ++++++++++++++++++++++++++-------- pkgs/change-audio/default.nix | 2 +- 2 files changed, 56 insertions(+), 17 deletions(-) diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio index 836e0c1..5bb1588 100755 --- a/pkgs/change-audio/change-audio +++ b/pkgs/change-audio/change-audio @@ -2,22 +2,61 @@ set -euo pipefail -if [ "$1" = "up" ]; then - upDown="-i" -else - upDown="-d" -fi +NOTIFY=( + notify-send + -u low + -h string:x-canonical-private-synchronous:change-audio +) -pamixer --allow-boost "$upDown" "$2" -newVolume="$(pamixer --get-volume || true)" -[ "$(pamixer --get-volume-human)" = "muted" ] && isMuted=true +do_change_volume() { + if [ "$1" = "up" ]; then + upDown="-i" + else + upDown="-d" + fi -MSG="Set volume to $newVolume%" -if [ "${isMuted:-false}" = true ]; then - MSG="$MSG (muted)" -fi + pamixer --allow-boost "$upDown" "$2" + newVolume="$(pamixer --get-volume || true)" + [ "$(pamixer --get-volume-human)" = "muted" ] && isMuted=true -notify-send -u low \ - -h string:x-canonical-private-synchronous:change-audio \ - -h "int:value:$newVolume" \ - -- "$MSG" + MSG="Set volume to $newVolume%" + if [ "${isMuted:-false}" = true ]; then + MSG="$MSG (muted)" + fi + "${NOTIFY[@]}" \ + -h "int:value:$newVolume" \ + -- "$MSG" +} + +do_toggle() { + args=() + if [ "${2:-audio}" = mic ]; then + args+=(--default-source) + MSG="Toggled microphone" + else + MSG="Toggled audio output" + fi + + pamixer "${args[@]}" --toggle-mute + + if [ "$(pamixer "${args[@]}" --get-mute)" = true ]; then + MSG="$MSG (muted)" + else + MSG="$MSG (unmuted)" + fi + + "${NOTIFY[@]}" -- "$MSG" +} + +case "$1" in + up|down) + do_change_volume "$@" + ;; + toggle) + do_toggle "$@" + ;; + *) + echo "No suche option '$1'" >&2 + exit 1 + ;; +esac diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix index de050ff..bf0f45c 100644 --- a/pkgs/change-audio/default.nix +++ b/pkgs/change-audio/default.nix @@ -1,7 +1,7 @@ { lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-audio"; - version = "0.1.2"; + version = "0.2.0"; src = ./change-audio; From 6f643052e14c71ea6824593da2c6de01e2e0e206 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 12 Nov 2021 10:21:25 +0100 Subject: [PATCH 437/654] home: wm: i3: show notification on toggling mute --- home/wm/i3/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 4465bb0..9b1dd44 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -249,8 +249,8 @@ in "XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 5"; "Control+XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up 1"; "Control+XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 1"; - "XF86AudioMute" = "exec pamixer --toggle-mute"; - "XF86AudioMicMute" = "exec pamixer --default-source --toggle-mute"; + "XF86AudioMute" = "exec --no-startup-id ${changeAudio} toggle"; + "XF86AudioMicMute" = "exec --no-startup-id ${changeAudio} toggle mic"; "XF86AudioPlay" = "exec playerctl play-pause"; "XF86AudioNext" = "exec playerctl next"; From 5150bad300438760ec4198418e509fc7582c16b0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 23 Nov 2021 17:08:46 +0100 Subject: [PATCH 438/654] flake: agenix has renamed its branch to 'main' --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 5f75c7f..3f88a2d 100644 --- a/flake.lock +++ b/flake.lock @@ -7,16 +7,16 @@ ] }, "locked": { - "lastModified": 1634404028, - "narHash": "sha256-JyP2Y6JCCYvUcVz7CXX5pXUfTGTU4GX51Yza82BgMfk=", + "lastModified": 1637625975, + "narHash": "sha256-ByDgmhpLykhAVeaFggjqoSRdl2OzTDODnxjPuu97fL4=", "owner": "ryantm", "repo": "agenix", - "rev": "53aa91b4170da35a96fab1577c9a34bc0da44e27", + "rev": "a0e9ca505c82e762d39e9477a428b537a0aab022", "type": "github" }, "original": { "owner": "ryantm", - "ref": "master", + "ref": "main", "repo": "agenix", "type": "github" } diff --git a/flake.nix b/flake.nix index 39e0eb6..3b8c722 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ type = "github"; owner = "ryantm"; repo = "agenix"; - ref = "master"; + ref = "main"; inputs = { nixpkgs.follows = "nixpkgs"; }; From c7c38865e9dd9f971fa9d59c79c85828808d65d7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 23 Nov 2021 18:53:11 +0100 Subject: [PATCH 439/654] modules: system: nix: don't change daemon niceness This option doesn't really work the way it should anyway [1]. This reverts commit cbf6ea9ac93c8bc140396395cdcae0c12fb9c608. [1]: https://github.com/NixOS/nixpkgs/pull/138741 --- modules/system/nix/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/system/nix/default.nix b/modules/system/nix/default.nix index 04888ac..0f2f8c3 100644 --- a/modules/system/nix/default.nix +++ b/modules/system/nix/default.nix @@ -18,9 +18,6 @@ in extraOptions = '' experimental-features = nix-command flakes ''; - - # Keep my system responsive during builds - daemonNiceLevel = 19; }; } From 2b5fedadd2cd79e389e29a87054cf563d6184ed7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 29 Nov 2021 13:13:43 +0100 Subject: [PATCH 440/654] home: git: use diff-highlight in interactive diffs Now even `git log -p` and `git add -p` can use the more readable diffs. --- home/git/default.nix | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/home/git/default.nix b/home/git/default.nix index e9ccde8..432bf60 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -3,6 +3,7 @@ let cfg = config.my.home.git; inherit (lib.my) mkMailAddress; + diff-highlight = "${pkgs.gitAndTools.gitFull}/share/git/contrib/diff-highlight/diff-highlight"; in { options.my.home.git = with lib.my; { @@ -99,15 +100,15 @@ in defaultBranch = "main"; }; - pager = - let - diff-highlight = "${pkgs.gitAndTools.gitFull}/share/git/contrib/diff-highlight/diff-highlight"; - in - { - diff = "${diff-highlight} | less"; - log = "${diff-highlight} | less"; - show = "${diff-highlight} | less"; - }; + interactive = { + diffFilter = "${diff-highlight}"; + }; + + pager = { + diff = "${diff-highlight} | less"; + log = "${diff-highlight} | less"; + show = "${diff-highlight} | less"; + }; pull = { # Avoid useless merge commits From 925b87230541b4d13734712599289f9d89214f5b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 19 Mar 2021 23:17:49 +0000 Subject: [PATCH 441/654] home: git: switch to 'delta' Now that my issue with it has been resolved [1], let's switch to the more mature tool. This also solves a small issue that I had with `diff-highlight` which is that non-highlighted text should not be boldened. [1]: https://github.com/dandavison/delta/issues/544 --- home/git/default.nix | 45 ++++++++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 18 deletions(-) diff --git a/home/git/default.nix b/home/git/default.nix index 432bf60..8603022 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -3,7 +3,6 @@ let cfg = config.my.home.git; inherit (lib.my) mkMailAddress; - diff-highlight = "${pkgs.gitAndTools.gitFull}/share/git/contrib/diff-highlight/diff-highlight"; in { options.my.home.git = with lib.my; { @@ -40,6 +39,33 @@ in lfs.enable = true; + delta = { + enable = true; + + options = { + features = "diff-highlight decorations"; + + # Less jarring style for `diff-highlight` emulation + diff-highlight = { + minus-style = "red"; + minus-non-emph-style = "red"; + minus-emph-style = "bold red 52"; + + plus-style = "green"; + plus-non-emph-style = "green"; + plus-emph-style = "bold green 22"; + + whitespace-error-style = "reverse red"; + }; + + # Personal preference for easier reading + decorations = { + keep-plus-minus-markers = true; + paging = "always"; + }; + }; + }; + # There's more extraConfig = { # Makes it a bit more readable @@ -73,13 +99,6 @@ in whitespace = "red reverse"; }; - "color.diff-highlight" = { - oldNormal = "red bold"; - oldHighlight = "red bold 52"; - newNormal = "green bold"; - newHighlight = "green bold 22"; - }; - commit = { # Show my changes when writing the message verbose = true; @@ -100,16 +119,6 @@ in defaultBranch = "main"; }; - interactive = { - diffFilter = "${diff-highlight}"; - }; - - pager = { - diff = "${diff-highlight} | less"; - log = "${diff-highlight} | less"; - show = "${diff-highlight} | less"; - }; - pull = { # Avoid useless merge commits rebase = true; From 0bf893c8a001a739fbaefca7a5d185492f03eafd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 30 Nov 2021 13:51:56 +0100 Subject: [PATCH 442/654] home: restart services automatically (again) I think my issue was *not* related to this, so I might as well keep using it since it does seem useful in the long run. This reverts commit a94f349dde7e2a12565a49ff28714b7c92fc3b3d. --- home/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/default.nix b/home/default.nix index e68c53b..b88dfed 100644 --- a/home/default.nix +++ b/home/default.nix @@ -40,4 +40,7 @@ # Who am I? home.username = "ambroisie"; + + # Start services automatically + systemd.user.startServices = "sd-switch"; } From 555c474b88397da1e8d370175dcd5b190a73590e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 30 Nov 2021 13:45:05 +0100 Subject: [PATCH 443/654] flake: bump inputs And make my configuration build after the removed option from `programs.direnv` in home-manager. --- flake.lock | 36 ++++++++++++++++++------------------ home/direnv/default.nix | 2 -- 2 files changed, 18 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 3f88a2d..09e5a94 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1637625975, - "narHash": "sha256-ByDgmhpLykhAVeaFggjqoSRdl2OzTDODnxjPuu97fL4=", + "lastModified": 1637793790, + "narHash": "sha256-oPXavjxETEWGXq8g7kQHyRLKUmLX2yPtGn+t3V0mrTY=", "owner": "ryantm", "repo": "agenix", - "rev": "a0e9ca505c82e762d39e9477a428b537a0aab022", + "rev": "f85eea0e29fa9a8924571d0e398215e175f80d55", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1634851050, - "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=", + "lastModified": 1638122382, + "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c91f3de5adaf1de973b797ef7485e441a65b8935", + "rev": "74f7e4319258e287b0f9cb95426c9853b282730b", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1636274622, - "narHash": "sha256-tZYuGhqcfH7piCsrUrIYM0P3oPJcoBxGkuxeFNVxkCc=", + "lastModified": 1638150501, + "narHash": "sha256-aWH3MRmjUtx8ciSGLegBJC5mhymsuroHPs74ZldrNTU=", "owner": "nix-community", "repo": "home-manager", - "rev": "2917ef23b398a22ee33fb34b5766b28728228ab1", + "rev": "9de77227d7780518cfeaee5a917970247f3ecc56", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1636267212, - "narHash": "sha256-KDS173KqmqrYUPY9N4vf750GxIo+S6E0djyq2BsQm8s=", + "lastModified": 1638110343, + "narHash": "sha256-hQaow8sGPyUrXgrqgDRsfA+73uR0vms2goTQNxIAaRQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c935f5e0add2cf0ae650d072c8357533e21b0c35", + "rev": "942eb9a335b4cd22fa6a7be31c494e53e76f5637", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1636465115, - "narHash": "sha256-XgCV91RrYNRJbXk5jEtiVVgvMq9kSRKVOCvN3ajsooo=", + "lastModified": 1638176109, + "narHash": "sha256-T8blSCr797rOBvhKwHm3kMsq+l15zjrCui4xowI3IAU=", "owner": "nix-community", "repo": "NUR", - "rev": "bfe7c1693a87c72201d8914356374a4798bfbb39", + "rev": "1dfa0d2680bcafcd29ce1a4c644dea88f758f207", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1634595438, - "narHash": "sha256-hV9D41fqTateTligwNd9dmJKQ0R0w6RpCN92xR3LhHk=", + "lastModified": 1637745948, + "narHash": "sha256-DmQG1bZk24eS+BAHwnHPyYIadMLKbq0d1b//iapYIPU=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "06fa80325b6fe3b28d136071dd0ce55d4817e9fd", + "rev": "c3b4f94350b0e59c2546fa85890cc70d03616b9c", "type": "github" }, "original": { diff --git a/home/direnv/default.nix b/home/direnv/default.nix index cf32628..86409f0 100644 --- a/home/direnv/default.nix +++ b/home/direnv/default.nix @@ -12,8 +12,6 @@ in nix-direnv = { # A better `use_nix` enable = true; - # And `use_flake` - enableFlakes = true; }; }; } From 0becdd4b991bab6bb32bb964ae3e0134624f39a0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 6 Dec 2021 21:24:31 +0100 Subject: [PATCH 444/654] home: git: do not change metadata color --- home/git/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/git/default.nix b/home/git/default.nix index 8603022..6f4434b 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -60,6 +60,7 @@ in # Personal preference for easier reading decorations = { + commit-style = "raw"; # Do not recolor meta information keep-plus-minus-markers = true; paging = "always"; }; From 5f3d9b3a221d772e1c4d77dd8318e6b43b4bf3b7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 7 Dec 2021 19:03:40 +0100 Subject: [PATCH 445/654] flake: bump inputs And use renamed option for agenix identities. --- flake.lock | 24 ++++++++++++------------ modules/secrets/default.nix | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/flake.lock b/flake.lock index 09e5a94..6560222 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1637793790, - "narHash": "sha256-oPXavjxETEWGXq8g7kQHyRLKUmLX2yPtGn+t3V0mrTY=", + "lastModified": 1638837456, + "narHash": "sha256-WHLOxthAGx/wXw3QUa/lFE3mr6cQtnXfFYZ0DNyYwt4=", "owner": "ryantm", "repo": "agenix", - "rev": "f85eea0e29fa9a8924571d0e398215e175f80d55", + "rev": "57806bf7e340f4cae705c91748d4fdf8519293a9", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1638150501, - "narHash": "sha256-aWH3MRmjUtx8ciSGLegBJC5mhymsuroHPs74ZldrNTU=", + "lastModified": 1638571010, + "narHash": "sha256-KSO7u13VRLdklQTKYJaBSfVcurEvw+HifAsHR7V2i5E=", "owner": "nix-community", "repo": "home-manager", - "rev": "9de77227d7780518cfeaee5a917970247f3ecc56", + "rev": "781d25b315def05cd7ede3765226c54216f0b1fe", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1638110343, - "narHash": "sha256-hQaow8sGPyUrXgrqgDRsfA+73uR0vms2goTQNxIAaRQ=", + "lastModified": 1638806821, + "narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "942eb9a335b4cd22fa6a7be31c494e53e76f5637", + "rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1638176109, - "narHash": "sha256-T8blSCr797rOBvhKwHm3kMsq+l15zjrCui4xowI3IAU=", + "lastModified": 1638891267, + "narHash": "sha256-oj0u21aQSwmYHKlvV00/jIsTw83zjAVhWeUWeTUGM00=", "owner": "nix-community", "repo": "NUR", - "rev": "1dfa0d2680bcafcd29ce1a4c644dea88f758f207", + "rev": "e06e0894dd2b1dc6835b386060b1dcee513775f4", "type": "github" }, "original": { diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index eb17892..e8cb866 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -21,7 +21,7 @@ in lib.mapAttrs' convertSecrets secrets; - sshKeyPaths = options.age.sshKeyPaths.default ++ [ + identityPaths = options.age.identityPaths.default ++ [ # FIXME: hard-coded path, could be inexistent "/home/ambroisie/.ssh/id_ed25519" ]; From d71a99083cd16c79c6f2b55d3471938299e4a73c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 7 Dec 2021 19:05:04 +0100 Subject: [PATCH 446/654] modules: services: nextcloud: upgrade version --- modules/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nextcloud/default.nix b/modules/services/nextcloud/default.nix index d1461b8..976d21f 100644 --- a/modules/services/nextcloud/default.nix +++ b/modules/services/nextcloud/default.nix @@ -31,7 +31,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud22; + package = pkgs.nextcloud23; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From 876dacab85f302c7d884dacbbfbfa41db41ead87 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Dec 2021 23:34:46 +0100 Subject: [PATCH 447/654] home: vim: cut back on fzf mappings I only ever use the buffer and files regularly. --- home/vim/after/plugin/mappings/fzf.vim | 35 +------------------------- 1 file changed, 1 insertion(+), 34 deletions(-) diff --git a/home/vim/after/plugin/mappings/fzf.vim b/home/vim/after/plugin/mappings/fzf.vim index 8cfb8b8..6bf4a44 100644 --- a/home/vim/after/plugin/mappings/fzf.vim +++ b/home/vim/after/plugin/mappings/fzf.vim @@ -1,38 +1,5 @@ " Only git-tracked files, Vim needs to be in a Git repository -nnoremap fg :GFiles - -" All files -nnoremap ff :Files +nnoremap ff :GFiles " Currently open buffers nnoremap fb :Buffers - -" Buffer history -nnoremap fh :History - -" Tags in buffer -nnoremap ft :BTags - -" Tags in all project files -nnoremap fT :Tags - -" Snippets for the current fileytpe (using Ultisnips) -nnoremap fs :Snippets - -" All available commands -nnoremap f: :Commands - -" All commits (using fugitive) -nnoremap fc :Commits - -" All commits for the current buffer (using fugitive) -nnoremap fC :BCommits - -" Select normal mode mapping by searching for its name -nmap (fzf-maps-n) - -" Select visual mode mapping by searching for its name -xmap (fzf-maps-x) - -" Select operator pending mode mapping by searching for its name -omap (fzf-maps-o) From 3a313812b8f0d663f2f84f1f3fdf4aebb8477092 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Dec 2021 23:47:27 +0100 Subject: [PATCH 448/654] modules: system: nix: add inputs to NIX_PATH --- modules/system/nix/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/modules/system/nix/default.nix b/modules/system/nix/default.nix index 0f2f8c3..9b59f84 100644 --- a/modules/system/nix/default.nix +++ b/modules/system/nix/default.nix @@ -1,5 +1,5 @@ # Nix related settings -{ config, inputs, lib, pkgs, ... }: +{ config, inputs, lib, options, pkgs, ... }: let cfg = config.my.system.nix; in @@ -8,6 +8,8 @@ in enable = my.mkDisableOption "nix configuration"; addToRegistry = my.mkDisableOption "add inputs and self to registry"; + + addToNixPath = my.mkDisableOption "add inputs and self to nix path"; }; config = lib.mkIf cfg.enable (lib.mkMerge [ @@ -31,5 +33,13 @@ in nur.flake = inputs.nur; }; }) + + (lib.mkIf cfg.addToNixPath { + nix.nixPath = options.nix.nixPath.default ++ [ + "self=${inputs.self}" + "pkgs=${inputs.nixpkgs}" + "nur=${inputs.nur}" + ]; + }) ]); } From afc78bac2a88b4efd266f0ec95da06c0cd0378b3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 Jan 2022 11:08:02 +0100 Subject: [PATCH 449/654] machines: aramis: home: add teams package Unfortunately, it is the preferred communication method at $WORK. --- machines/aramis/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 404a4d0..e54d44f 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -14,6 +14,7 @@ jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI quasselClient # IRC client + teams # Work requires it... transgui # Transmission remote ]; # Minimal video player From dc8d4c2802f5b5ea3d0f55919e074b502202c52d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 5 Jan 2022 11:09:35 +0100 Subject: [PATCH 450/654] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 6560222..cea0e05 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1638837456, - "narHash": "sha256-WHLOxthAGx/wXw3QUa/lFE3mr6cQtnXfFYZ0DNyYwt4=", + "lastModified": 1640802000, + "narHash": "sha256-ZiI94Zv/IgW64fqKrtVaQqfUCkn9STvAjgfFmvtqcQ8=", "owner": "ryantm", "repo": "agenix", - "rev": "57806bf7e340f4cae705c91748d4fdf8519293a9", + "rev": "c5558c88b2941bf94886dfdede6926b1ba5f5629", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1638571010, - "narHash": "sha256-KSO7u13VRLdklQTKYJaBSfVcurEvw+HifAsHR7V2i5E=", + "lastModified": 1641355100, + "narHash": "sha256-rg5VlPXjmmTxlHJllm3udjuMd2QjHPN1OuaAHn3fe1k=", "owner": "nix-community", "repo": "home-manager", - "rev": "781d25b315def05cd7ede3765226c54216f0b1fe", + "rev": "426ab2cf111fca61308bd86fe652e14aa12cc2d2", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1638806821, - "narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=", + "lastModified": 1641230035, + "narHash": "sha256-hFyqihERaTbLxCOlugy/rpp22VLtLh8SPRnA2uu3F/8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff", + "rev": "78cd22c1b8604de423546cd49bfe264b786eca13", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1638891267, - "narHash": "sha256-oj0u21aQSwmYHKlvV00/jIsTw83zjAVhWeUWeTUGM00=", + "lastModified": 1641355656, + "narHash": "sha256-8R99GoEDO34mKzS5b47pnmEOSZA9zEWppM+JbR0gouQ=", "owner": "nix-community", "repo": "NUR", - "rev": "e06e0894dd2b1dc6835b386060b1dcee513775f4", + "rev": "777c477c1dce9e5f2b47ca79b1db11a59207391a", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1637745948, - "narHash": "sha256-DmQG1bZk24eS+BAHwnHPyYIadMLKbq0d1b//iapYIPU=", + "lastModified": 1639823344, + "narHash": "sha256-jlsQb2y6A5dB1R0wVPLOfDGM0wLyfYqEJNzMtXuzCXw=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "c3b4f94350b0e59c2546fa85890cc70d03616b9c", + "rev": "ff9c0b459ddc4b79c06e19d44251daa8e9cd1746", "type": "github" }, "original": { From 9c009b40ebf25c5b46cac2a0edad43cb5cee056e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 7 Jan 2022 08:52:30 +0100 Subject: [PATCH 451/654] home: wm: change default screen-lock timeout 5 minutes is too short. --- home/wm/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/wm/default.nix b/home/wm/default.nix index eae9f14..1d5a371 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -78,7 +78,7 @@ in timeout = mkOption { type = types.ints.between 1 60; - default = 5; + default = 15; example = 1; description = "Inactive time interval to lock the screen automatically"; }; From d2db3e52c2076645b38bf7ddb1b8a69b3bc2c518 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 Jan 2022 22:19:07 +0100 Subject: [PATCH 452/654] home: add discord --- home/default.nix | 1 + home/discord/default.nix | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 home/discord/default.nix diff --git a/home/default.nix b/home/default.nix index b88dfed..82d2cc3 100644 --- a/home/default.nix +++ b/home/default.nix @@ -5,6 +5,7 @@ ./bluetooth ./comma ./direnv + ./discord ./documentation ./feh ./firefox diff --git a/home/discord/default.nix b/home/discord/default.nix new file mode 100644 index 0000000..7348bb4 --- /dev/null +++ b/home/discord/default.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.discord; + + jsonFormat = pkgs.formats.json { }; +in +{ + options.my.home.discord = with lib; { + enable = mkEnableOption "discord configuration"; + }; + + config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + discord + ]; + + xdg.configFile."discord/settings.json".source = + jsonFormat.generate "discord.json" { + # Do not keep me from using the app just to force an update + SKIP_HOST_UPDATE = true; + }; + }; +} From 06e7134ae070f20a71b937b2df986b0045ef9eae Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 9 Jan 2022 22:19:28 +0100 Subject: [PATCH 453/654] machines: aramis: home: enable discord --- machines/aramis/home.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index e54d44f..1c816a7 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -1,6 +1,8 @@ { pkgs, ... }: { my.home = { + # Some amount of social life + discord.enable = true; # Image viewver feh.enable = true; # Firefo profile and extensions From 15a093ff61bf0ee7614d810715ee7c57c782c183 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jan 2022 18:22:43 +0100 Subject: [PATCH 454/654] modules: system: add podman --- modules/system/default.nix | 1 + modules/system/podman/default.nix | 25 +++++++++++++++++++++++++ modules/system/users/default.nix | 1 + 3 files changed, 27 insertions(+) create mode 100644 modules/system/podman/default.nix diff --git a/modules/system/default.nix b/modules/system/default.nix index 5165e64..3c81cac 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -8,6 +8,7 @@ ./language ./nix ./packages + ./podman ./users ]; } diff --git a/modules/system/podman/default.nix b/modules/system/podman/default.nix new file mode 100644 index 0000000..c267ec6 --- /dev/null +++ b/modules/system/podman/default.nix @@ -0,0 +1,25 @@ +# Podman related settings +{ config, inputs, lib, options, pkgs, ... }: +let + cfg = config.my.system.podman; +in +{ + options.my.system.podman = with lib; { + enable = mkEnableOption "podman configuration"; + }; + + config = lib.mkIf cfg.enable { + virtualisation.podman = { + enable = true; + + # Use fake `docker` command to redirect to `podman` + dockerCompat = true; + + # Expose a docker-like socket + dockerSocket.enable = true; + + # Allow DNS resolution in the default network + defaultNetwork.dnsname.enable = true; + }; + }; +} diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix index b36114f..3fa5b2e 100644 --- a/modules/system/users/default.nix +++ b/modules/system/users/default.nix @@ -30,6 +30,7 @@ in "media" # access to media files "networkmanager" # wireless configuration "plugdev" # usage of ZSA keyboard tools + "podman" # usage of `podman` socket "video" # screen control "wheel" # `sudo` for the user. ]; From b565518e2d97fb52be35030f1de434dfa88aa15d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jan 2022 18:40:29 +0100 Subject: [PATCH 455/654] machines: porthos: services: disable jackett Prowlarr has been humming along just fine, and works even better than jackett. --- machines/porthos/services.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 5661773..f16cfdf 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -42,7 +42,6 @@ in gitea.enable = true; # Meta-indexers indexers = { - jackett.enable = true; nzbhydra.enable = true; prowlarr.enable = true; }; From f4b860d915446f052e8598157d7379305ae9d418 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jan 2022 18:41:23 +0100 Subject: [PATCH 456/654] machines: porthos: services: disable nzbhydra Same deal as jackett: prowlarr has been working perfectly adequately for a while now. --- machines/porthos/services.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index f16cfdf..4f3f345 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -42,7 +42,6 @@ in gitea.enable = true; # Meta-indexers indexers = { - nzbhydra.enable = true; prowlarr.enable = true; }; # Jellyfin media server From 702bfafe73daa38d9573e4ad579ac47f2e16cc47 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 12 Jan 2022 20:43:30 +0100 Subject: [PATCH 457/654] home: firefox: trydactyl: ignore prime video --- home/firefox/tridactyl/tridactylrc | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/tridactyl/tridactylrc b/home/firefox/tridactyl/tridactylrc index d43965f..3dd1fd4 100644 --- a/home/firefox/tridactyl/tridactylrc +++ b/home/firefox/tridactyl/tridactylrc @@ -69,6 +69,7 @@ autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", " Disabled websites {{{ blacklistadd netflix.com +blacklistadd primevideo.com blacklistadd jellyfin.belanyi.fr " }}} From a66441d496afa8bb1e584b03e2d86a9e6ca4216b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 13 Jan 2022 18:39:11 +0100 Subject: [PATCH 458/654] pkgs: add psst --- pkgs/default.nix | 2 ++ pkgs/psst/default.nix | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/psst/default.nix diff --git a/pkgs/default.nix b/pkgs/default.nix index a179dfb..af39384 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -26,6 +26,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { nolimips = pkgs.callPackage ./nolimips { }; + psst = pkgs.callPackage ./psst { }; + rofi-bluetooth = pkgs.callPackage ./rofi-bluetooth { }; unbound-zones-adblock = pkgs.callPackage ./unbound-zones-adblock { }; diff --git a/pkgs/psst/default.nix b/pkgs/psst/default.nix new file mode 100644 index 0000000..6eca44b --- /dev/null +++ b/pkgs/psst/default.nix @@ -0,0 +1,34 @@ +{ lib, alsa-lib, cairo, dbus, fetchFromGitHub, gtk3, openssl, pkg-config, rustPlatform }: +rustPlatform.buildRustPackage rec { + pname = "psst"; + version = "unstable-2022-01-13"; + + src = fetchFromGitHub { + owner = "jpochyla"; + repo = "psst"; + rev = "8f142a3232a706537c8477bff43d2e52309f6b78"; + sha256 = "sha256-YA9p6KHuZXt43OrfShO5d3Cj8L8GPpczRQlncJqM7QI="; + }; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + alsa-lib + cairo + dbus + gtk3 + openssl + ]; + + cargoSha256 = "sha256-iA/ja7B73JyiXQ9kBzk1C5wtX+HPBrngCS+8rFDHbcs="; + + meta = with lib; { + description = "Fast and multi-platform Spotify client with native GUI"; + homepage = "https://github.com/jpochyla/psst"; + platforms = platforms.linux; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ ambroisie ]; + }; +} From 5558642d3212292d14fc3ce078813b5a1d7bda3c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 14 Jan 2022 13:30:20 +0100 Subject: [PATCH 459/654] modules: services: nginx: use 'acme.default.email' The option `security.acme.email` has been deprecated. --- modules/services/nginx/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index 7e4d6f4..d99ff2d 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -387,7 +387,8 @@ in users.users.nginx.extraGroups = [ "acme" ]; security.acme = { - email = lib.my.mkMailAddress "bruno.acme" "belanyi.fr"; + defaults.email = lib.my.mkMailAddress "bruno.acme" "belanyi.fr"; + acceptTerms = true; # Use DNS wildcard certificate certs = From 42cb742976fd49952d2216ff8aebe3dcdcd2f565 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 14 Jan 2022 15:06:44 +0100 Subject: [PATCH 460/654] modules: system: packages: remove some packages They either belong in a nix shell or are taken care of by other configurations. --- modules/system/packages/default.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/modules/system/packages/default.nix b/modules/system/packages/default.nix index faee86b..ceb85dd 100644 --- a/modules/system/packages/default.nix +++ b/modules/system/packages/default.nix @@ -12,9 +12,6 @@ in config = lib.mkIf cfg.enable { environment.systemPackages = with pkgs; [ - git - git-crypt - mosh vim wget ]; From 50c927fea3042415853a4b94a71c7c54dd1cc952 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Jan 2022 15:42:32 +0100 Subject: [PATCH 461/654] flake: bump inputs Also change a removed package alias' name. --- flake.lock | 30 +++++++++++++++--------------- home/gtk/default.nix | 4 ++-- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index cea0e05..6b8581e 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1640802000, - "narHash": "sha256-ZiI94Zv/IgW64fqKrtVaQqfUCkn9STvAjgfFmvtqcQ8=", + "lastModified": 1641576265, + "narHash": "sha256-G4W39k5hdu2kS13pi/RhyTOySAo7rmrs7yMUZRH0OZI=", "owner": "ryantm", "repo": "agenix", - "rev": "c5558c88b2941bf94886dfdede6926b1ba5f5629", + "rev": "08b9c96878b2f9974fc8bde048273265ad632357", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1638122382, - "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=", + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", "owner": "numtide", "repo": "flake-utils", - "rev": "74f7e4319258e287b0f9cb95426c9853b282730b", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1641355100, - "narHash": "sha256-rg5VlPXjmmTxlHJllm3udjuMd2QjHPN1OuaAHn3fe1k=", + "lastModified": 1643066491, + "narHash": "sha256-wIgqFCJ6v7COpgNY0lMHDnU9RP2dJgasa2jKkB0zhWw=", "owner": "nix-community", "repo": "home-manager", - "rev": "426ab2cf111fca61308bd86fe652e14aa12cc2d2", + "rev": "462d4a7abdfb8cb762584745a480ad01c207570e", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1641230035, - "narHash": "sha256-hFyqihERaTbLxCOlugy/rpp22VLtLh8SPRnA2uu3F/8=", + "lastModified": 1642903813, + "narHash": "sha256-0lNfGW8sNfyTrixoQhVG00Drl/ECaf5GbfKAQ1ZDoyE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78cd22c1b8604de423546cd49bfe264b786eca13", + "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1641355656, - "narHash": "sha256-8R99GoEDO34mKzS5b47pnmEOSZA9zEWppM+JbR0gouQ=", + "lastModified": 1643102027, + "narHash": "sha256-5kvpVU3SLdCLnX3OH1hBsNuwJiKZ3g3cNGpFhHF96NE=", "owner": "nix-community", "repo": "NUR", - "rev": "777c477c1dce9e5f2b47ca79b1db11a59207391a", + "rev": "124931ce061845fb0eb1c2a0f031f3fa9d4d6746", "type": "github" }, "original": { diff --git a/home/gtk/default.nix b/home/gtk/default.nix index 77ca477..62d3f81 100644 --- a/home/gtk/default.nix +++ b/home/gtk/default.nix @@ -21,12 +21,12 @@ in }; iconTheme = { - package = pkgs.gnome3.gnome_themes_standard; + package = pkgs.gnome.gnome-themes-extra; name = "Adwaita"; }; theme = { - package = pkgs.gnome3.gnome_themes_standard; + package = pkgs.gnome.gnome-themes-extra; name = "Adwaita"; }; }; From b0820571709a0ea3e3956859c2e4018fb29d5455 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Jan 2022 15:44:12 +0100 Subject: [PATCH 462/654] home: firefox: add 'consent-o-matic' --- home/firefox/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/firefox/default.nix b/home/firefox/default.nix index b161834..b0b624f 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -68,6 +68,7 @@ in extensions = with pkgs.nur.repos.rycee.firefox-addons; ([ bitwarden + consent-o-matic form-history-control https-everywhere i-dont-care-about-cookies From 633a422532a248e0b5c27ee0f36abed621409e4e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Jan 2022 15:45:02 +0100 Subject: [PATCH 463/654] home: firefox: remove 'i-dont-care-about-cookies' Should be superseded by Consent-O-Matic now. --- home/firefox/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/home/firefox/default.nix b/home/firefox/default.nix index b0b624f..41389b5 100644 --- a/home/firefox/default.nix +++ b/home/firefox/default.nix @@ -71,7 +71,6 @@ in consent-o-matic form-history-control https-everywhere - i-dont-care-about-cookies reddit-comment-collapser reddit-enhancement-suite refined-github From 9dd3dceb83e11f65d5c2d992d170a22675291411 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 25 Jan 2022 15:46:17 +0100 Subject: [PATCH 464/654] home: ssh: add 'work' host --- home/git/default.ignore | 4 ++++ home/ssh/default.nix | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/home/git/default.ignore b/home/git/default.ignore index a169a28..77aedcc 100644 --- a/home/git/default.ignore +++ b/home/git/default.ignore @@ -24,3 +24,7 @@ compile_commands.json # Swap and backup files *~ ~.swp + +# Direnv files +.envrc +.direnv/ diff --git a/home/ssh/default.nix b/home/ssh/default.nix index 3bd7f28..cbfd30c 100644 --- a/home/ssh/default.nix +++ b/home/ssh/default.nix @@ -40,6 +40,12 @@ in identityFile = "~/.ssh/shared_rsa"; user = "ambroisie"; }; + + work = { + hostname = "workspaces.dgexsol.fr"; + identityFile = "~/.ssh/shared_rsa"; + user = "bruno_belanyi"; + }; }; extraConfig = '' From d6acc175de26d7d45c4c324230b8766f1312af7a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Feb 2022 11:40:24 +0100 Subject: [PATCH 465/654] home: wm: i3bar: show volume when muted --- home/wm/i3bar/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/wm/i3bar/default.nix b/home/wm/i3bar/default.nix index 664f11c..a89c6bc 100644 --- a/home/wm/i3bar/default.nix +++ b/home/wm/i3bar/default.nix @@ -68,6 +68,7 @@ in } { block = "sound"; + show_volume_when_muted = true; } { block = "time"; From 61cd9cb1a211008394f06bddaebe9da84c350d02 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Feb 2022 14:49:06 +0100 Subject: [PATCH 466/654] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 6b8581e..8dd7e2e 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1641576265, - "narHash": "sha256-G4W39k5hdu2kS13pi/RhyTOySAo7rmrs7yMUZRH0OZI=", + "lastModified": 1643841757, + "narHash": "sha256-9tKhu4JzoZvustC9IEWK6wKcDhPLuK/ICbLgm8QnLnk=", "owner": "ryantm", "repo": "agenix", - "rev": "08b9c96878b2f9974fc8bde048273265ad632357", + "rev": "a17d1f30550260f8b45764ddbd0391f4b1ed714a", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1642700792, - "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", "owner": "numtide", "repo": "flake-utils", - "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1643066491, - "narHash": "sha256-wIgqFCJ6v7COpgNY0lMHDnU9RP2dJgasa2jKkB0zhWw=", + "lastModified": 1643933104, + "narHash": "sha256-NZPuFxRsZKN8pjRuHPpzlMyt6JQhcjiduBG8bMghSjE=", "owner": "nix-community", "repo": "home-manager", - "rev": "462d4a7abdfb8cb762584745a480ad01c207570e", + "rev": "63dccc4e60422c1db2c3929b2fd1541f36b7e664", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1642903813, - "narHash": "sha256-0lNfGW8sNfyTrixoQhVG00Drl/ECaf5GbfKAQ1ZDoyE=", + "lastModified": 1644033087, + "narHash": "sha256-beskas17YPhrcnanzywake9/z+k+xOWmavW24YUN8ng=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "689b76bcf36055afdeb2e9852f5ecdd2bf483f87", + "rev": "9f697d60e4d9f08eacf549502528bfaed859d33b", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1643102027, - "narHash": "sha256-5kvpVU3SLdCLnX3OH1hBsNuwJiKZ3g3cNGpFhHF96NE=", + "lastModified": 1644200006, + "narHash": "sha256-TCOuqFePZrcRAezpOUtObpXtKgMZS+nd/qREW4PQG3Y=", "owner": "nix-community", "repo": "NUR", - "rev": "124931ce061845fb0eb1c2a0f031f3fa9d4d6746", + "rev": "7429ba7df4ddde4a0d9ec388a22e9db81add54e4", "type": "github" }, "original": { From 6d1d0c948875b671bc25071c6e544a4100c71d4b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Feb 2022 15:00:52 +0100 Subject: [PATCH 467/654] home: packages: add 'mosh' --- home/packages/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/packages/default.nix b/home/packages/default.nix index acb1f79..10d1c12 100644 --- a/home/packages/default.nix +++ b/home/packages/default.nix @@ -19,6 +19,7 @@ in config.home.packages = with pkgs; lib.mkIf cfg.enable ([ file + mosh rr termite.terminfo ] ++ cfg.additionalPackages); From e8adbb5b2097e65323207fde4e9ef33101b0ca9d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Feb 2022 15:51:52 +0100 Subject: [PATCH 468/654] home: firefox: tridactyl: fix DDG mapping Taken straight from upstream's sample configuration. --- home/firefox/tridactyl/tridactylrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/firefox/tridactyl/tridactylrc b/home/firefox/tridactyl/tridactylrc index 3dd1fd4..84c3927 100644 --- a/home/firefox/tridactyl/tridactylrc +++ b/home/firefox/tridactyl/tridactylrc @@ -22,8 +22,8 @@ bindurl www.google.com f hint -Jc #search div:not(.action-menu) > a bindurl www.google.com F hint -Jbc #search div:not(.action-menu) > a " Only hint search results on DuckDuckGo -bindurl ^https://duckduckgo.com f hint -Jc [class=result__a] -bindurl ^https://duckduckgo.com F hint -Jbc [class=result__a] +bindurl ^https://duckduckgo.com f hint -Jc [class~=result__a] +bindurl ^https://duckduckgo.com F hint -Jbc [class~=result__a] " Only hint item pages on Hacker News bindurl news.ycombinator.com ;f hint -Jc .age > a From e57ebf4317cf10d6b79e54357e1fb74b9f06ae20 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Feb 2022 17:00:18 +0100 Subject: [PATCH 469/654] home: firefox: tridactyl: fix HN comment folding --- home/firefox/tridactyl/tridactylrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/firefox/tridactyl/tridactylrc b/home/firefox/tridactyl/tridactylrc index 84c3927..dc59a2e 100644 --- a/home/firefox/tridactyl/tridactylrc +++ b/home/firefox/tridactyl/tridactylrc @@ -12,7 +12,7 @@ set editorcmd termite --class tridactyl_editor -e 'vim %f' " Binds {{{ " Reddit et al. {{{ " Toggle comments on Reddit, Hacker News, Lobste.rs -bind ;c hint -c [class*="expand"],[class="togg"],[class="comment_folder"] +bind ;c hint -c [class*="expand"],[class*="togg"],[class="comment_folder"] " Make `gu` take me back to subreddit from comments bindurl reddit.com gu urlparent 3 From f73edd9f8dc4200631477533261f153bf3908805 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Feb 2022 14:32:00 +0100 Subject: [PATCH 470/654] modules: system: nix: use structural 'settings' Instead of a stringly-typed `extraOptions`. --- modules/system/nix/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/system/nix/default.nix b/modules/system/nix/default.nix index 9b59f84..16db0b4 100644 --- a/modules/system/nix/default.nix +++ b/modules/system/nix/default.nix @@ -17,9 +17,9 @@ in nix = { package = pkgs.nixFlakes; - extraOptions = '' - experimental-features = nix-command flakes - ''; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + }; }; } From 27448ac60ab2e277233ba4b8dbda908e9d481d70 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Feb 2022 17:23:57 +0100 Subject: [PATCH 471/654] home: tmux: fix yanking configuration Use `tmux-yank` when a GUI is enabled, otherwise use the internal tmux buffer. In both cases, stay in copy mode after yanking. --- home/tmux/default.nix | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/home/tmux/default.nix b/home/tmux/default.nix index ac2e1d2..f9b711c 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -1,6 +1,7 @@ { config, lib, pkgs, ... }: let cfg = config.my.home.tmux; + hasGUI = config.my.home.x.enable || (config.my.home.wm != null); in { options.my.home.tmux = with lib.my; { @@ -23,8 +24,16 @@ in pain-control # Better session management sessionist - # X clipboard integration - yank + (lib.optionalAttrs hasGUI { + # X clipboard integration + plugin = yank; + extraConfig = '' + # Use 'clipboard' because of misbehaving apps (e.g: firefox) + set -g @yank_selection_mouse 'clipboard' + # Stay in copy mode after yanking + set -g @yank_action 'copy-pipe' + ''; + }) { # Show when prefix has been pressed plugin = prefix-highlight; @@ -41,7 +50,11 @@ in extraConfig = '' # Better vim mode bind-key -T copy-mode-vi 'v' send -X begin-selection - bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel + ${ + lib.optionalString + (!hasGUI) + "bind-key -T copy-mode-vi 'y' send -X copy-selection" + } # Block selection in vim mode bind-key -Tcopy-mode-vi 'C-v' send -X begin-selection \; send -X rectangle-toggle ''; From 305b0b985c885f7d971a91af7250fc492e66ed2f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 18 Feb 2022 12:12:29 +0100 Subject: [PATCH 472/654] pkgs: change-audio: 0.2.0 -> 0.3.0 Only boost audio beyond 100% if specifically asked for. --- pkgs/change-audio/change-audio | 21 +++++++++++++++++---- pkgs/change-audio/default.nix | 2 +- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/pkgs/change-audio/change-audio b/pkgs/change-audio/change-audio index 5bb1588..612fecf 100755 --- a/pkgs/change-audio/change-audio +++ b/pkgs/change-audio/change-audio @@ -9,13 +9,26 @@ NOTIFY=( ) do_change_volume() { + local args=() + if [ "$1" = "up" ]; then - upDown="-i" + args+=("-i") else - upDown="-d" + args+=("-d") + fi + shift + + # Do not boost over 100% unless explitily asked for + if [ "$1" = "--force" ] || [ "$1" = "-f" ]; then + args=("--allow-boost" "${args[@]}") + shift fi - pamixer --allow-boost "$upDown" "$2" + # Volume + args+=("$1") + + pamixer "${args[@]}" + newVolume="$(pamixer --get-volume || true)" [ "$(pamixer --get-volume-human)" = "muted" ] && isMuted=true @@ -29,7 +42,7 @@ do_change_volume() { } do_toggle() { - args=() + local args=() if [ "${2:-audio}" = mic ]; then args+=(--default-source) MSG="Toggled microphone" diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix index bf0f45c..d2e76b0 100644 --- a/pkgs/change-audio/default.nix +++ b/pkgs/change-audio/default.nix @@ -1,7 +1,7 @@ { lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-audio"; - version = "0.2.0"; + version = "0.3.0"; src = ./change-audio; From 44ed078606cb74d9175a241bc97c2c6a71258631 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 18 Feb 2022 12:17:29 +0100 Subject: [PATCH 473/654] home: wm: i3: only boost volume on 'Shift' mapping --- home/wm/i3/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index 9b1dd44..c92285f 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -249,6 +249,12 @@ in "XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 5"; "Control+XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up 1"; "Control+XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down 1"; + + "Shift+XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up --force 5"; + "Shift+XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down --force 5"; + "Control+Shift+XF86AudioRaiseVolume" = "exec --no-startup-id ${changeAudio} up --force 1"; + "Control+Shift+XF86AudioLowerVolume" = "exec --no-startup-id ${changeAudio} down --force 1"; + "XF86AudioMute" = "exec --no-startup-id ${changeAudio} toggle"; "XF86AudioMicMute" = "exec --no-startup-id ${changeAudio} toggle mic"; From 1819c7077dc7e7f682e97ade853311ecf08cf70f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 21 Feb 2022 18:53:56 +0100 Subject: [PATCH 474/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 8dd7e2e..50a7c07 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1643933104, - "narHash": "sha256-NZPuFxRsZKN8pjRuHPpzlMyt6JQhcjiduBG8bMghSjE=", + "lastModified": 1645244400, + "narHash": "sha256-o7KCd6ySFZ9/LbS62aTeuFmBWtP7Tt3Q3RcNjYgTgZU=", "owner": "nix-community", "repo": "home-manager", - "rev": "63dccc4e60422c1db2c3929b2fd1541f36b7e664", + "rev": "0232fe1b75e6d7864fd82b5c72f6646f87838fc3", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1644033087, - "narHash": "sha256-beskas17YPhrcnanzywake9/z+k+xOWmavW24YUN8ng=", + "lastModified": 1645334861, + "narHash": "sha256-We9ECiMglthzbZ5S6Myqqf+RHzBFZPoM2qL5/jDkUjs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9f697d60e4d9f08eacf549502528bfaed859d33b", + "rev": "d5f237872975e6fb6f76eef1368b5634ffcd266f", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1644200006, - "narHash": "sha256-TCOuqFePZrcRAezpOUtObpXtKgMZS+nd/qREW4PQG3Y=", + "lastModified": 1645458309, + "narHash": "sha256-vYTDBhS34kkdqK4HbPx10/SPDNGqAVNRc4rY8utbTwA=", "owner": "nix-community", "repo": "NUR", - "rev": "7429ba7df4ddde4a0d9ec388a22e9db81add54e4", + "rev": "8baa5621907fcbb463188f8a85652adf3b5d5c83", "type": "github" }, "original": { From d2e410de5639a1bd9e7fd22396551282e4586600 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Feb 2022 21:06:03 +0100 Subject: [PATCH 475/654] home: vim: fix icon for read-only files --- home/vim/plugin/settings/lightline.vim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/vim/plugin/settings/lightline.vim b/home/vim/plugin/settings/lightline.vim index feaa733..039b2b3 100644 --- a/home/vim/plugin/settings/lightline.vim +++ b/home/vim/plugin/settings/lightline.vim @@ -63,7 +63,7 @@ let g:lightline#ale#indicator_ok='✓' " Show a lock icon when editing a read-only file when it makes sense function! LightlineReadonly() - return &ft!~?'help\|vimfiler\|netrw' && &readonly ? '' : '' + return &ft!~?'help\|vimfiler\|netrw' && &readonly ? '🔒' : '' endfunction " Show a '+' when the buffer is modified, '-' if not, when it makes sense From 5ce5057d0f6360f66abf92c4b8d36d4498753d04 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 12:12:57 +0100 Subject: [PATCH 476/654] flake: bump inputs And do not use 'pipewire-media-session' which is deprecated. --- flake.lock | 30 +++++++++++++++--------------- modules/hardware/sound/default.nix | 4 ---- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/flake.lock b/flake.lock index 50a7c07..6b99bf2 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1643841757, - "narHash": "sha256-9tKhu4JzoZvustC9IEWK6wKcDhPLuK/ICbLgm8QnLnk=", + "lastModified": 1646105662, + "narHash": "sha256-jdXCZbGZL0SWWi29GnAOFHUh/QvvP0IyaVLv1ZTDkBI=", "owner": "ryantm", "repo": "agenix", - "rev": "a17d1f30550260f8b45764ddbd0391f4b1ed714a", + "rev": "297cd58b418249240b9f1f155d52b1b17f292884", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1645244400, - "narHash": "sha256-o7KCd6ySFZ9/LbS62aTeuFmBWtP7Tt3Q3RcNjYgTgZU=", + "lastModified": 1645970334, + "narHash": "sha256-6nn4YF9bPtkxkB7bM6yJO3m//p3sGilxNQFjm1epLEM=", "owner": "nix-community", "repo": "home-manager", - "rev": "0232fe1b75e6d7864fd82b5c72f6646f87838fc3", + "rev": "ea85f4b1fdf3f25cf97dc49f4a9ec4eafda2ea25", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1645334861, - "narHash": "sha256-We9ECiMglthzbZ5S6Myqqf+RHzBFZPoM2qL5/jDkUjs=", + "lastModified": 1646159311, + "narHash": "sha256-ILKckkiG074t3a0pwaPLjio8zVWgowpEp7AUwI5HjHE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d5f237872975e6fb6f76eef1368b5634ffcd266f", + "rev": "18bd82edcc752d6a0e6cce1401ba0c81353a03ca", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1645458309, - "narHash": "sha256-vYTDBhS34kkdqK4HbPx10/SPDNGqAVNRc4rY8utbTwA=", + "lastModified": 1646188350, + "narHash": "sha256-EL6N9Rc6pL/6GQC7PPh/wh8DHwuzBvHvL0XWGsErSXw=", "owner": "nix-community", "repo": "NUR", - "rev": "8baa5621907fcbb463188f8a85652adf3b5d5c83", + "rev": "d70f39715a6f44d0148a6272fceeec4e13ce790e", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1639823344, - "narHash": "sha256-jlsQb2y6A5dB1R0wVPLOfDGM0wLyfYqEJNzMtXuzCXw=", + "lastModified": 1646153636, + "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "ff9c0b459ddc4b79c06e19d44251daa8e9cd1746", + "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", "type": "github" }, "original": { diff --git a/modules/hardware/sound/default.nix b/modules/hardware/sound/default.nix index 3a48641..e8ba7f7 100644 --- a/modules/hardware/sound/default.nix +++ b/modules/hardware/sound/default.nix @@ -49,10 +49,6 @@ in jack = { enable = true; }; - - media-session = { - enable = true; - }; }; }) From 438290406040a4b9483b91f4c8f87a81fcab70c5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 23 Feb 2022 17:37:33 +0100 Subject: [PATCH 477/654] home: vim: remove 'ALE' configuration First step to modernising my configuration to use the native LSP client instead. --- home/vim/after/ftplugin/bash.vim | 14 ---------- home/vim/after/ftplugin/c.vim | 14 ---------- home/vim/after/ftplugin/cpp.vim | 14 ---------- home/vim/after/ftplugin/d.vim | 6 ----- home/vim/after/ftplugin/gitsendemail.vim | 2 -- home/vim/after/ftplugin/haskell.vim | 20 -------------- home/vim/after/ftplugin/json.vim | 6 ----- home/vim/after/ftplugin/pandoc.vim | 4 --- home/vim/after/ftplugin/python.vim | 34 ------------------------ home/vim/after/ftplugin/rust.vim | 25 ----------------- home/vim/after/ftplugin/sh.vim | 14 ---------- home/vim/after/ftplugin/zsh.vim | 14 ---------- home/vim/after/plugin/mappings/ale.vim | 2 -- home/vim/default.nix | 2 -- home/vim/plugin/settings/ale.vim | 24 ----------------- home/vim/plugin/settings/lightline.vim | 19 ------------- 16 files changed, 214 deletions(-) delete mode 100644 home/vim/after/ftplugin/bash.vim delete mode 100644 home/vim/after/ftplugin/c.vim delete mode 100644 home/vim/after/ftplugin/cpp.vim delete mode 100644 home/vim/after/ftplugin/d.vim delete mode 100644 home/vim/after/ftplugin/gitsendemail.vim delete mode 100644 home/vim/after/ftplugin/json.vim delete mode 100644 home/vim/after/ftplugin/sh.vim delete mode 100644 home/vim/after/ftplugin/zsh.vim delete mode 100644 home/vim/after/plugin/mappings/ale.vim delete mode 100644 home/vim/plugin/settings/ale.vim diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim deleted file mode 100644 index 2b69ab4..0000000 --- a/home/vim/after/ftplugin/bash.vim +++ /dev/null @@ -1,14 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use shfmt as ALE fixer for bash -let b:ale_fixers=[ 'shfmt' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' - -" Indent with 4 spaces, simplify script, indent switch cases, use Bash variant -let b:ale_sh_shfmt_options='-i 4 -s -ci -ln bash' -let b:undo_ftplugin.='|unlet! b:ale_sh_shfmt_options' - -" Use bash dialect explicitly, require explicit empty string test -let b:ale_sh_shellcheck_options='-s bash -o avoid-nullary-conditions' -let b:undo_ftplugin.='|unlet! b:ale_sh_shellcheck_options' diff --git a/home/vim/after/ftplugin/c.vim b/home/vim/after/ftplugin/c.vim deleted file mode 100644 index a85ff07..0000000 --- a/home/vim/after/ftplugin/c.vim +++ /dev/null @@ -1,14 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" More warnings and the usual version in flags for Clang -let b:ale_c_clang_options='-Wall -Wextra -pedantic -std=c99' -let b:undo_ftplugin.='|unlet! b:ale_c_clang_options' - -" More warnings and the usual version in flags for GCC -let b:ale_c_gcc_options='-Wall -Wextra -pedantic -std=c99' -let b:undo_ftplugin.='|unlet! b:ale_c_gcc_options' - -" Use compile_commands.json to look for additional flags -let b:ale_c_parse_compile_commands=1 -let b:undo_ftplugin.='|unlet! b:ale_c_parse_compile_commands' diff --git a/home/vim/after/ftplugin/cpp.vim b/home/vim/after/ftplugin/cpp.vim deleted file mode 100644 index 4fa501e..0000000 --- a/home/vim/after/ftplugin/cpp.vim +++ /dev/null @@ -1,14 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" More warnings and the usual version in flags for Clang -let b:ale_cpp_clang_options='-Wall -Wextra -pedantic -std=c++17' -let b:undo_ftplugin.='|unlet! b:ale_cpp_clang_options' - -" More warnings and the usual version in flags for GCC -let b:ale_cpp_gcc_options='-Wall -Wextra -pedantic -std=c++17' -let b:undo_ftplugin.='|unlet! b:ale_cpp_gcc_options' - -" Use compile_commands.json to look for additional flags -let b:ale_c_parse_compile_commands=1 -let b:undo_ftplugin.='|unlet! b:ale_c_parse_compile_commands' diff --git a/home/vim/after/ftplugin/d.vim b/home/vim/after/ftplugin/d.vim deleted file mode 100644 index 0e868c7..0000000 --- a/home/vim/after/ftplugin/d.vim +++ /dev/null @@ -1,6 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use my desired ALE fixer for D -let b:ale_fixers=[ 'dfmt' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' diff --git a/home/vim/after/ftplugin/gitsendemail.vim b/home/vim/after/ftplugin/gitsendemail.vim deleted file mode 100644 index fc9c729..0000000 --- a/home/vim/after/ftplugin/gitsendemail.vim +++ /dev/null @@ -1,2 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() diff --git a/home/vim/after/ftplugin/haskell.vim b/home/vim/after/ftplugin/haskell.vim index 80d7f2e..978f346 100644 --- a/home/vim/after/ftplugin/haskell.vim +++ b/home/vim/after/ftplugin/haskell.vim @@ -5,26 +5,6 @@ call ftplugined#check_undo_ft() setlocal shiftwidth=2 let b:undo_ftplugin.='|setlocal shiftwidth<' -" Use my desired ALE fixers for Haskell -let b:ale_fixers=[ 'brittany' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' - -" Use stack-managed `hlint` -let b:ale_haskell_hlint_executable='stack' -let b:undo_ftplugin.='|unlet! b:ale_haskell_hlint_executable' - -" Use stack-managed `brittany` -let b:ale_haskell_brittany_executable='stack' -let b:undo_ftplugin.='|unlet! b:ale_haskell_brittany_executable' - -" Use dynamic libraries because of Arch linux, with default ALE options -let b:ale_haskell_ghc_options='--dynamic -fno-code -v0' -let b:undo_ftplugin.='|unlet! b:ale_haskell_ghc_options' - -" Automatically format files when saving them -let b:ale_fix_on_save=1 -let b:undo_ftplugin='|unlet! b:ale_lint_on_save' - " Change max length of a line to 100 for this buffer to match official guidelines setlocal colorcolumn=100 let b:undo_ftplugin.='|setlocal colorcolumn<' diff --git a/home/vim/after/ftplugin/json.vim b/home/vim/after/ftplugin/json.vim deleted file mode 100644 index 2b4ba56..0000000 --- a/home/vim/after/ftplugin/json.vim +++ /dev/null @@ -1,6 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use my desired ALE fixer for JSON -let b:ale_fixers=[ 'jq' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' diff --git a/home/vim/after/ftplugin/pandoc.vim b/home/vim/after/ftplugin/pandoc.vim index d44bc12..5b58b41 100644 --- a/home/vim/after/ftplugin/pandoc.vim +++ b/home/vim/after/ftplugin/pandoc.vim @@ -1,10 +1,6 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() -" Let ALE know that I want Markdown linters -let b:ale_linter_aliases=[ 'markdown' ] -let b:undo_ftplugin.='|unlet! b:ale_linter_aliases' - " Use a small indentation value on Pandoc files setlocal shiftwidth=2 let b:undo_ftplugin.='|setlocal shiftwidth<' diff --git a/home/vim/after/ftplugin/python.vim b/home/vim/after/ftplugin/python.vim index a18299e..e7232a8 100644 --- a/home/vim/after/ftplugin/python.vim +++ b/home/vim/after/ftplugin/python.vim @@ -1,40 +1,6 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() -" Use my desired ALE fixers for python -let b:ale_fixers=[ 'black', 'isort' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' -" Use my desired ALE linters for python -let b:ale_linters=[ 'flake8', 'mypy', 'pylint', 'pyls' ] -let b:undo_ftplugin.='|unlet! b:ale_linters' - -" Use pyls inside the python environment if needed -let b:ale_python_pyls_auto_pipenv=1 -let b:undo_ftplugin.='|unlet! b:ale_python_pyls_auto_pipenv' - -" Disable pycodestyle checks from pyls because I'm already using flake8 -let b:ale_python_pyls_config={ - \ 'pyls': { - \ 'plugins': { - \ 'pycodestyle': { - \ 'enabled': v:false - \ }, - \ }, - \ }, - \ } -let b:undo_ftplugin.='|unlet! b:ale_python_pyls_config' - -" Don't use mypy to check for syntax errors -let b:ale_python_mypy_ignore_invalid_syntax=1 -let b:undo_ftplugin.='|unlet! b:ale_python_mypy_ignore_invalid_syntax' -" Use mypy inside the python environment if needed -let b:ale_python_mypy_auto_pipenv=1 -let b:undo_ftplugin.='|unlet! b:ale_python_mypy_auto_pipenv' - -" Automatically format files when saving them -let b:ale_fix_on_save=1 -let b:undo_ftplugin='|unlet! b:ale_lint_on_save' - " Change max length of a line to 88 for this buffer to match black's settings setlocal colorcolumn=88 let b:undo_ftplugin.='|setlocal colorcolumn<' diff --git a/home/vim/after/ftplugin/rust.vim b/home/vim/after/ftplugin/rust.vim index 61516f9..8738a54 100644 --- a/home/vim/after/ftplugin/rust.vim +++ b/home/vim/after/ftplugin/rust.vim @@ -1,31 +1,6 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() -" Check tests too -let b:ale_rust_cargo_check_tests=1 -let b:undo_ftplugin='|unlet! b:ale_rust_cargo_check_tests' - -" Check examples too -let b:ale_rust_cargo_check_examples=1 -let b:undo_ftplugin='|unlet! b:ale_rust_cargo_check_examples' - -" Use clippy if it's available instead of just cargo check -let b:ale_rust_cargo_use_clippy=executable('cargo-clippy') -let b:undo_ftplugin='|unlet! b:ale_rust_cargo_use_clippy' - -" Use rust-analyzer instead of RLS as a linter -let b:ale_linters=[ 'cargo', 'analyzer' ] -let b:undo_ftplugin='|unlet! b:ale_linters' - - -" Use rustfmt as ALE fixer for rust -let b:ale_fixers=[ 'rustfmt' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' - -" Automatically format files when saving them -let b:ale_fix_on_save=1 -let b:undo_ftplugin='|unlet! b:ale_lint_on_save' - " Change max length of a line to 99 for this buffer to match official guidelines setlocal colorcolumn=99 let b:undo_ftplugin.='|setlocal colorcolumn<' diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim deleted file mode 100644 index 5b5a88c..0000000 --- a/home/vim/after/ftplugin/sh.vim +++ /dev/null @@ -1,14 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use shfmt as ALE fixer for sh -let b:ale_fixers=[ 'shfmt' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' - -" Indent with 4 spaces, simplify the code, indent switch cases, use POSIX -let b:ale_sh_shfmt_options='-i 4 -s -ci -ln posix' -let b:undo_ftplugin.='|unlet! b:ale_sh_shfmt_options' - -" Require explicit empty string test -let b:ale_sh_shellcheck_options='-o avoid-nullary-conditions' -let b:undo_ftplugin.='|unlet! b:ale_sh_shellcheck_options' diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim deleted file mode 100644 index b8c7a31..0000000 --- a/home/vim/after/ftplugin/zsh.vim +++ /dev/null @@ -1,14 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use shfmt as ALE fixer for zsh -let b:ale_fixers=[ 'shfmt' ] -let b:undo_ftplugin.='|unlet! b:ale_fixers' - -" Indent with 4 spaces, simplify script, indent switch cases, use Bash variant -let b:ale_sh_shfmt_options='-i 4 -s -ci -ln bash' -let b:undo_ftplugin.='|unlet! b:ale_sh_shfmt_options' - -" Use bash dialect explicitly, require explicit empty string test -let b:ale_sh_shellcheck_options='-s bash -o avoid-nullary-conditions' -let b:undo_ftplugin.='|unlet! b:ale_sh_shellcheck_options' diff --git a/home/vim/after/plugin/mappings/ale.vim b/home/vim/after/plugin/mappings/ale.vim deleted file mode 100644 index 3069f81..0000000 --- a/home/vim/after/plugin/mappings/ale.vim +++ /dev/null @@ -1,2 +0,0 @@ -" Use ALE LSP-powered symbol information -nnoremap K :ALEHover diff --git a/home/vim/default.nix b/home/vim/default.nix index eb79fe9..935b330 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -63,8 +63,6 @@ in git-messenger-vim # A simple blame window # LSP and linting - ale # Asynchronous Linting Engine - lightline-ale # Status bar integration ]; extraConfig = builtins.readFile ./init.vim; diff --git a/home/vim/plugin/settings/ale.vim b/home/vim/plugin/settings/ale.vim deleted file mode 100644 index 23c9138..0000000 --- a/home/vim/plugin/settings/ale.vim +++ /dev/null @@ -1,24 +0,0 @@ -" Always display the sign column to avoid moving the buffer all the time -let g:ale_sign_column_always=1 - -" Change the way ALE display messages -let g:ale_echo_msg_info_str='I' -let g:ale_echo_msg_warning_str='W' -let g:ale_echo_msg_error_str='E' - -" The message displayed in the command line area -let g:ale_echo_msg_format='[%linter%][%severity%]%(code):% %s' - -" The message displayed in the location list -let g:ale_loclist_msg_format='[%linter%]%(code):% %s' - -" Don't lint every time I change the buffer -let g:ale_lint_on_text_changed=0 -" Don't lint on leaving insert mode -let g:ale_lint_on_insert_leave=0 -" Don't lint on entering a buffer -let g:ale_lint_on_enter=0 -" Do lint on save -let g:ale_lint_on_save=1 -" Lint on changing the filetype -let g:ale_lint_on_filetype_changed=1 diff --git a/home/vim/plugin/settings/lightline.vim b/home/vim/plugin/settings/lightline.vim index 039b2b3..d5031fd 100644 --- a/home/vim/plugin/settings/lightline.vim +++ b/home/vim/plugin/settings/lightline.vim @@ -15,7 +15,6 @@ let g:lightline.active={ \ [ 'lineinfo' ], \ [ 'percent' ], \ [ 'fileformat', 'fileencoding', 'filetype' ], - \ [ 'linter_check', 'linter_errors', 'linter_warn', 'linter_ok' ], \ [ 'ctags_status' ], \ ] \ } @@ -38,29 +37,11 @@ let g:lightline.component_function={ \ 'gitbranch': 'LightlineFugitive', \ } -" Which component can be expanded by using which function -let g:lightline.component_expand={ - \ 'linter_check': 'lightline#ale#checking', - \ 'linter_warn': 'lightline#ale#warnings', - \ 'linter_errors': 'lightline#ale#errors', - \ 'linter_ok': 'lightline#ale#ok', - \ } - " How to color custom components let g:lightline.component_type={ \ 'readonly': 'error', - \ 'linter_checking': 'left', - \ 'linter_warn': 'warning', - \ 'linter_errors': 'error', - \ 'linter_ok': 'left', \ } -" Show pretty icons instead of text for linting status -let g:lightline#ale#indicator_checking='⏳' -let g:lightline#ale#indicator_warnings='◆' -let g:lightline#ale#indicator_errors='✗' -let g:lightline#ale#indicator_ok='✓' - " Show a lock icon when editing a read-only file when it makes sense function! LightlineReadonly() return &ft!~?'help\|vimfiler\|netrw' && &readonly ? '🔒' : '' From cb389b71b1fdaadd9876dc3d197a469a30bd0020 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 24 Feb 2022 11:40:16 +0100 Subject: [PATCH 478/654] home: vim: remove 'quickfixed' functionality I never use it anymore... --- home/vim/after/ftplugin/qf.vim | 8 ---- home/vim/autoload/quickfixed.vim | 68 -------------------------------- 2 files changed, 76 deletions(-) delete mode 100644 home/vim/after/ftplugin/qf.vim delete mode 100644 home/vim/autoload/quickfixed.vim diff --git a/home/vim/after/ftplugin/qf.vim b/home/vim/after/ftplugin/qf.vim deleted file mode 100644 index 01036f9..0000000 --- a/home/vim/after/ftplugin/qf.vim +++ /dev/null @@ -1,8 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Use h/l to go to the previous/next non-empty quickfix or location list -nnoremap h :call quickfixed#older() -let b:undo_ftplugin.='|nunmap h' -nnoremap l :call quickfixed#newer() -let b:undo_ftplugin.='|nunmap l' diff --git a/home/vim/autoload/quickfixed.vim b/home/vim/autoload/quickfixed.vim deleted file mode 100644 index 4862f8f..0000000 --- a/home/vim/autoload/quickfixed.vim +++ /dev/null @@ -1,68 +0,0 @@ -" Taken from the Vimways article - -function! s:isLocation() - " Get dictionary of properties of the current window - let wininfo = filter(getwininfo(), {i,v -> v.winnr == winnr()})[0] - return wininfo.loclist -endfunction - -function! s:length() - " Get the size of the current quickfix/location list - return len(s:isLocation() ? getloclist(0) : getqflist()) -endfunction - -function! s:getProperty(key, ...) - " getqflist() and getloclist() expect a dictionary argument - " If a 2nd argument has been passed in, use it as the value, else 0 - let l:what = {a:key : a:0 ? a:1 : 0} - let l:listdict = s:isLocation() ? getloclist(0, l:what) : getqflist(l:what) - return get(l:listdict, a:key) -endfunction - -function! s:isFirst() - return s:getProperty('nr') <= 1 -endfunction - -function! s:isLast() - return s:getProperty('nr') == s:getProperty('nr', '$') -endfunction - -function! s:history(goNewer) - " Build the command: one of colder/cnewer/lolder/lnewer - let l:cmd = (s:isLocation() ? 'l' : 'c') . (a:goNewer ? 'newer' : 'older') - - " Apply the cmd repeatedly until we hit a non-empty list, or first/last list - " is reached - while 1 - if (a:goNewer && s:isLast()) || (!a:goNewer && s:isFirst()) | break | endif - " Run the command. Use :silent to suppress message-history output. - " Note that the :try wrapper is no longer necessary - silent execute l:cmd - if s:length() | break | endif - endwhile - - " Echo a description of the new quickfix / location list. - " And make it look like a rainbow. - let l:nr = s:getProperty('nr') - let l:last = s:getProperty('nr', '$') - echohl MoreMsg | echon '(' - echohl Identifier | echon l:nr - if l:last > 1 - echohl LineNr | echon ' of ' - echohl Identifier | echon l:last - endif - echohl MoreMsg | echon ') ' - echohl MoreMsg | echon '[' - echohl Identifier | echon s:length() - echohl MoreMsg | echon '] ' - echohl Normal | echon s:getProperty('title') - echohl None -endfunction - -function! quickfixed#older() - call s:history(0) -endfunction - -function! quickfixed#newer() - call s:history(1) -endfunction From f73f59b06c36343e31197c55b8d8d16187f452e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 24 Feb 2022 13:20:16 +0100 Subject: [PATCH 479/654] home: vim: add 'lightline-lsp' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 935b330..7eb8b92 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -63,6 +63,7 @@ in git-messenger-vim # A simple blame window # LSP and linting + lightline-lsp ]; extraConfig = builtins.readFile ./init.vim; From d9a2c12d3f47615290044f67afa45c1494115545 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 24 Feb 2022 13:21:14 +0100 Subject: [PATCH 480/654] home: vim: configure 'lightline-lsp' This pretty much replace 'lightline-ale' for me now. At least it will, once I have configured some LSP clients. --- home/vim/plugin/settings/lightline.vim | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/home/vim/plugin/settings/lightline.vim b/home/vim/plugin/settings/lightline.vim index d5031fd..14079f6 100644 --- a/home/vim/plugin/settings/lightline.vim +++ b/home/vim/plugin/settings/lightline.vim @@ -15,6 +15,7 @@ let g:lightline.active={ \ [ 'lineinfo' ], \ [ 'percent' ], \ [ 'fileformat', 'fileencoding', 'filetype' ], + \ [ 'linter_errors', 'linter_warnings', 'linter_infos', 'linter_hints', 'linter_ok' ], \ [ 'ctags_status' ], \ ] \ } @@ -37,11 +38,33 @@ let g:lightline.component_function={ \ 'gitbranch': 'LightlineFugitive', \ } +" Which component can be expanded by using which function +let g:lightline.component_expand={ + \ 'linter_hints': 'lightline#lsp#hints', + \ 'linter_infos': 'lightline#lsp#infos', + \ 'linter_warnings': 'lightline#lsp#warnings', + \ 'linter_errors': 'lightline#lsp#errors', + \ 'linter_ok': 'lightline#lsp#ok', + \ } + " How to color custom components let g:lightline.component_type={ \ 'readonly': 'error', + \ 'linter_hints': 'right', + \ 'linter_infos': 'right', + \ 'linter_warnings': 'warning', + \ 'linter_errors': 'error', + \ 'linter_ok': 'right', \ } +" Show pretty icons instead of text for linting status +let g:lightline#lsp#indicator_hints='🔍' +let g:lightline#lsp#indicator_infos='ℹ' +let g:lightline#lsp#indicator_warnings='◆' +let g:lightline#lsp#indicator_errors='✗' +let g:lightline#lsp#indicator_ok='✓' + + " Show a lock icon when editing a read-only file when it makes sense function! LightlineReadonly() return &ft!~?'help\|vimfiler\|netrw' && &readonly ? '🔒' : '' From 367dc1e5a59920ac4ca7e6269eba9ca0e0819381 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:48:26 +0100 Subject: [PATCH 481/654] home: vim: add 'null-ls' --- home/vim/default.nix | 2 ++ home/vim/plugin/settings/null-ls.vim | 4 ++++ 2 files changed, 6 insertions(+) create mode 100644 home/vim/plugin/settings/null-ls.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index 7eb8b92..9fac4c6 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -64,6 +64,8 @@ in # LSP and linting lightline-lsp + null-ls-nvim # LSP integration for linters and formatters + plenary-nvim # 'null-ls' dependency ]; extraConfig = builtins.readFile ./init.vim; diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim new file mode 100644 index 0000000..e9a0781 --- /dev/null +++ b/home/vim/plugin/settings/null-ls.vim @@ -0,0 +1,4 @@ +lua << EOF +null_ls = require("null-ls") +null_ls.setup() +EOF From 58bf5b6b1cc75120342d523fc5416f62ff7b6fcb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:48:53 +0100 Subject: [PATCH 482/654] home: vim: configure 'null-ls' for 'bash' --- home/vim/after/ftplugin/bash.vim | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 home/vim/after/ftplugin/bash.vim diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim new file mode 100644 index 0000000..8799799 --- /dev/null +++ b/home/vim/after/ftplugin/bash.vim @@ -0,0 +1,17 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.diagnostics.shellcheck.with({ + -- Require explicit empty string test, use bash dialect + extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, + }), + null_ls.builtins.formatting.shfmt.with({ + -- Indent with 4 spaces, simplify the code, indent switch cases, use bash dialect + extra_args = { "-i", "4", "-s", "-ci", "-ln", "bash" }, + }), +}) +EOF From 58470804d69b87df91e15a20d9b640cf9829a8d8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:49:03 +0100 Subject: [PATCH 483/654] home: vim: configure 'null-ls' for 'sh' --- home/vim/after/ftplugin/sh.vim | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 home/vim/after/ftplugin/sh.vim diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim new file mode 100644 index 0000000..8d1594b --- /dev/null +++ b/home/vim/after/ftplugin/sh.vim @@ -0,0 +1,17 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.diagnostics.shellcheck.with({ + -- Require explicit empty string test + extra_args = { "-o", "avoid-nullary-conditions" }, + }), + null_ls.builtins.formatting.shfmt.with({ + -- Indent with 4 spaces, simplify the code, indent switch cases, use POSIX + extra_args = { "-i", "4", "-s", "-ci", "-ln", "posix" }, + }), +}) +EOF From 5f06b43ad4e0a38bb118927157a40aac38ef0139 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:49:09 +0100 Subject: [PATCH 484/654] home: vim: configure 'null-ls' for 'zsh' --- home/vim/after/ftplugin/zsh.vim | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 home/vim/after/ftplugin/zsh.vim diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim new file mode 100644 index 0000000..8799799 --- /dev/null +++ b/home/vim/after/ftplugin/zsh.vim @@ -0,0 +1,17 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.diagnostics.shellcheck.with({ + -- Require explicit empty string test, use bash dialect + extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, + }), + null_ls.builtins.formatting.shfmt.with({ + -- Indent with 4 spaces, simplify the code, indent switch cases, use bash dialect + extra_args = { "-i", "4", "-s", "-ci", "-ln", "bash" }, + }), +}) +EOF From 60b87c90fcf436840a81e820f41af8dd542d3367 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:49:21 +0100 Subject: [PATCH 485/654] home: vim: configure 'null-ls' for 'haskell' --- home/vim/after/ftplugin/haskell.vim | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/home/vim/after/ftplugin/haskell.vim b/home/vim/after/ftplugin/haskell.vim index 978f346..776adbe 100644 --- a/home/vim/after/ftplugin/haskell.vim +++ b/home/vim/after/ftplugin/haskell.vim @@ -1,6 +1,14 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.formatting.brittany, +}) +EOF + " Use a small indentation value on Haskell files setlocal shiftwidth=2 let b:undo_ftplugin.='|setlocal shiftwidth<' From 3aa859861e064ca75d7a3026b972961e54834d5f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 10:38:52 +0100 Subject: [PATCH 486/654] home: vim: add formatting on save with 'null-ls' --- home/vim/plugin/settings/null-ls.vim | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index e9a0781..5dbbd73 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -1,4 +1,16 @@ lua << EOF -null_ls = require("null-ls") -null_ls.setup() +local null_ls = require("null-ls") +null_ls.setup({ + on_attach = function(client) + -- Format on save + if client.resolved_capabilities.document_formatting then + vim.cmd([[ + augroup LspFormatting + autocmd! * + autocmd BufWritePre lua vim.lsp.buf.formatting_sync() + augroup END + ]]) + end + end, +}) EOF From bb512cf838e15eda3b3dd35f36e50299293173c6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 13:07:20 +0100 Subject: [PATCH 487/654] home: vim: configure 'null-ls' for 'c' --- home/vim/after/ftplugin/c.vim | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 home/vim/after/ftplugin/c.vim diff --git a/home/vim/after/ftplugin/c.vim b/home/vim/after/ftplugin/c.vim new file mode 100644 index 0000000..7e5a367 --- /dev/null +++ b/home/vim/after/ftplugin/c.vim @@ -0,0 +1,10 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.formatting.clang_format, +}) +EOF From 5947ec42175a6e7cf2e4b100c06dd511d8ce7f14 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 13:07:31 +0100 Subject: [PATCH 488/654] home: vim: configure 'null-ls' for 'cpp' --- home/vim/after/ftplugin/cpp.vim | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 home/vim/after/ftplugin/cpp.vim diff --git a/home/vim/after/ftplugin/cpp.vim b/home/vim/after/ftplugin/cpp.vim new file mode 100644 index 0000000..7e5a367 --- /dev/null +++ b/home/vim/after/ftplugin/cpp.vim @@ -0,0 +1,10 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.formatting.clang_format, +}) +EOF From 4b92a3fda94f46f8b74e80d0dcaf304246679a89 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 11:49:57 +0100 Subject: [PATCH 489/654] home: vim: configure 'null-ls' for 'python' --- home/vim/after/ftplugin/python.vim | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/home/vim/after/ftplugin/python.vim b/home/vim/after/ftplugin/python.vim index e7232a8..a2aebc0 100644 --- a/home/vim/after/ftplugin/python.vim +++ b/home/vim/after/ftplugin/python.vim @@ -1,6 +1,18 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.diagnostics.flake8, + null_ls.builtins.diagnostics.mypy, + null_ls.builtins.diagnostics.pylint, + null_ls.builtins.formatting.black, + null_ls.builtins.formatting.isort, +}) +EOF + " Change max length of a line to 88 for this buffer to match black's settings setlocal colorcolumn=88 let b:undo_ftplugin.