ellmau/nixos
1
0
Fork 0
mirror of https://github.com/ellmau/nixos.git synced 2025-12-19 09:29:36 +01:00
Code Issues Projects Releases Wiki Activity

Format with alejandra style

Browse Source
This commit is contained in:
Stefan Ellmauthaler 2022-08-22 11:00:00 +02:00
parent 6b41b87f67
commit d44a40605f
Failed to extract signature
62 changed files with 1553 additions and 1291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
common/users.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
config = {
elss = {

16
common/wireguard.nix
View File

@ -1,13 +1,17 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
config.elss.wireguard = {
interfaces = {
stelnet = {
servers = {
metis = {
localIp = "1";
extraIps = [ "1" "2" "142" ];
extraIps = ["1" "2" "142"];
publicKey = "wP49t1TYXI3ucsYb8RavNGwIf+8nx5UBgDU0PM9VlnI=";
endpoint = "metis.ellmauthaler.net:51820"; #TODO
};
@ -32,10 +36,10 @@ with lib; {
};
prefixes = {
ipv4 = [ "192.168.244" ];
ipv4 = ["192.168.244"];
ipv6 = {
ula = [ "fdaa:3313:9dfa:dfa3" ]; # TODO
gua = [ ];
ula = ["fdaa:3313:9dfa:dfa3"]; # TODO
gua = [];
};
serial = "2022073100";
};

122
default.nix
View File

@ -1,57 +1,75 @@
{ flakes, flakeOutputs, ...}:
let
mkMachine = args:
let
name = if builtins.isString args then args else args.name;
system = if args ? system then args.system else "x86_64-linux";
extraModules = if args ? extraModules then args.extraModules else [ ];
extraOverlays = if args ? extraOverlays then args.extraOverlays else [
{
flakes,
flakeOutputs,
...
}: let
mkMachine = args: let
name =
if builtins.isString args
then args
else args.name;
system =
if args ? system
then args.system
else "x86_64-linux";
extraModules =
if args ? extraModules
then args.extraModules
else [];
extraOverlays =
if args ? extraOverlays
then args.extraOverlays
else [
overlay-unstable
# overlay-comma
];
pkgs = flakes.nixpkgs;
configuration = if args ? configuration then args.configuration else import ./baseconfiguration.nix {inherit extraOverlays system pkgs name flakes flakeOutputs;} ;
overlay-unstable = final: prev: {
unstable = import flakes.nixpkgs-unstable {
system = "${system}";
config.allowUnfree=true;
};
};
# overlay-comma = final: prev: {
# comma = flakes.comma.packages."${system}";
# };
in
{
inherit name;
value = pkgs.lib.nixosSystem {
inherit system;
modules = [
configuration
{ nix = {
package = pkgs.legacyPackages.${system}.nixUnstable;
nixPath= [ "nixpkgs=${pkgs}" ];
registry.nixpkgs.flake = pkgs;
registry.nixpkgs-unstable.flake = flakes.nixpkgs-unstable;
}
;}
] ++ extraModules
++ flakes.nixpkgs.lib.mapAttrsToList (_: module: module)
flakeOutputs.nixosModules;
};
pkgs = flakes.nixpkgs;
configuration =
if args ? configuration
then args.configuration
else import ./baseconfiguration.nix {inherit extraOverlays system pkgs name flakes flakeOutputs;};
overlay-unstable = final: prev: {
unstable = import flakes.nixpkgs-unstable {
system = "${system}";
config.allowUnfree = true;
};
};
# overlay-comma = final: prev: {
# comma = flakes.comma.packages."${system}";
# };
in {
inherit name;
value = pkgs.lib.nixosSystem {
inherit system;
modules =
[
configuration
{
nix = {
package = pkgs.legacyPackages.${system}.nixUnstable;
nixPath = ["nixpkgs=${pkgs}"];
registry.nixpkgs.flake = pkgs;
registry.nixpkgs-unstable.flake = flakes.nixpkgs-unstable;
};
}
]
++ extraModules
++ flakes.nixpkgs.lib.mapAttrsToList (_: module: module)
flakeOutputs.nixosModules;
};
};
in
flakes.nixpkgs.lib.listToAttrs (map mkMachine [
{
name = "stel-xps";
extraModules = [ flakes.nixos-hardware.nixosModules.dell-xps-13-7390 flakes.home-manager.nixosModules.home-manager ];
}
{
name = "nucturne";
extraModules = [ flakes.home-manager.nixosModules.home-manager ];
}
{
name = "ellmauthaler";
extraModules = [ flakes.home-manager.nixosModules.home-manager flakes.simple-nixos-mailserver.nixosModule flakes.sops-nix.nixosModules.sops ];
}
])
flakes.nixpkgs.lib.listToAttrs (map mkMachine [
{
name = "stel-xps";
extraModules = [flakes.nixos-hardware.nixosModules.dell-xps-13-7390 flakes.home-manager.nixosModules.home-manager];
}
{
name = "nucturne";
extraModules = [flakes.home-manager.nixosModules.home-manager];
}
{
name = "ellmauthaler";
extraModules = [flakes.home-manager.nixosModules.home-manager flakes.simple-nixos-mailserver.nixosModule flakes.sops-nix.nixosModules.sops];
}
])

89
flake.nix
View File

@ -2,7 +2,6 @@
description = "Flake to define configurations of 'elss' - ellmauthaler stefan's systems";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
@ -59,30 +58,36 @@
};
};
outputs = { self, nixpkgs, flake-utils-plus, ... }@inputs:
let
extended-lib = nixpkgs.lib.extend
(final: prev: {
elss = (import ./lib { lib = final; }) prev;
});
inherit (extended-lib.elss) discoverModules moduleNames discoverMachines withModules discoverTemplates;
in
flake-utils-plus.lib.mkFlake rec{
outputs = {
self,
nixpkgs,
flake-utils-plus,
...
} @ inputs: let
extended-lib =
nixpkgs.lib.extend
(final: prev: {
elss = (import ./lib {lib = final;}) prev;
});
inherit (extended-lib.elss) discoverModules moduleNames discoverMachines withModules discoverTemplates;
in
flake-utils-plus.lib.mkFlake rec {
inherit self inputs;
supportedSystems = [ "x86_64-linux" ];
supportedSystems = ["x86_64-linux"];
lib = extended-lib;
channelsConfig = {
allowUnfreePredicate = pkg: builtins.elem (extended-lib.getName pkg) [
"slack"
"steam"
"steam-original"
"steam-runtime"
"skypeforlinux"
"teams"
"zoom"
];
allowUnfreePredicate = pkg:
builtins.elem (extended-lib.getName pkg) [
"slack"
"steam"
"steam-original"
"steam-runtime"
"skypeforlinux"
"teams"
"zoom"
];
};
channels.nixpkgs.overlaysBuilder = channels: [
@ -97,39 +102,46 @@
hostDefaults = {
system = "x86_64-linux";
channelName = "nixpkgs";
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
inputs.dwarffs.nixosModules.dwarffs
inputs.simple-nixos-mailserver.nixosModules.mailserver
./common/wireguard.nix
] ++ (map (name: ./modules + "/${name}") (moduleNames ./modules));
modules =
[
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
inputs.dwarffs.nixosModules.dwarffs
inputs.simple-nixos-mailserver.nixosModules.mailserver
./common/wireguard.nix
]
++ (map (name: ./modules + "/${name}") (moduleNames ./modules));
specialArgs = {
nixos-hardware = inputs.nixos-hardware.nixosModules;
inherit inputs;
};
extraArgs = {
homeConfigurations = withModules ./users
homeConfigurations =
withModules ./users
(
{ name, path }:
{
name,
path,
}:
#import (./users + "/${name}")
import path
import path
);
};
};
hosts = discoverMachines ./machines
hosts =
discoverMachines ./machines
{
specialArgs = { lib = extended-lib; };
specialArgs = {lib = extended-lib;};
};
nixosModules = discoverModules ./modules;
homeConfigurations = withModules ./users
(name:
let
username = extended-lib.removeSuffix ".nix" name;
in
homeConfigurations =
withModules ./users
(name: let
username = extended-lib.removeSuffix ".nix" name;
in
inputs.home-manager.lib.homeManagerConfiguration {
configuration = import (./users + "/${name}");
inherit username;
@ -154,8 +166,7 @@
rust = {
description = "Rust development environment flake";
welcomeText =
"Change into the folder and follow the prompt to create an automatic rust environment in this folder";
welcomeText = "Change into the folder and follow the prompt to create an automatic rust environment in this folder";
};
jupyter = {
description = "Jupyter server flake";

6
lib/default.nix
View File

@ -1,6 +1,6 @@
{ lib }:
{lib}:
(lib.composeManyExtensions [
(import ./users.nix)
(import ./files.nix)
]) lib
])
lib

52
lib/files.nix
View File

@ -1,26 +1,34 @@
final: prev:
with prev; rec {
moduleNames = dir: pipe dir [
builtins.readDir
(filterAttrs
(name: type: (!hasPrefix "." name && !hasPrefix "_" name
&& (hasSuffix ".nix" name || type == "directory"))))
attrNames
];
moduleNames = dir:
pipe dir [
builtins.readDir
(filterAttrs
(name: type: (!hasPrefix "." name
&& !hasPrefix "_" name
&& (hasSuffix ".nix" name || type == "directory"))))
attrNames
];
withModules = dir: f:
listToAttrs (map
(filename:
let
path = dir + "/${filename}";
name = removeSuffix ".nix" filename;
in
nameValuePair name (f { inherit path name; }))
(filename: let
path = dir + "/${filename}";
name = removeSuffix ".nix" filename;
in
nameValuePair name (f {inherit path name;}))
(moduleNames dir));
discoverModules = dir: withModules dir ({ path, name }: import path);
discoverModules = dir:
withModules dir ({
path,
name,
}:
import path);
discoverMachines = dir: args:
withModules dir ({ path, name }:
{ modules = [ path ]; } // args);
withModules dir ({
path,
name,
}:
{modules = [path];} // args);
discoverTemplates = dir: overrides:
pipe dir [
builtins.readDir
@ -32,11 +40,11 @@ with prev; rec {
path = "${dir}/${template}";
description = "a template for ${template} projects";
}
(if hasAttr template overrides then
getAttr template overrides
else
{ }))))
(
if hasAttr template overrides
then getAttr template overrides
else {}
))))
listToAttrs
];
}

