ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: ambroisie:main
Branches Tags
ambroisie:main
ambroisie:add-impermanence
ambroisie:add-nixgl
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix
ambroisie:export-nixos-homes
ambroisie:add-matrix-bridges
..
compare: ambroisie:xdg-nix
Branches Tags
ambroisie:main
ambroisie:add-impermanence
ambroisie:add-nixgl
ambroisie:add-typos-hook
ambroisie:add-bazel-template
ambroisie:nvim-lua-lsp
ambroisie:xdg-nix
ambroisie:export-nixos-homes
ambroisie:add-matrix-bridges

8 commits
main ... xdg-nix

Author SHA1 Message Date
Bruno BELANYI 2e5899b22e WIP
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details
2024-02-07 20:56:13 +00:00
Bruno BELANYI c68574b745 home: add wget
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details 
This is mostly so that I can add the XDG-compliant configuration.
 2024-02-07 20:17:49 +00:00
Bruno BELANYI 7a03ce2012 home: xdg: add python configuration
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details 
It looks like 3.13 finally brought a way to change the history location
through `PYTHON_HISTORY`.
 2024-02-07 20:01:28 +00:00
Bruno BELANYI 0650c1f159 home: xdg: fix sort order 2024-02-07 19:44:51 +00:00
Bruno BELANYI 9b2963cb8c overlays: add gruvbox-nvim-treesitter-fix
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details 
The version in nixpkgs is not up-to-date with regards to the
nvim-treesitter breaking changes that were recently introduced.
 2024-02-07 13:10:25 +00:00
Bruno BELANYI 091424cb14 overlays: gruvbox-nvim-better-diff: simplify 2024-02-07 11:53:56 +00:00
Bruno BELANYI 1a7223a5e5 overlays: remove 'tandoor-recipes-failing-test'
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Details 
This is now redundant, the nixpkgs bump provided an updated package
which builds successfully.

This reverts commit 473be47b29.
 2024-02-06 17:25:03 +01:00
Bruno BELANYI c8b5b1586c flake: bump inputs 
And remove the now-redundant overlay to fix a flaky `tandoor-recipes`
test.
 2024-02-06 17:24:11 +01:00
149 changed files with 1280 additions and 2167 deletions
Show stats Expand all files Collapse all files

20
.woodpecker/check.yml
View file

@ -7,17 +7,17 @@ steps:
commands:
- nix flake check
- name: notify
- name: notifiy
image: bash
environment:
ADDRESS:
from_secret: matrix_homeserver
ROOM:
from_secret: matrix_roomid
USER:
from_secret: matrix_username
PASS:
from_secret: matrix_password
secrets:
- source: matrix_homeserver
target: address
- source: matrix_roomid
target: room
- source: matrix_username
target: user
- source: matrix_password
target: pass
commands:
- nix run '.#matrix-notifier'
when:

81
flake.lock
View file

@ -14,11 +14,11 @@
]
},
"locked": {
"lastModified": 1723293904,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
"lastModified": 1703433843,
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
"owner": "ryantm",
"repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
"type": "github"
},
"original": {
@ -73,11 +73,11 @@
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"lastModified": 1706830856,
"narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
"type": "github"
},
"original": {
@ -94,11 +94,11 @@
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
@ -116,11 +116,11 @@
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"lastModified": 1703887061,
"narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
"type": "github"
},
"original": {
@ -136,11 +136,11 @@
]
},
"locked": {
"lastModified": 1735381016,
"narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
"lastModified": 1707175763,
"narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
"rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80",
"type": "github"
},
"original": {
@ -152,11 +152,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1735291276,
"narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=",
"lastModified": 1707092692,
"narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "634fd46801442d760e09493a794c4f15db2d0cbb",
"rev": "faf912b086576fd1a15fca610166c98d47bc667e",
"type": "github"
},
"original": {
@ -167,21 +167,12 @@
}
},
"nur": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1735408823,
"narHash": "sha256-1VjQeMQer5nXNYtw+BG+s78ucaEoxO5oqj+yRmM8MMs=",
"lastModified": 1707234300,
"narHash": "sha256-D+LdA8g0Tq+KE9EmJMmn8EGRO5jZ2nLe/W0Fr5EIsdg=",
"owner": "nix-community",
"repo": "NUR",
"rev": "8283ea92deac8cdb6fd63ff04049ac9e879bf5eb",
"rev": "59fceae769455455ef44c1dfb63bbae1ecddc41d",
"type": "github"
},
"original": {
@ -194,6 +185,9 @@
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": [
"futils"
],
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
@ -203,11 +197,11 @@
]
},
"locked": {
"lastModified": 1734797603,
"narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=",
"lastModified": 1706424699,
"narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498",
"rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf",
"type": "github"
},
"original": {
@ -244,27 +238,6 @@
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733222881,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

5
flake.nix
View file

@ -55,10 +55,6 @@
owner = "nix-community";
repo = "NUR";
ref = "master";
inputs = {
flake-parts.follows = "flake-parts";
nixpkgs.follows = "nixpkgs";
};
};
pre-commit-hooks = {
@ -67,6 +63,7 @@
repo = "pre-commit-hooks.nix";
ref = "master";
inputs = {
flake-utils.follows = "futils";
nixpkgs.follows = "nixpkgs";
nixpkgs-stable.follows = "nixpkgs";
};

4
flake/default.nix
View file

@ -1,9 +1,9 @@
{ flake-parts
, systems
, futils
, ...
} @ inputs:
let
mySystems = import systems;
mySystems = futils.lib.defaultSystems;
in
flake-parts.lib.mkFlake { inherit inputs; } {
systems = mySystems;

2
flake/home-manager.nix
View file

@ -25,7 +25,7 @@ let
inherit system;
overlays = (lib.attrValues self.overlays) ++ [
inputs.nur.overlays.default
inputs.nur.overlay
];
};

2
flake/nixos.nix
View file

@ -7,7 +7,7 @@ let
}
{
nixpkgs.overlays = (lib.attrValues self.overlays) ++ [
inputs.nur.overlays.default
inputs.nur.overlay
];
}
# Include generic settings

24
hosts/homes/ambroisie@bazin/default.nix
View file

@ -1,5 +1,5 @@
# Google Laptop configuration
{ lib, options, pkgs, ... }:
{ lib, pkgs, ... }:
{
services.gpg-agent.enable = lib.mkForce false;
@ -12,10 +12,8 @@
# I use scripts that use the passthrough sequence often on this host
enablePassthrough = true;
terminalFeatures = {
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
xterm-256color = { };
};
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
trueColorTerminals = [ "xterm-256color" ];
};
ssh = {
@ -23,21 +21,5 @@
package = pkgs.emptyDirectory;
};
};
zsh = {
notify = {
enable = true;
exclude = options.my.home.zsh.notify.exclude.default ++ [
"adb shell$" # Only interactive shell sessions
];
ssh = {
enable = true;
# `notify-send` is proxied to the ChromeOS layer
useOsc777 = false;
};
};
};
};
}

6
hosts/homes/ambroisie@mousqueton/default.nix
View file

@ -15,10 +15,8 @@
# I use scripts that use the passthrough sequence often on this host
enablePassthrough = true;
terminalFeatures = {
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
xterm-256color = { };
};
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
trueColorTerminals = [ "xterm-256color" ];
};
};
}

4
hosts/nixos/aramis/home.nix
View file

@ -2,7 +2,7 @@
{
my.home = {
# Use graphical pinentry
bitwarden.pinentry = pkgs.pinentry-gtk2;
bitwarden.pinentry = "gtk2";
# Ebook library
calibre.enable = true;
# Some amount of social life
@ -14,7 +14,7 @@
# Blue light filter
gammastep.enable = true;
# Use a small popup to enter passwords
gpg.pinentry = pkgs.pinentry-gtk2;
gpg.pinentry = "gtk2";
# Machine specific packages
packages.additionalPackages = with pkgs; [
element-desktop # Matrix client

11
hosts/nixos/porthos/boot.nix
View file

@ -3,14 +3,15 @@
{
boot = {
# Use the systemd-boot EFI boot loader.
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
# Use the GRUB 2 boot loader.
loader.grub = {
enable = true;
# Define on which hard drive you want to install Grub.
device = "/dev/disk/by-id/ata-HGST_HUS724020ALA640_PN2181P6J58M1P";
};
initrd = {
availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "usbhid" "sd_mod" ];
availableKernelModules = [ "uhci_hcd" "ahci" "usbhid" ];
kernelModules = [ "dm-snapshot" ];
};

8
hosts/nixos/porthos/default.nix
View file

@ -16,5 +16,11 @@
# Set your time zone.
time.timeZone = "Europe/Paris";
system.stateVersion = "24.05"; # Did you read the comment?
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}

13
hosts/nixos/porthos/hardware.nix
View file

@ -1,5 +1,5 @@
# Hardware configuration
{ modulesPath, ... }:
{ lib, modulesPath, ... }:
{
imports = [
@ -11,18 +11,9 @@
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
swapDevices = [
{ device = "/dev/disk/by-label/swap"; }
];
my.hardware = {
firmware = {
cpuFlavor = "intel";
};
};
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

15
hosts/nixos/porthos/home.nix
View file

@ -1,18 +1,11 @@
{ ... }:
{
my.home = {
nix = {
cache = {
# This server is the one serving the cache, don't try to query it
selfHosted = false;
};
};
# Allow using extended features when SSH-ing from various clients
tmux.terminalFeatures = {
# Allow using 24bit color when SSH-ing from various clients
tmux.trueColorTerminals = [
# My usual terminal, e.g: on laptop
alacritty = { };
};
"alacritty"
];
# Always start a tmux session when opening a shell session
zsh.launchTmux = true;

29
hosts/nixos/porthos/install.sh
View file

@ -3,7 +3,7 @@
SWAP_SIZE=16GiB
parted /dev/sda --script -- \
mklabel gpt \
mklabel msdos \
mkpart primary 512MiB -$SWAP_SIZE \
mkpart primary linux-swap -$SWAP_SIZE 100% \
mkpart ESP fat32 1MiB 512MiB \
@ -11,24 +11,14 @@ parted /dev/sda --script -- \
parted /dev/sdb --script -- \
mklabel gpt \
mkpart primary 0% 100%
parted /dev/sdc --script -- \
mklabel gpt \
mkpart primary 0% 100%
parted /dev/sdd --script -- \
mklabel gpt \
mkpart primary 0% 100%
mkpart primary 0MiB 100%
mkfs.ext4 -L media1 /dev/sda1
mkfs.ext4 -L media2 /dev/sdb1
mkfs.ext4 -L media3 /dev/sdc1
mkfs.ext4 -L media4 /dev/sdd1
pvcreate /dev/sda1
pvcreate /dev/sdb1
pvcreate /dev/sdc1
pvcreate /dev/sdd1
vgcreate lvm /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1
vgcreate lvm /dev/sda1 /dev/sdb1
lvcreate -l 100%FREE -n media lvm
mkfs.ext4 -L nixos /dev/mapper/lvm-media
@ -37,17 +27,17 @@ mkfs.fat -F 32 -n boot /dev/sda3
mount /dev/disk/by-label/nixos /mnt
swapon /dev/sda2
mkdir -p /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
apt install sudo
useradd -m -G sudo setupuser
# shellcheck disable=2117
su setupuser
cat << EOF
# Run the following commands as setup user
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
nix profile install nixpkgs#nixos-install-tools
curl -L https://nixos.org/nix/install | sh
. $HOME/.nix-profile/etc/profile.d/nix.sh
nix-channel --add https://nixos.org/channels/nixos-20.09 nixpkgs
sudo "$(which nixos-generate-config)" --root /mnt
# Change uuids to labels
@ -64,6 +54,3 @@ git crypt unlock
nixos-install --root /mnt --flake '.#<hostname>'
EOF
# shellcheck disable=2117
su setupuser

29
hosts/nixos/porthos/networking.nix
View file

@ -6,17 +6,30 @@
hostName = "porthos"; # Define your hostname.
domain = "belanyi.fr"; # Define your domain.
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = true;
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
useDHCP = false;
interfaces = {
eno1.useDHCP = true;
eno2.useDHCP = true;
bond0.useDHCP = true;
bonding_masters.useDHCP = true;
dummy0.useDHCP = true;
erspan0.useDHCP = true;
eth0.useDHCP = true;
eth1.useDHCP = true;
gre0.useDHCP = true;
gretap0.useDHCP = true;
ifb0.useDHCP = true;
ifb1.useDHCP = true;
ip6tnl0.useDHCP = true;
sit0.useDHCP = true;
teql0.useDHCP = true;
tunl0.useDHCP = true;
};
};
# Which interface is used to connect to the internet
my.hardware.networking.externalInterface = "eno1";
my.hardware.networking.externalInterface = "eth0";
}

15
hosts/nixos/porthos/secrets/acme/dns-key.age
View file

@ -1,9 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg Ec0xt1uJTva8MxUdoTVX5m3uWaIiRlodf345FEM7Uzs
aJIneWFJPB5HVeoUGp57agXih9YeZ6xMEbyQ+zJtWQY
-> ssh-ed25519 jPowng B5XotRgv7s/FUegGhceBj7EoukewNUOIFl4TFRQf1EQ
PgGCBd/Pqwp7ayqi7okHBGF1SfFpwT4KlHJ/np6p2uQ
--- AeLgwGz6k3OABb53cXNaCU/sgI4FlU1s6p8PhAaFOlg
1ÌÉCÔ¹ð¤ŽULfI1¸Hm»Ûòb}m” ÁÅ¡ìg•ß0¦¢–¤`X<16>G>\>¹8rŽz+ŠY ™¼`—Ê¢.JBUÏ!z¸Z50ú*õ¡ÙŸ¤×ÖÇ®I<C2AE>ôÔ]¹Ïå I
ĵ<18>¿oÒÛ°…g„®„ÒêÁ³Â¿Ÿt©nƒºãcz[»{
jçå&ÁõõNæ°Nÿo{õš½‚ -eP¾=L‰™ 6¦.SP:»e¶
-> ssh-ed25519 cKojmg bQFr9oAnbo1rI/MpUV8wQz/Xj7iZY4ZU+Swf0nSIQFw
zama2XJ0gdvUlD2GHMhmZqHSxHe+dKSfXnHoWDcSw7Y
-> ssh-ed25519 jPowng gitUwSKTNKWLSxnwa185O7x/u0ul93g8wPESdZaKRk8
uvBIfAUkZp5sg6rfeEGvL5ZDV8m2uSEotW02kjPN3Hw
--- SZxe5f/CUZBvPQa2Sz/UBY3L68rMkIGGRuZPk7YE+Vg
¾r ú&…¥‹{~v?¨}=Ä
}+ ¿SQM[²]Œ±k MÒAàtŒÃmMë/£µLsü|Þ…m©CÀñiYC}ƒŽ‡çxŽ€