='|setlocal colorcolumn<' From f54fbcf793cb78f2bb5d423e4b145631ba1fd134 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 13:13:53 +0100 Subject: [PATCH 490/654] home: vim: show error codes from 'shellcheck' --- home/vim/after/ftplugin/bash.vim | 2 ++ home/vim/after/ftplugin/sh.vim | 2 ++ home/vim/after/ftplugin/zsh.vim | 2 ++ 3 files changed, 6 insertions(+) diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim index 8799799..03f3f9f 100644 --- a/home/vim/after/ftplugin/bash.vim +++ b/home/vim/after/ftplugin/bash.vim @@ -6,6 +6,8 @@ lua << EOF local null_ls = require("null-ls") null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ + -- Show error code in message + diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, }), diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim index 8d1594b..f80f25a 100644 --- a/home/vim/after/ftplugin/sh.vim +++ b/home/vim/after/ftplugin/sh.vim @@ -6,6 +6,8 @@ lua << EOF local null_ls = require("null-ls") null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ + -- Show error code in message + diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test extra_args = { "-o", "avoid-nullary-conditions" }, }), diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim index 8799799..03f3f9f 100644 --- a/home/vim/after/ftplugin/zsh.vim +++ b/home/vim/after/ftplugin/zsh.vim @@ -6,6 +6,8 @@ lua << EOF local null_ls = require("null-ls") null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ + -- Show error code in message + diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, }), From d7a9783cebd68fae2f2c1151cec25b35904266c2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 15:36:31 +0100 Subject: [PATCH 491/654] home: vim: keep space after shell redirections --- home/vim/after/ftplugin/bash.vim | 5 +++-- home/vim/after/ftplugin/sh.vim | 5 +++-- home/vim/after/ftplugin/zsh.vim | 5 +++-- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim index 03f3f9f..cb85c8f 100644 --- a/home/vim/after/ftplugin/bash.vim +++ b/home/vim/after/ftplugin/bash.vim @@ -12,8 +12,9 @@ null_ls.register({ extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, }), null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, use bash dialect - extra_args = { "-i", "4", "-s", "-ci", "-ln", "bash" }, + -- Indent with 4 spaces, simplify the code, indent switch cases, + -- add space after redirection, use bash dialect + extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, }), }) EOF diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim index f80f25a..442ebcb 100644 --- a/home/vim/after/ftplugin/sh.vim +++ b/home/vim/after/ftplugin/sh.vim @@ -12,8 +12,9 @@ null_ls.register({ extra_args = { "-o", "avoid-nullary-conditions" }, }), null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, use POSIX - extra_args = { "-i", "4", "-s", "-ci", "-ln", "posix" }, + -- Indent with 4 spaces, simplify the code, indent switch cases, + -- add space after redirection, use POSIX + extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" }, }), }) EOF diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim index 03f3f9f..cb85c8f 100644 --- a/home/vim/after/ftplugin/zsh.vim +++ b/home/vim/after/ftplugin/zsh.vim @@ -12,8 +12,9 @@ null_ls.register({ extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, }), null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, use bash dialect - extra_args = { "-i", "4", "-s", "-ci", "-ln", "bash" }, + -- Indent with 4 spaces, simplify the code, indent switch cases, + -- add space after redirection, use bash dialect + extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, }), }) EOF From 729f60c471c67b9f06ba36c53816fb38e0bc1c0f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 18:19:41 +0100 Subject: [PATCH 492/654] home: vim: configure 'null-ls' for 'nix' --- home/vim/after/ftplugin/nix.vim | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 home/vim/after/ftplugin/nix.vim diff --git a/home/vim/after/ftplugin/nix.vim b/home/vim/after/ftplugin/nix.vim new file mode 100644 index 0000000..a5056c8 --- /dev/null +++ b/home/vim/after/ftplugin/nix.vim @@ -0,0 +1,10 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Set-up LSP, linters, formatters +lua << EOF +local null_ls = require("null-ls") +null_ls.register({ + null_ls.builtins.formatting.nixpkgs_fmt, +}) +EOF From faa8ae6d1eaacc6651634360d82838276658aaf0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 18:21:35 +0100 Subject: [PATCH 493/654] home: vim: add 'lsp_lines' I dislike the diagnostics *next* to affected lines. This looks neater, though the best look would be a simple hover window or status line message instead, like ALE used to do. It might grow on me however. --- home/vim/default.nix | 1 + home/vim/plugin/settings/lsp_lines.vim | 9 +++++++++ 2 files changed, 10 insertions(+) create mode 100644 home/vim/plugin/settings/lsp_lines.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index 9fac4c6..574b01e 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -64,6 +64,7 @@ in # LSP and linting lightline-lsp + lsp_lines-nvim # Show diagnostics *over* regions null-ls-nvim # LSP integration for linters and formatters plenary-nvim # 'null-ls' dependency ]; diff --git a/home/vim/plugin/settings/lsp_lines.vim b/home/vim/plugin/settings/lsp_lines.vim new file mode 100644 index 0000000..10b46a3 --- /dev/null +++ b/home/vim/plugin/settings/lsp_lines.vim @@ -0,0 +1,9 @@ +lua << EOF +-- Show LSP diagnostics on virtual lines over affected regions +require("lsp_lines").register_lsp_virtual_lines() + +-- Disable virtual test next to affected regions +vim.diagnostic.config({ + virtual_text = false, +}) +EOF From e701dd06ea10b22536829e0a498431133183c401 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Feb 2022 19:14:18 +0100 Subject: [PATCH 494/654] home: vim: make python formatting faster --- home/vim/after/ftplugin/python.vim | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/home/vim/after/ftplugin/python.vim b/home/vim/after/ftplugin/python.vim index a2aebc0..ffc0327 100644 --- a/home/vim/after/ftplugin/python.vim +++ b/home/vim/after/ftplugin/python.vim @@ -8,7 +8,9 @@ null_ls.register({ null_ls.builtins.diagnostics.flake8, null_ls.builtins.diagnostics.mypy, null_ls.builtins.diagnostics.pylint, - null_ls.builtins.formatting.black, + null_ls.builtins.formatting.black.with({ + extra_args = { "--fast" }, + }), null_ls.builtins.formatting.isort, }) EOF From 01d7ead1210697ad03a06596f08f1fad29246c56 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 12:26:49 +0100 Subject: [PATCH 495/654] home: vim: add 'nvim-treesitter' IMHO, this is *very* colorful, I might not end up using the highlighting after all. Let's see if I get used to it after a little while. --- home/vim/default.nix | 1 + home/vim/plugin/settings/tree-sitter.vim | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 home/vim/plugin/settings/tree-sitter.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index 574b01e..9ef28a0 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -66,6 +66,7 @@ in lightline-lsp lsp_lines-nvim # Show diagnostics *over* regions null-ls-nvim # LSP integration for linters and formatters + (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting plenary-nvim # 'null-ls' dependency ]; diff --git a/home/vim/plugin/settings/tree-sitter.vim b/home/vim/plugin/settings/tree-sitter.vim new file mode 100644 index 0000000..8df22b0 --- /dev/null +++ b/home/vim/plugin/settings/tree-sitter.vim @@ -0,0 +1,13 @@ +lua << EOF +local ts_config = require("nvim-treesitter.configs") +ts_config.setup({ + highlight = { + enable = true, + -- Avoid duplicate highlighting + additional_vim_regex_highlighting = false, + }, + indent = { + enable = true, + }, +}) +EOF From d87fd7b9e1172b264e5fe4635f89ade616a9e9ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 12:47:55 +0100 Subject: [PATCH 496/654] home: vim: configure diagnostics further This is not only 'lsp_lines' configuration anymore, but the whole display of diagnostics. --- home/vim/plugin/settings/diagnostics.vim | 17 +++++++++++++++++ home/vim/plugin/settings/lsp_lines.vim | 9 --------- 2 files changed, 17 insertions(+), 9 deletions(-) create mode 100644 home/vim/plugin/settings/diagnostics.vim delete mode 100644 home/vim/plugin/settings/lsp_lines.vim diff --git a/home/vim/plugin/settings/diagnostics.vim b/home/vim/plugin/settings/diagnostics.vim new file mode 100644 index 0000000..8327866 --- /dev/null +++ b/home/vim/plugin/settings/diagnostics.vim @@ -0,0 +1,17 @@ +lua << EOF +-- Show LSP diagnostics on virtual lines over affected regions +require("lsp_lines").register_lsp_virtual_lines() + +vim.diagnostic.config({ + -- Disable virtual test next to affected regions + virtual_text = false, + -- Show diagnostics signs + signs = true, + -- Underline offending regions + underline = true, + -- Do not bother me in the middle of insertion + update_in_insert = false, + -- Show highest severity first + severity_sort = true, +}) +EOF diff --git a/home/vim/plugin/settings/lsp_lines.vim b/home/vim/plugin/settings/lsp_lines.vim deleted file mode 100644 index 10b46a3..0000000 --- a/home/vim/plugin/settings/lsp_lines.vim +++ /dev/null @@ -1,9 +0,0 @@ -lua << EOF --- Show LSP diagnostics on virtual lines over affected regions -require("lsp_lines").register_lsp_virtual_lines() - --- Disable virtual test next to affected regions -vim.diagnostic.config({ - virtual_text = false, -}) -EOF From 5dd9d1c6d07654acda9d37d1d77c1270255ee36f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 12:50:23 +0100 Subject: [PATCH 497/654] home: vim: configure short 'CursorHold' timeout --- home/vim/init.vim | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/vim/init.vim b/home/vim/init.vim index 23717e1..ae5b15f 100644 --- a/home/vim/init.vim +++ b/home/vim/init.vim @@ -65,6 +65,9 @@ set lazyredraw " Timeout quickly on shortcuts, I can't wait two seconds to delete in visual set timeoutlen=500 +" Timeout quickly for CursorHold events (and also swap file) +set updatetime=250 + " Set dark mode by default set background=dark From dd3bfc74fa31b2606cc8f71f91665bf040a4a5a8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 12:53:04 +0100 Subject: [PATCH 498/654] home: vim: show diagnostics on hover Ideally, I want the following features: * diagnostic icons in the sign column always, * virtual text on the current line only * switch to hover window and/or lsp_lines display through a mapping --- home/vim/plugin/settings/diagnostics.vim | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/vim/plugin/settings/diagnostics.vim b/home/vim/plugin/settings/diagnostics.vim index 8327866..db68098 100644 --- a/home/vim/plugin/settings/diagnostics.vim +++ b/home/vim/plugin/settings/diagnostics.vim @@ -15,3 +15,9 @@ vim.diagnostic.config({ severity_sort = true, }) EOF + +augroup DiagnosticsHover + autocmd! + " Show diagnostics on "hover" + autocmd! CursorHold,CursorHoldI * lua vim.diagnostic.open_float(nil, {focus=false, scope="cursor"}) +augroup END From b9e52736721246e8685f03a2ec7b8dbe526eb8d6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 12:56:39 +0100 Subject: [PATCH 499/654] home: vim: remove 'lsp_lines' I like the hovering behaviour better, it's less "in your face". I might revisit the idea in the future, as a toggled mapping. --- home/vim/plugin/settings/diagnostics.vim | 3 --- 1 file changed, 3 deletions(-) diff --git a/home/vim/plugin/settings/diagnostics.vim b/home/vim/plugin/settings/diagnostics.vim index db68098..6b5e0ba 100644 --- a/home/vim/plugin/settings/diagnostics.vim +++ b/home/vim/plugin/settings/diagnostics.vim @@ -1,7 +1,4 @@ lua << EOF --- Show LSP diagnostics on virtual lines over affected regions -require("lsp_lines").register_lsp_virtual_lines() - vim.diagnostic.config({ -- Disable virtual test next to affected regions virtual_text = false, From 87f255d26512944c9bfec4c8b71681a24ce7df95 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 13:42:23 +0100 Subject: [PATCH 500/654] home: vim: remove unimpaired mappings I do not use `azerty` anymore, no need for those. --- home/vim/after/plugin/mappings/unimpaired.vim | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 home/vim/after/plugin/mappings/unimpaired.vim diff --git a/home/vim/after/plugin/mappings/unimpaired.vim b/home/vim/after/plugin/mappings/unimpaired.vim deleted file mode 100644 index 53457bd..0000000 --- a/home/vim/after/plugin/mappings/unimpaired.vim +++ /dev/null @@ -1,7 +0,0 @@ -" Better fr layout mappings for vim-unimpaired and other '[' and ']' commands -nmap ( [ -nmap ) ] -omap ( [ -omap ) ] -xmap ( [ -xmap ) ] From 0478efa81791d603a4d9947843b21d33fb7957e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 13:37:51 +0100 Subject: [PATCH 501/654] home: vim: remove unused mappings The beancount mappings are absolutely unused. The `Y` mapping is built in NeoVim nowadays. --- home/vim/after/ftplugin/beancount.vim | 4 ---- home/vim/after/plugin/mappings/misc.vim | 3 --- home/vim/after/plugin/mappings/qf.vim | 8 -------- 3 files changed, 15 deletions(-) diff --git a/home/vim/after/ftplugin/beancount.vim b/home/vim/after/ftplugin/beancount.vim index c5645c8..a2b142e 100644 --- a/home/vim/after/ftplugin/beancount.vim +++ b/home/vim/after/ftplugin/beancount.vim @@ -7,7 +7,3 @@ let b:undo_ftplugin.='|setlocal shiftwidth<' " Have automatic padding of transactions so that decimal is on 52nd column let g:beancount_separator_col=52 - -" Automatic padding for transactions -nnoremap = :AlignCommodity -vnoremap = :AlignCommodity diff --git a/home/vim/after/plugin/mappings/misc.vim b/home/vim/after/plugin/mappings/misc.vim index 7f1ea1c..fc2ed3d 100644 --- a/home/vim/after/plugin/mappings/misc.vim +++ b/home/vim/after/plugin/mappings/misc.vim @@ -1,6 +1,3 @@ -" Yank until the end of line with Y, to be more consistent with D and C -nnoremap Y y$ - " Run make silently, then skip the 'Press ENTER to continue' noremap m :silent! :make! \| :redraw! diff --git a/home/vim/after/plugin/mappings/qf.vim b/home/vim/after/plugin/mappings/qf.vim index c5e353b..6c98759 100644 --- a/home/vim/after/plugin/mappings/qf.vim +++ b/home/vim/after/plugin/mappings/qf.vim @@ -1,11 +1,3 @@ -" Next and previous in quick-fix list -nmap fn (qf_qf_next) -nmap fp (qf_qf_previous) - -" Next and previous in location list -nmap ln (qf_loc_next) -nmap lp (qf_loc_previous) - " Toggle quick-fix and location lists nmap tf (qf_qf_toggle) nmap tl (qf_loc_toggle) From 8b985cda840527636acc99a1bf7b7148249ab272 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 13:46:24 +0100 Subject: [PATCH 502/654] home: vim: move leader mappings to 'init.vim' --- home/vim/init.vim | 7 +++++++ home/vim/plugin/mappings/leader.vim | 6 ------ 2 files changed, 7 insertions(+), 6 deletions(-) delete mode 100644 home/vim/plugin/mappings/leader.vim diff --git a/home/vim/init.vim b/home/vim/init.vim index ae5b15f..ab5f648 100644 --- a/home/vim/init.vim +++ b/home/vim/init.vim @@ -13,6 +13,13 @@ set wildmenu " Enable syntax high-lighting and file-type specific plugins syntax on filetype plugin indent on + +" Map leader to space (needs the noremap trick to avoid moving the cursor) +nnoremap +let mapleader=" " + +" Map localleader to '!' (if I want to filter text, I use visual mode) +let maplocalleader="!" " }}} " Indentation configuration {{{ diff --git a/home/vim/plugin/mappings/leader.vim b/home/vim/plugin/mappings/leader.vim deleted file mode 100644 index 0aba0b2..0000000 --- a/home/vim/plugin/mappings/leader.vim +++ /dev/null @@ -1,6 +0,0 @@ -" Map leader to space (needs the noremap trick to avoid moving the cursor) -nnoremap -let mapleader=" " - -" Map localleader to '!' (if I want to filter text, I use visual mode) -let maplocalleader="!" From fa836d7df961742b8a28e9accebb38e5f4e3bb57 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 13:51:34 +0100 Subject: [PATCH 503/654] home: vim: add 'which-key-nvim' --- home/vim/default.nix | 3 +++ home/vim/plugin/settings/which-key.vim | 4 ++++ 2 files changed, 7 insertions(+) create mode 100644 home/vim/plugin/settings/which-key.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index 9ef28a0..a15ad6a 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -68,6 +68,9 @@ in null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting plenary-nvim # 'null-ls' dependency + + # UX improvements + which-key-nvim # Show available mappings ]; extraConfig = builtins.readFile ./init.vim; diff --git a/home/vim/plugin/settings/which-key.vim b/home/vim/plugin/settings/which-key.vim new file mode 100644 index 0000000..505bdc4 --- /dev/null +++ b/home/vim/plugin/settings/which-key.vim @@ -0,0 +1,4 @@ +lua << EOF +local wk = require("which-key") +wk.setup() +EOF From 19889f4cbf6a7019def9e85213c168e57633e679 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 14:44:52 +0100 Subject: [PATCH 504/654] home: vim: use 'which-key' --- home/vim/after/plugin/mappings/fugitive.vim | 10 ---------- home/vim/after/plugin/mappings/fzf.vim | 16 ++++++++++++---- home/vim/after/plugin/mappings/git.vim | 20 ++++++++++++++++++++ home/vim/after/plugin/mappings/misc.vim | 13 +++++++++---- home/vim/after/plugin/mappings/qf.vim | 16 +++++++++++++--- 5 files changed, 54 insertions(+), 21 deletions(-) delete mode 100644 home/vim/after/plugin/mappings/fugitive.vim create mode 100644 home/vim/after/plugin/mappings/git.vim diff --git a/home/vim/after/plugin/mappings/fugitive.vim b/home/vim/after/plugin/mappings/fugitive.vim deleted file mode 100644 index 934f00e..0000000 --- a/home/vim/after/plugin/mappings/fugitive.vim +++ /dev/null @@ -1,10 +0,0 @@ -" Visual bindings for merging diffs as in normal mode -xnoremap dp :diffput -xnoremap do :diffget - -" Open status window -nnoremap gs :Gstatus -" Open diff view of current buffer: the up/left window is the current index -nnoremap gd :Gdiffsplit! -" Open current file log in new tab, populate its location list with history -nnoremap gl :spT:Gllog --follow -- %:p diff --git a/home/vim/after/plugin/mappings/fzf.vim b/home/vim/after/plugin/mappings/fzf.vim index 6bf4a44..fa98f0c 100644 --- a/home/vim/after/plugin/mappings/fzf.vim +++ b/home/vim/after/plugin/mappings/fzf.vim @@ -1,5 +1,13 @@ -" Only git-tracked files, Vim needs to be in a Git repository -nnoremap ff :GFiles +lua << EOF +local wk = require("which-key") -" Currently open buffers -nnoremap fb :Buffers +local keys = { + f = { + name = "Fuzzy finder", + b = { "Buffers", "Open buffers" }, + f = { "GFiles", "Git tracked files" }, + }, +} + +wk.register(keys, { prefix = "" }) +EOF diff --git a/home/vim/after/plugin/mappings/git.vim b/home/vim/after/plugin/mappings/git.vim new file mode 100644 index 0000000..677abd0 --- /dev/null +++ b/home/vim/after/plugin/mappings/git.vim @@ -0,0 +1,20 @@ +lua << EOF +local wk = require("which-key") + +local keys = { + d = { + name = "Merging diff hunks", + o = { "diffget", "Use this buffer's change", mode="x" }, + p = { "diffput", "Accept other buffer change", mode="x" }, + }, + ["g"] = { + name = "Git", + d = { "Gdiffsplit", "Current buffer diff" }, + l = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, + m = { "(git-messenger)", "Current line blame" }, + s = { "Gstatus", "Status" }, + }, +} + +wk.register(keys) +EOF diff --git a/home/vim/after/plugin/mappings/misc.vim b/home/vim/after/plugin/mappings/misc.vim index fc2ed3d..d09410a 100644 --- a/home/vim/after/plugin/mappings/misc.vim +++ b/home/vim/after/plugin/mappings/misc.vim @@ -1,5 +1,10 @@ -" Run make silently, then skip the 'Press ENTER to continue' -noremap m :silent! :make! \| :redraw! +lua << EOF +local wk = require("which-key") -" Remove search-highlighting -noremap :nohls +local keys = { + m = { "silent! :make! | :redraw!", "Run make" }, + [""] = { "nohls", "Clear search highlight" }, +} + +wk.register(keys, { prefix = "" }) +EOF diff --git a/home/vim/after/plugin/mappings/qf.vim b/home/vim/after/plugin/mappings/qf.vim index 6c98759..e2eb8a7 100644 --- a/home/vim/after/plugin/mappings/qf.vim +++ b/home/vim/after/plugin/mappings/qf.vim @@ -1,3 +1,13 @@ -" Toggle quick-fix and location lists -nmap tf (qf_qf_toggle) -nmap tl (qf_loc_toggle) +lua << EOF +local wk = require("which-key") + +local keys = { + ["t"] = { + name = "Toggle", + f = { "(qf_qf_toggle)", "Toggle quickfix list" }, + l = { "(qf_loc_toggle)", "Toggle location list" }, + }, +} + +wk.register(keys, { prefix = "" }) +EOF From 416a4ca0d61d744489b850dc38551f5abfb31aba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 15:41:47 +0100 Subject: [PATCH 505/654] home: vim: document 'unimpaired' mappings By using 'which-key'. --- home/vim/after/plugin/mappings/unimpaired.vim | 115 ++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 home/vim/after/plugin/mappings/unimpaired.vim diff --git a/home/vim/after/plugin/mappings/unimpaired.vim b/home/vim/after/plugin/mappings/unimpaired.vim new file mode 100644 index 0000000..cdebacd --- /dev/null +++ b/home/vim/after/plugin/mappings/unimpaired.vim @@ -0,0 +1,115 @@ +lua << EOF +local wk = require("which-key") + +local keys = { + -- Edition and navigation mappins + ["["] = { + name = "Previous", + [""] = "Insert blank line above", + [""] = "Previous location list file", + [""] = "Previous quickfix list file", + [""] = "Previous tag in preview window", + a = "Previous argument", + A = "First argument", + b = "Previous buffer", + B = "First buffer", + e = "Exchange previous line", + f = "Previous file in directory", + l = "Previous location list entry", + L = "First Location list entry", + n = "Previous conflict marker/diff hunk", + p = "Paste line above", + P = "Paste line above", + q = "Previous quickfix list entry", + Q = "First quickfix list entry", + t = "Previous matching tag", + T = "First matching tag", + z = "Previous fold", + -- Encoding + C = "C string encode", + u = "URL encode", + x = "XML encode", + y = "C string encode", + }, + ["]"] = { + name = "Next", + [""] = "Insert blank line below", + [""] = "Next location list file", + [""] = "Next quickfix list file", + [""] = "Next tag in preview window", + a = "Next argument", + A = "Last argument", + b = "Next buffer", + B = "Last buffer", + e = "Exchange next line", + f = "Next file in directory", + l = "Next location list entry", + L = "Last Location list entry", + n = "Next conflict marker/diff hunk", + p = "Paste line below", + P = "Paste line below", + q = "Next quickfix list entry", + Q = "Last quickfix list entry", + t = "Next matching tag", + T = "Last matching tag", + z = "Next fold", + -- Decoding + C = "C string decode", + u = "URL decode", + x = "XML decode", + y = "C string decode", + }, + + -- Option mappings + ["[o"] = { + name = "Enable option", + b = "Light background", + c = "Cursor line", + d = "Diff", + h = "Search high-lighting", + i = "Case insensitive search", + l = "List mode", + n = "Line numbers", + r = "Relative line numbers", + u = "Cursor column", + v = "Virtual editing", + w = "Text wrapping", + x = "Cursor line and column", + z = "Spell checking", + }, + ["]o"] = { + name = "Option off", + b = "Light background", + c = "Cursor line", + d = "Diff", + h = "Search high-lighting", + i = "Case insensitive search", + l = "List mode", + n = "Line numbers", + r = "Relative line numbers", + u = "Cursor column", + v = "Virtual editing", + w = "Text wrapping", + x = "Cursor line and column", + z = "Spell checking", + }, + ["yo"] = { + name = "Option toggle", + b = "Light background", + c = "Cursor line", + d = "Diff", + h = "Search high-lighting", + i = "Case insensitive search", + l = "List mode", + n = "Line numbers", + r = "Relative line numbers", + u = "Cursor column", + v = "Virtual editing", + w = "Text wrapping", + x = "Cursor line and column", + z = "Spell checking", + }, +} + +wk.register(keys) +EOF From bbc47b6683d5ef511e6b28e622fd8c3243288c14 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 15:56:19 +0100 Subject: [PATCH 506/654] home: vim: document 'commentary' mappings By using 'which-key'. --- home/vim/after/plugin/mappings/commentary.vim | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 home/vim/after/plugin/mappings/commentary.vim diff --git a/home/vim/after/plugin/mappings/commentary.vim b/home/vim/after/plugin/mappings/commentary.vim new file mode 100644 index 0000000..219d661 --- /dev/null +++ b/home/vim/after/plugin/mappings/commentary.vim @@ -0,0 +1,12 @@ +lua << EOF +local wk = require("which-key") + +local keys = { + name = "Comment/uncomment", + c = "Current line", + u = "Uncomment the current and adjacent commented lines", + ["gc"] = "Uncomment the current and adjacent commented lines", +} + +wk.register(keys, { prefix = "gc" }) +EOF From be84a4a6fa1aa0362dbd02fb02a318a455879e03 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 15:59:45 +0100 Subject: [PATCH 507/654] home: vim: remove mapping to run 'make' --- home/vim/after/plugin/mappings/misc.vim | 1 - 1 file changed, 1 deletion(-) diff --git a/home/vim/after/plugin/mappings/misc.vim b/home/vim/after/plugin/mappings/misc.vim index d09410a..c7fcc8a 100644 --- a/home/vim/after/plugin/mappings/misc.vim +++ b/home/vim/after/plugin/mappings/misc.vim @@ -2,7 +2,6 @@ lua << EOF local wk = require("which-key") local keys = { - m = { "silent! :make! | :redraw!", "Run make" }, [""] = { "nohls", "Clear search highlight" }, } From b7b3387df71c68c21d87f8b89e2bfd32230855e2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 19:28:15 +0100 Subject: [PATCH 508/654] home: vim: add 'treesitter-textobjects' --- home/vim/default.nix | 1 + home/vim/plugin/settings/tree-sitter.vim | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index a15ad6a..bb7bdec 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -67,6 +67,7 @@ in lsp_lines-nvim # Show diagnostics *over* regions null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting + nvim-treesitter-textobjects # More textobjects plenary-nvim # 'null-ls' dependency # UX improvements diff --git a/home/vim/plugin/settings/tree-sitter.vim b/home/vim/plugin/settings/tree-sitter.vim index 8df22b0..10c22b1 100644 --- a/home/vim/plugin/settings/tree-sitter.vim +++ b/home/vim/plugin/settings/tree-sitter.vim @@ -9,5 +9,23 @@ ts_config.setup({ indent = { enable = true, }, + textobjects = { + select = { + enable = true, + -- Jump to matching text objects + lookahead = true, + keymaps = { + ["aa"] = "@parameter.outer", + ["ia"] = "@parameter.inner", + ["ab"] = "@block.outer", + ["ib"] = "@block.inner", + ["ac"] = "@class.outer", + ["ic"] = "@class.inner", + ["af"] = "@function.outer", + ["if"] = "@function.inner", + ["ak"] = "@comment.outer", + }, + }, + }, }) EOF From d26b9f253749deb00f8cdba2c36e1ea5ece5775c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 19:28:55 +0100 Subject: [PATCH 509/654] home: vim: document 'treesitter-textobjects' maps By using 'which-key'. --- .../plugin/mappings/tree-sitter-textobjects.vim | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 home/vim/after/plugin/mappings/tree-sitter-textobjects.vim diff --git a/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim new file mode 100644 index 0000000..ac960bd --- /dev/null +++ b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim @@ -0,0 +1,17 @@ +lua << EOF +local wk = require("which-key") + +local keys = { + ["aa"] = "a parameter", + ["ia"] = "inner parameter", + ["ab"] = "a block", + ["ib"] = "inner block", + ["ac"] = "a class", + ["ic"] = "inner class", + ["af"] = "a function", + ["if"] = "inner function", + ["ak"] = "a comment", +} + +wk.register(keys, { mode = "o" }) +EOF From bd5a15ebe7c46be3fa151d833b4b8962da5e8e50 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 19:45:09 +0100 Subject: [PATCH 510/654] home: vim: add 'tree-sitter' moves --- home/vim/plugin/settings/tree-sitter.vim | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/home/vim/plugin/settings/tree-sitter.vim b/home/vim/plugin/settings/tree-sitter.vim index 10c22b1..059fac7 100644 --- a/home/vim/plugin/settings/tree-sitter.vim +++ b/home/vim/plugin/settings/tree-sitter.vim @@ -26,6 +26,27 @@ ts_config.setup({ ["ak"] = "@comment.outer", }, }, + move = { + enable = true, + -- Add to jump list + set_jumps = true, + goto_next_start = { + ["]m"] = "@function.outer", + ["]]"] = "@class.outer", + }, + goto_next_end = { + ["]M"] = "@function.outer", + ["]["] = "@class.outer", + }, + goto_previous_start = { + ["[m"] = "@function.outer", + ["[["] = "@class.outer", + }, + goto_previous_end = { + ["[M"] = "@function.outer", + ["[]"] = "@class.outer", + }, + }, }, }) EOF From a96fb22d4dfe640f3280b46b86c6e766717d8840 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 19:45:19 +0100 Subject: [PATCH 511/654] home: vim: document 'tree-sitter' moves --- .../plugin/mappings/tree-sitter-textobjects.vim | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim index ac960bd..0014975 100644 --- a/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim +++ b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim @@ -1,7 +1,18 @@ lua << EOF local wk = require("which-key") -local keys = { +local motions = { + ["]m"] = "Next method start", + ["]M"] = "Next method end", + ["]]"] = "Next class start", + ["]["] = "Next class end", + ["[m"] = "Previous method start", + ["[M"] = "Previous method end", + ["[["] = "Previous class start", + ["[]"] = "Previous class end", +} + +local objects = { ["aa"] = "a parameter", ["ia"] = "inner parameter", ["ab"] = "a block", @@ -13,5 +24,6 @@ local keys = { ["ak"] = "a comment", } -wk.register(keys, { mode = "o" }) +wk.register(motions, { mode = "n" }) +wk.register(objects, { mode = "o" }) EOF From ae7c2d921b7e72cedb74a77875a746042bf4874a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 26 Feb 2022 19:52:40 +0100 Subject: [PATCH 512/654] home: vim: add statement objects/moves And document it. --- home/vim/after/plugin/mappings/tree-sitter-textobjects.vim | 3 +++ home/vim/plugin/settings/tree-sitter.vim | 3 +++ 2 files changed, 6 insertions(+) diff --git a/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim index 0014975..9cabd91 100644 --- a/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim +++ b/home/vim/after/plugin/mappings/tree-sitter-textobjects.vim @@ -4,10 +4,12 @@ local wk = require("which-key") local motions = { ["]m"] = "Next method start", ["]M"] = "Next method end", + ["]S"] = "Next statement start", ["]]"] = "Next class start", ["]["] = "Next class end", ["[m"] = "Previous method start", ["[M"] = "Previous method end", + ["[S"] = "Previous statement start", ["[["] = "Previous class start", ["[]"] = "Previous class end", } @@ -22,6 +24,7 @@ local objects = { ["af"] = "a function", ["if"] = "inner function", ["ak"] = "a comment", + ["aS"] = "a statement", } wk.register(motions, { mode = "n" }) diff --git a/home/vim/plugin/settings/tree-sitter.vim b/home/vim/plugin/settings/tree-sitter.vim index 059fac7..ab38090 100644 --- a/home/vim/plugin/settings/tree-sitter.vim +++ b/home/vim/plugin/settings/tree-sitter.vim @@ -24,6 +24,7 @@ ts_config.setup({ ["af"] = "@function.outer", ["if"] = "@function.inner", ["ak"] = "@comment.outer", + ["aS"] = "@statement.outer", }, }, move = { @@ -32,6 +33,7 @@ ts_config.setup({ set_jumps = true, goto_next_start = { ["]m"] = "@function.outer", + ["]S"] = "@statement.outer", ["]]"] = "@class.outer", }, goto_next_end = { @@ -40,6 +42,7 @@ ts_config.setup({ }, goto_previous_start = { ["[m"] = "@function.outer", + ["[S"] = "@statement.outer", ["[["] = "@class.outer", }, goto_previous_end = { From f854c49c29eddbb1082f6ad2f729a366acaa4d3d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 28 Feb 2022 11:31:26 +0100 Subject: [PATCH 513/654] home: vim: add 'ambroisie.utils' lua module --- home/vim/default.nix | 1 + home/vim/lua/ambroisie/utils.lua | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 home/vim/lua/ambroisie/utils.lua diff --git a/home/vim/default.nix b/home/vim/default.nix index bb7bdec..ea964cc 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -13,6 +13,7 @@ let "after" "autoload" "ftdetect" + "lua" "plugin" ]; in diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua new file mode 100644 index 0000000..8a6cb0f --- /dev/null +++ b/home/vim/lua/ambroisie/utils.lua @@ -0,0 +1,17 @@ +local M = {} + +--- checks if a given command is executable +---@param cmd string? command to check +---@return boolean executable +M.is_executable = function(cmd) + return cmd and vim.fn.executable(cmd) == 1 +end + +--- return a function that checks if a given command is executable +---@param cmd string? command to check +---@return fun(cmd: string): boolean executable +M.is_executable_condition = function(cmd) + return function() return M.is_executable(cmd) end +end + +return M From f551c4fc302abf9416b629c8f6f0ad7598367908 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 28 Feb 2022 11:31:26 +0100 Subject: [PATCH 514/654] home: vim: only use 'null-ls' sources if available This avoids the big red warning on each file that tries to use those sources... --- home/vim/after/ftplugin/bash.vim | 6 ++++++ home/vim/after/ftplugin/haskell.vim | 7 ++++++- home/vim/after/ftplugin/nix.vim | 7 ++++++- home/vim/after/ftplugin/python.vim | 24 ++++++++++++++++++++---- home/vim/after/ftplugin/sh.vim | 6 ++++++ home/vim/after/ftplugin/zsh.vim | 6 ++++++ 6 files changed, 50 insertions(+), 6 deletions(-) diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim index cb85c8f..f9ca5eb 100644 --- a/home/vim/after/ftplugin/bash.vim +++ b/home/vim/after/ftplugin/bash.vim @@ -4,17 +4,23 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use bash dialect extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, + -- Only used if available + condition = utils.is_executable_condition("shfmt"), }), }) EOF diff --git a/home/vim/after/ftplugin/haskell.vim b/home/vim/after/ftplugin/haskell.vim index 776adbe..89c82d2 100644 --- a/home/vim/after/ftplugin/haskell.vim +++ b/home/vim/after/ftplugin/haskell.vim @@ -4,8 +4,13 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ - null_ls.builtins.formatting.brittany, + null_ls.builtins.formatting.brittany.with({ + -- Only used if available + condition = utils.is_executable_condition("brittany"), + }), }) EOF diff --git a/home/vim/after/ftplugin/nix.vim b/home/vim/after/ftplugin/nix.vim index a5056c8..a7421df 100644 --- a/home/vim/after/ftplugin/nix.vim +++ b/home/vim/after/ftplugin/nix.vim @@ -4,7 +4,12 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ - null_ls.builtins.formatting.nixpkgs_fmt, + null_ls.builtins.formatting.nixpkgs_fmt.with({ + -- Only used if available + condition = utils.is_executable_condition("nixpkgs-fmt"), + }), }) EOF diff --git a/home/vim/after/ftplugin/python.vim b/home/vim/after/ftplugin/python.vim index ffc0327..42ea653 100644 --- a/home/vim/after/ftplugin/python.vim +++ b/home/vim/after/ftplugin/python.vim @@ -4,14 +4,30 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ - null_ls.builtins.diagnostics.flake8, - null_ls.builtins.diagnostics.mypy, - null_ls.builtins.diagnostics.pylint, + null_ls.builtins.diagnostics.flake8.with({ + -- Only used if available + condition = utils.is_executable_condition("flake8"), + }), + null_ls.builtins.diagnostics.mypy.with({ + -- Only used if available + condition = utils.is_executable_condition("mypy"), + }), + null_ls.builtins.diagnostics.pylint.with({ + -- Only used if available + condition = utils.is_executable_condition("pylint"), + }) null_ls.builtins.formatting.black.with({ extra_args = { "--fast" }, + -- Only used if available + condition = utils.is_executable_condition("black"), + }), + null_ls.builtins.formatting.isort.with({ + -- Only used if available + condition = utils.is_executable_condition("isort"), }), - null_ls.builtins.formatting.isort, }) EOF diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim index 442ebcb..0e7582f 100644 --- a/home/vim/after/ftplugin/sh.vim +++ b/home/vim/after/ftplugin/sh.vim @@ -4,17 +4,23 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test extra_args = { "-o", "avoid-nullary-conditions" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use POSIX extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" }, + -- Only used if available + condition = utils.is_executable_condition("shfmt"), }), }) EOF diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim index cb85c8f..f9ca5eb 100644 --- a/home/vim/after/ftplugin/zsh.vim +++ b/home/vim/after/ftplugin/zsh.vim @@ -4,17 +4,23 @@ call ftplugined#check_undo_ft() " Set-up LSP, linters, formatters lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.register({ null_ls.builtins.diagnostics.shellcheck.with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use bash dialect extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, + -- Only used if available + condition = utils.is_executable_condition("shfmt"), }), }) EOF From 56156e1fe4c0b0b5c4254dfa71a6d0d0eb66beea Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 11:20:50 +0100 Subject: [PATCH 515/654] home: vim: do not use 'ftplugin' for 'null-ls' Unfortunately, this registers the sources many times... I fear that I will have to settle for a centralised configuration for LSP-related options. --- home/vim/after/ftplugin/bash.vim | 26 -------- home/vim/after/ftplugin/c.vim | 10 --- home/vim/after/ftplugin/cpp.vim | 10 --- home/vim/after/ftplugin/haskell.vim | 13 ---- home/vim/after/ftplugin/nix.vim | 15 ----- home/vim/after/ftplugin/python.vim | 36 ----------- home/vim/after/ftplugin/sh.vim | 26 -------- home/vim/after/ftplugin/zsh.vim | 26 -------- home/vim/plugin/settings/null-ls.vim | 96 ++++++++++++++++++++++++++++ 9 files changed, 96 insertions(+), 162 deletions(-) delete mode 100644 home/vim/after/ftplugin/bash.vim delete mode 100644 home/vim/after/ftplugin/c.vim delete mode 100644 home/vim/after/ftplugin/cpp.vim delete mode 100644 home/vim/after/ftplugin/nix.vim delete mode 100644 home/vim/after/ftplugin/python.vim delete mode 100644 home/vim/after/ftplugin/sh.vim delete mode 100644 home/vim/after/ftplugin/zsh.vim diff --git a/home/vim/after/ftplugin/bash.vim b/home/vim/after/ftplugin/bash.vim deleted file mode 100644 index f9ca5eb..0000000 --- a/home/vim/after/ftplugin/bash.vim +++ /dev/null @@ -1,26 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.diagnostics.shellcheck.with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test, use bash dialect - extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, - -- add space after redirection, use bash dialect - extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, - -- Only used if available - condition = utils.is_executable_condition("shfmt"), - }), -}) -EOF diff --git a/home/vim/after/ftplugin/c.vim b/home/vim/after/ftplugin/c.vim deleted file mode 100644 index 7e5a367..0000000 --- a/home/vim/after/ftplugin/c.vim +++ /dev/null @@ -1,10 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -null_ls.register({ - null_ls.builtins.formatting.clang_format, -}) -EOF diff --git a/home/vim/after/ftplugin/cpp.vim b/home/vim/after/ftplugin/cpp.vim deleted file mode 100644 index 7e5a367..0000000 --- a/home/vim/after/ftplugin/cpp.vim +++ /dev/null @@ -1,10 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -null_ls.register({ - null_ls.builtins.formatting.clang_format, -}) -EOF diff --git a/home/vim/after/ftplugin/haskell.vim b/home/vim/after/ftplugin/haskell.vim index 89c82d2..978f346 100644 --- a/home/vim/after/ftplugin/haskell.vim +++ b/home/vim/after/ftplugin/haskell.vim @@ -1,19 +1,6 @@ " Create the `b:undo_ftplugin` variable if it doesn't exist call ftplugined#check_undo_ft() -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.formatting.brittany.with({ - -- Only used if available - condition = utils.is_executable_condition("brittany"), - }), -}) -EOF - " Use a small indentation value on Haskell files setlocal shiftwidth=2 let b:undo_ftplugin.