29
lib/users.nix
View File

@ -1,19 +1,16 @@
final: prev:
{
withConfig = config:
let
cfg = config.elss.users;
mapAccount = f: login: prev.nameValuePair login (f login);
mapList = f: lst: builtins.listToAttrs (map (mapAccount f) lst);
in
rec {
mapUsers = f: mapList f cfg.users;
mapAdmins = f: mapList f cfg.admins;
mapAllUsers = f: (mapUsers f) // (mapAdmins f);
mapAllUsersAndRoot = f: (mapAllUsers f) // {
final: prev: {
withConfig = config: let
cfg = config.elss.users;
mapAccount = f: login: prev.nameValuePair login (f login);
mapList = f: lst: builtins.listToAttrs (map (mapAccount f) lst);
in rec {
mapUsers = f: mapList f cfg.users;
mapAdmins = f: mapList f cfg.admins;
mapAllUsers = f: (mapUsers f) // (mapAdmins f);
mapAllUsersAndRoot = f:
(mapAllUsers f)
// {
root = f "root";
};
};
};
}

37
machines/metis/default.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, inputs, nixos-hardware, ... }:
{
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [
../../common/users.nix
./hardware-configuration.nix
@ -41,12 +46,11 @@
# enable wireguard
wireguard.enable = true;
# user setup
users = {
enable = true;
admins = [ "ellmau" ];
users = [ ];
admins = ["ellmau"];
users = [];
meta = {
ellmau.git = {
@ -55,20 +59,24 @@
};
};
};
fileSystems."/".options = [ "noatime" ];
fileSystems."/".options = ["noatime"];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking = {
interfaces.ens3 = {
ipv4.addresses = [{
address = "89.58.45.113";
prefixLength = 22;
}];
ipv6.addresses = [{
address = "fe80::94e0:6eff:fecd:d6cb";
prefixLength = 64;
}];
ipv4.addresses = [
{
address = "89.58.45.113";
prefixLength = 22;
}
];
ipv6.addresses = [
{
address = "fe80::94e0:6eff:fecd:d6cb";
prefixLength = 64;
}
];
};
defaultGateway = "89.58.44.1";
defaultGateway6 = {
@ -79,9 +87,8 @@
nat = {
enable = true;
externalInterface = "ens3";
internalInterfaces = [ "wg-stelnet" ];
internalInterfaces = ["wg-stelnet"];
};
};
system.stateVersion = "22.05";
}

44
machines/metis/hardware-configuration.nix
View File

@ -1,33 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos-root";
fsType = "xfs";
};
fileSystems."/" = {
device = "/dev/disk/by-label/nixos-root";
fsType = "xfs";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-label/BOOT";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT";
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-label/swap"; }];
swapDevices = [{device = "/dev/disk/by-label/swap";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

26
machines/nucturne/default.nix
View File

@ -1,12 +1,16 @@
{ config, pkgs, inputs, nixos-hardware, ...}:
{
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [
../../common/users.nix
./hardware-configuration.nix
./software.nix
];
elss = {
# base system
base.enable = true;
@ -22,7 +26,7 @@
sway.enable = true;
i3.enable = false;
# set dpi if used in mobile applications
# dpi = 180;
# dpi = 180;
};
# enable deamon to generate nix-index-db
@ -42,8 +46,8 @@
# user setup
users = {
enable = true;
admins = [ "ellmau" ];
users = [ ];
admins = ["ellmau"];
users = [];
meta = {
ellmau.git = {
@ -54,15 +58,15 @@
};
boot = {
extraModulePackages = [
config.boot.kernelPackages.v4l2loopback
];
extraModulePackages = [
config.boot.kernelPackages.v4l2loopback
];
kernelModules = [
kernelModules = [
"v4l2loopback"
];
];
plymouth.enable = true;
plymouth.enable = true;
};
system.stateVersion = "21.05";

52
machines/nucturne/hardware-configuration.nix
View File

@ -1,36 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/9ebd7aff-629b-449b-83d8-6381a04eb708";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/9ebd7aff-629b-449b-83d8-6381a04eb708";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/DE6D-C383";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/DE6D-C383";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e"; }
];
swapDevices = [
{device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e";}
];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display

5
machines/nucturne/software.nix
View File

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
libreoffice-fresh
onlyoffice-bin

11
machines/stel-xps/default.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, inputs, nixos-hardware, ... }:
{
config,
pkgs,
inputs,
nixos-hardware,
...
}: {
imports = [
../../common/users.nix
./printer.nix
@ -43,8 +48,8 @@
# user setup
users = {
enable = true;
admins = [ "ellmau" ];
users = [ ];
admins = ["ellmau"];
users = [];
meta = {
ellmau.git = {

44
machines/stel-xps/hardware-configuration.nix
View File

@ -1,33 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/6b7f9f80-af34-4317-b017-f883a2316674";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/6b7f9f80-af34-4317-b017-f883a2316674";
fsType = "ext4";
};
boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/9c84f143-023d-4fcb-a49c-ca78ce69e0e0";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/39E0-047B";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/39E0-047B";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0"; }
];
swapDevices = [
{device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0";}
];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display

35
machines/stel-xps/printer.nix
View File

@ -1,28 +1,31 @@
{ config, pkgs, ...}:
let
{
config,
pkgs,
...
}: let
ppd-local = pkgs.stdenv.mkDerivation rec {
pname = "local-ppds";
version = "2021-07-04";
src = ./ppds;
phases = [ "unpackPhase" "installPhase" ];
phases = ["unpackPhase" "installPhase"];
installPhase = ''
mkdir -p $out/share/cups/model/
cp -R Ricoh $out/share/cups/model
'';
mkdir -p $out/share/cups/model/
cp -R Ricoh $out/share/cups/model
'';
};
in
{
services.printing.drivers = with pkgs; [
foomatic-filters
gutenprint
hplip
] ++ [
ppd-local
];
in {
services.printing.drivers = with pkgs;
[
foomatic-filters
gutenprint
hplip
]
++ [
ppd-local
];
hardware.printers.ensurePrinters = [
{

5
machines/stel-xps/software.nix
View File

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
brightnessctl
libreoffice-fresh

17
modules/aspell.nix
View File

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
{
config,
pkgs,
lib,
...
}: let
aspellConf = ''
data-dir /run/current-system/sw/lib/aspell
dict-dir /run/current-system/sw/lib/aspell
@ -8,12 +11,12 @@ let
extra-dicts en-computers.rws
add-extra-dicts en_GB-science.rws
'';
in
{
in {
options.elss.programs.aspell.enable = lib.mkEnableOption "setup aspell";
config = lib.mkIf config.elss.programs.aspell.enable {
environment.systemPackages = [ pkgs.aspell ]
++ (with pkgs.aspellDicts; [ de en sv en-computers en-science ]);
environment.systemPackages =
[pkgs.aspell]
++ (with pkgs.aspellDicts; [de en sv en-computers en-science]);
};
}

9
modules/base.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss = {
base.enable = mkEnableOption "Set the base configuration for the system";
@ -14,7 +19,7 @@ with lib; {
services = {
dbus = {
enable = true;
packages = with pkgs; [ dconf ];
packages = with pkgs; [dconf];
};
};

14
modules/communication.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.programs.communication.enable = mkEnableOption "enable the basic graphical communication tools";
config =
let
cfg = config.elss.programs.communication;
in
config = let
cfg = config.elss.programs.communication;
in
mkIf cfg.enable {
# elss.graphical.enable = true;
environment.systemPackages = with pkgs; [

178
modules/emacs/default.nix
View File

@ -1,97 +1,105 @@
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
defaultEl = ./default.el;
environment.systemPackages = [ pkgs.gdb ]; # use gdb for dap-mode
environment.systemPackages = [pkgs.gdb]; # use gdb for dap-mode
defaultConfig = pkgs.runCommand "default.el" { } ''
mkdir -p $out/share/emacs/site-lisp
cp ${defaultEl} $out/share/emacs/site-lisp/default.el
defaultConfig = pkgs.runCommand "default.el" {} ''
mkdir -p $out/share/emacs/site-lisp
cp ${defaultEl} $out/share/emacs/site-lisp/default.el
'';
emacsPackage = (pkgs.emacsPackagesFor pkgs.emacs).emacsWithPackages
(epkgs:
let
lpkgs = import ./packages.nix {
inherit config lib pkgs epkgs;
};
in
emacsPackage =
(pkgs.emacsPackagesFor pkgs.emacs).emacsWithPackages
(epkgs: let
lpkgs = import ./packages.nix {
inherit config lib pkgs epkgs;
};
in
#[ (defaultConfig lpkgs) ] ++ (with pkgs; [
# aspell
# emacs-all-the-icons-fonts
# gnupg
# nixpkgs-fmt
#])
[(defaultConfig)] ++
[(with epkgs.elpaPackages; [
auctex
org
flymake
])]
++ (with epkgs.melpaStablePackages; [ ]) ++ (with epkgs.melpaPackages; [
ac-helm
academic-phrases
add-hooks
alert
all-the-icons
all-the-icons-dired
beacon
bln-mode
cargo-mode
company
company-auctex
company-bibtex
company-flx
company-quickhelp
company-reftex
cov
dap-mode
diminish
direnv
dockerfile-mode
docker-compose-mode
flycheck
free-keys
highlight-indentation
helm
#helm-bbdb
helm-company
helm-flx
helm-descbinds
helm-lsp
helm-projectile
helm-rg
json-mode
less-css-mode
lsp-mode
lsp-ui
magit
moe-theme
multiple-cursors
nix-mode
nixpkgs-fmt
org-bullets
org-roam
#org-roam-server
pasp-mode
pdf-tools
projectile
projectile-ripgrep
rustic
spacemacs-theme
solarized-theme
sparql-mode
sudo-edit
use-package
#vscode-dark-plus-theme
yaml-mode
yasnippet
#zenburn-theme
] ++ (with lpkgs; [
org-roam-ui
ligatures
])));
in
{
[defaultConfig]
++ [
(with epkgs.elpaPackages; [
auctex
org
flymake
])
]
++ (with epkgs.melpaStablePackages; [])
++ (with epkgs.melpaPackages;
[
ac-helm
academic-phrases
add-hooks
alert
all-the-icons
all-the-icons-dired
beacon
bln-mode
cargo-mode
company
company-auctex
company-bibtex
company-flx
company-quickhelp
company-reftex
cov
dap-mode
diminish
direnv
dockerfile-mode
docker-compose-mode
flycheck
free-keys
highlight-indentation
helm
#helm-bbdb
helm-company
helm-flx
helm-descbinds
helm-lsp
helm-projectile
helm-rg
json-mode
less-css-mode
lsp-mode
lsp-ui
magit
moe-theme
multiple-cursors
nix-mode
nixpkgs-fmt
org-bullets
org-roam
#org-roam-server
pasp-mode
pdf-tools
projectile
projectile-ripgrep
rustic
spacemacs-theme
solarized-theme
sparql-mode
sudo-edit
use-package
#vscode-dark-plus-theme
yaml-mode
yasnippet
#zenburn-theme
]
++ (with lpkgs; [
org-roam-ui
ligatures
])));
in {
options.elss.programs.emacs.enable = mkEnableOption "Setup emacs package and install it";
config = mkIf config.elss.programs.emacs.enable {
services.emacs = {