10
hosts/nixos/porthos/secrets/forgejo/mail-password.age
View file

@ -1,10 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg Lhgx43wR8PtAMf5v1eJxKlUBSAoOLdOOn/QaQrwF8zA
jfUCpgNzkHCNTWCqtErDaLMmg1Oy+s9zUra1JLCi+J4
-> ssh-ed25519 jPowng kSeQ/SmMrzd8ByVu3YHWeZyKmqFZvQSBnDunkB8e6wc
WRmnfrV5xcRXA9t0ZXx6YvbRl0sX4PTrw63VVKX4Ei4
--- a+LLM1gP9g1AbUapbeeKaS4cEcRBmPo3MHU2DSWTAds
Ò,FÜÒ6”â⬘ ixÌ<78>°Øe| «
²
ÌÏœ,{† ˆõvª!†‰zÜ$P;ãé©TØÆÉKW
qGô

8
hosts/nixos/porthos/secrets/matrix/sliding-sync-secret.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg xRtF3XVc7yPicAV/E4U7mn0itvD0h1BWBTjwunuoe2E
OkB9sjGB3ulH4Feuyj3Ed0DBG4+mghW/Qpum9oXL/8c
-> ssh-ed25519 jPowng 1r8drqhz1yZdTq0Kvqya+ArU1C2fkN7Gg9LiWWfeUFg
cjbxntVwHvqLaJpiKs/Y8ojeb6e3/cLFcsoeuoobfFg
--- B1qA2PylJBrdZxZtCzlU2kRPvxLM+IrXTvR+ERxVtTY
"W9<57>Äbg¸©~Ì/áÕb4ãÕ†ú³ÜÔIÊ
Û}ð §ËÅË-³²ªNó±”ÑC7vWœbºØ?¦8=œÉwÆB ÃUpJClï²OÈ™³œnOÁ\

BIN
hosts/nixos/porthos/secrets/mealie/mail.age
View file

Binary file not shown.

8
hosts/nixos/porthos/secrets/pdf-edit/login.age
View file

@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg VYlHgHSLpfKb5bn1XA3aCpfX7M23DgbraLxxOfo9PDk
Rj+mDvAsWX3WwpuhTrOubmo17j/aud5+P87df5bosBA
-> ssh-ed25519 jPowng o9ZFaYrITZ6DjWw07Vk/+TkuU187/ytlEK4sw7G32G4
zmxlpDvDDEgQFqBVARXeX1ABhvfJ4uAHfa6mIxXzjAY
--- k/d9FWW8/OSo8EllwOBV74pZyX918u54jEljGk3ATUc
ü4+ø2{hE7!Ò­GA`×<>_@Íß—´¡R_ý§6J„ñL4v,6%ô‡øó#^® Ù¹ åB­§OøF|7ܽÉL]œÙj
BþóÛ¾éaòs]xS<78>Î pbÞo#¬J1QŸ=t}5Õ>Oï{+¼. M"7e»yý÷—

35
hosts/nixos/porthos/secrets/secrets.nix
View file

@ -21,24 +21,13 @@ in
"drone/secret.age".publicKeys = all;
"drone/ssh/private-key.age".publicKeys = all;
"forgejo/mail-password.age" = {
owner = "git";
publicKeys = all;
};
"gitea/mail-password.age" = {
owner = "git";
publicKeys = all;
};
"lohr/secret.age" = {
owner = "lohr";
publicKeys = all;
};
"lohr/ssh-key.age" = {
owner = "lohr";
publicKeys = all;
};
"lohr/secret.age".publicKeys = all;
"lohr/ssh-key.age".publicKeys = all;
"matrix/mail.age" = {
owner = "matrix-synapse";
@ -48,8 +37,7 @@ in
owner = "matrix-synapse";
publicKeys = all;
};
"mealie/mail.age" = {
"matrix/sliding-sync-secret.age" = {
publicKeys = all;
};
@ -74,24 +62,13 @@ in
"paperless/password.age".publicKeys = all;
"paperless/secret-key.age".publicKeys = all;
"pdf-edit/login.age".publicKeys = all;
"podgrab/password.age".publicKeys = all;
"pyload/credentials.age".publicKeys = all;
"sso/auth-key.age" = {
owner = "nginx-sso";
publicKeys = all;
};
"sso/ambroisie/password-hash.age" = {
owner = "nginx-sso";
publicKeys = all;
};
"sso/ambroisie/totp-secret.age" = {
owner = "nginx-sso";
publicKeys = all;
};
"sso/auth-key.age".publicKeys = all;
"sso/ambroisie/password-hash.age".publicKeys = all;
"sso/ambroisie/totp-secret.age".publicKeys = all;
"tandoor-recipes/secret-key.age".publicKeys = all;

55
hosts/nixos/porthos/services.nix
View file

@ -10,11 +10,6 @@ in
adblock = {
enable = true;
};
# Audiobook and podcast library
audiobookshelf = {
enable = true;
port = 9599;
};
# Backblaze B2 backup
backup = {
enable = true;
@ -41,14 +36,14 @@ in
flood = {
enable = true;
};
# Forgejo forge
forgejo = {
# Gitea forge
gitea = {
enable = true;
mail = {
enable = true;
host = "smtp.migadu.com";
user = lib.my.mkMailAddress "forgejo" "belanyi.fr";
passwordFile = secrets."forgejo/mail-password".path;
host = "smtp.migadu.com:465";
user = lib.my.mkMailAddress "gitea" "belanyi.fr";
passwordFile = secrets."gitea/mail-password".path;
};
};
# Meta-indexers
@ -69,10 +64,9 @@ in
mailConfigFile = secrets."matrix/mail".path;
# Only necessary when doing the initial registration
secretFile = secrets."matrix/secret".path;
};
mealie = {
enable = true;
credentialsFile = secrets."mealie/mail".path;
slidingSync = {
secretFile = secrets."matrix/sliding-sync-secret".path;
};
};
miniflux = {
enable = true;
@ -95,9 +89,6 @@ in
nextcloud = {
enable = true;
passwordFile = secrets."nextcloud/password".path;
collabora = {
enable = true;
};
};
nix-cache = {
enable = true;
@ -127,10 +118,19 @@ in
passwordFile = secrets."paperless/password".path;
secretKeyFile = secrets."paperless/secret-key".path;
};
# Sometimes, editing PDFs is useful
pdf-edit = {
# The whole *arr software suite
pirate = {
enable = true;
loginFile = secrets."pdf-edit/login".path;
# ... But not Lidarr because I don't care for music that much
lidarr = {
enable = false;
};
};
# Podcast automatic downloader
podgrab = {
enable = true;
passwordFile = secrets."podgrab/password".path;
port = 9598;
};
# Regular backups
postgresql-backup.enable = true;
@ -142,16 +142,13 @@ in
rss-bridge.enable = true;
# Usenet client
sabnzbd.enable = true;
# The whole *arr software suite
servarr = {
enable = true;
# ... But not Lidarr because I don't care for music that much
lidarr = {
enable = false;
};
};
# Because I still need to play sysadmin
# Because I stilll need to play sysadmin
ssh-server.enable = true;
# Recipe manager
tandoor-recipes = {
enable = true;
secretKeyFile = secrets."tandoor-recipes/secret-key".path;
};
# Torrent client and webui
transmission = {
enable = true;

8
modules/home/atuin/default.nix
View file

@ -1,19 +1,15 @@
{ config, lib, pkgs, ... }:
{ config, lib, ... }:
let
cfg = config.my.home.atuin;
in
{
options.my.home.atuin = with lib; {
enable = my.mkDisableOption "atuin configuration";
# I want the full experience by default
package = mkPackageOption pkgs "atuin" { };
};
config = lib.mkIf cfg.enable {
programs.atuin = {
enable = true;
inherit (cfg) package;
flags = [
# I *despise* this hijacking of the up key, even though I use Ctrl-p
@ -29,8 +25,6 @@ in
search_mode = "skim";
# Show long command lines at the bottom
show_preview = true;
# I like being able to edit my commands
enter_accept = false;
};
};
};

9
modules/home/bitwarden/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ config, lib, ... }:
let
cfg = config.my.home.bitwarden;
in
@ -6,7 +6,12 @@ in
options.my.home.bitwarden = with lib; {
enable = my.mkDisableOption "bitwarden configuration";
pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; };
pinentry = mkOption {
type = types.str;
default = "tty";
example = "gtk2";
description = "Which pinentry interface to use";
};
};
config = lib.mkIf cfg.enable {

4
modules/home/calibre/default.nix
View file

@ -5,13 +5,11 @@ in
{
options.my.home.calibre = with lib; {
enable = mkEnableOption "calibre configuration";
package = mkPackageOption pkgs "calibre" { };
};
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
cfg.package
calibre
];
};
}

8
modules/home/direnv/default.nix
View file

@ -7,9 +7,9 @@ in
enable = my.mkDisableOption "direnv configuration";
defaultFlake = mkOption {
type = with types; nullOr str;
default = null;
example = "pkgs";
type = types.str;
default = "pkgs";
example = "nixpkgs";
description = ''
Which flake from the registry should be used for
<command>use pkgs</command> by default.
@ -39,7 +39,7 @@ in
in
lib.my.genAttrs' files linkLibFile;
home.sessionVariables = lib.mkIf (cfg.defaultFlake != null) {
home.sessionVariables = {
DIRENV_DEFAULT_FLAKE = cfg.defaultFlake;
};
};

8
modules/home/direnv/lib/android.sh
View file

@ -1,4 +1,4 @@
# shellcheck shell=bash
#shellcheck shell=bash
# shellcheck disable=2155
use_android() {
@ -32,16 +32,10 @@ use_android() {
-b|--build-tools)
build_tools_version="$2"
shift 2
if ! [ -e "$ANDROID_HOME/build-tools/$build_tools_version" ]; then
log_error "use_android: build-tools version '$build_tools_version' does not exist"
fi
;;
-n|--ndk)
ndk_version="$2"
shift 2
if ! [ -e "$ANDROID_HOME/ndk/$ndk_version" ]; then
log_error "use_android: NDK version '$ndk_version' does not exist"
fi
;;
--)
shift

2
modules/home/direnv/lib/nix.sh
View file

@ -1,4 +1,4 @@
# shellcheck shell=bash
#shellcheck shell=bash
use_pkgs() {
if ! has nix; then

2
modules/home/direnv/lib/postgres.sh
View file

@ -1,4 +1,4 @@
# shellcheck shell=bash
#shellcheck shell=bash
layout_postgres() {
if ! has postgres || ! has initdb; then

38
modules/home/direnv/lib/python.sh
View file

@ -1,4 +1,4 @@
# shellcheck shell=bash
#shellcheck shell=bash
layout_poetry() {
if ! has poetry; then
@ -9,12 +9,12 @@ layout_poetry() {
if [[ ! -f pyproject.toml ]]; then
# shellcheck disable=2016
log_error 'layout_poetry: no pyproject.toml found. Use `poetry init` to create one first'
log_error 'layout_poetry: no pyproject.toml found. Use `poetry new` or `poetry init` to create one first'
return 1
fi
# create venv if it doesn't exist
poetry run -q -- true
poetry run true
# shellcheck disable=2155
export VIRTUAL_ENV=$(poetry env info --path)
@ -23,35 +23,3 @@ layout_poetry() {
watch_file pyproject.toml
watch_file poetry.lock
}
layout_uv() {
if ! has uv; then
# shellcheck disable=2016
log_error 'layout_uv: `uv` is not in PATH'
return 1
fi
if [[ ! -f pyproject.toml ]]; then
# shellcheck disable=2016
log_error 'layout_uv: no pyproject.toml found. Use `uv init` to create one first'
return 1
fi
local default_venv="$PWD/.venv"
: "${VIRTUAL_ENV:=$default_venv}"
# Use non-default venv path if required
if [ "$VIRTUAL_ENV" != "$default_venv" ]; then
export UV_PROJECT_ENVIRONMENT="$VIRTUAL_ENV"
fi
# create venv if it doesn't exist
uv venv -q
export VIRTUAL_ENV
export UV_ACTIVE=1
PATH_add "$VIRTUAL_ENV/bin"
watch_file pyproject.toml
watch_file uv.lock
watch_file .python-version
}

4
modules/home/discord/default.nix
View file

@ -7,13 +7,11 @@ in
{
options.my.home.discord = with lib; {
enable = mkEnableOption "discord configuration";
package = mkPackageOption pkgs "discord" { };
};
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
cfg.package
discord
];
xdg.configFile."discord/settings.json".source =