='|setlocal shiftwidth<' diff --git a/home/vim/after/ftplugin/nix.vim b/home/vim/after/ftplugin/nix.vim deleted file mode 100644 index a7421df..0000000 --- a/home/vim/after/ftplugin/nix.vim +++ /dev/null @@ -1,15 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.formatting.nixpkgs_fmt.with({ - -- Only used if available - condition = utils.is_executable_condition("nixpkgs-fmt"), - }), -}) -EOF diff --git a/home/vim/after/ftplugin/python.vim b/home/vim/after/ftplugin/python.vim deleted file mode 100644 index 42ea653..0000000 --- a/home/vim/after/ftplugin/python.vim +++ /dev/null @@ -1,36 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.diagnostics.flake8.with({ - -- Only used if available - condition = utils.is_executable_condition("flake8"), - }), - null_ls.builtins.diagnostics.mypy.with({ - -- Only used if available - condition = utils.is_executable_condition("mypy"), - }), - null_ls.builtins.diagnostics.pylint.with({ - -- Only used if available - condition = utils.is_executable_condition("pylint"), - }) - null_ls.builtins.formatting.black.with({ - extra_args = { "--fast" }, - -- Only used if available - condition = utils.is_executable_condition("black"), - }), - null_ls.builtins.formatting.isort.with({ - -- Only used if available - condition = utils.is_executable_condition("isort"), - }), -}) -EOF - -" Change max length of a line to 88 for this buffer to match black's settings -setlocal colorcolumn=88 -let b:undo_ftplugin.='|setlocal colorcolumn<' diff --git a/home/vim/after/ftplugin/sh.vim b/home/vim/after/ftplugin/sh.vim deleted file mode 100644 index 0e7582f..0000000 --- a/home/vim/after/ftplugin/sh.vim +++ /dev/null @@ -1,26 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.diagnostics.shellcheck.with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test - extra_args = { "-o", "avoid-nullary-conditions" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, - -- add space after redirection, use POSIX - extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" }, - -- Only used if available - condition = utils.is_executable_condition("shfmt"), - }), -}) -EOF diff --git a/home/vim/after/ftplugin/zsh.vim b/home/vim/after/ftplugin/zsh.vim deleted file mode 100644 index f9ca5eb..0000000 --- a/home/vim/after/ftplugin/zsh.vim +++ /dev/null @@ -1,26 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Set-up LSP, linters, formatters -lua << EOF -local null_ls = require("null-ls") -local utils = require("ambroisie.utils") - -null_ls.register({ - null_ls.builtins.diagnostics.shellcheck.with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test, use bash dialect - extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - null_ls.builtins.formatting.shfmt.with({ - -- Indent with 4 spaces, simplify the code, indent switch cases, - -- add space after redirection, use bash dialect - extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, - -- Only used if available - condition = utils.is_executable_condition("shfmt"), - }), -}) -EOF diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index 5dbbd73..a3972a2 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -1,5 +1,7 @@ lua << EOF local null_ls = require("null-ls") +local utils = require("ambroisie.utils") + null_ls.setup({ on_attach = function(client) -- Format on save @@ -13,4 +15,98 @@ null_ls.setup({ end end, }) + +-- C, C++ +null_ls.register({ + null_ls.builtins.formatting.clang_format.with({ + -- Only used if available + condition = utils.is_executable_condition("clang-format"), + }), +}) + +-- Haskell +null_ls.register({ + null_ls.builtins.formatting.brittany.with({ + -- Only used if available + condition = utils.is_executable_condition("brittany"), + }), +}) + +-- Nix +null_ls.register({ + null_ls.builtins.formatting.nixpkgs_fmt.with({ + -- Only used if available + condition = utils.is_executable_condition("nixpkgs-fmt"), + }), +}) + +-- Python +null_ls.register({ + null_ls.builtins.diagnostics.flake8.with({ + -- Only used if available + condition = utils.is_executable_condition("flake8"), + }), + null_ls.builtins.diagnostics.mypy.with({ + -- Only used if available + condition = utils.is_executable_condition("mypy"), + }), + null_ls.builtins.diagnostics.pylint.with({ + -- Only used if available + condition = utils.is_executable_condition("pylint"), + }), + null_ls.builtins.formatting.black.with({ + extra_args = { "--fast" }, + -- Only used if available + condition = utils.is_executable_condition("black"), + }), + null_ls.builtins.formatting.isort.with({ + -- Only used if available + condition = utils.is_executable_condition("isort"), + }), +}) + + +-- Shell (non-POSIX) +null_ls.register({ + null_ls.builtins.diagnostics.shellcheck.with({ + -- Show error code in message + diagnostics_format = "[#{c}] #{m}", + -- Require explicit empty string test, use bash dialect + extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, + -- Restrict to bash and zsh + filetypes = { "bash", "zsh" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), + }), + null_ls.builtins.formatting.shfmt.with({ + -- Indent with 4 spaces, simplify the code, indent switch cases, + -- add space after redirection, use bash dialect + extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" }, + -- Restrict to bash and zsh + filetypes = { "bash", "zsh" }, + -- Only used if available + condition = utils.is_executable_condition("shfmt"), + }), +}) + +-- Shell (POSIX) +null_ls.register({ + null_ls.builtins.diagnostics.shellcheck.with({ + -- Show error code in message + diagnostics_format = "[#{c}] #{m}", + -- Require explicit empty string test + extra_args = { "-o", "avoid-nullary-conditions" }, + -- Restrict to POSIX sh + filetypes = { "sh" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), + }), + null_ls.builtins.formatting.shfmt.with({ + -- Indent with 4 spaces, simplify the code, indent switch cases, + -- add space after redirection, use POSIX + extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" }, + -- Only used if available + condition = utils.is_executable_condition("shfmt"), + }), +}) EOF From b79cee6eee46ed32be17902414892ce668324a46 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:08:30 +0100 Subject: [PATCH 516/654] home: vim: add diagnostic navigation mappings --- home/vim/after/plugin/mappings/unimpaired.vim | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/vim/after/plugin/mappings/unimpaired.vim b/home/vim/after/plugin/mappings/unimpaired.vim index cdebacd..884e56c 100644 --- a/home/vim/after/plugin/mappings/unimpaired.vim +++ b/home/vim/after/plugin/mappings/unimpaired.vim @@ -30,6 +30,8 @@ local keys = { u = "URL encode", x = "XML encode", y = "C string encode", + -- Custom + d = { vim.diagnostic.goto_prev, "Previous diagnostic" } }, ["]"] = { name = "Next", @@ -58,6 +60,8 @@ local keys = { u = "URL decode", x = "XML decode", y = "C string decode", + -- Custom + d = { vim.diagnostic.goto_next, "Next diagnostic" } }, -- Option mappings From 44dae3a940e0de7e8d7a5f610e7e6c6fc8d86042 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:09:24 +0100 Subject: [PATCH 517/654] home: vim: move LSP-related 'on_attach' to 'utils' As it will be shared between `null-ls` and `lspconfig`, it makes sense to put it there. --- home/vim/lua/ambroisie/utils.lua | 15 +++++++++++++++ home/vim/plugin/settings/null-ls.vim | 12 +----------- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index 8a6cb0f..2b502a4 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -14,4 +14,19 @@ M.is_executable_condition = function(cmd) return function() return M.is_executable(cmd) end end +-- shared LSP configuration callback +-- @param client native client configuration +-- @param bufnr int? buffer number of the attched client +M.on_attach = function(client, bufnr) + -- Format on save + if client.resolved_capabilities.document_formatting then + vim.cmd([[ + augroup LspFormatting + autocmd! * + autocmd BufWritePre lua vim.lsp.buf.formatting_sync() + augroup END + ]]) + end +end + return M diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index a3972a2..c241935 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -3,17 +3,7 @@ local null_ls = require("null-ls") local utils = require("ambroisie.utils") null_ls.setup({ - on_attach = function(client) - -- Format on save - if client.resolved_capabilities.document_formatting then - vim.cmd([[ - augroup LspFormatting - autocmd! * - autocmd BufWritePre lua vim.lsp.buf.formatting_sync() - augroup END - ]]) - end - end, + on_attach = utils.on_attach, }) -- C, C++ From e8ffddedef91b5a68b65cddcdf56ddb7f5a15dd8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:22:59 +0100 Subject: [PATCH 518/654] home: vim: add basic LSP configuration Trying it out with `pyright` for now. --- home/vim/plugin/settings/lspconfig.vim | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 home/vim/plugin/settings/lspconfig.vim diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim new file mode 100644 index 0000000..46c82a6 --- /dev/null +++ b/home/vim/plugin/settings/lspconfig.vim @@ -0,0 +1,11 @@ +lua << EOF +local lsp = require("lspconfig") +local utils = require("ambroisie.utils") + +-- Python +if utils.is_executable("pyright") then + lsp.pyright.setup({ + on_attach = utils.on_attach, + }) +end +EOF From 7a9760b0cd8d9e79de9778ba0639920ce28e17df Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:23:20 +0100 Subject: [PATCH 519/654] home: vim: add 'rust-analyzer' LSP configuration --- home/vim/plugin/settings/lspconfig.vim | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index 46c82a6..f8e824e 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -8,4 +8,11 @@ if utils.is_executable("pyright") then on_attach = utils.on_attach, }) end + +-- Rust +if utils.is_executable("rust-analyzer") then + lsp.rust_analyzer.setup({ + on_attach = utils.on_attach, + }) +end EOF From af56bc76cf7dc9b5641f5bcc8e2227b67654cd75 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:23:42 +0100 Subject: [PATCH 520/654] home: vim: add 'clangd' LSP configuration --- home/vim/plugin/settings/lspconfig.vim | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index f8e824e..a51e284 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -2,6 +2,13 @@ lua << EOF local lsp = require("lspconfig") local utils = require("ambroisie.utils") +-- C/C++ +if utils.is_executable("clangd") then + lsp.clangd.setup({ + on_attach = utils.on_attach, + }) +end + -- Python if utils.is_executable("pyright") then lsp.pyright.setup({ From e3b0f9d38f01b5108d410e231c0b4ea2cf265412 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 15:32:03 +0100 Subject: [PATCH 521/654] home: vim: move diagnostics config to 'on_attach' --- home/vim/lua/ambroisie/utils.lua | 22 ++++++++++++++++++++++ home/vim/plugin/settings/diagnostics.vim | 20 -------------------- 2 files changed, 22 insertions(+), 20 deletions(-) delete mode 100644 home/vim/plugin/settings/diagnostics.vim diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index 2b502a4..7b1322b 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -18,6 +18,28 @@ end -- @param client native client configuration -- @param bufnr int? buffer number of the attched client M.on_attach = function(client, bufnr) + -- Diagnostics + vim.diagnostic.config({ + -- Disable virtual test next to affected regions + virtual_text = false, + -- Show diagnostics signs + signs = true, + -- Underline offending regions + underline = true, + -- Do not bother me in the middle of insertion + update_in_insert = false, + -- Show highest severity first + severity_sort = true, + }) + + vim.cmd([[ + augroup DiagnosticsHover + autocmd! * + " Show diagnostics on "hover" + autocmd CursorHold,CursorHoldI lua vim.diagnostic.open_float(nil, {focus=false, scope="cursor"}) + augroup END + ]]) + -- Format on save if client.resolved_capabilities.document_formatting then vim.cmd([[ diff --git a/home/vim/plugin/settings/diagnostics.vim b/home/vim/plugin/settings/diagnostics.vim deleted file mode 100644 index 6b5e0ba..0000000 --- a/home/vim/plugin/settings/diagnostics.vim +++ /dev/null @@ -1,20 +0,0 @@ -lua << EOF -vim.diagnostic.config({ - -- Disable virtual test next to affected regions - virtual_text = false, - -- Show diagnostics signs - signs = true, - -- Underline offending regions - underline = true, - -- Do not bother me in the middle of insertion - update_in_insert = false, - -- Show highest severity first - severity_sort = true, -}) -EOF - -augroup DiagnosticsHover - autocmd! - " Show diagnostics on "hover" - autocmd! CursorHold,CursorHoldI * lua vim.diagnostic.open_float(nil, {focus=false, scope="cursor"}) -augroup END From c5fff38942ccbaa9a2cb95f3dd030fc3e88dc1ae Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 1 Mar 2022 16:58:46 +0100 Subject: [PATCH 522/654] home: vim: remove unused 'gruvbox' configuration --- home/vim/plugin/settings/gruvbox.vim | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 home/vim/plugin/settings/gruvbox.vim diff --git a/home/vim/plugin/settings/gruvbox.vim b/home/vim/plugin/settings/gruvbox.vim deleted file mode 100644 index 4b14437..0000000 --- a/home/vim/plugin/settings/gruvbox.vim +++ /dev/null @@ -1,5 +0,0 @@ -" Use the high-contrast theme -let g:gruvbox_contrast_dark='hard' - -" Enable italics because urxvt supports them -let g:gruvbox_italic=1 From 213d698d565c22e83e932dd20153acbe28e9f9c1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 13:50:32 +0100 Subject: [PATCH 523/654] home: vim: add function to list LSP client names --- home/vim/lua/ambroisie/utils.lua | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index 7b1322b..e3833cc 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -14,6 +14,20 @@ M.is_executable_condition = function(cmd) return function() return M.is_executable(cmd) end end +-- list all active LSP clients for current buffer +-- @param bufnr int? buffer number +-- @return table all active LSP client names +M.list_lsp_clients = function(bufnr) + local clients = vim.lsp.buf_get_clients(bufnr) + local names = {} + + for _, client in ipairs(clients) do + table.insert(names, client.name) + end + + return names +end + -- shared LSP configuration callback -- @param client native client configuration -- @param bufnr int? buffer number of the attched client From 605da54f245abc2004b70f719fa1ebae382bd79f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 13:54:52 +0100 Subject: [PATCH 524/654] home: vim: switch to 'lualine' --- home/vim/default.nix | 3 +- home/vim/plugin/settings/lightline.vim | 85 -------------------------- home/vim/plugin/settings/lualine.vim | 63 +++++++++++++++++++ 3 files changed, 64 insertions(+), 87 deletions(-) delete mode 100644 home/vim/plugin/settings/lightline.vim create mode 100644 home/vim/plugin/settings/lualine.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index ea964cc..76d3425 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -31,8 +31,8 @@ in plugins = with pkgs.vimPlugins; [ # Theming - lightline-vim # Fancy status bar vim-gruvbox8 # Nice dark theme + lualine-nvim # A lua-based status line # tpope essentials vim-commentary # Easy comments @@ -64,7 +64,6 @@ in git-messenger-vim # A simple blame window # LSP and linting - lightline-lsp lsp_lines-nvim # Show diagnostics *over* regions null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting diff --git a/home/vim/plugin/settings/lightline.vim b/home/vim/plugin/settings/lightline.vim deleted file mode 100644 index 14079f6..0000000 --- a/home/vim/plugin/settings/lightline.vim +++ /dev/null @@ -1,85 +0,0 @@ -" Initialise light-line setting structure -let g:lightline={} - -" Use the wombat colorscheme -let g:lightline.colorscheme='wombat' - -" Status-line for active buffer -let g:lightline.active={ - \ 'left': [ - \ [ 'mode', 'paste' ], - \ [ 'gitbranch', 'readonly', 'filename', 'modified' ], - \ [ 'spell' ], - \ ], - \ 'right': [ - \ [ 'lineinfo' ], - \ [ 'percent' ], - \ [ 'fileformat', 'fileencoding', 'filetype' ], - \ [ 'linter_errors', 'linter_warnings', 'linter_infos', 'linter_hints', 'linter_ok' ], - \ [ 'ctags_status' ], - \ ] - \ } - -" Status-line for inactive buffer -let g:lightline.inactive={ - \ 'left': [ - \ [ 'filename' ], - \ ], - \ 'right': [ - \ [ 'lineinfo' ], - \ [ 'percent' ], - \ ], - \ } - -" Which component should be written using which function -let g:lightline.component_function={ - \ 'readonly': 'LightlineReadonly', - \ 'modified': 'LightlineModified', - \ 'gitbranch': 'LightlineFugitive', - \ } - -" Which component can be expanded by using which function -let g:lightline.component_expand={ - \ 'linter_hints': 'lightline#lsp#hints', - \ 'linter_infos': 'lightline#lsp#infos', - \ 'linter_warnings': 'lightline#lsp#warnings', - \ 'linter_errors': 'lightline#lsp#errors', - \ 'linter_ok': 'lightline#lsp#ok', - \ } - -" How to color custom components -let g:lightline.component_type={ - \ 'readonly': 'error', - \ 'linter_hints': 'right', - \ 'linter_infos': 'right', - \ 'linter_warnings': 'warning', - \ 'linter_errors': 'error', - \ 'linter_ok': 'right', - \ } - -" Show pretty icons instead of text for linting status -let g:lightline#lsp#indicator_hints='🔍' -let g:lightline#lsp#indicator_infos='ℹ' -let g:lightline#lsp#indicator_warnings='◆' -let g:lightline#lsp#indicator_errors='✗' -let g:lightline#lsp#indicator_ok='✓' - - -" Show a lock icon when editing a read-only file when it makes sense -function! LightlineReadonly() - return &ft!~?'help\|vimfiler\|netrw' && &readonly ? '🔒' : '' -endfunction - -" Show a '+' when the buffer is modified, '-' if not, when it makes sense -function! LightlineModified() - return &ft=~'help\|vimfiler\|netrw' ? '' : &modified ? '+' : &modifiable ? '' : '-' -endfunction - -" Show branch name with nice icon in status line, when it makes sense -function! LightlineFugitive() - if &ft!~?'help\|vimfiler\|netrw' && exists('*fugitive#head') - let branch=fugitive#head() - return branch!=#'' ? ' '.branch : '' - endif - return '' -endfunction diff --git a/home/vim/plugin/settings/lualine.vim b/home/vim/plugin/settings/lualine.vim new file mode 100644 index 0000000..15e3a80 --- /dev/null +++ b/home/vim/plugin/settings/lualine.vim @@ -0,0 +1,63 @@ +lua << EOF +local lualine = require("lualine") +local utils = require("ambroisie.utils") + +local function list_spell_languages() + if not vim.opt.spell:get() then + return "" + end + + return table.concat(vim.opt.spelllang:get(), ", ") +end + +local function list_lsp_clients() + local client_names = utils.list_lsp_clients() + + if #client_names == 0 then + return "" + end + + return "[ " .. table.concat(client_names, " ") .. " ]" +end + +lualine.setup({ + options = { + icons_enabled = false, + section_separators = "", + component_separators = "|", + }, + sections = { + lualine_a = { + { "mode" }, + }, + lualine_b = { + { "branch" }, + { "filename", symbols = { readonly = "🔒" } }, + }, + lualine_c = { + { list_spell_languages }, + }, + lualine_x = { + { list_lsp_clients }, + { + "diagnostics", + -- Only use the diagnostics API + sources = { "nvim_diagnostic" }, + }, + }, + lualine_y = { + { "fileformat" }, + { "encoding" }, + { "filetype" }, + }, + lualine_z = { + "location", + }, + }, + extensions = { + "fugitive", + "fzf", + "quickfix", + }, +}) +EOF From 508b30eaddcdb40e0a32225958fdd3b1d6818536 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 13:55:22 +0100 Subject: [PATCH 525/654] home: vim: show LSP progress in status line --- home/vim/default.nix | 1 + home/vim/plugin/settings/lualine.vim | 1 + 2 files changed, 2 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 76d3425..165cb4f 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -33,6 +33,7 @@ in # Theming vim-gruvbox8 # Nice dark theme lualine-nvim # A lua-based status line + lualine-lsp-progress # Show progress for LSP servers # tpope essentials vim-commentary # Easy comments diff --git a/home/vim/plugin/settings/lualine.vim b/home/vim/plugin/settings/lualine.vim index 15e3a80..2d281cd 100644 --- a/home/vim/plugin/settings/lualine.vim +++ b/home/vim/plugin/settings/lualine.vim @@ -36,6 +36,7 @@ lualine.setup({ }, lualine_c = { { list_spell_languages }, + { "lsp_progress" }, }, lualine_x = { { list_lsp_clients }, From c259fe87a034d915f42212c575b71d003a9068d0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 16:49:32 +0100 Subject: [PATCH 526/654] home: zsh: use packaged 'fast-syntax-highlighting' --- home/zsh/default.nix | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 5dc9a63..0cd56d5 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -25,12 +25,8 @@ in plugins = with pkgs; [ { name = "fast-syntax-highlighting"; - src = fetchFromGitHub { - owner = "zdharma"; - repo = "fast-syntax-highlighting"; - rev = "v1.55"; - sha256 = "sha256-DWVFBoICroKaKgByLmDEo4O+xo6eA8YO792g8t8R7kA="; - }; + file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; + src = pkgs.zsh-fast-syntax-highlighting; } { name = "agkozak-zsh-prompt"; From bc56292544c957bf9c2b5d2da4e75e6d9887ea3f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 16:59:26 +0100 Subject: [PATCH 527/654] home: zsh: refactor 'mkIf' block --- home/zsh/default.nix | 156 ++++++++++++++++++++++--------------------- 1 file changed, 79 insertions(+), 77 deletions(-) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 0cd56d5..266f5be 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -7,87 +7,89 @@ in enable = mkDisableOption "zsh configuration"; }; - config.programs.zsh = lib.mkIf cfg.enable { - enable = true; - dotDir = ".config/zsh"; # Don't clutter $HOME - enableCompletion = true; + config = lib.mkIf cfg.enable { + programs.zsh = { + enable = true; + dotDir = ".config/zsh"; # Don't clutter $HOME + enableCompletion = true; - history = { - size = 500000; - save = 500000; - extended = false; - ignoreSpace = true; - ignoreDups = true; - share = false; - path = "${config.xdg.dataHome}/zsh/zsh_history"; - }; + history = { + size = 500000; + save = 500000; + extended = false; + ignoreSpace = true; + ignoreDups = true; + share = false; + path = "${config.xdg.dataHome}/zsh/zsh_history"; + }; - plugins = with pkgs; [ - { - name = "fast-syntax-highlighting"; - file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; - src = pkgs.zsh-fast-syntax-highlighting; - } - { - name = "agkozak-zsh-prompt"; - src = fetchFromGitHub { - owner = "agkozak"; - repo = "agkozak-zsh-prompt"; - rev = "v3.9.0"; - sha256 = "sha256-VTRL+8ph2eI7iPht15epkLggAgtLGxB3DORFTW5GrhE="; - }; - } - ]; - - # Modal editing is life, but CLI benefits from emacs gymnastics - defaultKeymap = "emacs"; - - # Make those happen early to avoid doing double the work - initExtraFirst = - lib.optionalString config.my.home.tmux.enable '' - # Launch tmux unless already inside one - if [ -z "$TMUX" ]; then - exec tmux new-session - fi - '' - ; - - initExtra = lib.concatMapStrings builtins.readFile [ - ./completion-styles.zsh - ./extra-mappings.zsh - ./options.zsh - ]; - - localVariables = { - # I like having the full path - AGKOZAK_PROMPT_DIRTRIM = 0; - # Because I *am* from EPITA - AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ]; - # Easy on the eyes - AGKOZAK_COLORS_BRANCH_STATUS = "magenta"; - # I don't like moving my eyes - AGKOZAK_LEFT_PROMPT_ONLY = 1; - }; - - shellAliases = { - # Sometime `gpg-agent` errors out... - reset-agent = "gpg-connect-agent updatestartuptty /bye"; - }; - - # Enable VTE integration when using one of the affected shells - enableVteIntegration = - builtins.any (name: config.my.home.terminal.program == name) [ - "termite" + plugins = with pkgs; [ + { + name = "fast-syntax-highlighting"; + file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh"; + src = pkgs.zsh-fast-syntax-highlighting; + } + { + name = "agkozak-zsh-prompt"; + src = fetchFromGitHub { + owner = "agkozak"; + repo = "agkozak-zsh-prompt"; + rev = "v3.9.0"; + sha256 = "sha256-VTRL+8ph2eI7iPht15epkLggAgtLGxB3DORFTW5GrhE="; + }; + } ]; - }; - # Fuzzy-wuzzy - config.programs.fzf = lib.mkIf cfg.enable { - enable = true; - enableZshIntegration = true; - }; + # Modal editing is life, but CLI benefits from emacs gymnastics + defaultKeymap = "emacs"; - config.programs.dircolors = lib.mkIf cfg.enable { - enable = true; + # Make those happen early to avoid doing double the work + initExtraFirst = + lib.optionalString config.my.home.tmux.enable '' + # Launch tmux unless already inside one + if [ -z "$TMUX" ]; then + exec tmux new-session + fi + '' + ; + + initExtra = lib.concatMapStrings builtins.readFile [ + ./completion-styles.zsh + ./extra-mappings.zsh + ./options.zsh + ]; + + localVariables = { + # I like having the full path + AGKOZAK_PROMPT_DIRTRIM = 0; + # Because I *am* from EPITA + AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ]; + # Easy on the eyes + AGKOZAK_COLORS_BRANCH_STATUS = "magenta"; + # I don't like moving my eyes + AGKOZAK_LEFT_PROMPT_ONLY = 1; + }; + + shellAliases = { + # Sometime `gpg-agent` errors out... + reset-agent = "gpg-connect-agent updatestartuptty /bye"; + }; + + # Enable VTE integration when using one of the affected shells + enableVteIntegration = + builtins.any (name: config.my.home.terminal.program == name) [ + "termite" + ]; + }; + + # Fuzzy-wuzzy + programs.fzf = { + enable = true; + enableZshIntegration = true; + }; + + programs.dircolors = { + enable = true; + }; }; } From 4cecb8b9878c15a0df8fa231c7625a43d68c04c5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 17:01:11 +0100 Subject: [PATCH 528/654] home: zsh: add 'zsh-completions' when enabled Notably useful for `git-revise`. --- home/zsh/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 266f5be..27ea8bc 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -8,6 +8,10 @@ in }; config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + zsh-completions + ]; + programs.zsh = { enable = true; dotDir = ".config/zsh"; # Don't clutter $HOME From 842489a986be9c6ae257454dae33fb32eb0236bd Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 20:24:16 +0100 Subject: [PATCH 529/654] home: vim: use 'unimpaired' mappings for quickfix --- home/vim/after/plugin/mappings/qf.vim | 13 ------------- home/vim/after/plugin/mappings/unimpaired.vim | 6 ++++++ 2 files changed, 6 insertions(+), 13 deletions(-) delete mode 100644 home/vim/after/plugin/mappings/qf.vim diff --git a/home/vim/after/plugin/mappings/qf.vim b/home/vim/after/plugin/mappings/qf.vim deleted file mode 100644 index e2eb8a7..0000000 --- a/home/vim/after/plugin/mappings/qf.vim +++ /dev/null @@ -1,13 +0,0 @@ -lua << EOF -local wk = require("which-key") - -local keys = { - ["t"] = { - name = "Toggle", - f = { "(qf_qf_toggle)", "Toggle quickfix list" }, - l = { "(qf_loc_toggle)", "Toggle location list" }, - }, -} - -wk.register(keys, { prefix = "" }) -EOF diff --git a/home/vim/after/plugin/mappings/unimpaired.vim b/home/vim/after/plugin/mappings/unimpaired.vim index 884e56c..c4bb35b 100644 --- a/home/vim/after/plugin/mappings/unimpaired.vim +++ b/home/vim/after/plugin/mappings/unimpaired.vim @@ -70,6 +70,8 @@ local keys = { b = "Light background", c = "Cursor line", d = "Diff", + e = { "lwindow", "Location list" }, + f = { "cwindow", "Quickfix list" }, h = "Search high-lighting", i = "Case insensitive search", l = "List mode", @@ -86,6 +88,8 @@ local keys = { b = "Light background", c = "Cursor line", d = "Diff", + e = { "lclose", "Location list" }, + f = { "cclose", "Quickfix list" }, h = "Search high-lighting", i = "Case insensitive search", l = "List mode", @@ -102,6 +106,8 @@ local keys = { b = "Light background", c = "Cursor line", d = "Diff", + e = { "(qf_loc_toggle)", "Location list" }, + f = { "(qf_qf_toggle)", "Quickfix list" }, h = "Search high-lighting", i = "Case insensitive search", l = "List mode", From f2f2b2a98a7aeaadfc4103d5fe725d149e27a43b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 2 Mar 2022 20:25:42 +0100 Subject: [PATCH 530/654] home: vim: prefer 'clangd' to 'clang-format' Only use `clang-format` if `clangd` is not available, as its formatting is otherwise built into the LSP server. --- home/vim/plugin/settings/null-ls.vim | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index c241935..e00fa62 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -9,8 +9,10 @@ null_ls.setup({ -- C, C++ null_ls.register({ null_ls.builtins.formatting.clang_format.with({ - -- Only used if available - condition = utils.is_executable_condition("clang-format"), + -- Only used if available, but prefer clangd formatting if available + condition = function() + return utils.is_executable("clang-format") and not utils.is_executable("clangd") + end, }), }) From 3e86aa5ef4cfb5f76bea80eb341422986d01019b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Mar 2022 18:39:45 +0100 Subject: [PATCH 531/654] home: bat: use 'gruvbox-dark' theme To match my `vim` configuration. --- home/bat/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/bat/default.nix b/home/bat/default.nix index 8485dd3..ac58c06 100644 --- a/home/bat/default.nix +++ b/home/bat/default.nix @@ -10,6 +10,8 @@ in config.programs.bat = lib.mkIf cfg.enable { enable = true; config = { + theme = "gruvbox-dark"; + pager = with config.home.sessionVariables; "${PAGER} ${LESS}"; }; }; From 95df8729161cda33b2c3f4c6743998b4a924aef5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Mar 2022 22:14:19 +0100 Subject: [PATCH 532/654] home: vim: add 'gitsigns-nvim' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 165cb4f..4b8090c 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -72,6 +72,7 @@ in plenary-nvim # 'null-ls' dependency # UX improvements + gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings ]; From f34f2fc706e2fad1f336043ff064ef7f52a201d2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 3 Mar 2022 22:15:26 +0100 Subject: [PATCH 533/654] home: vim: configure 'gitsigns' And remove some unused mappings, or adapt them to 'gitsigns'. --- home/vim/after/plugin/mappings/git.vim | 2 - home/vim/plugin/settings/gitsigns.vim | 54 ++++++++++++++++++++++++++ 2 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 home/vim/plugin/settings/gitsigns.vim diff --git a/home/vim/after/plugin/mappings/git.vim b/home/vim/after/plugin/mappings/git.vim index 677abd0..bb8b194 100644 --- a/home/vim/after/plugin/mappings/git.vim +++ b/home/vim/after/plugin/mappings/git.vim @@ -9,10 +9,8 @@ local keys = { }, ["g"] = { name = "Git", - d = { "Gdiffsplit", "Current buffer diff" }, l = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, m = { "(git-messenger)", "Current line blame" }, - s = { "Gstatus", "Status" }, }, } diff --git a/home/vim/plugin/settings/gitsigns.vim b/home/vim/plugin/settings/gitsigns.vim new file mode 100644 index 0000000..7804f3e --- /dev/null +++ b/home/vim/plugin/settings/gitsigns.vim @@ -0,0 +1,54 @@ +lua << EOF +local gitsigns = require('gitsigns') + +gitsigns.setup({ + -- I dislike the full-green sign column when this happens + attach_to_untracked = false, + + current_line_blame_opts = { + -- Show the blame quickly + delay = 100, + }, + + on_attach = function(bufnr) + local wk = require("which-key") + + local keys = { + -- Navigation + ["[c"] = { "&diff ? '[c' : 'Gitsigns prev_hunk'", "Previous hunk/diff", expr = true }, + ["]c"] = { "&diff ? ']c' : 'Gitsigns next_hunk'", "Next hunk/diff", expr = true }, + + + -- Commands + ["g"] = { + name = "Git", + -- Actions + b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, + d = { gitsigns.diffthis, "Diff buffer" }, + D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, + h = { gitsigns.toggle_deleted, "Show deleted hunks" }, + p = { gitsigns.preview_hunk, "Preview hunk" }, + r = { gitsigns.reset_hunk, "Revert hunk" }, + R = { gitsigns.reset_buffer, "Revert buffer" }, + s = { gitsigns.stage_hunk, "Stage hunk" }, + S = { gitsigns.stage_buffer, "Stage buffer" }, + u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, + ["["] = { gitsigns.prev_hunk, "Previous hunk" }, + ["]"] = { gitsigns.next_hunk, "Next hunk" }, + }, + } + + local objects = { + ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + } + + local visual = { + ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + } + + wk.register(keys, { buffer = bufnr }) + wk.register(objects, { mode = "o" }) + wk.register(visual, { mode = "x" }) + end, +}) +EOF From 3d6580f52b7867009ee22390636a0d24e4609038 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 09:36:05 +0100 Subject: [PATCH 534/654] home: vim: centralise 'git'-related mappings --- home/vim/after/plugin/mappings/git.vim | 18 ------------------ home/vim/plugin/settings/gitsigns.vim | 3 +++ 2 files changed, 3 insertions(+), 18 deletions(-) delete mode 100644 home/vim/after/plugin/mappings/git.vim diff --git a/home/vim/after/plugin/mappings/git.vim b/home/vim/after/plugin/mappings/git.vim deleted file mode 100644 index bb8b194..0000000 --- a/home/vim/after/plugin/mappings/git.vim +++ /dev/null @@ -1,18 +0,0 @@ -lua << EOF -local wk = require("which-key") - -local keys = { - d = { - name = "Merging diff hunks", - o = { "diffget", "Use this buffer's change", mode="x" }, - p = { "diffput", "Accept other buffer change", mode="x" }, - }, - ["g"] = { - name = "Git", - l = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, - m = { "(git-messenger)", "Current line blame" }, - }, -} - -wk.register(keys) -EOF diff --git a/home/vim/plugin/settings/gitsigns.vim b/home/vim/plugin/settings/gitsigns.vim index 7804f3e..c8f11a1 100644 --- a/home/vim/plugin/settings/gitsigns.vim +++ b/home/vim/plugin/settings/gitsigns.vim @@ -26,7 +26,10 @@ gitsigns.setup({ b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, d = { gitsigns.diffthis, "Diff buffer" }, D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, + g = { "Git", "Git status" }, h = { gitsigns.toggle_deleted, "Show deleted hunks" }, + L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, + m = { "(git-messenger)", "Current line blame" }, p = { gitsigns.preview_hunk, "Preview hunk" }, r = { gitsigns.reset_hunk, "Revert hunk" }, R = { gitsigns.reset_buffer, "Revert buffer" }, From 9c023b78a3d81c053735bbcba802741077eec722 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 09:36:51 +0100 Subject: [PATCH 535/654] home: vim: rename 'git'-related settings file Now that it contains more settings than just 'gitsigns'. --- home/vim/plugin/settings/{gitsigns.vim => git.vim} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename home/vim/plugin/settings/{gitsigns.vim => git.vim} (100%) diff --git a/home/vim/plugin/settings/gitsigns.vim b/home/vim/plugin/settings/git.vim similarity index 100% rename from home/vim/plugin/settings/gitsigns.vim rename to home/vim/plugin/settings/git.vim From 6da1c474720a63e9bcd6d80ecdd8826896cb2912 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 12:44:46 +0100 Subject: [PATCH 536/654] home: vim: add 'shellcheck' code actions --- home/vim/plugin/settings/null-ls.vim | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index e00fa62..f76c451 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -60,6 +60,12 @@ null_ls.register({ -- Shell (non-POSIX) null_ls.register({ + null_ls.builtins.code_actions.shellcheck.with({ + -- Restrict to bash and zsh + filetypes = { "bash", "zsh" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), + }), null_ls.builtins.diagnostics.shellcheck.with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", @@ -83,6 +89,12 @@ null_ls.register({ -- Shell (POSIX) null_ls.register({ + null_ls.builtins.code_actions.shellcheck.with({ + -- Restrict to POSIX sh + filetypes = { "sh" }, + -- Only used if available + condition = utils.is_executable_condition("shellcheck"), + }), null_ls.builtins.diagnostics.shellcheck.with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", From 080d08bb13d97386156422b0db3c068a15e09b83 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 12:52:48 +0100 Subject: [PATCH 537/654] home: vim: add linters & formatters to vim package I use them so often, I basically always want them available. --- home/vim/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 4b8090c..365ae6d 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -77,6 +77,16 @@ in ]; extraConfig = builtins.readFile ./init.vim; + + # Linters, formatters, etc... + extraPackages = with pkgs; [ + # Nix + nixpkgs-fmt + + # Shell + shellcheck + shfmt + ]; }; config.xdg.configFile = lib.mkIf cfg.enable configFiles; From 62f93a852afd75ce4ecefbdfcb3963eaa12df5be Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 12:54:50 +0100 Subject: [PATCH 538/654] home: vim: add 'clang-tools' to vim package It includes both `clangd` and `clang-format`, even though I'm mostly looking for the later. --- home/vim/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 365ae6d..fdb4dfd 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -80,6 +80,9 @@ in # Linters, formatters, etc... extraPackages = with pkgs; [ + # C/C++ + clang-tools + # Nix nixpkgs-fmt From d36f01d9372622c581f8058a66abcf8115e92af4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 14:20:29 +0100 Subject: [PATCH 539/654] home: vim: add 'rnix' LSP configuration --- home/vim/plugin/settings/lspconfig.vim | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index a51e284..2442059 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -9,6 +9,13 @@ if utils.is_executable("clangd") then }) end +-- Nix +if utils.is_executable("rnix-lsp") then + lsp.rnix.setup({ + on_attach = utils.on_attach, + }) +end + -- Python if utils.is_executable("pyright") then lsp.pyright.setup({ From 38c140ee86b348840df850d01707cfde74a708c9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 14:21:28 +0100 Subject: [PATCH 540/654] home: vim: don't use 'nixpkgs-fmt' with 'rnix' --- home/vim/plugin/settings/null-ls.vim | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index f76c451..6fc0e25 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -27,8 +27,10 @@ null_ls.register({ -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ - -- Only used if available - condition = utils.is_executable_condition("nixpkgs-fmt"), + -- Only used if available, but prefer rnix if available + condition = function() + return utils.is_executable("nixpkgs-fmt") and not utils.is_executable("rnix-lsp") + end, }), }) From adedb42a99c083e4a88d22524796b649ee799827 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 14:23:09 +0100 Subject: [PATCH 541/654] home: vim: add mappings for LSP functionality --- home/vim/lua/ambroisie/utils.lua | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index e3833cc..559911c 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -63,6 +63,27 @@ M.on_attach = function(client, bufnr) augroup END ]]) end + + -- Mappings + local wk = require("which-key") + + local keys = { + K = { vim.lsp.buf.hover, "Show symbol information" }, + ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, + ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, + ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, + ["gr"] = { vim.lsp.buf.references, "List all references" }, + + ["c"] = { + name = "Code", + a = { vim.lsp.buf.code_action, "Code actions" }, + r = { vim.lsp.buf.rename, "Rename symbol" }, + s = { vim.lsp.buf.signature_help, "Show signature" }, + t = { vim.lsp.buf.type_definition, "Go to type definition" }, + }, + } + + wk.register(keys, { buffer = bufnr }) end return M From 14d9837b07e7611eb7e84ccf1b927ba8161ab548 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 14:38:16 +0100 Subject: [PATCH 542/654] home: vim: remove 'fastfold' I don't think I need it anymore, neovim improves the native performance well enough. --- home/vim/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/home/vim/default.nix b/home/vim/default.nix index fdb4dfd..ddcb663 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -56,7 +56,6 @@ in vim-toml # General enhancements - fastfold # Better folding vim-qf # Better quick-fix list # Other wrappers From 04761da6647f61fd9bcd14c21f6396449a15f256 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 15:05:34 +0100 Subject: [PATCH 543/654] home: vim: add 'dump' utility function --- home/vim/lua/ambroisie/utils.lua | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index 559911c..dc66a4f 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -1,5 +1,11 @@ local M = {} +-- pretty print lua object +-- @param obj any object to pretty print +M.dump = function(obj) + print(vim.inspect(obj)) +end + --- checks if a given command is executable ---@param cmd string? command to check ---@return boolean executable From cd20914370f6af1e8841ef997c0c956e3a1dae99 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 15:06:03 +0100 Subject: [PATCH 544/654] home: vim: lsp: add workspace mappings --- home/vim/lua/ambroisie/utils.lua | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index dc66a4f..f159c37 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -73,6 +73,10 @@ M.on_attach = function(client, bufnr) -- Mappings local wk = require("which-key") + local function list_workspace_folders() + M.dump(vim.lsp.buf.list_workspace_folders()) + end + local keys = { K = { vim.lsp.buf.hover, "Show symbol information" }, ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, @@ -86,6 +90,12 @@ M.on_attach = function(client, bufnr) r = { vim.lsp.buf.rename, "Rename symbol" }, s = { vim.lsp.buf.signature_help, "Show signature" }, t = { vim.lsp.buf.type_definition, "Go to type definition" }, + w = { + name = "Workspace", + a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" }, + l = { list_workspace_folders, "List folders in workspace" }, + r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" }, + }, }, } From 526394297036a480300bdd48928b8c88c43c5a85 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 15:13:29 +0100 Subject: [PATCH 545/654] home: vim: lsp: add diagnostic mappings --- home/vim/lua/ambroisie/utils.lua | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index f159c37..72f009c 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -77,6 +77,14 @@ M.on_attach = function(client, bufnr) M.dump(vim.lsp.buf.list_workspace_folders()) end + local function show_line_diagnostics() + vim.diagnostic.open_float(nil, { scope="line" }) + end + + local function show_buffer_diagnostics() + vim.diagnostic.open_float(nil, { scope="buffer" }) + end + local keys = { K = { vim.lsp.buf.hover, "Show symbol information" }, ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, @@ -87,6 +95,8 @@ M.on_attach = function(client, bufnr) ["c"] = { name = "Code", a = { vim.lsp.buf.code_action, "Code actions" }, + d = { show_line_diagnostics, "Show line diagnostics" }, + D = { show_buffer_diagnostics, "Show buffer diagnostics" }, r = { vim.lsp.buf.rename, "Rename symbol" }, s = { vim.lsp.buf.signature_help, "Show signature" }, t = { vim.lsp.buf.type_definition, "Go to type definition" }, From c5d9396a7dc564c41cd4b8feaf687811cd8f8475 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 16:04:51 +0100 Subject: [PATCH 546/654] home: vim: git: use more appropriate mapping names --- home/vim/plugin/settings/git.vim | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/vim/plugin/settings/git.vim b/home/vim/plugin/settings/git.vim index c8f11a1..f376569 100644 --- a/home/vim/plugin/settings/git.vim +++ b/home/vim/plugin/settings/git.vim @@ -31,8 +31,8 @@ gitsigns.setup({ L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, m = { "(git-messenger)", "Current line blame" }, p = { gitsigns.preview_hunk, "Preview hunk" }, - r = { gitsigns.reset_hunk, "Revert hunk" }, - R = { gitsigns.reset_buffer, "Revert buffer" }, + r = { gitsigns.reset_hunk, "Restore hunk" }, + R = { gitsigns.reset_buffer, "Restore buffer" }, s = { gitsigns.stage_hunk, "Stage hunk" }, S = { gitsigns.stage_buffer, "Stage buffer" }, u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, From 57e5def998f2c8ae184a53359e1598869fa74656 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 16:25:11 +0100 Subject: [PATCH 547/654] home: vim: git: 'gitsigns' mappings are per buffer --- home/vim/plugin/settings/git.vim | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/vim/plugin/settings/git.vim b/home/vim/plugin/settings/git.vim index f376569..7059f01 100644 --- a/home/vim/plugin/settings/git.vim +++ b/home/vim/plugin/settings/git.vim @@ -50,8 +50,8 @@ gitsigns.setup({ } wk.register(keys, { buffer = bufnr }) - wk.register(objects, { mode = "o" }) - wk.register(visual, { mode = "x" }) + wk.register(objects, { buffer = bufnr, mode = "o" }) + wk.register(visual, { buffer = bufnr, mode = "x" }) end, }) EOF From 3df2ad0f1fcb06cc4da68f80aaa05e3c4f5c8c35 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 16:29:54 +0100 Subject: [PATCH 548/654] home: vim: git: more visual mappings I cannot use the functions directly, as I would need to calculate the current selections begin and end points and use them as arguments. To be investigated. --- home/vim/plugin/settings/git.vim | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/home/vim/plugin/settings/git.vim b/home/vim/plugin/settings/git.vim index 7059f01..0deba6a 100644 --- a/home/vim/plugin/settings/git.vim +++ b/home/vim/plugin/settings/git.vim @@ -47,6 +47,15 @@ gitsigns.setup({ local visual = { ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + + -- Only the actual command can make use of the visual selection... + ["g"] = { + name = "Git", + p = { ":Gitsigns preview_hunk", "Preview selection" }, + r = { ":Gitsigns reset_hunk", "Restore selection" }, + s = { ":Gitsigns stage_hunk", "Stage selection" }, + u = { ":Gitsigns undo_stage_hunk", "Undo stage selection" }, + }, } wk.register(keys, { buffer = bufnr }) From 25967e21f1b804872e883ca18f1e9c07cd416424 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 16:54:40 +0100 Subject: [PATCH 549/654] home: vim: add 'nvim-cmp' --- home/vim/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index ddcb663..8e8880c 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -70,6 +70,12 @@ in nvim-treesitter-textobjects # More textobjects plenary-nvim # 'null-ls' dependency + # Completion + nvim-cmp # Completion engine + cmp-buffer # Words from open buffers + cmp-path # Path name suggestions + cmp-nvim-lua # NeoVim lua API + # UX improvements gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings From 273618ff94370fc342a1725aea36a33df3bee730 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 16:54:40 +0100 Subject: [PATCH 550/654] home: vim: configure 'nvim-cmp' --- home/vim/plugin/settings/completion.vim | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 home/vim/plugin/settings/completion.vim diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim new file mode 100644 index 0000000..2069902 --- /dev/null +++ b/home/vim/plugin/settings/completion.vim @@ -0,0 +1,14 @@ +" Show completion menu in all cases, and don't select anything +set completeopt=menu,menuone,noselect + +lua << EOF +local cmp = require("cmp") + +cmp.setup({ + sources = { + { name = "buffer" }, + { name = "nvim_lua" }, + { name = "path" }, + }, +}) +EOF From 05e7883dab16d1827a1b4b62077f0bf166123127 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 20:22:43 +0100 Subject: [PATCH 551/654] home: vim: add 'cmp-nvim-lsp' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 8e8880c..9051027 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -74,6 +74,7 @@ in nvim-cmp # Completion engine cmp-buffer # Words from open buffers cmp-path # Path name suggestions + cmp-nvim-lsp # LSP suggestions cmp-nvim-lua # NeoVim lua API # UX improvements From 35d96e1e6943e5bb077f6e01111f24f7ba18f428 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 4 Mar 2022 17:36:01 +0100 Subject: [PATCH 552/654] home: vim: configure 'nvim-cmp' for LSP --- home/vim/plugin/settings/completion.vim | 1 + home/vim/plugin/settings/lspconfig.vim | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 2069902..12741d6 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -7,6 +7,7 @@ local cmp = require("cmp") cmp.setup({ sources = { { name = "buffer" }, + { name = "nvim_lsp" }, { name = "nvim_lua" }, { name = "path" }, }, diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index 2442059..5d1b135 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -2,9 +2,14 @@ lua << EOF local lsp = require("lspconfig") local utils = require("ambroisie.utils") +-- Inform servers we are able to do completion, snippets, etc... +local capabilities = vim.lsp.protocol.make_client_capabilities() +capabilities = require("cmp_nvim_lsp").update_capabilities(capabilities) + -- C/C++ if utils.is_executable("clangd") then lsp.clangd.setup({ + capabilities = capabilities, on_attach = utils.on_attach, }) end @@ -12,6 +17,7 @@ end -- Nix if utils.is_executable("rnix-lsp") then lsp.rnix.setup({ + capabilities = capabilities, on_attach = utils.on_attach, }) end @@ -19,6 +25,7 @@ end -- Python if utils.is_executable("pyright") then lsp.pyright.setup({ + capabilities = capabilities, on_attach = utils.on_attach, }) end @@ -26,6 +33,7 @@ end -- Rust if utils.is_executable("rust-analyzer") then lsp.rust_analyzer.setup({ + capabilities = capabilities, on_attach = utils.on_attach, }) end From a49e66da8007cfd87f2c8bcc1ec5ed77fa278dfb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 6 Mar 2022 11:15:38 +0100 Subject: [PATCH 553/654] home: vim: completion: use native menu --- home/vim/plugin/settings/completion.vim | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 12741d6..448ea53 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -5,6 +5,9 @@ lua << EOF local cmp = require("cmp") cmp.setup({ + view = { + entries = "native", + }, sources = { { name = "buffer" }, { name = "nvim_lsp" }, From 5b7fa7c09abe92a40bd69696f237027b7b836063 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 6 Mar 2022 11:53:48 +0100 Subject: [PATCH 554/654] home: vim: completion: use better order --- home/vim/plugin/settings/completion.vim | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 448ea53..fce33ea 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -9,10 +9,21 @@ cmp.setup({ entries = "native", }, sources = { - { name = "buffer" }, - { name = "nvim_lsp" }, - { name = "nvim_lua" }, - { name = "path" }, + { name = "path", priority_weight = 110 }, + { name = "nvim_lsp", priority_weight = 100 }, + { name = "nvim_lua", priority_weight = 90 }, + { name = "buffer", priority_weight = 50 }, + }, + sorting = { + comparators = { + cmp.config.compare.offset, + cmp.config.compare.exact, + cmp.config.compare.score, + cmp.config.compare.kind, + cmp.config.compare.sort_text, + cmp.config.compare.length, + cmp.config.compare.order, + }, }, }) EOF From 9ef35f06dfd6c09c573da3ff931a7b4c1e1d5728 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 6 Mar 2022 11:54:21 +0100 Subject: [PATCH 555/654] home: vim: completion: limit 'buffer' suggestions Otherwise it gets overwhelming, and most are useless. --- home/vim/plugin/settings/completion.vim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index fce33ea..0d0507f 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -12,7 +12,7 @@ cmp.setup({ { name = "path", priority_weight = 110 }, { name = "nvim_lsp", priority_weight = 100 }, { name = "nvim_lua", priority_weight = 90 }, - { name = "buffer", priority_weight = 50 }, + { name = "buffer", max_item_count = 5, priority_weight = 50 }, }, sorting = { comparators = { From 4627350311121aee1f2b34ab4f6ee82af2e6b819 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 12:50:36 +0100 Subject: [PATCH 556/654] home: packages: add 'ripgrep' --- home/packages/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/packages/default.nix b/home/packages/default.nix index 10d1c12..469b539 100644 --- a/home/packages/default.nix +++ b/home/packages/default.nix @@ -20,6 +20,7 @@ in config.home.packages = with pkgs; lib.mkIf cfg.enable ([ file mosh + ripgrep rr termite.terminfo ] ++ cfg.additionalPackages); From bf7184c260e33ad6b809f07d24503d1493a36f97 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 12:57:16 +0100 Subject: [PATCH 557/654] home: packages: add 'fd' --- home/packages/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/packages/default.nix b/home/packages/default.nix index 469b539..434cb0d 100644 --- a/home/packages/default.nix +++ b/home/packages/default.nix @@ -18,6 +18,7 @@ in }; config.home.packages = with pkgs; lib.mkIf cfg.enable ([ + fd file mosh ripgrep From 16fc677509ed8658d8d5654c9204df6ee05f6343 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 13:05:28 +0100 Subject: [PATCH 558/654] home: vim: replace 'fzf' with 'telescope' I like the fact that it uses built-in buffers to preview files. It also has more inertia behind it, tighter integrations in the ecosystem. --- home/vim/after/plugin/mappings/fzf.vim | 13 ------------- home/vim/after/plugin/mappings/telescope.vim | 16 ++++++++++++++++ home/vim/default.nix | 5 ++--- home/vim/plugin/settings/fzf.vim | 8 -------- 4 files changed, 18 insertions(+), 24 deletions(-) delete mode 100644 home/vim/after/plugin/mappings/fzf.vim create mode 100644 home/vim/after/plugin/mappings/telescope.vim delete mode 100644 home/vim/plugin/settings/fzf.vim diff --git a/home/vim/after/plugin/mappings/fzf.vim b/home/vim/after/plugin/mappings/fzf.vim deleted file mode 100644 index fa98f0c..0000000 --- a/home/vim/after/plugin/mappings/fzf.vim +++ /dev/null @@ -1,13 +0,0 @@ -lua << EOF -local wk = require("which-key") - -local keys = { - f = { - name = "Fuzzy finder", - b = { "Buffers", "Open buffers" }, - f = { "GFiles", "Git tracked files" }, - }, -} - -wk.register(keys, { prefix = "" }) -EOF diff --git a/home/vim/after/plugin/mappings/telescope.vim b/home/vim/after/plugin/mappings/telescope.vim new file mode 100644 index 0000000..36fdd16 --- /dev/null +++ b/home/vim/after/plugin/mappings/telescope.vim @@ -0,0 +1,16 @@ +lua << EOF +local wk = require("which-key") +local telescope_builtin = require("telescope.builtin") + +local keys = { + f = { + name = "Fuzzy finder", + b = { telescope_builtin.buffers, "Open buffers" }, + f = { telescope_builtin.git_files, "Git tracked files" }, + F = { telescope_builtin.find_files, "Files" }, + }, +} + +wk.register(keys, { prefix = "" }) +EOF + diff --git a/home/vim/default.nix b/home/vim/default.nix index 9051027..b2bba15 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -59,8 +59,6 @@ in vim-qf # Better quick-fix list # Other wrappers - fzfWrapper # The vim plugin inside the 'fzf' package - fzf-vim # Fuzzy commands git-messenger-vim # A simple blame window # LSP and linting @@ -68,7 +66,7 @@ in null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting nvim-treesitter-textobjects # More textobjects - plenary-nvim # 'null-ls' dependency + plenary-nvim # 'null-ls', 'telescope' dependency # Completion nvim-cmp # Completion engine @@ -80,6 +78,7 @@ in # UX improvements gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings + telescope-nvim # Fuzzy finder interface ]; extraConfig = builtins.readFile ./init.vim; diff --git a/home/vim/plugin/settings/fzf.vim b/home/vim/plugin/settings/fzf.vim deleted file mode 100644 index 7125b70..0000000 --- a/home/vim/plugin/settings/fzf.vim +++ /dev/null @@ -1,8 +0,0 @@ -" Use a floating window when availble -if has('nvim-0.4.0') || has("patch-8.2.0191") - let g:fzf_layout = { 'window': { - \ 'width': 0.9, - \ 'height': 0.7, - \ 'highlight': 'Comment', - \ 'rounded': v:false } } -endif From 1be9eb517b0478d29db84bd7652c71fadd24645c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 13:10:56 +0100 Subject: [PATCH 559/654] home: vim: add 'telescope' grep mappings --- home/vim/after/plugin/mappings/telescope.vim | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/vim/after/plugin/mappings/telescope.vim b/home/vim/after/plugin/mappings/telescope.vim index 36fdd16..eb6363d 100644 --- a/home/vim/after/plugin/mappings/telescope.vim +++ b/home/vim/after/plugin/mappings/telescope.vim @@ -8,6 +8,8 @@ local keys = { b = { telescope_builtin.buffers, "Open buffers" }, f = { telescope_builtin.git_files, "Git tracked files" }, F = { telescope_builtin.find_files, "Files" }, + g = { telescope_builtin.live_grep, "Grep string" }, + G = { telescope_builtin.grep_string, "Grep string under cursor" }, }, } From bcbc9af372ff98b95ef47a318550a672cba00c56 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 13:15:36 +0100 Subject: [PATCH 560/654] home: vim: telescope: set-up 'fzf' matching --- home/vim/default.nix | 1 + home/vim/plugin/settings/telescope.vim | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 home/vim/plugin/settings/telescope.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index b2bba15..d54ca23 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -78,6 +78,7 @@ in # UX improvements gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings + telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-nvim # Fuzzy finder interface ]; diff --git a/home/vim/plugin/settings/telescope.vim b/home/vim/plugin/settings/telescope.vim new file mode 100644 index 0000000..4f7aeb6 --- /dev/null +++ b/home/vim/plugin/settings/telescope.vim @@ -0,0 +1,16 @@ +lua << EOF +local telescope = require("telescope") + +telescope.setup({ + extensions = { + fzf = { + fuzzy = true, + override_generic_sorter = true, + override_file_sorter = true, + case_mode = "smart_case", + }, + }, +}) + +telescope.load_extension("fzf") +EOF From 1834a7002b2d76a525e7c626a15a666dac93ac6f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 14:01:50 +0100 Subject: [PATCH 561/654] home: vim: add 'dressing-nvim' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index d54ca23..12454cb 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -76,6 +76,7 @@ in cmp-nvim-lua # NeoVim lua API # UX improvements + dressing-nvim # Integrate native UI hooks with Telescope etc... gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm From 93a3a4fb6b208db27bef27d086bc623e2226e354 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 14:02:04 +0100 Subject: [PATCH 562/654] home: vim: configure 'dressing-nvim' --- home/vim/plugin/settings/dressing.vim | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 home/vim/plugin/settings/dressing.vim diff --git a/home/vim/plugin/settings/dressing.vim b/home/vim/plugin/settings/dressing.vim new file mode 100644 index 0000000..9508126 --- /dev/null +++ b/home/vim/plugin/settings/dressing.vim @@ -0,0 +1,8 @@ +lua << EOF +local dressing = require("dressing") + +dressing.setup({ + -- Use a relative prompt size + prefer_width = 0.4, +}) +EOF From 52722fb408ac1c2e8e2b824b27a242651fa2a26a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 14:50:59 +0100 Subject: [PATCH 563/654] home: vim: completion: explicit mappings This is basically a copy-paste of the default mappings, with some small amount of customization. --- home/vim/plugin/settings/completion.vim | 48 +++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 0d0507f..1553c2b 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -5,6 +5,54 @@ lua << EOF local cmp = require("cmp") cmp.setup({ + mapping = { + [""] = cmp.mapping({ + i = cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Select }), + c = function(fallback) + cmp.close() + vim.schedule(cmp.suspend()) + fallback() + end, + }), + [""] = cmp.mapping({ + i = cmp.mapping.select_prev_item({ behavior = cmp.SelectBehavior.Select }), + c = function(fallback) + cmp.close() + vim.schedule(cmp.suspend()) + fallback() + end, + }), + [""] = cmp.mapping({ + c = function(fallback) + if #cmp.core:get_sources() > 0 and not require("cmp.config").is_native_menu() then + if cmp.visible() then + cmp.select_next_item() + else + cmp.complete() + end + else + fallback() + end + end, + }), + [""] = cmp.mapping({ + c = function(fallback) + if #cmp.core:get_sources() > 0 and not require("cmp.config").is_native_menu() then + if cmp.visible() then + cmp.select_prev_item() + else + cmp.complete() + end + else + fallback() + end + end, + }), + [""] = cmp.mapping(cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), + [""] = cmp.mapping(cmp.mapping.select_prev_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), + [""] = cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Insert, select = false }), + [""] = cmp.mapping.abort(), + }, view = { entries = "native", }, From 3e0a5ef1a47766e5b35f9a10f376523032457093 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 15:27:57 +0100 Subject: [PATCH 564/654] home: vim: completion: add 'cmp-under-comparator' --- home/vim/default.nix | 1 + home/vim/plugin/settings/completion.vim | 2 ++ 2 files changed, 3 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 12454cb..485ae70 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -74,6 +74,7 @@ in cmp-path # Path name suggestions cmp-nvim-lsp # LSP suggestions cmp-nvim-lua # NeoVim lua API + cmp-under-comparator # Sort items that start with '_' lower # UX improvements dressing-nvim # Integrate native UI hooks with Telescope etc... diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 1553c2b..a3e9356 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -3,6 +3,7 @@ set completeopt=menu,menuone,noselect lua << EOF local cmp = require("cmp") +local cmp_under_comparator = require("cmp-under-comparator") cmp.setup({ mapping = { @@ -67,6 +68,7 @@ cmp.setup({ cmp.config.compare.offset, cmp.config.compare.exact, cmp.config.compare.score, + cmp_under_comparator.under, cmp.config.compare.kind, cmp.config.compare.sort_text, cmp.config.compare.length, From 2df0940665b52ce7bc888069ff4b57e89102bad3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 17:42:15 +0100 Subject: [PATCH 565/654] home: vim: completion: add mapping to scroll docs --- home/vim/plugin/settings/completion.vim | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index a3e9356..cad93d0 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -51,6 +51,8 @@ cmp.setup({ }), [""] = cmp.mapping(cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), [""] = cmp.mapping(cmp.mapping.select_prev_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), + [""] = cmp.mapping.scroll_docs(-5), + [""] = cmp.mapping.scroll_docs(5), [""] = cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Insert, select = false }), [""] = cmp.mapping.abort(), }, From 8d1535e26170088273dc5e2219be66b674782eb5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 17:48:38 +0100 Subject: [PATCH 566/654] home: vim: add 'luasnip' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 485ae70..0223756 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -75,6 +75,7 @@ in cmp-nvim-lsp # LSP suggestions cmp-nvim-lua # NeoVim lua API cmp-under-comparator # Sort items that start with '_' lower + luasnip # Snippet manager compatible with LSP # UX improvements dressing-nvim # Integrate native UI hooks with Telescope etc... From df92d1c562a2ac4a6dbedf51f66f3dff65d66b3e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 17:49:29 +0100 Subject: [PATCH 567/654] home: vim: sort plugin list --- home/vim/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/vim/default.nix b/home/vim/default.nix index 0223756..cf7e35d 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -71,9 +71,9 @@ in # Completion nvim-cmp # Completion engine cmp-buffer # Words from open buffers - cmp-path # Path name suggestions cmp-nvim-lsp # LSP suggestions cmp-nvim-lua # NeoVim lua API + cmp-path # Path name suggestions cmp-under-comparator # Sort items that start with '_' lower luasnip # Snippet manager compatible with LSP From 435e56d53a5333e00e7b932e45da371b638a2a35 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 18:08:54 +0100 Subject: [PATCH 568/654] home: vim: completion: configure snippets --- home/vim/plugin/settings/completion.vim | 51 ++++++++++++------------- 1 file changed, 25 insertions(+), 26 deletions(-) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index cad93d0..5539a98 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -4,8 +4,14 @@ set completeopt=menu,menuone,noselect lua << EOF local cmp = require("cmp") local cmp_under_comparator = require("cmp-under-comparator") +local luasnip = require("luasnip") cmp.setup({ + snippet = { + expand = function(args) + luasnip.lsp_expand(args.body) + end, + }, mapping = { [""] = cmp.mapping({ i = cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Select }), @@ -23,32 +29,24 @@ cmp.setup({ fallback() end, }), - [""] = cmp.mapping({ - c = function(fallback) - if #cmp.core:get_sources() > 0 and not require("cmp.config").is_native_menu() then - if cmp.visible() then - cmp.select_next_item() - else - cmp.complete() - end - else - fallback() - end - end, - }), - [""] = cmp.mapping({ - c = function(fallback) - if #cmp.core:get_sources() > 0 and not require("cmp.config").is_native_menu() then - if cmp.visible() then - cmp.select_prev_item() - else - cmp.complete() - end - else - fallback() - end - end, - }), + [""] = function(fallback) + if cmp.visible() then + cmp.select_next_item() + elseif luasnip.expand_or_jumpable() then + luasnip.expand_or_jump() + else + fallback() + end + end, + [""] = function(fallback) + if cmp.visible() then + cmp.select_prev_item() + elseif luasnip.jumpable(-1) then + luasnip.jump(-1) + else + fallback() + end + end, [""] = cmp.mapping(cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), [""] = cmp.mapping(cmp.mapping.select_prev_item({ behavior = cmp.SelectBehavior.Insert }), { "i", "c" }), [""] = cmp.mapping.scroll_docs(-5), @@ -63,6 +61,7 @@ cmp.setup({ { name = "path", priority_weight = 110 }, { name = "nvim_lsp", priority_weight = 100 }, { name = "nvim_lua", priority_weight = 90 }, + { name = "luasnip", priority_weight = 80 }, { name = "buffer", max_item_count = 5, priority_weight = 50 }, }, sorting = { From be3391285ab909a5c02657fe32ec42f54d939bcb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:02:30 +0100 Subject: [PATCH 569/654] home: vim: comparison: stronger priority hint --- home/vim/plugin/settings/completion.vim | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 5539a98..85892a5 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -65,6 +65,7 @@ cmp.setup({ { name = "buffer", max_item_count = 5, priority_weight = 50 }, }, sorting = { + priority_weight = 100, comparators = { cmp.config.compare.offset, cmp.config.compare.exact, From fdf1f1617f67851d191d61e96e221b4cfbe82047 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:10:53 +0100 Subject: [PATCH 570/654] home: vim: add 'nvim-ts-context-commentstring' --- home/vim/default.nix | 1 + home/vim/plugin/settings/tree-sitter.vim | 3 +++ 2 files changed, 4 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index cf7e35d..55a79df 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -66,6 +66,7 @@ in null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting nvim-treesitter-textobjects # More textobjects + nvim-ts-context-commentstring # Comment string in nested language blocks plenary-nvim # 'null-ls', 'telescope' dependency # Completion diff --git a/home/vim/plugin/settings/tree-sitter.vim b/home/vim/plugin/settings/tree-sitter.vim index ab38090..1204185 100644 --- a/home/vim/plugin/settings/tree-sitter.vim +++ b/home/vim/plugin/settings/tree-sitter.vim @@ -9,6 +9,9 @@ ts_config.setup({ indent = { enable = true, }, + context_commentstring = { + enable = true, + }, textobjects = { select = { enable = true, From d5e50b5389d7a83e14654e0fd3e063d124281e73 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:28:19 +0100 Subject: [PATCH 571/654] home: vim: completion: remove up/down mappings I do not use arrow keys, why bother with them. --- home/vim/plugin/settings/completion.vim | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 85892a5..96164a7 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -13,22 +13,6 @@ cmp.setup({ end, }, mapping = { - [""] = cmp.mapping({ - i = cmp.mapping.select_next_item({ behavior = cmp.SelectBehavior.Select }), - c = function(fallback) - cmp.close() - vim.schedule(cmp.suspend()) - fallback() - end, - }), - [""] = cmp.mapping({ - i = cmp.mapping.select_prev_item({ behavior = cmp.SelectBehavior.Select }), - c = function(fallback) - cmp.close() - vim.schedule(cmp.suspend()) - fallback() - end, - }), [""] = function(fallback) if cmp.visible() then cmp.select_next_item() From 52e0a2fd0ff3deecb40275c86ef55d63ec7bf198 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:44:08 +0100 Subject: [PATCH 572/654] home: vim: add 'friendly-snippets' --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 55a79df..0574e38 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -76,6 +76,7 @@ in cmp-nvim-lua # NeoVim lua API cmp-path # Path name suggestions cmp-under-comparator # Sort items that start with '_' lower + friendly-snippets # LSP snippets collection luasnip # Snippet manager compatible with LSP # UX improvements From e4622dd6ea6363a28a5bfcb05f8cef896bd4eff8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:44:28 +0100 Subject: [PATCH 573/654] home: vim: configure 'luasnip' --- home/vim/plugin/settings/luasnip.vim | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 home/vim/plugin/settings/luasnip.vim diff --git a/home/vim/plugin/settings/luasnip.vim b/home/vim/plugin/settings/luasnip.vim new file mode 100644 index 0000000..9527d22 --- /dev/null +++ b/home/vim/plugin/settings/luasnip.vim @@ -0,0 +1,3 @@ +lua << EOF +require("luasnip.loaders.from_vscode").load() +EOF From d39c0419b7183b479b5bb42136976b9296144572 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:45:55 +0100 Subject: [PATCH 574/654] home: vim: lualine: remove 'fzf' integration I do not use 'fzf' anymore. --- home/vim/plugin/settings/lualine.vim | 1 - 1 file changed, 1 deletion(-) diff --git a/home/vim/plugin/settings/lualine.vim b/home/vim/plugin/settings/lualine.vim index 2d281cd..0273c78 100644 --- a/home/vim/plugin/settings/lualine.vim +++ b/home/vim/plugin/settings/lualine.vim @@ -57,7 +57,6 @@ lualine.setup({ }, extensions = { "fugitive", - "fzf", "quickfix", }, }) From 6f7f49dc137a30b83be9d597f1b4d25de3db4163 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 7 Mar 2022 21:57:59 +0100 Subject: [PATCH 575/654] home: vim: completion: do not use tab to select I would rather have my actual preferred mappings, and , for that. --- home/vim/plugin/settings/completion.vim | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 96164a7..9a3d7e6 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -14,18 +14,14 @@ cmp.setup({ }, mapping = { [""] = function(fallback) - if cmp.visible() then - cmp.select_next_item() - elseif luasnip.expand_or_jumpable() then + if luasnip.expand_or_jumpable() then luasnip.expand_or_jump() else fallback() end end, [""] = function(fallback) - if cmp.visible() then - cmp.select_prev_item() - elseif luasnip.jumpable(-1) then + if luasnip.jumpable(-1) then luasnip.jump(-1) else fallback() From 44b20341358025d75dda0849fb0c161ce7c70d8e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Mar 2022 10:07:46 +0100 Subject: [PATCH 576/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 6b99bf2..db60e45 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1645970334, - "narHash": "sha256-6nn4YF9bPtkxkB7bM6yJO3m//p3sGilxNQFjm1epLEM=", + "lastModified": 1646559628, + "narHash": "sha256-WDoqxH/IPTV8CkI15wwzvXYgXq9UPr8xd8WKziuaynw=", "owner": "nix-community", "repo": "home-manager", - "rev": "ea85f4b1fdf3f25cf97dc49f4a9ec4eafda2ea25", + "rev": "afe96e7433c513bf82375d41473c57d1f66b4e68", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1646159311, - "narHash": "sha256-ILKckkiG074t3a0pwaPLjio8zVWgowpEp7AUwI5HjHE=", + "lastModified": 1646497237, + "narHash": "sha256-Ccpot1h/rV8MgcngDp5OrdmLTMaUTbStZTR5/sI7zW0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "18bd82edcc752d6a0e6cce1401ba0c81353a03ca", + "rev": "062a0c5437b68f950b081bbfc8a699d57a4ee026", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1646188350, - "narHash": "sha256-EL6N9Rc6pL/6GQC7PPh/wh8DHwuzBvHvL0XWGsErSXw=", + "lastModified": 1646721260, + "narHash": "sha256-r8ZWtEwiRxLKOtsT2yvU9Rs1oqL/RsSkPkgupXsw1bU=", "owner": "nix-community", "repo": "NUR", - "rev": "d70f39715a6f44d0148a6272fceeec4e13ce790e", + "rev": "25adb63e9381cb0342cdbe2d2d56266f4974a2c5", "type": "github" }, "original": { From d5527912a38fa7af86938c85cce9d3b3e3eff4c3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Mar 2022 11:56:32 +0100 Subject: [PATCH 577/654] modules: services: matrix: use 'settings' The unstructured attributes are hard-deprecated. --- modules/services/matrix/default.nix | 64 +++++++++++++++-------------- 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix index af26a83..6adcd00 100644 --- a/modules/services/matrix/default.nix +++ b/modules/services/matrix/default.nix @@ -19,10 +19,10 @@ in options.my.services.matrix = with lib; { enable = mkEnableOption "Matrix Synapse"; - secret = mkOption { + secretFile = mkOption { type = with types; nullOr str; default = null; - example = "deadbeef"; + example = "/var/lib/matrix/shared-secret-config.yaml"; description = "Shared secret to register users"; }; @@ -50,42 +50,46 @@ in services.matrix-synapse = { enable = true; dataDir = "/var/lib/matrix-synapse"; - server_name = domain; - public_baseurl = "https://matrix.