57
modules/emacs/packages.nix
View File

@ -1,30 +1,35 @@
{ config, lib, pkgs, epkgs, ...}:
let
{
config,
lib,
pkgs,
epkgs,
...
}: let
in
with epkgs; rec{
org-roam-ui = trivialBuild{
pname = "org-roam-ui";
version = "2021-10-06";
src = pkgs.fetchFromGitHub {
owner = "org-roam";
repo = "org-roam-ui";
rev = "bae6487afd5e6eec9f04b38b235bbac24042ca62";
sha256 = "14dbdvxf1l0dwbhc0ap3wr3ffafy4cxmwc9b7gm0gzzmcxvszisc";
with epkgs; rec {
org-roam-ui = trivialBuild {
pname = "org-roam-ui";
version = "2021-10-06";
src = pkgs.fetchFromGitHub {
owner = "org-roam";
repo = "org-roam-ui";
rev = "bae6487afd5e6eec9f04b38b235bbac24042ca62";
sha256 = "14dbdvxf1l0dwbhc0ap3wr3ffafy4cxmwc9b7gm0gzzmcxvszisc";
};
packageRequires = [f websocket org-roam simple-httpd];
postInstall = ''
cp -r out $out/share/emacs/site-lisp
'';
};
packageRequires = [ f websocket org-roam simple-httpd ];
postInstall = ''
cp -r out $out/share/emacs/site-lisp
'';
};
ligatures = trivialBuild {
pname = "ligatures";
version = "unstable-2021-08-27";
src = pkgs.fetchFromGitHub {
owner = "mickeynp";
repo = "ligature.el";
rev = "d3426509cc5436a12484d91e48abd7b62429b7ef";
sha256 = "baFDkfQLM2MYW2QhMpPnOMSfsLlcp9fO5xfyioZzOqg=";
ligatures = trivialBuild {
pname = "ligatures";
version = "unstable-2021-08-27";
src = pkgs.fetchFromGitHub {
owner = "mickeynp";
repo = "ligature.el";
rev = "d3426509cc5436a12484d91e48abd7b62429b7ef";
sha256 = "baFDkfQLM2MYW2QhMpPnOMSfsLlcp9fO5xfyioZzOqg=";
};
};
};
}
}

24
modules/graphical.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.graphical = {
enable = mkEnableOption "configure graphical layer";
@ -18,14 +23,16 @@ with lib; {
};
i3.enable = mkEnableOption "enable i3";
};
config =
let
cfg = config.elss.graphical;
#cursorsize = if config.variables.hostName == "nucturne" then 14 else 16;
#xserverDPI = if config.variables.hostName == "stel-xps" then 180 else null;
in
config = let
cfg = config.elss.graphical;
#cursorsize = if config.variables.hostName == "nucturne" then 14 else 16;
#xserverDPI = if config.variables.hostName == "stel-xps" then 180 else null;
in
mkIf cfg.enable {
elss.users.x11.enable = if cfg.i3.enable then true else false;
elss.users.x11.enable =
if cfg.i3.enable
then true
else false;
elss.networking.useNetworkManager = true;
services = {
@ -77,6 +84,5 @@ with lib; {
libsecret
arandr
];
};
}

9
modules/locale.nix
View File

@ -1,4 +1,9 @@
{ config, pkgs, lib, ...}:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.locale.enable = mkEnableOption "setup default locale and font-handling";
@ -21,7 +26,7 @@ with lib; {
noto-fonts-extra
roboto
roboto-mono
(nerdfonts.override { fonts = [ "Hasklig" ]; })
(nerdfonts.override {fonts = ["Hasklig"];})
material-icons
weather-icons
xits-math

43
modules/network-manager/default.nix
View File

@ -1,27 +1,30 @@
{ config, pkgs, lib, ...}:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.networking.useNetworkManager = mkEnableOption "enable networkmanager";
config =
let
connections = [
"tartaros"
"eduroam"
];
config = let
connections = [
"tartaros"
"eduroam"
];
mkSopsSecrets = connection: {
"${connection}" = {
sopsFile = ../../secrets/networks.yaml;
path = "/run/NetworkManager/system-connections/${connection}.nmconnection";
};
mkSopsSecrets = connection: {
"${connection}" = {
sopsFile = ../../secrets/networks.yaml;
path = "/run/NetworkManager/system-connections/${connection}.nmconnection";
};
};
in
mkIf config.elss.networking.useNetworkManager {
networking.networkmanager = {
enable = true;
};
in
mkIf config.elss.networking.useNetworkManager {
networking.networkmanager = {
enable = true;
};
sops.secrets = mkMerge (map mkSopsSecrets connections);
};
sops.secrets = mkMerge (map mkSopsSecrets connections);
};
}

42
modules/nix-index-db.nix
View File

@ -1,22 +1,25 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.nix-index-db-update.enable =
mkEnableOption "periodically update the nix-index database";
config =
let
cfg = config.elss.nix-index-db-update;
nix-index-db-update = pkgs.writeShellScript "nix-index-db-update" ''
set -euo pipefail
config = let
cfg = config.elss.nix-index-db-update;
nix-index-db-update = pkgs.writeShellScript "nix-index-db-update" ''
set -euo pipefail
filename="index-x86_64-$(${pkgs.coreutils}/bin/uname | ${pkgs.coreutils}/bin/tr A-Z a-z)"
cd /var/db/nix-index/
${pkgs.wget}/bin/wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename
${pkgs.coreutils}/bin/ln -f $filename files
'';
inherit (lib.elss.withConfig config) mapAllUsers;
in
filename="index-x86_64-$(${pkgs.coreutils}/bin/uname | ${pkgs.coreutils}/bin/tr A-Z a-z)"
cd /var/db/nix-index/
${pkgs.wget}/bin/wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename
${pkgs.coreutils}/bin/ln -f $filename files
'';
inherit (lib.elss.withConfig config) mapAllUsers;
in
mkIf cfg.enable {
systemd = {
services.nix-index-db-update = {
@ -44,14 +47,13 @@ with lib; {
Persistent = true;
};
wantedBy = [ "timers.target" ];
wantedBy = ["timers.target"];
};
};
home-manager.users = mapAllUsers (_:
{ config, ... }: {
home.file.".cache/nix-index".source =
config.lib.file.mkOutOfStoreSymlink "/var/db/nix-index/";
});
home-manager.users = mapAllUsers (_: {config, ...}: {
home.file.".cache/nix-index".source =
config.lib.file.mkOutOfStoreSymlink "/var/db/nix-index/";
});
};
}

8
modules/nix.nix
View File

@ -1,6 +1,8 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
config = {
nix = {
useSandbox = true;
@ -10,7 +12,7 @@
linkInputs = true;
autoOptimiseStore = true;
trustedUsers = [ "root" ] ++ config.elss.users.admins;
trustedUsers = ["root"] ++ config.elss.users.admins;
# Enable flakes
# Free up to 50 GiB whenever there is less than 10 GiB left.

8
modules/obs-studio.nix
View File

@ -1,6 +1,10 @@
{ config, pkgs, lib, ...}:
with lib;
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.programs.obsstudio.enable = mkEnableOption "install obs-studio";
config = mkIf config.elss.programs.obsstudio.enable {
environment.systemPackages = with pkgs; [

24
modules/openvpn/default.nix
View File

@ -1,14 +1,18 @@
{ config, lib, pkgs, ...}:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.openvpn.enable = mkEnableOption "Setup TUD openvpn";
config =
let
cfg = config.elss.openvpn;
in
mkIf cfg.enable {
services.openvpn.servers.TUD = {
config = "config config/TUD.ovpn";
autoStart = false;
};
config = let
cfg = config.elss.openvpn;
in
mkIf cfg.enable {
services.openvpn.servers.TUD = {
config = "config config/TUD.ovpn";
autoStart = false;
};
};
}

27
modules/python.nix
View File

@ -1,16 +1,21 @@
{ config, lib, pkgs, ... }:
with pkgs; with lib;
let
my-python-packages = python-packages: with python-packages; [
pandas
requests
# other python packages you want
];
python-with-my-packages = python3.withPackages my-python-packages;
in
{
config,
lib,
pkgs,
...
}:
with pkgs;
with lib; let
my-python-packages = python-packages:
with python-packages; [
pandas
requests
# other python packages you want
];
python-with-my-packages = python3.withPackages my-python-packages;
in {
options.elss.programs.python.enable = mkEnableOption "install python 3";
config = mkIf config.elss.programs.python.enable {
environment.systemPackages = [ python-with-my-packages ];
environment.systemPackages = [python-with-my-packages];
};
}

15
modules/secrets.nix
View File

@ -1,16 +1,19 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.sops.enable = mkEnableOption "Use sops config";
config =
let
cfg = config.elss.sops;
in
config = let
cfg = config.elss.sops;
in
mkIf cfg.enable {
sops = {
defaultSopsFile = ../secrets/secrets.yaml;
secrets.example_key.format = "yaml";
};
};
}

20
modules/server/acme.nix
View File

@ -1,15 +1,17 @@
{ config, lib, pkgs, ... }:
with lib;{
config =
let
cfg = config.elss.server;
staging = config.elss.server.acme.staging;
in
{
config,
lib,
pkgs,
...
}:
with lib; {
config = let
cfg = config.elss.server;
staging = config.elss.server.acme.staging;
in
mkIf cfg.enable {
security.acme = {
defaults = {
server = mkIf staging "https://acme-staging-v02.api.letsencrypt.org/directory";
email = "stefan.ellmauthaler@gmail.com"; # Do not use ellmauthaler.net as the mail server will be covered by acme
};

