ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: ambroisie:6bae135b1b6fc51a7ed2877cb36cbac1f0915775
Branches Tags
ambroisie:main
ambroisie:add-jj
ambroisie:xdg-mime-apps
ambroisie:tmux-undercurls
ambroisie:add-nixgl
ambroisie:export-nixos-homes
ambroisie:native-vim-snippets
ambroisie:add-impermanence
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix
...
compare: ambroisie:3319dcb26a79ed049758799b8ac52ed72d44596e
Branches Tags
ambroisie:add-jj
ambroisie:main
ambroisie:xdg-mime-apps
ambroisie:tmux-undercurls
ambroisie:add-nixgl
ambroisie:export-nixos-homes
ambroisie:native-vim-snippets
ambroisie:add-impermanence
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix

28 commits
6bae135b1b ... 3319dcb26a

Author SHA1 Message Date
Bruno BELANYI
3319dcb26a NOTE ABOUT XDG-TERMINAL
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-08-11 10:29:51 +00:00
Bruno BELANYI
27639d4672 REMOVE THIS ONE 2025-08-11 10:29:18 +00:00
Bruno BELANYI
d548cd925f home: discord: add MIME associations 2025-08-11 10:29:18 +00:00
Bruno BELANYI
482be0f986 hosts: homes: bazin: set MIME browser 2025-08-11 10:29:17 +00:00
Bruno BELANYI
57fb7ed919 home: terminal: termite: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
6ddcbef358 home: terminal: alacritty: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
2f952be60f home: zathura: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
a2b9fd42a1 home: nvim: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
5bb44532c6 home: mpv: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
b41dc777a1 home: himalaya: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
c07c586503 home: firefox: add MIME associations 2025-08-11 10:29:17 +00:00
Bruno BELANYI
62c4d5a114 home: feh: add MIME association 2025-08-11 10:29:17 +00:00
Bruno BELANYI
313b2552cb home: xdg: add 'mime-apps' 2025-08-11 10:29:17 +00:00
Bruno BELANYI
17ceaa5620 nixos: services: matrix: fix out-dated comments
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-08-06 15:37:08 +00:00
Bruno BELANYI
b1c9279c63 nixos: services: add thelounge
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-08-05 15:53:21 +02:00
Bruno BELANYI
30348a1e19 nixos: services: matrix: add Facebook bridge 
I probably won't actually use it, after test-driving it quickly.

But now that the effort has been expanded, might as well keep it if only
as a future reference.
 2025-08-05 15:53:21 +02:00
Bruno BELANYI
7a85a44407 nixos: services: matrix: remove obsolete comment 2025-08-05 15:53:21 +02:00
Bruno BELANYI
9cadbe6256 nixos: services: matrix: add admin interface 2025-08-05 15:53:21 +02:00
Bruno BELANYI
fa7b4910f5 nixos: services: matrix: fix proxy to synapse 
I want to make use of the `/_synapse/matrix/` sub-path, so just proxy
the whole of `/_synapse/`.
 2025-08-05 15:53:21 +02:00
Bruno BELANYI
1e31b2dfea nixos: services: matrix: simplify VHost 2025-08-05 15:53:21 +02:00
Bruno BELANYI
bd019258cb nixos: services: matrix: simplify listeners 2025-08-05 15:53:21 +02:00
Bruno BELANYI
0792e8c7cb nixos: services: matrix: fix element-web config 2025-08-05 15:53:21 +02:00
Bruno BELANYI
f1d7da7fcb nixos: services: matrix: refactor well-knowns 2025-08-05 15:53:21 +02:00
Bruno BELANYI
dd7b613531 pkgs: lohr: remove 'useFetchCargoVendor'
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details 
It's now turned on by default.
 2025-08-05 11:03:01 +00:00
Bruno BELANYI
a10270f8e1 flake: bump inputs
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-08-05 11:00:26 +00:00
Bruno BELANYI
f94fc468aa home: zsh: ignore more commands for notification
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-08-04 14:28:34 +00:00
Bruno BELANYI
7786c591b5 pkgs: comma: add 'COMMA_PICKER' 2025-08-04 11:13:52 +00:00
Bruno BELANYI
4b7c6c1f5e pkgs: comma: fix 'nix-locate' invocation
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2025-07-29 16:13:58 +00:00
20 changed files with 646 additions and 135 deletions
Download patch file Download diff file Expand all files Collapse all files

