diff --git a/flake.lock b/flake.lock index 83ccfd7..de89669 100644 --- a/flake.lock +++ b/flake.lock @@ -14,11 +14,11 @@ ] }, "locked": { - "lastModified": 1718371084, - "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "owner": "ryantm", "repo": "agenix", - "rev": "3a56735779db467538fb2e577eda28a9daacaca6", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "type": "github" }, "original": { @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1717285511, - "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1719438532, - "narHash": "sha256-/Vmso2ZMoFE3M7d1MRsQ2K5sR8CVKnrM6t1ys9Xjpz4=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "1a4f12ae0bda877ec4099b429cf439aad897d7e9", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -150,13 +150,29 @@ "type": "github" } }, + "impermanence": { + "locked": { + "lastModified": 1697303681, + "narHash": "sha256-caJ0rXeagaih+xTgRduYtYKL1rZ9ylh06CIrt1w5B4g=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "0f317c2e9e56550ce12323eb39302d251618f5b5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "impermanence", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1719254875, - "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -168,11 +184,11 @@ }, "nur": { "locked": { - "lastModified": 1719564461, - "narHash": "sha256-wCFs1sf1tPoV3nCG5N5KaakAKm88FyzN6pRdOsOqNZg=", + "lastModified": 1730885145, + "narHash": "sha256-UPrBEY0No1O3ULb67xYjRh2r3u7MnZovfo1oYSPCIxI=", "owner": "nix-community", "repo": "NUR", - "rev": "7369862c4a8f293f6fde79044369dad7dfc04798", + "rev": "c0d8828600ef47d475e6ec33513bf9af6eb6b991", "type": "github" }, "original": { @@ -194,11 +210,11 @@ ] }, "locked": { - "lastModified": 1719259945, - "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=", + "lastModified": 1730814269, + "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07", + "rev": "d70155fdc00df4628446352fc58adc640cd705c2", "type": "github" }, "original": { @@ -214,6 +230,7 @@ "flake-parts": "flake-parts", "futils": "futils", "home-manager": "home-manager", + "impermanence": "impermanence", "nixpkgs": "nixpkgs", "nur": "nur", "pre-commit-hooks": "pre-commit-hooks", diff --git a/flake.nix b/flake.nix index a07ee15..5a5b0ef 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,13 @@ }; }; + impermanence = { + type = "github"; + owner = "nix-community"; + repo = "impermanence"; + ref = "master"; + }; + nixpkgs = { type = "github"; owner = "NixOS"; diff --git a/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age b/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age deleted file mode 100644 index e938cfa..0000000 --- a/hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 cKojmg xRtF3XVc7yPicAV/E4U7mn0itvD0h1BWBTjwunuoe2E -OkB9sjGB3ulH4Feuyj3Ed0DBG4+mghW/Qpum9oXL/8c --> ssh-ed25519 jPowng 1r8drqhz1yZdTq0Kvqya+ArU1C2fkN7Gg9LiWWfeUFg -cjbxntVwHvqLaJpiKs/Y8ojeb6e3/cLFcsoeuoobfFg ---- B1qA2PylJBrdZxZtCzlU2kRPvxLM+IrXTvR+ERxVtTY -"W9bg~/b4ՆI -} -NC7vWb?8=wB UpJClOșnO\ \ No newline at end of file diff --git a/hosts/nixos/porthos/secrets/pdf-edit/login.age b/hosts/nixos/porthos/secrets/pdf-edit/login.age new file mode 100644 index 0000000..7f13f88 --- /dev/null +++ b/hosts/nixos/porthos/secrets/pdf-edit/login.age @@ -0,0 +1,8 @@ +age-encryption.org/v1 +-> ssh-ed25519 cKojmg VYlHgHSLpfKb5bn1XA3aCpfX7M23DgbraLxxOfo9PDk +Rj+mDvAsWX3WwpuhTrOubmo17j/aud5+P87df5bosBA +-> ssh-ed25519 jPowng o9ZFaYrITZ6DjWw07Vk/+TkuU187/ytlEK4sw7G32G4 +zmxlpDvDDEgQFqBVARXeX1ABhvfJ4uAHfa6mIxXzjAY +--- k/d9FWW8/OSo8EllwOBV74pZyX918u54jEljGk3ATUc +4+2{hE7!ҭGA`ׁ_@ߗR_6JL4v,6%#^  BOF|7ܽL]jR +B۾as]xS pbo#J1Q=t}5>O{+. M"7ey \ No newline at end of file diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix index c43376b..68e90f2 100644 --- a/hosts/nixos/porthos/secrets/secrets.nix +++ b/hosts/nixos/porthos/secrets/secrets.nix @@ -48,9 +48,6 @@ in owner = "matrix-synapse"; publicKeys = all; }; - "matrix/sliding-sync-secret.age" = { - publicKeys = all; - }; "mealie/mail.age" = { publicKeys = all; @@ -77,13 +74,24 @@ in "paperless/password.age".publicKeys = all; "paperless/secret-key.age".publicKeys = all; + "pdf-edit/login.age".publicKeys = all; + "podgrab/password.age".publicKeys = all; "pyload/credentials.age".publicKeys = all; - "sso/auth-key.age".publicKeys = all; - "sso/ambroisie/password-hash.age".publicKeys = all; - "sso/ambroisie/totp-secret.age".publicKeys = all; + "sso/auth-key.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; + "sso/ambroisie/password-hash.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; + "sso/ambroisie/totp-secret.age" = { + owner = "nginx-sso"; + publicKeys = all; + }; "tandoor-recipes/secret-key.age".publicKeys = all; diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix index 23901f7..a2339f4 100644 --- a/hosts/nixos/porthos/services.nix +++ b/hosts/nixos/porthos/services.nix @@ -69,9 +69,6 @@ in mailConfigFile = secrets."matrix/mail".path; # Only necessary when doing the initial registration secretFile = secrets."matrix/secret".path; - slidingSync = { - secretFile = secrets."matrix/sliding-sync-secret".path; - }; }; mealie = { enable = true; @@ -127,20 +124,10 @@ in passwordFile = secrets."paperless/password".path; secretKeyFile = secrets."paperless/secret-key".path; }; - # The whole *arr software suite - pirate = { + # Sometimes, editing PDFs is useful + pdf-edit = { enable = true; - # ... But not Lidarr because I don't care for music that much - lidarr = { - enable = false; - }; - }; - # Podcast automatic downloader - podgrab = { - enable = true; - passwordFile = secrets."podgrab/password".path; - dataDir = "/data/media/podcasts"; - port = 9598; + loginFile = secrets."pdf-edit/login".path; }; # Regular backups postgresql-backup.enable = true; @@ -152,7 +139,15 @@ in rss-bridge.enable = true; # Usenet client sabnzbd.enable = true; - # Because I stilll need to play sysadmin + # The whole *arr software suite + servarr = { + enable = true; + # ... But not Lidarr because I don't care for music that much + lidarr = { + enable = false; + }; + }; + # Because I still need to play sysadmin ssh-server.enable = true; # Recipe manager tandoor-recipes = { diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix index b8973cc..3f06263 100644 --- a/modules/home/atuin/default.nix +++ b/modules/home/atuin/default.nix @@ -1,15 +1,19 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let cfg = config.my.home.atuin; in { options.my.home.atuin = with lib; { enable = my.mkDisableOption "atuin configuration"; + + # I want the full experience by default + package = mkPackageOption pkgs "atuin" { }; }; config = lib.mkIf cfg.enable { programs.atuin = { enable = true; + inherit (cfg) package; flags = [ # I *despise* this hijacking of the up key, even though I use Ctrl-p diff --git a/modules/home/calibre/default.nix b/modules/home/calibre/default.nix index 6edf654..de7c126 100644 --- a/modules/home/calibre/default.nix +++ b/modules/home/calibre/default.nix @@ -5,11 +5,13 @@ in { options.my.home.calibre = with lib; { enable = mkEnableOption "calibre configuration"; + + package = mkPackageOption pkgs "calibre" { }; }; config = lib.mkIf cfg.enable { home.packages = with pkgs; [ - calibre + cfg.package ]; }; } diff --git a/modules/home/direnv/lib/android.sh b/modules/home/direnv/lib/android.sh index fa2f856..9344aea 100644 --- a/modules/home/direnv/lib/android.sh +++ b/modules/home/direnv/lib/android.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash # shellcheck disable=2155 use_android() { @@ -32,10 +32,16 @@ use_android() { -b|--build-tools) build_tools_version="$2" shift 2 + if ! [ -e "$ANDROID_HOME/build-tools/$build_tools_version" ]; then + log_error "use_android: build-tools version '$build_tools_version' does not exist" + fi ;; -n|--ndk) ndk_version="$2" shift 2 + if ! [ -e "$ANDROID_HOME/ndk/$ndk_version" ]; then + log_error "use_android: NDK version '$ndk_version' does not exist" + fi ;; --) shift diff --git a/modules/home/direnv/lib/nix.sh b/modules/home/direnv/lib/nix.sh index a65eb31..4b6c547 100644 --- a/modules/home/direnv/lib/nix.sh +++ b/modules/home/direnv/lib/nix.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash use_pkgs() { if ! has nix; then diff --git a/modules/home/direnv/lib/postgres.sh b/modules/home/direnv/lib/postgres.sh index c2e6a8f..46e171d 100644 --- a/modules/home/direnv/lib/postgres.sh +++ b/modules/home/direnv/lib/postgres.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash layout_postgres() { if ! has postgres || ! has initdb; then diff --git a/modules/home/direnv/lib/python.sh b/modules/home/direnv/lib/python.sh index 15a273f..780fbe6 100644 --- a/modules/home/direnv/lib/python.sh +++ b/modules/home/direnv/lib/python.sh @@ -1,4 +1,4 @@ -#shellcheck shell=bash +# shellcheck shell=bash layout_poetry() { if ! has poetry; then @@ -9,12 +9,12 @@ layout_poetry() { if [[ ! -f pyproject.toml ]]; then # shellcheck disable=2016 - log_error 'layout_poetry: no pyproject.toml found. Use `poetry new` or `poetry init` to create one first' + log_error 'layout_poetry: no pyproject.toml found. Use `poetry init` to create one first' return 1 fi # create venv if it doesn't exist - poetry run true + poetry run -q -- true # shellcheck disable=2155 export VIRTUAL_ENV=$(poetry env info --path) @@ -23,3 +23,34 @@ layout_poetry() { watch_file pyproject.toml watch_file poetry.lock } + +layout_uv() { + if ! has uv; then + # shellcheck disable=2016 + log_error 'layout_uv: `uv` is not in PATH' + return 1 + fi + + if [[ ! -f pyproject.toml ]]; then + # shellcheck disable=2016 + log_error 'layout_uv: no pyproject.toml found. Use `uv init` to create one first' + return 1 + fi + + local default_venv="$PWD/.venv" + : "${VIRTUAL_ENV:=$default_venv}" + + # Use non-default venv path if required + if [ "$VIRTUAL_ENV" != "$default_venv" ]; then + export UV_PROJECT_ENVIRONMENT="$VIRTUAL_ENV" + fi + + # create venv if it doesn't exist + uv venv -q + + export VIRTUAL_ENV + export UV_ACTIVE=1 + PATH_add "$VIRTUAL_ENV/bin" + watch_file pyproject.toml + watch_file uv.lock +} diff --git a/modules/home/discord/default.nix b/modules/home/discord/default.nix