15
modules/server/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.server = {
acme.staging = mkEnableOption "Whether to use the staging or the default server for acme";
@ -8,7 +13,6 @@ with lib; {
nextcloud.enable = mkEnableOption "Set up nextcloud";
smailserver.enable = mkEnableOption "Set up simple mail server";
unbound.enable = mkEnableOption "Set unbound dns up";
};
imports = [
@ -20,10 +24,9 @@ with lib; {
./unbound.nix
];
config =
let
cfg = config.elss.server;
in
config = let
cfg = config.elss.server;
in
mkIf cfg.enable {
elss.server = {
nginx.enable = mkDefault true;

20
modules/server/nextcloud.nix
View File

@ -1,9 +1,13 @@
{ config, pkgs, lib, ... }:
with lib;{
config =
let
cfg = config.elss.server.nextcloud;
in
{
config,
pkgs,
lib,
...
}:
with lib; {
config = let
cfg = config.elss.server.nextcloud;
in
mkIf cfg.enable {
elss.server.sql.enable = mkDefault true;
services.nextcloud = {
@ -27,8 +31,8 @@ with lib;{
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postrgresql.service" ];
requires = ["postgresql.service"];
after = ["postrgresql.service"];
};
sops.secrets = {
storemin = {

18
modules/server/nginx.nix
View File

@ -1,12 +1,16 @@
{ config, lib, pkgs, ... }:
with lib;{
config =
let
cfg = config.elss.server.nginx;
in
{
config,
lib,
pkgs,
...
}:
with lib; {
config = let
cfg = config.elss.server.nginx;
in
mkIf cfg.enable {
services.nginx.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [80 443];
services.nginx.virtualHosts."localhost" = {
addSSL = false;
enableACME = false;

20
modules/server/smailserver.nix
View File

@ -1,19 +1,23 @@
{ config, pkgs, lib, ... }:
with lib;{
config =
let
cfg = config.elss.server.smailserver;
in
{
config,
pkgs,
lib,
...
}:
with lib; {
config = let
cfg = config.elss.server.smailserver;
in
mkIf cfg.enable {
mailserver = {
enable = true;
fqdn = "mail.ellmauthaler.net";
sendingFqdn = "ellmauthaler.net";
domains = [ "ellmauthaler.net" ];
domains = ["ellmauthaler.net"];
loginAccounts = {
"ellmau@ellmauthaler.net" = {
aliases = [ "stefan@ellmauthaler.net" "postmaster@ellmauthaler.net" "abuse@ellmauthaler.net" ];
aliases = ["stefan@ellmauthaler.net" "postmaster@ellmauthaler.net" "abuse@ellmauthaler.net"];
hashedPasswordFile = config.sops.secrets.ellmauMail.path;
};
};

28
modules/server/sql.nix
View File

@ -1,18 +1,24 @@
{ config, pkgs, lib, ... }:
with lib;{
config =
let
cfg = config.elss.server.sql;
in
{
config,
pkgs,
lib,
...
}:
with lib; {
config = let
cfg = config.elss.server.sql;
in
mkIf cfg.enable {
services.postgresql = {
enable = true;
package = pkgs.postgresql_14;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}];
ensureDatabases = ["nextcloud"];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};
};
}

23
modules/server/unbound.nix
View File

@ -1,16 +1,20 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
config =
let
cfg = config.elss.server.unbound;
in
config = let
cfg = config.elss.server.unbound;
in
mkIf cfg.enable {
services = {
resolved = {
enable = true;
dnssec = "true";
llmnr = "true";
fallbackDns = [ "127.0.0.1" "::1" ];
fallbackDns = ["127.0.0.1" "::1"];
extraConfig = ''
DNS = 127.0.0.1 ::1
Domains = ~.
@ -18,13 +22,12 @@ with lib; {
};
unbound = {
enable = true;
settings.server.interface = [ "127.0.0.0" "::1" ];
settings.server.access-control = [ "192.168.244.0/24 allow" "fdaa:3313:9dfa:dfa3::/64 allow" ];
settings.server.interface = ["127.0.0.0" "::1"];
settings.server.access-control = ["192.168.244.0/24 allow" "fdaa:3313:9dfa:dfa3::/64 allow"];
};
};
networking = {
nameservers = [ "127.0.0.1" "::1"];
nameservers = ["127.0.0.1" "::1"];
resolvconf.useLocalResolver = true;
};
};

26
modules/ssh.nix
View File

@ -1,16 +1,20 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.sshd.enable = mkEnableOption "Set up sshd";
config =
let
cfg = config.elss.sshd;
in
mkIf cfg.enable {
services.openssh = {
enable = true;
passwordAuthentication = false;
permitRootLogin = "no";
};
config = let
cfg = config.elss.sshd;
in
mkIf cfg.enable {
services.openssh = {
enable = true;
passwordAuthentication = false;
permitRootLogin = "no";
};
};
}

17
modules/steam-run.nix
View File

@ -1,15 +1,18 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.steam-run.enable = mkEnableOption "configure steam-run to support unpatched binaries";
config =
let
cfg = config.elss.steam-run;
in
config = let
cfg = config.elss.steam-run;
in
mkIf cfg.enable {
environment.systemPackages = [
(pkgs.unstable.steam.override { withJava = true; }).run
(pkgs.unstable.steam.override {withJava = true;}).run
];
};
}

14
modules/sway.nix
View File

@ -1,10 +1,14 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.graphical.sway.enable = mkEnableOption "Use sway";
config =
let
cfg = config.elss.graphical.sway;
in
config = let
cfg = config.elss.graphical.sway;
in
mkIf cfg.enable {
services.pipewire = {
enable = true;

24
modules/texlive.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib; {
options.elss.texlive = {
enable = mkEnableOption "configure texlife on the system";
@ -12,13 +17,12 @@ with lib; {
};
};
config =
let
cfg = config.elss.texlive;
in
mkIf cfg.enable {
environment.systemPackages = [
cfg.package
];
};
config = let
cfg = config.elss.texlive;
in
mkIf cfg.enable {
environment.systemPackages = [
cfg.package
];
};
}

267
modules/users.nix
View File

@ -1,5 +1,10 @@
{ config, pkgs, lib, homeConfigurations, ... }:
{
config,
pkgs,
lib,
homeConfigurations,
...
}:
with lib; {
options.elss.users = {
enable = mkEnableOption "elss specific user configuration";
@ -15,14 +20,16 @@ with lib; {
type = types.listOf types.str;
};
meta = mkOption {
type = types.attrsOf
type =
types.attrsOf
(types.submodule {
options = {
description = mkOption {
type = types.str;
description = "full name of the user";
};
hashedPassword = mkOption
hashedPassword =
mkOption
{
type = types.str;
default = null;
@ -38,146 +45,142 @@ with lib; {
};
git = mkOption {
type = types.submodule {
options = {
key = mkOption {
type = types.str;
example = "0xBEEE1234";
default = "C804A9C1B7AF8256";
description = "Signkey for git commits";
};
gpgsm = mkOption {
type = types.bool;
default = false;
description = "Whether to use gpgsm for commit signatures";
};
signDefault = mkOption {
type = types.bool;
default = false;
description = "Whether to force signing commits or not";
};
options = {
key = mkOption {
type = types.str;
example = "0xBEEE1234";
default = "C804A9C1B7AF8256";
description = "Signkey for git commits";
};
gpgsm = mkOption {
type = types.bool;
default = false;
description = "Whether to use gpgsm for commit signatures";
};
signDefault = mkOption {
type = types.bool;
default = false;
description = "Whether to force signing commits or not";
};
};
};
};
};
});
};
};
config =
let
cfg = config.elss.users;
inherit (elss.withConfig config) mapAdmins mapUsers mapAllUsersAndRoot mapAllUsers;
config = let
cfg = config.elss.users;
inherit (elss.withConfig config) mapAdmins mapUsers mapAllUsersAndRoot mapAllUsers;
getMeta = login:
builtins.getAttr login cfg.meta;
mkAdmin = login:
mkMerge [
(mkUser login)
{
extraGroups = [ "wheel" ];
inherit (getMeta login) hashedPassword;
}
];
mkUser = login:
let meta = getMeta login;
in
getMeta = login:
builtins.getAttr login cfg.meta;
mkAdmin = login:
mkMerge [
(mkUser login)
{
inherit (meta) description;
isNormalUser = true;
home = "/home/${login}";
extraGroups = [ ];
openssh.authorizedKeys.keys = meta.publicKeys;
};
extraGroups = ["wheel"];
inherit (getMeta login) hashedPassword;
}
];
mkUser = login: let
meta = getMeta login;
in {
inherit (meta) description;
isNormalUser = true;
home = "/home/${login}";
extraGroups = [];
openssh.authorizedKeys.keys = meta.publicKeys;
};
mkGitUser = login:
let meta = getMeta login;
in
{
programs.git = {
userEmail = meta.mailAddress;
userName = meta.description;
extraConfig = {
gpg = lib.mkIf meta.git.gpgsm {
format = "x509";
program = "${pkgs.gnupg}/bin/gpgsm";
};
user = {
signingKey = meta.git.key;
};
commit = {
gpgsign = meta.git.signDefault;
};
};
mkGitUser = login: let
meta = getMeta login;
in {
programs.git = {
userEmail = meta.mailAddress;
userName = meta.description;
extraConfig = {
gpg = lib.mkIf meta.git.gpgsm {
format = "x509";
program = "${pkgs.gnupg}/bin/gpgsm";
};
user = {
signingKey = meta.git.key;
};
commit = {
gpgsign = meta.git.signDefault;
};
};
mkX11User = login:
let meta = getMeta login;
in
mkIf (cfg.x11.enable)
{
xsession = {
numlock.enable = true;
profileExtra = ''
if [ $(hostname) = 'stel-xps' ]; then
brightnessctl s 50%
fi
'';
};
home.file.".background-image".source = ../common/wallpaper/nix-wallpaper-nineish-dark-gray.png;
services = {
blueman-applet.enable = true;
network-manager-applet.enable = true;
dunst.enable = true;
};
};
in
mkIf (cfg.enable)
{
assertions =
let
cfg = config.elss.users;
in
[
{
assertion = mutuallyExclusive cfg.users cfg.admins;
message = "elss.users.users and elss.users.admins are mutually exclusive";
}
{
assertion = all (hash: hash != "")
(catAttrs "hashedPassword" (attrVals cfg.admins cfg.meta));
message = "No admin without password";
}
{
assertion = length (cfg.admins) > 0;
message = "One admin needed at least";
}
];
users = {
mutableUsers = false;
users =
mkMerge [
(mapAdmins mkAdmin)
(mapUsers mkUser)
];
};
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users =
mkMerge [
(mapAllUsers mkX11User)
(mapAllUsers mkGitUser)
(mapAllUsersAndRoot (login:
mkMerge [
{ config.home.stateVersion = mkDefault "21.11"; }
(if homeConfigurations ? "${login}" then homeConfigurations."${login}" else { })
]))
];
};
};
};
mkX11User = login: let
meta = getMeta login;
in
mkIf (cfg.x11.enable)
{
xsession = {
numlock.enable = true;
profileExtra = ''
if [ $(hostname) = 'stel-xps' ]; then
brightnessctl s 50%
fi
'';
};
home.file.".background-image".source = ../common/wallpaper/nix-wallpaper-nineish-dark-gray.png;
services = {
blueman-applet.enable = true;
network-manager-applet.enable = true;
dunst.enable = true;
};
};
in
mkIf (cfg.enable)
{
assertions = let
cfg = config.elss.users;
in [
{
assertion = mutuallyExclusive cfg.users cfg.admins;
message = "elss.users.users and elss.users.admins are mutually exclusive";
}
{
assertion =
all (hash: hash != "")
(catAttrs "hashedPassword" (attrVals cfg.admins cfg.meta));
message = "No admin without password";
}
{
assertion = length (cfg.admins) > 0;
message = "One admin needed at least";
}
];
users = {
mutableUsers = false;
users = mkMerge [
(mapAdmins mkAdmin)
(mapUsers mkUser)
];
};
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users = mkMerge [
(mapAllUsers mkX11User)
(mapAllUsers mkGitUser)
(mapAllUsersAndRoot (login:
mkMerge [
{config.home.stateVersion = mkDefault "21.11";}
(
if homeConfigurations ? "${login}"
then homeConfigurations."${login}"
else {}
)
]))
];
};
};
}