30
flake.lock generated
View file

@ -14,11 +14,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750173260, "lastModified": 1754337839,
"narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", "narHash": "sha256-fEc2/4YsJwtnLU7HCFMRckb0u9UNnDZmwGhXT5U5NTw=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", "rev": "856df6f6922845abd4fd958ce21febc07ca2fa45",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -73,11 +73,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753121425, "lastModified": 1754091436,
"narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", "narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", "rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -159,11 +159,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753617834, "lastModified": 1754365350,
"narHash": "sha256-WEVfKrdIdu5CpppJ0Va3vzP0DKlS+ZTLbBjugMO2Drg=", "narHash": "sha256-NLWIkn1qM0wxtZu/2NXRaujWJ4Y1PSZlc7h0y6pOzOQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "72cc1e3134a35005006f06640724319caa424737", "rev": "c5d7e957397ecb7d48b99c928611c6e780db1b56",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -175,11 +175,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1753429684, "lastModified": 1754372978,
"narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=", "narHash": "sha256-ByII9p9ek0k9UADC/hT+i9ueM2mw0Zxiz+bOlydU6Oo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7fd36ee82c0275fb545775cc5e4d30542899511d", "rev": "9ebe222ec7ef9de52478f76cba3f0324c1d1119f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -200,11 +200,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1741294988, "lastModified": 1753980880,
"narHash": "sha256-3408u6q615kVTb23WtDriHRmCBBpwX7iau6rvfipcu4=", "narHash": "sha256-aj1pbYxL6N+XFqBHjB4B1QP0bnKRcg1AfpgT5zUFsW8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "b30c245e2c44c7352a27485bfd5bc483df660f0e", "rev": "16db3e61da7606984a05b4dfc33cd1d26d22fb22",
"type": "github" "type": "github"
}, },
"original": { "original": {

8
hosts/homes/ambroisie@bazin/default.nix
View file

@ -38,6 +38,14 @@
}; };
}; };
xdg = {
mime-apps = {
applications = {
browser = "garcon_host_browser.desktop";
};
};
};
zsh = { zsh = {
notify = { notify = {
enable = true; enable = true;

4
modules/home/discord/default.nix
View file

@ -21,5 +21,9 @@ in
# Do not keep me from using the app just to force an update # Do not keep me from using the app just to force an update
SKIP_HOST_UPDATE = true; SKIP_HOST_UPDATE = true;
}; };
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/discord" = "discord.desktop";
};
}; };
} }

7
modules/home/feh/default.nix
View file

@ -10,4 +10,11 @@ in
config.programs.feh = lib.mkIf cfg.enable { config.programs.feh = lib.mkIf cfg.enable {
enable = true; enable = true;
}; };
config.my.home.xdg.mime-apps = lib.mkIf cfg.enable {
applications.media.image = {
bitmap = "feh.desktop";
vector = "feh.desktop";
};
};
} }

4
modules/home/firefox/default.nix
View file

@ -79,4 +79,8 @@ in
}; };
}; };
}; };
config.my.home.xdg.mime-apps = lib.mkIf cfg.enable {
applications.browser = "firefox.desktop";
};
} }

4
modules/home/mail/himalaya/default.nix
View file

@ -20,4 +20,8 @@ in
''; '';
}; };
}; };
config.my.home.xdg.mime-apps = lib.mkIf cfg.enable {
applications.editor = "himalaya.desktop";
};
} }

7
modules/home/mpv/default.nix
View file

@ -17,5 +17,12 @@ in
pkgs.mpvScripts.uosc # Nicer UI pkgs.mpvScripts.uosc # Nicer UI
]; ];
}; };
my.home.xdg.mime-apps = {
applications.media = {
audio = "mpv.desktop";
video = "mpv.desktop";
};
};
}; };
} }

4
modules/home/terminal/alacritty/default.nix
View file

@ -48,5 +48,9 @@ in
}; };
}; };
}; };
my.home.xdg.mime-apps = {
applications.terminal = "Alacritty.desktop";
};
}; };
} }

4
modules/home/terminal/termite/default.nix
View file

@ -49,5 +49,9 @@ in
color15 = ${whiteBold} color15 = ${whiteBold}
''; '';
}; };
my.home.xdg.mime-apps = {
applications.terminal = "termite.desktop";
};
}; };
} }

4
modules/home/vim/default.nix
View file

@ -104,4 +104,8 @@ in
}; };
config.xdg.configFile = lib.mkIf cfg.enable configFiles; config.xdg.configFile = lib.mkIf cfg.enable configFiles;
config.my.home.xdg.mime-apps = lib.mkIf cfg.enable {
applications.editor = "nvim.desktop";
};
} }