index 7348bb4..bfa5d40 100644 --- a/modules/home/discord/default.nix +++ b/modules/home/discord/default.nix @@ -7,11 +7,13 @@ in { options.my.home.discord = with lib; { enable = mkEnableOption "discord configuration"; + + package = mkPackageOption pkgs "discord" { }; }; config = lib.mkIf cfg.enable { home.packages = with pkgs; [ - discord + cfg.package ]; xdg.configFile."discord/settings.json".source = diff --git a/modules/home/firefox/tridactyl/tridactylrc b/modules/home/firefox/tridactyl/tridactylrc index 36bd59d..775719c 100644 --- a/modules/home/firefox/tridactyl/tridactylrc +++ b/modules/home/firefox/tridactyl/tridactylrc @@ -4,7 +4,7 @@ " Use dark color scheme colorscheme dark -" Make tridactyl open Vim in my prefered terminal +" Make tridactyl open Vim in my preferred terminal set editorcmd @editorcmd@ " Remove editor file after use diff --git a/modules/home/gdb/default.nix b/modules/home/gdb/default.nix index fe8eb69..1ffc6bd 100644 --- a/modules/home/gdb/default.nix +++ b/modules/home/gdb/default.nix @@ -6,33 +6,28 @@ in options.my.home.gdb = with lib; { enable = my.mkDisableOption "gdb configuration"; + package = mkPackageOption pkgs "gdb" { }; + rr = { enable = my.mkDisableOption "rr configuration"; - package = mkOption { - type = types.package; - default = pkgs.rr; - defaultText = literalExample "pkgs.rr"; - description = '' - Package providing rr - ''; - }; + package = mkPackageOption pkgs "rr" { }; }; }; config = lib.mkIf cfg.enable (lib.mkMerge [ { home.packages = with pkgs; [ - gdb + cfg.package ]; xdg = { configFile."gdb/gdbinit".source = ./gdbinit; - dataFile. "gdb/.keep".text = ""; + stateFile."gdb/.keep".text = ""; }; home.sessionVariables = { - GDBHISTFILE = "${config.xdg.dataHome}/gdb/gdb_history"; + GDBHISTFILE = "${config.xdg.stateHome}/gdb/gdb_history"; }; } diff --git a/modules/home/gtk/default.nix b/modules/home/gtk/default.nix index 62d3f81..f10087d 100644 --- a/modules/home/gtk/default.nix +++ b/modules/home/gtk/default.nix @@ -21,12 +21,12 @@ in }; iconTheme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; theme = { - package = pkgs.gnome.gnome-themes-extra; + package = pkgs.gnome-themes-extra; name = "Adwaita"; }; }; diff --git a/modules/home/mail/accounts/default.nix b/modules/home/mail/accounts/default.nix index 8886139..202b9bc 100644 --- a/modules/home/mail/accounts/default.nix +++ b/modules/home/mail/accounts/default.nix @@ -58,7 +58,7 @@ in { config.accounts.email.accounts = { personal = lib.mkMerge [ - # Common configuraton + # Common configuration (mkConfig { domain = "belanyi.fr"; address = "bruno"; @@ -70,7 +70,7 @@ in ]; gmail = lib.mkMerge [ - # Common configuraton + # Common configuration (mkConfig { domain = "gmail.com"; address = "brunobelanyi"; diff --git a/modules/home/nix/default.nix b/modules/home/nix/default.nix index c0bbcc8..c67cc6a 100644 --- a/modules/home/nix/default.nix +++ b/modules/home/nix/default.nix @@ -22,6 +22,10 @@ in options.my.home.nix = with lib; { enable = my.mkDisableOption "nix configuration"; + gc = { + enable = my.mkDisableOption "nix GC configuration"; + }; + cache = { selfHosted = my.mkDisableOption "self-hosted cache"; }; @@ -60,6 +64,22 @@ in }; } + (lib.mkIf cfg.gc.enable { + nix.gc = { + automatic = true; + + # Every week, with some wiggle room + frequency = "weekly"; + randomizedDelaySec = "10min"; + + # Use a persistent timer for e.g: laptops + persistent = true; + + # Delete old profiles automatically after 15 days + options = "--delete-older-than 15d"; + }; + }) + (lib.mkIf cfg.cache.selfHosted { nix = { settings = { diff --git a/modules/home/nixpkgs/default.nix b/modules/home/nixpkgs/default.nix index a4946db..720fc9b 100644 --- a/modules/home/nixpkgs/default.nix +++ b/modules/home/nixpkgs/default.nix @@ -13,8 +13,8 @@ in ]; home.sessionVariables = { - GITHUB_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; - GITHUB_API_TOKEN = ''$(cat ${lib.escapeShellArg config.age.secrets."github/token".path})''; + GITHUB_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; + GITHUB_API_TOKEN = ''$(cat "${config.age.secrets."github/token".path}")''; }; }; } diff --git a/modules/home/pager/default.nix b/modules/home/pager/default.nix index e304097..1119440 100644 --- a/modules/home/pager/default.nix +++ b/modules/home/pager/default.nix @@ -15,7 +15,7 @@ in # Clear the screen on start and exit LESS = "-R -+X -c"; # Better XDG compliance - LESSHISTFILE = "${config.xdg.dataHome}/less/history"; + LESSHISTFILE = "${config.xdg.stateHome}/less/history"; LESSKEY = "${config.xdg.configHome}/less/lesskey"; }; }; diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix index 501b954..71ce4ca 100644 --- a/modules/home/tmux/default.nix +++ b/modules/home/tmux/default.nix @@ -30,7 +30,7 @@ in }); default = { ${config.my.home.terminal.program} = { }; }; - defaultText = litteralExpression '' + defaultText = literalExpression '' { ''${config.my.home.terminal.program} = { }; }; ''; example = { xterm-256color = { }; }; diff --git a/modules/home/vim/after/ftplugin/netrw.vim b/modules/home/vim/after/ftplugin/netrw.vim deleted file mode 100644 index e3689f8..0000000 --- a/modules/home/vim/after/ftplugin/netrw.vim +++ /dev/null @@ -1,6 +0,0 @@ -" Create the `b:undo_ftplugin` variable if it doesn't exist -call ftplugined#check_undo_ft() - -" Don't show Netrw in buffer list -setlocal bufhidden=delete -let b:undo_ftplugin='|setlocal bufhidden<' diff --git a/modules/home/vim/after/plugin/mappings/misc.lua b/modules/home/vim/after/plugin/mappings/misc.lua deleted file mode 100644 index 6aa25a2..0000000 --- a/modules/home/vim/after/plugin/mappings/misc.lua +++ /dev/null @@ -1,7 +0,0 @@ -local wk = require("which-key") - -local keys = { - [""] = { "nohls", "Clear search highlight" }, -} - -wk.register(keys, { prefix = "" }) diff --git a/modules/home/vim/after/plugin/mappings/telescope.lua b/modules/home/vim/after/plugin/mappings/telescope.lua deleted file mode 100644 index 0867b36..0000000 --- a/modules/home/vim/after/plugin/mappings/telescope.lua +++ /dev/null @@ -1,15 +0,0 @@ -local wk = require("which-key") -local telescope_builtin = require("telescope.builtin") - -local keys = { - f = { - name = "Fuzzy finder", - b = { telescope_builtin.buffers, "Open buffers" }, - f = { telescope_builtin.git_files, "Git tracked files" }, - F = { telescope_builtin.find_files, "Files" }, - g = { telescope_builtin.live_grep, "Grep string" }, - G = { telescope_builtin.grep_string, "Grep string under cursor" }, - }, -} - -wk.register(keys, { prefix = "" }) diff --git a/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua b/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua deleted file mode 100644 index 631731c..0000000 --- a/modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua +++ /dev/null @@ -1,30 +0,0 @@ -local wk = require("which-key") - -local motions = { - ["]m"] = "Next method start", - ["]M"] = "Next method end", - ["]S"] = "Next statement start", - ["]]"] = "Next class start", - ["]["] = "Next class end", - ["[m"] = "Previous method start", - ["[M"] = "Previous method end", - ["[S"] = "Previous statement start", - ["[["] = "Previous class start", - ["[]"] = "Previous class end", -} - -local objects = { - ["aa"] = "a parameter", - ["ia"] = "inner parameter", - ["ab"] = "a block", - ["ib"] = "inner block", - ["ac"] = "a class", - ["ic"] = "inner class", - ["af"] = "a function", - ["if"] = "inner function", - ["ak"] = "a comment", - ["aS"] = "a statement", -} - -wk.register(motions, { mode = "n" }) -wk.register(objects, { mode = "o" }) diff --git a/modules/home/vim/after/plugin/mappings/unimpaired.lua b/modules/home/vim/after/plugin/mappings/unimpaired.lua index f502056..82aab05 100644 --- a/modules/home/vim/after/plugin/mappings/unimpaired.lua +++ b/modules/home/vim/after/plugin/mappings/unimpaired.lua @@ -3,126 +3,124 @@ local wk = require("which-key") local lsp = require("ambroisie.lsp") local keys = { - -- Edition and navigation mappins - ["["] = { - name = "Previous", - [""] = "Insert blank line above", - [""] = "Previous location list file", - [""] = "Previous quickfix list file", - [""] = "Previous tag in preview window", - a = "Previous argument", - A = "First argument", - b = "Previous buffer", - B = "First buffer", - e = "Exchange previous line", - f = "Previous file in directory", - l = "Previous location list entry", - L = "First Location list entry", - n = "Previous conflict marker/diff hunk", - p = "Paste line above", - P = "Paste line above", - q = "Previous quickfix list entry", - Q = "First quickfix list entry", - t = "Previous matching tag", - T = "First matching tag", - z = "Previous fold", - -- Encoding - C = "C string encode", - u = "URL encode", - x = "XML encode", - y = "C string encode", - -- Custom - d = { lsp.goto_prev_diagnostic, "Previous diagnostic" }, - }, - ["]"] = { - name = "Next", - [""] = "Insert blank line below", - [""] = "Next location list file", - [""] = "Next quickfix list file", - [""] = "Next tag in preview window", - a = "Next argument", - A = "Last argument", - b = "Next buffer", - B = "Last buffer", - e = "Exchange next line", - f = "Next file in directory", - l = "Next location list entry", - L = "Last Location list entry", - n = "Next conflict marker/diff hunk", - p = "Paste line below", - P = "Paste line below", - q = "Next quickfix list entry", - Q = "Last quickfix list entry", - t = "Next matching tag", - T = "Last matching tag", - z = "Next fold", - -- Decoding - C = "C string decode", - u = "URL decode", - x = "XML decode", - y = "C string decode", - -- Custom - d = { lsp.goto_next_diagnostic, "Next diagnostic" }, - }, + -- Previous + { "[", group = "Previous" }, + -- Edition and navigation mappings + { "[", desc = "Insert blank line above" }, + { "[", desc = "Previous location list file" }, + { "[", desc = "Previous quickfix list file" }, + { "[", desc = "Previous tag in preview window" }, + { "[a", desc = "Previous argument" }, + { "[A", desc = "First argument" }, + { "[b", desc = "Previous buffer" }, + { "[B", desc = "First buffer" }, + { "[e", desc = "Exchange previous line" }, + { "[f", desc = "Previous file in directory" }, + { "[l", desc = "Previous location list entry" }, + { "[L", desc = "First Location list entry" }, + { "[n", desc = "Previous conflict marker/diff hunk" }, + { "[p", desc = "Paste line above" }, + { "[P", desc = "Paste line above" }, + { "[q", desc = "Previous quickfix list entry" }, + { "[Q", desc = "First quickfix list entry" }, + { "[t", desc = "Previous matching tag" }, + { "[T", desc = "First matching tag" }, + { "[z", desc = "Previous fold" }, + -- Encoding + { "[C", desc = "C string encode" }, + { "[u", desc = "URL encode" }, + { "[x", desc = "XML encode" }, + { "[y", desc = "C string encode" }, + -- Custom + { "[d", lsp.goto_prev_diagnostic, desc = "Previous diagnostic" }, - -- Option mappings - ["[o"] = { - name = "Enable option", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatEnable", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - r = "Relative line numbers", - p = { "lwindow", "Location list" }, - q = { "cwindow", "Quickfix list" }, - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, - ["]o"] = { - name = "Option off", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatDisable", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - p = { "lclose", "Location list" }, - q = { "cclose", "Quickfix list" }, - r = "Relative line numbers", - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, - ["yo"] = { - name = "Option toggle", - b = "Light background", - c = "Cursor line", - d = "Diff", - f = { "FormatToggle", "LSP Formatting" }, - h = "Search high-lighting", - i = "Case insensitive search", - l = "List mode", - n = "Line numbers", - p = { "(qf_loc_toggle)", "Location list" }, - q = { "(qf_qf_toggle)", "Quickfix list" }, - r = "Relative line numbers", - u = "Cursor column", - v = "Virtual editing", - w = "Text wrapping", - x = "Cursor line and column", - z = "Spell checking", - }, + -- Next + { "]", group = "Next" }, + -- Edition and navigation mappings + { "]", desc = "Insert blank line below" }, + { "]", desc = "Next location list file" }, + { "]", desc = "Next quickfix list file" }, + { "]", desc = "Next tag in preview window" }, + { "]a", desc = "Next argument" }, + { "]A", desc = "Last argument" }, + { "]b", desc = "Next buffer" }, + { "]B", desc = "Last buffer" }, + { "]e", desc = "Exchange next line" }, + { "]f", desc = "Next file in directory" }, + { "]l", desc = "Next location list entry" }, + { "]L", desc = "Last Location list entry" }, + { "]n", desc = "Next conflict marker/diff hunk" }, + { "]p", desc = "Paste line below" }, + { "]P", desc = "Paste line below" }, + { "]q", desc = "Next quickfix list entry" }, + { "]Q", desc = "Last quickfix list entry" }, + { "]t", desc = "Next matching tag" }, + { "]T", desc = "Last matching tag" }, + { "]z", desc = "Next fold" }, + -- Decoding + { "]C", desc = "C string decode" }, + { "]u", desc = "URL decode" }, + { "]x", desc = "XML decode" }, + { "]y", desc = "C string decode" }, + -- Custom + { "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" }, + + -- Enable option + { "[o", group = "Enable option" }, + { "[ob", desc = "Light background" }, + { "[oc", desc = "Cursor line" }, + { "[od", desc = "Diff" }, + { "[of", "FormatEnable", desc = "LSP Formatting" }, + { "[oh", desc = "Search high-lighting" }, + { "[oi", desc = "Case insensitive search" }, + { "[ol", desc = "List mode" }, + { "[on", desc = "Line numbers" }, + { "[or", desc = "Relative line numbers" }, + { "[op", "lwindow", desc = "Location list" }, + { "[oq", "cwindow", desc = "Quickfix list" }, + { "[ou", desc = "Cursor column" }, + { "[ov", desc = "Virtual editing" }, + { "[ow", desc = "Text wrapping" }, + { "[ox", desc = "Cursor line and column" }, + { "[oz", desc = "Spell checking" }, + + -- Disable option + { "]o", group = "Disable option" }, + { "]ob", desc = "Light background" }, + { "]oc", desc = "Cursor line" }, + { "]od", desc = "Diff" }, + { "]of", "FormatDisable", desc = "LSP Formatting" }, + { "]oh", desc = "Search high-lighting" }, + { "]oi", desc = "Case insensitive search" }, + { "]ol", desc = "List mode" }, + { "]on", desc = "Line numbers" }, + { "]op", "lclose", desc = "Location list" }, + { "]oq", "cclose", desc = "Quickfix list" }, + { "]or", desc = "Relative line numbers" }, + { "]ou", desc = "Cursor column" }, + { "]ov", desc = "Virtual editing" }, + { "]ow", desc = "Text wrapping" }, + { "]ox", desc = "Cursor line and column" }, + { "]oz", desc = "Spell checking" }, + + -- Toggle option + { "yo", group = "Toggle option" }, + { "yob", desc = "Light background" }, + { "yoc", desc = "Cursor line" }, + { "yod", desc = "Diff" }, + { "yof", "FormatToggle", desc = "LSP Formatting" }, + { "yoh", desc = "Search high-lighting" }, + { "yoi", desc = "Case insensitive search" }, + { "yol", desc = "List mode" }, + { "yon", desc = "Line numbers" }, + { "yop", "(qf_loc_toggle)", desc = "Location list" }, + { "yoq", "(qf_qf_toggle)", desc = "Quickfix list" }, + { "yor", desc = "Relative line numbers" }, + { "you", desc = "Cursor column" }, + { "yov", desc = "Virtual editing" }, + { "yow", desc = "Text wrapping" }, + { "yox", desc = "Cursor line and column" }, + { "yoz", desc = "Spell checking" }, } -wk.register(keys) +wk.add(keys) diff --git a/modules/home/vim/after/queries/diff/highlights.scm b/modules/home/vim/after/queries/diff/highlights.scm new file mode 100644 index 0000000..c998725 --- /dev/null +++ b/modules/home/vim/after/queries/diff/highlights.scm @@ -0,0 +1,5 @@ +; extends + +; I want to the line added/removed markers to be the correct color +"+" @diff.plus +"-" @diff.minus diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index d7280fb..8e6bd5c 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -46,14 +46,9 @@ in vim-repeat # Enanche '.' for plugins vim-rsi # Readline mappings vim-unimpaired # Some ex command mappings - vim-vinegar # Better netrw # Languages - rust-vim vim-beancount - vim-jsonnet - vim-nix - vim-toml # General enhancements vim-qf # Better quick-fix list @@ -85,6 +80,7 @@ in dressing-nvim # Integrate native UI hooks with Telescope etc... gitsigns-nvim # Fast git UI integration nvim-surround # Deal with pairs, now in Lua + oil-nvim # Better alternative to NetrW telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions telescope-nvim # Fuzzy finder interface @@ -104,6 +100,9 @@ in # Shell bash-language-server shfmt + + # Generic + typos-lsp ]; }; diff --git a/modules/home/vim/init.vim b/modules/home/vim/init.vim index 3a74c4f..0b54676 100644 --- a/modules/home/vim/init.vim +++ b/modules/home/vim/init.vim @@ -1,4 +1,4 @@ -" Basic configuraion {{{ +" Basic configuration {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" " Use UTF-8 set encoding=utf-8 @@ -38,10 +38,10 @@ set tabstop=8 " File parameters {{{ """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" -" Disable backups, we have source control for that -set nobackup -" Disable swapfiles too +" Disable swap files set noswapfile +" Enable undo files +set undofile " }}} " UI and UX parameters {{{ @@ -100,7 +100,13 @@ gruvbox.setup({ DiffChange = { fg = colors.aqua, bg = "NONE" }, DiffDelete = { fg = colors.red, bg = "NONE" }, DiffText = { fg = colors.yellow, bg = colors.bg0 }, - } + -- Directories "pop" better in blue + Directory = { link = "GruvboxBlueBold" }, + }, + italic = { + -- Comments should not be italic, for e.g: box drawing + comments = false, + }, }) EOF " Use my preferred colorscheme diff --git a/modules/home/vim/lua/ambroisie/lsp.lua b/modules/home/vim/lua/ambroisie/lsp.lua index dc47366..eb53da6 100644 --- a/modules/home/vim/lua/ambroisie/lsp.lua +++ b/modules/home/vim/lua/ambroisie/lsp.lua @@ -42,7 +42,7 @@ end --- shared LSP configuration callback --- @param client native client configuration ---- @param bufnr int? buffer number of the attched client +--- @param bufnr int? buffer number of the attached client M.on_attach = function(client, bufnr) -- Format on save lsp_format.on_attach(client, bufnr) @@ -87,31 +87,30 @@ M.on_attach = function(client, bufnr) end local keys = { - K = { vim.lsp.buf.hover, "Show symbol information" }, - [""] = { vim.lsp.buf.signature_help, "Show signature information" }, - ["gd"] = { vim.lsp.buf.definition, "Go to definition" }, - ["gD"] = { vim.lsp.buf.declaration, "Go to declaration" }, - ["gi"] = { vim.lsp.buf.implementation, "Go to implementation" }, - ["gr"] = { vim.lsp.buf.references, "List all references" }, - - ["c"] = { - name = "Code", - a = { vim.lsp.buf.code_action, "Code actions" }, - d = { cycle_diagnostics_display, "Cycle diagnostics display" }, - D = { show_buffer_diagnostics, "Show buffer diagnostics" }, - r = { vim.lsp.buf.rename, "Rename symbol" }, - s = { vim.lsp.buf.signature_help, "Show signature" }, - t = { vim.lsp.buf.type_definition, "Go to type definition" }, - w = { - name = "Workspace", - a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" }, - l = { list_workspace_folders, "List folders in workspace" }, - r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" }, - }, - }, + buffer = bufnr, + -- LSP navigation + { "K", vim.lsp.buf.hover, desc = "Show symbol information" }, + { "", vim.lsp.buf.signature_help, desc = "Show signature information" }, + { "gd", vim.lsp.buf.definition, desc = "Go to definition" }, + { "gD", vim.lsp.buf.declaration, desc = "Go to declaration" }, + { "gi", vim.lsp.buf.implementation, desc = "Go to implementation" }, + { "gr", vim.lsp.buf.references, desc = "List all references" }, + -- Code + { "c", group = "Code" }, + { "ca", vim.lsp.buf.code_action, desc = "Code actions" }, + { "cd", cycle_diagnostics_display, desc = "Cycle diagnostics display" }, + { "cD", show_buffer_diagnostics, desc = "Show buffer diagnostics" }, + { "cr", vim.lsp.buf.rename, desc = "Rename symbol" }, + { "cs", vim.lsp.buf.signature_help, desc = "Show signature" }, + { "ct", vim.lsp.buf.type_definition, desc = "Go to type definition" }, + -- Workspace + { "cw", group = "Workspace" }, + { "cwa", vim.lsp.buf.add_workspace_folder, desc = "Add folder to