${domain}"; - enable_registration = false; - registration_shared_secret = cfg.secret; + settings = { + server_name = domain; + public_baseurl = "https://matrix.${domain}"; - listeners = [ - # Federation - { - bind_address = "::1"; - port = federationPort.private; - tls = false; # Terminated by nginx. - x_forwarded = true; - resources = [{ names = [ "federation" ]; compress = false; }]; - } + enable_registration = false; + # registration_shared_secret = cfg.secret; # FIXME: use a secret file for this - # Client - { - bind_address = "::1"; - port = clientPort.private; - tls = false; # Terminated by nginx. - x_forwarded = true; - resources = [{ names = [ "client" ]; compress = false; }]; - } - ]; + listeners = [ + # Federation + { + bind_addresses = [ "::1" ]; + port = federationPort.private; + tls = false; # Terminated by nginx. + x_forwarded = true; + resources = [{ names = [ "federation" ]; compress = false; }]; + } - account_threepid_delegates.msisdn = "https://vector.im"; + # Client + { + bind_addresses = [ "::1" ]; + port = clientPort.private; + tls = false; # Terminated by nginx. + x_forwarded = true; + resources = [{ names = [ "client" ]; compress = false; }]; + } + ]; - extraConfig = '' - experimental_features: - spaces_enabled: true - ''; + account_threepid_delegates = { + msisdn = "https://vector.im"; + }; + + experimental_features = { + spaces_enabled = true; + }; + }; extraConfigFiles = [ cfg.mailConfigFile - ]; + ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile; }; my.services.nginx.virtualHosts = [ From 3fc0201dfac75addfd97ef12a00b3af2c28195c5 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Mar 2022 20:18:02 +0100 Subject: [PATCH 578/654] home: vim: lspconfig: use actual 'lspconfig' name --- home/vim/plugin/settings/lspconfig.vim | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index 5d1b135..fe04135 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -1,5 +1,5 @@ lua << EOF -local lsp = require("lspconfig") +local lspconfig = require("lspconfig") local utils = require("ambroisie.utils") -- Inform servers we are able to do completion, snippets, etc... @@ -8,7 +8,7 @@ capabilities = require("cmp_nvim_lsp").update_capabilities(capabilities) -- C/C++ if utils.is_executable("clangd") then - lsp.clangd.setup({ + lspconfig.clangd.setup({ capabilities = capabilities, on_attach = utils.on_attach, }) @@ -16,7 +16,7 @@ end -- Nix if utils.is_executable("rnix-lsp") then - lsp.rnix.setup({ + lspconfig.rnix.setup({ capabilities = capabilities, on_attach = utils.on_attach, }) @@ -24,7 +24,7 @@ end -- Python if utils.is_executable("pyright") then - lsp.pyright.setup({ + lspconfig.pyright.setup({ capabilities = capabilities, on_attach = utils.on_attach, }) @@ -32,7 +32,7 @@ end -- Rust if utils.is_executable("rust-analyzer") then - lsp.rust_analyzer.setup({ + lspconfig.rust_analyzer.setup({ capabilities = capabilities, on_attach = utils.on_attach, }) From 4e9764920a99de25366dae420f1f08e22a936273 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Mar 2022 20:20:22 +0100 Subject: [PATCH 579/654] home: vim: move 'on_attach' to 'ambroisie.lsp' --- home/vim/lua/ambroisie/lsp.lua | 83 ++++++++++++++++++++++++++ home/vim/lua/ambroisie/utils.lua | 78 ------------------------ home/vim/plugin/settings/lspconfig.vim | 9 +-- home/vim/plugin/settings/null-ls.vim | 3 +- 4 files changed, 90 insertions(+), 83 deletions(-) create mode 100644 home/vim/lua/ambroisie/lsp.lua diff --git a/home/vim/lua/ambroisie/lsp.lua b/home/vim/lua/ambroisie/lsp.lua new file mode 100644 index 0000000..27e5e44 --- /dev/null +++ b/home/vim/lua/ambroisie/lsp.lua @@ -0,0 +1,83 @@ +local M = {} + +-- shared LSP configuration callback +-- @param client native client configuration +-- @param bufnr int? buffer number of the attched client +M.on_attach = function(client, bufnr) + -- Diagnostics + vim.diagnostic.config({ + -- Disable virtual test next to affected regions + virtual_text = false, + -- Show diagnostics signs + signs = true, + -- Underline offending regions + underline = true, + -- Do not bother me in the middle of insertion + update_in_insert = false, + -- Show highest severity first + severity_sort = true, + }) + + vim.cmd([[ + augroup DiagnosticsHover + autocmd! * + " Show diagnostics on "hover" + autocmd CursorHold,CursorHoldI lua vim.diagnostic.open_float(nil, {focus=false, scope="cursor"}) + augroup END + ]]) + + -- Format on save + if client.resolved_capabilities.document_formatting then + vim.cmd([[ + augroup LspFormatting + autocmd! * + autocmd BufWritePre lua vim.lsp.buf.formatting_sync() + augroup END + ]]) + end + + -- Mappings + local wk = require("which-key") + + local function list_workspace_folders() + local utils = require("ambroisie.utils") + utils.dump(vim.lsp.buf.list_workspace_folders()) + end + + local function show_line_diagnostics() + vim.diagnostic.open_float(nil, { scope="line" }) + end + + local function show_buffer_diagnostics() + vim.diagnostic.open_float(nil, { scope="buffer" }) + end + + local keys = { + K = { vim.lsp.buf.hover, "Show symbol information" }, + ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, + ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, + ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, + ["gr"] = { vim.lsp.buf.references, "List all references" }, + + ["c"] = { + name = "Code", + a = { vim.lsp.buf.code_action, "Code actions" }, + d = { show_line_diagnostics, "Show line diagnostics" }, + D = { show_buffer_diagnostics, "Show buffer diagnostics" }, + r = { vim.lsp.buf.rename, "Rename symbol" }, + s = { vim.lsp.buf.signature_help, "Show signature" }, + t = { vim.lsp.buf.type_definition, "Go to type definition" }, + w = { + name = "Workspace", + a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" }, + l = { list_workspace_folders, "List folders in workspace" }, + r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" }, + }, + }, + } + + wk.register(keys, { buffer = bufnr }) +end + + +return M diff --git a/home/vim/lua/ambroisie/utils.lua b/home/vim/lua/ambroisie/utils.lua index 72f009c..88f3d27 100644 --- a/home/vim/lua/ambroisie/utils.lua +++ b/home/vim/lua/ambroisie/utils.lua @@ -34,82 +34,4 @@ M.list_lsp_clients = function(bufnr) return names end --- shared LSP configuration callback --- @param client native client configuration --- @param bufnr int? buffer number of the attched client -M.on_attach = function(client, bufnr) - -- Diagnostics - vim.diagnostic.config({ - -- Disable virtual test next to affected regions - virtual_text = false, - -- Show diagnostics signs - signs = true, - -- Underline offending regions - underline = true, - -- Do not bother me in the middle of insertion - update_in_insert = false, - -- Show highest severity first - severity_sort = true, - }) - - vim.cmd([[ - augroup DiagnosticsHover - autocmd! * - " Show diagnostics on "hover" - autocmd CursorHold,CursorHoldI lua vim.diagnostic.open_float(nil, {focus=false, scope="cursor"}) - augroup END - ]]) - - -- Format on save - if client.resolved_capabilities.document_formatting then - vim.cmd([[ - augroup LspFormatting - autocmd! * - autocmd BufWritePre lua vim.lsp.buf.formatting_sync() - augroup END - ]]) - end - - -- Mappings - local wk = require("which-key") - - local function list_workspace_folders() - M.dump(vim.lsp.buf.list_workspace_folders()) - end - - local function show_line_diagnostics() - vim.diagnostic.open_float(nil, { scope="line" }) - end - - local function show_buffer_diagnostics() - vim.diagnostic.open_float(nil, { scope="buffer" }) - end - - local keys = { - K = { vim.lsp.buf.hover, "Show symbol information" }, - ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, - ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, - ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, - ["gr"] = { vim.lsp.buf.references, "List all references" }, - - ["c"] = { - name = "Code", - a = { vim.lsp.buf.code_action, "Code actions" }, - d = { show_line_diagnostics, "Show line diagnostics" }, - D = { show_buffer_diagnostics, "Show buffer diagnostics" }, - r = { vim.lsp.buf.rename, "Rename symbol" }, - s = { vim.lsp.buf.signature_help, "Show signature" }, - t = { vim.lsp.buf.type_definition, "Go to type definition" }, - w = { - name = "Workspace", - a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" }, - l = { list_workspace_folders, "List folders in workspace" }, - r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" }, - }, - }, - } - - wk.register(keys, { buffer = bufnr }) -end - return M diff --git a/home/vim/plugin/settings/lspconfig.vim b/home/vim/plugin/settings/lspconfig.vim index fe04135..dc706cc 100644 --- a/home/vim/plugin/settings/lspconfig.vim +++ b/home/vim/plugin/settings/lspconfig.vim @@ -1,5 +1,6 @@ lua << EOF local lspconfig = require("lspconfig") +local lsp = require("ambroisie.lsp") local utils = require("ambroisie.utils") -- Inform servers we are able to do completion, snippets, etc... @@ -10,7 +11,7 @@ capabilities = require("cmp_nvim_lsp").update_capabilities(capabilities) if utils.is_executable("clangd") then lspconfig.clangd.setup({ capabilities = capabilities, - on_attach = utils.on_attach, + on_attach = lsp.on_attach, }) end @@ -18,7 +19,7 @@ end if utils.is_executable("rnix-lsp") then lspconfig.rnix.setup({ capabilities = capabilities, - on_attach = utils.on_attach, + on_attach = lsp.on_attach, }) end @@ -26,7 +27,7 @@ end if utils.is_executable("pyright") then lspconfig.pyright.setup({ capabilities = capabilities, - on_attach = utils.on_attach, + on_attach = lsp.on_attach, }) end @@ -34,7 +35,7 @@ end if utils.is_executable("rust-analyzer") then lspconfig.rust_analyzer.setup({ capabilities = capabilities, - on_attach = utils.on_attach, + on_attach = lsp.on_attach, }) end EOF diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index 6fc0e25..bec8124 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -1,9 +1,10 @@ lua << EOF local null_ls = require("null-ls") +local lsp = require("ambroisie.lsp") local utils = require("ambroisie.utils") null_ls.setup({ - on_attach = utils.on_attach, + on_attach = lsp.on_attach, }) -- C, C++ From 23c4256769900b9baa21d47b4fda24ff62a3635e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 8 Mar 2022 20:57:28 +0100 Subject: [PATCH 580/654] home: vim: telescope: add LSP handler --- home/vim/default.nix | 1 + home/vim/plugin/settings/telescope.vim | 1 + 2 files changed, 2 insertions(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 0574e38..3561f14 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -84,6 +84,7 @@ in gitsigns-nvim # Fast git UI integration which-key-nvim # Show available mappings telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm + telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface ]; diff --git a/home/vim/plugin/settings/telescope.vim b/home/vim/plugin/settings/telescope.vim index 4f7aeb6..4731b39 100644 --- a/home/vim/plugin/settings/telescope.vim +++ b/home/vim/plugin/settings/telescope.vim @@ -13,4 +13,5 @@ telescope.setup({ }) telescope.load_extension("fzf") +telescope.load_extension("lsp_handlers") EOF From ed24bebc048f47ae174e4fb16e974a6af04e42ba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 9 Mar 2022 12:09:43 +0100 Subject: [PATCH 581/654] home: wm: i3bar: show microphone status --- home/wm/i3bar/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/home/wm/i3bar/default.nix b/home/wm/i3bar/default.nix index a89c6bc..a330134 100644 --- a/home/wm/i3bar/default.nix +++ b/home/wm/i3bar/default.nix @@ -66,6 +66,11 @@ in block = "temperature"; collapsed = false; } + { + block = "sound"; + device_kind = "source"; # Microphone status + format = ""; # Only show icon + } { block = "sound"; show_volume_when_muted = true; From 30c676e20b0b10748a6da683d71f1d339861e11f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 10:08:25 +0100 Subject: [PATCH 582/654] home: vim: sort plugin list --- home/vim/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/vim/default.nix b/home/vim/default.nix index 3561f14..22268d3 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -82,10 +82,10 @@ in # UX improvements dressing-nvim # Integrate native UI hooks with Telescope etc... gitsigns-nvim # Fast git UI integration - which-key-nvim # Show available mappings telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface + which-key-nvim # Show available mappings ]; extraConfig = builtins.readFile ./init.vim; From b8406735bab64b14ab7f9a25b20cccb272d4d64e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:02:01 +0100 Subject: [PATCH 583/654] home: vim: set 'termguicolors' For once, I like the look *with* 24-bit colors better on this current color-scheme. --- home/vim/init.vim | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/vim/init.vim b/home/vim/init.vim index ab5f648..e5e863c 100644 --- a/home/vim/init.vim +++ b/home/vim/init.vim @@ -82,6 +82,8 @@ set background=dark let g:gruvbox_plugin_hi_groups=1 " Include filetype integration let g:gruvbox_filetype_hi_groups=1 +" 24 bit colors +set termguicolors " Use my preferred colorscheme colorscheme gruvbox8 " }}} From 0fd5fb86b197722fb0b3e815bda1713d0fd30839 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:03:18 +0100 Subject: [PATCH 584/654] home: vim: telescope: disable scrolling up --- home/vim/plugin/settings/telescope.vim | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/home/vim/plugin/settings/telescope.vim b/home/vim/plugin/settings/telescope.vim index 4731b39..66c0732 100644 --- a/home/vim/plugin/settings/telescope.vim +++ b/home/vim/plugin/settings/telescope.vim @@ -2,6 +2,14 @@ lua << EOF local telescope = require("telescope") telescope.setup({ + defaults = { + mappings = { + i = { + -- I want the normal readline mappings rather than scrolling + [""] = false, + } + } + }, extensions = { fzf = { fuzzy = true, From 0af000e52e98e6c87bda60839bcc08bd14211d88 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:04:37 +0100 Subject: [PATCH 585/654] home: vim: telescope: add 'which-key' mapping This opens a little preview window with different mappings for telescope. --- home/vim/plugin/settings/telescope.vim | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/plugin/settings/telescope.vim b/home/vim/plugin/settings/telescope.vim index 66c0732..fc2c5fb 100644 --- a/home/vim/plugin/settings/telescope.vim +++ b/home/vim/plugin/settings/telescope.vim @@ -5,6 +5,7 @@ telescope.setup({ defaults = { mappings = { i = { + [""] = "which_key", -- I want the normal readline mappings rather than scrolling [""] = false, } From e32ce32860f5239e95f981e3e8f814bbb73b64ca Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:10:04 +0100 Subject: [PATCH 586/654] home: git: use 'zdiff3' merge conflict markers See GitHub's presentation about this feature [1]. [1]: https://github.blog/2022-01-24-highlights-from-git-2-35/ --- home/git/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/git/default.nix b/home/git/default.nix index 6f4434b..9f59d52 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -120,6 +120,10 @@ in defaultBranch = "main"; }; + merge = { + conflictStyle = "zdiff3"; + }; + pull = { # Avoid useless merge commits rebase = true; From 2690dbf35223d0fb78cd6d5e3c2ac354de2c9dbc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:28:09 +0100 Subject: [PATCH 587/654] overlays: add vim-plugins-overrides --- overlays/default.nix | 2 ++ overlays/vim-plugins-overrides/default.nix | 17 +++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 overlays/vim-plugins-overrides/default.nix diff --git a/overlays/default.nix b/overlays/default.nix index 3f5a246..81692be 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,4 +1,6 @@ { + null-ls-update = import ./vim-plugins-overrides; + sabnzbd-fix-missing-packages = import ./sabnzbd-fix-missing-dependencies; transgui-fix-duplicate-status = import ./transgui-fix-duplicate-status; diff --git a/overlays/vim-plugins-overrides/default.nix b/overlays/vim-plugins-overrides/default.nix new file mode 100644 index 0000000..36c622b --- /dev/null +++ b/overlays/vim-plugins-overrides/default.nix @@ -0,0 +1,17 @@ +final: prev: +let +in +{ + # FIXME: update null-ls + vimPlugins = prev.vimPlugins.extend (self: super: { + null-ls-nvim = super.null-ls-nvim.overrideAttrs (old: { + version = "2022-03-11"; + src = final.fetchFromGitHub { + owner = "jose-elias-alvarez"; + repo = "null-ls.nvim"; + rev = "1ee1da4970b3c94bed0d0250a353bff633901cd1"; + sha256 = "sha256-db9d2djNUCZzxIkycUn8Kcu4TS33w55eWxUn2OzcLas="; + }; + }); + }); +} From 77e53c16439d3bd4a69aaa13399a0eeb9d78ccda Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 11 Mar 2022 14:30:24 +0100 Subject: [PATCH 588/654] home: vim: null-ls: prefer 'pflake8' if available --- home/vim/plugin/settings/null-ls.vim | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/home/vim/plugin/settings/null-ls.vim b/home/vim/plugin/settings/null-ls.vim index bec8124..b2102bd 100644 --- a/home/vim/plugin/settings/null-ls.vim +++ b/home/vim/plugin/settings/null-ls.vim @@ -38,8 +38,14 @@ null_ls.register({ -- Python null_ls.register({ null_ls.builtins.diagnostics.flake8.with({ + -- Only used if available, but prefer pflake8 if available + condition = function() + return utils.is_executable("flake8") and not utils.is_executable("pflake8") + end, + }), + null_ls.builtins.diagnostics.pyproject_flake8.with({ -- Only used if available - condition = utils.is_executable_condition("flake8"), + condition = utils.is_executable_condition("pflake8"), }), null_ls.builtins.diagnostics.mypy.with({ -- Only used if available From 53ad71fb7c6ffeded68be0aba43fcc0a763dcac9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 14 Mar 2022 14:01:36 +0100 Subject: [PATCH 589/654] machines: aramis: hardware: fix trackpoint device My trackpoint, and its buttons, had stopped working a while ago. Before that, I regularly had problems where the cursor jumped around randomly, or the buttons stopped working. This seems to have fixed it. --- machines/aramis/hardware.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/aramis/hardware.nix b/machines/aramis/hardware.nix index 3ca556c..920725a 100644 --- a/machines/aramis/hardware.nix +++ b/machines/aramis/hardware.nix @@ -29,6 +29,8 @@ enable = true; emulateWheel = true; # Holding middle buttons allows scrolling + + device = "TPPS/2 Elan TrackPoint"; # Use the correct device name }; }; } From e551c44748978f256aab11f3935b73bb09cd2e77 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 25 Mar 2022 15:48:46 +0100 Subject: [PATCH 590/654] home: gdb: remove HOME pollution Now that the version in nixpkgs contains the patch to look at XDG_CONFIG_HOME, use only that one. --- home/gdb/default.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/home/gdb/default.nix b/home/gdb/default.nix index f6db2e7..c498048 100644 --- a/home/gdb/default.nix +++ b/home/gdb/default.nix @@ -26,11 +26,7 @@ in gdb ]; - # FIXME: waiting for commit 64aaad6349d2b2c45063a5383f877ce9a3a0c354 xdg.configFile."gdb/gdbinit".source = ./gdbinit; - - # FIXME: remove once `gdb` is updated from version 10.2 - home.file.".gdbinit".source = ./gdbinit; }) (lib.mkIf cfg.rr.enable { From e568b8578187d1fedcd8cfd0600eac6f37804eba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 29 Mar 2022 15:42:19 +0200 Subject: [PATCH 591/654] home: wm: i3: bigger 'htop' window It seems like one cannot use multiple commands in a `for_window` directive. So use two different ones. --- home/wm/i3/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index c92285f..ead5df9 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -370,6 +370,20 @@ in # FIXME # { commdand; always; notification; } ]; + + window = { + commands = [ + # Make htop window bigger + { + criteria = { title = "^htop$"; }; + command = "resize set 80 ppt 80 ppt"; + } + { + criteria = { title = "^htop$"; }; + command = "move position center"; + } + ]; + }; }; }; }; From 2223659681ff13dc46295cc0176f29ea2816aeba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 4 Apr 2022 16:20:55 +0200 Subject: [PATCH 592/654] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index db60e45..577f49c 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1646105662, - "narHash": "sha256-jdXCZbGZL0SWWi29GnAOFHUh/QvvP0IyaVLv1ZTDkBI=", + "lastModified": 1648942457, + "narHash": "sha256-i29Z1t3sVfCNfpp+KAfeExvpqHQSbLO1KWylTtfradU=", "owner": "ryantm", "repo": "agenix", - "rev": "297cd58b418249240b9f1f155d52b1b17f292884", + "rev": "0d5e59ed645e4c7b60174bc6f6aac6a203dc0b01", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1644229661, - "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1646559628, - "narHash": "sha256-WDoqxH/IPTV8CkI15wwzvXYgXq9UPr8xd8WKziuaynw=", + "lastModified": 1648917498, + "narHash": "sha256-fdyVHsP6XeyCk9FRyjV6Wv+7qiOzWxykGXdNixadvyg=", "owner": "nix-community", "repo": "home-manager", - "rev": "afe96e7433c513bf82375d41473c57d1f66b4e68", + "rev": "cfab869fcebc56710be6ec3aca76036b25c04a0d", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1646497237, - "narHash": "sha256-Ccpot1h/rV8MgcngDp5OrdmLTMaUTbStZTR5/sI7zW0=", + "lastModified": 1648632716, + "narHash": "sha256-kCmnDeiaMsdhfnNKjxdOzwRh2H6eQb8yWAL+nNabC/Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "062a0c5437b68f950b081bbfc8a699d57a4ee026", + "rev": "710fed5a2483f945b14f4a58af2cd3676b42d8c8", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1646721260, - "narHash": "sha256-r8ZWtEwiRxLKOtsT2yvU9Rs1oqL/RsSkPkgupXsw1bU=", + "lastModified": 1649075444, + "narHash": "sha256-v5q61SJacHuKgFR5L7ZNwficpnoesvrTERhvmxsTjdg=", "owner": "nix-community", "repo": "NUR", - "rev": "25adb63e9381cb0342cdbe2d2d56266f4974a2c5", + "rev": "3235dcdc349f81b8ff909a51033419f4915df6b8", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1646153636, - "narHash": "sha256-AlWHMzK+xJ1mG267FdT8dCq/HvLCA6jwmx2ZUy5O8tY=", + "lastModified": 1649054408, + "narHash": "sha256-wz8AH7orqUE4Xog29WMTqOYBs0DMj2wFM8ulrTRVgz0=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "b6bc0b21e1617e2b07d8205e7fae7224036dfa4b", + "rev": "e5e7b3b542e7f4f96967966a943d7e1c07558042", "type": "github" }, "original": { From 7ecaa23f0b674956aa24e92c8c1591db706928a8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Apr 2022 20:49:48 +0200 Subject: [PATCH 593/654] modules: services: gitea: add 'mail' configuration --- modules/services/gitea/default.nix | 48 +++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix index 0ece12c..39332c5 100644 --- a/modules/services/gitea/default.nix +++ b/modules/services/gitea/default.nix @@ -12,12 +12,45 @@ in example = 8080; description = "Internal port"; }; + mail = { + enable = mkEnableOption { + description = "mailer configuration"; + }; + host = mkOption { + type = types.str; + example = "smtp.example.com:465"; + description = "Host for the mail account"; + }; + user = mkOption { + type = types.str; + example = "gitea@example.com"; + description = "User for the mail account"; + }; + passwordFile = mkOption { + type = types.str; + example = "/run/secrets/gitea-mail-password.txt"; + description = "Password for the mail account"; + }; + type = mkOption { + type = types.str; + default = "smtp"; + example = "smtp"; + description = "Password for the mail account"; + }; + tls = mkOption { + type = types.bool; + default = true; + example = false; + description = "Use TLS for connection"; + }; + }; }; config = lib.mkIf cfg.enable { services.gitea = let - giteaDomain = "gitea.${config.networking.domain}"; + inherit (config.networking) domain; + giteaDomain = "gitea.${domain}"; in { enable = true; @@ -45,6 +78,19 @@ in # but it produces a single .zip file that's not very backup friendly. # I configure my backup system manually below. dump.enable = false; + + mailerPasswordFile = lib.mkIf cfg.mail.enable cfg.mail.passwordFile; + + settings = { + mailer = lib.mkIf cfg.mail.enable { + ENABLED = true; + HOST = cfg.mail.host; + FROM = cfg.mail.user; + USER = cfg.mail.user; + MAILER_TYPE = cfg.mail.type; + IS_TLS_ENABLED = cfg.mail.tls; + }; + }; }; users.users.git = { From 9b0cc37502e2a87f521276bef2d0aced4e78a809 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Apr 2022 20:53:37 +0200 Subject: [PATCH 594/654] modules: secrets: gitea: add 'mail-password' --- modules/secrets/gitea/mail-password.age | 9 +++++++++ modules/secrets/secrets.nix | 5 +++++ 2 files changed, 14 insertions(+) create mode 100644 modules/secrets/gitea/mail-password.age diff --git a/modules/secrets/gitea/mail-password.age b/modules/secrets/gitea/mail-password.age new file mode 100644 index 0000000..915f8e9 --- /dev/null +++ b/modules/secrets/gitea/mail-password.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> ssh-ed25519 jPowng BkIjie2KrwDLaZYYIguCs7TPA/wQy+YPguikuhfye0M +7viTA/EGYB/jRKQm6fFd86DMd4j+Jxsaw/xQ1T8ZKNo +-> ssh-ed25519 cKojmg t1Y8bZvPccNAX8vWQLTfCyOJIBXN515vyfFrEI2EVww +bJEjpIWrKeQrA/JfY7FRdB6hpHwR/aG4Vya1ChFNBKs +-> jK/-grease Oz.R ?;)G ], +AuHk9TcC9kl0dg8/L6UfHIk3e9fgGwSTJAJpVgInhok +--- 47z9lol5MtpX0IsO/0ggLDMcNVfl4lNNvoHUSwOU/18 +)gЪeu! - TYAM+GbMe@|A,&E!܆p=P=9P!Q|r \ No newline at end of file diff --git a/modules/secrets/secrets.nix b/modules/secrets/secrets.nix index d8e289e..1622d95 100644 --- a/modules/secrets/secrets.nix +++ b/modules/secrets/secrets.nix @@ -18,6 +18,11 @@ in "drone/secret.age".publicKeys = all; "drone/ssh/private-key.age".publicKeys = all; + "gitea/mail-password.age" = { + owner = "git"; + publicKeys = all; + }; + "lohr/secret.age".publicKeys = all; "lohr/ssh-key.age".publicKeys = all; From cb068a42e91d070e86375e1fe7f223e82a1a9904 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 8 Apr 2022 20:54:39 +0200 Subject: [PATCH 595/654] machines: porthos: services: set-up gitea mail --- machines/porthos/services.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 4f3f345..615efd5 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -1,5 +1,5 @@ # Deployed services -{ config, ... }: +{ config, lib, ... }: let secrets = config.age.secrets; in @@ -39,7 +39,15 @@ in enable = true; }; # Gitea forge - gitea.enable = true; + gitea = { + enable = true; + mail = { + enable = true; + host = "smtp.migadu.com:465"; + user = lib.my.mkMailAddress "gitea" "belanyi.fr"; + passwordFile = secrets."gitea/mail-password".path; + }; + }; # Meta-indexers indexers = { prowlarr.enable = true; From b53bcc5307a2cbff413f79b33a1ef79f3971faf4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Apr 2022 15:27:27 +0200 Subject: [PATCH 596/654] machines: aramis: networking: disable DHCP Let NetworkManager take care of it, this avoids the "waiting for dhcpd" message when shutting down my laptop. --- machines/aramis/networking.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/machines/aramis/networking.nix b/machines/aramis/networking.nix index 2759e9c..fbf4c6b 100644 --- a/machines/aramis/networking.nix +++ b/machines/aramis/networking.nix @@ -7,11 +7,6 @@ # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. useDHCP = false; - - interfaces = { - enp0s31f6.useDHCP = true; - wlp0s20f3.useDHCP = true; - }; }; my.hardware.networking = { From b322f09147045eb63596ae08349fea8f74e52c51 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Apr 2022 15:15:18 +0200 Subject: [PATCH 597/654] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 577f49c..2e57b17 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "lastModified": 1649676176, + "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", "owner": "numtide", "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1648917498, - "narHash": "sha256-fdyVHsP6XeyCk9FRyjV6Wv+7qiOzWxykGXdNixadvyg=", + "lastModified": 1649642044, + "narHash": "sha256-V9ZjTJcbDPgWG+H3rIC6XuPHZAPK1VupBbSsuDbptkQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "cfab869fcebc56710be6ec3aca76036b25c04a0d", + "rev": "e39a9d0103e3b2e42059c986a8c633824b96c193", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1648632716, - "narHash": "sha256-kCmnDeiaMsdhfnNKjxdOzwRh2H6eQb8yWAL+nNabC/Y=", + "lastModified": 1649497218, + "narHash": "sha256-groqC9m1P4hpnL6jQvZ3C8NEtduhdkvwGT0+0LUrcYw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "710fed5a2483f945b14f4a58af2cd3676b42d8c8", + "rev": "fd364d268852561223a5ada15caad669fd72800e", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1649075444, - "narHash": "sha256-v5q61SJacHuKgFR5L7ZNwficpnoesvrTERhvmxsTjdg=", + "lastModified": 1649676035, + "narHash": "sha256-GjUAElCJqjZorW2U4q+hSIc/HYw3rKzn68mlyo5+53s=", "owner": "nix-community", "repo": "NUR", - "rev": "3235dcdc349f81b8ff909a51033419f4915df6b8", + "rev": "08069280d424b529b58a48d40fb86b616cae6da4", "type": "github" }, "original": { From c936d2e043f28238ca64607cab8e048194735df7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Apr 2022 15:15:36 +0200 Subject: [PATCH 598/654] home: zsh: use packaged 'agkozak-zsh-prompt' --- home/zsh/default.nix | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 27ea8bc..4d61685 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -35,12 +35,8 @@ in } { name = "agkozak-zsh-prompt"; - src = fetchFromGitHub { - owner = "agkozak"; - repo = "agkozak-zsh-prompt"; - rev = "v3.9.0"; - sha256 = "sha256-VTRL+8ph2eI7iPht15epkLggAgtLGxB3DORFTW5GrhE="; - }; + file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh"; + src = pkgs.agkozak-zsh-prompt; } ]; From 5c6d0cd0325b6f580c853e4a722e4c08c7e9a1ec Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Apr 2022 10:37:40 +0200 Subject: [PATCH 599/654] overlays: remove vim-plugins-overrides --- overlays/default.nix | 2 -- overlays/vim-plugins-overrides/default.nix | 17 ----------------- 2 files changed, 19 deletions(-) delete mode 100644 overlays/vim-plugins-overrides/default.nix diff --git a/overlays/default.nix b/overlays/default.nix index 81692be..3f5a246 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,6 +1,4 @@ { - null-ls-update = import ./vim-plugins-overrides; - sabnzbd-fix-missing-packages = import ./sabnzbd-fix-missing-dependencies; transgui-fix-duplicate-status = import ./transgui-fix-duplicate-status; diff --git a/overlays/vim-plugins-overrides/default.nix b/overlays/vim-plugins-overrides/default.nix deleted file mode 100644 index 36c622b..0000000 --- a/overlays/vim-plugins-overrides/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -final: prev: -let -in -{ - # FIXME: update null-ls - vimPlugins = prev.vimPlugins.extend (self: super: { - null-ls-nvim = super.null-ls-nvim.overrideAttrs (old: { - version = "2022-03-11"; - src = final.fetchFromGitHub { - owner = "jose-elias-alvarez"; - repo = "null-ls.nvim"; - rev = "1ee1da4970b3c94bed0d0250a353bff633901cd1"; - sha256 = "sha256-db9d2djNUCZzxIkycUn8Kcu4TS33w55eWxUn2OzcLas="; - }; - }); - }); -} From 7010ba25f48103f0779dd9b9fb90387818dc70fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Apr 2022 10:43:54 +0200 Subject: [PATCH 600/654] flake: only use subset of systems Turns out pre-commit pulls dotnet in its closure, which is not supported on i686... --- flake.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 3b8c722..d1e5d49 100644 --- a/flake.nix +++ b/flake.nix @@ -65,7 +65,16 @@ , pre-commit-hooks }: let - inherit (futils.lib) eachDefaultSystem; + inherit (futils.lib) eachSystem system; + + mySystems = [ + system.aarch64-darwin + system.aarch64-linux + system.x86_64-darwin + system.x86_64-linux + ]; + + eachMySystem = eachSystem mySystems; lib = nixpkgs.lib.extend (self: super: { my = import ./lib { inherit inputs; pkgs = nixpkgs; lib = self; }; @@ -100,7 +109,7 @@ }; }; in - eachDefaultSystem + eachMySystem (system: let pkgs = nixpkgs.legacyPackages.${system}; From 19aabcf6f512b62363a3291f63c9890759ad4d2e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Apr 2022 17:01:11 +0200 Subject: [PATCH 601/654] home: direnv: add 'postgres' library file --- home/direnv/default.nix | 23 +++++++++++++++++++---- home/direnv/lib/postgres.sh | 22 ++++++++++++++++++++++ 2 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 home/direnv/lib/postgres.sh diff --git a/home/direnv/default.nix b/home/direnv/default.nix index 86409f0..666f572 100644 --- a/home/direnv/default.nix +++ b/home/direnv/default.nix @@ -7,11 +7,26 @@ in enable = mkDisableOption "direnv configuration"; }; - config.programs.direnv = lib.mkIf cfg.enable { - enable = true; - nix-direnv = { - # A better `use_nix` + config = lib.mkIf cfg.enable { + programs.direnv = { enable = true; + nix-direnv = { + # A better `use_nix` + enable = true; + }; }; + + xdg.configFile = + let + libDir = ./lib; + contents = builtins.readDir libDir; + names = lib.attrNames contents; + files = lib.filter (name: contents.${name} == "regular") names; + linkLibFile = name: + lib.nameValuePair + "direnv/lib/${name}" + { source = libDir + "/${name}"; }; + in + lib.my.genAttrs' files linkLibFile; }; } diff --git a/home/direnv/lib/postgres.sh b/home/direnv/lib/postgres.sh new file mode 100644 index 0000000..c2e6a8f --- /dev/null +++ b/home/direnv/lib/postgres.sh @@ -0,0 +1,22 @@ +#shellcheck shell=bash + +layout_postgres() { + if ! has postgres || ! has initdb; then + # shellcheck disable=2016 + log_error 'layout_postgres: `postgres` and `initdb` are not in PATH' + return 1 + fi + + # shellcheck disable=2155 + export PGDATA="$(direnv_layout_dir)/postgres" + export PGHOST="$PGDATA" + + if [[ ! -d "$PGDATA" ]]; then + initdb + cat >> "$PGDATA/postgresql.conf" << EOF +listen_addresses = '' +unix_socket_directories = '$PGHOST' +EOF + echo "CREATE DATABASE $USER;" | postgres --single -E postgres + fi +} From d118351849468bc5159678e5a03274b8c4c5aba4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Apr 2022 17:34:29 +0200 Subject: [PATCH 602/654] home: direnv: add 'python' library file --- home/direnv/lib/python.sh | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 home/direnv/lib/python.sh diff --git a/home/direnv/lib/python.sh b/home/direnv/lib/python.sh new file mode 100644 index 0000000..15a273f --- /dev/null +++ b/home/direnv/lib/python.sh @@ -0,0 +1,25 @@ +#shellcheck shell=bash + +layout_poetry() { + if ! has poetry; then + # shellcheck disable=2016 + log_error 'layout_poetry: `poetry` is not in PATH' + return 1 + fi + + if [[ ! -f pyproject.toml ]]; then + # shellcheck disable=2016 + log_error 'layout_poetry: no pyproject.toml found. Use `poetry new` or `poetry init` to create one first' + return 1 + fi + + # create venv if it doesn't exist + poetry run true + + # shellcheck disable=2155 + export VIRTUAL_ENV=$(poetry env info --path) + export POETRY_ACTIVE=1 + PATH_add "$VIRTUAL_ENV/bin" + watch_file pyproject.toml + watch_file poetry.lock +} From b9361dada469fdb797625bd0e0c55a44ab942f87 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 13 Apr 2022 09:51:13 +0200 Subject: [PATCH 603/654] home: direnv: add 'nix' library file --- home/direnv/lib/nix.