10
modules/home/firefox/tridactyl/tridactylrc
View file

@ -4,7 +4,7 @@
" Use dark color scheme
colorscheme dark
" Make tridactyl open Vim in my preferred terminal
" Make tridactyl open Vim in my prefered terminal
set editorcmd @editorcmd@
" Remove editor file after use
@ -15,8 +15,8 @@ bind --mode=input <C-i> editor_rm
" Binds {{{
" Reddit et al. {{{
" Toggle comments on Reddit, Hacker News, Lobste.rs, LWN
bind ;c hint -Jc [class*="expand"],[class*="togg"],[class="comment_folder"],[class="CommentTitle"]
" Toggle comments on Reddit, Hacker News, Lobste.rs
bind ;c hint -Jc [class*="expand"],[class*="togg"],[class="comment_folder"]
" Make `gu` take me back to subreddit from comments
bindurl reddit.com gu urlparent 3
@ -26,8 +26,8 @@ bindurl www.google.com f hint -Jc #search a
bindurl www.google.com F hint -Jbc #search a
" Only hint search results on DuckDuckGo
bindurl ^https://duckduckgo.com f hint -Jc [data-testid="result"]
bindurl ^https://duckduckgo.com F hint -Jbc [data-testid="result"]
bindurl ^https://duckduckgo.com f hint -Jc [data-testid="result-title-a"]
bindurl ^https://duckduckgo.com F hint -Jbc [data-testid="result-title-a"]
" Only hint item pages on Hacker News
bindurl news.ycombinator.com ;f hint -Jc .age > a

22
modules/home/gdb/default.nix
View file

@ -6,29 +6,27 @@ in
options.my.home.gdb = with lib; {
enable = my.mkDisableOption "gdb configuration";
package = mkPackageOption pkgs "gdb" { };
rr = {
enable = my.mkDisableOption "rr configuration";
package = mkPackageOption pkgs "rr" { };
package = mkOption {
type = types.package;
default = pkgs.rr;
defaultText = literalExample "pkgs.rr";
description = ''
Package providing rr
'';
};
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
home.packages = with pkgs; [
cfg.package
gdb
];
xdg = {
configFile."gdb/gdbinit".source = ./gdbinit;
stateFile."gdb/.keep".text = "";
};
home.sessionVariables = {
GDBHISTFILE = "${config.xdg.stateHome}/gdb/gdb_history";
};
xdg.configFile."gdb/gdbinit".source = ./gdbinit;
}
(lib.mkIf cfg.rr.enable {

4
modules/home/git/default.nix
View file

@ -148,10 +148,6 @@ in
autoStash = true;
};
rerere = {
enabled = true;
};
url = {
"git@git.belanyi.fr:" = {
insteadOf = "https://git.belanyi.fr/";

11
modules/home/gpg/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ config, lib, ... }:
let
cfg = config.my.home.gpg;
in
@ -6,7 +6,12 @@ in
options.my.home.gpg = with lib; {
enable = my.mkDisableOption "gpg configuration";
pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; };
pinentry = mkOption {
type = types.str;
default = "tty";
example = "gtk2";
description = "Which pinentry interface to use";
};
};
config = lib.mkIf cfg.enable {
@ -17,7 +22,7 @@ in
services.gpg-agent = {
enable = true;
enableSshSupport = true; # One agent to rule them all
pinentryPackage = cfg.pinentry;
pinentryFlavor = cfg.pinentry;
extraConfig = ''
allow-loopback-pinentry
'';

4
modules/home/gtk/default.nix
View file

@ -21,12 +21,12 @@ in
};
iconTheme = {
package = pkgs.gnome-themes-extra;
package = pkgs.gnome.gnome-themes-extra;
name = "Adwaita";
};
theme = {
package = pkgs.gnome-themes-extra;
package = pkgs.gnome.gnome-themes-extra;
name = "Adwaita";
};
};

4
modules/home/mail/accounts/default.nix
View file

@ -58,7 +58,7 @@ in
{
config.accounts.email.accounts = {
personal = lib.mkMerge [
# Common configuration
# Common configuraton
(mkConfig {
domain = "belanyi.fr";
address = "bruno";
@ -70,7 +70,7 @@ in
];
gmail = lib.mkMerge [
# Common configuration
# Common configuraton
(mkConfig {
domain = "gmail.com";
address = "brunobelanyi";

64
modules/home/nix/default.nix
View file

@ -12,7 +12,7 @@ let
# Use pinned nixpkgs when using `nix run pkgs#<whatever>`
pkgs = inputs.nixpkgs;
}
(lib.optionalAttrs cfg.inputs.overrideNixpkgs {
(lib.optionalAttrs cfg.overrideNixpkgs {
# ... And with `nix run nixpkgs#<whatever>`
nixpkgs = inputs.nixpkgs;
})
@ -22,30 +22,20 @@ in
options.my.home.nix = with lib; {
enable = my.mkDisableOption "nix configuration";
gc = {
enable = my.mkDisableOption "nix GC configuration";
};
linkInputs = my.mkDisableOption "link inputs to `$XDG_CONFIG_HOME/nix/inputs`";
cache = {
selfHosted = my.mkDisableOption "self-hosted cache";
};
addToRegistry = my.mkDisableOption "add inputs and self to registry";
inputs = {
link = my.mkDisableOption "link inputs to `$XDG_CONFIG_HOME/nix/inputs/`";
addToNixPath = my.mkDisableOption "add inputs and self to nix path";
addToRegistry = my.mkDisableOption "add inputs and self to registry";
addToNixPath = my.mkDisableOption "add inputs and self to nix path";
overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version";
};
overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version";
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
assertions = [
{
assertion = cfg.inputs.addToNixPath -> cfg.inputs.link;
assertion = cfg.addToNixPath -> cfg.linkInputs;
message = ''
enabling `my.home.nix.addToNixPath` needs to have
`my.home.nix.linkInputs = true`
@ -58,43 +48,17 @@ in
nix = {
package = lib.mkDefault pkgs.nix; # NixOS module sets it unconditionally
# FIXME: waiting on https://github.com/nix-community/home-manager/pull/3876
settings = {
# I like XDG-compliance
use-xdg-base-directories = true;
experimental-features = [ "nix-command" "flakes" ];
};
};
}
(lib.mkIf cfg.gc.enable {
nix.gc = {
automatic = true;
# Every week, with some wiggle room
frequency = "weekly";
randomizedDelaySec = "10min";
# Use a persistent timer for e.g: laptops
persistent = true;
# Delete old profiles automatically after 15 days
options = "--delete-older-than 15d";
};
})
(lib.mkIf cfg.cache.selfHosted {
nix = {
settings = {
extra-substituters = [
"https://cache.belanyi.fr/"
];
extra-trusted-public-keys = [
"cache.belanyi.fr:LPhrTqufwfxTceg1nRWueDWf7/2zSVY9K00pq2UI7tw="
];
};
};
})
(lib.mkIf cfg.inputs.addToRegistry {
(lib.mkIf cfg.addToRegistry {
nix.registry =
let
makeEntry = v: { flake = v; };
@ -103,7 +67,7 @@ in
makeEntries channels;
})
(lib.mkIf cfg.inputs.link {
(lib.mkIf cfg.linkInputs {
xdg.configFile =
let
makeLink = n: v: {
@ -115,8 +79,8 @@ in
makeLinks channels;
})
(lib.mkIf cfg.inputs.addToNixPath {
nix.nixPath = [ "${config.xdg.configHome}/nix/inputs" ];
(lib.mkIf cfg.addToNixPath {
home.sessionVariables.NIX_PATH = "${config.xdg.configHome}/nix/inputs\${NIX_PATH:+:$NIX_PATH}";
})
]);
}

1
modules/home/packages/default.nix
View file

@ -26,7 +26,6 @@ in
fd
file
ripgrep
tree
] ++ cfg.additionalPackages);
nixpkgs.config = {

3
modules/home/pager/default.nix
View file

@ -15,8 +15,7 @@ in
# Clear the screen on start and exit
LESS = "-R -+X -c";
# Better XDG compliance
LESSHISTFILE = "${config.xdg.stateHome}/less/history";
LESSKEY = "${config.xdg.configHome}/less/lesskey";
LESSHISTFILE = "${config.xdg.dataHome}/less/history";
};
};
}

2
modules/home/ssh/default.nix
View file

@ -49,7 +49,7 @@ in
};
porthos = {
hostname = "37.187.146.15";
hostname = "91.121.177.163";
identityFile = "~/.ssh/shared_rsa";
user = "ambroisie";
};

50
modules/home/tmux/default.nix
View file

@ -5,14 +5,6 @@ let
config.my.home.x.enable
(config.my.home.wm.windowManager != null)
];
mkTerminalFlags = opt: flag:
let
mkFlag = term: ''set -as terminal-features ",${term}:${flag}"'';
enabledTerminals = lib.filterAttrs (_: v: v.${opt}) cfg.terminalFeatures;
terminals = lib.attrNames enabledTerminals;
in
lib.concatMapStringsSep "\n" mkFlag terminals;
in
{
options.my.home.tmux = with lib; {
@ -20,22 +12,16 @@ in
enablePassthrough = mkEnableOption "tmux DCS passthrough sequence";
terminalFeatures = mkOption {
type = with types; attrsOf (submodule {
options = {
hyperlinks = my.mkDisableOption "hyperlinks through OSC8";
trueColor = my.mkDisableOption "24-bit (RGB) color support";
};
});
default = { ${config.my.home.terminal.program} = { }; };
defaultText = literalExpression ''
{ ''${config.my.home.terminal.program} = { }; };
trueColorTerminals = mkOption {
type = with types; listOf str;
default = lib.my.nullableToList config.my.home.terminal.program;
defaultText = ''
`[ config.my.home.terminal.program ]` if it is non-null, otherwise an
empty list.
'';
example = { xterm-256color = { }; };
example = [ "xterm-256color" ];
description = ''
$TERM values which should be considered to have additional features.
$TERM values which should be considered to always support 24-bit color.
'';
};
};
@ -46,9 +32,7 @@ in
keyMode = "vi"; # Home-row keys and other niceties
clock24 = true; # I'm one of those heathens
escapeTime = 0; # Let vim do its thing instead
historyLimit = 100000; # Bigger buffer
mouse = false; # I dislike mouse support
focusEvents = true; # Report focus events
historyLimit = 50000; # Bigger buffer
terminal = "tmux-256color"; # I want accurate termcap info
plugins = with pkgs.tmuxPlugins; [
@ -82,13 +66,6 @@ in
];
extraConfig = ''
# Refresh configuration
bind-key -N "Source tmux.conf" R source-file ${config.xdg.configHome}/tmux/tmux.conf \; display-message "Sourced tmux.conf!"
# Accept sloppy Ctrl key when switching windows, on top of default mapping
bind-key -N "Select the previous window" C-p previous-window
bind-key -N "Select the next window" C-n next-window
# Better vim mode
bind-key -T copy-mode-vi 'v' send -X begin-selection
${
@ -112,10 +89,13 @@ in
''
}
# Force OSC8 hyperlinks for each relevant $TERM
${mkTerminalFlags "hyperlinks" "hyperlinks"}
# Force 24-bit color for each relevant $TERM
${mkTerminalFlags "trueColor" "RGB"}
${
let
mkTcFlag = term: ''set -as terminal-features ",${term}:RGB"'';
in
lib.concatMapStringsSep "\n" mkTcFlag cfg.trueColorTerminals
}
'';
};
}

6
modules/home/vim/after/ftplugin/json.vim
View file

@ -1,6 +0,0 @@
" Create the `b:undo_ftplugin` variable if it doesn't exist
call ftplugined#check_undo_ft()
" Use a small indentation value on JSON files
setlocal shiftwidth=2
let b:undo_ftplugin.='|setlocal shiftwidth<'

6
modules/home/vim/after/ftplugin/netrw.vim Normal file
View file

@ -0,0 +1,6 @@
" Create the `b:undo_ftplugin` variable if it doesn't exist
call ftplugined#check_undo_ft()
" Don't show Netrw in buffer list
setlocal bufhidden=delete
let b:undo_ftplugin='|setlocal bufhidden<'

6
modules/home/vim/after/ftplugin/query.vim
View file

@ -1,6 +0,0 @@
" Create the `b:undo_ftplugin` variable if it doesn't exist
call ftplugined#check_undo_ft()
" Use a small indentation value on query files
setlocal shiftwidth=2
let b:undo_ftplugin.='|setlocal shiftwidth<'

10
modules/home/vim/after/plugin/mappings/commentary.lua Normal file
View file

@ -0,0 +1,10 @@
local wk = require("which-key")
local keys = {
name = "Comment/uncomment",
c = "Current line",
u = "Uncomment the current and adjacent commented lines",
["gc"] = "Uncomment the current and adjacent commented lines",
}
wk.register(keys, { prefix = "gc" })

7
modules/home/vim/after/plugin/mappings/misc.lua Normal file
View file

@ -0,0 +1,7 @@
local wk = require("which-key")
local keys = {
["<leader>"] = { "<cmd>nohls<CR>", "Clear search highlight" },
}
wk.register(keys, { prefix = "<leader>" })

15
modules/home/vim/after/plugin/mappings/telescope.lua Normal file
View file

@ -0,0 +1,15 @@
local wk = require("which-key")
local telescope_builtin = require("telescope.builtin")
local keys = {
f = {
name = "Fuzzy finder",
b = { telescope_builtin.buffers, "Open buffers" },
f = { telescope_builtin.git_files, "Git tracked files" },
F = { telescope_builtin.find_files, "Files" },
g = { telescope_builtin.live_grep, "Grep string" },
G = { telescope_builtin.grep_string, "Grep string under cursor" },
},
}
wk.register(keys, { prefix = "<leader>" })

30
modules/home/vim/after/plugin/mappings/tree-sitter-textobjects.lua Normal file
View file

@ -0,0 +1,30 @@
local wk = require("which-key")
local motions = {
["]m"] = "Next method start",
["]M"] = "Next method end",
["]S"] = "Next statement start",
["]]"] = "Next class start",
["]["] = "Next class end",
["[m"] = "Previous method start",
["[M"] = "Previous method end",
["[S"] = "Previous statement start",
["[["] = "Previous class start",
["[]"] = "Previous class end",
}
local objects = {
["aa"] = "a parameter",
["ia"] = "inner parameter",
["ab"] = "a block",
["ib"] = "inner block",
["ac"] = "a class",
["ic"] = "inner class",
["af"] = "a function",
["if"] = "inner function",
["ak"] = "a comment",
["aS"] = "a statement",
}
wk.register(motions, { mode = "n" })
wk.register(objects, { mode = "o" })