workspace" }, + { "cwl", list_workspace_folders, desc = "List folders in workspace" }, + { "cwr", vim.lsp.buf.remove_workspace_folder, desc = "Remove folder from workspace" }, } - wk.register(keys, { buffer = bufnr }) + wk.add(keys) end return M diff --git a/modules/home/vim/lua/ambroisie/utils.lua b/modules/home/vim/lua/ambroisie/utils.lua index 3d2dd3b..c9e9292 100644 --- a/modules/home/vim/lua/ambroisie/utils.lua +++ b/modules/home/vim/lua/ambroisie/utils.lua @@ -48,4 +48,22 @@ M.list_lsp_clients = function(bufnr) return names end +--- partially apply a function with given arguments +M.partial = function(f, ...) + local a = { ... } + local a_len = select("#", ...) + + return function(...) + local tmp = { ... } + local tmp_len = select("#", ...) + + -- Merge arg lists + for i = 1, tmp_len do + a[a_len + i] = tmp[i] + end + + return f(unpack(a, 1, a_len + tmp_len)) + end +end + return M diff --git a/modules/home/vim/plugin/numbertoggle.lua b/modules/home/vim/plugin/numbertoggle.lua index 1f97fc8..8042710 100644 --- a/modules/home/vim/plugin/numbertoggle.lua +++ b/modules/home/vim/plugin/numbertoggle.lua @@ -7,17 +7,28 @@ local numbertoggle = vim.api.nvim_create_augroup("numbertoggle", { clear = true vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "InsertLeave", "WinEnter" }, { pattern = "*", group = numbertoggle, - command = "if &nu | setlocal rnu | endif", + callback = function() + if vim.opt.number:get() then + vim.opt.relativenumber = true + end + end, }) vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" }, { pattern = "*", group = numbertoggle, - command = "if &nu | setlocal nornu | endif", + callback = function() + if vim.opt.number:get() then + vim.opt.relativenumber = false + end + end, }) -- Never show the sign column in a terminal buffer vim.api.nvim_create_autocmd({ "TermOpen" }, { pattern = "*", group = numbertoggle, - command = "setlocal nonu nornu", + callback = function() + vim.opt.number = false + vim.opt.relativenumber = false + end, }) diff --git a/modules/home/vim/plugin/settings/git.lua b/modules/home/vim/plugin/settings/git.lua index 4dbebca..b9b92a6 100644 --- a/modules/home/vim/plugin/settings/git.lua +++ b/modules/home/vim/plugin/settings/git.lua @@ -1,58 +1,75 @@ local gitsigns = require("gitsigns") +local utils = require("ambroisie.utils") local wk = require("which-key") +--- Transform `f` into a function which acts on the current visual selection +local function make_visual(f) + return function() + local first = vim.fn.line("v") + local last = vim.fn.line(".") + f({ first, last }) + end +end + +local function nav_hunk(dir) + if vim.wo.diff then + local map = { + prev = "[c", + next = "]c", + } + vim.cmd.normal({ map[dir], bang = true }) + else + gitsigns.nav_hunk(dir) + end +end + gitsigns.setup({ current_line_blame_opts = { -- Show the blame quickly delay = 100, }, + -- Work-around for https://github.com/lewis6991/gitsigns.nvim/issues/929 + signs_staged_enable = false, }) local keys = { -- Navigation - ["[c"] = { "&diff ? '[c' : 'Gitsigns prev_hunk'", "Previous hunk/diff", expr = true }, - ["]c"] = { "&diff ? ']c' : 'Gitsigns next_hunk'", "Next hunk/diff", expr = true }, - + { "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" }, + { "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" }, -- Commands - ["g"] = { - name = "Git", - -- Actions - b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" }, - d = { gitsigns.diffthis, "Diff buffer" }, - -- stylua: ignore - D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" }, - g = { "Git", "Git status" }, - h = { gitsigns.toggle_deleted, "Show deleted hunks" }, - L = { ":spT:Gllog --follow -- %:p", "Current buffer log" }, - m = { "(git-messenger)", "Current line blame" }, - p = { gitsigns.preview_hunk, "Preview hunk" }, - r = { gitsigns.reset_hunk, "Restore hunk" }, - R = { gitsigns.reset_buffer, "Restore buffer" }, - s = { gitsigns.stage_hunk, "Stage hunk" }, - S = { gitsigns.stage_buffer, "Stage buffer" }, - u = { gitsigns.undo_stage_hunk, "Undo stage hunk" }, - ["["] = { gitsigns.prev_hunk, "Previous hunk" }, - ["]"] = { gitsigns.next_hunk, "Next hunk" }, - }, + { "g", group = "Git" }, + { "gb", gitsigns.toggle_current_line_blame, desc = "Toggle blame virtual text" }, + { "gd", gitsigns.diffthis, desc = "Diff buffer" }, + { "gD", utils.partial(gitsigns.diffthis, "~"), desc = "Diff buffer against last commit" }, + { "gg", "Git", desc = "Git status" }, + { "gh", gitsigns.toggle_deleted, desc = "Show deleted hunks" }, + { "gL", ":spT:Gllog --follow -- %:p", desc = "Current buffer log" }, + { "gm", "(git-messenger)", desc = "Current line blame" }, + { "gp", gitsigns.preview_hunk, desc = "Preview hunk" }, + { "gr", gitsigns.reset_hunk, desc = "Restore hunk" }, + { "gR", gitsigns.reset_buffer, desc = "Restore buffer" }, + { "gs", gitsigns.stage_hunk, desc = "Stage hunk" }, + { "gS", gitsigns.stage_buffer, desc = "Stage buffer" }, + { "gu", gitsigns.undo_stage_hunk, desc = "Undo stage hunk" }, + { "g[", utils.partial(gitsigns.nav_hunk, "prev"), desc = "Previous hunk" }, + { "g]", utils.partial(gitsigns.nav_hunk, "next"), desc = "Next hunk" }, } local objects = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, + mode = "o", + { "ih", gitsigns.select_hunk, desc = "Git hunk" }, } - +-- Visual local visual = { - ["ih"] = { gitsigns.select_hunk, "Git hunk" }, - - -- Only the actual command can make use of the visual selection... - ["g"] = { - name = "Git", - p = { ":Gitsigns preview_hunk", "Preview selection" }, - r = { ":Gitsigns reset_hunk", "Restore selection" }, - s = { ":Gitsigns stage_hunk", "Stage selection" }, - u = { ":Gitsigns undo_stage_hunk", "Undo stage selection" }, - }, + mode = { "x" }, + { "ih", gitsigns.select_hunk, desc = "Git hunk" }, + { "g", group = "Git" }, + { "gp", gitsigns.preview_hunk, desc = "Preview selection" }, + { "gr", make_visual(gitsigns.reset_hunk), desc = "Restore selection" }, + { "gs", make_visual(gitsigns.stage_hunk), desc = "Stage selection" }, + { "gu", gitsigns.undo_stage_hunk, desc = "Undo stage selection" }, } -wk.register(keys, { buffer = bufnr }) -wk.register(objects, { buffer = bufnr, mode = "o" }) -wk.register(visual, { buffer = bufnr, mode = "x" }) +wk.add(keys) +wk.add(objects) +wk.add(visual) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 2f355f4..9e9425c 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -84,3 +84,11 @@ if utils.is_executable("starpls") then on_attach = lsp.on_attach, }) end + +-- Generic +if utils.is_executable("typos-lsp") then + lspconfig.typos_lsp.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end diff --git a/modules/home/vim/plugin/settings/oil.lua b/modules/home/vim/plugin/settings/oil.lua new file mode 100644 index 0000000..a160725 --- /dev/null +++ b/modules/home/vim/plugin/settings/oil.lua @@ -0,0 +1,34 @@ +local oil = require("oil") +local wk = require("which-key") + +local detail = false + +oil.setup({ + view_options = { + -- Show files and directories that start with "." by default + show_hidden = true, + -- But never '..' + is_always_hidden = function(name, bufnr) + return name == ".." + end, + }, + keymaps = { + ["gd"] = { + desc = "Toggle file detail view", + callback = function() + detail = not detail + if detail then + oil.set_columns({ "icon", "permissions", "size", "mtime" }) + else + oil.set_columns({ "icon" }) + end + end, + }, + }, +}) + +local keys = { + { "-", oil.open, desc = "Open parent directory" }, +} + +wk.add(keys) diff --git a/modules/home/vim/plugin/settings/telescope.lua b/modules/home/vim/plugin/settings/telescope.lua index 4548ec5..1a23928 100644 --- a/modules/home/vim/plugin/settings/telescope.lua +++ b/modules/home/vim/plugin/settings/telescope.lua @@ -1,4 +1,6 @@ local telescope = require("telescope") +local telescope_builtin = require("telescope.builtin") +local wk = require("which-key") telescope.setup({ defaults = { @@ -22,3 +24,14 @@ telescope.setup({ telescope.load_extension("fzf") telescope.load_extension("lsp_handlers") + +local keys = { + { "f", group = "Fuzzy finder" }, + { "fb", telescope_builtin.buffers, desc = "Open buffers" }, + { "ff", telescope_builtin.git_files, desc = "Git tracked files" }, + { "fF", telescope_builtin.find_files, desc = "Files" }, + { "fg", telescope_builtin.live_grep, desc = "Grep string" }, + { "fG", telescope_builtin.grep_string, desc = "Grep string under cursor" }, +} + +wk.add(keys) diff --git a/modules/home/vim/plugin/settings/tree-sitter.lua b/modules/home/vim/plugin/settings/tree-sitter.lua index 5503857..d5fff46 100644 --- a/modules/home/vim/plugin/settings/tree-sitter.lua +++ b/modules/home/vim/plugin/settings/tree-sitter.lua @@ -1,4 +1,5 @@ local ts_config = require("nvim-treesitter.configs") + ts_config.setup({ highlight = { enable = true, @@ -14,16 +15,16 @@ ts_config.setup({ -- Jump to matching text objects lookahead = true, keymaps = { - ["aa"] = "@parameter.outer", - ["ia"] = "@parameter.inner", - ["ab"] = "@block.outer", - ["ib"] = "@block.inner", - ["ac"] = "@class.outer", - ["ic"] = "@class.inner", - ["af"] = "@function.outer", - ["if"] = "@function.inner", - ["ak"] = "@comment.outer", - ["aS"] = "@statement.outer", + ["aa"] = { query = "@parameter.outer", desc = "a parameter" }, + ["ia"] = { query = "@parameter.inner", desc = "inner parameter" }, + ["ab"] = { query = "@block.outer", desc = "a block" }, + ["ib"] = { query = "@block.inner", desc = "inner block" }, + ["ac"] = { query = "@class.outer", desc = "a class" }, + ["ic"] = { query = "@class.inner", desc = "inner class" }, + ["af"] = { query = "@function.outer", desc = "a function" }, + ["if"] = { query = "@function.inner", desc = "inner function" }, + ["ak"] = { query = "@comment.outer", desc = "a comment" }, + ["aS"] = { query = "@statement.outer", desc = "a statement" }, }, }, move = { @@ -31,22 +32,22 @@ ts_config.setup({ -- Add to jump list set_jumps = true, goto_next_start = { - ["]m"] = "@function.outer", - ["]S"] = "@statement.outer", - ["]]"] = "@class.outer", + ["]m"] = { query = "@function.outer", desc = "Next method start" }, + ["]S"] = { query = "@statement.outer", desc = "Next statement start" }, + ["]]"] = { query = "@class.outer", desc = "Next class start" }, }, goto_next_end = { - ["]M"] = "@function.outer", - ["]["] = "@class.outer", + ["]M"] = { query = "@function.outer", desc = "Next method end" }, + ["]["] = { query = "@class.outer", desc = "Next class end" }, }, goto_previous_start = { - ["[m"] = "@function.outer", - ["[S"] = "@statement.outer", - ["[["] = "@class.outer", + ["[m"] = { query = "@function.outer", desc = "Previous method start" }, + ["[S"] = { query = "@statement.outer", desc = "Previous statement start" }, + ["[["] = { query = "@class.outer", desc = "Previous class start" }, }, goto_previous_end = { - ["[M"] = "@function.outer", - ["[]"] = "@class.outer", + ["[M"] = { query = "@function.outer", desc = "Previous method end" }, + ["[]"] = { query = "@class.outer", desc = "Previous class end" }, }, }, }, diff --git a/modules/home/vim/plugin/settings/which-key.lua b/modules/home/vim/plugin/settings/which-key.lua index 2edfd70..3dc260a 100644 --- a/modules/home/vim/plugin/settings/which-key.lua +++ b/modules/home/vim/plugin/settings/which-key.lua @@ -1,2 +1,33 @@ local wk = require("which-key") -wk.setup() +wk.setup({ + icons = { + -- I don't like icons + mappings = false, + breadcrumb = "»", + separator = "➜", + group = "+", + ellipsis = "…", + keys = { + Up = " ", + Down = " ", + Left = " ", + Right = " ", + C = "", + M = "", + D = "", + S = "", + CR = "", + Esc = " ", + NL = "", + BS = "", + Space = "", + Tab = " ", + }, + }, +}) + +local keys = { + { "", vim.cmd.nohlsearch, desc = "Clear search highlight" }, +} + +wk.add(keys) diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua index d6a26e2..9765a81 100644 --- a/modules/home/vim/plugin/signtoggle.lua +++ b/modules/home/vim/plugin/signtoggle.lua @@ -4,17 +4,23 @@ local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true }) vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=yes", + callback = function() + vim.opt.signcolumn = "yes" + end, }) vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=yes", + callback = function() + vim.opt.signcolumn = "no" + end, }) -- Never show the sign column in a terminal buffer vim.api.nvim_create_autocmd({ "TermOpen" }, { pattern = "*", group = signtoggle, - command = "setlocal signcolumn=no", + callback = function() + vim.opt.signcolumn = "no" + end, }) diff --git a/modules/home/wget/default.nix b/modules/home/wget/default.nix index 32c13c0..1be5397 100644 --- a/modules/home/wget/default.nix +++ b/modules/home/wget/default.nix @@ -20,7 +20,7 @@ in }; xdg.configFile."wgetrc".text = '' - hsts-file = ${config.xdg.dataHome}/wget-hsts + hsts-file = ${config.xdg.stateHome}/wget-hsts ''; }; } diff --git a/modules/home/wm/default.nix b/modules/home/wm/default.nix index 449918a..ae1e136 100644 --- a/modules/home/wm/default.nix +++ b/modules/home/wm/default.nix @@ -58,7 +58,7 @@ in service = "some-service-name"; } ]; - description = "list of block configurations, merged with the defauls"; + description = "list of block configurations, merged with the defaults"; }; }; }; diff --git a/modules/home/wm/i3/default.nix b/modules/home/wm/i3/default.nix index 69246f0..c432864 100644 --- a/modules/home/wm/i3/default.nix +++ b/modules/home/wm/i3/default.nix @@ -371,8 +371,7 @@ in }; startup = [ - # FIXME - # { commdand; always; notification; } + # NOTE: rely on systemd user services instead... ]; window = { diff --git a/modules/home/wm/screen-lock/default.nix b/modules/home/wm/screen-lock/default.nix index 3b2ead6..5e6874e 100644 --- a/modules/home/wm/screen-lock/default.nix +++ b/modules/home/wm/screen-lock/default.nix @@ -2,7 +2,7 @@ let cfg = config.my.home.wm.screen-lock; - notficationCmd = + notificationCmd = let duration = toString (cfg.notify.delay * 1000); notifyCmd = "${lib.getExe pkgs.libnotify} -u critical -t ${duration}"; @@ -48,7 +48,7 @@ in "-notify" "${toString cfg.notify.delay}" "-notifier" - notficationCmd + notificationCmd ]; }; }; diff --git a/modules/home/xdg/default.nix b/modules/home/xdg/default.nix index fb2668c..270200e 100644 --- a/modules/home/xdg/default.nix +++ b/modules/home/xdg/default.nix @@ -11,7 +11,7 @@ in enable = true; # File types mime.enable = true; - # File associatons + # File associations mimeApps = { enable = true; }; @@ -34,6 +34,9 @@ in "gdb/.keep".text = ""; "tig/.keep".text = ""; }; + stateFile = { + "python/.keep".text = ""; + }; }; # I want a tidier home @@ -43,13 +46,13 @@ in CARGO_HOME = "${dataHome}/cargo"; DOCKER_CONFIG = "${configHome}/docker"; GRADLE_USER_HOME = "${dataHome}/gradle"; - HISTFILE = "${dataHome}/bash/history"; + HISTFILE = "${stateHome}/bash/history"; INPUTRC = "${configHome}/readline/inputrc"; - PSQL_HISTORY = "${dataHome}/psql_history"; + PSQL_HISTORY = "${stateHome}/psql_history"; PYTHONPYCACHEPREFIX = "${cacheHome}/python/"; PYTHONUSERBASE = "${dataHome}/python/"; PYTHON_HISTORY = "${stateHome}/python/history"; - REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history"; + REDISCLI_HISTFILE = "${stateHome}/redis/rediscli_history"; REPO_CONFIG_DIR = "${configHome}/repo"; XCOMPOSECACHE = "${dataHome}/X11/xcompose"; _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java"; diff --git a/modules/home/zsh/default.nix b/modules/home/zsh/default.nix index a277366..11b6cb2 100644 --- a/modules/home/zsh/default.nix +++ b/modules/home/zsh/default.nix @@ -68,7 +68,7 @@ in ignoreSpace = true; ignoreDups = true; share = false; - path = "${config.xdg.dataHome}/zsh/zsh_history"; + path = "${config.xdg.stateHome}/zsh/zsh_history"; }; plugins = [ diff --git a/modules/home/zsh/options.zsh b/modules/home/zsh/options.zsh index 32da8d8..7bcad03 100644 --- a/modules/home/zsh/options.zsh +++ b/modules/home/zsh/options.zsh @@ -12,7 +12,7 @@ setopt rc_quotes setopt auto_resume # Show history expansion before running a command setopt hist_verify -# Append commands to history as they are exectuted +# Append commands to history as they are executed setopt inc_append_history_time # Remove useless whitespace from commands setopt hist_reduce_blanks diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth/default.nix index e9b1991..efce5c4 100644 --- a/modules/nixos/hardware/bluetooth/default.nix +++ b/modules/nixos/hardware/bluetooth/default.nix @@ -18,6 +18,13 @@ in services.blueman.enable = true; } + # Persist bluetooth files + { + my.system.persist.directories = [ + "/var/lib/bluetooth" + ]; + } + # Support for additional bluetooth codecs (lib.mkIf cfg.loadExtraCodecs { hardware.pulseaudio = { diff --git a/modules/nixos/hardware/networking/default.nix b/modules/nixos/hardware/networking/default.nix index f0806fe..51dcfce 100644 --- a/modules/nixos/hardware/networking/default.nix +++ b/modules/nixos/hardware/networking/default.nix @@ -22,6 +22,11 @@ in config = lib.mkMerge [ (lib.mkIf cfg.wireless.enable { networking.networkmanager.enable = true; + + # Persist NetworkManager files + my.system.persist.directories = [ + "/etc/NetworkManager/system-connections" + ]; }) ]; } diff --git a/modules/nixos/hardware/trackball/default.nix b/modules/nixos/hardware/trackball/default.nix index 7a99247..a9b24e3 100644 --- a/modules/nixos/hardware/trackball/default.nix +++ b/modules/nixos/hardware/trackball/default.nix @@ -11,7 +11,7 @@ in config = lib.mkIf cfg.enable { services.xserver = { # This section must be *after* the one configured by `libinput` - # for the `ScrollMethod` configuration to not be overriden + # for the `ScrollMethod` configuration to not be overridden inputClassSections = lib.mkAfter [ # MX Ergo '' diff --git a/modules/nixos/profiles/default.nix b/modules/nixos/profiles/default.nix index 43d5a84..dbd4be3 100644 --- a/modules/nixos/profiles/default.nix +++ b/modules/nixos/profiles/default.nix @@ -1,4 +1,4 @@ -# Configuration that spans accross system and home, or are almagations of modules +# Configuration that spans across system and home, or are almagations of modules { ... }: { imports = [ diff --git a/modules/nixos/services/aria/default.nix b/modules/nixos/services/aria/default.nix index 2d1b3e2..15bb5e8 100644 --- a/modules/nixos/services/aria/default.nix +++ b/modules/nixos/services/aria/default.nix @@ -71,6 +71,8 @@ in }; }; + # FIXME: persistence? + # NOTE: unfortunately aria2 does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/audiobookshelf/default.nix b/modules/nixos/services/audiobookshelf/default.nix index 8c9719d..cb7bc08 100644 --- a/modules/nixos/services/audiobookshelf/default.nix +++ b/modules/nixos/services/audiobookshelf/default.nix @@ -35,5 +35,23 @@ in }; }; }; + + # FIXME: persistence? + + services.fail2ban.jails = { + audiobookshelf = '' + enabled = true + filter = audiobookshelf + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/audiobookshelf.conf".text = '' + [Definition] + failregex = ^.*ERROR: \[Auth\] Failed login attempt for username ".