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 home/direnv/lib/nix.sh diff --git a/home/direnv/lib/nix.sh b/home/direnv/lib/nix.sh new file mode 100644 index 0000000..9fbd73d --- /dev/null +++ b/home/direnv/lib/nix.sh @@ -0,0 +1,31 @@ +#shellcheck shell=bash + +use_pkgs() { + if ! has nix; then + # shellcheck disable=2016 + log_error 'use_pkgs: `nix` is not in PATH' + return 1 + fi + + local DEFAULT_FLAKE="pkgs" + + # Allow changing the default flake through a command line switch + if [ "$1" = "-f" ] || [ "$1" = "--flake" ]; then + DEFAULT_FLAKE="$2" + shift 2 + fi + + + # Allow specifying a full installable, or just a package name and use the default flake + local packages=() + for pkg; do + if [[ $pkg =~ .*#.* ]]; then + packages+=("$pkg") + else + packages+=("$DEFAULT_FLAKE#$pkg") + fi + done + + # shellcheck disable=2154 + direnv_load nix shell "${packages[@]}" --command "$direnv" dump +} From 6530af39d8a04356300d571f8f278af237af1817 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 13 Apr 2022 10:04:38 +0200 Subject: [PATCH 604/654] home: direnv: allow specifying default flake --- home/direnv/default.nix | 18 ++++++++++++++++-- home/direnv/lib/nix.sh | 3 ++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/home/direnv/default.nix b/home/direnv/default.nix index 666f572..93a1f3b 100644 --- a/home/direnv/default.nix +++ b/home/direnv/default.nix @@ -3,8 +3,18 @@ let cfg = config.my.home.direnv; in { - options.my.home.direnv = with lib.my; { - enable = mkDisableOption "direnv configuration"; + options.my.home.direnv = with lib; { + enable = my.mkDisableOption "direnv configuration"; + + defaultFlake = mkOption { + type = types.str; + default = "pkgs"; + example = "nixpkgs"; + description = '' + Which flake from the registry should be used for + use pkgs by default. + ''; + }; }; config = lib.mkIf cfg.enable { @@ -28,5 +38,9 @@ in { source = libDir + "/${name}"; }; in lib.my.genAttrs' files linkLibFile; + + home.sessionVariables = { + DIRENV_DEFAULT_FLAKE = cfg.defaultFlake; + }; }; } diff --git a/home/direnv/lib/nix.sh b/home/direnv/lib/nix.sh index 9fbd73d..2d40b20 100644 --- a/home/direnv/lib/nix.sh +++ b/home/direnv/lib/nix.sh @@ -7,7 +7,8 @@ use_pkgs() { return 1 fi - local DEFAULT_FLAKE="pkgs" + # Use user-provided default value, or fallback to nixpkgs + local DEFAULT_FLAKE="${DIRENV_DEFAULT_FLAKE:-nixpkgs}" # Allow changing the default flake through a command line switch if [ "$1" = "-f" ] || [ "$1" = "--flake" ]; then From 958cd30b33fa396bb95a60458f83d3079ca237d1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Apr 2022 14:08:57 +0200 Subject: [PATCH 605/654] flake: update from deprecated flake attributes --- flake.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.nix b/flake.nix index d1e5d49..7c98ae2 100644 --- a/flake.nix +++ b/flake.nix @@ -137,15 +137,17 @@ defaultApp = apps.diff-flake; - devShell = pkgs.mkShell { - name = "NixOS-config"; + devShells = { + default = pkgs.mkShell { + name = "NixOS-config"; - nativeBuildInputs = with pkgs; [ - gitAndTools.pre-commit - nixpkgs-fmt - ]; + nativeBuildInputs = with pkgs; [ + gitAndTools.pre-commit + nixpkgs-fmt + ]; - inherit (self.checks.${system}.pre-commit) shellHook; + inherit (self.checks.${system}.pre-commit) shellHook; + }; }; packages = @@ -157,8 +159,6 @@ in finalPackages; }) // { - overlay = self.overlays.pkgs; - overlays = import ./overlays // { lib = final: prev: { inherit lib; }; pkgs = final: prev: { From dd7cb5f08146517efec4fb5dbd0d5d0378cb495e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 18 Apr 2022 14:09:38 +0200 Subject: [PATCH 606/654] flake: bump inputs And ensure that the renamed `paperless` services are configured correctly. --- flake.lock | 18 +++++++++--------- modules/services/paperless/default.nix | 16 ++++++++-------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 2e57b17..e451ddf 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1649642044, - "narHash": "sha256-V9ZjTJcbDPgWG+H3rIC6XuPHZAPK1VupBbSsuDbptkQ=", + "lastModified": 1650234580, + "narHash": "sha256-wTmlRedCrDl+XYJom65GMfI3RgA3eZE/w03lD28Txoc=", "owner": "nix-community", "repo": "home-manager", - "rev": "e39a9d0103e3b2e42059c986a8c633824b96c193", + "rev": "742c6cb3e9d866e095c629162fe5faf519adeb26", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1649497218, - "narHash": "sha256-groqC9m1P4hpnL6jQvZ3C8NEtduhdkvwGT0+0LUrcYw=", + "lastModified": 1650161686, + "narHash": "sha256-70ZWAlOQ9nAZ08OU6WY7n4Ij2kOO199dLfNlvO/+pf8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd364d268852561223a5ada15caad669fd72800e", + "rev": "1ffba9f2f683063c2b14c9f4d12c55ad5f4ed887", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1649676035, - "narHash": "sha256-GjUAElCJqjZorW2U4q+hSIc/HYw3rKzn68mlyo5+53s=", + "lastModified": 1650270687, + "narHash": "sha256-It/SRKKhqjoRzXd40ThUxitZX3e4WD02rb2mlQ7Wc9I=", "owner": "nix-community", "repo": "NUR", - "rev": "08069280d424b529b58a48d40fb86b616cae6da4", + "rev": "43c55bab29a7d002e33cad7148a482f56b6b90b6", "type": "github" }, "original": { diff --git a/modules/services/paperless/default.nix b/modules/services/paperless/default.nix index e9ec6a3..b21efa8 100644 --- a/modules/services/paperless/default.nix +++ b/modules/services/paperless/default.nix @@ -45,7 +45,7 @@ in }; config = lib.mkIf cfg.enable { - services.paperless-ng = { + services.paperless = { enable = true; port = cfg.port; @@ -83,15 +83,15 @@ in }; systemd.services = { - paperless-ng-server.serviceConfig = { + paperless-scheduler.serviceConfig = { EnvironmentFile = cfg.secretKeyFile; }; - paperless-ng-consumer.serviceConfig = { + paperless-consumer.serviceConfig = { EnvironmentFile = cfg.secretKeyFile; }; - paperless-ng-web.serviceConfig = { + paperless-web.serviceConfig = { EnvironmentFile = cfg.secretKeyFile; }; }; @@ -111,13 +111,13 @@ in # Set-up media group users.groups.media = { }; - systemd.services.paperless-ng-server = { + systemd.services.paperless-server = { # Make sure the DB is available after = [ "postgresql.service" ]; }; - users.users.${config.services.paperless-ng.user} = { + users.users.${config.services.paperless.user} = { extraGroups = [ "media" ]; }; @@ -138,8 +138,8 @@ in my.services.backup = { paths = [ - config.services.paperless-ng.dataDir - config.services.paperless-ng.mediaDir + config.services.paperless.dataDir + config.services.paperless.mediaDir ]; }; }; From 80c2c415fb50827efefe2134b89fa1fe547163d0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 20 Apr 2022 13:55:48 +0200 Subject: [PATCH 607/654] home: vim: lualine: use 'FugitiveHead' The built-in `branch` indicator does not handle git worktrees quite correctly. It shows the wrong branch when used in `git commit`. --- home/vim/plugin/settings/lualine.vim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/vim/plugin/settings/lualine.vim b/home/vim/plugin/settings/lualine.vim index 0273c78..93c38bb 100644 --- a/home/vim/plugin/settings/lualine.vim +++ b/home/vim/plugin/settings/lualine.vim @@ -31,7 +31,7 @@ lualine.setup({ { "mode" }, }, lualine_b = { - { "branch" }, + { "FugitiveHead" }, { "filename", symbols = { readonly = "🔒" } }, }, lualine_c = { From e073cc900c63313f5b4d6825c01e0716c6c30fba Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 20 Apr 2022 14:01:00 +0200 Subject: [PATCH 608/654] home: vim: git: map keys on start Instead of mapping those keys when `gitsigns` attaches to a buffer... --- home/vim/plugin/settings/git.vim | 103 +++++++++++++++---------------- 1 file changed, 50 insertions(+), 53 deletions(-) diff --git a/home/vim/plugin/settings/git.vim b/home/vim/plugin/settings/git.vim index 0deba6a..8839fc9 100644 --- a/home/vim/plugin/settings/git.vim +++ b/home/vim/plugin/settings/git.vim @@ -1,5 +1,6 @@ lua << EOF local gitsigns = require('gitsigns') +local wk = require("which-key") gitsigns.setup({ -- I dislike the full-green sign column when this happens @@ -9,58 +10,54 @@ gitsigns.setup({ -- Show the blame quickly delay = 100, }, - - on_attach = function(bufnr) - local wk = require("which-key") - - local keys = { - -- Navigation - ["[c"] = { "&diff ? '[c' : 'Gitsigns prev_hunk'", "Previous hunk/diff", expr = true }, - ["]c"] = { "&diff ? ']c' : 'Gitsigns next_hunk'", "Next hunk/diff", expr = true }, - - - -- Commands - ["g"] = { - name = "Git", - -- Actions - b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, - d = { gitsigns.diffthis, "Diff buffer" }, - D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, - g = { "Git", "Git status" }, - h = { gitsigns.toggle_deleted, "Show deleted hunks" }, - L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, - m = { "(git-messenger)", "Current line blame" }, - p = { gitsigns.preview_hunk, "Preview hunk" }, - r = { gitsigns.reset_hunk, "Restore hunk" }, - R = { gitsigns.reset_buffer, "Restore buffer" }, - s = { gitsigns.stage_hunk, "Stage hunk" }, - S = { gitsigns.stage_buffer, "Stage buffer" }, - u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, - ["["] = { gitsigns.prev_hunk, "Previous hunk" }, - ["]"] = { gitsigns.next_hunk, "Next hunk" }, - }, - } - - local objects = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, - } - - local visual = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, - - -- Only the actual command can make use of the visual selection... - ["g"] = { - name = "Git", - p = { ":Gitsigns preview_hunk", "Preview selection" }, - r = { ":Gitsigns reset_hunk", "Restore selection" }, - s = { ":Gitsigns stage_hunk", "Stage selection" }, - u = { ":Gitsigns undo_stage_hunk", "Undo stage selection" }, - }, - } - - wk.register(keys, { buffer = bufnr }) - wk.register(objects, { buffer = bufnr, mode = "o" }) - wk.register(visual, { buffer = bufnr, mode = "x" }) - end, }) + +local keys = { + -- Navigation + ["[c"] = { "&diff ? '[c' : 'Gitsigns prev_hunk'", "Previous hunk/diff", expr = true }, + ["]c"] = { "&diff ? ']c' : 'Gitsigns next_hunk'", "Next hunk/diff", expr = true }, + + + -- Commands + ["g"] = { + name = "Git", + -- Actions + b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, + d = { gitsigns.diffthis, "Diff buffer" }, + D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, + g = { "Git", "Git status" }, + h = { gitsigns.toggle_deleted, "Show deleted hunks" }, + L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, + m = { "(git-messenger)", "Current line blame" }, + p = { gitsigns.preview_hunk, "Preview hunk" }, + r = { gitsigns.reset_hunk, "Restore hunk" }, + R = { gitsigns.reset_buffer, "Restore buffer" }, + s = { gitsigns.stage_hunk, "Stage hunk" }, + S = { gitsigns.stage_buffer, "Stage buffer" }, + u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, + ["["] = { gitsigns.prev_hunk, "Previous hunk" }, + ["]"] = { gitsigns.next_hunk, "Next hunk" }, + }, +} + +local objects = { + ["ih"] = { gitsigns.select_hunk, "Git hunk" }, +} + +local visual = { + ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + + -- Only the actual command can make use of the visual selection... + ["g"] = { + name = "Git", + p = { ":Gitsigns preview_hunk", "Preview selection" }, + r = { ":Gitsigns reset_hunk", "Restore selection" }, + s = { ":Gitsigns stage_hunk", "Stage selection" }, + u = { ":Gitsigns undo_stage_hunk", "Undo stage selection" }, + }, +} + +wk.register(keys, { buffer = bufnr }) +wk.register(objects, { buffer = bufnr, mode = "o" }) +wk.register(visual, { buffer = bufnr, mode = "x" }) EOF From caf05fbdd87701671fd604f567032be9d529e777 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Apr 2022 11:53:26 +0200 Subject: [PATCH 609/654] profiles: gtk: remove typo --- profiles/gtk/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/gtk/default.nix b/profiles/gtk/default.nix index 61a3edc..a8d6d9a 100644 --- a/profiles/gtk/default.nix +++ b/profiles/gtk/default.nix @@ -4,7 +4,7 @@ let in { options.my.profiles.gtk = with lib; { - enable = mkEnableOption "bluetooth profile"; + enable = mkEnableOption "gtk profile"; }; config = lib.mkIf cfg.enable { From b3662bfe5efd5655aa1df1a0a1a267338490b34f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Apr 2022 11:54:07 +0200 Subject: [PATCH 610/654] home: firefox: tridactyl: add 'Nitter' redirect --- home/firefox/tridactyl/tridactylrc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/firefox/tridactyl/tridactylrc b/home/firefox/tridactyl/tridactylrc index dc59a2e..b5197d3 100644 --- a/home/firefox/tridactyl/tridactylrc +++ b/home/firefox/tridactyl/tridactylrc @@ -65,6 +65,8 @@ unbind " Redirections {{{ " Always redirect Reddit to the old site autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old") +" Use a better Twitter front-end +autocmd DocStart ^http(s?)://twitter.com js tri.excmds.urlmodify("-t", "twitter.com", "nitter.net") " }}} " Disabled websites {{{ From 7df77a7e0c760c4af960db65a6d813dacb2d0404 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Apr 2022 11:56:09 +0200 Subject: [PATCH 611/654] home: firefox: tridactyl: fix comment toggle Ignore javascript event, like the upstream binding. --- home/firefox/tridactyl/tridactylrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/home/firefox/tridactyl/tridactylrc b/home/firefox/tridactyl/tridactylrc index b5197d3..711bf6f 100644 --- a/home/firefox/tridactyl/tridactylrc +++ b/home/firefox/tridactyl/tridactylrc @@ -12,7 +12,7 @@ set editorcmd termite --class tridactyl_editor -e 'vim %f' " Binds {{{ " Reddit et al. {{{ " Toggle comments on Reddit, Hacker News, Lobste.rs -bind ;c hint -c [class*="expand"],[class*="togg"],[class="comment_folder"] +bind ;c hint -Jc [class*="expand"],[class*="togg"],[class="comment_folder"] " Make `gu` take me back to subreddit from comments bindurl reddit.com gu urlparent 3 From 799890ca37ae3a14f344318c387e433d239af121 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 25 Apr 2022 14:31:20 +0200 Subject: [PATCH 612/654] home: vim: lua: lsp: add signature help mapping --- home/vim/lua/ambroisie/lsp.lua | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/lua/ambroisie/lsp.lua b/home/vim/lua/ambroisie/lsp.lua index 27e5e44..af87950 100644 --- a/home/vim/lua/ambroisie/lsp.lua +++ b/home/vim/lua/ambroisie/lsp.lua @@ -54,6 +54,7 @@ M.on_attach = function(client, bufnr) local keys = { K = { vim.lsp.buf.hover, "Show symbol information" }, + [""] = { vim.lsp.buf.signature_help, "Show signature information" }, ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, From c987206bc5e4bf84ea7bfb93a134f435c720ebae Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 25 Apr 2022 15:12:16 +0200 Subject: [PATCH 613/654] modules: hardware: bluetooth: add wireplumber conf Now that `media-session` is deprecated, I should at least replicate this configuration for `wireplumber`. --- modules/hardware/bluetooth/default.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/hardware/bluetooth/default.nix b/modules/hardware/bluetooth/default.nix index ffe0fbe..6aeb7dc 100644 --- a/modules/hardware/bluetooth/default.nix +++ b/modules/hardware/bluetooth/default.nix @@ -25,6 +25,21 @@ in package = pkgs.pulseaudioFull; }; + # FIXME: waiting for NixOS module configuration + environment.etc = { + "wireplumber/bluetooth.lua.d/50-bluez-config.lua".text = '' + bluez_monitor.properties = { + ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" + -- mSBC provides better audio + microphone + ["bluez5.enable-msbc"] = true, + -- SBC XQ provides better audio + ["bluez5.enable-sbc-xq"] = true, + -- Hardware volume control + ["bluez5.enable-hw-volume"] = true, + } + ''; + }; + services.pipewire = { media-session.config.bluez-monitor.rules = [ { From 256c857ac07d7a4a8800be712f36323b400806bf Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Apr 2022 13:55:00 +0200 Subject: [PATCH 614/654] modules: hardware: add firmware --- modules/hardware/default.nix | 1 + modules/hardware/firmware/default.nix | 38 +++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 modules/hardware/firmware/default.nix diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index 9ab5d40..2a686f7 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -5,6 +5,7 @@ imports = [ ./bluetooth ./ergodox + ./firmware ./mx-ergo ./networking ./sound diff --git a/modules/hardware/firmware/default.nix b/modules/hardware/firmware/default.nix new file mode 100644 index 0000000..e899232 --- /dev/null +++ b/modules/hardware/firmware/default.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.hardware.firmware; +in +{ + options.my.hardware.firmware = with lib; { + enable = my.mkDisableOption "firmware configuration"; + + cpuFlavor = mkOption { + type = with types; nullOr (enum [ "intel" "amd" ]); + default = null; + example = "intel"; + description = "Which kind of CPU to activate micro-code updates"; + }; + }; + + config = lib.mkIf cfg.enable (lib.mkMerge [ + { + hardware = { + enableRedistributableFirmware = true; + }; + } + + # Intel CPU + (lib.mkIf (cfg.cpuFlavor == "intel") { + hardware = { + cpu.intel.updateMicrocode = true; + }; + }) + + # AMD CPU + (lib.mkIf (cfg.cpuFlavor == "amd") { + hardware = { + cpu.amd.updateMicrocode = true; + }; + }) + ]); +} From ae64603d548acbade106db6354f17787a8b1d2c3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 27 Apr 2022 13:58:03 +0200 Subject: [PATCH 615/654] machines: aramis: hardware: use 'hardware' module --- machines/aramis/hardware.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/machines/aramis/hardware.nix b/machines/aramis/hardware.nix index 920725a..c66b426 100644 --- a/machines/aramis/hardware.nix +++ b/machines/aramis/hardware.nix @@ -22,9 +22,13 @@ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware = { - cpu.intel.updateMicrocode = true; + my.hardware = { + firmware = { + cpuFlavor = "intel"; + }; + }; + hardware = { trackpoint = { enable = true; From d67c53a2786c4f2ad9e7bb693c12da27b1447db2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Apr 2022 13:45:55 +0200 Subject: [PATCH 616/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index e451ddf..d6585f4 100644 --- a/flake.lock +++ b/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1650234580, - "narHash": "sha256-wTmlRedCrDl+XYJom65GMfI3RgA3eZE/w03lD28Txoc=", + "lastModified": 1651007090, + "narHash": "sha256-C/OoQRzTUOWEr1sd3xTKA2GudA1YG1XB3MlL6KfTchg=", "owner": "nix-community", "repo": "home-manager", - "rev": "742c6cb3e9d866e095c629162fe5faf519adeb26", + "rev": "778af87a981eb2bfa3566dff8c3fb510856329ef", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1650161686, - "narHash": "sha256-70ZWAlOQ9nAZ08OU6WY7n4Ij2kOO199dLfNlvO/+pf8=", + "lastModified": 1651007983, + "narHash": "sha256-GNay7yDPtLcRcKCNHldug85AhAvBpTtPEJWSSDYBw8U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1ffba9f2f683063c2b14c9f4d12c55ad5f4ed887", + "rev": "e10da1c7f542515b609f8dfbcf788f3d85b14936", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1650270687, - "narHash": "sha256-It/SRKKhqjoRzXd40ThUxitZX3e4WD02rb2mlQ7Wc9I=", + "lastModified": 1651129914, + "narHash": "sha256-ZSqfvVdElD0yYRulscin6KAcELP0sw9sSIayaU9f3Mg=", "owner": "nix-community", "repo": "NUR", - "rev": "43c55bab29a7d002e33cad7148a482f56b6b90b6", + "rev": "3d4ba9a73109e240129ca6e36cb6b9654ef49389", "type": "github" }, "original": { From c54bbbfbec0529885fda19d01598560c6109633b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 2 May 2022 11:18:23 +0200 Subject: [PATCH 617/654] modules: hardware: bluetooth: remove wireplumber This configuration file completely breaks my sound setup. Will investigate more at a later time, in the mean time, since this is basically the default options, I will just remove the configuration file. This reverts commit c987206bc5e4bf84ea7bfb93a134f435c720ebae. --- modules/hardware/bluetooth/default.nix | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/modules/hardware/bluetooth/default.nix b/modules/hardware/bluetooth/default.nix index 6aeb7dc..ffe0fbe 100644 --- a/modules/hardware/bluetooth/default.nix +++ b/modules/hardware/bluetooth/default.nix @@ -25,21 +25,6 @@ in package = pkgs.pulseaudioFull; }; - # FIXME: waiting for NixOS module configuration - environment.etc = { - "wireplumber/bluetooth.lua.d/50-bluez-config.lua".text = '' - bluez_monitor.properties = { - ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" - -- mSBC provides better audio + microphone - ["bluez5.enable-msbc"] = true, - -- SBC XQ provides better audio - ["bluez5.enable-sbc-xq"] = true, - -- Hardware volume control - ["bluez5.enable-hw-volume"] = true, - } - ''; - }; - services.pipewire = { media-session.config.bluez-monitor.rules = [ { From 9616c5cce7682db495ea24235aba137d5c2af9fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 3 May 2022 10:01:39 +0200 Subject: [PATCH 618/654] home: wm: i3: simplify 'htop' rule Turns out you can chain commands with `,` in a `for_window` statement. Of course this is inconsistent with `bindsym` which uses `;`... --- home/wm/i3/default.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/home/wm/i3/default.nix b/home/wm/i3/default.nix index ead5df9..57235ef 100644 --- a/home/wm/i3/default.nix +++ b/home/wm/i3/default.nix @@ -376,11 +376,7 @@ in # Make htop window bigger { criteria = { title = "^htop$"; }; - command = "resize set 80 ppt 80 ppt"; - } - { - criteria = { title = "^htop$"; }; - command = "move position center"; + command = "resize set 80 ppt 80 ppt, move position center"; } ]; }; From 522cc99c0352503e439e3a20377fffe7c5390650 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 10 May 2022 13:51:47 +0200 Subject: [PATCH 619/654] home: packages: remove 'rr' No need for this, now that I have a dedicated option for the package. --- home/packages/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/home/packages/default.nix b/home/packages/default.nix index 434cb0d..84c1253 100644 --- a/home/packages/default.nix +++ b/home/packages/default.nix @@ -22,7 +22,6 @@ in file mosh ripgrep - rr termite.terminfo ] ++ cfg.additionalPackages); } From d4c4349cdb071a62c5344de20a453829a1a604f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 15 May 2022 17:13:30 +0200 Subject: [PATCH 620/654] pkgs: dragger: fix meta information --- pkgs/dragger/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/dragger/default.nix b/pkgs/dragger/default.nix index cd0d453..e535944 100644 --- a/pkgs/dragger/default.nix +++ b/pkgs/dragger/default.nix @@ -23,7 +23,7 @@ qt5.mkDerivation rec { description = "A CLI drag-and-drop tool"; homepage = "https://gitea.belanyi.fr/ambroisie/dragger"; license = licenses.mit; - maintainers = [ ambroisie ]; + maintainers = with maintainers; [ ambroisie ]; platforms = platforms.linux; }; } From 1fa47793e899bb260b73d7b2c01c724a8713391a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 19 May 2022 14:53:05 +0200 Subject: [PATCH 621/654] home: vim: completion: activate 'ghost_text' I'm still thinking whether I would want to use one of those signature helper windows to go with this/replace this feature. Could be especially useful in C++. --- home/vim/plugin/settings/completion.vim | 3 +++ 1 file changed, 3 insertions(+) diff --git a/home/vim/plugin/settings/completion.vim b/home/vim/plugin/settings/completion.vim index 9a3d7e6..43f6795 100644 --- a/home/vim/plugin/settings/completion.vim +++ b/home/vim/plugin/settings/completion.vim @@ -57,5 +57,8 @@ cmp.setup({ cmp.config.compare.order, }, }, + experimental = { + ghost_text = true, + }, }) EOF From 46bc5cb3926bcbccededf27f9ffd394c8bc69499 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 23 May 2022 11:07:05 +0200 Subject: [PATCH 622/654] pkgs: unified-hosts-lists: 3.9.11 -> 3.10.1 --- pkgs/unified-hosts-lists/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/unified-hosts-lists/default.nix b/pkgs/unified-hosts-lists/default.nix index 4b0e0c6..61ac0c4 100644 --- a/pkgs/unified-hosts-lists/default.nix +++ b/pkgs/unified-hosts-lists/default.nix @@ -1,13 +1,13 @@ { lib, fetchFromGitHub, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "unified-hosts-lists"; - version = "3.9.11"; + version = "3.10.1"; src = fetchFromGitHub { owner = "StevenBlack"; repo = "hosts"; rev = version; - sha256 = "sha256-JFz6M0Mkwoby7I6LLWx0QfvZMzwET2FEQ1OGKQnFfho="; + sha256 = "sha256-PFKKYtssjAJGrP3AQE32ZJGlxwxnFa0vUTpCn94fCFI="; }; dontUnpack = true; From db3950eb3ad9733e9d06e2e1318013d64085a8ab Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 23 May 2022 15:46:07 +0200 Subject: [PATCH 623/654] flake: bump inputs --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index d6585f4..6c36ed1 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1648942457, - "narHash": "sha256-i29Z1t3sVfCNfpp+KAfeExvpqHQSbLO1KWylTtfradU=", + "lastModified": 1652712410, + "narHash": "sha256-hMJ2TqLt0DleEnQFGUHK9sV2aAzJPU8pZeiZoqRozbE=", "owner": "ryantm", "repo": "agenix", - "rev": "0d5e59ed645e4c7b60174bc6f6aac6a203dc0b01", + "rev": "7e5e58b98c3dcbf497543ff6f22591552ebfe65b", "type": "github" }, "original": { @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1649676176, - "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "lastModified": 1652776076, + "narHash": "sha256-gzTw/v1vj4dOVbpBSJX4J0DwUR6LIyXo7/SuuTJp1kM=", "owner": "numtide", "repo": "flake-utils", - "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "rev": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1651007090, - "narHash": "sha256-C/OoQRzTUOWEr1sd3xTKA2GudA1YG1XB3MlL6KfTchg=", + "lastModified": 1653153149, + "narHash": "sha256-8B/tWWZziFq4DqnAm9uO7M4Z4PNfllYg5+teX1e5yDQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "778af87a981eb2bfa3566dff8c3fb510856329ef", + "rev": "94780dd888881bf35165dfdd334a57ef6b14ead8", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1651007983, - "narHash": "sha256-GNay7yDPtLcRcKCNHldug85AhAvBpTtPEJWSSDYBw8U=", + "lastModified": 1653060744, + "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e10da1c7f542515b609f8dfbcf788f3d85b14936", + "rev": "dfd82985c273aac6eced03625f454b334daae2e8", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1651129914, - "narHash": "sha256-ZSqfvVdElD0yYRulscin6KAcELP0sw9sSIayaU9f3Mg=", + "lastModified": 1653301395, + "narHash": "sha256-T/RZd2MLugtJtZwXOSSwUIQdf2R95j8mj9LxGvKnvnM=", "owner": "nix-community", "repo": "NUR", - "rev": "3d4ba9a73109e240129ca6e36cb6b9654ef49389", + "rev": "2d836739ddb17a69e865c3cc2ca21d3a8bf5db78", "type": "github" }, "original": { @@ -100,11 +100,11 @@ ] }, "locked": { - "lastModified": 1649054408, - "narHash": "sha256-wz8AH7orqUE4Xog29WMTqOYBs0DMj2wFM8ulrTRVgz0=", + "lastModified": 1652714503, + "narHash": "sha256-qQKVEfDe5FqvGgkZtg5Pc491foeiDPIOeycHMqnPDps=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "e5e7b3b542e7f4f96967966a943d7e1c07558042", + "rev": "521a524771a8e93caddaa0ac1d67d03766a8b0b3", "type": "github" }, "original": { From 81df59c95fd4d70a9cbf7d78bca6c869c3f9194b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 23 May 2022 15:49:15 +0200 Subject: [PATCH 624/654] modules: services: nextcloud: bump to 24 --- modules/services/nextcloud/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/nextcloud/default.nix b/modules/services/nextcloud/default.nix index 976d21f..f2d5484 100644 --- a/modules/services/nextcloud/default.nix +++ b/modules/services/nextcloud/default.nix @@ -31,7 +31,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud23; + package = pkgs.nextcloud24; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; From b2be415b15ab465184d441afa30ad688be8f0543 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 11:06:58 +0200 Subject: [PATCH 625/654] overlays: remove 'transgui-fix-duplicate-status' It has been patched in upstream nixpkgs. --- overlays/default.nix | 2 -- overlays/transgui-fix-duplicate-status/default.nix | 11 ----------- 2 files changed, 13 deletions(-) delete mode 100644 overlays/transgui-fix-duplicate-status/default.nix diff --git a/overlays/default.nix b/overlays/default.nix index 3f5a246..6ea1d4d 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,5 +1,3 @@ { sabnzbd-fix-missing-packages = import ./sabnzbd-fix-missing-dependencies; - - transgui-fix-duplicate-status = import ./transgui-fix-duplicate-status; } diff --git a/overlays/transgui-fix-duplicate-status/default.nix b/overlays/transgui-fix-duplicate-status/default.nix deleted file mode 100644 index 85036ce..0000000 --- a/overlays/transgui-fix-duplicate-status/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -final: prev: -{ - transgui = prev.transgui.overrideAttrs (oldAttrs: { - patches = (oldAttrs.patches or [ ]) ++ [ - (final.fetchpatch { - url = "https://patch-diff.githubusercontent.com/raw/transmission-remote-gui/transgui/pull/1354.patch"; - sha256 = "sha256-Q4DAduqnTtNI0Zw9NIWpE8L0G8RusvPbZ3iW29k7XXA="; - }) - ]; - }); -} From 609cd320018563c6a74c0637a4e30cae4a8c20e1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 11:07:32 +0200 Subject: [PATCH 626/654] overlays: remove 'sabnzbd-fix-missing-packages' The upstream nixpkgs version has been fixed. --- overlays/default.nix | 2 +- .../default.nix | 4 -- .../sabnzbd.nix | 60 ------------------- 3 files changed, 1 insertion(+), 65 deletions(-) delete mode 100644 overlays/sabnzbd-fix-missing-dependencies/default.nix delete mode 100644 overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix diff --git a/overlays/default.nix b/overlays/default.nix index 6ea1d4d..7984ac0 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,3 +1,3 @@ { - sabnzbd-fix-missing-packages = import ./sabnzbd-fix-missing-dependencies; + # NOTE: no overlays at the moment } diff --git a/overlays/sabnzbd-fix-missing-dependencies/default.nix b/overlays/sabnzbd-fix-missing-dependencies/default.nix deleted file mode 100644 index e2e8eec..0000000 --- a/overlays/sabnzbd-fix-missing-dependencies/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -final: prev: -{ - sabnzbd = final.callPackage ./sabnzbd.nix { }; -} diff --git a/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix b/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix deleted file mode 100644 index 3da9b28..0000000 --- a/overlays/sabnzbd-fix-missing-dependencies/sabnzbd.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -, python3 -, par2cmdline -, unzip -, unrar -, p7zip -, makeWrapper -}: - -let - pythonEnv = python3.withPackages (ps: with ps; [ - chardet - cheetah3 - cherrypy - configobj - cryptography - feedparser - guessit - puremagic - sabyenc3 - ]); - path = lib.makeBinPath [ par2cmdline unrar unzip p7zip ]; -in -stdenv.mkDerivation rec { - version = "3.4.0"; - pname = "sabnzbd"; - - src = fetchFromGitHub { - owner = pname; - repo = pname; - rev = version; - sha256 = "sha256-zax+PuvCmYOlEhRmiCp7UOd9VI0i8dbgTPyTtqLuGUM="; - }; - - nativeBuildInputs = [ makeWrapper ]; - buildInputs = [ pythonEnv ]; - - installPhase = '' - runHook preInstall - - mkdir -p $out - cp -R * $out/ - mkdir $out/bin - echo "${pythonEnv}/bin/python $out/SABnzbd.py \$*" > $out/bin/sabnzbd - chmod +x $out/bin/sabnzbd - wrapProgram $out/bin/sabnzbd --set PATH ${path} - - runHook postInstall - ''; - - meta = with lib; { - description = "Usenet NZB downloader, par2 repairer and auto extracting server"; - homepage = "https://sabnzbd.org"; - license = licenses.gpl2Plus; - platforms = platforms.linux; - maintainers = with lib.maintainers; [ fridh ]; - }; -} From 11c53b4b1eaeb4abf520e189c7e064574b9bbb34 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 13:41:42 +0200 Subject: [PATCH 627/654] flake: use new default app convention --- flake.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 7c98ae2..45b407d 100644 --- a/flake.nix +++ b/flake.nix @@ -117,6 +117,7 @@ rec { apps = { diff-flake = futils.lib.mkApp { drv = packages.diff-flake; }; + default = apps.diff-flake; }; checks = { @@ -135,8 +136,6 @@ }; }; - defaultApp = apps.diff-flake; - devShells = { default = pkgs.mkShell { name = "NixOS-config"; From 473c002c6e0c96a3d254b2ac64c603caed61991d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 13:42:57 +0200 Subject: [PATCH 628/654] pkgs: diff-flake: 0.1.0 -> 0.2.0 Use the new flake attributes conventions. --- pkgs/diff-flake/default.nix | 2 +- pkgs/diff-flake/diff-flake | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/diff-flake/default.nix b/pkgs/diff-flake/default.nix index c085e67..70c0fbb 100644 --- a/pkgs/diff-flake/default.nix +++ b/pkgs/diff-flake/default.nix @@ -1,7 +1,7 @@ { lib, coreutils, git, gnused, makeWrapper, shellcheck, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "diff-flake"; - version = "0.1.0"; + version = "0.2.0"; src = ./diff-flake; diff --git a/pkgs/diff-flake/diff-flake b/pkgs/diff-flake/diff-flake index ef03122..7c106c1 100755 --- a/pkgs/diff-flake/diff-flake +++ b/pkgs/diff-flake/diff-flake @@ -28,7 +28,7 @@ add_shell() { SYSTEM="$(nix eval --raw --impure --expr 'builtins.currentSystem')" fi # Use 'inputDerivation' attribute to make sure that it is build-able - FLAKE_OUTPUTS+=("devShell.$SYSTEM.inputDerivation") + FLAKE_OUTPUTS+=("devShells.$SYSTEM.default.inputDerivation") } add_host() { From e03e3d674b2af2053a3ee10ed0f8fc35c0376435 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 13:48:18 +0200 Subject: [PATCH 629/654] flake: bump inputs --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 6c36ed1..56ca74f 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1652776076, - "narHash": "sha256-gzTw/v1vj4dOVbpBSJX4J0DwUR6LIyXo7/SuuTJp1kM=", + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", "type": "github" }, "original": { @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1653153149, - "narHash": "sha256-8B/tWWZziFq4DqnAm9uO7M4Z4PNfllYg5+teX1e5yDQ=", + "lastModified": 1653943687, + "narHash": "sha256-xXW9t24HLf89+n/92kOqRRfOBE3KDna+9rAOefs5WSQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "94780dd888881bf35165dfdd334a57ef6b14ead8", + "rev": "8f3e26705178cc8c1d982d37d881fc0d5b5b1837", "type": "github" }, "original": { @@ -60,11 +60,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653060744, - "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", + "lastModified": 1653845079, + "narHash": "sha256-7ghaQZ+7JXLI9FgNH8+RQHAt3/ubT92j8NtjZleP6t4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dfd82985c273aac6eced03625f454b334daae2e8", + "rev": "b62ada430501de88dfbb08cea4eb98ead3a5e3e7", "type": "github" }, "original": { @@ -76,11 +76,11 @@ }, "nur": { "locked": { - "lastModified": 1653301395, - "narHash": "sha256-T/RZd2MLugtJtZwXOSSwUIQdf2R95j8mj9LxGvKnvnM=", + "lastModified": 1653970042, + "narHash": "sha256-EcphYipFvqkFV9PrWUUz034G7WQHZwYVwzGiyU5384A=", "owner": "nix-community", "repo": "NUR", - "rev": "2d836739ddb17a69e865c3cc2ca21d3a8bf5db78", + "rev": "83f9a7c7287210b20da844b1ccd7c79cb696f51e", "type": "github" }, "original": { From 55a40a80b7d67671386888050860b8cedbf76635 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 13:50:27 +0200 Subject: [PATCH 630/654] machines: aramis: home: add 'element-desktop' It's less buggy than the web version... --- machines/aramis/home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/machines/aramis/home.nix b/machines/aramis/home.nix index 1c816a7..760174f 100644 --- a/machines/aramis/home.nix +++ b/machines/aramis/home.nix @@ -13,6 +13,7 @@ gpg.pinentry = "gtk2"; # Machine specific packages packages.additionalPackages = with pkgs; [ + element-desktop # Matrix client jellyfin-media-player # Wraps the webui and mpv together pavucontrol # Audio mixer GUI quasselClient # IRC client From 70fca2d19b0bf7a0c1163b6f581c41bbbd4e47fc Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 31 May 2022 13:54:34 +0200 Subject: [PATCH 631/654] modules: services: lohr: add 'openssh' The git binary is not wrapped to add it in PATH anymore. --- modules/services/lohr/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/services/lohr/default.nix b/modules/services/lohr/default.nix index af218ac..f43bc40 100644 --- a/modules/services/lohr/default.nix +++ b/modules/services/lohr/default.nix @@ -88,6 +88,7 @@ in }; path = with pkgs; [ git + openssh ]; }; From e81af8b3bc77d5fd32f1e5a8a4fbbbae07b6b52f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 10 Jun 2022 10:21:47 +0200 Subject: [PATCH 632/654] home: vim: ftdetect: add tiger --- home/vim/ftdetect/tiger.vim | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 home/vim/ftdetect/tiger.vim diff --git a/home/vim/ftdetect/tiger.vim b/home/vim/ftdetect/tiger.vim new file mode 100644 index 0000000..d474fd7 --- /dev/null +++ b/home/vim/ftdetect/tiger.vim @@ -0,0 +1,3 @@ +" Use Tiger filetype for programs and header files +au BufNewFile,BufRead *.tig setfiletype tiger +au BufNewFile,BufRead *.tih setfiletype tiger From b5873230950e9d4dfcc4900db1e60db4ff3dacc7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 10 Jun 2022 16:19:44 +0200 Subject: [PATCH 633/654] home: migrate 'cursor' module to new option Make it part of 'home.wm' now, since that makes more sense. Not sure about making it related to 'i3' being activated though, will need to think about this in the future. --- home/wm/cursor/default.nix | 23 +++++++++++++++++++++++ home/wm/default.nix | 5 +++++ home/x/cursor/default.nix | 12 ------------ home/x/default.nix | 1 - 4 files changed, 28 insertions(+), 13 deletions(-) create mode 100644 home/wm/cursor/default.nix delete mode 100644 home/x/cursor/default.nix diff --git a/home/wm/cursor/default.nix b/home/wm/cursor/default.nix new file mode 100644 index 0000000..9426232 --- /dev/null +++ b/home/wm/cursor/default.