238
modules/home/vim/after/plugin/mappings/unimpaired.lua
View file

@ -3,124 +3,126 @@ local wk = require("which-key")
local lsp = require("ambroisie.lsp")
local keys = {
-- Previous
{ "[", group = "Previous" },
-- Edition and navigation mappings
{ "[<space>", desc = "Insert blank line above" },
{ "[<C-L>", desc = "Previous location list file" },
{ "[<C-Q>", desc = "Previous quickfix list file" },
{ "[<C-T>", desc = "Previous tag in preview window" },
{ "[a", desc = "Previous argument" },
{ "[A", desc = "First argument" },
{ "[b", desc = "Previous buffer" },
{ "[B", desc = "First buffer" },
{ "[e", desc = "Exchange previous line" },
{ "[f", desc = "Previous file in directory" },
{ "[l", desc = "Previous location list entry" },
{ "[L", desc = "First Location list entry" },
{ "[n", desc = "Previous conflict marker/diff hunk" },
{ "[p", desc = "Paste line above" },
{ "[P", desc = "Paste line above" },
{ "[q", desc = "Previous quickfix list entry" },
{ "[Q", desc = "First quickfix list entry" },
{ "[t", desc = "Previous matching tag" },
{ "[T", desc = "First matching tag" },
{ "[z", desc = "Previous fold" },
-- Encoding
{ "[C", desc = "C string encode" },
{ "[u", desc = "URL encode" },
{ "[x", desc = "XML encode" },
{ "[y", desc = "C string encode" },
-- Custom
{ "[d", lsp.goto_prev_diagnostic, desc = "Previous diagnostic" },
-- Edition and navigation mappins
["["] = {
name = "Previous",
["<space>"] = "Insert blank line above",
["<C-L>"] = "Previous location list file",
["<C-Q>"] = "Previous quickfix list file",
["<C-T>"] = "Previous tag in preview window",
a = "Previous argument",
A = "First argument",
b = "Previous buffer",
B = "First buffer",
e = "Exchange previous line",
f = "Previous file in directory",
l = "Previous location list entry",
L = "First Location list entry",
n = "Previous conflict marker/diff hunk",
p = "Paste line above",
P = "Paste line above",
q = "Previous quickfix list entry",
Q = "First quickfix list entry",
t = "Previous matching tag",
T = "First matching tag",
z = "Previous fold",
-- Encoding
C = "C string encode",
u = "URL encode",
x = "XML encode",
y = "C string encode",
-- Custom
d = { lsp.goto_prev_diagnostic, "Previous diagnostic" },
},
["]"] = {
name = "Next",
["<space>"] = "Insert blank line below",
["<C-L>"] = "Next location list file",
["<C-Q>"] = "Next quickfix list file",
["<C-T>"] = "Next tag in preview window",
a = "Next argument",
A = "Last argument",
b = "Next buffer",
B = "Last buffer",
e = "Exchange next line",
f = "Next file in directory",
l = "Next location list entry",
L = "Last Location list entry",
n = "Next conflict marker/diff hunk",
p = "Paste line below",
P = "Paste line below",
q = "Next quickfix list entry",
Q = "Last quickfix list entry",
t = "Next matching tag",
T = "Last matching tag",
z = "Next fold",
-- Decoding
C = "C string decode",
u = "URL decode",
x = "XML decode",
y = "C string decode",
-- Custom
d = { lsp.goto_next_diagnostic, "Next diagnostic" },
},
-- Next
{ "]", group = "Next" },
-- Edition and navigation mappings
{ "]<space>", desc = "Insert blank line below" },
{ "]<C-L>", desc = "Next location list file" },
{ "]<C-Q>", desc = "Next quickfix list file" },
{ "]<C-T>", desc = "Next tag in preview window" },
{ "]a", desc = "Next argument" },
{ "]A", desc = "Last argument" },
{ "]b", desc = "Next buffer" },
{ "]B", desc = "Last buffer" },
{ "]e", desc = "Exchange next line" },
{ "]f", desc = "Next file in directory" },
{ "]l", desc = "Next location list entry" },
{ "]L", desc = "Last Location list entry" },
{ "]n", desc = "Next conflict marker/diff hunk" },
{ "]p", desc = "Paste line below" },
{ "]P", desc = "Paste line below" },
{ "]q", desc = "Next quickfix list entry" },
{ "]Q", desc = "Last quickfix list entry" },
{ "]t", desc = "Next matching tag" },
{ "]T", desc = "Last matching tag" },
{ "]z", desc = "Next fold" },
-- Decoding
{ "]C", desc = "C string decode" },
{ "]u", desc = "URL decode" },
{ "]x", desc = "XML decode" },
{ "]y", desc = "C string decode" },
-- Custom
{ "]d", lsp.goto_next_diagnostic, desc = "Next diagnostic" },
-- Enable option
{ "[o", group = "Enable option" },
{ "[ob", desc = "Light background" },
{ "[oc", desc = "Cursor line" },
{ "[od", desc = "Diff" },
{ "[of", "<cmd>FormatEnable<CR>", desc = "LSP Formatting" },
{ "[oh", desc = "Search high-lighting" },
{ "[oi", desc = "Case insensitive search" },
{ "[ol", desc = "List mode" },
{ "[on", desc = "Line numbers" },
{ "[or", desc = "Relative line numbers" },
{ "[op", "<cmd>lwindow<CR>", desc = "Location list" },
{ "[oq", "<cmd>cwindow<CR>", desc = "Quickfix list" },
{ "[ou", desc = "Cursor column" },
{ "[ov", desc = "Virtual editing" },
{ "[ow", desc = "Text wrapping" },
{ "[ox", desc = "Cursor line and column" },
{ "[oz", desc = "Spell checking" },
-- Disable option
{ "]o", group = "Disable option" },
{ "]ob", desc = "Light background" },
{ "]oc", desc = "Cursor line" },
{ "]od", desc = "Diff" },
{ "]of", "<cmd>FormatDisable<CR>", desc = "LSP Formatting" },
{ "]oh", desc = "Search high-lighting" },
{ "]oi", desc = "Case insensitive search" },
{ "]ol", desc = "List mode" },
{ "]on", desc = "Line numbers" },
{ "]op", "<cmd>lclose<CR>", desc = "Location list" },
{ "]oq", "<cmd>cclose<CR>", desc = "Quickfix list" },
{ "]or", desc = "Relative line numbers" },
{ "]ou", desc = "Cursor column" },
{ "]ov", desc = "Virtual editing" },
{ "]ow", desc = "Text wrapping" },
{ "]ox", desc = "Cursor line and column" },
{ "]oz", desc = "Spell checking" },
-- Toggle option
{ "yo", group = "Toggle option" },
{ "yob", desc = "Light background" },
{ "yoc", desc = "Cursor line" },
{ "yod", desc = "Diff" },
{ "yof", "<cmd>FormatToggle<CR>", desc = "LSP Formatting" },
{ "yoh", desc = "Search high-lighting" },
{ "yoi", desc = "Case insensitive search" },
{ "yol", desc = "List mode" },
{ "yon", desc = "Line numbers" },
{ "yop", "<Plug>(qf_loc_toggle)", desc = "Location list" },
{ "yoq", "<Plug>(qf_qf_toggle)", desc = "Quickfix list" },
{ "yor", desc = "Relative line numbers" },
{ "you", desc = "Cursor column" },
{ "yov", desc = "Virtual editing" },
{ "yow", desc = "Text wrapping" },
{ "yox", desc = "Cursor line and column" },
{ "yoz", desc = "Spell checking" },
-- Option mappings
["[o"] = {
name = "Enable option",
b = "Light background",
c = "Cursor line",
d = "Diff",
f = { "<cmd>FormatEnable<CR>", "LSP Formatting" },
h = "Search high-lighting",
i = "Case insensitive search",
l = "List mode",
n = "Line numbers",
r = "Relative line numbers",
p = { "<cmd>lwindow<CR>", "Location list" },
q = { "<cmd>cwindow<CR>", "Quickfix list" },
u = "Cursor column",
v = "Virtual editing",
w = "Text wrapping",
x = "Cursor line and column",
z = "Spell checking",
},
["]o"] = {
name = "Option off",
b = "Light background",
c = "Cursor line",
d = "Diff",
f = { "<cmd>FormatDisable<CR>", "LSP Formatting" },
h = "Search high-lighting",
i = "Case insensitive search",
l = "List mode",
n = "Line numbers",
p = { "<cmd>lclose<CR>", "Location list" },
q = { "<cmd>cclose<CR>", "Quickfix list" },
r = "Relative line numbers",
u = "Cursor column",
v = "Virtual editing",
w = "Text wrapping",
x = "Cursor line and column",
z = "Spell checking",
},
["yo"] = {
name = "Option toggle",
b = "Light background",
c = "Cursor line",
d = "Diff",
f = { "<cmd>FormatToggle<CR>", "LSP Formatting" },
h = "Search high-lighting",
i = "Case insensitive search",
l = "List mode",
n = "Line numbers",
p = { "<Plug>(qf_loc_toggle)", "Location list" },
q = { "<Plug>(qf_qf_toggle)", "Quickfix list" },
r = "Relative line numbers",
u = "Cursor column",
v = "Virtual editing",
w = "Text wrapping",
x = "Cursor line and column",
z = "Spell checking",
},
}
wk.add(keys)
wk.register(keys)

5
modules/home/vim/after/queries/diff/highlights.scm
View file

@ -1,5 +0,0 @@
; extends
; I want to the line added/removed markers to be the correct color
"+" @diff.plus
"-" @diff.minus

14
modules/home/vim/default.nix
View file

@ -40,18 +40,25 @@ in
lualine-lsp-progress # Show progress for LSP servers
# tpope essentials
vim-commentary # Easy comments
vim-eunuch # UNIX integrations
vim-fugitive # A 'git' wrapper
vim-git # Sane git syntax files
vim-repeat # Enanche '.' for plugins
vim-rsi # Readline mappings
vim-unimpaired # Some ex command mappings
vim-vinegar # Better netrw
# Languages
rust-vim
vim-beancount
vim-jsonnet
vim-nix
vim-toml
# General enhancements
vim-qf # Better quick-fix list
nvim-osc52 # Send clipboard data through terminal escape for SSH
# Other wrappers
git-messenger-vim # A simple blame window
@ -63,6 +70,7 @@ in
none-ls-nvim # LSP integration for linters and formatters
nvim-treesitter.withAllGrammars # Better highlighting
nvim-treesitter-textobjects # More textobjects
nvim-ts-context-commentstring # Comment string in nested language blocks
plenary-nvim # 'null-ls', 'telescope' dependency
# Completion
@ -80,7 +88,6 @@ in
dressing-nvim # Integrate native UI hooks with Telescope etc...
gitsigns-nvim # Fast git UI integration
nvim-surround # Deal with pairs, now in Lua
oil-nvim # Better alternative to NetrW
telescope-fzf-native-nvim # Use 'fzf' fuzzy matching algorithm
telescope-lsp-handlers-nvim # Use 'telescope' for various LSP actions
telescope-nvim # Fuzzy finder interface
@ -98,11 +105,8 @@ in
nixpkgs-fmt
# Shell
bash-language-server
shellcheck
shfmt
# Generic
typos-lsp
];
};

7
modules/home/vim/ftdetect/gn.lua Normal file
View file

@ -0,0 +1,7 @@
-- Use GN filetype for Chromium Generate Ninja files
vim.filetype.add({
extension = {
gn = "gn",
gni = "gn",
},
})

6
modules/home/vim/ftdetect/kbuild.lua Normal file
View file

@ -0,0 +1,6 @@
-- Kbuild is just a Makefile under a different name
vim.filetype.add({
filename = {
["Kbuild"] = "make",
},
})

6
modules/home/vim/ftdetect/tikz.lua Normal file
View file

@ -0,0 +1,6 @@
-- Use LaTeX filetype for TikZ files
vim.filetype.add({
extension = {
tikz = "tex",
},
})

33
modules/home/vim/init.vim
View file

@ -1,4 +1,4 @@
" Basic configuration {{{
" Basic configuraion {{{
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
" Use UTF-8
set encoding=utf-8
@ -38,10 +38,10 @@ set tabstop=8
" File parameters {{{
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
" Disable swap files
" Disable backups, we have source control for that
set nobackup
" Disable swapfiles too
set noswapfile
" Enable undo files
set undofile
" }}}
" UI and UX parameters {{{
@ -86,29 +86,8 @@ set mouse=
" Set dark mode by default
set background=dark
" Setup some overrides for gruvbox
lua << EOF
local gruvbox = require("gruvbox")
local colors = gruvbox.palette
gruvbox.setup({
overrides = {
-- Only URLs should be underlined
["@string.special.path"] = { link = "GruvboxOrange" },
-- Revert back to the better diff highlighting
DiffAdd = { fg = colors.green, bg = "NONE" },
DiffChange = { fg = colors.aqua, bg = "NONE" },
DiffDelete = { fg = colors.red, bg = "NONE" },
DiffText = { fg = colors.yellow, bg = colors.bg0 },
-- Directories "pop" better in blue
Directory = { link = "GruvboxBlueBold" },
},
italic = {
-- Comments should not be italic, for e.g: box drawing
comments = false,
},
})
EOF
" 24 bit colors
set termguicolors
" Use my preferred colorscheme
colorscheme gruvbox
" }}}