*" from ip + journalmatch = _SYSTEMD_UNIT=audiobookshelf.service + ''; + }; }; } diff --git a/modules/nixos/services/blog/default.nix b/modules/nixos/services/blog/default.nix index e4d2d42..aadc4f0 100644 --- a/modules/nixos/services/blog/default.nix +++ b/modules/nixos/services/blog/default.nix @@ -41,5 +41,12 @@ in # Those are all subdomains, no problem my.services.nginx.virtualHosts = hostsInfo; + + my.system.persist.directories = [ + "/var/www/blog" + "/var/www/cv" + "/var/www/dev" + "/var/www/key" + ]; }; } diff --git a/modules/nixos/services/calibre-web/default.nix b/modules/nixos/services/calibre-web/default.nix index b7bf9df..8a8af33 100644 --- a/modules/nixos/services/calibre-web/default.nix +++ b/modules/nixos/services/calibre-web/default.nix @@ -53,6 +53,11 @@ in ]; }; + my.system.persist.directories = [ + "/var/lib/${config.services.calibre-web.dataDir}" + cfg.libraryPath + ]; + services.fail2ban.jails = { calibre-web = '' enabled = true diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 60b2478..651f3f8 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -16,6 +16,7 @@ ./grocy ./indexers ./jellyfin + ./komga ./lohr ./matrix ./mealie @@ -26,7 +27,7 @@ ./nginx ./nix-cache ./paperless - ./pirate + ./pdf-edit ./podgrab ./postgresql ./postgresql-backup @@ -34,6 +35,7 @@ ./quassel ./rss-bridge ./sabnzbd + ./servarr ./ssh-server ./tandoor-recipes ./tlp diff --git a/modules/nixos/services/flood/default.nix b/modules/nixos/services/flood/default.nix index b95bac5..23154ed 100644 --- a/modules/nixos/services/flood/default.nix +++ b/modules/nixos/services/flood/default.nix @@ -27,5 +27,9 @@ in inherit (cfg) port; }; }; + + # FIXME: persistence? + + # NOTE: unfortunately flood does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix index 18538be..3ba4ead 100644 --- a/modules/nixos/services/forgejo/default.nix +++ b/modules/nixos/services/forgejo/default.nix @@ -1,4 +1,4 @@ -# A low-ressource, full-featured git forge. +# A low-resource, full-featured git forge. { config, lib, ... }: let cfg = config.my.services.forgejo; @@ -147,6 +147,11 @@ in ]; }; + my.system.persist.directories = [ + config.services.gitea.lfs.contentDir + config.services.gitea.repositoryRoot + ]; + services.fail2ban.jails = { forgejo = '' enabled = true diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 212f59c..76de5dd 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -1,4 +1,4 @@ -# A low-ressource, full-featured git forge. +# A low-resource, full-featured git forge. { config, lib, ... }: let cfg = config.my.services.gitea; @@ -131,6 +131,11 @@ in ]; }; + my.system.persist.directories = [ + config.services.gitea.lfs.contentDir + config.services.gitea.repositoryRoot + ]; + services.fail2ban.jails = { gitea = '' enabled = true diff --git a/modules/nixos/services/grocy/default.nix b/modules/nixos/services/grocy/default.nix index 87927d6..67de377 100644 --- a/modules/nixos/services/grocy/default.nix +++ b/modules/nixos/services/grocy/default.nix @@ -36,5 +36,10 @@ in forceSSL = true; useACMEHost = config.networking.domain; }; + + # FIXME: backup + # FIXME: persistence + + # NOTE: unfortunately grocy does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/indexers/default.nix b/modules/nixos/services/indexers/default.nix index 8a42345..332ae30 100644 --- a/modules/nixos/services/indexers/default.nix +++ b/modules/nixos/services/indexers/default.nix @@ -33,6 +33,10 @@ in port = jackettPort; }; }; + + my.system.persist.directories = [ + config.services.jackett.dataDir + ]; }) (lib.mkIf cfg.nzbhydra.enable { @@ -45,6 +49,10 @@ in port = nzbhydraPort; }; }; + + my.system.persist.directories = [ + config.services.nzbhydra2.dataDir + ]; }) (lib.mkIf cfg.prowlarr.enable { @@ -58,6 +66,10 @@ in }; }; + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.prowlarr.serviceConfig.StateDirectory}" + ]; + services.fail2ban.jails = { prowlarr = '' enabled = true diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index f5aaa99..b54f9ef 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -41,5 +41,25 @@ in }; }; }; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.jellyfin.serviceConfig.StateDirectory}" + ]; + + services.fail2ban.jails = { + jellyfin = '' + enabled = true + filter = jellyfin + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/jellyfin.conf".text = '' + [Definition] + failregex = ^.*Authentication request for .* has been denied \(IP: "?"?\)\. + journalmatch = _SYSTEMD_UNIT=jellyfin.service + ''; + }; }; } diff --git a/modules/nixos/services/komga/default.nix b/modules/nixos/services/komga/default.nix new file mode 100644 index 0000000..e1dc780 --- /dev/null +++ b/modules/nixos/services/komga/default.nix @@ -0,0 +1,55 @@ +# A Comics/Manga media server +{ config, lib, ... }: +let + cfg = config.my.services.komga; +in +{ + options.my.services.komga = with lib; { + enable = mkEnableOption "Komga comics server"; + + port = mkOption { + type = types.port; + default = 4584; + example = 8080; + description = "Internal port for webui"; + }; + }; + + config = lib.mkIf cfg.enable { + services.komga = { + enable = true; + inherit (cfg) port; + + group = "media"; + }; + + systemd.services.komga.environment = { + LOGGING_LEVEL_ORG_GOTSON_KOMGA = "DEBUG"; # Needed for fail2ban + }; + + # Set-up media group + users.groups.media = { }; + + my.services.nginx.virtualHosts = { + komga = { + inherit (cfg) port; + }; + }; + + services.fail2ban.jails = { + komga = '' + enabled = true + filter = komga + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/komga.conf".text = '' + [Definition] + failregex = ^.* ip=,.*Bad credentials.*$ + journalmatch = _SYSTEMD_UNIT=komga.service + ''; + }; + }; +} diff --git a/modules/nixos/services/lohr/default.nix b/modules/nixos/services/lohr/default.nix index 21ed93b..64925a2 100644 --- a/modules/nixos/services/lohr/default.nix +++ b/modules/nixos/services/lohr/default.nix @@ -107,5 +107,9 @@ in }; }; }; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.lohr.serviceConfig.StateDirectory}" + ]; }; } diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index b958f76..cb41a0f 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -26,21 +26,6 @@ in description = "Shared secret to register users"; }; - slidingSync = { - port = mkOption { - type = types.port; - default = 8009; - example = 8084; - description = "Port used by sliding sync server"; - }; - - secretFile = mkOption { - type = types.str; - example = "/var/lib/matrix/sliding-sync-secret-file.env"; - description = "Secret file which contains SYNCV3_SECRET definition"; - }; - }; - mailConfigFile = mkOption { type = types.str; example = "/var/lib/matrix/email-config.yaml"; @@ -106,17 +91,6 @@ in ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile; }; - services.matrix-sliding-sync = { - enable = true; - - settings = { - SYNCV3_SERVER = "https://${matrixDomain}"; - SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}"; - }; - - environmentFile = cfg.slidingSync.secretFile; - }; - my.services.nginx.virtualHosts = { # Element Web app deployment chat = { @@ -130,9 +104,6 @@ in "m.identity_server" = { "base_url" = "https://vector.im"; }; - "org.matrix.msc3575.proxy" = { - "url" = "https://matrix-sync.${domain}"; - }; }; showLabsSettings = true; defaultCountryCode = "FR"; # cocorico @@ -152,10 +123,6 @@ in matrix-client = { port = clientPort.private; }; - # Sliding sync - matrix-sync = { - inherit (cfg.slidingSync) port; - }; }; # Those are too complicated to use my wrapper... @@ -178,11 +145,6 @@ in "/_matrix" = proxyToClientPort; "/_synapse/client" = proxyToClientPort; - - # Sliding sync - "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = { - proxyPass = "http://${config.services.matrix-sliding-sync.settings.SYNCV3_BINDADDR}"; - }; }; listen = [ @@ -228,7 +190,6 @@ in client = { "m.homeserver" = { "base_url" = "https://${matrixDomain}"; }; "m.identity_server" = { "base_url" = "https://vector.im"; }; - "org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; }; }; # ACAO required to allow element-web on any URL to request this json file in @@ -253,5 +214,9 @@ in config.services.matrix-synapse.dataDir ]; }; + + my.system.persist.directories = [ + config.services.matrix-synapse.dataDir + ]; }; } diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 96b9e14..4eb6977 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -71,5 +71,24 @@ in }; }; }; + + # FIXME: backup + # FIXME: persistence + + services.fail2ban.jails = { + mealie = '' + enabled = true + filter = mealie + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/mealie.conf".text = '' + [Definition] + failregex = ^.*ERROR.*Incorrect username or password from + journalmatch = _SYSTEMD_UNIT=mealie.service + ''; + }; }; } diff --git a/modules/nixos/services/miniflux/default.nix b/modules/nixos/services/miniflux/default.nix index 5104c8b..7bcfe30 100644 --- a/modules/nixos/services/miniflux/default.nix +++ b/modules/nixos/services/miniflux/default.nix @@ -48,5 +48,24 @@ in inherit (cfg) port; }; }; + + # FIXME: backup + # FIXME: persistence + + services.fail2ban.jails = { + miniflux = '' + enabled = true + filter = miniflux + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/miniflux.conf".text = '' + [Definition] + failregex = ^.*msg="[^"]*(Incorrect|Invalid) username or password[^"]*".*client_ip= + journalmatch = _SYSTEMD_UNIT=miniflux.service + ''; + }; }; } diff --git a/modules/nixos/services/monitoring/default.nix b/modules/nixos/services/monitoring/default.nix index 49919c1..4415cb5 100644 --- a/modules/nixos/services/monitoring/default.nix +++ b/modules/nixos/services/monitoring/default.nix @@ -130,5 +130,10 @@ in inherit (cfg.grafana) port; }; }; + + my.system.persist.directories = [ + config.services.grafana.dataDir + "/var/lib/${config.services.prometheus.stateDir}" + ]; }; } diff --git a/modules/nixos/services/navidrome/default.nix b/modules/nixos/services/navidrome/default.nix index 944a97a..106e01d 100644 --- a/modules/nixos/services/navidrome/default.nix +++ b/modules/nixos/services/navidrome/default.nix @@ -52,5 +52,25 @@ in inherit (cfg) port; }; }; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.navidrome.serviceConfig.StateDirectory}" + ]; + + services.fail2ban.jails = { + navidrome = '' + enabled = true + filter = navidrome + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/navidrome.conf".text = '' + [Definition] + failregex = ^.*msg="Unsuccessful login".*X-Real-Ip:\[\] + journalmatch = _SYSTEMD_UNIT=navidrome.service + ''; + }; }; } diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index bb3169a..b13a608 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -31,7 +31,7 @@ in config = lib.mkIf cfg.enable { services.nextcloud = { enable = true; - package = pkgs.nextcloud29; + package = pkgs.nextcloud30; hostName = "nextcloud.${config.networking.domain}"; home = "/var/lib/nextcloud"; maxUploadSize = cfg.maxSize; @@ -87,5 +87,30 @@ in "${config.services.nextcloud.home}/data/appdata_*/preview" ]; }; + + my.system.persist.directories = [ + config.services.nextcloud.home + config.services.nextcloud.datadir + ]; + + services.fail2ban.jails = { + nextcloud = '' + enabled = true + filter = nextcloud + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/nextcloud.conf".text = '' + [Definition] + _groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*) + datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?" + failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Login failed: + ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Trusted domain error. + ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":""%(_groupsre)s,?