233
modules/wireguard.nix
View File

@ -1,11 +1,14 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
options.elss.wireguard = with lib; {
enable = mkEnableOption "wireguard overlay network";
interfaces = mkOption {
default = { };
default = {};
type = types.attrsOf (types.submodule {
options = {
servers = mkOption {
@ -18,7 +21,7 @@
extraIps = mkOption {
type = types.listOf types.str;
default = [ ];
default = [];
description = "extra IPs to add to allowedIPs";
};
@ -63,7 +66,7 @@
additionalAllowedIps = mkOption {
type = types.listOf types.str;
description = "Additional IPs to add to allowedIPs ";
default = [ ];
default = [];
};
};
});
@ -78,14 +81,12 @@
ipv6 = {
ula = mkOption {
type = types.listOf types.str;
description =
"IPv6 prefixes to use for ULA wireguard addressing";
description = "IPv6 prefixes to use for ULA wireguard addressing";
};
gua = mkOption {
type = types.listOf types.str;
description =
"IPv6 prefixes to use for GUA wireguard addressing";
description = "IPv6 prefixes to use for GUA wireguard addressing";
};
};
@ -99,119 +100,130 @@
};
};
config =
let
cfg = config.elss;
hostName = config.system.name;
secretsFile = ../machines
+ builtins.toPath "/${hostName}/secrets/wireguard.yaml";
takeNonEmpty = lib.filter (interface: interface != "");
testInterface = predicate:
lib.mapAttrsToList
(interface: value: if (predicate interface value) then interface else "")
cfg.wireguard.interfaces;
onlyInterfaces = predicate: takeNonEmpty (testInterface predicate);
peerInterfaces =
onlyInterfaces (interface: value: builtins.hasAttr hostName value.peers);
serverInterfaces = onlyInterfaces
(interface: value: builtins.hasAttr hostName value.servers);
interfaces = serverInterfaces ++ peerInterfaces;
config = let
cfg = config.elss;
hostName = config.system.name;
secretsFile =
../machines
+ builtins.toPath "/${hostName}/secrets/wireguard.yaml";
takeNonEmpty = lib.filter (interface: interface != "");
testInterface = predicate:
lib.mapAttrsToList
(interface: value:
if (predicate interface value)
then interface
else "")
cfg.wireguard.interfaces;
onlyInterfaces = predicate: takeNonEmpty (testInterface predicate);
peerInterfaces =
onlyInterfaces (interface: value: builtins.hasAttr hostName value.peers);
serverInterfaces =
onlyInterfaces
(interface: value: builtins.hasAttr hostName value.servers);
interfaces = serverInterfaces ++ peerInterfaces;
mkAddresses = prefixes: localIp:
(map (prefix: "${prefix}.${localIp}/32") prefixes.ipv4)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.gua);
mkAddresses = prefixes: localIp:
(map (prefix: "${prefix}.${localIp}/32") prefixes.ipv4)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${localIp}/128") prefixes.ipv6.gua);
mkServerAddresses = prefixes: serverIp:
(map (prefix: "${prefix}.${serverIp}") prefixes.ipv4)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.gua);
mkServerAddresses = prefixes: serverIp:
(map (prefix: "${prefix}.${serverIp}") prefixes.ipv4)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.ula)
++ (map (prefix: "${prefix}::${serverIp}") prefixes.ipv6.gua);
mkInterfaceName = interface: "wg-${interface}";
mkInterfaceName = interface: "wg-${interface}";
mkServerPeer = prefixes: peer: {
allowedIPs = mkAddresses prefixes peer.localIp;
inherit (peer) publicKey;
};
mkServerPeer = prefixes: peer: {
allowedIPs = mkAddresses prefixes peer.localIp;
inherit (peer) publicKey;
};
mkPeerPeer = prefixes: peers: peer: {
allowedIPs = (mkAddresses prefixes peer.localIp)
++ (lib.concatMap (mkAddresses prefixes) peer.extraIps) ++ (if lib.hasAttr hostName peers then peers.${hostName}.additionalAllowedIps else [ ]);
persistentKeepalive = 25;
inherit (peer) publicKey endpoint;
};
mkPeerPeer = prefixes: peers: peer: {
allowedIPs =
(mkAddresses prefixes peer.localIp)
++ (lib.concatMap (mkAddresses prefixes) peer.extraIps)
++ (
if lib.hasAttr hostName peers
then peers.${hostName}.additionalAllowedIps
else []
);
persistentKeepalive = 25;
inherit (peer) publicKey endpoint;
};
mkPostSetup = name: prefixes: servers:
let
ifName = mkInterfaceName name;
serverIps = name: server: mkServerAddresses prefixes server.localIp;
dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers);
in
lib.concatStrings ([
mkPostSetup = name: prefixes: servers: let
ifName = mkInterfaceName name;
serverIps = name: server: mkServerAddresses prefixes server.localIp;
dnsServers = lib.concatLists (lib.mapAttrsToList serverIps servers);
in
lib.concatStrings ([
''
${pkgs.systemd}/bin/resolvectl domain ${ifName} ${name}.${config.elss.dns.wgZone}
${pkgs.systemd}/bin/resolvectl default-route ${ifName} true
''
] ++ (map
]
++ (map
(ip: ''
${pkgs.systemd}/bin/resolvectl dns ${ifName} ${ip}
'')
dnsServers));
mkInterfaceConfig = hostName: interface: value:
let
isServer = builtins.hasAttr hostName value.servers;
isPeer = builtins.hasAttr hostName value.peers;
myConfig =
if isServer then
value.servers."${hostName}"
else
value.peers."${hostName}";
in
assert lib.asserts.assertMsg
((isServer || isPeer) && !(isServer && isPeer))
"host must be either server or peer";
lib.nameValuePair (mkInterfaceName interface) ({
privateKeyFile = config.sops.secrets."wireguard-${interface}".path;
ips = mkAddresses value.prefixes myConfig.localIp;
inherit (myConfig) listenPort;
} // (if isServer then {
peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers;
} else if isPeer then {
peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers;
postSetup = mkPostSetup interface value.prefixes value.servers;
} else
{ }));
mkInterfaceSecret = interface: {
"wireguard-${interface}" = { sopsFile = secretsFile; };
};
mkListenPorts = hostName: interface: value:
if builtins.hasAttr hostName value.servers then
value.servers."${hostName}".listenPort
else if builtins.hasAttr hostName value.peers then
value.peers."${hostName}".listenPort
else
-1;
mkSysctl = hostName: interface: [
{
name = "net.ipv4.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.all.forwarding";
value = "1";
}
];
mkInterfaceConfig = hostName: interface: value: let
isServer = builtins.hasAttr hostName value.servers;
isPeer = builtins.hasAttr hostName value.peers;
myConfig =
if isServer
then value.servers."${hostName}"
else value.peers."${hostName}";
in
assert lib.asserts.assertMsg
((isServer || isPeer) && !(isServer && isPeer))
"host must be either server or peer";
lib.nameValuePair (mkInterfaceName interface) ({
privateKeyFile = config.sops.secrets."wireguard-${interface}".path;
ips = mkAddresses value.prefixes myConfig.localIp;
inherit (myConfig) listenPort;
}
// (
if isServer
then {
peers = lib.mapAttrsToList (_: mkServerPeer value.prefixes) value.peers;
}
else if isPeer
then {
peers = lib.mapAttrsToList (_: mkPeerPeer value.prefixes value.peers) value.servers;
postSetup = mkPostSetup interface value.prefixes value.servers;
}
else {}
));
mkInterfaceSecret = interface: {
"wireguard-${interface}" = {sopsFile = secretsFile;};
};
mkListenPorts = hostName: interface: value:
if builtins.hasAttr hostName value.servers
then value.servers."${hostName}".listenPort
else if builtins.hasAttr hostName value.peers
then value.peers."${hostName}".listenPort
else -1;
mkSysctl = hostName: interface: [
{
name = "net.ipv4.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.${mkInterfaceName interface}.forwarding";
value = "1";
}
{
name = "net.ipv6.conf.all.forwarding";
value = "1";
}
];
in
lib.mkIf cfg.wireguard.enable {
networking = {
wireguard.interfaces =
@ -221,15 +233,15 @@
# (lib.mapAttrsToList (mkListenPorts hostName) cfg.wireguard.interfaces);
allowedUDPPorts = lib.filter (port: port > 0) (map
(interface:
lib.attrByPath [ interface "servers" hostName "listenPort" ] (-1)
cfg.wireguard.interfaces)
lib.attrByPath [interface "servers" hostName "listenPort"] (-1)
cfg.wireguard.interfaces)
serverInterfaces);
trustedInterfaces = map mkInterfaceName interfaces;
};
interfaces = lib.listToAttrs (map
(interface: {
name = mkInterfaceName interface;
value = { mtu = 1300; };
value = {mtu = 1300;};
})
interfaces);
};
@ -239,11 +251,10 @@
systemd.services = lib.listToAttrs (map
(interface: {
name = "wireguard-${mkInterfaceName interface}";
value = { serviceConfig.Restart = "on-failure"; };
value = {serviceConfig.Restart = "on-failure";};
})
interfaces);
boot.kernel.sysctl =
builtins.listToAttrs (lib.concatMap (mkSysctl hostName) serverInterfaces);