52
modules/home/vim/lua/ambroisie/lsp.lua
View file

@ -5,7 +5,7 @@ local lsp_format = require("lsp-format")
--- Move to the next/previous diagnostic, automatically showing the diagnostics
--- float if necessary.
--- @param forward bool whether to go forward or backwards
--- @param forward whether to go forward or backwards
local function goto_diagnostic(forward)
vim.validate({
forward = { forward, "boolean" },
@ -42,7 +42,7 @@ end
--- shared LSP configuration callback
--- @param client native client configuration
--- @param bufnr int? buffer number of the attached client
--- @param bufnr int? buffer number of the attched client
M.on_attach = function(client, bufnr)
-- Format on save
lsp_format.on_attach(client, bufnr)
@ -51,7 +51,8 @@ M.on_attach = function(client, bufnr)
local wk = require("which-key")
local function list_workspace_folders()
vim.print(vim.lsp.buf.list_workspace_folders())
local utils = require("ambroisie.utils")
utils.dump(vim.lsp.buf.list_workspace_folders())
end
local function cycle_diagnostics_display()
@ -87,30 +88,31 @@ M.on_attach = function(client, bufnr)
end
local keys = {
buffer = bufnr,
-- LSP navigation
{ "K", vim.lsp.buf.hover, desc = "Show symbol information" },
{ "<C-k>", vim.lsp.buf.signature_help, desc = "Show signature information" },
{ "gd", vim.lsp.buf.definition, desc = "Go to definition" },
{ "gD", vim.lsp.buf.declaration, desc = "Go to declaration" },
{ "gi", vim.lsp.buf.implementation, desc = "Go to implementation" },
{ "gr", vim.lsp.buf.references, desc = "List all references" },
-- Code
{ "<leader>c", group = "Code" },
{ "<leader>ca", vim.lsp.buf.code_action, desc = "Code actions" },
{ "<leader>cd", cycle_diagnostics_display, desc = "Cycle diagnostics display" },
{ "<leader>cD", show_buffer_diagnostics, desc = "Show buffer diagnostics" },
{ "<leader>cr", vim.lsp.buf.rename, desc = "Rename symbol" },
{ "<leader>cs", vim.lsp.buf.signature_help, desc = "Show signature" },
{ "<leader>ct", vim.lsp.buf.type_definition, desc = "Go to type definition" },
-- Workspace
{ "<leader>cw", group = "Workspace" },
{ "<leader>cwa", vim.lsp.buf.add_workspace_folder, desc = "Add folder to workspace" },
{ "<leader>cwl", list_workspace_folders, desc = "List folders in workspace" },
{ "<leader>cwr", vim.lsp.buf.remove_workspace_folder, desc = "Remove folder from workspace" },
K = { vim.lsp.buf.hover, "Show symbol information" },
["<C-k>"] = { vim.lsp.buf.signature_help, "Show signature information" },
["gd"] = { vim.lsp.buf.definition, "Go to definition" },
["gD"] = { vim.lsp.buf.declaration, "Go to declaration" },
["gi"] = { vim.lsp.buf.implementation, "Go to implementation" },
["gr"] = { vim.lsp.buf.references, "List all references" },
["<leader>c"] = {
name = "Code",
a = { vim.lsp.buf.code_action, "Code actions" },
d = { cycle_diagnostics_display, "Cycle diagnostics display" },
D = { show_buffer_diagnostics, "Show buffer diagnostics" },
r = { vim.lsp.buf.rename, "Rename symbol" },
s = { vim.lsp.buf.signature_help, "Show signature" },
t = { vim.lsp.buf.type_definition, "Go to type definition" },
w = {
name = "Workspace",
a = { vim.lsp.buf.add_workspace_folder, "Add folder to workspace" },
l = { list_workspace_folders, "List folders in workspace" },
r = { vim.lsp.buf.remove_workspace_folder, "Remove folder from workspace" },
},
},
}
wk.add(keys)
wk.register(keys, { buffer = bufnr })
end
return M

30
modules/home/vim/lua/ambroisie/utils.lua
View file

@ -1,5 +1,11 @@
local M = {}
--- pretty print lua object
--- @param obj any object to pretty print
M.dump = function(obj)
print(vim.inspect(obj))
end
--- checks if a given command is executable
--- @param cmd string? command to check
--- @return boolean executable
@ -9,7 +15,7 @@ end
--- return a function that checks if a given command is executable
--- @param cmd string? command to check
--- @return fun(): boolean executable
--- @return fun(cmd: string): boolean executable
M.is_executable_condition = function(cmd)
return function()
return M.is_executable(cmd)
@ -34,11 +40,11 @@ M.is_ssh = function()
return false
end
--- list all active LSP clients for specific buffer, or all buffers
--- list all active LSP clients for current buffer
--- @param bufnr int? buffer number
--- @return table all active LSP client names
M.list_lsp_clients = function(bufnr)
local clients = vim.lsp.get_active_clients({ bufnr = bufnr })
local clients = vim.lsp.buf_get_clients(bufnr)
local names = {}
for _, client in ipairs(clients) do
@ -48,22 +54,4 @@ M.list_lsp_clients = function(bufnr)
return names
end
--- partially apply a function with given arguments
M.partial = function(f, ...)
local a = { ... }
local a_len = select("#", ...)
return function(...)
local tmp = { ... }
local tmp_len = select("#", ...)
-- Merge arg lists
for i = 1, tmp_len do
a[a_len + i] = tmp[i]
end
return f(unpack(a, 1, a_len + tmp_len))
end
end
return M

17
modules/home/vim/plugin/numbertoggle.lua
View file

@ -7,28 +7,17 @@ local numbertoggle = vim.api.nvim_create_augroup("numbertoggle", { clear = true
vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "InsertLeave", "WinEnter" }, {
pattern = "*",
group = numbertoggle,
callback = function()
if vim.opt.number:get() then
vim.opt.relativenumber = true
end
end,
command = "if &nu | setlocal rnu | endif",
})
vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave" }, {
pattern = "*",
group = numbertoggle,
callback = function()
if vim.opt.number:get() then
vim.opt.relativenumber = false
end
end,
command = "if &nu | setlocal nornu | endif",
})
-- Never show the sign column in a terminal buffer
vim.api.nvim_create_autocmd({ "TermOpen" }, {
pattern = "*",
group = numbertoggle,
callback = function()
vim.opt.number = false
vim.opt.relativenumber = false
end,
command = "setlocal nonu nornu",
})

97
modules/home/vim/plugin/settings/git.lua
View file

@ -1,75 +1,58 @@
local gitsigns = require("gitsigns")
local utils = require("ambroisie.utils")
local wk = require("which-key")
--- Transform `f` into a function which acts on the current visual selection
local function make_visual(f)
return function()
local first = vim.fn.line("v")
local last = vim.fn.line(".")
f({ first, last })
end
end
local function nav_hunk(dir)
if vim.wo.diff then
local map = {
prev = "[c",
next = "]c",
}
vim.cmd.normal({ map[dir], bang = true })
else
gitsigns.nav_hunk(dir)
end
end
gitsigns.setup({
current_line_blame_opts = {
-- Show the blame quickly
delay = 100,
},
-- Work-around for https://github.com/lewis6991/gitsigns.nvim/issues/929
signs_staged_enable = false,
})
local keys = {
-- Navigation
{ "[c", utils.partial(nav_hunk, "prev"), desc = "Previous hunk/diff" },
{ "]c", utils.partial(nav_hunk, "next"), desc = "Next hunk/diff" },
["[c"] = { "&diff ? '[c' : '<cmd>Gitsigns prev_hunk<CR>'", "Previous hunk/diff", expr = true },
["]c"] = { "&diff ? ']c' : '<cmd>Gitsigns next_hunk<CR>'", "Next hunk/diff", expr = true },
-- Commands
{ "<leader>g", group = "Git" },
{ "<leader>gb", gitsigns.toggle_current_line_blame, desc = "Toggle blame virtual text" },
{ "<leader>gd", gitsigns.diffthis, desc = "Diff buffer" },
{ "<leader>gD", utils.partial(gitsigns.diffthis, "~"), desc = "Diff buffer against last commit" },
{ "<leader>gg", "<cmd>Git<CR>", desc = "Git status" },
{ "<leader>gh", gitsigns.toggle_deleted, desc = "Show deleted hunks" },
{ "<leader>gL", "<cmd>:sp<CR><C-w>T:Gllog --follow -- %:p<CR>", desc = "Current buffer log" },
{ "<leader>gm", "<Plug>(git-messenger)", desc = "Current line blame" },
{ "<leader>gp", gitsigns.preview_hunk, desc = "Preview hunk" },
{ "<leader>gr", gitsigns.reset_hunk, desc = "Restore hunk" },
{ "<leader>gR", gitsigns.reset_buffer, desc = "Restore buffer" },
{ "<leader>gs", gitsigns.stage_hunk, desc = "Stage hunk" },
{ "<leader>gS", gitsigns.stage_buffer, desc = "Stage buffer" },
{ "<leader>gu", gitsigns.undo_stage_hunk, desc = "Undo stage hunk" },
{ "<leader>g[", utils.partial(gitsigns.nav_hunk, "prev"), desc = "Previous hunk" },
{ "<leader>g]", utils.partial(gitsigns.nav_hunk, "next"), desc = "Next hunk" },
["<leader>g"] = {
name = "Git",
-- Actions
b = { gitsigns.toggle_current_line_blame, "Toggle blame virtual text" },
d = { gitsigns.diffthis, "Diff buffer" },
-- stylua: ignore
D = { function() gitsigns.diffthis("~") end, "Diff buffer against last commit" },
g = { "<cmd>Git<CR>", "Git status" },
h = { gitsigns.toggle_deleted, "Show deleted hunks" },
L = { "<cmd>:sp<CR><C-w>T:Gllog --follow -- %:p<CR>", "Current buffer log" },
m = { "<Plug>(git-messenger)", "Current line blame" },
p = { gitsigns.preview_hunk, "Preview hunk" },
r = { gitsigns.reset_hunk, "Restore hunk" },
R = { gitsigns.reset_buffer, "Restore buffer" },
s = { gitsigns.stage_hunk, "Stage hunk" },
S = { gitsigns.stage_buffer, "Stage buffer" },
u = { gitsigns.undo_stage_hunk, "Undo stage hunk" },
["["] = { gitsigns.prev_hunk, "Previous hunk" },
["]"] = { gitsigns.next_hunk, "Next hunk" },
},
}
local objects = {
mode = "o",
{ "ih", gitsigns.select_hunk, desc = "Git hunk" },
}
-- Visual
local visual = {
mode = { "x" },
{ "ih", gitsigns.select_hunk, desc = "Git hunk" },
{ "<leader>g", group = "Git" },
{ "<leader>gp", gitsigns.preview_hunk, desc = "Preview selection" },
{ "<leader>gr", make_visual(gitsigns.reset_hunk), desc = "Restore selection" },
{ "<leader>gs", make_visual(gitsigns.stage_hunk), desc = "Stage selection" },
{ "<leader>gu", gitsigns.undo_stage_hunk, desc = "Undo stage selection" },
["ih"] = { gitsigns.select_hunk, "Git hunk" },
}
wk.add(keys)
wk.add(objects)
wk.add(visual)
local visual = {
["ih"] = { gitsigns.select_hunk, "Git hunk" },
-- Only the actual command can make use of the visual selection...
["<leader>g"] = {
name = "Git",
p = { ":Gitsigns preview_hunk<CR>", "Preview selection" },
r = { ":Gitsigns reset_hunk<CR>", "Restore selection" },
s = { ":Gitsigns stage_hunk<CR>", "Stage selection" },
u = { ":Gitsigns undo_stage_hunk<CR>", "Undo stage selection" },
},
}
wk.register(keys, { buffer = bufnr })
wk.register(objects, { buffer = bufnr, mode = "o" })
wk.register(visual, { buffer = bufnr, mode = "x" })

53
modules/home/vim/plugin/settings/lspconfig.lua
View file

@ -29,17 +29,16 @@ if utils.is_executable("clangd") then
})
end
-- Haskell
if utils.is_executable("haskell-language-server-wrapper") then
lspconfig.hls.setup({
-- Nix
if utils.is_executable("nil") then
lspconfig.nil_ls.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
end
-- Nix
if utils.is_executable("nil") then
lspconfig.nil_ls.setup({
if utils.is_executable("rnix-lsp") then
lspconfig.rnix.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
@ -53,13 +52,6 @@ if utils.is_executable("pyright") then
})
end
if utils.is_executable("ruff") then
lspconfig.ruff.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
end
-- Rust
if utils.is_executable("rust-analyzer") then
lspconfig.rust_analyzer.setup({
@ -67,38 +59,3 @@ if utils.is_executable("rust-analyzer") then
on_attach = lsp.on_attach,
})
end
-- Shell
if utils.is_executable("bash-language-server") then
lspconfig.bashls.setup({
filetypes = { "bash", "sh", "zsh" },
capabilities = capabilities,
on_attach = lsp.on_attach,
settings = {
bashIde = {
shfmt = {
-- Simplify the code
simplifyCode = true,
-- Indent switch cases
caseIndent = true,
},
},
},
})
end
-- Starlark
if utils.is_executable("starpls") then
lspconfig.starpls.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
end
-- Generic
if utils.is_executable("typos-lsp") then
lspconfig.typos_lsp.setup({
capabilities = capabilities,
on_attach = lsp.on_attach,
})
end

2
modules/home/vim/plugin/settings/lualine.lua
View file

@ -10,7 +10,7 @@ local function list_spell_languages()
end
local function list_lsp_clients()
local client_names = utils.list_lsp_clients(0)
local client_names = utils.list_lsp_clients()
if #client_names == 0 then
return ""