8
modules/home/xdg/default.nix
View file

@ -3,6 +3,10 @@ let
cfg = config.my.home.xdg; cfg = config.my.home.xdg;
in in
{ {
imports = [
./mime-apps.nix
];
options.my.home.xdg = with lib; { options.my.home.xdg = with lib; {
enable = my.mkDisableOption "XDG configuration"; enable = my.mkDisableOption "XDG configuration";
}; };
@ -11,10 +15,6 @@ in
enable = true; enable = true;
# File types # File types
mime.enable = true; mime.enable = true;
# File associations
mimeApps = {
enable = true;
};
# User directories # User directories
userDirs = { userDirs = {
enable = true; enable = true;

280
modules/home/xdg/mime-apps.nix Normal file
View file

@ -0,0 +1,280 @@
{ config, lib, ... }:
let
cfg = config.my.home.xdg.mime-apps;
app = cfg.applications;
mkMimeAppOption = kind: lib.mkOption {
description = "Application to associate as ${kind}";
default = null;
type = with lib.types; nullOr str;
};
in
{
options.my.home.xdg.mime-apps = with lib; {
enable = mkEnableOption "XDG MIME Applications configuration" // {
default = config.my.home.xdg.enable;
};
applications = lib.mapAttrsRecursive (_: mkMimeAppOption) {
archive = "archive manager";
browser = "internet browser";
calendar = "calendar";
editor = "text editor";
fileManager = "file manager";
mail = "mail client";
media = {
audio = "audio player";
document = {
comic = "comic book reader";
ebook = "ebook reader";
pdf = "PDF reader";
};
image = {
bitmap = "bitmap image viewer";
vector = "vector image viewer";
editor = "image editor";
};
video = "video player";
};
office = {
database = "database management program";
formula = "formula editor";
graphics = "graphics editor";
presentation = "presentation editor";
spreadsheet = "spreadsheet editor";
text = "word processor";
};
terminal = "terminal"; # FIXME: should it also set `xdg.terminal-exec.settings.default`?
torrent = "bittorrent client";
};
};
config = lib.mkIf cfg.enable {
xdg = {
mimeApps = {
enable = true;
defaultApplications = lib.filterAttrs (_: apps: apps != null) {
"application/epub+zip" = app.media.document.ebook;
"application/gzip" = app.archive;
"application/json" = app.editor;
"application/ld+json" = app.editor;
"application/mxf " = app.media.video;
"application/ogg" = app.media.audio;
"application/pdf" = app.media.document.pdf;
"application/rss+xml" = app.editor;
"application/smil+xml " = app.media.video;
"application/vnd.amazon.ebook" = app.media.document.ebook;
"application/vnd.apple.mpegurl " = app.media.video;
"application/vnd.comicbook+zip" = app.media.document.comic;
"application/vnd.comicbook-rar" = app.media.document.comic;
"application/vnd.mozilla.xul+xml" = app.browser;
"application/vnd.ms-excel" = app.office.spreadsheet;
"application/vnd.ms-powerpoint" = app.office.presentation;
"application/vnd.ms-word" = app.office.text;
"application/vnd.oasis.opendocument.database" = app.office.database;
"application/vnd.oasis.opendocument.formula" = app.office.formula;
"application/vnd.oasis.opendocument.graphics" = app.office.graphics;
"application/vnd.oasis.opendocument.graphics-template" = app.office.graphics;
"application/vnd.oasis.opendocument.presentation" = app.office.presentation;
"application/vnd.oasis.opendocument.presentation-template" = app.office.presentation;
"application/vnd.oasis.opendocument.spreadsheet" = app.office.spreadsheet;
"application/vnd.oasis.opendocument.spreadsheet-template" = app.office.spreadsheet;
"application/vnd.oasis.opendocument.text" = app.office.text;
"application/vnd.oasis.opendocument.text-master" = app.office.text;
"application/vnd.oasis.opendocument.text-template" = app.office.text;
"application/vnd.oasis.opendocument.text-web" = app.office.text;
"application/vnd.openxmlformats-officedocument.presentationml.presentation" = app.office.presentation;
"application/vnd.openxmlformats-officedocument.presentationml.template" = app.office.presentation;
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" = app.office.spreadsheet;
