ellmau/nixos
1
0
Fork 0
mirror of https://github.com/ellmau/nixos.git synced 2025-12-19 09:29:36 +01:00
Code Issues Projects Releases Wiki Activity

Format with alejandra style

Browse Source
This commit is contained in:
Stefan Ellmauthaler 2022-08-22 11:00:00 +02:00
parent 6b41b87f67
commit d44a40605f
Failed to extract signature
62 changed files with 1553 additions and 1291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
common/users.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
config = { config = {
elss = { elss = {

16
common/wireguard.nix
View File

@ -1,13 +1,17 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
config.elss.wireguard = { config.elss.wireguard = {
interfaces = { interfaces = {
stelnet = { stelnet = {
servers = { servers = {
metis = { metis = {
localIp = "1"; localIp = "1";
extraIps = [ "1" "2" "142" ]; extraIps = ["1" "2" "142"];
publicKey = "wP49t1TYXI3ucsYb8RavNGwIf+8nx5UBgDU0PM9VlnI="; publicKey = "wP49t1TYXI3ucsYb8RavNGwIf+8nx5UBgDU0PM9VlnI=";
endpoint = "metis.ellmauthaler.net:51820"; #TODO endpoint = "metis.ellmauthaler.net:51820"; #TODO
}; };
@ -32,10 +36,10 @@ with lib; {
}; };
prefixes = { prefixes = {
ipv4 = [ "192.168.244" ]; ipv4 = ["192.168.244"];
ipv6 = { ipv6 = {
ula = [ "fdaa:3313:9dfa:dfa3" ]; # TODO ula = ["fdaa:3313:9dfa:dfa3"]; # TODO
gua = [ ]; gua = [];
}; };
serial = "2022073100"; serial = "2022073100";
}; };

122
default.nix
View File

@ -1,57 +1,75 @@
{ flakes, flakeOutputs, ...}: {
let flakes,
mkMachine = args: flakeOutputs,
let ...
name = if builtins.isString args then args else args.name; }: let
system = if args ? system then args.system else "x86_64-linux"; mkMachine = args: let
extraModules = if args ? extraModules then args.extraModules else [ ]; name =
extraOverlays = if args ? extraOverlays then args.extraOverlays else [ if builtins.isString args
then args
else args.name;
system =
if args ? system
then args.system
else "x86_64-linux";
extraModules =
if args ? extraModules
then args.extraModules
else [];
extraOverlays =
if args ? extraOverlays
then args.extraOverlays
else [
overlay-unstable overlay-unstable
# overlay-comma # overlay-comma
]; ];
pkgs = flakes.nixpkgs; pkgs = flakes.nixpkgs;
configuration = if args ? configuration then args.configuration else import ./baseconfiguration.nix {inherit extraOverlays system pkgs name flakes flakeOutputs;} ; configuration =
overlay-unstable = final: prev: { if args ? configuration
unstable = import flakes.nixpkgs-unstable { then args.configuration
system = "${system}"; else import ./baseconfiguration.nix {inherit extraOverlays system pkgs name flakes flakeOutputs;};
config.allowUnfree=true; overlay-unstable = final: prev: {
}; unstable = import flakes.nixpkgs-unstable {
}; system = "${system}";
config.allowUnfree = true;
# overlay-comma = final: prev: {
# comma = flakes.comma.packages."${system}";
# };
in
{
inherit name;
value = pkgs.lib.nixosSystem {
inherit system;
modules = [
configuration
{ nix = {
package = pkgs.legacyPackages.${system}.nixUnstable;
nixPath= [ "nixpkgs=${pkgs}" ];
registry.nixpkgs.flake = pkgs;
registry.nixpkgs-unstable.flake = flakes.nixpkgs-unstable;
}
;}
] ++ extraModules
++ flakes.nixpkgs.lib.mapAttrsToList (_: module: module)
flakeOutputs.nixosModules;
};
}; };
};
# overlay-comma = final: prev: {
# comma = flakes.comma.packages."${system}";
# };
in {
inherit name;
value = pkgs.lib.nixosSystem {
inherit system;
modules =
[
configuration
{
nix = {
package = pkgs.legacyPackages.${system}.nixUnstable;
nixPath = ["nixpkgs=${pkgs}"];
registry.nixpkgs.flake = pkgs;
registry.nixpkgs-unstable.flake = flakes.nixpkgs-unstable;
};
}
]
++ extraModules
++ flakes.nixpkgs.lib.mapAttrsToList (_: module: module)
flakeOutputs.nixosModules;
};
};
in in
flakes.nixpkgs.lib.listToAttrs (map mkMachine [ flakes.nixpkgs.lib.listToAttrs (map mkMachine [
{ {
name = "stel-xps"; name = "stel-xps";
extraModules = [ flakes.nixos-hardware.nixosModules.dell-xps-13-7390 flakes.home-manager.nixosModules.home-manager ]; extraModules = [flakes.nixos-hardware.nixosModules.dell-xps-13-7390 flakes.home-manager.nixosModules.home-manager];
} }
{ {
name = "nucturne"; name = "nucturne";
extraModules = [ flakes.home-manager.nixosModules.home-manager ]; extraModules = [flakes.home-manager.nixosModules.home-manager];
} }
{ {
name = "ellmauthaler"; name = "ellmauthaler";
extraModules = [ flakes.home-manager.nixosModules.home-manager flakes.simple-nixos-mailserver.nixosModule flakes.sops-nix.nixosModules.sops ]; extraModules = [flakes.home-manager.nixosModules.home-manager flakes.simple-nixos-mailserver.nixosModule flakes.sops-nix.nixosModules.sops];
} }
]) ])

91
flake.nix
View File

@ -2,7 +2,6 @@
description = "Flake to define configurations of 'elss' - ellmauthaler stefan's systems"; description = "Flake to define configurations of 'elss' - ellmauthaler stefan's systems";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
@ -59,30 +58,36 @@
}; };
}; };
outputs = { self, nixpkgs, flake-utils-plus, ... }@inputs: outputs = {
let self,
extended-lib = nixpkgs.lib.extend nixpkgs,
(final: prev: { flake-utils-plus,
elss = (import ./lib { lib = final; }) prev; ...
}); } @ inputs: let
inherit (extended-lib.elss) discoverModules moduleNames discoverMachines withModules discoverTemplates; extended-lib =
in nixpkgs.lib.extend
flake-utils-plus.lib.mkFlake rec{ (final: prev: {
elss = (import ./lib {lib = final;}) prev;
});
inherit (extended-lib.elss) discoverModules moduleNames discoverMachines withModules discoverTemplates;
in
flake-utils-plus.lib.mkFlake rec {
inherit self inputs; inherit self inputs;
supportedSystems = [ "x86_64-linux" ]; supportedSystems = ["x86_64-linux"];
lib = extended-lib; lib = extended-lib;
channelsConfig = { channelsConfig = {
allowUnfreePredicate = pkg: builtins.elem (extended-lib.getName pkg) [ allowUnfreePredicate = pkg:
"slack" builtins.elem (extended-lib.getName pkg) [
"steam" "slack"
"steam-original" "steam"
"steam-runtime" "steam-original"
"skypeforlinux" "steam-runtime"
"teams" "skypeforlinux"
"zoom" "teams"
]; "zoom"
];
}; };
channels.nixpkgs.overlaysBuilder = channels: [ channels.nixpkgs.overlaysBuilder = channels: [
@ -97,39 +102,46 @@
hostDefaults = { hostDefaults = {
system = "x86_64-linux"; system = "x86_64-linux";
channelName = "nixpkgs"; channelName = "nixpkgs";
modules = [ modules =
inputs.home-manager.nixosModules.home-manager [
inputs.sops-nix.nixosModules.sops inputs.home-manager.nixosModules.home-manager
inputs.dwarffs.nixosModules.dwarffs inputs.sops-nix.nixosModules.sops
inputs.simple-nixos-mailserver.nixosModules.mailserver inputs.dwarffs.nixosModules.dwarffs
./common/wireguard.nix inputs.simple-nixos-mailserver.nixosModules.mailserver
] ++ (map (name: ./modules + "/${name}") (moduleNames ./modules)); ./common/wireguard.nix
]
++ (map (name: ./modules + "/${name}") (moduleNames ./modules));
specialArgs = { specialArgs = {
nixos-hardware = inputs.nixos-hardware.nixosModules; nixos-hardware = inputs.nixos-hardware.nixosModules;
inherit inputs; inherit inputs;
}; };
extraArgs = { extraArgs = {
homeConfigurations = withModules ./users homeConfigurations =
withModules ./users
( (
{ name, path }: {
name,
path,
}:
#import (./users + "/${name}") #import (./users + "/${name}")
import path import path
); );
}; };
}; };
hosts = discoverMachines ./machines hosts =
discoverMachines ./machines
{ {
specialArgs = { lib = extended-lib; }; specialArgs = {lib = extended-lib;};
}; };
nixosModules = discoverModules ./modules; nixosModules = discoverModules ./modules;
homeConfigurations = withModules ./users homeConfigurations =
(name: withModules ./users
let (name: let
username = extended-lib.removeSuffix ".nix" name; username = extended-lib.removeSuffix ".nix" name;
in in
inputs.home-manager.lib.homeManagerConfiguration { inputs.home-manager.lib.homeManagerConfiguration {
configuration = import (./users + "/${name}"); configuration = import (./users + "/${name}");
inherit username; inherit username;
@ -151,11 +163,10 @@
description = "Basic setup of tools in nixpkgs/unstable"; description = "Basic setup of tools in nixpkgs/unstable";
welcomeText = "Change into the folder and add the wanted packages to the buildInputs"; welcomeText = "Change into the folder and add the wanted packages to the buildInputs";
}; };
rust = { rust = {
description = "Rust development environment flake"; description = "Rust development environment flake";
welcomeText = welcomeText = "Change into the folder and follow the prompt to create an automatic rust environment in this folder";
"Change into the folder and follow the prompt to create an automatic rust environment in this folder";
}; };
jupyter = { jupyter = {
description = "Jupyter server flake"; description = "Jupyter server flake";

6
lib/default.nix
View File

@ -1,6 +1,6 @@
{ lib }: {lib}:
(lib.composeManyExtensions [ (lib.composeManyExtensions [
(import ./users.nix) (import ./users.nix)
(import ./files.nix) (import ./files.nix)
]) lib ])
lib

52
lib/files.nix
View File

@ -1,26 +1,34 @@
final: prev: final: prev:
with prev; rec { with prev; rec {
moduleNames = dir: pipe dir [ moduleNames = dir:
builtins.readDir pipe dir [
(filterAttrs builtins.readDir
(name: type: (!hasPrefix "." name && !hasPrefix "_" name (filterAttrs
&& (hasSuffix ".nix" name || type == "directory")))) (name: type: (!hasPrefix "." name
attrNames && !hasPrefix "_" name
]; && (hasSuffix ".nix" name || type == "directory"))))
attrNames
];
withModules = dir: f: withModules = dir: f:
listToAttrs (map listToAttrs (map
(filename: (filename: let
let path = dir + "/${filename}";
path = dir + "/${filename}"; name = removeSuffix ".nix" filename;
name = removeSuffix ".nix" filename; in
in nameValuePair name (f {inherit path name;}))
nameValuePair name (f { inherit path name; }))
(moduleNames dir)); (moduleNames dir));
discoverModules = dir: withModules dir ({ path, name }: import path); discoverModules = dir:
withModules dir ({
path,
name,
}:
import path);
discoverMachines = dir: args: discoverMachines = dir: args:
withModules dir ({ path, name }: withModules dir ({
{ modules = [ path ]; } // args); path,
name,
}:
{modules = [path];} // args);
discoverTemplates = dir: overrides: discoverTemplates = dir: overrides:
pipe dir [ pipe dir [
builtins.readDir builtins.readDir
@ -32,11 +40,11 @@ with prev; rec {
path = "${dir}/${template}"; path = "${dir}/${template}";
description = "a template for ${template} projects"; description = "a template for ${template} projects";
} }
(if hasAttr template overrides then (
getAttr template overrides if hasAttr template overrides
else then getAttr template overrides
{ })))) else {}
))))
listToAttrs listToAttrs
]; ];
} }