\s*"message":"Two-factor challenge failed: + journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service + ''; + }; }; } diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 7980ad9..721ae76 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -59,14 +59,12 @@ let extraConfig = mkOption { type = types.attrs; # FIXME: forward type of virtualHosts - example = litteralExample '' - { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; - } - ''; + example = { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; + }; + }; default = { }; description = '' Any extra configuration that should be applied to this virtual host. @@ -100,26 +98,24 @@ in virtualHosts = mkOption { type = types.attrsOf virtualHostOption; default = { }; - example = litteralExample '' - { - gitea = { - subdomain = "git"; - port = 8080; - }; - dev = { - root = "/var/www/dev"; - }; - jellyfin = { - port = 8096; - extraConfig = { - locations."/socket" = { - proxyPass = "http://127.0.0.1:8096/"; - proxyWebsockets = true; - }; + example = { + gitea = { + subdomain = "git"; + port = 8080; + }; + dev = { + root = "/var/www/dev"; + }; + jellyfin = { + port = 8096; + extraConfig = { + locations."/socket" = { + proxyPass = "http://127.0.0.1:8096/"; + proxyWebsockets = true; }; }; - } - ''; + }; + }; description = '' List of virtual hosts to set-up using default settings. ''; @@ -163,25 +159,21 @@ in }; }; }); - example = litteralExample '' - { - alice = { - passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; - totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; - }; - } - ''; + example = { + alice = { + passwordHashFile = "/var/lib/nginx-sso/alice/password-hash.txt"; + totpSecretFile = "/var/lib/nginx-sso/alice/totp-secret.txt"; + }; + }; description = "Definition of users"; }; groups = mkOption { type = with types; attrsOf (listOf str); - example = litteralExample '' - { - root = [ "alice" ]; - users = [ "alice" "bob" ]; - } - ''; + example = { + root = [ "alice" ]; + users = [ "alice" "bob" ]; + }; description = "Groups of users"; }; }; @@ -465,5 +457,9 @@ in } ]; }; + + my.system.persist.directories = [ + config.users.user.acme.home + ]; }; } diff --git a/modules/nixos/services/nginx/sso/default.nix b/modules/nixos/services/nginx/sso/default.nix index 4a78282..d60e31b 100644 --- a/modules/nixos/services/nginx/sso/default.nix +++ b/modules/nixos/services/nginx/sso/default.nix @@ -59,15 +59,10 @@ in StateDirectory = "nginx-sso"; WorkingDirectory = "/var/lib/nginx-sso"; # The files to be merged might not have the correct permissions - ExecStartPre = ''+${pkgs.writeShellScript "merge-nginx-sso-config" '' + ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' rm -f '${confPath}' ${utils.genJqSecretsReplacementSnippet cfg.configuration confPath} - - # Fix permissions - chown nginx-sso:nginx-sso ${confPath} - chmod 0600 ${confPath} - '' - }''; + ''; ExecStart = lib.mkForce '' ${lib.getExe pkg} \ --config ${confPath} \ diff --git a/modules/nixos/services/nix-cache/default.nix b/modules/nixos/services/nix-cache/default.nix index 1ce3161..f3a29aa 100644 --- a/modules/nixos/services/nix-cache/default.nix +++ b/modules/nixos/services/nix-cache/default.nix @@ -40,7 +40,7 @@ in inherit (cfg) priority; }; - signKeyPath = cfg.secretKeyFile; + signKeyPaths = [ cfg.secretKeyFile ]; }; my.services.nginx.virtualHosts = { diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index f62879a..d86be58 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -166,5 +166,10 @@ in config.services.paperless.mediaDir ]; }; + + my.system.persist.directories = [ + config.services.paperless-ng.dataDir + config.services.paperless-ng.mediaDir + ]; }; } diff --git a/modules/nixos/services/pdf-edit/default.nix b/modules/nixos/services/pdf-edit/default.nix new file mode 100644 index 0000000..d59507b --- /dev/null +++ b/modules/nixos/services/pdf-edit/default.nix @@ -0,0 +1,73 @@ +{ config, lib, ... }: +let + cfg = config.my.services.pdf-edit; +in +{ + options.my.services.pdf-edit = with lib; { + enable = mkEnableOption "PDF edition service"; + + port = mkOption { + type = types.port; + default = 8089; + example = 8080; + description = "Internal port for webui"; + }; + + loginFile = mkOption { + type = types.str; + example = "/run/secrets/pdf-edit/login.env"; + description = '' + `SECURITY_INITIALLOGIN_USERNAME` and `SECURITY_INITIALLOGIN_PASSWORD` + defined in the format of 'EnvironmentFile' (see `systemd.exec(5)`). + ''; + }; + }; + + config = lib.mkIf cfg.enable { + services.stirling-pdf = lib.mkIf cfg.enable { + enable = true; + + environment = { + SERVER_PORT = cfg.port; + SECURITY_CSRFDISABLED = "false"; + + SYSTEM_SHOWUPDATE = "false"; # We don't care about update notifications + INSTALL_BOOK_AND_ADVANCED_HTML_OPS = "true"; # Installed by the module + + SECURITY_ENABLELOGIN = "true"; + SECURITY_LOGINATTEMPTCOUNT = "-1"; # Rely on fail2ban instead + }; + + environmentFiles = [ cfg.loginFile ]; + }; + + my.services.nginx.virtualHosts = { + pdf-edit = { + inherit (cfg) port; + + extraConfig = { + # Allow upload of PDF files up to 1G + locations."/".extraConfig = '' + client_max_body_size 1G; + ''; + }; + }; + }; + + services.fail2ban.jails = { + stirling-pdf = '' + enabled = true + filter = stirling-pdf + port = http,https + ''; + }; + + environment.etc = { + "fail2ban/filter.d/stirling-pdf.conf".text = '' + [Definition] + failregex = ^.*Failed login attempt from IP: $ + journalmatch = _SYSTEMD_UNIT=stirling-pdf.service + ''; + }; + }; +} diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix index ea89e4e..ec6ecb2 100644 --- a/modules/nixos/services/podgrab/default.nix +++ b/modules/nixos/services/podgrab/default.nix @@ -13,7 +13,7 @@ in example = "/run/secrets/password.env"; description = '' The path to a file containing the PASSWORD environment variable - definition for Podgrab's authentification. + definition for Podgrab's authentication. ''; }; @@ -51,5 +51,10 @@ in inherit (cfg) port; }; }; + + my.system.persist.directories = [ + config.systemd.services.podgrab.environment.CONFIG + config.systemd.services.podgrab.environment.DATA + ]; }; } diff --git a/modules/nixos/services/postgresql-backup/default.nix b/modules/nixos/services/postgresql-backup/default.nix index dff5494..3d6c03b 100644 --- a/modules/nixos/services/postgresql-backup/default.nix +++ b/modules/nixos/services/postgresql-backup/default.nix @@ -24,5 +24,9 @@ in (config.services.postgresqlBackup.location + "/*.prev.sql.gz") ]; }; + + my.system.persist.directories = [ + config.services.postgresqlBackup.location + ]; }; } diff --git a/modules/nixos/services/postgresql/default.nix b/modules/nixos/services/postgresql/default.nix index bbe46d4..cea4c88 100644 --- a/modules/nixos/services/postgresql/default.nix +++ b/modules/nixos/services/postgresql/default.nix @@ -18,6 +18,13 @@ in }; }) + # Only persist directory if the actual service is enabled + (lib.mkIf config.services.postgresql.enable { + my.system.persist.directories = [ + config.services.postgresql.dataDir + ]; + }) + # Taken from the manual (lib.mkIf cfg.upgradeScript { environment.systemPackages = diff --git a/modules/nixos/services/pyload/default.nix b/modules/nixos/services/pyload/default.nix index 88889bf..4e8e083 100644 --- a/modules/nixos/services/pyload/default.nix +++ b/modules/nixos/services/pyload/default.nix @@ -53,6 +53,9 @@ in }; }; + # FIXME: backup + # FIXME: persistence + # FIXME: fail2ban }; } diff --git a/modules/nixos/services/quassel/default.nix b/modules/nixos/services/quassel/default.nix index 695f9e0..0065195 100644 --- a/modules/nixos/services/quassel/default.nix +++ b/modules/nixos/services/quassel/default.nix @@ -46,5 +46,9 @@ in # Because Quassel does not use the socket, I simply trust its connection authentication = "host quassel quassel localhost trust"; }; + + my.system.persist.directories = [ + config.services.quassel.dataDir + ]; }; } diff --git a/modules/nixos/services/rss-bridge/default.nix b/modules/nixos/services/rss-bridge/default.nix index 52b1030..977b431 100644 --- a/modules/nixos/services/rss-bridge/default.nix +++ b/modules/nixos/services/rss-bridge/default.nix @@ -22,5 +22,9 @@ in forceSSL = true; useACMEHost = config.networking.domain; }; + + my.system.persist.directories = [ + config.services.rss-bridge.dataDir + ]; }; } diff --git a/modules/nixos/services/sabnzbd/default.nix b/modules/nixos/services/sabnzbd/default.nix index 9e0d9c3..86202ab 100644 --- a/modules/nixos/services/sabnzbd/default.nix +++ b/modules/nixos/services/sabnzbd/default.nix @@ -24,6 +24,10 @@ in }; }; + my.system.persist.files = [ + config.services.sabnzbd.configFile + ]; + services.fail2ban.jails = { sabnzbd = '' enabled = true diff --git a/modules/nixos/services/pirate/default.nix b/modules/nixos/services/servarr/default.nix similarity index 82% rename from modules/nixos/services/pirate/default.nix rename to modules/nixos/services/servarr/default.nix index e500b54..9cb2a59 100644 --- a/modules/nixos/services/pirate/default.nix +++ b/modules/nixos/services/servarr/default.nix @@ -4,12 +4,13 @@ # [1]: https://youtu.be/I26Ql-uX6AM { config, lib, ... }: let - cfg = config.my.services.pirate; + cfg = config.my.services.servarr; ports = { bazarr = 6767; lidarr = 8686; radarr = 7878; + readarr = 8787; sonarr = 8989; }; @@ -18,6 +19,11 @@ let enable = true; group = "media"; }; + + # Thankfully those old style services all define users with homes + my.system.persist.directories = [ + config.users.user.