28
modules/zsh.nix
View File

@ -1,15 +1,19 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib; {
options.elss.zsh.enable = mkEnableOption "Setup systemwide zsh";
config =
let
inherit (elss.withConfig config) mapAllUsers;
cfg = config.elss.zsh;
in
config = let
inherit (elss.withConfig config) mapAllUsers;
cfg = config.elss.zsh;
in
mkIf cfg.enable {
environment = {
shells = [ pkgs.zsh ];
pathsToLink = [ "/share/zsh/" ];
shells = [pkgs.zsh];
pathsToLink = ["/share/zsh/"];
sessionVariables = rec {
XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config";
@ -29,10 +33,10 @@ with lib; {
autosuggestions.enable = true;
syntaxHighlighting = {
enable = true;
highlighters = [ "main" "brackets" "root" "line" ];
highlighters = ["main" "brackets" "root" "line"];
#styles = { cursor = "standout,underline"; };
};
setOptions = [ "auto_pushd" "correct" "nocaseglob" "rcexpandparam" "numericglobsort" "nobeep" "appendhistory" ];
setOptions = ["auto_pushd" "correct" "nocaseglob" "rcexpandparam" "numericglobsort" "nobeep" "appendhistory"];
shellInit = ''
if [[ $TERM == "dumb" ]]; then
@ -58,8 +62,8 @@ with lib; {
};
};
users.users = mapAllUsers (_: { shell = pkgs.zsh; }
users.users = mapAllUsers (
_: {shell = pkgs.zsh;}
);
};
}

29
secrets/shell.nix
View File

@ -1,20 +1,19 @@
{ pkgs ? import <nixpkgs> { }
, sops-nix ? pkgs.callPackage <sops-nix> { }
, ...
}:
let
{
pkgs ? import <nixpkgs> {},
sops-nix ? pkgs.callPackage <sops-nix> {},
...
}: let
sops-rekey = pkgs.writeShellScriptBin "sops-rekey" ''
${pkgs.findutils}/bin/find . -wholename '*/secrets/*.yaml' -exec ${pkgs.sops}/bin/sops updatekeys {} \;
'';
in
pkgs.mkShell {
sopsPGPKeyDirs = [ ./keys/users ./keys/hosts ];
pkgs.mkShell {
sopsPGPKeyDirs = [./keys/users ./keys/hosts];
nativeBuildInputs = [
sops-nix.sops-import-keys-hook
sops-nix.ssh-to-pgp
sops-rekey
pkgs.wireguard-tools
];
}
nativeBuildInputs = [
sops-nix.sops-import-keys-hook
sops-nix.ssh-to-pgp
sops-rekey
pkgs.wireguard-tools
];
}

32
templates/basic_tools/flake.nix
View File

@ -8,24 +8,30 @@
flake-utils-plus.url = "github:gytis-ivaskevicius/flake-utils-plus";
};
outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, flake-utils-plus, ... }@inputs:
{ } // (flake-utils.lib.eachDefaultSystem (system:
let
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
flake-utils,
flake-utils-plus,
...
} @ inputs:
{}
// (flake-utils.lib.eachDefaultSystem (
system: let
unstable = import nixpkgs-unstable {
inherit system;
};
pkgs = import nixpkgs {
inherit system;
};
in
rec {
devShell =
pkgs.mkShell {
buildInputs = [
# add packages here, like
# pkgs.clingo
];
};
}
in rec {
devShell = pkgs.mkShell {
buildInputs = [
# add packages here, like
# pkgs.clingo
];
};
}
));
}

23
templates/jupyter/flake.nix
View File

@ -2,36 +2,41 @@
description = "JupyterLab Flake";
inputs = {
jupyterWith.url = "github:tweag/jupyterWith";
flake-utils.url = "github:numtide/flake-utils";
jupyterWith.url = "github:tweag/jupyterWith";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, jupyterWith, flake-utils }:
flake-utils.lib.eachSystem [ "x86_64-linux" "x86_64-darwin" ] (system:
let
outputs = {
self,
nixpkgs,
jupyterWith,
flake-utils,
}:
flake-utils.lib.eachSystem ["x86_64-linux" "x86_64-darwin"] (
system: let
pkgs = import nixpkgs {
system = system;
overlays = nixpkgs.lib.attrValues jupyterWith.overlays;
};
prince = pkgs.python3Packages.buildPythonPackage rec {
name = "prince";
src = pkgs.fetchFromGitHub{
src = pkgs.fetchFromGitHub {
owner = "MaxHalford";
repo = "prince";
rev = "bd5b29fafe853579c9d41e954caa4504d585665d";
sha256 = "X7gpHvy2cfIKMrfSGLZxmJsytLbe/VZd27VsYIyEoTI=";
};
propagatedBuildInputs = with pkgs.python3Packages; [ matplotlib pandas numpy scipy scikit-learn ];
propagatedBuildInputs = with pkgs.python3Packages; [matplotlib pandas numpy scipy scikit-learn];
dontCheck = true;
dontUseSetuptoolsCheck = true;
};
iPython = pkgs.kernels.iPythonWith {
name = "Python-env";
packages = p: with p; [ sympy numpy pandas prince ];
packages = p: with p; [sympy numpy pandas prince];
ignoreCollisions = true;
};
jupyterEnvironment = pkgs.jupyterlabWith {
kernels = [ iPython ];
kernels = [iPython];
};
in rec {
apps.jupterlab = {

56
templates/rust/flake.nix
View File

@ -18,36 +18,42 @@
};
};
outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, gitignoresrc, rust-overlay, ... }@inputs:
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
flake-utils,
gitignoresrc,
rust-overlay,
...
} @ inputs:
{
#overlay = import ./nix { inherit gitignoresrc; };
} // (flake-utils.lib.eachDefaultSystem (system:
let
unstable = import nixpkgs-unstable { inherit system; };
}
// (flake-utils.lib.eachDefaultSystem (
system: let
unstable = import nixpkgs-unstable {inherit system;};
pkgs = import nixpkgs {
inherit system;
overlays = [ (import rust-overlay)];
overlays = [(import rust-overlay)];
};
in rec {
devShell = pkgs.mkShell {
RUST_LOG = "debug";
RUST_BACKTRACE = 1;
buildInputs = [
pkgs.rust-bin.stable.latest.rustfmt
pkgs.rust-bin.stable.latest.default
pkgs.rust-analyzer
pkgs.cargo-audit
pkgs.cargo-license
pkgs.cargo-tarpaulin
pkgs.cargo-kcov
pkgs.valgrind
pkgs.gnuplot
pkgs.kcov
];
};
in
rec {
devShell =
pkgs.mkShell {
RUST_LOG = "debug";
RUST_BACKTRACE = 1;
buildInputs = [
pkgs.rust-bin.stable.latest.rustfmt
pkgs.rust-bin.stable.latest.default
pkgs.rust-analyzer
pkgs.cargo-audit
pkgs.cargo-license
pkgs.cargo-tarpaulin
pkgs.cargo-kcov
pkgs.valgrind
pkgs.gnuplot
pkgs.kcov
];
};
}
));
}

6
users/ellmau/alacritty.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
programs.alacritty = {
enable = true;
settings = {

16
users/ellmau/autorandr.nix
View File

@ -1,11 +1,15 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.i3;
in
config = let
cfg = nixosConfig.elss.graphical.i3;
in
mkIf cfg.enable {
programs.autorandr = {
enable = true;
profiles = {

6
users/ellmau/default.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
imports = [
./alacritty.nix
./autorandr.nix

15
users/ellmau/dunst.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.i3;
in
config = let
cfg = nixosConfig.elss.graphical.i3;
in
mkIf cfg.enable {
services.dunst = {
iconTheme = {

16
users/ellmau/git.nix
View File

@ -1,14 +1,18 @@
{ config, pkgs, lib, ...}:
{
programs= {
config,
pkgs,
lib,
...
}: {
programs = {
git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
extraConfig = {
core = { editor = "emacsclient"; };
init = { defaultBranch = "main";};
branch = { autosetuprebase = "always";};
safe.directory = [ "/etc/nixos" ];
core = {editor = "emacsclient";};
init = {defaultBranch = "main";};
branch = {autosetuprebase = "always";};
safe.directory = ["/etc/nixos"];
};
lfs.enable = true;
};

8
users/ellmau/gpg.nix
View File

@ -1,5 +1,9 @@
{ config, pkgs, lib, ...}:
{
config,
pkgs,
lib,
...
}: {
home.file = {
".gnupg/gpgsm.conf".text = ''
keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE
@ -10,7 +14,5 @@
".gnupg/chain.txt".source = ./conf/gpgsm/chain.txt;
};
programs.gpg.enable = true;
}

15
users/ellmau/i3.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical;
in
config = let
cfg = nixosConfig.elss.graphical;
in
mkIf cfg.enable {
xdg = {
configFile."i3" = {

15
users/ellmau/kanshi.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.sway;
in
config = let
cfg = nixosConfig.elss.graphical.sway;
in
mkIf cfg.enable {
services.kanshi = {
enable = true;

19
users/ellmau/mako.nix
View File

@ -1,20 +1,23 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.sway;
in
config = let
cfg = nixosConfig.elss.graphical.sway;
in
mkIf cfg.enable {
programs.mako = {
enable = true;
iconPath = "${pkgs.numix-icon-theme}";
font = "Hasklug Nerd Font 10";
defaultTimeout = 8000;
# ignoreTimeout = true;
};
home.packages = [ pkgs.numix-icon-theme ];
home.packages = [pkgs.numix-icon-theme];
};
}