29
lib/users.nix
View File

@ -1,19 +1,16 @@
final: prev: final: prev: {
withConfig = config: let
{ cfg = config.elss.users;
withConfig = config: mapAccount = f: login: prev.nameValuePair login (f login);
mapList = f: lst: builtins.listToAttrs (map (mapAccount f) lst);
let in rec {
cfg = config.elss.users; mapUsers = f: mapList f cfg.users;
mapAccount = f: login: prev.nameValuePair login (f login); mapAdmins = f: mapList f cfg.admins;
mapList = f: lst: builtins.listToAttrs (map (mapAccount f) lst); mapAllUsers = f: (mapUsers f) // (mapAdmins f);
in mapAllUsersAndRoot = f:
rec { (mapAllUsers f)
mapUsers = f: mapList f cfg.users; // {
mapAdmins = f: mapList f cfg.admins;
mapAllUsers = f: (mapUsers f) // (mapAdmins f);
mapAllUsersAndRoot = f: (mapAllUsers f) // {
root = f "root"; root = f "root";
}; };
}; };
} }

37
machines/metis/default.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, inputs, nixos-hardware, ... }:
{ {
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [ imports = [
../../common/users.nix ../../common/users.nix
./hardware-configuration.nix ./hardware-configuration.nix
@ -41,12 +46,11 @@
# enable wireguard # enable wireguard
wireguard.enable = true; wireguard.enable = true;
# user setup # user setup
users = { users = {
enable = true; enable = true;
admins = [ "ellmau" ]; admins = ["ellmau"];
users = [ ]; users = [];
meta = { meta = {
ellmau.git = { ellmau.git = {
@ -55,20 +59,24 @@
}; };
}; };
}; };
fileSystems."/".options = [ "noatime" ]; fileSystems."/".options = ["noatime"];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking = { networking = {
interfaces.ens3 = { interfaces.ens3 = {
ipv4.addresses = [{ ipv4.addresses = [
address = "89.58.45.113"; {
prefixLength = 22; address = "89.58.45.113";
}]; prefixLength = 22;
ipv6.addresses = [{ }
address = "fe80::94e0:6eff:fecd:d6cb"; ];
prefixLength = 64; ipv6.addresses = [
}]; {
address = "fe80::94e0:6eff:fecd:d6cb";
prefixLength = 64;
}
];
}; };
defaultGateway = "89.58.44.1"; defaultGateway = "89.58.44.1";
defaultGateway6 = { defaultGateway6 = {
@ -79,9 +87,8 @@
nat = { nat = {
enable = true; enable = true;
externalInterface = "ens3"; externalInterface = "ens3";
internalInterfaces = [ "wg-stelnet" ]; internalInterfaces = ["wg-stelnet"];
}; };
}; };
system.stateVersion = "22.05"; system.stateVersion = "22.05";
} }

44
machines/metis/hardware-configuration.nix
View File

@ -1,33 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ lib,
(modulesPath + "/profiles/qemu-guest.nix") pkgs,
]; modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ ]; boot.kernelModules = [];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-label/nixos-root";
device = "/dev/disk/by-label/nixos-root"; fsType = "xfs";
fsType = "xfs"; };
};
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-label/BOOT";
device = "/dev/disk/by-label/BOOT"; fsType = "vfat";
fsType = "vfat"; };
};
swapDevices = swapDevices = [{device = "/dev/disk/by-label/swap";}];
[{ device = "/dev/disk/by-label/swap"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

28
machines/nucturne/default.nix
View File

@ -1,12 +1,16 @@
{ config, pkgs, inputs, nixos-hardware, ...}:
{ {
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [ imports = [
../../common/users.nix ../../common/users.nix
./hardware-configuration.nix ./hardware-configuration.nix
./software.nix ./software.nix
]; ];
elss = { elss = {
# base system # base system
base.enable = true; base.enable = true;
@ -22,7 +26,7 @@
sway.enable = true; sway.enable = true;
i3.enable = false; i3.enable = false;
# set dpi if used in mobile applications # set dpi if used in mobile applications
# dpi = 180; # dpi = 180;
}; };
# enable deamon to generate nix-index-db # enable deamon to generate nix-index-db
@ -38,12 +42,12 @@
# enable wireguard # enable wireguard
wireguard.enable = true; wireguard.enable = true;
# user setup # user setup
users = { users = {
enable = true; enable = true;
admins = [ "ellmau" ]; admins = ["ellmau"];
users = [ ]; users = [];
meta = { meta = {
ellmau.git = { ellmau.git = {
@ -54,15 +58,15 @@
}; };
boot = { boot = {
extraModulePackages = [ extraModulePackages = [
config.boot.kernelPackages.v4l2loopback config.boot.kernelPackages.v4l2loopback
]; ];
kernelModules = [ kernelModules = [
"v4l2loopback" "v4l2loopback"
]; ];
plymouth.enable = true; plymouth.enable = true;
}; };
system.stateVersion = "21.05"; system.stateVersion = "21.05";

52
machines/nucturne/hardware-configuration.nix
View File

@ -1,36 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6"; device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/9ebd7aff-629b-449b-83d8-6381a04eb708"; device = "/dev/disk/by-uuid/9ebd7aff-629b-449b-83d8-6381a04eb708";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/DE6D-C383"; device = "/dev/disk/by-uuid/DE6D-C383";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e"; } {device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e";}
]; ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display # high-resolution display

5
machines/nucturne/software.nix
View File

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
libreoffice-fresh libreoffice-fresh
onlyoffice-bin onlyoffice-bin

11
machines/stel-xps/default.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, inputs, nixos-hardware, ... }:
{ {
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [ imports = [
../../common/users.nix ../../common/users.nix
./printer.nix ./printer.nix
@ -43,8 +48,8 @@
# user setup # user setup
users = { users = {
enable = true; enable = true;
admins = [ "ellmau" ]; admins = ["ellmau"];
users = [ ]; users = [];
meta = { meta = {
ellmau.git = { ellmau.git = {

44
machines/stel-xps/hardware-configuration.nix
View File

@ -1,33 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/6b7f9f80-af34-4317-b017-f883a2316674"; device = "/dev/disk/by-uuid/6b7f9f80-af34-4317-b017-f883a2316674";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/9c84f143-023d-4fcb-a49c-ca78ce69e0e0"; boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/9c84f143-023d-4fcb-a49c-ca78ce69e0e0";
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/39E0-047B"; device = "/dev/disk/by-uuid/39E0-047B";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0"; } {device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0";}
]; ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display # high-resolution display

37
machines/stel-xps/printer.nix
View File

@ -1,29 +1,32 @@
{ config, pkgs, ...}: {
config,
let pkgs,
...
}: let
ppd-local = pkgs.stdenv.mkDerivation rec { ppd-local = pkgs.stdenv.mkDerivation rec {
pname = "local-ppds"; pname = "local-ppds";
version = "2021-07-04"; version = "2021-07-04";
src = ./ppds; src = ./ppds;
phases = [ "unpackPhase" "installPhase" ]; phases = ["unpackPhase" "installPhase"];
installPhase = '' installPhase = ''
mkdir -p $out/share/cups/model/ mkdir -p $out/share/cups/model/
cp -R Ricoh $out/share/cups/model cp -R Ricoh $out/share/cups/model
''; '';
}; };
in in {
{ services.printing.drivers = with pkgs;
services.printing.drivers = with pkgs; [ [
foomatic-filters foomatic-filters
gutenprint gutenprint
hplip hplip
] ++ [ ]
ppd-local ++ [
]; ppd-local
];
hardware.printers.ensurePrinters = [ hardware.printers.ensurePrinters = [
{ {
name = "hpm605"; name = "hpm605";

5
machines/stel-xps/software.nix
View File

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
brightnessctl brightnessctl
libreoffice-fresh libreoffice-fresh

17
modules/aspell.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
let pkgs,
lib,
...
}: let
aspellConf = '' aspellConf = ''
data-dir /run/current-system/sw/lib/aspell data-dir /run/current-system/sw/lib/aspell
dict-dir /run/current-system/sw/lib/aspell dict-dir /run/current-system/sw/lib/aspell
@ -8,12 +11,12 @@ let
extra-dicts en-computers.rws extra-dicts en-computers.rws
add-extra-dicts en_GB-science.rws add-extra-dicts en_GB-science.rws
''; '';
in in {
{
options.elss.programs.aspell.enable = lib.mkEnableOption "setup aspell"; options.elss.programs.aspell.enable = lib.mkEnableOption "setup aspell";
config = lib.mkIf config.elss.programs.aspell.enable { config = lib.mkIf config.elss.programs.aspell.enable {
environment.systemPackages = [ pkgs.aspell ] environment.systemPackages =
++ (with pkgs.aspellDicts; [ de en sv en-computers en-science ]); [pkgs.aspell]
++ (with pkgs.aspellDicts; [de en sv en-computers en-science]);
}; };
} }

9
modules/base.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss = { options.elss = {
base.enable = mkEnableOption "Set the base configuration for the system"; base.enable = mkEnableOption "Set the base configuration for the system";
@ -14,7 +19,7 @@ with lib; {
services = { services = {
dbus = { dbus = {
enable = true; enable = true;
packages = with pkgs; [ dconf ]; packages = with pkgs; [dconf];
}; };
}; };

14
modules/communication.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.programs.communication.enable = mkEnableOption "enable the basic graphical communication tools"; options.elss.programs.communication.enable = mkEnableOption "enable the basic graphical communication tools";
config = config = let
let cfg = config.elss.programs.communication;
cfg = config.elss.programs.communication; in
in
mkIf cfg.enable { mkIf cfg.enable {
# elss.graphical.enable = true; # elss.graphical.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