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.my.home.wm.cursor; + + cfg_x = config.my.home.x; + cfg_gtk = config.my.home.gtk; +in +{ + config = lib.mkIf cfg.enable { + home.pointerCursor = { + package = pkgs.ambroisie.vimix-cursors; + name = "Vimix-cursors"; + + x11 = { + inherit (cfg_x) enable; + }; + + gtk = { + inherit (cfg_gtk) enable; + }; + }; + }; +} diff --git a/home/wm/default.nix b/home/wm/default.nix index 1d5a371..fb9ecee 100644 --- a/home/wm/default.nix +++ b/home/wm/default.nix @@ -10,6 +10,7 @@ let in { imports = [ + ./cursor ./dunst ./i3 ./i3bar @@ -25,6 +26,10 @@ in description = "Which window manager to use for home session"; }; + cursor = { + enable = mkRelatedOption "dunst configuration" [ "i3" ]; + }; + dunst = { enable = mkRelatedOption "dunst configuration" [ "i3" ]; }; diff --git a/home/x/cursor/default.nix b/home/x/cursor/default.nix deleted file mode 100644 index 4762199..0000000 --- a/home/x/cursor/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.my.home.x; -in -{ - config = lib.mkIf cfg.enable { - xsession.pointerCursor = { - package = pkgs.ambroisie.vimix-cursors; - name = "Vimix-cursors"; - }; - }; -} diff --git a/home/x/default.nix b/home/x/default.nix index ac66a50..0312bc4 100644 --- a/home/x/default.nix +++ b/home/x/default.nix @@ -4,7 +4,6 @@ let in { imports = [ - ./cursor ./keyboard ]; From 62b059ba0e6f8fbc9686e87beb1abb657c1c13a8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 15 Jun 2022 11:26:44 +0200 Subject: [PATCH 634/654] pkgs: drone-scp: 1.6.2 -> 1.6.3 --- pkgs/drone-scp/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/drone-scp/default.nix b/pkgs/drone-scp/default.nix index 863befd..0b51032 100644 --- a/pkgs/drone-scp/default.nix +++ b/pkgs/drone-scp/default.nix @@ -1,16 +1,16 @@ { lib, buildGoModule, fetchFromGitHub }: buildGoModule rec { pname = "drone-scp"; - version = "1.6.2"; + version = "1.6.3"; src = fetchFromGitHub { owner = "appleboy"; repo = "drone-scp"; rev = "v${version}"; - sha256 = "sha256-PNy1HA2qW4RY/VRHhuj/tIrdTuB7COr0Cuzurku+DZw="; + sha256 = "sha256-ELjPqoRR4O6gmc/PgthQuSXuSTQNzBZoAUT80zVVbV0="; }; - vendorSha256 = "sha256-7Aro6g3Tka0Cbi9LpqvKpQXlbxnHQWsMOkkNpENKh0U="; + vendorSha256 = "sha256-/c103hTJ/Qdz2KTkdl/ACvAaSSTKcl1DQY3+Us6OxaI="; doCheck = false; # Needs a specific user... From 22fe2778cb22f572fdbbed4eb5a8ca95089ff78f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 14 Jun 2022 16:03:40 +0200 Subject: [PATCH 635/654] home: vim: add 'tiger' file-type configuration --- home/vim/after/ftplugin/tiger.vim | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 home/vim/after/ftplugin/tiger.vim diff --git a/home/vim/after/ftplugin/tiger.vim b/home/vim/after/ftplugin/tiger.vim new file mode 100644 index 0000000..81c2cfc --- /dev/null +++ b/home/vim/after/ftplugin/tiger.vim @@ -0,0 +1,6 @@ +" Create the `b:undo_ftplugin` variable if it doesn't exist +call ftplugined#check_undo_ft() + +" Use a small indentation value on tiger files +setlocal shiftwidth=2 +let b:undo_ftplugin.='|setlocal shiftwidth<' From 56dcf94ba02255bce9fca42b444cd67278fdf5ef Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 20 Jun 2022 14:34:34 +0200 Subject: [PATCH 636/654] pkgs: add drone-rsync A very simple wrapper script that I will migrate to, since 'drone-scp' does not work for me anymore. --- pkgs/default.nix | 2 ++ pkgs/drone-rsync/default.nix | 43 ++++++++++++++++++++++++++++++++++++ pkgs/drone-rsync/drone-rsync | 31 ++++++++++++++++++++++++++ 3 files changed, 76 insertions(+) create mode 100644 pkgs/drone-rsync/default.nix create mode 100755 pkgs/drone-rsync/drone-rsync diff --git a/pkgs/default.nix b/pkgs/default.nix index af39384..5d4e3d8 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -12,6 +12,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { dragger = pkgs.callPackage ./dragger { }; + drone-rsync = pkgs.callPackage ./drone-rsync { }; + drone-scp = pkgs.callPackage ./drone-scp { }; ff2mpv-go = pkgs.callPackage ./ff2mpv-go { }; diff --git a/pkgs/drone-rsync/default.nix b/pkgs/drone-rsync/default.nix new file mode 100644 index 0000000..16bc9e3 --- /dev/null +++ b/pkgs/drone-rsync/default.nix @@ -0,0 +1,43 @@ +{ lib, makeWrapper, openssh, rsync, shellcheck, sshpass, stdenvNoCC }: +stdenvNoCC.mkDerivation rec { + pname = "drone-rsync"; + version = "0.1.0"; + + src = ./drone-rsync; + + buildInputs = [ + makeWrapper + shellcheck + ]; + + dontUnpack = true; + + buildPhase = '' + shellcheck $src + ''; + + installPhase = '' + mkdir -p $out/bin + cp $src $out/bin/${pname} + chmod a+x $out/bin/${pname} + ''; + + wrapperPath = lib.makeBinPath [ + openssh + rsync + sshpass + ]; + + fixupPhase = '' + patchShebangs $out/bin/${pname} + wrapProgram $out/bin/${pname} --prefix PATH : "${wrapperPath}" + ''; + + meta = with lib; { + description = "Helper script to run rsync in a CI pipeline"; + homepage = "https://gitea.belanyi.fr/ambroisie/nix-config"; + license = with licenses; [ mit ]; + platforms = platforms.unix; + maintainers = with maintainers; [ ambroisie ]; + }; +} diff --git a/pkgs/drone-rsync/drone-rsync b/pkgs/drone-rsync/drone-rsync new file mode 100755 index 0000000..b6491e7 --- /dev/null +++ b/pkgs/drone-rsync/drone-rsync @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +set -euo pipefail + +ARGS=( + # Show readable progress in log + --verbose + --human-readable + --progress + # Have a one-to-one copy + --archive + --compress + --recursive + --delete + # Configure ssh client + --rsh "ssh -p ${SYNC_PORT:-22} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" +) + +eval "$(ssh-agent)" +SSHPASS="${SYNC_PASSPHRASE:-}" sshpass -P 'passphrase' -v -e ssh-add <(echo "${SYNC_KEY}") + +if [ -n "${SYNC_DRY_RUN:-}" ]; then + ARGS+=(--dry-run) +fi + +# shellcheck disable=2086 +# FIXME: have a safer way to allow globbing the source +rsync \ + "${ARGS[@]}" \ + ${SYNC_SOURCE} \ + "${SYNC_USERNAME}@${SYNC_HOST}:${SYNC_TARGET}" From abc67487a37eac8bc96a64052eeeacaaa4ddd859 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Jun 2022 13:50:47 +0200 Subject: [PATCH 637/654] pkgs: remove 'shellcheck' as a 'buildPhase' I already verify those scripts with my pre-commit hook. And that way avoid spurious build failures in case a (transitive) dependency is broken. --- pkgs/bw-pass/default.nix | 7 ++----- pkgs/change-audio/default.nix | 7 ++----- pkgs/change-backlight/default.nix | 7 ++----- pkgs/comma/default.nix | 7 ++----- pkgs/diff-flake/default.nix | 7 ++----- pkgs/drone-rsync/default.nix | 7 ++----- pkgs/i3-get-window-criteria/default.nix | 7 ++----- 7 files changed, 14 insertions(+), 35 deletions(-) diff --git a/pkgs/bw-pass/default.nix b/pkgs/bw-pass/default.nix index b11e7ea..fcd9d08 100644 --- a/pkgs/bw-pass/default.nix +++ b/pkgs/bw-pass/default.nix @@ -1,4 +1,4 @@ -{ lib, bitwarden-cli, coreutils, jq, keyutils, makeWrapper, rofi, shellcheck, stdenvNoCC }: +{ lib, bitwarden-cli, coreutils, jq, keyutils, makeWrapper, rofi, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "bw-pass"; version = "0.1.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/change-audio/default.nix b/pkgs/change-audio/default.nix index d2e76b0..3b3359d 100644 --- a/pkgs/change-audio/default.nix +++ b/pkgs/change-audio/default.nix @@ -1,4 +1,4 @@ -{ lib, libnotify, makeWrapper, pamixer, shellcheck, stdenvNoCC }: +{ lib, libnotify, makeWrapper, pamixer, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-audio"; version = "0.3.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/change-backlight/default.nix b/pkgs/change-backlight/default.nix index 799c814..83ba2fe 100644 --- a/pkgs/change-backlight/default.nix +++ b/pkgs/change-backlight/default.nix @@ -1,4 +1,4 @@ -{ lib, brightnessctl, libnotify, makeWrapper, shellcheck, stdenvNoCC }: +{ lib, brightnessctl, libnotify, makeWrapper, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "change-backlight"; version = "0.1.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/comma/default.nix b/pkgs/comma/default.nix index 1c10eb2..d61c884 100644 --- a/pkgs/comma/default.nix +++ b/pkgs/comma/default.nix @@ -1,4 +1,4 @@ -{ lib, fzf, makeWrapper, nix-index, shellcheck, stdenvNoCC }: +{ lib, fzf, makeWrapper, nix-index, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "comma"; version = "0.1.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/diff-flake/default.nix b/pkgs/diff-flake/default.nix index 70c0fbb..39e8921 100644 --- a/pkgs/diff-flake/default.nix +++ b/pkgs/diff-flake/default.nix @@ -1,4 +1,4 @@ -{ lib, coreutils, git, gnused, makeWrapper, shellcheck, stdenvNoCC }: +{ lib, coreutils, git, gnused, makeWrapper, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "diff-flake"; version = "0.2.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/drone-rsync/default.nix b/pkgs/drone-rsync/default.nix index 16bc9e3..cb70fed 100644 --- a/pkgs/drone-rsync/default.nix +++ b/pkgs/drone-rsync/default.nix @@ -1,4 +1,4 @@ -{ lib, makeWrapper, openssh, rsync, shellcheck, sshpass, stdenvNoCC }: +{ lib, makeWrapper, openssh, rsync, sshpass, stdenvNoCC }: stdenvNoCC.mkDerivation rec { pname = "drone-rsync"; version = "0.1.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/i3-get-window-criteria/default.nix b/pkgs/i3-get-window-criteria/default.nix index acfde93..8b082d4 100644 --- a/pkgs/i3-get-window-criteria/default.nix +++ b/pkgs/i3-get-window-criteria/default.nix @@ -1,4 +1,4 @@ -{ lib, coreutils, gnused, makeWrapper, shellcheck, stdenvNoCC, xorg }: +{ lib, coreutils, gnused, makeWrapper, stdenvNoCC, xorg }: stdenvNoCC.mkDerivation rec { pname = "i3-get-window-criteria"; version = "0.1.0"; @@ -7,14 +7,11 @@ stdenvNoCC.mkDerivation rec { buildInputs = [ makeWrapper - shellcheck ]; dontUnpack = true; - buildPhase = '' - shellcheck $src - ''; + dontBuild = true; installPhase = '' mkdir -p $out/bin From 4ea0f8bc51714cd33e5ea05677d296721a2e1723 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Jun 2022 11:19:43 +0200 Subject: [PATCH 638/654] flake: bump inputs --- flake.lock | 72 +++++++++++++++++++++++++++++++++++++++++++++++------- flake.nix | 1 + 2 files changed, 64 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 56ca74f..fdfe60b 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,22 @@ "type": "github" } }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "futils": { "locked": { "lastModified": 1653893745, @@ -39,16 +55,22 @@ }, "home-manager": { "inputs": { + "flake-compat": "flake-compat", "nixpkgs": [ "nixpkgs" + ], + "nmd": "nmd", + "nmt": "nmt", + "utils": [ + "futils" ] }, "locked": { - "lastModified": 1653943687, - "narHash": "sha256-xXW9t24HLf89+n/92kOqRRfOBE3KDna+9rAOefs5WSQ=", + "lastModified": 1655858799, + "narHash": "sha256-Ws6BKlVuEVO29Ab3OEUfVLbWTECv/5Ax3yOMq/UeY0E=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f3e26705178cc8c1d982d37d881fc0d5b5b1837", + "rev": "06bb67ab24bd6e6c6d2bc97ecbcddd6c8b07ac18", "type": "github" }, "original": { @@ -60,11 +82,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653845079, - "narHash": "sha256-7ghaQZ+7JXLI9FgNH8+RQHAt3/ubT92j8NtjZleP6t4=", + "lastModified": 1655624069, + "narHash": "sha256-7g1zwTdp35GMTERnSzZMWJ7PG3QdDE8VOX3WsnOkAtM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b62ada430501de88dfbb08cea4eb98ead3a5e3e7", + "rev": "0d68d7c857fe301d49cdcd56130e0beea4ecd5aa", "type": "github" }, "original": { @@ -74,13 +96,45 @@ "type": "github" } }, + "nmd": { + "flake": false, + "locked": { + "lastModified": 1653339422, + "narHash": "sha256-RNLq09vfj21TyYuUCeD6BNTNC6Ew8bLhQULZytN4Xx8=", + "owner": "rycee", + "repo": "nmd", + "rev": "91dee681dd1c478d6040a00835d73c0f4a4c5c29", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmd", + "type": "gitlab" + } + }, + "nmt": { + "flake": false, + "locked": { + "lastModified": 1648075362, + "narHash": "sha256-u36WgzoA84dMVsGXzml4wZ5ckGgfnvS0ryzo/3zn/Pc=", + "owner": "rycee", + "repo": "nmt", + "rev": "d83601002c99b78c89ea80e5e6ba21addcfe12ae", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmt", + "type": "gitlab" + } + }, "nur": { "locked": { - "lastModified": 1653970042, - "narHash": "sha256-EcphYipFvqkFV9PrWUUz034G7WQHZwYVwzGiyU5384A=", + "lastModified": 1655884594, + "narHash": "sha256-ZwmYvED9P9RmMvQkV+PeZ5vGQyDDaR5y8A5vuRnrac0=", "owner": "nix-community", "repo": "NUR", - "rev": "83f9a7c7287210b20da844b1ccd7c79cb696f51e", + "rev": "4a38042992499ce141a38e7dc5a105c31fd77b98", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 45b407d..3f8f350 100644 --- a/flake.nix +++ b/flake.nix @@ -25,6 +25,7 @@ ref = "master"; inputs = { nixpkgs.follows = "nixpkgs"; + utils.follows = "futils"; }; }; From fc63759c1a420c9e7490ae9cde98fc62432bd0f9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Jun 2022 16:04:17 +0200 Subject: [PATCH 639/654] flake: remove 'aarch64-darwin' 'pyopenssl' has been marked as broken on this sytem, so remove it from my supported systems to avoid breaking 'nix flake check'. --- flake.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/flake.nix b/flake.nix index 3f8f350..a86ac33 100644 --- a/flake.nix +++ b/flake.nix @@ -69,7 +69,6 @@ inherit (futils.lib) eachSystem system; mySystems = [ - system.aarch64-darwin system.aarch64-linux system.x86_64-darwin system.x86_64-linux From e5b82f09025dd43adf0ff24d1e4af77a0e161af3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 22 Jun 2022 16:06:49 +0200 Subject: [PATCH 640/654] lib: fix formatting --- lib/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/default.nix b/lib/default.nix index fa37c23..8358d58 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -15,6 +15,4 @@ let mapModules ./. (file: import file { inherit self lib pkgs inputs; }) ); in -mylib.extend (self: super: - foldr (a: b: a // b) { } (attrValues super) -) +mylib.extend (self: super: foldr (a: b: a // b) { } (attrValues super)) From 89934f5043835a5390a8362614ee4108683b7d67 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 23 Jun 2022 10:02:30 +0200 Subject: [PATCH 641/654] home: vim: add 'nvim-lspconfig' For some reason I had not added it to my plug-in list, but it still worked until I bumped my inputs. --- home/vim/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vim/default.nix b/home/vim/default.nix index 22268d3..e803d00 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -62,6 +62,7 @@ in git-messenger-vim # A simple blame window # LSP and linting + nvim-lspconfig # Easy LSP configuration lsp_lines-nvim # Show diagnostics *over* regions null-ls-nvim # LSP integration for linters and formatters (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) # Better highlighting From 54e3699c253e346185db36f51aad2dbcfb18110c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Jul 2022 14:11:43 +0200 Subject: [PATCH 642/654] home: xdg: do not set 'WGETRC' I don't use it... --- home/xdg/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/home/xdg/default.nix b/home/xdg/default.nix index 1aa69ac..b335842 100644 --- a/home/xdg/default.nix +++ b/home/xdg/default.nix @@ -45,6 +45,5 @@ in INPUTRC = "${configHome}/readline/inputrc"; LESSHISTFILE = "${dataHome}/less/history"; LESSKEY = "${configHome}/less/lesskey"; - WGETRC = "${configHome}/wgetrc"; }; } From 20aebccb92f6b3095bfdc8ee3176bf8233f64058 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 12 Jul 2022 13:48:25 +0200 Subject: [PATCH 643/654] flake: bump inputs --- flake.lock | 81 ++++++++++-------------------------------------------- 1 file changed, 15 insertions(+), 66 deletions(-) diff --git a/flake.lock b/flake.lock index fdfe60b..c5aa9fd 100644 --- a/flake.lock +++ b/flake.lock @@ -21,29 +21,13 @@ "type": "github" } }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "futils": { "locked": { - "lastModified": 1653893745, - "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "lastModified": 1656928814, + "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", "type": "github" }, "original": { @@ -55,22 +39,19 @@ }, "home-manager": { "inputs": { - "flake-compat": "flake-compat", "nixpkgs": [ "nixpkgs" ], - "nmd": "nmd", - "nmt": "nmt", "utils": [ "futils" ] }, "locked": { - "lastModified": 1655858799, - "narHash": "sha256-Ws6BKlVuEVO29Ab3OEUfVLbWTECv/5Ax3yOMq/UeY0E=", + "lastModified": 1657621596, + "narHash": "sha256-lRd1RHpuSaCvkXSLBV/eTW0cKt4pj51yW0d62Yg9dAs=", "owner": "nix-community", "repo": "home-manager", - "rev": "06bb67ab24bd6e6c6d2bc97ecbcddd6c8b07ac18", + "rev": "1e66e035e18ca02d72ebbbc83e4e75fa0acdf1af", "type": "github" }, "original": { @@ -82,11 +63,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1655624069, - "narHash": "sha256-7g1zwTdp35GMTERnSzZMWJ7PG3QdDE8VOX3WsnOkAtM=", + "lastModified": 1657447684, + "narHash": "sha256-FCP9AuU1q6PE3vOeM5SFf58f/UKPBAsoSGDUGamNBbo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0d68d7c857fe301d49cdcd56130e0beea4ecd5aa", + "rev": "5f43d8b088d3771274bcfb69d3c7435b1121ac88", "type": "github" }, "original": { @@ -96,45 +77,13 @@ "type": "github" } }, - "nmd": { - "flake": false, - "locked": { - "lastModified": 1653339422, - "narHash": "sha256-RNLq09vfj21TyYuUCeD6BNTNC6Ew8bLhQULZytN4Xx8=", - "owner": "rycee", - "repo": "nmd", - "rev": "91dee681dd1c478d6040a00835d73c0f4a4c5c29", - "type": "gitlab" - }, - "original": { - "owner": "rycee", - "repo": "nmd", - "type": "gitlab" - } - }, - "nmt": { - "flake": false, - "locked": { - "lastModified": 1648075362, - "narHash": "sha256-u36WgzoA84dMVsGXzml4wZ5ckGgfnvS0ryzo/3zn/Pc=", - "owner": "rycee", - "repo": "nmt", - "rev": "d83601002c99b78c89ea80e5e6ba21addcfe12ae", - "type": "gitlab" - }, - "original": { - "owner": "rycee", - "repo": "nmt", - "type": "gitlab" - } - }, "nur": { "locked": { - "lastModified": 1655884594, - "narHash": "sha256-ZwmYvED9P9RmMvQkV+PeZ5vGQyDDaR5y8A5vuRnrac0=", + "lastModified": 1657625990, + "narHash": "sha256-o3mvJ1ihYyWZus96FC9XYuSmoR1v61MlHnRZigzSZu4=", "owner": "nix-community", "repo": "NUR", - "rev": "4a38042992499ce141a38e7dc5a105c31fd77b98", + "rev": "0e576376677b821c0ab1dbd5f37eeadd424c7f25", "type": "github" }, "original": { @@ -154,11 +103,11 @@ ] }, "locked": { - "lastModified": 1652714503, - "narHash": "sha256-qQKVEfDe5FqvGgkZtg5Pc491foeiDPIOeycHMqnPDps=", + "lastModified": 1656169028, + "narHash": "sha256-y9DRauokIeVHM7d29lwT8A+0YoGUBXV3H0VErxQeA8s=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "521a524771a8e93caddaa0ac1d67d03766a8b0b3", + "rev": "db3bd555d3a3ceab208bed48f983ccaa6a71a25e", "type": "github" }, "original": { From 224e8f854896e64c7a3a404ce179af764d914b65 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Jul 2022 17:53:55 +0200 Subject: [PATCH 644/654] modules: services: paperless: fix DB dependency --- modules/services/paperless/default.nix | 30 +++++++++++++++----------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/modules/services/paperless/default.nix b/modules/services/paperless/default.nix index b21efa8..5ba9709 100644 --- a/modules/services/paperless/default.nix +++ b/modules/services/paperless/default.nix @@ -83,16 +83,28 @@ in }; systemd.services = { - paperless-scheduler.serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; + paperless-scheduler = { + after = [ "postgresql.service" ]; + + serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; }; - paperless-consumer.serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; + paperless-consumer = { + after = [ "postgresql.service" ]; + + serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; }; - paperless-web.serviceConfig = { - EnvironmentFile = cfg.secretKeyFile; + paperless-web = { + after = [ "postgresql.service" ]; + + serviceConfig = { + EnvironmentFile = cfg.secretKeyFile; + }; }; }; @@ -111,12 +123,6 @@ in # Set-up media group users.groups.media = { }; - systemd.services.paperless-server = { - # Make sure the DB is available - after = [ "postgresql.service" ]; - }; - - users.users.${config.services.paperless.user} = { extraGroups = [ "media" ]; }; From 622f9c61e4b06539ecc4bbd76401c6171874d4a7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Jul 2022 17:53:23 +0200 Subject: [PATCH 645/654] modules: services: add grocy --- modules/services/default.nix | 1 + modules/services/grocy/default.nix | 33 ++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 modules/services/grocy/default.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 4ed40f0..a5d129b 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -9,6 +9,7 @@ ./drone ./flood ./gitea + ./grocy ./indexers ./jellyfin ./lohr diff --git a/modules/services/grocy/default.nix b/modules/services/grocy/default.nix new file mode 100644 index 0000000..22288e7 --- /dev/null +++ b/modules/services/grocy/default.nix @@ -0,0 +1,33 @@ +# Groceries and household management +{ config, lib, ... }: +let + cfg = config.my.services.grocy; +in +{ + options.my.services.grocy = with lib; { + enable = mkEnableOption "Grocy household ERP"; + }; + + config = lib.mkIf cfg.enable { + services.grocy = { + enable = true; + + # The service sets up the reverse proxy automatically + hostName = "grocy.${config.networking.domain}"; + + nginx = { + enableSSL = true; + }; + + settings = { + currency = "EUR"; + culture = "en"; + calendar = { + # Start on Monday + firstDayOfWeek = 1; + showWeekNumber = true; + }; + }; + }; + }; +} From b965ee15e5bc9d2e291420cd708ae94a4a45c4c7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Jul 2022 18:19:44 +0200 Subject: [PATCH 646/654] machines: porthos: services: enable grocy --- machines/porthos/services.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 615efd5..5cb8665 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -48,6 +48,10 @@ in passwordFile = secrets."gitea/mail-password".path; }; }; + # Grocy ERP + grocy = { + enable = true; + }; # Meta-indexers indexers = { prowlarr.enable = true; From 135349c882341e1e92f83b18c117621c85b41054 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 28 Jul 2022 18:26:02 +0200 Subject: [PATCH 647/654] modules: services: grocy: fix SSL configuration --- modules/services/grocy/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/modules/services/grocy/default.nix b/modules/services/grocy/default.nix index 22288e7..87927d6 100644 --- a/modules/services/grocy/default.nix +++ b/modules/services/grocy/default.nix @@ -2,6 +2,7 @@ { config, lib, ... }: let cfg = config.my.services.grocy; + grocyDomain = "grocy.${config.networking.domain}"; in { options.my.services.grocy = with lib; { @@ -13,10 +14,11 @@ in enable = true; # The service sets up the reverse proxy automatically - hostName = "grocy.${config.networking.domain}"; + hostName = grocyDomain; + # Configure SSL by hand nginx = { - enableSSL = true; + enableSSL = false; }; settings = { @@ -29,5 +31,10 @@ in }; }; }; + + services.nginx.virtualHosts."${grocyDomain}" = { + forceSSL = true; + useACMEHost = config.networking.domain; + }; }; } From bdef8577bddc528fa5fe0dbe68c7c50cfe7d4942 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 15 Jul 2022 23:49:28 +0200 Subject: [PATCH 648/654] home: gdb: fix auto-load safe path --- home/gdb/gdbinit | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/home/gdb/gdbinit b/home/gdb/gdbinit index bdf7bfd..86e8c3c 100644 --- a/home/gdb/gdbinit +++ b/home/gdb/gdbinit @@ -19,6 +19,6 @@ set print demangle on set auto-load python-scripts # Allow autoloading project-local .gdbinit files -set auto-load safe-path ~/git/ +add-auto-load-safe-path ~/git/ # Allow autoloading from the Nix store -set auto-load safe-path /nix/store +add-auto-load-safe-path /nix/store From a85c73f14f34ee0352cce6410ecb86057cb0f64d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 31 Aug 2022 17:16:36 +0200 Subject: [PATCH 649/654] flake: bump inputs --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index c5aa9fd..4c4d554 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ }, "futils": { "locked": { - "lastModified": 1656928814, - "narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", "owner": "numtide", "repo": "flake-utils", - "rev": "7e2a3b3dfd9af950a856d66b0a7d01e3c18aa249", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { @@ -47,11 +47,11 @@ ] }, "locked": { - "lastModified": 1657621596, - "narHash": "sha256-lRd1RHpuSaCvkXSLBV/eTW0cKt4pj51yW0d62Yg9dAs=", + "lastModified": 1661824092, + "narHash": "sha256-nSWLWytlXbeLrx5A+r5Pso7CvVrX5EgmIIXW/EXvPHQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "1e66e035e18ca02d72ebbbc83e4e75fa0acdf1af", + "rev": "5bd66dc6cd967033489c69d486402b75d338eeb6", "type": "github" }, "original": { @@ -63,11 +63,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1657447684, - "narHash": "sha256-FCP9AuU1q6PE3vOeM5SFf58f/UKPBAsoSGDUGamNBbo=", + "lastModified": 1661720780, + "narHash": "sha256-AJNGyaB2eKZAYaPNjBZOzap87yL+F9ZLaFzzMkvega0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5f43d8b088d3771274bcfb69d3c7435b1121ac88", + "rev": "a63021a330d8d33d862a8e29924b42d73037dd37", "type": "github" }, "original": { @@ -79,11 +79,11 @@ }, "nur": { "locked": { - "lastModified": 1657625990, - "narHash": "sha256-o3mvJ1ihYyWZus96FC9XYuSmoR1v61MlHnRZigzSZu4=", + "lastModified": 1661952120, + "narHash": "sha256-JwpT04L0mbLAKxTplG++RCHJgdXXHEQcGFihQqV/VF8=", "owner": "nix-community", "repo": "NUR", - "rev": "0e576376677b821c0ab1dbd5f37eeadd424c7f25", + "rev": "7dd0008c061609bc4dc5f2a0336f13082a35e00a", "type": "github" }, "original": { @@ -103,11 +103,11 @@ ] }, "locked": { - "lastModified": 1656169028, - "narHash": "sha256-y9DRauokIeVHM7d29lwT8A+0YoGUBXV3H0VErxQeA8s=", + "lastModified": 1660830093, + "narHash": "sha256-HUhx3a82C7bgp2REdGFeHJdhEAzMGCk3V8xIvfBqg1I=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "db3bd555d3a3ceab208bed48f983ccaa6a71a25e", + "rev": "8cb8ea5f1c7bc2984f460587fddd5f2e558f6eb8", "type": "github" }, "original": { From c5c1e159e8a405bae9aa2617114e4affe3b2ea58 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 31 Aug 2022 16:08:10 +0200 Subject: [PATCH 650/654] home: mail: accounts: use 'outlook' flavor --- home/mail/accounts/default.nix | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/home/mail/accounts/default.nix b/home/mail/accounts/default.nix index 80d95ae..ee8ec46 100644 --- a/home/mail/accounts/default.nix +++ b/home/mail/accounts/default.nix @@ -51,21 +51,7 @@ let }; office365Config = { - imap = { - host = "outlook.office365.com"; - port = 993; - tls = { - enable = true; - }; - }; - smtp = { - host = "outlook.office365.com"; - port = 587; - tls = { - enable = true; - useStartTls = true; - }; - }; + flavor = "outlook.office365.com"; }; in { From f4b7914894e61a7f0d9971df143683f0a5539f6e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 31 Aug 2022 17:19:58 +0200 Subject: [PATCH 651/654] modules: services: gitea: migrate to 'settings' --- modules/services/gitea/default.nix | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix index 39332c5..9c443f0 100644 --- a/modules/services/gitea/default.nix +++ b/modules/services/gitea/default.nix @@ -64,10 +64,6 @@ in lfs.enable = true; useWizard = false; - disableRegistration = true; - - # only send cookies via HTTPS - cookieSecure = true; database = { type = "postgres"; # Automatic setup @@ -90,6 +86,15 @@ in MAILER_TYPE = cfg.mail.type; IS_TLS_ENABLED = cfg.mail.tls; }; + + service = { + DISABLE_REGISTRATION = true; + }; + + session = { + # only send cookies via HTTPS + COOKIE_SECURE = true; + }; }; }; From 1151b2e5efd7dea44f0b807e76e1e4ac70e35a61 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 2 Sep 2022 09:49:35 +0200 Subject: [PATCH 652/654] flake: bump inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 4c4d554..430a448 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1652712410, - "narHash": "sha256-hMJ2TqLt0DleEnQFGUHK9sV2aAzJPU8pZeiZoqRozbE=", + "lastModified": 1662046976, + "narHash": "sha256-BrTReGRhkVm/Kmmf4zQrL+oYWy0sds/BDBgXNX1CL3c=", "owner": "ryantm", "repo": "agenix", - "rev": "7e5e58b98c3dcbf497543ff6f22591552ebfe65b", + "rev": "9f136ecfa5bf954538aed3245e4408cf87c85097", "type": "github" }, "original": { @@ -63,11 +63,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1661720780, - "narHash": "sha256-AJNGyaB2eKZAYaPNjBZOzap87yL+F9ZLaFzzMkvega0=", + "lastModified": 1662019588, + "narHash": "sha256-oPEjHKGGVbBXqwwL+UjsveJzghWiWV0n9ogo1X6l4cw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a63021a330d8d33d862a8e29924b42d73037dd37", + "rev": "2da64a81275b68fdad38af669afeda43d401e94b", "type": "github" }, "original": { @@ -79,11 +79,11 @@ }, "nur": { "locked": { - "lastModified": 1661952120, - "narHash": "sha256-JwpT04L0mbLAKxTplG++RCHJgdXXHEQcGFihQqV/VF8=", + "lastModified": 1662103084, + "narHash": "sha256-zE6ftit1nllgrXJ3hnt/h/Ev+JsjkJQLKAgO5M31R5s=", "owner": "nix-community", "repo": "NUR", - "rev": "7dd0008c061609bc4dc5f2a0336f13082a35e00a", + "rev": "65fef905eaad9a585a3841103ed3f45608a50c56", "type": "github" }, "original": { From b582aff8669065cf7be5d7edbd5b1b47734cdf3a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 31 Aug 2022 15:50:22 +0200 Subject: [PATCH 653/654] home: vim: migrate to 'nvim-surround' It's potentially more customizable, and integrates with tree-sitter. It also allows for buffer/filetype specific pairs. --- home/vim/default.nix | 2 +- home/vim/plugin/settings/surround.vim | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 home/vim/plugin/settings/surround.vim diff --git a/home/vim/default.nix b/home/vim/default.nix index e803d00..2f17890 100644 --- a/home/vim/default.nix +++ b/home/vim/default.nix @@ -42,7 +42,6 @@ in vim-git # Sane git syntax files vim-repeat # Enanche '.' for plugins vim-rsi # Readline mappings - vim-surround # Deal with pairs vim-unimpaired # Some ex command mappings vim-vinegar # Better netrw @@ -83,6 +82,7 @@ in # UX improvements dressing-nvim # Integrate native UI hooks with Telescope etc... gitsigns-nvim # Fast git UI integration + nvim-surround # Deal with pairs, now in Lua telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface diff --git a/home/vim/plugin/settings/surround.vim b/home/vim/plugin/settings/surround.vim new file mode 100644 index 0000000..e5eb81b --- /dev/null +++ b/home/vim/plugin/settings/surround.vim @@ -0,0 +1,5 @@ +lua << EOF +require("nvim-surround").setup({ + -- No configuration at the moment +}) +EOF From 5487f3f5c82ffd5ada79a9537b37380536dd44f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 5 Sep 2022 10:12:01 +0200 Subject: [PATCH 654/654] WIP --- flake.lock | 71 +++++++++++++++++++ flake.nix | 14 ++++ machines/porthos/services.nix | 3 + modules/services/matrix/bridges.nix | 101 ++++++++++++++++++++++++++++ modules/services/matrix/default.nix | 4 ++ 5 files changed, 193 insertions(+) create mode 100644 modules/services/matrix/bridges.nix diff --git a/flake.lock b/flake.lock index 430a448..dede124 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,37 @@ "type": "github" } }, + "devshell": { + "locked": { + "lastModified": 1642188268, + "narHash": "sha256-DNz4xScpXIn7rSDohdayBpPR9H9OWCMDOgTYegX081k=", + "owner": "numtide", + "repo": "devshell", + "rev": "696acc29668b644df1740b69e1601119bf6da83b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1641205782, + "narHash": "sha256-4jY7RCWUoZ9cKD8co0/4tFARpWB+57+r1bLLvXNJliY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b7547d3eed6f32d06102ead8991ec52ab0a4f1a7", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "futils": { "locked": { "lastModified": 1659877975, @@ -61,6 +92,45 @@ "type": "github" } }, + "matrix-appservices": { + "inputs": { + "devshell": "devshell", + "flake-compat": "flake-compat", + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1662227278, + "narHash": "sha256-n58O7wTmORHg+cwYrbKjnlKi3UQkDug9l0FY9RB6zIM=", + "owner": "coffeetables", + "repo": "nix-matrix-appservices", + "rev": "41c1418781dbdfae5d1c15a29b7f1b8f67e5d69f", + "type": "gitlab" + }, + "original": { + "owner": "coffeetables", + "ref": "main", + "repo": "nix-matrix-appservices", + "type": "gitlab" + } + }, + "nixlib": { + "locked": { + "lastModified": 1643502816, + "narHash": "sha256-Wrbt6Gs+hjXD3HUICPBJHKnHEUqiyx8rzHCgvqC1Bok=", + "owner": "divnix", + "repo": "nixpkgs.lib", + "rev": "ebed7ec5bcb5d01e298535989c6c321df18b631a", + "type": "github" + }, + "original": { + "owner": "divnix", + "repo": "nixpkgs.lib", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1662019588, @@ -122,6 +192,7 @@ "agenix": "agenix", "futils": "futils", "home-manager": "home-manager", + "matrix-appservices": "matrix-appservices", "nixpkgs": "nixpkgs", "nur": "nur", "pre-commit-hooks": "pre-commit-hooks" diff --git a/flake.nix b/flake.nix index a86ac33..84f170f 100644 --- a/flake.nix +++ b/flake.nix @@ -29,6 +29,19 @@ }; }; + matrix-appservices = { + type = "gitlab"; + owner = "coffeetables"; + repo = "nix-matrix-appservices"; + ref = "main"; + inputs = { + # devshell.follows = "devshell"; + # flake-compat.follows = "flake-compat"; + # nixlib.follows = "nixlib"; + nixpkgs.follows = "nixpkgs"; + }; + }; + nixpkgs = { type = "github"; owner = "NixOS"; @@ -61,6 +74,7 @@ , agenix , futils , home-manager + , matrix-appservices , nixpkgs , nur , pre-commit-hooks diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 5cb8665..2661121 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -68,6 +68,9 @@ in matrix = { enable = true; mailConfigFile = secrets."matrix/mail".path; + bridges = { + enable = true; + }; # Only necessary when doing the initial registration # secret = "change-me"; }; diff --git a/modules/services/matrix/bridges.nix b/modules/services/matrix/bridges.nix new file mode 100644 index 0000000..1fa47e8 --- /dev/null +++ b/modules/services/matrix/bridges.nix @@ -0,0 +1,101 @@ +# Matrix bridges, thanks to [1]. +# +# [1]: https://gitlab.com/coffeetables/nix-matrix-appservices/ +{ config, inputs, lib, pkgs, ... }: +let + cfg = config.my.services.matrix.bridges; + domain = config.networking.domain; +in +{ + imports = [ + inputs.matrix-appservices.nixosModules.matrix-appservices + ]; + + options.my.services.matrix.bridges = with lib; { + enable = mkEnableOption "Matrix bridges configuration"; + }; + + config = lib.mkIf cfg.enable { + services.nginx.virtualHosts = { + "matrix.${domain}" = { + locations."/bridges/facebook/login" = { + proxyPass = "http://[::1]:29181"; + }; + }; + }; + + services.matrix-appservices = { + homeserver = "matrix-synapse"; + + homeserverDomain = "belanyi.fr"; + homeserverURL = "https://matrix.belanyi.fr"; + + addRegistrationFiles = true; + + # FIXME: explicitly configure logging through systemd, not log files + # FIXME: register ports to avoid conflicts + services = { + # discord = { + # port = 29180; + # format = "mautrix-go"; + # package = pkgs.mautrix-discord; + # }; + + facebook = { + port = 29181; + format = "mautrix-python"; + package = pkgs.mautrix-facebook; + + settings = { + appservice = { + # Enable login by link + public = { + enabled = true; + prefix = "/bridges/facebook/login"; + external = "https://matrix.${domain}/bridges/facebook/login"; + }; + }; + + bridge = { + # Enable encryption by default + encryption = { + allow = true; + default = true; + allow_key_sharing = true; + + # FIXME: crash loop if not defined explicitly... + verification_levels = { + # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. + receive = "unverified"; + # Minimum level that the bridge should accept for incoming Matrix messages. + send = "unverified"; + # Minimum level that the bridge should require for accepting key requests. + share = "cross-signed-tofu"; + }; + }; + }; + }; + }; + + whatsapp = { + port = 29182; + format = "mautrix-go"; + package = pkgs.mautrix-whatsapp; + + settings = { + bridge = { + # Create a space for all bridges chat rooms + personal_filtering_spaces = true; + # Enable encryption by default + encryption = { + allow = true; + default = true; + allow_key_sharing = true; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix index 6adcd00..b3db0ba 100644 --- a/modules/services/matrix/default.nix +++ b/modules/services/matrix/default.nix @@ -16,6 +16,10 @@ let domain = config.networking.domain; in { + imports = [ + ./bridges.nix + ]; + options.my.services.matrix = with lib; { enable = mkEnableOption "Matrix Synapse";