15
users/ellmau/nextcloud.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical;
in
config = let
cfg = nixosConfig.elss.graphical;
in
mkIf cfg.enable {
services.nextcloud-client = {
enable = true;

673
users/ellmau/polybar.nix
View File

@ -1,353 +1,354 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.i3;
in
config = let
cfg = nixosConfig.elss.graphical.i3;
in
mkIf cfg.enable {
services.polybar = {
enable = true;
package = pkgs.polybarFull;
settings =
let
# solarized theme colours ~ https://en.wikipedia.org/wiki/Solarized
settings = let
# solarized theme colours ~ https://en.wikipedia.org/wiki/Solarized
#content tones
Base01 = "#586e75";
Base00 = "#657b83";
Base0 = "#839496";
Base1 = "#93a1a1";
# background tones
Base2 = "#eee8d5";
Base3 = "#fdf6e3";
# accent tones
Yellow = "#b58900";
Orange = "#cb4b16";
Red = "#dc322f";
Magenta = "#d33682";
Violet = "#6c71c4";
Blue = "#268bd2";
Cyan = "#2aa198";
Green = "#859900";
#content tones
Base01 = "#586e75";
Base00 = "#657b83";
Base0 = "#839496";
Base1 = "#93a1a1";
# background tones
Base2 = "#eee8d5";
Base3 = "#fdf6e3";
# accent tones
Yellow = "#b58900";
Orange = "#cb4b16";
Red = "#dc322f";
Magenta = "#d33682";
Violet = "#6c71c4";
Blue = "#268bd2";
Cyan = "#2aa198";
Green = "#859900";
foreground_col = Base3;
background_col = Base01;
foreground_col = Base3;
background_col = Base01;
# old bg/fg stuff
#foreground_col = "#eee8d5";
#background_col = "#6c71c4";
foreground_altcol = "#66deff";
primary_col = "#ffb52a";
secondary_col = "#e60053";
alert_col = "#dc322f";
# old bg/fg stuff
#foreground_col = "#eee8d5";
#background_col = "#6c71c4";
foreground_altcol = "#66deff";
primary_col = "#ffb52a";
secondary_col = "#e60053";
alert_col = "#dc322f";
dpi = ''
''${env:DPI:0}
'';
dpi = ''
''${env:DPI:0}
#polyheight = 60;
fonts = [
"Hasklig:style=Regular"
"all-the-icons:style=Regular"
"Webdings:style=Regular"
"Noto Emoji:scale=10"
"Unifont:style=Regular"
"Material Icons:size=12;0"
"Weather Icons:size=12;0"
"Hasklug Nerd Font,Hasklig Medium:style=Medium,Regular"
];
in {
"bar/main" = {
font = fonts;
modules = {
left = "i3 xwindow";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu dunst volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
padding = 0;
padding-right = 2;
radius = 14;
module-margin = 1;
line-size = 2;
#polyheight = 60;
dpi-x = dpi;
dpi-y = dpi;
fonts = [
"Hasklig:style=Regular"
"all-the-icons:style=Regular"
"Webdings:style=Regular"
"Noto Emoji:scale=10"
"Unifont:style=Regular"
"Material Icons:size=12;0"
"Weather Icons:size=12;0"
"Hasklug Nerd Font,Hasklig Medium:style=Medium,Regular"
];
in
{
"bar/main" = {
font = fonts;
modules = {
left = "i3 xwindow";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu dunst volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
padding = 0;
padding-right = 2;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
tray = {
position = "right";
padding = 2;
background = Base2;
};
};
"bar/aux" = {
font = fonts;
modules = {
left = "i3";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
};
"module/volume" = {
type = "internal/pulseaudio";
format.volume = "<ramp-volume> <label-volume>";
label.muted.text = "🔇";
label.muted.foreground = "#666";
ramp.volume = [ "🔈" "🔉" "🔊" ];
click.right = "${pkgs.pavucontrol}/bin/pavucontrol &";
# format-volume-underline = Base2;
# format-muted-underline = Base2;
};
"module/i3" = {
type = "internal/i3";
format = "<label-state> <label-mode>";
index-sort = "true";
wrapping-scroll = "false";
#; Only show workspaces on the same output as the bar
pin-workspaces = "true";
label-mode-padding = "2";
label-mode-foreground = "#000";
label-mode-background = primary_col;
#; focused = Active workspace on focused monitor
label-focused = "%name%";
#;label-focused-background = ${colors.background-alt}
#;label-focused-background = #9f78e1
label-focused-background = foreground_col;
label-focused-underline = foreground_col;
label-focused-foreground = background_col;
label-focused-padding = "2";
#; unfocused = Inactive workspace on any monitor
label-unfocused = "%name%";
label-unfocused-padding = "2";
label-unfocused-underline = foreground_col;
#; visible = Active workspace on unfocused monitor
label-visible = "%name%";
label-visible-background = Violet;
label-visible-underline = Yellow;
label-visible-padding = 2;
#; urgent = Workspace with urgency hint set
label-urgent = "%name%";
label-urgent-background = alert_col;
label-urgent-foreground = primary_col;
label-urgent-padding = "2";
#; Separator in between workspaces
#; label-separator = |
};
"module/xkeyboard" = {
type = "internal/xkeyboard";
blacklist-0 = "num lock";
interval = "5";
format-prefix = ''""'';
format-prefix-foreground = foreground_altcol;
format-prefix-underline = secondary_col;
label-layout = "%layout%";
label-layout-underline = secondary_col;
label-indicator-padding = "2";
label-indicator-margin = "1";
label-indicator-background = secondary_col;
label-indicator-underline = secondary_col;
};
"module/wlan" = {
type = "internal/network";
interface = "wlp0s20f3";
interval = "3.0";
format-connected = " <ramp-signal> <label-connected>";
format-connected-underline = "#9f78e1";
label-connected = "%essid%";
ramp-signal-0 = ''"0.0"'';
ramp-signal-1 = ''"0.5"'';
ramp-signal-2 = ''"1.0"'';
ramp-signal-3 = ''"1.0"'';
ramp-signal-4 = ''"1.0"'';
format-disconnected = "";
# ;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
ramp-signal-foreground = foreground_altcol;
};
"module/eth" = {
type = "internal/network";
interface = "eno1";
interval = "3.0";
format-connected-underline = "#55aa55";
format-connected = " <label-connected>";
format-connected-prefix-foreground = foreground_altcol;
label-connected = "%local_ip%";
format-disconnected = "";
format-disconnected-background = "#5479b7";
#;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
};
"module/date" = {
type = "internal/date";
interval = "5";
date = ''" %Y-%m-%d"'';
date-alt = ''" %Y-%m-%d"'';
time = "%H:%M";
time-alt = "%H:%M:%S";
#format-prefix = "";
#format-prefix-foreground = foreground_altcol;
format-underline = "#0a6cf5";
label = "%{A} %date% %time%";
};
"module/battery" = {
type = "internal/battery";
battery = "BAT0";
adapter = "ADP1";
full-at = "98";
format-charging-background = "#689d6a";
format-charging-prefix = ''" "'';
format-charging = "<label-charging>";
format-discharging-prefix = ''" "'';
format-discharging = "<label-discharging>";
format-discharging-background = "#689d6a";
format-full-prefix = ''" "'';
format-charging-underline = "#ffaa55";
format-full-prefix-foreground = foreground_altcol;
format-full-underline = "#ffaa55";
ormat-full-padding = "1";
format-charging-padding = "1";
format-discharging-padding = "1";
};
"module/temperature" = {
type = "internal/temperature";
thermal-zone = "0";
warn-temperature = "60";
format = "<ramp> <label>";
format-underline = "#f50a4d";
format-warn = "<ramp> <label-warn>";
format-warn-underline = "#f50a4d";
label = " %temperature-c%";
label-warn = "%temperature-c%";
label-warn-foreground = secondary_col;
ramp-0 = "l";
ramp-1 = "m";
ramp-2 = "h";
ramp-foreground = foreground_altcol;
};
"module/powermenu" = {
type = "custom/menu";
expand-right = "true";
format-spacing = "1";
label-open = ''""'';
label-open-foreground = secondary_col;
label-close = " cancel";
label-close-foreground = secondary_col;
label-separator = "|";
label-separator-foreground = foreground_altcol;
menu-0-0 = "reboot";
menu-0-0-exec = "menu-open-1";
menu-0-1 = "power off";
menu-0-1-exec = "menu-open-2";
menu-1-0 = "cancel";
menu-1-0-exec = "menu-open-0";
menu-1-1 = "reboot";
menu-1-1-exec = "sudo reboot";
menu-2-0 = "power off";
menu-2-0-exec = "sudo poweroff";
menu-2-1 = "cancel";
menu-2-1-exec = "menu-open-0";
};
"module/xbacklight" = {
type = "internal/xbacklight";
format = "<label> <bar>";
label = "BL";
bar-width = "10";
bar-indicator = "|";
bar-indicator-foreground = "#fff";
bar-indicator-font = "2";
bar-fill = "";
bar-fill-font = "2";
bar-fill-foreground = "#9f78e1";
bar-empty = "";
bar-empty-font = "2";
bar-empty-foreground = foreground_altcol;
};
"module/dunst" = {
type = "custom/script";
exec = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl is-paused | ${pkgs.gnugrep}/bin/grep -q true && echo || echo ";
interval = 10;
click-left = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl set-paused toggle";
};
"module/xwindow" = {
type = "internal/xwindow";
format = "<label>";
format-background = Cyan;
format-foreground = foreground_col;
format-padding = 2;
label-maxlen = 50;
label = "%title%";
tray = {
position = "right";
padding = 2;
background = Base2;
};
};
"bar/aux" = {
font = fonts;
modules = {
left = "i3";
center = "";
right = " xbacklight xkeyboard eth wlan battery date powermenu volume ";
};
background = background_col;
foreground = foreground_col;
monitor = ''
''${env:MONITOR:}
'';
width = "100%";
#height = polyheight;
radius = 14;
module-margin = 1;
line-size = 2;
dpi-x = dpi;
dpi-y = dpi;
};
"module/volume" = {
type = "internal/pulseaudio";
format.volume = "<ramp-volume> <label-volume>";
label.muted.text = "🔇";
label.muted.foreground = "#666";
ramp.volume = ["🔈" "🔉" "🔊"];
click.right = "${pkgs.pavucontrol}/bin/pavucontrol &";
# format-volume-underline = Base2;
# format-muted-underline = Base2;
};
"module/i3" = {
type = "internal/i3";
format = "<label-state> <label-mode>";
index-sort = "true";
wrapping-scroll = "false";
#; Only show workspaces on the same output as the bar
pin-workspaces = "true";
label-mode-padding = "2";
label-mode-foreground = "#000";
label-mode-background = primary_col;
#; focused = Active workspace on focused monitor
label-focused = "%name%";
#;label-focused-background = ${colors.background-alt}
#;label-focused-background = #9f78e1
label-focused-background = foreground_col;
label-focused-underline = foreground_col;
label-focused-foreground = background_col;
label-focused-padding = "2";
#; unfocused = Inactive workspace on any monitor
label-unfocused = "%name%";
label-unfocused-padding = "2";
label-unfocused-underline = foreground_col;
#; visible = Active workspace on unfocused monitor
label-visible = "%name%";
label-visible-background = Violet;
label-visible-underline = Yellow;
label-visible-padding = 2;
#; urgent = Workspace with urgency hint set
label-urgent = "%name%";
label-urgent-background = alert_col;
label-urgent-foreground = primary_col;
label-urgent-padding = "2";
#; Separator in between workspaces
#; label-separator = |
};
"module/xkeyboard" = {
type = "internal/xkeyboard";
blacklist-0 = "num lock";
interval = "5";
format-prefix = ''""'';
format-prefix-foreground = foreground_altcol;
format-prefix-underline = secondary_col;
label-layout = "%layout%";
label-layout-underline = secondary_col;
label-indicator-padding = "2";
label-indicator-margin = "1";
label-indicator-background = secondary_col;
label-indicator-underline = secondary_col;
};
"module/wlan" = {
type = "internal/network";
interface = "wlp0s20f3";
interval = "3.0";
format-connected = " <ramp-signal> <label-connected>";
format-connected-underline = "#9f78e1";
label-connected = "%essid%";
ramp-signal-0 = ''"0.0"'';
ramp-signal-1 = ''"0.5"'';
ramp-signal-2 = ''"1.0"'';
ramp-signal-3 = ''"1.0"'';
ramp-signal-4 = ''"1.0"'';
format-disconnected = "";
# ;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
ramp-signal-foreground = foreground_altcol;
};
"module/eth" = {
type = "internal/network";
interface = "eno1";
interval = "3.0";
format-connected-underline = "#55aa55";
format-connected = " <label-connected>";
format-connected-prefix-foreground = foreground_altcol;
label-connected = "%local_ip%";
format-disconnected = "";
format-disconnected-background = "#5479b7";
#;format-disconnected = <label-disconnected>
#;format-disconnected-underline = ${self.format-connected-underline}
#;label-disconnected = %ifname% disconnected
#;label-disconnected-foreground = ${colors.foreground-alt}
};
"module/date" = {
type = "internal/date";
interval = "5";
date = ''" %Y-%m-%d"'';
date-alt = ''" %Y-%m-%d"'';
time = "%H:%M";
time-alt = "%H:%M:%S";
#format-prefix = "";
#format-prefix-foreground = foreground_altcol;
format-underline = "#0a6cf5";
label = "%{A} %date% %time%";
};
"module/battery" = {
type = "internal/battery";
battery = "BAT0";
adapter = "ADP1";
full-at = "98";
format-charging-background = "#689d6a";
format-charging-prefix = ''" "'';
format-charging = "<label-charging>";
format-discharging-prefix = ''" "'';
format-discharging = "<label-discharging>";
format-discharging-background = "#689d6a";
format-full-prefix = ''" "'';
format-charging-underline = "#ffaa55";
format-full-prefix-foreground = foreground_altcol;
format-full-underline = "#ffaa55";
ormat-full-padding = "1";
format-charging-padding = "1";
format-discharging-padding = "1";
};
"module/temperature" = {
type = "internal/temperature";
thermal-zone = "0";
warn-temperature = "60";
format = "<ramp> <label>";
format-underline = "#f50a4d";
format-warn = "<ramp> <label-warn>";
format-warn-underline = "#f50a4d";
label = " %temperature-c%";
label-warn = "%temperature-c%";
label-warn-foreground = secondary_col;
ramp-0 = "l";
ramp-1 = "m";
ramp-2 = "h";
ramp-foreground = foreground_altcol;
};
"module/powermenu" = {
type = "custom/menu";
expand-right = "true";
format-spacing = "1";
label-open = ''""'';
label-open-foreground = secondary_col;
label-close = " cancel";
label-close-foreground = secondary_col;
label-separator = "|";
label-separator-foreground = foreground_altcol;
menu-0-0 = "reboot";
menu-0-0-exec = "menu-open-1";
menu-0-1 = "power off";
menu-0-1-exec = "menu-open-2";
menu-1-0 = "cancel";
menu-1-0-exec = "menu-open-0";
menu-1-1 = "reboot";
menu-1-1-exec = "sudo reboot";
menu-2-0 = "power off";
menu-2-0-exec = "sudo poweroff";
menu-2-1 = "cancel";
menu-2-1-exec = "menu-open-0";
};
"module/xbacklight" = {
type = "internal/xbacklight";
format = "<label> <bar>";
label = "BL";
bar-width = "10";
bar-indicator = "|";
bar-indicator-foreground = "#fff";
bar-indicator-font = "2";
bar-fill = "";
bar-fill-font = "2";
bar-fill-foreground = "#9f78e1";
bar-empty = "";
bar-empty-font = "2";
bar-empty-foreground = foreground_altcol;
};
"module/dunst" = {
type = "custom/script";
exec = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl is-paused | ${pkgs.gnugrep}/bin/grep -q true && echo || echo ";
interval = 10;
click-left = "PATH=${pkgs.dbus}/bin/:$PATH ${pkgs.dunst}/bin/dunstctl set-paused toggle";
};
"module/xwindow" = {
type = "internal/xwindow";
format = "<label>";
format-background = Cyan;
format-foreground = foreground_col;
format-padding = 2;
label-maxlen = 50;
label = "%title%";
};
};
script = ''
for m in $(polybar --list-monitors | ${pkgs.gnugrep}/bin/grep '(primary)' | ${pkgs.coreutils}/bin/cut -d":" -f1); do
MONITOR=$m polybar --reload main &