178
modules/emacs/default.nix
View File

@ -1,97 +1,105 @@
{ config, lib, pkgs, ... }: {
with lib; config,
let lib,
pkgs,
...
}:
with lib; let
defaultEl = ./default.el; defaultEl = ./default.el;
environment.systemPackages = [ pkgs.gdb ]; # use gdb for dap-mode environment.systemPackages = [pkgs.gdb]; # use gdb for dap-mode
defaultConfig = pkgs.runCommand "default.el" { } '' defaultConfig = pkgs.runCommand "default.el" {} ''
mkdir -p $out/share/emacs/site-lisp mkdir -p $out/share/emacs/site-lisp
cp ${defaultEl} $out/share/emacs/site-lisp/default.el cp ${defaultEl} $out/share/emacs/site-lisp/default.el
''; '';
emacsPackage = (pkgs.emacsPackagesFor pkgs.emacs).emacsWithPackages emacsPackage =
(epkgs: (pkgs.emacsPackagesFor pkgs.emacs).emacsWithPackages
let (epkgs: let
lpkgs = import ./packages.nix { lpkgs = import ./packages.nix {
inherit config lib pkgs epkgs; inherit config lib pkgs epkgs;
}; };
in in
#[ (defaultConfig lpkgs) ] ++ (with pkgs; [ #[ (defaultConfig lpkgs) ] ++ (with pkgs; [
# aspell # aspell
# emacs-all-the-icons-fonts # emacs-all-the-icons-fonts
# gnupg # gnupg
# nixpkgs-fmt # nixpkgs-fmt
#]) #])
[(defaultConfig)] ++ [defaultConfig]
[(with epkgs.elpaPackages; [ ++ [
auctex (with epkgs.elpaPackages; [
org auctex
flymake org
])] flymake
++ (with epkgs.melpaStablePackages; [ ]) ++ (with epkgs.melpaPackages; [ ])
ac-helm ]
academic-phrases ++ (with epkgs.melpaStablePackages; [])
add-hooks ++ (with epkgs.melpaPackages;
alert [
all-the-icons ac-helm
all-the-icons-dired academic-phrases
beacon add-hooks
bln-mode alert
cargo-mode all-the-icons
company all-the-icons-dired
company-auctex beacon
company-bibtex bln-mode
company-flx cargo-mode
company-quickhelp company
company-reftex company-auctex
cov company-bibtex
dap-mode company-flx
diminish company-quickhelp
direnv company-reftex
dockerfile-mode cov
docker-compose-mode dap-mode
flycheck diminish
free-keys direnv
highlight-indentation dockerfile-mode
helm docker-compose-mode
#helm-bbdb flycheck
helm-company free-keys
helm-flx highlight-indentation
helm-descbinds helm
helm-lsp #helm-bbdb
helm-projectile helm-company
helm-rg helm-flx
json-mode helm-descbinds
less-css-mode helm-lsp
lsp-mode helm-projectile
lsp-ui helm-rg
magit json-mode
moe-theme less-css-mode
multiple-cursors lsp-mode
nix-mode lsp-ui
nixpkgs-fmt magit
org-bullets moe-theme
org-roam multiple-cursors
#org-roam-server nix-mode
pasp-mode nixpkgs-fmt
pdf-tools org-bullets
projectile org-roam
projectile-ripgrep #org-roam-server
rustic pasp-mode
spacemacs-theme pdf-tools
solarized-theme projectile
sparql-mode projectile-ripgrep
sudo-edit rustic
use-package spacemacs-theme
#vscode-dark-plus-theme solarized-theme
yaml-mode sparql-mode
yasnippet sudo-edit
#zenburn-theme use-package
] ++ (with lpkgs; [ #vscode-dark-plus-theme
org-roam-ui yaml-mode
ligatures yasnippet
]))); #zenburn-theme
in ]
{ ++ (with lpkgs; [
org-roam-ui
ligatures
])));
in {
options.elss.programs.emacs.enable = mkEnableOption "Setup emacs package and install it"; options.elss.programs.emacs.enable = mkEnableOption "Setup emacs package and install it";
config = mkIf config.elss.programs.emacs.enable { config = mkIf config.elss.programs.emacs.enable {
services.emacs = { services.emacs = {

57
modules/emacs/packages.nix
View File

@ -1,30 +1,35 @@
{ config, lib, pkgs, epkgs, ...}: {
let config,
lib,
pkgs,
epkgs,
...
}: let
in in
with epkgs; rec{ with epkgs; rec {
org-roam-ui = trivialBuild{ org-roam-ui = trivialBuild {
pname = "org-roam-ui"; pname = "org-roam-ui";
version = "2021-10-06"; version = "2021-10-06";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "org-roam"; owner = "org-roam";
repo = "org-roam-ui"; repo = "org-roam-ui";
rev = "bae6487afd5e6eec9f04b38b235bbac24042ca62"; rev = "bae6487afd5e6eec9f04b38b235bbac24042ca62";
sha256 = "14dbdvxf1l0dwbhc0ap3wr3ffafy4cxmwc9b7gm0gzzmcxvszisc"; sha256 = "14dbdvxf1l0dwbhc0ap3wr3ffafy4cxmwc9b7gm0gzzmcxvszisc";
};
packageRequires = [f websocket org-roam simple-httpd];
postInstall = ''
cp -r out $out/share/emacs/site-lisp
'';
}; };
packageRequires = [ f websocket org-roam simple-httpd ];
postInstall = ''
cp -r out $out/share/emacs/site-lisp
'';
};
ligatures = trivialBuild { ligatures = trivialBuild {
pname = "ligatures"; pname = "ligatures";
version = "unstable-2021-08-27"; version = "unstable-2021-08-27";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "mickeynp"; owner = "mickeynp";
repo = "ligature.el"; repo = "ligature.el";
rev = "d3426509cc5436a12484d91e48abd7b62429b7ef"; rev = "d3426509cc5436a12484d91e48abd7b62429b7ef";
sha256 = "baFDkfQLM2MYW2QhMpPnOMSfsLlcp9fO5xfyioZzOqg="; sha256 = "baFDkfQLM2MYW2QhMpPnOMSfsLlcp9fO5xfyioZzOqg=";
};
}; };
}; }
}

24
modules/graphical.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.graphical = { options.elss.graphical = {
enable = mkEnableOption "configure graphical layer"; enable = mkEnableOption "configure graphical layer";
@ -18,14 +23,16 @@ with lib; {
}; };
i3.enable = mkEnableOption "enable i3"; i3.enable = mkEnableOption "enable i3";
}; };
config = config = let
let cfg = config.elss.graphical;
cfg = config.elss.graphical; #cursorsize = if config.variables.hostName == "nucturne" then 14 else 16;
#cursorsize = if config.variables.hostName == "nucturne" then 14 else 16; #xserverDPI = if config.variables.hostName == "stel-xps" then 180 else null;
#xserverDPI = if config.variables.hostName == "stel-xps" then 180 else null; in
in
mkIf cfg.enable { mkIf cfg.enable {
elss.users.x11.enable = if cfg.i3.enable then true else false; elss.users.x11.enable =
if cfg.i3.enable
then true
else false;
elss.networking.useNetworkManager = true; elss.networking.useNetworkManager = true;
services = { services = {
@ -77,6 +84,5 @@ with lib; {
libsecret libsecret
arandr arandr
]; ];
}; };
} }

9
modules/locale.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ...}: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.locale.enable = mkEnableOption "setup default locale and font-handling"; options.elss.locale.enable = mkEnableOption "setup default locale and font-handling";
@ -21,7 +26,7 @@ with lib; {
noto-fonts-extra noto-fonts-extra
roboto roboto
roboto-mono roboto-mono
(nerdfonts.override { fonts = [ "Hasklig" ]; }) (nerdfonts.override {fonts = ["Hasklig"];})
material-icons material-icons
weather-icons weather-icons
xits-math xits-math

43
modules/network-manager/default.nix
View File

@ -1,27 +1,30 @@
{ config, pkgs, lib, ...}: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.networking.useNetworkManager = mkEnableOption "enable networkmanager"; options.elss.networking.useNetworkManager = mkEnableOption "enable networkmanager";
config = config = let
let connections = [
connections = [ "tartaros"
"tartaros" "eduroam"
"eduroam" ];
];
mkSopsSecrets = connection: { mkSopsSecrets = connection: {
"${connection}" = { "${connection}" = {
sopsFile = ../../secrets/networks.yaml; sopsFile = ../../secrets/networks.yaml;
path = "/run/NetworkManager/system-connections/${connection}.nmconnection"; path = "/run/NetworkManager/system-connections/${connection}.nmconnection";
}; };
};
in
mkIf config.elss.networking.useNetworkManager {
networking.networkmanager = {
enable = true;
}; };
in
mkIf config.elss.networking.useNetworkManager {
networking.networkmanager = {
enable = true;
};
sops.secrets = mkMerge (map mkSopsSecrets connections); sops.secrets = mkMerge (map mkSopsSecrets connections);
}; };
} }

42
modules/nix-index-db.nix
View File

@ -1,22 +1,25 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.nix-index-db-update.enable = options.elss.nix-index-db-update.enable =
mkEnableOption "periodically update the nix-index database"; mkEnableOption "periodically update the nix-index database";
config = config = let
let cfg = config.elss.nix-index-db-update;
cfg = config.elss.nix-index-db-update; nix-index-db-update = pkgs.writeShellScript "nix-index-db-update" ''
nix-index-db-update = pkgs.writeShellScript "nix-index-db-update" '' set -euo pipefail
set -euo pipefail
filename="index-x86_64-$(${pkgs.coreutils}/bin/uname | ${pkgs.coreutils}/bin/tr A-Z a-z)" filename="index-x86_64-$(${pkgs.coreutils}/bin/uname | ${pkgs.coreutils}/bin/tr A-Z a-z)"
cd /var/db/nix-index/ cd /var/db/nix-index/
${pkgs.wget}/bin/wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename ${pkgs.wget}/bin/wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename
${pkgs.coreutils}/bin/ln -f $filename files ${pkgs.coreutils}/bin/ln -f $filename files
''; '';
inherit (lib.elss.withConfig config) mapAllUsers; inherit (lib.elss.withConfig config) mapAllUsers;
in in
mkIf cfg.enable { mkIf cfg.enable {
systemd = { systemd = {
services.nix-index-db-update = { services.nix-index-db-update = {
@ -44,14 +47,13 @@ with lib; {
Persistent = true; Persistent = true;
}; };
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
}; };
}; };
home-manager.users = mapAllUsers (_: home-manager.users = mapAllUsers (_: {config, ...}: {
{ config, ... }: { home.file.".cache/nix-index".source =
home.file.".cache/nix-index".source = config.lib.file.mkOutOfStoreSymlink "/var/db/nix-index/";
config.lib.file.mkOutOfStoreSymlink "/var/db/nix-index/"; });
});
}; };
} }

8
modules/nix.nix
View File

@ -1,6 +1,8 @@
{ pkgs, config, ... }:
{ {
pkgs,
config,
...
}: {
config = { config = {
nix = { nix = {
useSandbox = true; useSandbox = true;
@ -10,7 +12,7 @@
linkInputs = true; linkInputs = true;
autoOptimiseStore = true; autoOptimiseStore = true;
trustedUsers = [ "root" ] ++ config.elss.users.admins; trustedUsers = ["root"] ++ config.elss.users.admins;
# Enable flakes # Enable flakes
# Free up to 50 GiB whenever there is less than 10 GiB left. # Free up to 50 GiB whenever there is less than 10 GiB left.

8
modules/obs-studio.nix
View File

@ -1,6 +1,10 @@
{ config, pkgs, lib, ...}:
with lib;
{ {
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.programs.obsstudio.enable = mkEnableOption "install obs-studio"; options.elss.programs.obsstudio.enable = mkEnableOption "install obs-studio";
config = mkIf config.elss.programs.obsstudio.enable { config = mkIf config.elss.programs.obsstudio.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

24
modules/openvpn/default.nix
View File

@ -1,14 +1,18 @@
{ config, lib, pkgs, ...}: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.openvpn.enable = mkEnableOption "Setup TUD openvpn"; options.elss.openvpn.enable = mkEnableOption "Setup TUD openvpn";
config = config = let
let cfg = config.elss.openvpn;
cfg = config.elss.openvpn; in
in mkIf cfg.enable {
mkIf cfg.enable { services.openvpn.servers.TUD = {
services.openvpn.servers.TUD = { config = "config config/TUD.ovpn";
config = "config config/TUD.ovpn"; autoStart = false;
autoStart = false;
};
}; };
};
} }

27
modules/python.nix
View File

@ -1,16 +1,21 @@
{ config, lib, pkgs, ... }:
with pkgs; with lib;
let
my-python-packages = python-packages: with python-packages; [
pandas
requests
# other python packages you want
];
python-with-my-packages = python3.withPackages my-python-packages;
in
{ {
config,
lib,
pkgs,
...
}:
with pkgs;
with lib; let
my-python-packages = python-packages:
with python-packages; [
pandas
requests
# other python packages you want
];
python-with-my-packages = python3.withPackages my-python-packages;
in {
options.elss.programs.python.enable = mkEnableOption "install python 3"; options.elss.programs.python.enable = mkEnableOption "install python 3";
config = mkIf config.elss.programs.python.enable { config = mkIf config.elss.programs.python.enable {
environment.systemPackages = [ python-with-my-packages ]; environment.systemPackages = [python-with-my-packages];
}; };
} }