94
modules/home/vim/plugin/settings/null-ls.lua
View file

@ -18,16 +18,48 @@ null_ls.register({
}),
})
-- C, C++
null_ls.register({
null_ls.builtins.formatting.clang_format.with({
-- Only used if available, but prefer clangd formatting if available
condition = function()
return utils.is_executable("clang-format") and not utils.is_executable("clangd")
end,
}),
})
-- Haskell
null_ls.register({
null_ls.builtins.formatting.brittany.with({
-- Only used if available
condition = utils.is_executable_condition("brittany"),
}),
})
-- Nix
null_ls.register({
null_ls.builtins.formatting.nixpkgs_fmt.with({
-- Only used if available
condition = utils.is_executable_condition("nixpkgs-fmt"),
-- Only used if available, but prefer rnix if available
condition = function()
return utils.is_executable("nixpkgs-fmt")
and not utils.is_executable("rnix-lsp")
and not utils.is_executable("nil")
end,
}),
})
-- Python
null_ls.register({
null_ls.builtins.diagnostics.flake8.with({
-- Only used if available, but prefer pflake8 if available
condition = function()
return utils.is_executable("flake8") and not utils.is_executable("pflake8")
end,
}),
null_ls.builtins.diagnostics.pyproject_flake8.with({
-- Only used if available
condition = utils.is_executable_condition("pflake8"),
}),
null_ls.builtins.diagnostics.mypy.with({
-- Only used if available
condition = utils.is_executable_condition("mypy"),
@ -46,3 +78,61 @@ null_ls.register({
condition = utils.is_executable_condition("isort"),
}),
})
-- Shell (non-POSIX)
null_ls.register({
null_ls.builtins.code_actions.shellcheck.with({
-- Restrict to bash and zsh
filetypes = { "bash", "zsh" },
-- Only used if available
condition = utils.is_executable_condition("shellcheck"),
}),
null_ls.builtins.diagnostics.shellcheck.with({
-- Show error code in message
diagnostics_format = "[#{c}] #{m}",
-- Require explicit empty string test, use bash dialect
extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" },
-- Restrict to bash and zsh
filetypes = { "bash", "zsh" },
-- Only used if available
condition = utils.is_executable_condition("shellcheck"),
}),
null_ls.builtins.formatting.shfmt.with({
-- Indent with 4 spaces, simplify the code, indent switch cases,
-- add space after redirection, use bash dialect
extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "bash" },
-- Restrict to bash and zsh
filetypes = { "bash", "zsh" },
-- Only used if available
condition = utils.is_executable_condition("shfmt"),
}),
})
-- Shell (POSIX)
null_ls.register({
null_ls.builtins.code_actions.shellcheck.with({
-- Restrict to POSIX sh
filetypes = { "sh" },
-- Only used if available
condition = utils.is_executable_condition("shellcheck"),
}),
null_ls.builtins.diagnostics.shellcheck.with({
-- Show error code in message
diagnostics_format = "[#{c}] #{m}",
-- Require explicit empty string test
extra_args = { "-o", "avoid-nullary-conditions" },
-- Restrict to POSIX sh
filetypes = { "sh" },
-- Only used if available
condition = utils.is_executable_condition("shellcheck"),
}),
null_ls.builtins.formatting.shfmt.with({
-- Indent with 4 spaces, simplify the code, indent switch cases,
-- add space after redirection, use POSIX
extra_args = { "-i", "4", "-s", "-ci", "-sr", "-ln", "posix" },
-- Restrict to POSIX sh
filetypes = { "sh" },
-- Only used if available
condition = utils.is_executable_condition("shfmt"),
}),
})

34
modules/home/vim/plugin/settings/oil.lua
View file

@ -1,34 +0,0 @@
local oil = require("oil")
local wk = require("which-key")
local detail = false
oil.setup({
view_options = {
-- Show files and directories that start with "." by default
show_hidden = true,
-- But never '..'
is_always_hidden = function(name, bufnr)
return name == ".."
end,
},
keymaps = {
["gd"] = {
desc = "Toggle file detail view",
callback = function()
detail = not detail
if detail then
oil.set_columns({ "icon", "permissions", "size", "mtime" })
else
oil.set_columns({ "icon" })
end
end,
},
},
})
local keys = {
{ "-", oil.open, desc = "Open parent directory" },
}
wk.add(keys)

17
modules/home/vim/plugin/settings/ssh.lua Normal file
View file

@ -0,0 +1,17 @@
if not require("ambroisie.utils").is_ssh() then
return
end
local function copy(lines, _)
require("osc52").copy(table.concat(lines, "\n"))
end
local function paste()
return { vim.fn.split(vim.fn.getreg(""), "\n"), vim.fn.getregtype("") }
end
vim.g.clipboard = {
name = "osc52",
copy = { ["+"] = copy, ["*"] = copy },
paste = { ["+"] = paste, ["*"] = paste },
}

13
modules/home/vim/plugin/settings/telescope.lua
View file

@ -1,6 +1,4 @@
local telescope = require("telescope")
local telescope_builtin = require("telescope.builtin")
local wk = require("which-key")
telescope.setup({
defaults = {
@ -24,14 +22,3 @@ telescope.setup({
telescope.load_extension("fzf")
telescope.load_extension("lsp_handlers")
local keys = {
{ "<leader>f", group = "Fuzzy finder" },
{ "<leader>fb", telescope_builtin.buffers, desc = "Open buffers" },
{ "<leader>ff", telescope_builtin.git_files, desc = "Git tracked files" },
{ "<leader>fF", telescope_builtin.find_files, desc = "Files" },
{ "<leader>fg", telescope_builtin.live_grep, desc = "Grep string" },
{ "<leader>fG", telescope_builtin.grep_string, desc = "Grep string under cursor" },
}
wk.add(keys)

41
modules/home/vim/plugin/settings/tree-sitter.lua
View file

@ -1,5 +1,4 @@
local ts_config = require("nvim-treesitter.configs")
ts_config.setup({
highlight = {
enable = true,
@ -15,16 +14,16 @@ ts_config.setup({
-- Jump to matching text objects
lookahead = true,
keymaps = {
["aa"] = { query = "@parameter.outer", desc = "a parameter" },
["ia"] = { query = "@parameter.inner", desc = "inner parameter" },
["ab"] = { query = "@block.outer", desc = "a block" },
["ib"] = { query = "@block.inner", desc = "inner block" },
["ac"] = { query = "@class.outer", desc = "a class" },
["ic"] = { query = "@class.inner", desc = "inner class" },
["af"] = { query = "@function.outer", desc = "a function" },
["if"] = { query = "@function.inner", desc = "inner function" },
["ak"] = { query = "@comment.outer", desc = "a comment" },
["aS"] = { query = "@statement.outer", desc = "a statement" },
["aa"] = "@parameter.outer",
["ia"] = "@parameter.inner",
["ab"] = "@block.outer",
["ib"] = "@block.inner",
["ac"] = "@class.outer",
["ic"] = "@class.inner",
["af"] = "@function.outer",
["if"] = "@function.inner",
["ak"] = "@comment.outer",
["aS"] = "@statement.outer",
},
},
move = {
@ -32,22 +31,22 @@ ts_config.setup({
-- Add to jump list
set_jumps = true,
goto_next_start = {
["]m"] = { query = "@function.outer", desc = "Next method start" },
["]S"] = { query = "@statement.outer", desc = "Next statement start" },
["]]"] = { query = "@class.outer", desc = "Next class start" },
["]m"] = "@function.outer",
["]S"] = "@statement.outer",
["]]"] = "@class.outer",
},
goto_next_end = {
["]M"] = { query = "@function.outer", desc = "Next method end" },
["]["] = { query = "@class.outer", desc = "Next class end" },
["]M"] = "@function.outer",
["]["] = "@class.outer",
},
goto_previous_start = {
["[m"] = { query = "@function.outer", desc = "Previous method start" },
["[S"] = { query = "@statement.outer", desc = "Previous statement start" },
["[["] = { query = "@class.outer", desc = "Previous class start" },
["[m"] = "@function.outer",
["[S"] = "@statement.outer",
["[["] = "@class.outer",
},
goto_previous_end = {
["[M"] = { query = "@function.outer", desc = "Previous method end" },
["[]"] = { query = "@class.outer", desc = "Previous class end" },
["[M"] = "@function.outer",
["[]"] = "@class.outer",
},
},
},

33
modules/home/vim/plugin/settings/which-key.lua
View file

@ -1,33 +1,2 @@
local wk = require("which-key")
wk.setup({
icons = {
-- I don't like icons
mappings = false,
breadcrumb = "»",
separator = "",
group = "+",
ellipsis = "",
keys = {
Up = "",
Down = "",
Left = "",
Right = "",
C = "<C>",
M = "<M>",
D = "<D>",
S = "<S>",
CR = "<CR>",
Esc = "<Esc> ",
NL = "<NL>",
BS = "<BS>",
Space = "<space>",
Tab = "<Tab> ",
},
},
})
local keys = {
{ "<leader><leader>", vim.cmd.nohlsearch, desc = "Clear search highlight" },
}
wk.add(keys)
wk.setup()

12
modules/home/vim/plugin/signtoggle.lua
View file

@ -4,23 +4,17 @@ local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true })
vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, {
pattern = "*",
group = signtoggle,
callback = function()
vim.opt.signcolumn = "yes"
end,
command = "setlocal signcolumn=yes",
})
vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, {
pattern = "*",
group = signtoggle,
callback = function()
vim.opt.signcolumn = "no"
end,
command = "setlocal signcolumn=yes",
})
-- Never show the sign column in a terminal buffer
vim.api.nvim_create_autocmd({ "TermOpen" }, {
pattern = "*",
group = signtoggle,
callback = function()
vim.opt.signcolumn = "no"
end,
command = "setlocal signcolumn=no",
})

2
modules/home/wget/default.nix
View file

@ -20,7 +20,7 @@ in
};
xdg.configFile."wgetrc".text = ''
hsts-file = ${config.xdg.stateHome}/wget-hsts
hsts-file = ${config.xdg.dataHome}/wget-hsts
'';
};
}

2
modules/home/wm/default.nix
View file

@ -58,7 +58,7 @@ in
service = "some-service-name";
}
];
description = "list of block configurations, merged with the defaults";
description = "list of block configurations, merged with the defauls";
};
};
};

8
modules/home/wm/i3/default.nix
View file

@ -127,10 +127,9 @@ in
{ class = "^Blueman-.*$"; }
{ title = "^htop$"; }
{ class = "^Thunderbird$"; instance = "Mailnews"; window_role = "filterlist"; }
{ class = "^pavucontrol.*$"; }
{ class = "^Pavucontrol.*$"; }
{ class = "^Arandr$"; }
{ class = "^\\.blueman-manager-wrapped$"; }
{ class = "^\\.arandr-wrapped$"; }
{ class = ".?blueman-manager.*$"; }
];
};
@ -372,7 +371,8 @@ in
};
startup = [
# NOTE: rely on systemd user services instead...
# FIXME
# { commdand; always; notification; }
];
window = {

4
modules/home/wm/screen-lock/default.nix
View file

@ -2,7 +2,7 @@
let
cfg = config.my.home.wm.screen-lock;
notificationCmd =
notficationCmd =
let
duration = toString (cfg.notify.delay * 1000);
notifyCmd = "${lib.getExe pkgs.libnotify} -u critical -t ${duration}";
@ -48,7 +48,7 @@ in
"-notify"
"${toString cfg.notify.delay}"
"-notifier"
notificationCmd
notficationCmd
];
};
};

19
modules/home/xdg/default.nix
View file

@ -11,7 +11,7 @@ in
enable = true;
# File types
mime.enable = true;
# File associations
# File associatons
mimeApps = {
enable = true;
};
@ -30,11 +30,9 @@ in
};
# A tidy home is a tidy mind
dataFile = {
"tig/.keep".text = ""; # `tig` uses `XDG_DATA_HOME` specifically...
};
stateFile = {
"bash/.keep".text = "";
"python/.keep".text = "";
"gdb/.keep".text = "";
"tig/.keep".text = "";
};
};
@ -44,16 +42,17 @@ in
ANDROID_USER_HOME = "${configHome}/android";
CARGO_HOME = "${dataHome}/cargo";
DOCKER_CONFIG = "${configHome}/docker";
GRADLE_USER_HOME = "${dataHome}/gradle";
HISTFILE = "${stateHome}/bash/history";
GDBHISTFILE = "${dataHome}/gdb/gdb_history";
HISTFILE = "${dataHome}/bash/history";
INPUTRC = "${configHome}/readline/inputrc";
PSQL_HISTORY = "${stateHome}/psql_history";
LESSHISTFILE = "${dataHome}/less/history";
LESSKEY = "${configHome}/less/lesskey";
PSQL_HISTORY = "${dataHome}/psql_history";
PYTHONPYCACHEPREFIX = "${cacheHome}/python/";
PYTHONUSERBASE = "${dataHome}/python/";
PYTHON_HISTORY = "${stateHome}/python/history";
REDISCLI_HISTFILE = "${stateHome}/redis/rediscli_history";
REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history";
REPO_CONFIG_DIR = "${configHome}/repo";
XCOMPOSECACHE = "${dataHome}/X11/xcompose";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java";
};
}