"application/vnd.openxmlformats-officedocument.spreadsheetml.template" = app.office.spreadsheet;
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = app.office.text;
"application/vnd.openxmlformats-officedocument.wordprocessingml.template" = app.office.text;
"application/vnd.rar" = app.archive;
"application/vnd.stardivision.calc" = app.office.spreadsheet;
"application/vnd.stardivision.draw" = app.office.graphics;
"application/vnd.stardivision.impress" = app.office.presentation;
"application/vnd.stardivision.math" = app.office.formula;
"application/vnd.stardivision.writer" = app.office.text;
"application/vnd.sun.xml.base" = app.office.database;
"application/vnd.sun.xml.calc" = app.office.spreadsheet;
"application/vnd.sun.xml.calc.template" = app.office.spreadsheet;
"application/vnd.sun.xml.draw" = app.office.graphics;
"application/vnd.sun.xml.draw.template" = app.office.graphics;
"application/vnd.sun.xml.impress" = app.office.presentation;
"application/vnd.sun.xml.impress.template" = app.office.presentation;
"application/vnd.sun.xml.math" = app.office.formula;
"application/vnd.sun.xml.writer" = app.office.text;
"application/vnd.sun.xml.writer.global" = app.office.text;
"application/vnd.sun.xml.writer.template" = app.office.text;
"application/vnd.wordperfect" = app.office.text;
"application/x-7z-compressed" = app.archive;
"application/x-arj" = app.archive;
"application/x-bittorrent" = app.torrent;
"application/x-bzip" = app.archive;
"application/x-bzip-compressed-tar" = app.archive;
"application/x-bzip2" = app.archive;
"application/x-cb7" = app.media.document.comic;
"application/x-cbr" = app.media.document.comic;
"application/x-cbt" = app.media.document.comic;
"application/x-cbz" = app.media.document.comic;
"application/x-compress" = app.archive;
"application/x-compressed-tar" = app.archive;
"application/x-csh" = app.editor;
"application/x-cue" = app.media.audio;
"application/x-directory" = app.fileManager;
"application/x-extension-htm" = app.browser;
"application/x-extension-html" = app.browser;
"application/x-extension-ics" = app.calendar;
"application/x-extension-m4a" = app.media.audio;
"application/x-extension-mp4" = app.media.video;
"application/x-extension-shtml" = app.browser;
"application/x-extension-xht" = app.browser;
"application/x-extension-xhtml" = app.browser;
"application/x-fictionbook" = app.media.document.ebook;
"application/x-fictionbook+xml" = app.media.document.ebook;
"application/x-flac" = app.media.audio;
"application/x-gzip" = app.archive;
"application/x-lha" = app.archive;
"application/x-lhz" = app.archive;
"application/x-lzop" = app.archive;
"application/x-matroska" = app.media.video;
"application/x-netshow-channel" = app.media.video;
"application/x-quicktime-media-link" = app.media.video;
"application/x-quicktimeplayer" = app.media.video;
"application/x-rar" = app.archive;
"application/x-sh" = app.editor;
"application/x-shellscript" = app.editor;
"application/x-shorten " = app.media.audio;
"application/x-smil" = app.media.video;
"application/x-tar" = app.archive;
"application/x-tarz" = app.archive;
"application/x-wine-extension-ini" = app.editor;
"application/x-zip-compressed" = app.archive;
"application/x-zoo" = app.archive;
"application/xhtml+xml" = app.browser;
"application/xml" = app.editor;
"application/zip" = app.archive;
"audio/*" = app.media.video;
"image/*" = app.media.image.bitmap;
"image/svg+xml" = app.media.image.vector;
"image/x-compressed-xcf" = app.media.image.editor;
"image/x-fits" = app.media.image.editor;
"image/x-psd" = app.media.image.editor;
"image/x-xcf" = app.media.image.editor;
"inode/directory" = app.fileManager;
"message/rfc822" = app.mail;
"text/*" = app.editor;
"text/calendar" = app.calendar;
"text/html" = app.browser;
"text/plain" = app.editor;
"video/*" = app.media.video;
"x-scheme-handler/about" = app.browser;
"x-scheme-handler/chrome" = app.browser;
"x-scheme-handler/file" = app.fileManager;