15
modules/secrets.nix
View File

@ -1,16 +1,19 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.sops.enable = mkEnableOption "Use sops config"; options.elss.sops.enable = mkEnableOption "Use sops config";
config = config = let
let cfg = config.elss.sops;
cfg = config.elss.sops; in
in
mkIf cfg.enable { mkIf cfg.enable {
sops = { sops = {
defaultSopsFile = ../secrets/secrets.yaml; defaultSopsFile = ../secrets/secrets.yaml;
secrets.example_key.format = "yaml"; secrets.example_key.format = "yaml";
}; };
}; };
} }

20
modules/server/acme.nix
View File

@ -1,15 +1,17 @@
{ config, lib, pkgs, ... }: {
with lib;{ config,
config = lib,
let pkgs,
cfg = config.elss.server; ...
staging = config.elss.server.acme.staging; }:
in with lib; {
config = let
cfg = config.elss.server;
staging = config.elss.server.acme.staging;
in
mkIf cfg.enable { mkIf cfg.enable {
security.acme = { security.acme = {
defaults = { defaults = {
server = mkIf staging "https://acme-staging-v02.api.letsencrypt.org/directory"; server = mkIf staging "https://acme-staging-v02.api.letsencrypt.org/directory";
email = "stefan.ellmauthaler@gmail.com"; # Do not use ellmauthaler.net as the mail server will be covered by acme email = "stefan.ellmauthaler@gmail.com"; # Do not use ellmauthaler.net as the mail server will be covered by acme
}; };

15
modules/server/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.server = { options.elss.server = {
acme.staging = mkEnableOption "Whether to use the staging or the default server for acme"; acme.staging = mkEnableOption "Whether to use the staging or the default server for acme";
@ -8,7 +13,6 @@ with lib; {
nextcloud.enable = mkEnableOption "Set up nextcloud"; nextcloud.enable = mkEnableOption "Set up nextcloud";
smailserver.enable = mkEnableOption "Set up simple mail server"; smailserver.enable = mkEnableOption "Set up simple mail server";
unbound.enable = mkEnableOption "Set unbound dns up"; unbound.enable = mkEnableOption "Set unbound dns up";
}; };
imports = [ imports = [
@ -20,10 +24,9 @@ with lib; {
./unbound.nix ./unbound.nix
]; ];
config = config = let
let cfg = config.elss.server;
cfg = config.elss.server; in
in
mkIf cfg.enable { mkIf cfg.enable {
elss.server = { elss.server = {
nginx.enable = mkDefault true; nginx.enable = mkDefault true;

20
modules/server/nextcloud.nix
View File

@ -1,9 +1,13 @@
{ config, pkgs, lib, ... }: {
with lib;{ config,
config = pkgs,
let lib,
cfg = config.elss.server.nextcloud; ...
in }:
with lib; {
config = let
cfg = config.elss.server.nextcloud;
in
mkIf cfg.enable { mkIf cfg.enable {
elss.server.sql.enable = mkDefault true; elss.server.sql.enable = mkDefault true;
services.nextcloud = { services.nextcloud = {
@ -27,8 +31,8 @@ with lib;{
}; };
systemd.services."nextcloud-setup" = { systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ]; requires = ["postgresql.service"];
after = [ "postrgresql.service" ]; after = ["postrgresql.service"];
}; };
sops.secrets = { sops.secrets = {
storemin = { storemin = {

18
modules/server/nginx.nix
View File

@ -1,12 +1,16 @@
{ config, lib, pkgs, ... }: {
with lib;{ config,
config = lib,
let pkgs,
cfg = config.elss.server.nginx; ...
in }:
with lib; {
config = let
cfg = config.elss.server.nginx;
in
mkIf cfg.enable { mkIf cfg.enable {
services.nginx.enable = true; services.nginx.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [80 443];
services.nginx.virtualHosts."localhost" = { services.nginx.virtualHosts."localhost" = {
addSSL = false; addSSL = false;
enableACME = false; enableACME = false;

22
modules/server/smailserver.nix
View File

@ -1,25 +1,29 @@
{ config, pkgs, lib, ... }: {
with lib;{ config,
config = pkgs,
let lib,
cfg = config.elss.server.smailserver; ...
in }:
with lib; {
config = let
cfg = config.elss.server.smailserver;
in
mkIf cfg.enable { mkIf cfg.enable {
mailserver = { mailserver = {
enable = true; enable = true;
fqdn = "mail.ellmauthaler.net"; fqdn = "mail.ellmauthaler.net";
sendingFqdn = "ellmauthaler.net"; sendingFqdn = "ellmauthaler.net";
domains = [ "ellmauthaler.net" ]; domains = ["ellmauthaler.net"];
loginAccounts = { loginAccounts = {
"ellmau@ellmauthaler.net" = { "ellmau@ellmauthaler.net" = {
aliases = [ "stefan@ellmauthaler.net" "postmaster@ellmauthaler.net" "abuse@ellmauthaler.net" ]; aliases = ["stefan@ellmauthaler.net" "postmaster@ellmauthaler.net" "abuse@ellmauthaler.net"];
hashedPasswordFile = config.sops.secrets.ellmauMail.path; hashedPasswordFile = config.sops.secrets.ellmauMail.path;
}; };
}; };
localDnsResolver = false; localDnsResolver = false;
# use ACME # use ACME
certificateScheme = 3; certificateScheme = 3;
}; };

28
modules/server/sql.nix
View File

@ -1,18 +1,24 @@
{ config, pkgs, lib, ... }: {
with lib;{ config,
config = pkgs,
let lib,
cfg = config.elss.server.sql; ...
in }:
with lib; {
config = let
cfg = config.elss.server.sql;
in
mkIf cfg.enable { mkIf cfg.enable {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_14; package = pkgs.postgresql_14;
ensureDatabases = [ "nextcloud" ]; ensureDatabases = ["nextcloud"];
ensureUsers = [{ ensureUsers = [
name = "nextcloud"; {
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES"; name = "nextcloud";
}]; ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
}; };
}; };
} }

23
modules/server/unbound.nix
View File

@ -1,16 +1,20 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
config = config = let
let cfg = config.elss.server.unbound;
cfg = config.elss.server.unbound; in
in
mkIf cfg.enable { mkIf cfg.enable {
services = { services = {
resolved = { resolved = {
enable = true; enable = true;
dnssec = "true"; dnssec = "true";
llmnr = "true"; llmnr = "true";
fallbackDns = [ "127.0.0.1" "::1" ]; fallbackDns = ["127.0.0.1" "::1"];
extraConfig = '' extraConfig = ''
DNS = 127.0.0.1 ::1 DNS = 127.0.0.1 ::1
Domains = ~. Domains = ~.
@ -18,13 +22,12 @@ with lib; {
}; };
unbound = { unbound = {
enable = true; enable = true;
settings.server.interface = [ "127.0.0.0" "::1" ]; settings.server.interface = ["127.0.0.0" "::1"];
settings.server.access-control = [ "192.168.244.0/24 allow" "fdaa:3313:9dfa:dfa3::/64 allow" ]; settings.server.access-control = ["192.168.244.0/24 allow" "fdaa:3313:9dfa:dfa3::/64 allow"];
}; };
}; };
networking = { networking = {
nameservers = [ "127.0.0.1" "::1"]; nameservers = ["127.0.0.1" "::1"];
resolvconf.useLocalResolver = true; resolvconf.useLocalResolver = true;
}; };
}; };

26
modules/ssh.nix
View File

@ -1,16 +1,20 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.sshd.enable = mkEnableOption "Set up sshd"; options.elss.sshd.enable = mkEnableOption "Set up sshd";
config = config = let
let cfg = config.elss.sshd;
cfg = config.elss.sshd; in
in mkIf cfg.enable {
mkIf cfg.enable { services.openssh = {
services.openssh = { enable = true;
enable = true; passwordAuthentication = false;
passwordAuthentication = false; permitRootLogin = "no";
permitRootLogin = "no";
};
}; };
};
} }

17
modules/steam-run.nix
View File

@ -1,15 +1,18 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.steam-run.enable = mkEnableOption "configure steam-run to support unpatched binaries"; options.elss.steam-run.enable = mkEnableOption "configure steam-run to support unpatched binaries";
config = config = let
let cfg = config.elss.steam-run;
cfg = config.elss.steam-run; in
in
mkIf cfg.enable { mkIf cfg.enable {
environment.systemPackages = [ environment.systemPackages = [
(pkgs.unstable.steam.override { withJava = true; }).run (pkgs.unstable.steam.override {withJava = true;}).run
]; ];
}; };
} }

14
modules/sway.nix
View File

@ -1,10 +1,14 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.graphical.sway.enable = mkEnableOption "Use sway"; options.elss.graphical.sway.enable = mkEnableOption "Use sway";
config = config = let
let cfg = config.elss.graphical.sway;
cfg = config.elss.graphical.sway; in
in
mkIf cfg.enable { mkIf cfg.enable {
services.pipewire = { services.pipewire = {
enable = true; enable = true;

26
modules/texlive.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; { with lib; {
options.elss.texlive = { options.elss.texlive = {
enable = mkEnableOption "configure texlife on the system"; enable = mkEnableOption "configure texlife on the system";
@ -8,17 +13,16 @@ with lib; {
default = pkgs.texlive.combined.scheme-full; default = pkgs.texlive.combined.scheme-full;
description = '' description = ''
This option specifies which texlive package shall be installed This option specifies which texlive package shall be installed
''; '';
}; };
}; };
config = config = let
let cfg = config.elss.texlive;
cfg = config.elss.texlive; in
in mkIf cfg.enable {
mkIf cfg.enable { environment.systemPackages = [
environment.systemPackages = [ cfg.package
cfg.package ];
]; };
};
} }