207
modules/home/zsh/default.nix
View file

@ -15,152 +15,81 @@ in
enable = my.mkDisableOption "zsh configuration";
launchTmux = mkEnableOption "auto launch tmux at shell start";
notify = {
enable = mkEnableOption "zsh-done notification";
exclude = mkOption {
type = with types; listOf str;
default = [
"delta"
"direnv reload"
"fg"
"git (?!push|pull|fetch)"
"htop"
"less"
"man"
"nvim"
"tail -f"
"tmux"
"vim"
];
example = [ "command --long-running-option" ];
description = ''
List of exclusions which should not be create a notification. Accepts
Perl regexes (implicitly anchored with `^\s*`).
'';
};
ssh = {
enable = mkEnableOption "notify through SSH/non-graphical connections";
useOsc777 = lib.my.mkDisableOption "use OSC-777 for notifications";
};
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
home.packages = with pkgs; [
zsh-completions
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
zsh-completions
];
programs.zsh = {
enable = true;
dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME
enableCompletion = true;
history = {
size = 500000;
save = 500000;
extended = true;
expireDuplicatesFirst = true;
ignoreSpace = true;
ignoreDups = true;
share = false;
path = "${config.xdg.dataHome}/zsh/zsh_history";
};
plugins = [
{
name = "fast-syntax-highlighting";
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
src = pkgs.zsh-fast-syntax-highlighting;
}
{
name = "agkozak-zsh-prompt";
file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh";
src = pkgs.agkozak-zsh-prompt;
}
];
programs.zsh = {
enable = true;
dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME
enableCompletion = true;
# Modal editing is life, but CLI benefits from emacs gymnastics
defaultKeymap = "emacs";
history = {
size = 500000;
save = 500000;
extended = true;
expireDuplicatesFirst = true;
ignoreSpace = true;
ignoreDups = true;
share = false;
path = "${config.xdg.stateHome}/zsh/zsh_history";
};
plugins = [
{
name = "fast-syntax-highlighting";
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
src = pkgs.zsh-fast-syntax-highlighting;
}
{
name = "agkozak-zsh-prompt";
file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh";
src = pkgs.agkozak-zsh-prompt;
}
];
# Modal editing is life, but CLI benefits from emacs gymnastics
defaultKeymap = "emacs";
# Make those happen early to avoid doing double the work
initExtraFirst = lib.mkBefore ''
${
lib.optionalString cfg.launchTmux ''
# Launch tmux unless already inside one
if [ -z "$TMUX" ]; then
exec tmux new-session
fi
''
}
'';
initExtra = lib.mkAfter ''
source ${./completion-styles.zsh}
source ${./extra-mappings.zsh}
source ${./options.zsh}
# Source local configuration
if [ -f "$ZDOTDIR/zshrc.local" ]; then
source "$ZDOTDIR/zshrc.local"
fi
'';
localVariables = {
# I like having the full path
AGKOZAK_PROMPT_DIRTRIM = 0;
# Because I *am* from EPITA
AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ];
# Easy on the eyes
AGKOZAK_COLORS_BRANCH_STATUS = "magenta";
# I don't like moving my eyes
AGKOZAK_LEFT_PROMPT_ONLY = 1;
};
# Enable VTE integration
enableVteIntegration = true;
};
}
(lib.mkIf cfg.notify.enable {
programs.zsh = {
plugins = [
{
name = "zsh-done";
file = "share/zsh/site-functions/done.plugin.zsh";
src = pkgs.ambroisie.zsh-done;
}
];
# `localVariables` values don't get merged correctly due to their type,
# don't use `mkIf`
localVariables = {
DONE_EXCLUDE =
let
joined = lib.concatMapStringsSep "|" (c: "(${c})") cfg.notify.exclude;
in
''^\s*(${joined})'';
# Make those happen early to avoid doing double the work
initExtraFirst = ''
${
lib.optionalString cfg.launchTmux ''
# Launch tmux unless already inside one
if [ -z "$TMUX" ]; then
exec tmux new-session
fi
''
}
# Enable `zsh-done` through SSH, if configured
// lib.optionalAttrs cfg.notify.ssh.enable {
DONE_ALLOW_NONGRAPHICAL = 1;
};
'';
# Use OSC-777 to send the notification through SSH
initExtra = lib.mkIf cfg.notify.ssh.useOsc777 ''
done_send_notification() {
local exit_status="$1"
local title="$2"
local message="$3"
initExtra = ''
source ${./completion-styles.zsh}
source ${./extra-mappings.zsh}
source ${./options.zsh}
${lib.getExe pkgs.ambroisie.osc777} "$title" "$message"
}
'';
# Source local configuration
if [ -f "$ZDOTDIR/zshrc.local" ]; then
source "$ZDOTDIR/zshrc.local"
fi
'';
localVariables = {
# I like having the full path
AGKOZAK_PROMPT_DIRTRIM = 0;
# Because I *am* from EPITA
AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ];
# Easy on the eyes
AGKOZAK_COLORS_BRANCH_STATUS = "magenta";
# I don't like moving my eyes
AGKOZAK_LEFT_PROMPT_ONLY = 1;
};
})
]);
# Enable VTE integration
enableVteIntegration = true;
};
};
}

2
modules/home/zsh/options.zsh
View file

@ -12,7 +12,7 @@ setopt rc_quotes
setopt auto_resume
# Show history expansion before running a command
setopt hist_verify
# Append commands to history as they are executed
# Append commands to history as they are exectuted
setopt inc_append_history_time
# Remove useless whitespace from commands
setopt hist_reduce_blanks

18
modules/nixos/hardware/bluetooth/default.nix
View file

@ -24,6 +24,24 @@ in
extraModules = [ pkgs.pulseaudio-modules-bt ];
package = pkgs.pulseaudioFull;
};
environment.etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
bluez_monitor.properties = {
-- SBC XQ provides better audio
["bluez5.enable-sbc-xq"] = true,
-- mSBC provides better audio + microphone
["bluez5.enable-msbc"] = true,
-- Synchronize volume with bluetooth device
["bluez5.enable-hw-volume"] = true,
-- FIXME: Some devices may now support both hsp_ag and hfp_ag
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
}
'';
};
})
# Support for A2DP audio profile

33
modules/nixos/hardware/graphics/default.nix
View file

@ -26,30 +26,28 @@ in
config = lib.mkIf cfg.enable (lib.mkMerge [
{
hardware.graphics = {
hardware.opengl = {
enable = true;
};
}
# AMD GPU
(lib.mkIf (cfg.gpuFlavor == "amd") {
hardware.amdgpu = {
initrd.enable = cfg.amd.enableKernelModule;
# Vulkan
amdvlk = lib.mkIf cfg.amd.amdvlk {
enable = true;
support32Bit = {
enable = true;
};
};
};
boot.initrd.kernelModules = lib.mkIf cfg.amd.enableKernelModule [ "amdgpu" ];
hardware.graphics = {
hardware.opengl = {
extraPackages = with pkgs; [
# OpenCL
rocmPackages.clr
rocmPackages.clr.icd
];
]
++ lib.optional cfg.amd.amdvlk amdvlk
;
extraPackages32 = with pkgs; [
]
++ lib.optional cfg.amd.amdvlk driversi686Linux.amdvlk
;
};
})
@ -61,7 +59,7 @@ in
VDPAU_DRIVER = "va_gl";
};
hardware.graphics = {
hardware.opengl = {
extraPackages = with pkgs; [
# Open CL
intel-compute-runtime
@ -71,13 +69,6 @@ in
intel-vaapi-driver
libvdpau-va-gl
];
extraPackages32 = with pkgs.driversi686Linux; [
# VA API
intel-media-driver
intel-vaapi-driver
libvdpau-va-gl
];
};
})
]);

3
modules/nixos/hardware/sound/default.nix
View file

@ -54,6 +54,9 @@ in
# Pulseaudio setup
(lib.mkIf cfg.pulse.enable {
# ALSA
sound.enable = true;
hardware.pulseaudio.enable = true;
})
]);

2
modules/nixos/hardware/trackball/default.nix
View file

@ -11,7 +11,7 @@ in
config = lib.mkIf cfg.enable {
services.xserver = {
# This section must be *after* the one configured by `libinput`
# for the `ScrollMethod` configuration to not be overridden
# for the `ScrollMethod` configuration to not be overriden
inputClassSections = lib.mkAfter [
# MX Ergo
''

2
modules/nixos/profiles/default.nix
View file

@ -1,4 +1,4 @@
# Configuration that spans across system and home, or are almagations of modules
# Configuration that spans accross system and home, or are almagations of modules
{ ... }:
{
imports = [

2
modules/nixos/profiles/laptop/default.nix
View file

@ -9,7 +9,7 @@ in
config = lib.mkIf cfg.enable {
# Enable touchpad support
services.libinput.enable = true;
services.xserver.libinput.enable = true;
# Enable TLP power management
my.services.tlp.enable = true;

4
modules/nixos/services/aria/default.nix
View file

@ -65,7 +65,9 @@ in
aria-rpc = {
port = cfg.rpcPort;
# Proxy websockets for RPC
websocketsLocations = [ "/" ];
extraConfig = {
locations."/".proxyWebsockets = true;
};
};
};

53
modules/nixos/services/audiobookshelf/default.nix
View file

@ -1,53 +0,0 @@
# Audiobook and podcast library
{ config, lib, ... }:
let
cfg = config.my.services.audiobookshelf;
in
{
options.my.services.audiobookshelf = with lib; {
enable = mkEnableOption "Audiobookshelf, a self-hosted podcast manager";
port = mkOption {
type = types.port;
default = 8000;
example = 4242;
description = "The port on which Audiobookshelf will listen for incoming HTTP traffic.";
};
};
config = lib.mkIf cfg.enable {
services.audiobookshelf = {
enable = true;
inherit (cfg) port;
group = "media";
};
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = {
audiobookshelf = {
inherit (cfg) port;
# Proxy websockets for RPC
websocketsLocations = [ "/" ];
};
};
services.fail2ban.jails = {
audiobookshelf = ''
enabled = true
filter = audiobookshelf
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/audiobookshelf.conf".text = ''
[Definition]
failregex = ^.*ERROR: \[Auth\] Failed login attempt for username ".*" from ip <ADDR>
journalmatch = _SYSTEMD_UNIT=audiobookshelf.service
'';
};
};
}

10
modules/nixos/services/backup/default.nix
View file

@ -89,16 +89,6 @@ in
};
config = lib.mkIf cfg.enable {
# Essential files which should always be backed up
my.services.backup.paths = lib.flatten [
# Should be unique to a given host, used by some software (e.g: ZFS)
"/etc/machine-id"
# Contains the UID/GID map, and other useful state
"/var/lib/nixos"
# SSH host keys (and public keys for convenience)
(builtins.map (key: [ key.path "${key.path}.pub" ]) config.services.openssh.hostKeys)
];
services.restic.backups.backblaze = {
# Take care of included and excluded files
paths = cfg.paths;

2
modules/nixos/services/blog/default.nix
View file

@ -35,7 +35,7 @@ in
useACMEHost = domain;
default = true;
locations."/".return = "302 https://${domain}$request_uri";
locations."/".return = "302 https://belanyi.fr$request_uri";
};
};

7
modules/nixos/services/default.nix
View file

@ -4,22 +4,18 @@
imports = [
./adblock
./aria
./audiobookshelf
./backup
./blog
./calibre-web
./drone
./fail2ban
./flood
./forgejo
./gitea
./grocy
./indexers
./jellyfin
./komga
./lohr
./matrix
./mealie
./miniflux
./monitoring
./navidrome
@ -27,7 +23,7 @@
./nginx
./nix-cache
./paperless
./pdf-edit
./pirate
./podgrab
./postgresql
./postgresql-backup
@ -35,7 +31,6 @@
./quassel
./rss-bridge
./sabnzbd
./servarr
./ssh-server
./tandoor-recipes
./tlp

28
modules/nixos/services/flood/default.nix
View file

@ -1,5 +1,5 @@
# A nice UI for various torrent clients
{ config, lib, ... }:
{ config, lib, pkgs, ... }:
let
cfg = config.my.services.flood;
in
@ -13,13 +13,31 @@ in
example = 3000;
description = "Internal port for Flood UI";
};
stateDir = mkOption {
type = types.str;
default = "flood";
example = "floodUI";
description = "Directory under `/var/run` for storing Flood's files";
};
};
config = lib.mkIf cfg.enable {
services.flood = {
enable = true;
systemd.services.flood = {
description = "Flood torrent UI";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
inherit (cfg) port;
serviceConfig = {
ExecStart = lib.concatStringsSep " " [
(lib.getExe pkgs.flood)
"--port ${builtins.toString cfg.port}"
"--rundir /var/lib/${cfg.stateDir}"
];
DynamicUser = true;
StateDirectory = cfg.stateDir;
ReadWritePaths = "";
};
};
my.services.nginx.virtualHosts = {
@ -27,7 +45,5 @@ in
inherit (cfg) port;
};
};
# NOTE: unfortunately flood does not log connection failures for fail2ban
};
}

166
modules/nixos/services/forgejo/default.nix
View file

@ -1,166 +0,0 @@
# A low-resource, full-featured git forge.
{ config, lib, ... }:
let
cfg = config.my.services.forgejo;
in
{
options.my.services.forgejo = with lib; {
enable = mkEnableOption "Forgejo";
port = mkOption {
type = types.port;
default = 3042;
example = 8080;
description = "Internal port";
};
mail = {
enable = mkEnableOption {
description = "mailer configuration";
};
host = mkOption {
type = types.str;
example = "smtp.example.com";
description = "Host for the mail account";
};
port = mkOption {
type = types.port;
default = 465;
example = 587;
description = "Port for the mail account";
};
user = mkOption {
type = types.str;
example = "forgejo@example.com";
description = "User for the mail account";
};
passwordFile = mkOption {
type = types.str;
example = "/run/secrets/forgejo-mail-password.txt";
description = "Password for the mail account";
};
protocol = mkOption {
type = types.str;
default = "smtps";
example = "smtp";
description = "Protocol for connection";
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = cfg.enable -> !config.my.services.gitea.enable;
message = ''
`config.my.services.forgejo` is incompatible with
`config.my.services.gitea`.
'';
}
];
services.forgejo =
let
inherit (config.networking) domain;
forgejoDomain = "git.${domain}";
in
{
enable = true;
user = "git";
group = "git";
lfs.enable = true;
useWizard = false;
database = {
type = "postgres"; # Automatic setup
user = "git"; # User needs to be the same as forgejo user
name = "git"; # Name must be the same as user for `ensureDBOwnership`
};
# NixOS module uses `forgejo dump` to backup repositories and the database,
# but it produces a single .zip file that's not very backup friendly.
# I configure my backup system manually below.
dump.enable = false;
secrets = {
mailer = lib.mkIf cfg.mail.enable {
PASSWD = cfg.mail.passwordFile;
};
};
settings = {
DEFAULT = {
APP_NAME = "Ambroisie's forge";
};
server = {
HTTP_PORT = cfg.port;
DOMAIN = forgejoDomain;
ROOT_URL = "https://${forgejoDomain}";
};
mailer = lib.mkIf cfg.mail.enable {
ENABLED = true;
SMTP_ADDR = cfg.mail.host;
SMTP_PORT = cfg.mail.port;
FROM = "Forgejo <${cfg.mail.user}>";
USER = cfg.mail.user;
PROTOCOL = cfg.mail.protocol;
};
service = {
DISABLE_REGISTRATION = true;
};
session = {
# only send cookies via HTTPS
COOKIE_SECURE = true;
};
};
};
users.users.git = {
description = "Forgejo Service";
home = config.services.forgejo.stateDir;
useDefaultShell = true;
group = "git";
isSystemUser = true;
};
users.groups.git = { };
my.services.nginx.virtualHosts = {
# Proxy to Forgejo
git = {
inherit (cfg) port;
};
# Redirect `forgejo.` to actual forge subdomain
forgejo = {
redirect = config.services.forgejo.settings.server.ROOT_URL;
};
};
my.services.backup = {
paths = [
config.services.forgejo.lfs.contentDir
config.services.forgejo.repositoryRoot
];
};
services.fail2ban.jails = {
forgejo = ''
enabled = true
filter = forgejo
action = iptables-allports
'';
};
environment.etc = {
"fail2ban/filter.d/forgejo.conf".text = ''
[Definition]
failregex = ^.*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>$
journalmatch = _SYSTEMD_UNIT=forgejo.service
'';
};
};
}