"x-scheme-handler/ftp" = app.browser;
"x-scheme-handler/http" = app.browser;
"x-scheme-handler/https" = app.browser;
"x-scheme-handler/mailto" = app.mail;
"x-scheme-handler/mid" = app.mail;
"x-scheme-handler/terminal" = app.terminal;
"x-scheme-handler/unknown" = app.browser;
"x-scheme-handler/webcal" = app.calendar;
"x-scheme-handler/webcals" = app.calendar;
"x-www-browser" = app.browser;
# FIXME: relevant? https://bbs.archlinux.org/viewtopic.php?id=243125
# FIXME: shouldn't be necessary then
# "audio/AMR" = app.media.audio;
# "audio/aac" = app.media.audio;
# "audio/ac3" = app.media.audio;
# "audio/flac" = app.media.audio;
# "audio/mp2" = app.media.audio;
# "audio/mp4" = app.media.audio;
# "audio/mpeg" = app.media.audio;
# "audio/ogg" = app.media.audio;
# "audio/vnd.dts" = app.media.audio;
# "audio/vnd.dts.hd" = app.media.audio;
# "audio/vnd.rn-realaudio" = app.media.audio;
# "audio/webm" = app.media.audio;
# "audio/x-adpcm" = app.media.audio;
# "audio/x-aiff" = app.media.audio;
# "audio/x-ape" = app.media.audio;
# "audio/x-matroska" = app.media.audio;
# "audio/x-mpegurl" = app.media.audio;
# "audio/x-ms-asx" = app.media.audio;
# "audio/x-ms-wma" = app.media.audio;
# "audio/x-musepack" = app.media.audio;
# "audio/x-scpls" = app.media.audio;
# "audio/x-tta" = app.media.audio;
# "audio/x-vorbis+ogg" = app.media.audio;
# "audio/x-wav" = app.media.audio;
# "audio/x-wavpack" = app.media.audio;
# "image/bmp" = app.media.image.bitmap;
# "image/gif" = app.media.image.bitmap;
# "image/heif" = app.media.image.bitmap;
# "image/jpeg" = app.media.image.bitmap;
# "image/jpg" = app.media.image.bitmap;
# "image/pjpeg" = app.media.image.bitmap;
# "image/png" = app.media.image.bitmap;
# "image/tiff" = app.media.image.bitmap;
# "image/vnd.zbrush.pcx" = app.media.image.bitmap;
# "image/webp" = app.media.image.bitmap;
# "image/x-icb" = app.media.image.bitmap;
# "image/x-ico" = app.media.image.bitmap;
# "image/x-pcx" = app.media.image.bitmap;
# "image/x-portable-anymap" = app.media.image.bitmap;
# "image/x-portable-bitmap" = app.media.image.bitmap;
# "image/x-portable-graymap" = app.media.image.bitmap;
# "image/x-portable-pixmap" = app.media.image.bitmap;
# "image/x-tga" = app.media.image.bitmap;
# "image/x-xbitmap" = app.media.image.bitmap;
# "image/x-xpixmap" = app.media.image.bitmap;
# "image/x-xwindowdump" = app.media.image.bitmap;
# "text/tcl" = app.editor;
# "text/x-c++hdr" = app.editor;
# "text/x-c++src" = app.editor;
# "text/x-chdr" = app.editor;
# "text/x-csrc" = app.editor;
# "text/x-java" = app.editor;
# "text/x-makefile" = app.editor;
# "text/x-moc" = app.editor;
# "text/x-pascal" = app.editor;
# "text/x-tex" = app.editor;
# "video/3gpp" = app.media.video;
# "video/3gpp2" = app.media.video;
# "video/dv" = app.media.video;
# "video/mp2t" = app.media.video;
# "video/mp4" = app.media.video;
# "video/mpeg" = app.media.video;
# "video/ogg" = app.media.video;
# "video/quicktime" = app.media.video;
# "video/vnd.mpegurl" = app.media.video;
# "video/vnd.rn-realvideo" = app.media.video;
# "video/webm" = app.media.video;
# "video/x-flic" = app.media.video;
# "video/x-flv" = app.media.video;
# "video/x-matroska" = app.media.video;
# "video/x-ms-wmv" = app.media.video;
# "video/x-msvideo" = app.media.video;
# "video/x-ogm+ogg" = app.media.video;
# "video/x-theora+ogg" = app.media.video;
# FIXME: kind of weird formats, not quite adapted to attribute name
# "application/eps" = app.media.document.pdf
# "application/oxps" = app.media.document.pdf
# "application/postscript" = app.media.document.pdf
# "application/x-eps" = app.media.document.pdf
# "image/eps" = app.media.document.pdf
# "image/vnd.djvu" = app.media.document.pdf
# "image/vnd.djvu+multipage" = app.media.document.pdf
# "image/x-eps" = app.media.document.pdf
# FIXME: additionally interesting, but not necessary
# "x-scheme-handler/msteams" = [ "teams.desktop" ];
# "x-scheme-handler/slack" = [ "slack.desktop" ];
};
};
};
};
}