267
modules/users.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, lib, homeConfigurations, ... }: {
config,
pkgs,
lib,
homeConfigurations,
...
}:
with lib; { with lib; {
options.elss.users = { options.elss.users = {
enable = mkEnableOption "elss specific user configuration"; enable = mkEnableOption "elss specific user configuration";
@ -15,14 +20,16 @@ with lib; {
type = types.listOf types.str; type = types.listOf types.str;
}; };
meta = mkOption { meta = mkOption {
type = types.attrsOf type =
types.attrsOf
(types.submodule { (types.submodule {
options = { options = {
description = mkOption { description = mkOption {
type = types.str; type = types.str;
description = "full name of the user"; description = "full name of the user";
}; };
hashedPassword = mkOption hashedPassword =
mkOption
{ {
type = types.str; type = types.str;
default = null; default = null;
@ -38,146 +45,142 @@ with lib; {
}; };
git = mkOption { git = mkOption {
type = types.submodule { type = types.submodule {
options = { options = {
key = mkOption { key = mkOption {
type = types.str; type = types.str;
example = "0xBEEE1234"; example = "0xBEEE1234";
default = "C804A9C1B7AF8256"; default = "C804A9C1B7AF8256";
description = "Signkey for git commits"; description = "Signkey for git commits";
}; };
gpgsm = mkOption { gpgsm = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to use gpgsm for commit signatures"; description = "Whether to use gpgsm for commit signatures";
}; };
signDefault = mkOption { signDefault = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to force signing commits or not"; description = "Whether to force signing commits or not";
};
}; };
}; };
};
}; };
}; };
}); });
}; };
}; };
config = config = let
let cfg = config.elss.users;
cfg = config.elss.users; inherit (elss.withConfig config) mapAdmins mapUsers mapAllUsersAndRoot mapAllUsers;
inherit (elss.withConfig config) mapAdmins mapUsers mapAllUsersAndRoot mapAllUsers;
getMeta = login: getMeta = login:
builtins.getAttr login cfg.meta; builtins.getAttr login cfg.meta;
mkAdmin = login: mkAdmin = login:
mkMerge [ mkMerge [
(mkUser login) (mkUser login)
{
extraGroups = [ "wheel" ];
inherit (getMeta login) hashedPassword;
}
];
mkUser = login:
let meta = getMeta login;
in
{ {
inherit (meta) description; extraGroups = ["wheel"];
isNormalUser = true; inherit (getMeta login) hashedPassword;
home = "/home/${login}"; }
extraGroups = [ ]; ];
openssh.authorizedKeys.keys = meta.publicKeys; mkUser = login: let
}; meta = getMeta login;
in {
inherit (meta) description;
isNormalUser = true;
home = "/home/${login}";
extraGroups = [];
openssh.authorizedKeys.keys = meta.publicKeys;
};
mkGitUser = login: mkGitUser = login: let
let meta = getMeta login; meta = getMeta login;
in in {
{ programs.git = {
programs.git = { userEmail = meta.mailAddress;
userEmail = meta.mailAddress; userName = meta.description;
userName = meta.description; extraConfig = {
extraConfig = { gpg = lib.mkIf meta.git.gpgsm {
gpg = lib.mkIf meta.git.gpgsm { format = "x509";
format = "x509"; program = "${pkgs.gnupg}/bin/gpgsm";
program = "${pkgs.gnupg}/bin/gpgsm"; };
}; user = {
user = { signingKey = meta.git.key;
signingKey = meta.git.key; };
}; commit = {
commit = { gpgsign = meta.git.signDefault;
gpgsign = meta.git.signDefault;
};
};
}; };
}; };
mkX11User = login:
let meta = getMeta login;
in
mkIf (cfg.x11.enable)
{
xsession = {
numlock.enable = true;
profileExtra = ''
if [ $(hostname) = 'stel-xps' ]; then
brightnessctl s 50%
fi
'';
};
home.file.".background-image".source = ../common/wallpaper/nix-wallpaper-nineish-dark-gray.png;
services = {
blueman-applet.enable = true;
network-manager-applet.enable = true;
dunst.enable = true;
};
};
in
mkIf (cfg.enable)
{
assertions =
let
cfg = config.elss.users;
in
[
{
assertion = mutuallyExclusive cfg.users cfg.admins;
message = "elss.users.users and elss.users.admins are mutually exclusive";
}
{
assertion = all (hash: hash != "")
(catAttrs "hashedPassword" (attrVals cfg.admins cfg.meta));
message = "No admin without password";
}
{
assertion = length (cfg.admins) > 0;
message = "One admin needed at least";
}
];
users = {
mutableUsers = false;
users =
mkMerge [
(mapAdmins mkAdmin)
(mapUsers mkUser)
];
};
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users =
mkMerge [
(mapAllUsers mkX11User)
(mapAllUsers mkGitUser)
(mapAllUsersAndRoot (login:
mkMerge [
{ config.home.stateVersion = mkDefault "21.11"; }
(if homeConfigurations ? "${login}" then homeConfigurations."${login}" else { })
]))
];
};
}; };
};
mkX11User = login: let
meta = getMeta login;
in
mkIf (cfg.x11.enable)
{
xsession = {
numlock.enable = true;
profileExtra = ''
if [ $(hostname) = 'stel-xps' ]; then
brightnessctl s 50%
fi
'';
};
home.file.".background-image".source = ../common/wallpaper/nix-wallpaper-nineish-dark-gray.png;
services = {
blueman-applet.enable = true;
network-manager-applet.enable = true;
dunst.enable = true;
};
};
in
mkIf (cfg.enable)
{
assertions = let
cfg = config.elss.users;
in [
{
assertion = mutuallyExclusive cfg.users cfg.admins;
message = "elss.users.users and elss.users.admins are mutually exclusive";
}
{
assertion =
all (hash: hash != "")
(catAttrs "hashedPassword" (attrVals cfg.admins cfg.meta));
message = "No admin without password";
}
{
assertion = length (cfg.admins) > 0;
message = "One admin needed at least";
}
];
users = {
mutableUsers = false;
users = mkMerge [
(mapAdmins mkAdmin)
(mapUsers mkUser)
];
};
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users = mkMerge [
(mapAllUsers mkX11User)
(mapAllUsers mkGitUser)
(mapAllUsersAndRoot (login:
mkMerge [
{config.home.stateVersion = mkDefault "21.11";}
(
if homeConfigurations ? "${login}"
then homeConfigurations."${login}"
else {}
)
]))
];
};
};
} }

233
modules/wireguard.nix
View File

@ -1,11 +1,14 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
options.elss.wireguard = with lib; { options.elss.wireguard = with lib; {
enable = mkEnableOption "wireguard overlay network"; enable = mkEnableOption "wireguard overlay network";
interfaces = mkOption { interfaces = mkOption {
default = { }; default = {};
type = types.attrsOf (types.submodule { type = types.attrsOf (types.submodule {
options = { options = {
servers = mkOption { servers = mkOption {
@ -18,7 +21,7 @@
extraIps = mkOption { extraIps = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "extra IPs to add to allowedIPs"; description = "extra IPs to add to allowedIPs";
}; };
@ -63,7 +66,7 @@
additionalAllowedIps = mkOption { additionalAllowedIps = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
description = "Additional IPs to add to allowedIPs "; description = "Additional IPs to add to allowedIPs ";
default = [ ]; default = [];
}; };
}; };
}); });
@ -78,14 +81,12 @@
ipv6 = { ipv6 = {
ula = mkOption { ula = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
description = description = "IPv6 prefixes to use for ULA wireguard addressing";
"IPv6 prefixes to use for ULA wireguard addressing";
}; };
gua = mkOption { gua = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
description = description = "IPv6 prefixes to use for GUA wireguard addressing";
"IPv6 prefixes to use for GUA wireguard addressing";
}; };
}; };
@ -99,119 +100,130 @@
}; };
}; };
config = config = let
let cfg = config.elss;
cfg = config.elss; hostName = config.system.name;
hostName = config.system.name; secretsFile =
secretsFile = ../machines ../machines
+ builtins.toPath "/${hostName}/secrets/wireguard.yaml"; + builtins.toPath "/${hostName}/secrets/wireguard.yaml";
takeNonEmpty = lib.filter (interface: interface != ""); takeNonEmpty = lib.filter (interface: interface != "");
testInterface = predicate: testInterface = predicate:
lib.mapAttrsToList lib.mapAttrsToList
(interface: value: if (predicate interface value) then interface else "") (interface: value:
cfg.wireguard.interfaces; if (predicate interface value)
onlyInterfaces = predicate: takeNonEmpty (testInterface predicate); then interface
peerInterfaces = else "")
onlyInterfaces (interface: value: builtins.hasAttr hostName value.peers); cfg.wireguard.interfaces;
serverInterfaces = onlyInterfaces onlyInterfaces = predicate: takeNonEmpty (testInterface predicate);
(interface: value: builtins.hasAttr hostName value.servers); peerInterfaces =
interfaces = serverInterfaces ++ peerInterfaces; onlyInterfaces (interface: value: builtins.hasAttr hostName value.peers);
serverInterfaces =
onlyInterfaces
(interface: value: builtins.hasAttr hostName value.servers);
interfaces = serverInterfaces ++ peerInterfaces;
mkAddresses = prefixes: localIp: mkAddresses = prefixes: localIp:
(map (prefix: "${prefix}.${localIp}/32") prefixes.ipv4) (map (prefix: "${prefix}.${localIp}/32") prefixes.ipv4)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.ula) ++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.gua); ++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.gua);
mkServerAddresses = prefixes: serverIp: mkServerAddresses = prefixes: serverIp:
(map (prefix: "${prefix}.${serverIp}") prefixes.ipv4) (map (prefix: "${prefix}.${serverIp}") prefixes.ipv4)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.ula) ++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.gua); ++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.gua);
mkInterfaceName = interface: "wg-${interface}"; mkInterfaceName = interface: "wg-${interface}";
mkServerPeer = prefixes: peer: { mkServerPeer = prefixes: peer: {
allowedIPs = mkAddresses prefixes peer.localIp; allowedIPs = mkAddresses prefixes peer.localIp;
inherit (peer) publicKey; inherit (peer) publicKey;
}; };
mkPeerPeer = prefixes: peers: peer: { mkPeerPeer = prefixes: peers: peer: {
allowedIPs = (mkAddresses prefixes peer.localIp) allowedIPs =
++ (lib.concatMap (mkAddresses prefixes) peer.extraIps) ++ (if lib.hasAttr hostName peers then peers.${hostName}.additionalAllowedIps else [ ]); (mkAddresses prefixes peer.localIp)
persistentKeepalive = 25; ++ (lib.concatMap (mkAddresses prefixes) peer.extraIps)
inherit (peer) publicKey endpoint; ++ (
}; if lib.hasAttr hostName peers
then peers.${hostName}.additionalAllowedIps
else []
);
persistentKeepalive = 25;
inherit (peer) publicKey endpoint;
};
mkPostSetup = name: prefixes: servers: mkPostSetup = name: prefixes: servers: let
let ifName = mkInterfaceName name;
ifName = mkInterfaceName name; serverIps = name: server: mkServerAddresses prefixes server.localIp;
serverIps = name: server: mkServerAddresses prefixes server.localIp; dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers);
dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers); in
in lib.concatStrings ([
lib.concatStrings ([
'' ''
${pkgs.systemd}/bin/resolvectl domain ${ifName} ${name}.${config.elss.dns.wgZone} ${pkgs.systemd}/bin/resolvectl domain ${ifName} ${name}.${config.elss.dns.wgZone}
${pkgs.systemd}/bin/resolvectl default-route ${ifName} true ${pkgs.systemd}/bin/resolvectl default-route ${ifName} true
'' ''
] ++ (map ]
++ (map
(ip: '' (ip: ''
${pkgs.systemd}/bin/resolvectl dns ${ifName} ${ip} ${pkgs.systemd}/bin/resolvectl dns ${ifName} ${ip}
'') '')
dnsServers)); dnsServers));
mkInterfaceConfig = hostName: interface: value: mkInterfaceConfig = hostName: interface: value: let
let isServer = builtins.hasAttr hostName value.servers;
isServer = builtins.hasAttr hostName value.servers; isPeer = builtins.hasAttr hostName value.peers;
isPeer = builtins.hasAttr hostName value.peers; myConfig =
myConfig = if isServer
if isServer then then value.servers."${hostName}"
value.servers."${hostName}" else value.peers."${hostName}";
else
value.peers."${hostName}";
in
assert lib.asserts.assertMsg
((isServer || isPeer) && !(isServer && isPeer))
"host must be either server or peer";
lib.nameValuePair (mkInterfaceName interface) ({
privateKeyFile = config.sops.secrets."wireguard-${interface}".path;
ips = mkAddresses value.prefixes myConfig.localIp;
inherit (myConfig) listenPort;
} // (if isServer then {
peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers;
} else if isPeer then {
peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers;
postSetup = mkPostSetup interface value.prefixes value.servers;
} else
{ }));
mkInterfaceSecret = interface: {
"wireguard-${interface}" = { sopsFile = secretsFile; };
};
mkListenPorts = hostName: interface: value:
if builtins.hasAttr hostName value.servers then
value.servers."${hostName}".listenPort
else if builtins.hasAttr hostName value.peers then
value.peers."${hostName}".listenPort
else
-1;
mkSysctl = hostName: interface: [
{
name = "net.ipv4.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.all.forwarding";
value = "1";
}
];
in in
assert lib.asserts.assertMsg
((isServer || isPeer) && !(isServer && isPeer))
"host must be either server or peer";
lib.nameValuePair (mkInterfaceName interface) ({
privateKeyFile = config.sops.secrets."wireguard-${interface}".path;
ips = mkAddresses value.prefixes myConfig.localIp;
inherit (myConfig) listenPort;
}
// (
if isServer
then {
peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers;
}
else if isPeer
then {
peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers;
postSetup = mkPostSetup interface value.prefixes value.servers;
}
else {}
));
mkInterfaceSecret = interface: {
"wireguard-${interface}" = {sopsFile = secretsFile;};
};
mkListenPorts = hostName: interface: value:
if builtins.hasAttr hostName value.servers
then value.servers."${hostName}".listenPort
else if builtins.hasAttr hostName value.peers
then value.peers."${hostName}".listenPort
else -1;
mkSysctl = hostName: interface: [
{
name = "net.ipv4.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.all.forwarding";
value = "1";
}
];
in
lib.mkIf cfg.wireguard.enable { lib.mkIf cfg.wireguard.enable {
networking = { networking = {
wireguard.interfaces = wireguard.interfaces =
@ -221,15 +233,15 @@
# (lib.mapAttrsToList (mkListenPorts hostName) cfg.wireguard.interfaces); # (lib.mapAttrsToList (mkListenPorts hostName) cfg.wireguard.interfaces);
allowedUDPPorts = lib.filter (port: port > 0) (map allowedUDPPorts = lib.filter (port: port > 0) (map
(interface: (interface:
lib.attrByPath [ interface "servers" hostName "listenPort" ] (-1) lib.attrByPath [interface "servers" hostName "listenPort"] (-1)
cfg.wireguard.interfaces) cfg.wireguard.interfaces)
serverInterfaces); serverInterfaces);
trustedInterfaces = map mkInterfaceName interfaces; trustedInterfaces = map mkInterfaceName interfaces;
}; };
interfaces = lib.listToAttrs (map interfaces = lib.listToAttrs (map
(interface: { (interface: {
name = mkInterfaceName interface; name = mkInterfaceName interface;
value = { mtu = 1300; }; value = {mtu = 1300;};
}) })
interfaces); interfaces);
}; };
@ -239,11 +251,10 @@
systemd.services = lib.listToAttrs (map systemd.services = lib.listToAttrs (map
(interface: { (interface: {
name = "wireguard-${mkInterfaceName interface}"; name = "wireguard-${mkInterfaceName interface}";
value = { serviceConfig.Restart = "on-failure"; }; value = {serviceConfig.Restart = "on-failure";};
}) })
interfaces); interfaces);
boot.kernel.sysctl = boot.kernel.sysctl =
builtins.listToAttrs (lib.concatMap (mkSysctl hostName) serverInterfaces); builtins.listToAttrs (lib.concatMap (mkSysctl hostName) serverInterfaces);