52
users/ellmau/sway.nix
View File

@ -1,22 +1,34 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.sway;
in
config = let
cfg = nixosConfig.elss.graphical.sway;
in
mkIf cfg.enable {
services = {
blueman-applet.enable = true;
swayidle = {
enable = true;
events = [
{ event = "before-sleep"; command = "swaylock -KfeFi ~/.background-image"; }
{ event = "lock"; command = "swaylock -KfeFi ~/.background-image"; }
{
event = "before-sleep";
command = "swaylock -KfeFi ~/.background-image";
}
{
event = "lock";
command = "swaylock -KfeFi ~/.background-image";
}
];
timeouts = [
{ timeout = 60; command = "swaylock -KfeFi ~/.background-image"; }
{
timeout = 60;
command = "swaylock -KfeFi ~/.background-image";
}
];
};
};
@ -40,11 +52,10 @@ with lib; {
modifier = "Mod4";
keybindings =
let
modifier = config.wayland.windowManager.sway.config.modifier;
bctl = "${pkgs.brightnessctl}/bin/brightnessctl";
in
keybindings = let
modifier = config.wayland.windowManager.sway.config.modifier;
bctl = "${pkgs.brightnessctl}/bin/brightnessctl";
in
lib.mkOptionDefault {
"${modifier}+Shift+q" = "kill";
"${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show drun";
@ -55,13 +66,10 @@ with lib; {
XF86AudioMute = "exec ${pkgs.pamixer}/bin/pamixer -t";
XF86AudioLowerVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ -10%";
XF86AudioRaiseVolume = "exec ${pkgs.pulseaudioFull}/bin/pactl set-sink-volume @DEFAULT_SINK@ +10%";
};
keycodebindings =
let
modifier = config.wayland.windowManager.sway.config.modifier;
in
{ };
keycodebindings = let
modifier = config.wayland.windowManager.sway.config.modifier;
in {};
startup = [
{
@ -89,7 +97,7 @@ with lib; {
titlebar = true;
};
bars = [ ];
bars = [];
};
extraConfig = ''
input "type:keyboard" {

25
users/ellmau/waybar.nix
View File

@ -1,9 +1,14 @@
{ config, pkgs, lib, nixosConfig, ... }:
{
config,
pkgs,
lib,
nixosConfig,
...
}:
with lib; {
config =
let
cfg = nixosConfig.elss.graphical.sway;
in
config = let
cfg = nixosConfig.elss.graphical.sway;
in
mkIf cfg.enable {
xdg.configFile."waybar/style.css" = {
source = conf/waybar/style.css;
@ -13,9 +18,9 @@ with lib; {
systemd.enable = true;
settings = {
mainBar = {
modules-left = [ "sway/workspaces" "sway/mode" ];
modules-center = [ "sway/window" ];
modules-right = [ "idle_inhibitor" "sway/language" "network#wifi" "network#base" "battery" "pulseaudio" "clock" "tray" ];
modules-left = ["sway/workspaces" "sway/mode"];
modules-center = ["sway/window"];
modules-right = ["idle_inhibitor" "sway/language" "network#wifi" "network#base" "battery" "pulseaudio" "clock" "tray"];
"idle_inhibitor" = {
format = "{icon}";
@ -35,7 +40,7 @@ with lib; {
format-charging = "{capacity}% ";
format-plugged = "{capacity}% ";
format-alt = "{time} {icon}";
format-icons = [ "" "" "" "" "" ];
format-icons = ["" "" "" "" ""];
};
"clock" = {
format-alt = "{:%a, %d. %b %H:%M}";
@ -82,10 +87,8 @@ with lib; {
on-click = "${pkgs.pamixer}/bin/pamixer -t";
on-click-right = "${pkgs.pavucontrol}/bin/pavucontrol &";
};
};
};
};
};
}

5
users/ellmau/zsh.nix
View File

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
programs = {
zsh = {
enable = true;
@ -49,7 +48,7 @@
bat = {
enable = true;
config = { theme = "ansi"; };
config = {theme = "ansi";};
};
exa = {