8
modules/home/zathura/default.nix
View file

@ -17,4 +17,12 @@ in
"statusbar-home-tilde" = true; "statusbar-home-tilde" = true;
}; };
}; };
config.my.home.xdg.mime-apps = lib.mkIf cfg.enable {
applications.media.document = {
comic = "org.pwmt.zathura.desktop";
ebook = "org.pwmt.zathura.desktop";
pdf = "org.pwmt.zathura.desktop";
};
};
} }

2
modules/home/zsh/default.nix
View file

@ -14,10 +14,12 @@ in
exclude = mkOption { exclude = mkOption {
type = with types; listOf str; type = with types; listOf str;
default = [ default = [
"bat"
"delta" "delta"
"direnv reload" "direnv reload"
"fg" "fg"
"git (?!push|pull|fetch)" "git (?!push|pull|fetch)"
"home-manager (?!switch|build|news)"
"htop" "htop"
"less" "less"
"man" "man"

1
modules/nixos/services/default.nix
View file

@ -38,6 +38,7 @@
./servarr ./servarr
./ssh-server ./ssh-server
./tandoor-recipes ./tandoor-recipes
./thelounge
./tlp ./tlp
./transmission ./transmission
./vikunja ./vikunja

143
modules/nixos/services/matrix/bridges.nix Normal file
View file

@ -0,0 +1,143 @@
# Matrix bridges for some services I use
{ config, lib, ... }:
let
cfg = config.my.services.matrix.bridges;
synapseCfg = config.services.matrix-synapse;
domain = config.networking.domain;
serverName = synapseCfg.settings.server_name;
mkBridgeOption = n: lib.mkEnableOption "${n} bridge" // { default = cfg.enable; };
mkPortOption = n: default: lib.mkOption {
type = lib.types.port;
inherit default;
example = 8080;
description = "${n} bridge port";
};
mkEnvironmentFileOption = n: lib.mkOption {
type = lib.types.str;
example = "/run/secret/matrix/${lib.toLower n}-bridge-secrets.env";
description = ''
Path to a file which should contain the secret values for ${n} bridge.
Using through the following format:
```
MATRIX_APPSERVICE_AS_TOKEN=<the_as_value>
MATRIX_APPSERVICE_HS_TOKEN=<the_hs_value>
```
Each bridge should use a different set of secrets, as they each register
their own independent double-puppetting appservice.
'';
};
in
{
options.my.services.matrix.bridges = with lib; {
enable = mkEnableOption "bridges configuration";
admin = mkOption {
type = types.str;
default = "ambroisie";
example = "admin";
description = "Local username for the admin";
};
facebook = {
enable = mkBridgeOption "Facebook";
port = mkPortOption "Facebook" 29321;
environmentFile = mkEnvironmentFileOption "Facebook";
};
};
config = lib.mkMerge [
(lib.mkIf cfg.facebook.enable {
services.mautrix-meta.instances.facebook = {
enable = true;
# Automatically register the bridge with synapse
registerToSynapse = true;
# Provide `AS_TOKEN`, `HS_TOKEN`
inherit (cfg.facebook) environmentFile;
settings = {
homeserver = {
domain = serverName;
address = "http://localhost:${toString config.my.services.matrix.port}";
};
appservice = {
hostname = "localhost";
inherit (cfg.facebook) port;
address = "http://localhost:${toString cfg.facebook.port}";
public_address = "https://facebook-bridge.${domain}";
as_token = "$MATRIX_APPSERVICE_AS_TOKEN";
hs_token = "$MATRIX_APPSERVICE_HS_TOKEN";
bot = {
username = "fbbot";
};
};
backfill = {
enabled = true;
};
bridge = {
delivery_receipts = true;
permissions = {
"*" = "relay";
${serverName} = "user";
"@${cfg.admin}:${serverName}" = "admin";
};
};
database = {
type = "postgres";
uri = "postgres:///mautrix-meta-facebook?host=/var/run/postgresql/";
};
double_puppet = {
secrets = {
${serverName} = "as_token:$MATRIX_APPSERVICE_AS_TOKEN";
};
};
network = {
# Don't be picky on Facebook/Messenger
allow_messenger_com_on_fb = true;
displayname_template = ''{{or .DisplayName .Username "Unknown user"}} (FB)'';
};
provisioning = {
shared_secret = "disable";
};
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "mautrix-meta-facebook" ];
ensureUsers = [{
name = "mautrix-meta-facebook";
ensureDBOwnership = true;
}];
};
systemd.services.mautrix-meta-facebook = {
wants = [ "postgres.service" ];
after = [ "postgres.service" ];
};
my.services.nginx.virtualHosts = {
# Proxy to the bridge
"facebook-bridge" = {
inherit (cfg.facebook) port;
};
};
})
];
}