28
modules/zsh.nix
View File

@ -1,15 +1,19 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; { with lib; {
options.elss.zsh.enable = mkEnableOption "Setup systemwide zsh"; options.elss.zsh.enable = mkEnableOption "Setup systemwide zsh";
config = config = let
let inherit (elss.withConfig config) mapAllUsers;
inherit (elss.withConfig config) mapAllUsers; cfg = config.elss.zsh;
cfg = config.elss.zsh; in
in
mkIf cfg.enable { mkIf cfg.enable {
environment = { environment = {
shells = [ pkgs.zsh ]; shells = [pkgs.zsh];
pathsToLink = [ "/share/zsh/" ]; pathsToLink = ["/share/zsh/"];
sessionVariables = rec { sessionVariables = rec {
XDG_CACHE_HOME = "\${HOME}/.cache"; XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config"; XDG_CONFIG_HOME = "\${HOME}/.config";
@ -29,10 +33,10 @@ with lib; {
autosuggestions.enable = true; autosuggestions.enable = true;
syntaxHighlighting = { syntaxHighlighting = {
enable = true; enable = true;
highlighters = [ "main" "brackets" "root" "line" ]; highlighters = ["main" "brackets" "root" "line"];
#styles = { cursor = "standout,underline"; }; #styles = { cursor = "standout,underline"; };
}; };
setOptions = [ "auto_pushd" "correct" "nocaseglob" "rcexpandparam" "numericglobsort" "nobeep" "appendhistory" ]; setOptions = ["auto_pushd" "correct" "nocaseglob" "rcexpandparam" "numericglobsort" "nobeep" "appendhistory"];
shellInit = '' shellInit = ''
if [[ $TERM == "dumb" ]]; then if [[ $TERM == "dumb" ]]; then
@ -58,8 +62,8 @@ with lib; {
}; };
}; };
users.users = mapAllUsers (_: { shell = pkgs.zsh; } users.users = mapAllUsers (
_: {shell = pkgs.zsh;}
); );
}; };
} }

29
secrets/shell.nix
View File

@ -1,20 +1,19 @@
{ pkgs ? import <nixpkgs> { } {
, sops-nix ? pkgs.callPackage <sops-nix> { } pkgs ? import <nixpkgs> {},
, ... sops-nix ? pkgs.callPackage <sops-nix> {},
}: ...
}: let
let
sops-rekey = pkgs.writeShellScriptBin "sops-rekey" '' sops-rekey = pkgs.writeShellScriptBin "sops-rekey" ''
${pkgs.findutils}/bin/find . -wholename '*/secrets/*.yaml' -exec ${pkgs.sops}/bin/sops updatekeys {} \; ${pkgs.findutils}/bin/find . -wholename '*/secrets/*.yaml' -exec ${pkgs.sops}/bin/sops updatekeys {} \;
''; '';
in in
pkgs.mkShell { pkgs.mkShell {
sopsPGPKeyDirs = [ ./keys/users ./keys/hosts ]; sopsPGPKeyDirs = [./keys/users ./keys/hosts];
nativeBuildInputs = [ nativeBuildInputs = [
sops-nix.sops-import-keys-hook sops-nix.sops-import-keys-hook
sops-nix.ssh-to-pgp sops-nix.ssh-to-pgp
sops-rekey sops-rekey
pkgs.wireguard-tools pkgs.wireguard-tools
]; ];
} }

32
templates/basic_tools/flake.nix
View File

@ -8,24 +8,30 @@
flake-utils-plus.url = "github:gytis-ivaskevicius/flake-utils-plus"; flake-utils-plus.url = "github:gytis-ivaskevicius/flake-utils-plus";
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, flake-utils-plus, ... }@inputs: outputs = {
{ } // (flake-utils.lib.eachDefaultSystem (system: self,
let nixpkgs,
nixpkgs-unstable,
flake-utils,
flake-utils-plus,
...
} @ inputs:
{}
// (flake-utils.lib.eachDefaultSystem (
system: let
unstable = import nixpkgs-unstable { unstable = import nixpkgs-unstable {
inherit system; inherit system;
}; };
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
}; };
in in rec {
rec { devShell = pkgs.mkShell {
devShell = buildInputs = [
pkgs.mkShell { # add packages here, like
buildInputs = [ # pkgs.clingo
# add packages here, like ];
# pkgs.clingo };
]; }
};
}
)); ));
} }

23
templates/jupyter/flake.nix
View File

@ -2,36 +2,41 @@
description = "JupyterLab Flake"; description = "JupyterLab Flake";
inputs = { inputs = {
jupyterWith.url = "github:tweag/jupyterWith"; jupyterWith.url = "github:tweag/jupyterWith";
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
}; };
outputs = { self, nixpkgs, jupyterWith, flake-utils }: outputs = {
flake-utils.lib.eachSystem [ "x86_64-linux" "x86_64-darwin" ] (system: self,
let nixpkgs,
jupyterWith,
flake-utils,
}:
flake-utils.lib.eachSystem ["x86_64-linux" "x86_64-darwin"] (
system: let
pkgs = import nixpkgs { pkgs = import nixpkgs {
system = system; system = system;
overlays = nixpkgs.lib.attrValues jupyterWith.overlays; overlays = nixpkgs.lib.attrValues jupyterWith.overlays;
}; };
prince = pkgs.python3Packages.buildPythonPackage rec { prince = pkgs.python3Packages.buildPythonPackage rec {
name = "prince"; name = "prince";
src = pkgs.fetchFromGitHub{ src = pkgs.fetchFromGitHub {
owner = "MaxHalford"; owner = "MaxHalford";
repo = "prince"; repo = "prince";
rev = "bd5b29fafe853579c9d41e954caa4504d585665d"; rev = "bd5b29fafe853579c9d41e954caa4504d585665d";
sha256 = "X7gpHvy2cfIKMrfSGLZxmJsytLbe/VZd27VsYIyEoTI="; sha256 = "X7gpHvy2cfIKMrfSGLZxmJsytLbe/VZd27VsYIyEoTI=";
}; };
propagatedBuildInputs = with pkgs.python3Packages; [ matplotlib pandas numpy scipy scikit-learn ]; propagatedBuildInputs = with pkgs.python3Packages; [matplotlib pandas numpy scipy scikit-learn];
dontCheck = true; dontCheck = true;
dontUseSetuptoolsCheck = true; dontUseSetuptoolsCheck = true;
}; };
iPython = pkgs.kernels.iPythonWith { iPython = pkgs.kernels.iPythonWith {
name = "Python-env"; name = "Python-env";
packages = p: with p; [ sympy numpy pandas prince ]; packages = p: with p; [sympy numpy pandas prince];
ignoreCollisions = true; ignoreCollisions = true;
}; };
jupyterEnvironment = pkgs.jupyterlabWith { jupyterEnvironment = pkgs.jupyterlabWith {
kernels = [ iPython ]; kernels = [iPython];
}; };
in rec { in rec {
apps.jupterlab = { apps.jupterlab = {

56
templates/rust/flake.nix
View File

@ -18,36 +18,42 @@
}; };
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, gitignoresrc, rust-overlay, ... }@inputs: outputs = {
self,
nixpkgs,
nixpkgs-unstable,
flake-utils,
gitignoresrc,
rust-overlay,
...
} @ inputs:
{ {
#overlay = import ./nix { inherit gitignoresrc; }; #overlay = import ./nix { inherit gitignoresrc; };
} // (flake-utils.lib.eachDefaultSystem (system: }
let // (flake-utils.lib.eachDefaultSystem (
unstable = import nixpkgs-unstable { inherit system; }; system: let
unstable = import nixpkgs-unstable {inherit system;};
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
overlays = [ (import rust-overlay)]; overlays = [(import rust-overlay)];
};
in rec {
devShell = pkgs.mkShell {
RUST_LOG = "debug";
RUST_BACKTRACE = 1;
buildInputs = [
pkgs.rust-bin.stable.latest.rustfmt
pkgs.rust-bin.stable.latest.default
pkgs.rust-analyzer
pkgs.cargo-audit
pkgs.cargo-license
pkgs.cargo-tarpaulin
pkgs.cargo-kcov
pkgs.valgrind
pkgs.gnuplot
pkgs.kcov
];
}; };
in
rec {
devShell =
pkgs.mkShell {
RUST_LOG = "debug";
RUST_BACKTRACE = 1;
buildInputs = [
pkgs.rust-bin.stable.latest.rustfmt
pkgs.rust-bin.stable.latest.default
pkgs.rust-analyzer
pkgs.cargo-audit
pkgs.cargo-license
pkgs.cargo-tarpaulin
pkgs.cargo-kcov
pkgs.valgrind
pkgs.gnuplot
pkgs.kcov
];
};
} }
)); ));
} }

6
users/ellmau/alacritty.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
programs.alacritty = { programs.alacritty = {
enable = true; enable = true;
settings = { settings = {

16
users/ellmau/autorandr.nix
View File

@ -1,11 +1,15 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.i3;
cfg = nixosConfig.elss.graphical.i3; in
in
mkIf cfg.enable { mkIf cfg.enable {
programs.autorandr = { programs.autorandr = {
enable = true; enable = true;
profiles = { profiles = {

6
users/ellmau/default.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
imports = [ imports = [
./alacritty.nix ./alacritty.nix
./autorandr.nix ./autorandr.nix

15
users/ellmau/dunst.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.i3;
cfg = nixosConfig.elss.graphical.i3; in
in
mkIf cfg.enable { mkIf cfg.enable {
services.dunst = { services.dunst = {
iconTheme = { iconTheme = {