37
modules/nixos/services/gitea/default.nix
View file

@ -1,4 +1,4 @@
# A low-resource, full-featured git forge.
# A low-ressource, full-featured git forge.
{ config, lib, ... }:
let
cfg = config.my.services.gitea;
@ -18,15 +18,9 @@ in
};
host = mkOption {
type = types.str;
example = "smtp.example.com";
example = "smtp.example.com:465";
description = "Host for the mail account";
};
port = mkOption {
type = types.port;
default = 465;
example = 587;
description = "Port for the mail account";
};
user = mkOption {
type = types.str;
example = "gitea@example.com";
@ -37,11 +31,17 @@ in
example = "/run/secrets/gitea-mail-password.txt";
description = "Password for the mail account";
};
protocol = mkOption {
type = mkOption {
type = types.str;
default = "smtps";
default = "smtp";
example = "smtp";
description = "Protocol for connection";
description = "Password for the mail account";
};
tls = mkOption {
type = types.bool;
default = true;
example = false;
description = "Use TLS for connection";
};
};
};
@ -58,8 +58,6 @@ in
appName = "Ambroisie's forge";
user = "git";
group = "git";
lfs.enable = true;
useWizard = false;
@ -86,11 +84,11 @@ in
mailer = lib.mkIf cfg.mail.enable {
ENABLED = true;
SMTP_ADDR = cfg.mail.host;
SMTP_PORT = cfg.mail.port;
FROM = "Gitea <${cfg.mail.user}>";
HOST = cfg.mail.host;
FROM = cfg.mail.user;
USER = cfg.mail.user;
PROTOCOL = cfg.mail.protocol;
MAILER_TYPE = cfg.mail.type;
IS_TLS_ENABLED = cfg.mail.tls;
};
service = {
@ -109,6 +107,11 @@ in
home = config.services.gitea.stateDir;
useDefaultShell = true;
group = "git";
# The service for gitea seems to hardcode the group as
# gitea, so, uh, just in case?
extraGroups = [ "gitea" ];
isSystemUser = true;
};
users.groups.git = { };

2
modules/nixos/services/grocy/default.nix
View file

@ -36,7 +36,5 @@ in
forceSSL = true;
useACMEHost = config.networking.domain;
};
# NOTE: unfortunately grocy does not log connection failures for fail2ban
};
}

22
modules/nixos/services/jellyfin/default.nix
View file

@ -27,31 +27,19 @@ in
my.services.nginx.virtualHosts = {
jellyfin = {
port = 8096;
websocketsLocations = [ "/socket" ];
extraConfig = {
locations."/" = {
extraConfig = ''
proxy_buffering off;
'';
};
# Too bad for the repetition...
locations."/socket" = {
proxyPass = "http://127.0.0.1:8096/";
proxyWebsockets = true;
};
};
};
};
services.fail2ban.jails = {
jellyfin = ''
enabled = true
filter = jellyfin
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/jellyfin.conf".text = ''
[Definition]
failregex = ^.*Authentication request for .* has been denied \(IP: "?<ADDR>"?\)\.
journalmatch = _SYSTEMD_UNIT=jellyfin.service
'';
};
};
}

55
modules/nixos/services/komga/default.nix
View file

@ -1,55 +0,0 @@
# A Comics/Manga media server
{ config, lib, ... }:
let
cfg = config.my.services.komga;
in
{
options.my.services.komga = with lib; {
enable = mkEnableOption "Komga comics server";
port = mkOption {
type = types.port;
default = 4584;
example = 8080;
description = "Internal port for webui";
};
};
config = lib.mkIf cfg.enable {
services.komga = {
enable = true;
inherit (cfg) port;
group = "media";
};
systemd.services.komga.environment = {
LOGGING_LEVEL_ORG_GOTSON_KOMGA = "DEBUG"; # Needed for fail2ban
};
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = {
komga = {
inherit (cfg) port;
};
};
services.fail2ban.jails = {
komga = ''
enabled = true
filter = komga
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/komga.conf".text = ''
[Definition]
failregex = ^.* ip=<HOST>,.*Bad credentials.*$
journalmatch = _SYSTEMD_UNIT=komga.service
'';
};
};
}

34
modules/nixos/services/lohr/default.nix
View file

@ -59,6 +59,21 @@ in
"LOHR_HOME=${lohrHome}"
"LOHR_CONFIG="
];
ExecStartPre = lib.mkIf (cfg.sshKeyFile != null) ''+${
pkgs.writeScript "copy-ssh-key" ''
#!${pkgs.bash}/bin/bash
# Ensure the key is not there
mkdir -p '${lohrHome}/.ssh'
rm -f '${lohrHome}/.ssh/id_ed25519'
# Move the key into place
cp ${cfg.sshKeyFile} '${lohrHome}/.ssh/id_ed25519'
# Fix permissions
chown -R lohr:lohr '${lohrHome}/.ssh'
chmod -R 0700 '${lohrHome}/.ssh'
''
}'';
ExecStart =
let
configFile = settingsFormat.generate "lohr-config.yaml" cfg.setting;
@ -88,24 +103,5 @@ in
inherit (cfg) port;
};
};
# SSH key provisioning
systemd.tmpfiles.settings."10-lohr" = lib.mkIf (cfg.sshKeyFile != null) {
"${lohrHome}/.ssh" = {
d = {
user = "lohr";
group = "lohr";
mode = "0700";
};
};
"${lohrHome}/.ssh/id_ed25519" = {
"L+" = {
user = "lohr";
group = "lohr";
mode = "0700";
argument = cfg.sshKeyFile;
};
};
};
};
}

39
modules/nixos/services/matrix/default.nix
View file

@ -26,6 +26,21 @@ in
description = "Shared secret to register users";
};
slidingSync = {
port = mkOption {
type = types.port;
default = 8009;
example = 8084;
description = "Port used by sliding sync server";
};
secretFile = mkOption {
type = types.str;
example = "/var/lib/matrix/sliding-sync-secret-file.env";
description = "Secret file which contains SYNCV3_SECRET definition";
};
};
mailConfigFile = mkOption {
type = types.str;
example = "/var/lib/matrix/email-config.yaml";
@ -91,6 +106,17 @@ in
] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
};
services.matrix-sliding-sync = {
enable = true;
settings = {
SYNCV3_SERVER = "https://${matrixDomain}";
SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}";
};
environmentFile = cfg.slidingSync.secretFile;
};
my.services.nginx.virtualHosts = {
# Element Web app deployment
chat = {
@ -104,6 +130,9 @@ in
"m.identity_server" = {
"base_url" = "https://vector.im";
};
"org.matrix.msc3575.proxy" = {
"url" = "https://matrix-sync.${domain}";
};
};
showLabsSettings = true;
defaultCountryCode = "FR"; # cocorico
@ -123,6 +152,10 @@ in
matrix-client = {
port = clientPort.private;
};
# Sliding sync
matrix-sync = {
inherit (cfg.slidingSync) port;
};
};
# Those are too complicated to use my wrapper...
@ -145,6 +178,11 @@ in
"/_matrix" = proxyToClientPort;
"/_synapse/client" = proxyToClientPort;
# Sliding sync
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://${config.services.matrix-sliding-sync.settings.SYNCV3_BINDADDR}";
};
};
listen = [
@ -190,6 +228,7 @@ in
client = {
"m.homeserver" = { "base_url" = "https://${matrixDomain}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; };
"org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; };
};
# ACAO required to allow element-web on any URL to request this json file
in

91
modules/nixos/services/mealie/default.nix
View file

@ -1,91 +0,0 @@
{ config, lib, ... }:
let
cfg = config.my.services.mealie;
in
{
options.my.services.mealie = with lib; {
enable = mkEnableOption "Mealie service";
port = mkOption {
type = types.port;
default = 4537;
example = 8080;
description = "Internal port for webui";
};
credentialsFile = mkOption {
type = types.str;
example = "/var/lib/mealie/credentials.env";
description = ''
Configuration file for secrets.
'';
};
};
config = lib.mkIf cfg.enable {
services.mealie = {
enable = true;
inherit (cfg) port credentialsFile;
settings = {
# Basic settings
BASE_URL = "https://mealie.${config.networking.domain}";
TZ = config.time.timeZone;
ALLOw_SIGNUP = "false";
# Use PostgreSQL
DB_ENGINE = "postgres";
# Make it work with socket auth
POSTGRES_URL_OVERRIDE = "postgresql://mealie:@/mealie?host=/run/postgresql";
};
};
systemd.services = {
mealie = {
after = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
};
};
# Set-up database
services.postgresql = {
enable = true;
ensureDatabases = [ "mealie" ];
ensureUsers = [
{
name = "mealie";
ensureDBOwnership = true;
}
];
};
my.services.nginx.virtualHosts = {
mealie = {
inherit (cfg) port;
extraConfig = {
# Allow bulk upload of recipes for import/export
locations."/".extraConfig = ''
client_max_body_size 0;
'';
};
};
};
services.fail2ban.jails = {
mealie = ''
enabled = true
filter = mealie
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/mealie.conf".text = ''
[Definition]
failregex = ^.*ERROR.*Incorrect username or password from <HOST>
journalmatch = _SYSTEMD_UNIT=mealie.service
'';
};
};
}

16
modules/nixos/services/miniflux/default.nix
View file

@ -48,21 +48,5 @@ in
inherit (cfg) port;
};
};
services.fail2ban.jails = {
miniflux = ''
enabled = true
filter = miniflux
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/miniflux.conf".text = ''
[Definition]
failregex = ^.*msg="[^"]*(Incorrect|Invalid) username or password[^"]*".*client_ip=<ADDR>
journalmatch = _SYSTEMD_UNIT=miniflux.service
'';
};
};
}

16
modules/nixos/services/navidrome/default.nix
View file

@ -52,21 +52,5 @@ in
inherit (cfg) port;
};
};
services.fail2ban.jails = {
navidrome = ''
enabled = true
filter = navidrome
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/navidrome.conf".text = ''
[Definition]
failregex = ^.*msg="Unsuccessful login".*X-Real-Ip:\[<HOST>\]
journalmatch = _SYSTEMD_UNIT=navidrome.service
'';
};
};
}

50
modules/nixos/services/nextcloud/collabora.nix
View file

@ -1,50 +0,0 @@
# Document editor with Nextcloud
{ config, lib, ... }:
let
cfg = config.my.services.nextcloud.collabora;
in
{
options.my.services.nextcloud.collabora = with lib; {
enable = mkEnableOption "Collabora integration";
port = mkOption {
type = types.port;
default = 9980;
example = 8080;
description = "Internal port for API";
};
};
config = lib.mkIf cfg.enable {
services.collabora-online = {
enable = true;
inherit (cfg) port;
aliasGroups = [
{
host = "https://collabora.${config.networking.domain}";
# Allow using from nextcloud
aliases = [ "https://${config.services.nextcloud.hostName}" ];
}
];
settings = {
# Rely on reverse proxy for SSL
ssl = {
enable = false;
termination = true;
};
};
};
my.services.nginx.virtualHosts = {
collabora = {
inherit (cfg) port;
websocketsLocations = [
"~ ^/cool/(.*)/ws$"
"^~ /cool/adminws"
];
};
};
};
}

26
modules/nixos/services/nextcloud/default.nix
View file

@ -4,10 +4,6 @@ let
cfg = config.my.services.nextcloud;
in
{
imports = [
./collabora.nix
];
options.my.services.nextcloud = with lib; {
enable = mkEnableOption "Nextcloud";
maxSize = mkOption {
@ -35,7 +31,7 @@ in
config = lib.mkIf cfg.enable {
services.nextcloud = {
enable = true;
package = pkgs.nextcloud30;
package = pkgs.nextcloud28;
hostName = "nextcloud.${config.networking.domain}";
home = "/var/lib/nextcloud";
maxUploadSize = cfg.maxSize;
@ -91,25 +87,5 @@ in
"${config.services.nextcloud.home}/data/appdata_*/preview"
];
};
services.fail2ban.jails = {
nextcloud = ''
enabled = true
filter = nextcloud
port = http,https
'';
};
environment.etc = {
"fail2ban/filter.d/nextcloud.conf".text = ''
[Definition]
_groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
'';
};
};
}

Some files were not shown because too many files have changed in this diff Show more