199
modules/nixos/services/matrix/default.nix
View file

@ -1,24 +1,49 @@
# Matrix homeserver setup, using different endpoints for federation and client # Matrix homeserver setup.
# traffic. The main trick for this is defining two nginx servers endpoints for
# matrix.domain.com, each listening on different ports.
#
# Configuration shamelessly stolen from [1]
#
# [1]: https://github.com/alarsyo/nixos-config/blob/main/services/matrix.nix
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.my.services.matrix; cfg = config.my.services.matrix;
federationPort = { public = 8448; private = 11338; }; adminPkg = pkgs.synapse-admin-etkecc;
clientPort = { public = 443; private = 11339; };
domain = config.networking.domain; domain = config.networking.domain;
matrixDomain = "matrix.${domain}"; matrixDomain = "matrix.${domain}";
serverConfig = {
"m.server" = "${matrixDomain}:443";
};
clientConfig = {
"m.homeserver" = {
"base_url" = "https://${matrixDomain}";
"server_name" = domain;
};
"m.identity_server" = {
"base_url" = "https://vector.im";
};
};
# ACAO required to allow element-web on any URL to request this json file
mkWellKnown = data: ''
default_type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON data}';
'';
in in
{ {
imports = [
./bridges.nix
];
options.my.services.matrix = with lib; { options.my.services.matrix = with lib; {
enable = mkEnableOption "Matrix Synapse"; enable = mkEnableOption "Matrix Synapse";
port = mkOption {
type = types.port;
default = 8448;
example = 8008;
description = "Internal port for listeners";
};
secretFile = mkOption { secretFile = mkOption {
type = with types; nullOr str; type = with types; nullOr str;
default = null; default = null;
@ -58,22 +83,22 @@ in
enable_registration = false; enable_registration = false;
listeners = [ listeners = [
# Federation
{ {
inherit (cfg) port;
bind_addresses = [ "::1" ]; bind_addresses = [ "::1" ];
port = federationPort.private; type = "http";
tls = false; # Terminated by nginx. tls = false;
x_forwarded = true; x_forwarded = true;
resources = [{ names = [ "federation" ]; compress = false; }]; resources = [
} {
names = [ "client" ];
# Client compress = true;
{ }
bind_addresses = [ "::1" ]; {
port = clientPort.private; names = [ "federation" ];
tls = false; # Terminated by nginx. compress = false;
x_forwarded = true; }
resources = [{ names = [ "client" ]; compress = false; }]; ];
} }
]; ];
@ -96,19 +121,12 @@ in
chat = { chat = {
root = pkgs.element-web.override { root = pkgs.element-web.override {
conf = { conf = {
default_server_config = { default_server_config = clientConfig;
"m.homeserver" = { show_labs_settings = true;
"base_url" = "https://${matrixDomain}"; default_country_code = "FR"; # cocorico
"server_name" = domain; room_directory = {
};
"m.identity_server" = {
"base_url" = "https://vector.im";
};
};
showLabsSettings = true;
defaultCountryCode = "FR"; # cocorico
roomDirectory = {
"servers" = [ "servers" = [
domain
"matrix.org" "matrix.org"
"mozilla.org" "mozilla.org"
]; ];
@ -116,99 +134,54 @@ in
}; };
}; };
}; };
# Dummy VHosts for port collision detection matrix = {
matrix-federation = { # Somewhat unused, but necessary for port collision detection
port = federationPort.private; inherit (cfg) port;
};
matrix-client = { extraConfig = {
port = clientPort.private; locations = {
# Or do a redirect instead of the 404, or whatever is appropriate
# for you. But do not put a Matrix Web client here! See the
# Element web section above.
"/".return = "404";
"/_matrix".proxyPass = "http://[::1]:${toString cfg.port}";
"/_synapse".proxyPass = "http://[::1]:${toString cfg.port}";
"= /admin".return = "307 /admin/";
"/admin/" = {
alias = "${adminPkg}/";
priority = 500;
tryFiles = "$uri $uri/ /index.html";
};
"~ ^/admin/.*\\.(?:css|js|jpg|jpeg|gif|png|svg|ico|woff|woff2|ttf|eot|webp)$" = {
priority = 400;
root = adminPkg;
extraConfig = ''
rewrite ^/admin/(.*)$ /$1 break;
expires 30d;
more_set_headers "Cache-Control: public";
'';
};
};
};
}; };
}; };
# Those are too complicated to use my wrapper... # Setup well-known locations
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
${matrixDomain} = {
onlySSL = true;
useACMEHost = domain;
locations =
let
proxyToClientPort = {
proxyPass = "http://[::1]:${toString clientPort.private}";
};
in
{
# Or do a redirect instead of the 404, or whatever is appropriate
# for you. But do not put a Matrix Web client here! See the
# Element web section below.
"/".return = "404";
"/_matrix" = proxyToClientPort;
"/_synapse/client" = proxyToClientPort;
};
listen = [
{ addr = "0.0.0.0"; port = clientPort.public; ssl = true; }
{ addr = "[::]"; port = clientPort.public; ssl = true; }
];
};
# same as above, but listening on the federation port
"${matrixDomain}_federation" = {
onlySSL = true;
serverName = matrixDomain;
useACMEHost = domain;
locations."/".return = "404";
locations."/_matrix" = {
proxyPass = "http://[::1]:${toString federationPort.private}";
};
listen = [
{ addr = "0.0.0.0"; port = federationPort.public; ssl = true; }
{ addr = "[::]"; port = federationPort.public; ssl = true; }
];
};
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
useACMEHost = domain; useACMEHost = domain;
locations."= /.well-known/matrix/server".extraConfig = locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
let locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
server = { "m.server" = "${matrixDomain}:${toString federationPort.public}"; };
in
''
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
locations."= /.well-known/matrix/client".extraConfig =
let
client = {
"m.homeserver" = { "base_url" = "https://${matrixDomain}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; };
};
# ACAO required to allow element-web on any URL to request this json file
in
''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON client}';
'';
}; };
}; };
# For administration tools. # For administration tools.
environment.systemPackages = [ pkgs.matrix-synapse ]; environment.systemPackages = [ pkgs.matrix-synapse ];
networking.firewall.allowedTCPPorts = [
clientPort.public
federationPort.public
];
my.services.backup = { my.services.backup = {
paths = [ paths = [
config.services.matrix-synapse.dataDir config.services.matrix-synapse.dataDir