16
users/ellmau/git.nix
View File

@ -1,14 +1,18 @@
{ config, pkgs, lib, ...}:
{ {
programs= { config,
pkgs,
lib,
...
}: {
programs = {
git = { git = {
enable = true; enable = true;
package = pkgs.gitAndTools.gitFull; package = pkgs.gitAndTools.gitFull;
extraConfig = { extraConfig = {
core = { editor = "emacsclient"; }; core = {editor = "emacsclient";};
init = { defaultBranch = "main";}; init = {defaultBranch = "main";};
branch = { autosetuprebase = "always";}; branch = {autosetuprebase = "always";};
safe.directory = [ "/etc/nixos" ]; safe.directory = ["/etc/nixos"];
}; };
lfs.enable = true; lfs.enable = true;
}; };

8
users/ellmau/gpg.nix
View File

@ -1,5 +1,9 @@
{ config, pkgs, lib, ...}:
{ {
config,
pkgs,
lib,
...
}: {
home.file = { home.file = {
".gnupg/gpgsm.conf".text = '' ".gnupg/gpgsm.conf".text = ''
keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE
@ -10,7 +14,5 @@
".gnupg/chain.txt".source = ./conf/gpgsm/chain.txt; ".gnupg/chain.txt".source = ./conf/gpgsm/chain.txt;
}; };
programs.gpg.enable = true; programs.gpg.enable = true;
} }

15
users/ellmau/i3.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical;
cfg = nixosConfig.elss.graphical; in
in
mkIf cfg.enable { mkIf cfg.enable {
xdg = { xdg = {
configFile."i3" = { configFile."i3" = {

15
users/ellmau/kanshi.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.sway;
cfg = nixosConfig.elss.graphical.sway; in
in
mkIf cfg.enable { mkIf cfg.enable {
services.kanshi = { services.kanshi = {
enable = true; enable = true;

19
users/ellmau/mako.nix
View File

@ -1,20 +1,23 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.sway;
cfg = nixosConfig.elss.graphical.sway; in
in
mkIf cfg.enable { mkIf cfg.enable {
programs.mako = { programs.mako = {
enable = true; enable = true;
iconPath = "${pkgs.numix-icon-theme}"; iconPath = "${pkgs.numix-icon-theme}";
font = "Hasklug Nerd Font 10"; font = "Hasklug Nerd Font 10";
defaultTimeout = 8000; defaultTimeout = 8000;
# ignoreTimeout = true; # ignoreTimeout = true;
}; };
home.packages = [ pkgs.numix-icon-theme ]; home.packages = [pkgs.numix-icon-theme];
}; };
} }

15
users/ellmau/nextcloud.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical;
cfg = nixosConfig.elss.graphical; in
in
mkIf cfg.enable { mkIf cfg.enable {
services.nextcloud-client = { services.nextcloud-client = {
enable = true; enable = true;

673
users/ellmau/polybar.nix
View File

@ -1,353 +1,354 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.i3;
cfg = nixosConfig.elss.graphical.i3; in
in
mkIf cfg.enable { mkIf cfg.enable {
services.polybar = { services.polybar = {
enable = true; enable = true;
package = pkgs.polybarFull; package = pkgs.polybarFull;
settings = settings = let
let # solarized theme colours ~ https://en.wikipedia.org/wiki/Solarized
# solarized theme colours ~ https://en.wikipedia.org/wiki/Solarized #content tones
Base01 = "#586e75";
Base00 = "#657b83";
Base0 = "#839496";
Base1 = "#93a1a1";
# background tones
Base2 = "#eee8d5";
Base3 = "#fdf6e3";
# accent tones
Yellow = "#b58900";
Orange = "#cb4b16";
Red = "#dc322f";
Magenta = "#d33682";
Violet = "#6c71c4";
Blue = "#268bd2";
Cyan = "#2aa198";
Green = "#859900";
#content tones foreground_col = Base3;
Base01 = "#586e75"; background_col = Base01;
Base00 = "#657b83";
Base0 = "#839496";
Base1 = "#93a1a1";
# background tones
Base2 = "#eee8d5";
Base3 = "#fdf6e3";
# accent tones
Yellow = "#b58900";
Orange = "#cb4b16";
Red = "#dc322f";
Magenta = "#d33682";
Violet = "#6c71c4";
Blue = "#268bd2";
Cyan = "#2aa198";
Green = "#859900";
foreground_col = Base3; # old bg/fg stuff
background_col = Base01; #foreground_col = "#eee8d5";
#background_col = "#6c71c4";
foreground_altcol = "#66deff";
primary_col = "#ffb52a";
secondary_col = "#e60053";
alert_col = "#dc322f";
# old bg/fg stuff dpi = ''
#foreground_col = "#eee8d5"; ''${env:DPI:0}
#background_col = "#6c71c4"; '';
foreground_altcol = "#66deff";
primary_col = "#ffb52a";
secondary_col = "#e60053";
alert_col = "#dc322f";
dpi = '' #polyheight = 60;
''${env:DPI:0}
fonts = [
"Hasklig:style=Regular"
"all-the-icons:style=Regular"
"Webdings:style=Regular"
"Noto Emoji:scale=10"
"Unifont:style=Regular"
"Material Icons:size=12;0"
"Weather Icons:size=12;0"
"Hasklug Nerd Font,Hasklig Medium:style=Medium,Regular"
];
in {
"bar/main" = {
font = fonts;
modules = {
left = "i3 xwindow";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu dunst volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
''; '';
width = "100%";
#height = polyheight;
padding = 0;
padding-right = 2;
radius = 14;
module-margin = 1;
line-size = 2;
#polyheight = 60; dpi-x = dpi;
dpi-y = dpi;
fonts = [ tray = {
"Hasklig:style=Regular" position = "right";
"all-the-icons:style=Regular" padding = 2;
"Webdings:style=Regular" background = Base2;
"Noto Emoji:scale=10"
"Unifont:style=Regular"
"Material Icons:size=12;0"
"Weather Icons:size=12;0"
"Hasklug Nerd Font,Hasklig Medium:style=Medium,Regular"
];
in
{
"bar/main" = {
font = fonts;
modules = {
left = "i3 xwindow";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu dunst volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
padding = 0;
padding-right = 2;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
tray = {
position = "right";
padding = 2;
background = Base2;
};
};
"bar/aux" = {
font = fonts;
modules = {
left = "i3";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
};
"module/volume" = {
type = "internal/pulseaudio";
format.volume = "<ramp-volume> <label-volume>";
label.muted.text = "🔇";
label.muted.foreground = "#666";
ramp.volume = [ "🔈" "🔉" "🔊" ];
click.right = "${pkgs.pavucontrol}/bin/pavucontrol &";
# format-volume-underline = Base2;
# format-muted-underline = Base2;
};
"module/i3" = {
type = "internal/i3";
format = "<label-state> <label-mode>";
index-sort = "true";
wrapping-scroll = "false";
#; Only show workspaces on the same output as the bar
pin-workspaces = "true";
label-mode-padding = "2";
label-mode-foreground = "#000";
label-mode-background = primary_col;
#; focused = Active workspace on focused monitor
label-focused = "%name%";
#;label-focused-background = ${colors.background-alt}
#;label-focused-background = #9f78e1
label-focused-background = foreground_col;
label-focused-underline = foreground_col;
label-focused-foreground = background_col;
label-focused-padding = "2";
#; unfocused = Inactive workspace on any monitor
label-unfocused = "%name%";
label-unfocused-padding = "2";
label-unfocused-underline = foreground_col;
#; visible = Active workspace on unfocused monitor
label-visible = "%name%";
label-visible-background = Violet;
label-visible-underline = Yellow;
label-visible-padding = 2;
#; urgent = Workspace with urgency hint set
label-urgent = "%name%";
label-urgent-background = alert_col;
label-urgent-foreground = primary_col;
label-urgent-padding = "2";
#; Separator in between workspaces
#; label-separator = |
};
"module/xkeyboard" = {
type = "internal/xkeyboard";
blacklist-0 = "num lock";
interval = "5";
format-prefix = ''""'';
format-prefix-foreground = foreground_altcol;
format-prefix-underline = secondary_col;
label-layout = "%layout%";
label-layout-underline = secondary_col;
label-indicator-padding = "2";
label-indicator-margin = "1";
label-indicator-background = secondary_col;
label-indicator-underline = secondary_col;
};
"module/wlan" = {
type = "internal/network";
interface = "wlp0s20f3";
interval = "3.0";
format-connected = " <ramp-signal> <label-connected>";
format-connected-underline = "#9f78e1";
label-connected = "%essid%";
ramp-signal-0 = ''"0.0"'';
ramp-signal-1 = ''"0.5"'';
ramp-signal-2 = ''"1.0"'';
ramp-signal-3 = ''"1.0"'';
ramp-signal-4 = ''"1.0"'';
format-disconnected = "";
# ;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
ramp-signal-foreground = foreground_altcol;
};
"module/eth" = {
type = "internal/network";
interface = "eno1";
interval = "3.0";
format-connected-underline = "#55aa55";
format-connected = " <label-connected>";
format-connected-prefix-foreground = foreground_altcol;
label-connected = "%local_ip%";
format-disconnected = "";
format-disconnected-background = "#5479b7";
#;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
};
"module/date" = {
type = "internal/date";
interval = "5";
date = ''" %Y-%m-%d"'';
date-alt = ''" %Y-%m-%d"'';
time = "%H:%M";
time-alt = "%H:%M:%S";
#format-prefix = "";
#format-prefix-foreground = foreground_altcol;
format-underline = "#0a6cf5";
label = "%{A} %date% %time%";
};
"module/battery" = {
type = "internal/battery";
battery = "BAT0";
adapter = "ADP1";
full-at = "98";
format-charging-background = "#689d6a";
format-charging-prefix = ''" "'';
format-charging = "<label-charging>";
format-discharging-prefix = ''" "'';
format-discharging = "<label-discharging>";
format-discharging-background = "#689d6a";
format-full-prefix = ''" "'';
format-charging-underline = "#ffaa55";
format-full-prefix-foreground = foreground_altcol;
format-full-underline = "#ffaa55";
ormat-full-padding = "1";
format-charging-padding = "1";
format-discharging-padding = "1";
};
"module/temperature" = {
type = "internal/temperature";
thermal-zone = "0";
warn-temperature = "60";
format = "<ramp> <label>";
format-underline = "#f50a4d";
format-warn = "<ramp> <label-warn>";
format-warn-underline = "#f50a4d";
label = " %temperature-c%";
label-warn = "%temperature-c%";
label-warn-foreground = secondary_col;
ramp-0 = "l";
ramp-1 = "m";
ramp-2 = "h";
ramp-foreground = foreground_altcol;
};
"module/powermenu" = {
type = "custom/menu";
expand-right = "true";
format-spacing = "1";
label-open = ''""'';
label-open-foreground = secondary_col;
label-close = " cancel";
label-close-foreground = secondary_col;
label-separator = "|";
label-separator-foreground = foreground_altcol;
menu-0-0 = "reboot";
menu-0-0-exec = "menu-open-1";
menu-0-1 = "power off";
menu-0-1-exec = "menu-open-2";
menu-1-0 = "cancel";
menu-1-0-exec = "menu-open-0";
menu-1-1 = "reboot";
menu-1-1-exec = "sudo reboot";
menu-2-0 = "power off";
menu-2-0-exec = "sudo poweroff";
menu-2-1 = "cancel";
menu-2-1-exec = "menu-open-0";
};
"module/xbacklight" = {
type = "internal/xbacklight";
format = "<label> <bar>";
label = "BL";
bar-width = "10";
bar-indicator = "|";
bar-indicator-foreground = "#fff";
bar-indicator-font = "2";
bar-fill = "";
bar-fill-font = "2";
bar-fill-foreground = "#9f78e1";
bar-empty = "";
bar-empty-font = "2";
bar-empty-foreground = foreground_altcol;
};
"module/dunst" = {
type = "custom/script";
exec = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl is-paused | ${pkgs.gnugrep}/bin/grep -q true && echo || echo ";
interval = 10;
click-left = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl set-paused toggle";
};
"module/xwindow" = {
type = "internal/xwindow";
format = "<label>";
format-background = Cyan;
format-foreground = foreground_col;
format-padding = 2;
label-maxlen = 50;
label = "%title%";
}; };
}; };
"bar/aux" = {
font = fonts;
modules = {
left = "i3";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
};
"module/volume" = {
type = "internal/pulseaudio";
format.volume = "<ramp-volume> <label-volume>";
label.muted.text = "🔇";
label.muted.foreground = "#666";
ramp.volume = ["🔈" "🔉" "🔊"];
click.right = "${pkgs.pavucontrol}/bin/pavucontrol &";
# format-volume-underline = Base2;
# format-muted-underline = Base2;
};
"module/i3" = {
type = "internal/i3";
format = "<label-state> <label-mode>";
index-sort = "true";
wrapping-scroll = "false";
#; Only show workspaces on the same output as the bar
pin-workspaces = "true";
label-mode-padding = "2";
label-mode-foreground = "#000";
label-mode-background = primary_col;
#; focused = Active workspace on focused monitor
label-focused = "%name%";
#;label-focused-background = ${colors.background-alt}
#;label-focused-background = #9f78e1
label-focused-background = foreground_col;
label-focused-underline = foreground_col;
label-focused-foreground = background_col;
label-focused-padding = "2";
#; unfocused = Inactive workspace on any monitor
label-unfocused = "%name%";
label-unfocused-padding = "2";
label-unfocused-underline = foreground_col;
#; visible = Active workspace on unfocused monitor
label-visible = "%name%";
label-visible-background = Violet;
label-visible-underline = Yellow;
label-visible-padding = 2;
#; urgent = Workspace with urgency hint set
label-urgent = "%name%";
label-urgent-background = alert_col;
label-urgent-foreground = primary_col;
label-urgent-padding = "2";
#; Separator in between workspaces
#; label-separator = |
};
"module/xkeyboard" = {
type = "internal/xkeyboard";
blacklist-0 = "num lock";
interval = "5";
format-prefix = ''""'';
format-prefix-foreground = foreground_altcol;
format-prefix-underline = secondary_col;
label-layout = "%layout%";
label-layout-underline = secondary_col;
label-indicator-padding = "2";
label-indicator-margin = "1";
label-indicator-background = secondary_col;
label-indicator-underline = secondary_col;
};
"module/wlan" = {
type = "internal/network";
interface = "wlp0s20f3";
interval = "3.0";
format-connected = " <ramp-signal> <label-connected>";
format-connected-underline = "#9f78e1";
label-connected = "%essid%";
ramp-signal-0 = ''"0.0"'';
ramp-signal-1 = ''"0.5"'';
ramp-signal-2 = ''"1.0"'';
ramp-signal-3 = ''"1.0"'';
ramp-signal-4 = ''"1.0"'';
format-disconnected = "";
# ;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
ramp-signal-foreground = foreground_altcol;
};
"module/eth" = {
type = "internal/network";
interface = "eno1";
interval = "3.0";
format-connected-underline = "#55aa55";
format-connected = " <label-connected>";
format-connected-prefix-foreground = foreground_altcol;
label-connected = "%local_ip%";
format-disconnected = "";
format-disconnected-background = "#5479b7";
#;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
};
"module/date" = {
type = "internal/date";
interval = "5";
date = ''" %Y-%m-%d"'';
date-alt = ''" %Y-%m-%d"'';
time = "%H:%M";
time-alt = "%H:%M:%S";
#format-prefix = "";
#format-prefix-foreground = foreground_altcol;
format-underline = "#0a6cf5";
label = "%{A} %date% %time%";
};
"module/battery" = {
type = "internal/battery";
battery = "BAT0";
adapter = "ADP1";
full-at = "98";
format-charging-background = "#689d6a";
format-charging-prefix = ''" "'';
format-charging = "<label-charging>";
format-discharging-prefix = ''" "'';
format-discharging = "<label-discharging>";
format-discharging-background = "#689d6a";
format-full-prefix = ''" "'';
format-charging-underline = "#ffaa55";
format-full-prefix-foreground = foreground_altcol;
format-full-underline = "#ffaa55";
ormat-full-padding = "1";
format-charging-padding = "1";
format-discharging-padding = "1";
};
"module/temperature" = {
type = "internal/temperature";
thermal-zone = "0";
warn-temperature = "60";
format = "<ramp> <label>";
format-underline = "#f50a4d";
format-warn = "<ramp> <label-warn>";
format-warn-underline = "#f50a4d";
label = " %temperature-c%";
label-warn = "%temperature-c%";
label-warn-foreground = secondary_col;
ramp-0 = "l";
ramp-1 = "m";
ramp-2 = "h";
ramp-foreground = foreground_altcol;
};
"module/powermenu" = {
type = "custom/menu";
expand-right = "true";
format-spacing = "1";
label-open = ''""'';
label-open-foreground = secondary_col;
label-close = " cancel";
label-close-foreground = secondary_col;
label-separator = "|";
label-separator-foreground = foreground_altcol;
menu-0-0 = "reboot";
menu-0-0-exec = "menu-open-1";
menu-0-1 = "power off";
menu-0-1-exec = "menu-open-2";
menu-1-0 = "cancel";
menu-1-0-exec = "menu-open-0";
menu-1-1 = "reboot";
menu-1-1-exec = "sudo reboot";
menu-2-0 = "power off";
menu-2-0-exec = "sudo poweroff";
menu-2-1 = "cancel";
menu-2-1-exec = "menu-open-0";
};
"module/xbacklight" = {
type = "internal/xbacklight";
format = "<label> <bar>";
label = "BL";
bar-width = "10";
bar-indicator = "|";
bar-indicator-foreground = "#fff";
bar-indicator-font = "2";
bar-fill = "";
bar-fill-font = "2";
bar-fill-foreground = "#9f78e1";
bar-empty = "";
bar-empty-font = "2";
bar-empty-foreground = foreground_altcol;
};
"module/dunst" = {
type = "custom/script";
exec = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl is-paused | ${pkgs.gnugrep}/bin/grep -q true && echo || echo ";
interval = 10;
click-left = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl set-paused toggle";
};
"module/xwindow" = {
type = "internal/xwindow";
format = "<label>";
format-background = Cyan;
format-foreground = foreground_col;
format-padding = 2;
label-maxlen = 50;
label = "%title%";
};
};
script = '' script = ''
for m in $(polybar --list-monitors | ${pkgs.gnugrep}/bin/grep '(primary)' | ${pkgs.coreutils}/bin/cut -d":" -f1); do for m in $(polybar --list-monitors | ${pkgs.gnugrep}/bin/grep '(primary)' | ${pkgs.coreutils}/bin/cut -d":" -f1); do
MONITOR=$m polybar --reload main & MONITOR=$m polybar --reload main &