${service}.home + ]; }; mkRedirection = service: { @@ -52,7 +58,7 @@ let ]); in { - options.my.services.pirate = { + options.my.services.servarr = { enable = lib.mkEnableOption "Media automation"; bazarr = { @@ -67,6 +73,10 @@ in enable = lib.my.mkDisableOption "Radarr"; }; + readarr = { + enable = lib.my.mkDisableOption "Readarr"; + }; + sonarr = { enable = lib.my.mkDisableOption "Sonarr"; }; @@ -85,6 +95,9 @@ in # Radarr for movies (mkFullConfig "radarr") (mkFail2Ban "radarr") + # Readarr for books + (mkFullConfig "readarr") + (mkFail2Ban "readarr") # Sonarr for shows (mkFullConfig "sonarr") (mkFail2Ban "sonarr") diff --git a/modules/nixos/services/ssh-server/default.nix b/modules/nixos/services/ssh-server/default.nix index 9ae0fa8..0cabc6f 100644 --- a/modules/nixos/services/ssh-server/default.nix +++ b/modules/nixos/services/ssh-server/default.nix @@ -20,6 +20,14 @@ in }; }; + # Persist SSH keys + my.system.persist.files = [ + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + "/etc/ssh/ssh_host_rsa_key" + "/etc/ssh/ssh_host_rsa_key.pub" + ]; + # Opens the relevant UDP ports. programs.mosh.enable = true; }; diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 48ad7a8..6282769 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -82,5 +82,10 @@ in }; }; }; + + # FIXME: backup + # FIXME: persistence + + # NOTE: unfortunately tandoor-recipes does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index aeb88b7..674fa81 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -90,5 +90,11 @@ in allowedTCPPorts = [ cfg.peerPort ]; allowedUDPPorts = [ cfg.peerPort ]; }; + + my.system.persist.directories = [ + config.services.transmission.home + ]; + + # NOTE: unfortunately transmission does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 6e7700f..575ddab 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -41,7 +41,7 @@ in service = { # Only allow registration of users through the CLI enableregistration = false; - # Ues the host's timezone + # Use the host's timezone timezone = config.time.timeZone; # Use UNIX socket for serving the API unixsocket = socketPath; @@ -99,5 +99,9 @@ in config.services.vikunja.settings.files.basepath ]; }; + + # FIXME: persistence + + # NOTE: unfortunately vikunja does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/wireguard/default.nix b/modules/nixos/services/wireguard/default.nix index a76e424..840ac33 100644 --- a/modules/nixos/services/wireguard/default.nix +++ b/modules/nixos/services/wireguard/default.nix @@ -206,7 +206,7 @@ in ]; } - # Additional inteface is only used to get access to "LAN" from wireguard + # Additional interface is only used to get access to "LAN" from wireguard (lib.mkIf cfg.internal.enable { networking.wg-quick.interfaces."${cfg.internal.name}" = mkInterface [ "${cfg.net.v4.subnet}.0/${toString cfg.net.v4.mask}" diff --git a/modules/nixos/services/woodpecker/server/default.nix b/modules/nixos/services/woodpecker/server/default.nix index adf533e..5d25284 100644 --- a/modules/nixos/services/woodpecker/server/default.nix +++ b/modules/nixos/services/woodpecker/server/default.nix @@ -61,5 +61,7 @@ in port = cfg.rpcPort; }; }; + + # FIXME: persistence }; } diff --git a/modules/nixos/system/default.nix b/modules/nixos/system/default.nix index e6fb25b..3531847 100644 --- a/modules/nixos/system/default.nix +++ b/modules/nixos/system/default.nix @@ -9,6 +9,7 @@ ./language ./nix ./packages + ./persist ./podman ./polkit ./printing diff --git a/modules/nixos/system/docker/default.nix b/modules/nixos/system/docker/default.nix index f051814..cab9fb5 100644 --- a/modules/nixos/system/docker/default.nix +++ b/modules/nixos/system/docker/default.nix @@ -23,5 +23,9 @@ in ]; }; }; + + my.system.persist.directories = [ + "/var/lib/docker" + ]; }; } diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index ad13539..12a395e 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -22,6 +22,10 @@ in options.my.system.nix = with lib; { enable = my.mkDisableOption "nix configuration"; + gc = { + enable = my.mkDisableOption "nix GC configuration"; + }; + cache = { selfHosted = my.mkDisableOption "self-hosted cache"; }; @@ -62,6 +66,22 @@ in }; } + (lib.mkIf cfg.gc.enable { + nix.gc = { + automatic = true; + + # Every week, with some wiggle room + dates = "weekly"; + randomizedDelaySec = "10min"; + + # Use a persistent timer for e.g: laptops + persistent = true; + + # Delete old profiles automatically after 15 days + options = "--delete-older-than 15d"; + }; + }) + (lib.mkIf cfg.cache.selfHosted { nix = { settings = { diff --git a/modules/nixos/system/packages/default.nix b/modules/nixos/system/packages/default.nix index 5c29aa0..ebea06f 100644 --- a/modules/nixos/system/packages/default.nix +++ b/modules/nixos/system/packages/default.nix @@ -14,12 +14,14 @@ in config = lib.mkIf cfg.enable { environment.systemPackages = with pkgs; [ - vim wget ]; programs = { - vim.defaultEditor = true; # Modal editing is life + vim = { + enable = true; + defaultEditor = true; # Modal editing is life + }; zsh = { enable = true; # Use integrations diff --git a/modules/nixos/system/persist/default.nix b/modules/nixos/system/persist/default.nix new file mode 100644 index 0000000..fbf63fa --- /dev/null +++ b/modules/nixos/system/persist/default.nix @@ -0,0 +1,65 @@ +# Ephemeral root configuration +{ config, inputs, lib, ... }: +let + cfg = config.my.system.persist; +in +{ + imports = [ + inputs.impermanence.nixosModules.impermanence + ]; + + options.my.system.persist = with lib; { + enable = mkEnableOption "stateless system configuration"; + + mountPoint = lib.mkOption { + type = types.str; + default = "/persistent"; + example = "/etc/nix/persist"; + description = '' + Which mount point should be used to persist this system's files and + directories. + ''; + }; + + files = lib.mkOption { + type = with types; listOf str; + default = [ ]; + example = [ + "/etc/nix/id_rsa" + ]; + description = '' + Additional files in the root to link to persistent storage. + ''; + }; + + directories = lib.mkOption { + type = with types; listOf str; + default = [ ]; + example = [ + "/var/lib/libvirt" + ]; + description = '' + Additional directories in the root to link to persistent storage. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + environment.persistence."${cfg.mountPoint}" = { + files = [ + "/etc/machine-id" + ] + ++ cfg.files + ; + + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + ] + ++ cfg.directories + ; + }; + }; +} diff --git a/modules/nixos/system/podman/default.nix b/modules/nixos/system/podman/default.nix index 52630c7..8400dfd 100644 --- a/modules/nixos/system/podman/default.nix +++ b/modules/nixos/system/podman/default.nix @@ -44,5 +44,9 @@ in ]; }; }; + + my.system.persist.directories = [ + "/var/lib/containers" + ]; }; } diff --git a/overlays/downgrade-transmission/default.nix b/overlays/downgrade-transmission/default.nix new file mode 100644 index 0000000..9d3fc8a --- /dev/null +++ b/overlays/downgrade-transmission/default.nix @@ -0,0 +1,14 @@ +self: prev: +{ + transmission_4 = prev.transmission_4.overrideAttrs (_: { + version = "4.0.5"; + + src = self.fetchFromGitHub { + owner = "transmission"; + repo = "transmission"; + rev = "4.0.5"; + hash = "sha256-gd1LGAhMuSyC/19wxkoE2mqVozjGPfupIPGojKY0Hn4="; + fetchSubmodules = true; + }; + }); +} diff --git a/pkgs/cgt-calc/default.nix b/pkgs/cgt-calc/default.nix new file mode 100644 index 0000000..9966944 --- /dev/null +++ b/pkgs/cgt-calc/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, python3Packages +, withTeXLive ? true +, texliveSmall +}: +python3Packages.buildPythonApplication rec { + pname = "cgt-calc"; + version = "1.13.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "KapJI"; + repo = "capital-gains-calculator"; + rev = "v${version}"; + hash = "sha256-y/Y05wG89nccXyxfjqazyPJhd8dOkfwRJre+Rzx97Hw="; + }; + + build-system = with python3Packages; [ + poetry-core + ]; + + dependencies = with python3Packages; [ + defusedxml + jinja2 + pandas + requests + types-requests + yfinance + ]; + + makeWrapperArgs = lib.optionals withTeXLive [ + "--prefix" + "PATH" + ":" + "${lib.getBin texliveSmall}/bin" + ]; + + meta = with lib; { + description = "UK capital gains tax calculator"; + homepage = "https://github.com/KapJI/capital-gains-calculator"; + license = with licenses; [ mit ]; + mainProgram = "cgt-calc"; + maintainers = with maintainers; [ ambroisie ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 6b7fce1..949bcf7 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,6 +2,8 @@ pkgs.lib.makeScope pkgs.newScope (pkgs: { bw-pass = pkgs.callPackage ./bw-pass { }; + cgt-calc = pkgs.callPackage ./cgt-calc { }; + change-audio = pkgs.callPackage ./change-audio { }; change-backlight = pkgs.callPackage ./change-backlight { }; diff --git a/pkgs/lohr/default.nix b/pkgs/lohr/default.nix index ddeac7a..b89ccff 100644 --- a/pkgs/lohr/default.nix +++ b/pkgs/lohr/default.nix @@ -1,16 +1,16 @@ { lib, fetchFromGitHub, rustPlatform }: rustPlatform.buildRustPackage rec { pname = "lohr"; - version = "0.4.5"; + version = "0.4.6"; src = fetchFromGitHub { owner = "alarsyo"; repo = "lohr"; rev = "v${version}"; - hash = "sha256-p6E/r+OxFTpxDpOKSlacOxvRLfHSKg1mHNAfTytfqDY="; + hash = "sha256-dunQgtap+XCK5LoSyOqIY/6p6HizBeiyPWNuCffwjDU="; }; - cargoHash = "sha256-hext0S0o9D9pN9epzXtD5dwAYMPCLpBBOBT4FX0mTMk="; + cargoHash = "sha256-EUhyrhPe+mUgMmm4o+bxRIiSNReJRfw+/O1fPr8r7lo="; meta = with lib; { description = "Git mirroring daemon"; diff --git a/pkgs/unbound-zones-adblock/default.nix b/pkgs/unbound-zones-adblock/default.nix index 642ac41..11a6c90 100644 --- a/pkgs/unbound-zones-adblock/default.nix +++ b/pkgs/unbound-zones-adblock/default.nix @@ -1,7 +1,7 @@ { lib, gawk, stdenvNoCC, stevenblack-blocklist }: stdenvNoCC.mkDerivation { name = "unbound-zones-adblock"; - version = stevenblack-blocklist.rev; + inherit (stevenblack-blocklist) version; src = stevenblack-blocklist; @@ -30,7 +30,7 @@ stdenvNoCC.mkDerivation { description = "Unified host lists, ready to be used by unbound"; longDescription = '' This is a simple derivation based on StevenBlack's unified hosts list. - The files have been modified for easy use wih unbound. + The files have been modified for easy use with unbound. ''; homepage = "https://github.com/StevenBlack/hosts"; license = licenses.mit;