59
modules/nixos/services/thelounge/default.nix Normal file
View file

@ -0,0 +1,59 @@
# Web IRC client
{ config, lib, ... }:
let
cfg = config.my.services.thelounge;
in
{
options.my.services.thelounge = with lib; {
enable = mkEnableOption "The Lounge, a self-hosted web IRC client";
port = mkOption {
type = types.port;
default = 9050;
example = 4242;
description = "The port on which The Lounge will listen for incoming HTTP traffic.";
};
};
config = lib.mkIf cfg.enable {
services.thelounge = {
enable = true;
inherit (cfg) port;
extraConfig = {
reverseProxy = true;
};
};
my.services.nginx.virtualHosts = {
irc = {
inherit (cfg) port;
# Proxy websockets for RPC
websocketsLocations = [ "/" ];
extraConfig = {
locations."/".extraConfig = ''
proxy_read_timeout 1d;
'';
};
};
};
services.fail2ban.jails = {
thelounge = ''
enabled = true
filter = thelounge
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/thelounge.conf".text = ''
[Definition]
failregex = Authentication failed for user .* from <HOST>$
Authentication for non existing user attempted from <HOST>$
journalmatch = _SYSTEMD_UNIT=thelounge.service
'';
};
};
}

4
pkgs/comma/comma
View file

@ -12,9 +12,9 @@ usage() {
find_program() { find_program() {
local CANDIDATE local CANDIDATE
CANDIDATE="$(nix-locate --top-level --minimal --at-root --whole-name "/bin/$1")" CANDIDATE="$(nix-locate --minimal --at-root --whole-name "/bin/$1")"
if [ "$(printf '%s\n' "$CANDIDATE" | wc -l)" -gt 1 ]; then if [ "$(printf '%s\n' "$CANDIDATE" | wc -l)" -gt 1 ]; then
CANDIDATE="$(printf '%s' "$CANDIDATE" | fzf-tmux)" CANDIDATE="$(printf '%s' "$CANDIDATE" | "${COMMA_PICKER:-fzf-tmux}")"
fi fi
printf '%s' "$CANDIDATE" printf '%s' "$CANDIDATE"
} }

1
pkgs/lohr/default.nix
View file

@ -10,7 +10,6 @@ rustPlatform.buildRustPackage rec {
hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU=";
}; };
useFetchCargoVendor = true;
cargoHash = "sha256-R3/N/43+bGx6acE/rhBcrk6kS5zQu8NJ1sVvKJJkK9w="; cargoHash = "sha256-R3/N/43+bGx6acE/rhBcrk6kS5zQu8NJ1sVvKJJkK9w=";
meta = with lib; { meta = with lib; {