52
users/ellmau/sway.nix
View File

@ -1,22 +1,34 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.sway;
cfg = nixosConfig.elss.graphical.sway; in
in
mkIf cfg.enable { mkIf cfg.enable {
services = { services = {
blueman-applet.enable = true; blueman-applet.enable = true;
swayidle = { swayidle = {
enable = true; enable = true;
events = [ events = [
{
{ event = "before-sleep"; command = "swaylock -KfeFi ~/.background-image"; } event = "before-sleep";
{ event = "lock"; command = "swaylock -KfeFi ~/.background-image"; } command = "swaylock -KfeFi ~/.background-image";
}
{
event = "lock";
command = "swaylock -KfeFi ~/.background-image";
}
]; ];
timeouts = [ timeouts = [
{ timeout = 60; command = "swaylock -KfeFi ~/.background-image"; } {
timeout = 60;
command = "swaylock -KfeFi ~/.background-image";
}
]; ];
}; };
}; };
@ -40,11 +52,10 @@ with lib; {
modifier = "Mod4"; modifier = "Mod4";
keybindings = keybindings = let
let modifier = config.wayland.windowManager.sway.config.modifier;
modifier = config.wayland.windowManager.sway.config.modifier; bctl = "${pkgs.brightnessctl}/bin/brightnessctl";
bctl = "${pkgs.brightnessctl}/bin/brightnessctl"; in
in
lib.mkOptionDefault { lib.mkOptionDefault {
"${modifier}+Shift+q" = "kill"; "${modifier}+Shift+q" = "kill";
"${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show drun"; "${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show drun";
@ -55,13 +66,10 @@ with lib; {
XF86AudioMute = "exec ${pkgs.pamixer}/bin/pamixer -t"; XF86AudioMute = "exec ${pkgs.pamixer}/bin/pamixer -t";
XF86AudioLowerVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ -10%"; XF86AudioLowerVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ -10%";
XF86AudioRaiseVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ +10%"; XF86AudioRaiseVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ +10%";
}; };
keycodebindings = keycodebindings = let
let modifier = config.wayland.windowManager.sway.config.modifier;
modifier = config.wayland.windowManager.sway.config.modifier; in {};
in
{ };
startup = [ startup = [
{ {
@ -89,7 +97,7 @@ with lib; {
titlebar = true; titlebar = true;
}; };
bars = [ ]; bars = [];
}; };
extraConfig = '' extraConfig = ''
input "type:keyboard" { input "type:keyboard" {

25
users/ellmau/waybar.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }: {
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; { with lib; {
config = config = let
let cfg = nixosConfig.elss.graphical.sway;
cfg = nixosConfig.elss.graphical.sway; in
in
mkIf cfg.enable { mkIf cfg.enable {
xdg.configFile."waybar/style.css" = { xdg.configFile."waybar/style.css" = {
source = conf/waybar/style.css; source = conf/waybar/style.css;
@ -13,9 +18,9 @@ with lib; {
systemd.enable = true; systemd.enable = true;
settings = { settings = {
mainBar = { mainBar = {
modules-left = [ "sway/workspaces" "sway/mode" ]; modules-left = ["sway/workspaces" "sway/mode"];
modules-center = [ "sway/window" ]; modules-center = ["sway/window"];
modules-right = [ "idle_inhibitor" "sway/language" "network#wifi" "network#base" "battery" "pulseaudio" "clock" "tray" ]; modules-right = ["idle_inhibitor" "sway/language" "network#wifi" "network#base" "battery" "pulseaudio" "clock" "tray"];
"idle_inhibitor" = { "idle_inhibitor" = {
format = "{icon}"; format = "{icon}";
@ -35,7 +40,7 @@ with lib; {
format-charging = "{capacity}% "; format-charging = "{capacity}% ";
format-plugged = "{capacity}% "; format-plugged = "{capacity}% ";
format-alt = "{time} {icon}"; format-alt = "{time} {icon}";
format-icons = [ "" "" "" "" "" ]; format-icons = ["" "" "" "" ""];
}; };
"clock" = { "clock" = {
format-alt = "{:%a, %d. %b %H:%M}"; format-alt = "{:%a, %d. %b %H:%M}";
@ -82,10 +87,8 @@ with lib; {
on-click = "${pkgs.pamixer}/bin/pamixer -t"; on-click = "${pkgs.pamixer}/bin/pamixer -t";
on-click-right = "${pkgs.pavucontrol}/bin/pavucontrol &"; on-click-right = "${pkgs.pavucontrol}/bin/pavucontrol &";
}; };
}; };
}; };
}; };
}; };
} }

5
users/ellmau/zsh.nix
View File

@ -1,5 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
programs = { programs = {
zsh = { zsh = {
enable = true; enable = true;
@ -49,7 +48,7 @@
bat = { bat = {
enable = true; enable = true;
config = { theme = "ansi"; }; config = {theme = "ansi";};
}; };
exa = { exa = {