xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

meow
Some checks failed
ci/woodpecker/push/build-cache Pipeline failed
Details

Browse source
This commit is contained in:
Lucy Hochkamp 2025-11-24 09:33:42 +01:00
parent 83de52d5db
commit 664d4f20fa
No known key found for this signature in database
212 changed files with 986 additions and 13525 deletions
Download patch file Download diff file Expand all files Collapse all files

861
flake.lock generated
View file

File diff suppressed because it is too large Load diff

6
flake.nix
View file

@ -16,9 +16,7 @@
colmena.inputs.nixpkgs.follows = "nixpkgs";
old-conf.url = "./old-conf";
oldConf.url = "github:thexyno/nixos-config";
# software
rust-overlay = { # https://github.com/nix-community/lanzaboote/issues/485#issuecomment-3466684727
url = "github:oxalica/rust-overlay";
@ -155,7 +153,7 @@
};
}
(importConfigs [
"ds9"
"nemesis"
"picard"
"theseus"
])

59
instances/ds9/hardware-configuration.nix
View file

@ -1,59 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ "${modulesPath}/installer/scan/not-detected.nix" ];
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.initrd.availableKernelModules = [ "r8169" "ahci" "vfio-pci" "xhci_pci" "ehci_pci" "nvme" "usbhid" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-amd" ];
nix.settings.max-jobs = lib.mkDefault 12;
powerManagement.powertop.enable = true;
powerManagement.cpuFreqGovernor = "powersave";
powerManagement.scsiLinkPolicy = "min_power";
services.zfs.autoScrub.enable = true;
services.sanoid.datasets."rpool/content/safe/data/media" = { };
services.sanoid.enable = true;
services.sanoid.interval = "0/8:00:00";
swapDevices = [{ device = "/dev/disk/by-id/nvme-eui.000000000000000100a075202c247839-part1"; randomEncryption = true; }];
fileSystems."/boot".device = "/dev/disk/by-uuid/149F-23AA";
fileSystems."/" = {
device = "spool/safe/persist";
fsType = "zfs";
};
fileSystems."/nix" = {
device = "spool/local/nix";
fsType = "zfs";
};
fileSystems."/var/log" = {
device = "spool/local/journal";
fsType = "zfs";
};
fileSystems."/data" = {
device = "rpool/content/safe/data";
fsType = "zfs";
};
fileSystems."/data/media" = {
device = "rpool/content/safe/data/media";
fsType = "zfs";
};
fileSystems."/backups" = {
device = "rpool/content/local/backups";
fsType = "zfs";
};
}

12
instances/ds9/configuration.nix → instances/nemesis/configuration.nix
View file

@ -17,7 +17,7 @@
];
time.timeZone = "Europe/Berlin";
networking.hostId = "7b4c2337";
networking.hostId = "7b4c2932";
containers.ds9 = {
autoStart = true;
@ -33,7 +33,9 @@
];
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
config = inputs.old-conf.nixosConfigurations.ds9.config;
path = inputs.oldConf.nixosConfigurations.ds9.config.system.build.toplevel;
bindMounts = {
"/data" = {
hostPath = "/data";
@ -44,20 +46,20 @@
isReadOnly = false;
};
"/persistent" = {
hostPath = "/persistent";
hostPath = "/oldds9/persistent";
isReadOnly = false;
};
};
};
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-+" ];
networking.nat.externalInterface = "eth0"; # TODO: changeme
networking.nat.externalInterface = "enp1s0f1"; # TODO: changeme
xyno.services.traefik = {
enable = true;
simpleProxy.oldds9 = {
host = "*.hailsatan.eu";
internal = "https://192.168.100.11:443";
internal = "http://192.168.100.11";
};
};

2
instances/ds9/default.nix → instances/nemesis/default.nix
View file

@ -6,6 +6,6 @@
};
# xyno.services.wireguard.pubKey = "aZvSeAhKG3B5I2My5IqQoSlntMzbCHM6OU92WEScohc=";
deployment = {
targetHost = "ds9.xyno.systems";
targetHost = "nemesis.xyno.systems";
};
}

128
instances/nemesis/hardware-configuration.nix Normal file
View file

@ -0,0 +1,128 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ "${modulesPath}/installer/scan/not-detected.nix" ];
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.initrd.availableKernelModules = [
"r8169"
"ahci"
"vfio-pci"
"xhci_pci"
"ehci_pci"
"nvme"
"usbhid"
"sd_mod"
"sr_mod"
];
boot.kernelModules = [ "kvm-amd" ];
nix.settings.max-jobs = lib.mkDefault 12;
powerManagement.powertop.enable = true;
powerManagement.cpuFreqGovernor = "powersave";
powerManagement.scsiLinkPolicy = "min_power";
services.zfs.autoScrub.enable = true;
services.sanoid.datasets."rpool/content/safe/data/media" = { };
services.sanoid.datasets."rpool/content/safe/data" = { };
services.sanoid.datasets."spool/nemesis/persistent" = { };
services.sanoid.enable = true;
services.sanoid.interval = "0/8:00:00";
boot.initrd.systemd = {
enable = true;
};
boot.initrd.network = {
enable = true;
postCommands = ''
zpool import rpool
zpool import spool
echo "zfs load-key -a; killall zfs" >> /root/.profile
'';
ssh = {
enable = true;
port = 2222;
hostKeys = [
"/persistent/initrd/ssh_host_rsa_key"
"/persistent/initrd/ssh_host_ed25519_key"
];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID/oMAi5jyQsNohfhcSH2ItisTpBGB0WtYTVxJYKKqhj" # TODO
];
};
};
# swapDevices = [
# {
# device = "/dev/disk/by-id/nvme-eui.000000000000000100a075202c247839-part1";
# randomEncryption = true;
# }
# ];
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/149F-23AA";
fsType = "vfat";
options = [
"noauto"
"x-systemd.automount"
];
};
zramSwap.enable = true;
zramSwap.writebackDevice = "/dev/zvol/spool/nemesis/zswap";
fileSystems."/persistent/var/lib/postgres" = { # has things of https://wiki.archlinux.org/title/ZFS#Databases set
device = "spool/nemesis/postgres";
fsType = "zfs";
};
fileSystems."/persistent" = {
device = "spool/nemesis/persistent";
fsType = "zfs";
};
fileSystems."/var/log" = {
device = "spool/nemesis/varlog";
fsType = "zfs";
};
fileSystems."/nix" = {
device = "spool/local/nix";
fsType = "zfs";
};
fileSystems."/data" = {
device = "rpool/content/safe/data";
fsType = "zfs";
};
fileSystems."/data/media" = {
device = "rpool/content/safe/data/media";
fsType = "zfs";
};
fileSystems."/backups" = {
device = "rpool/content/local/backups";
fsType = "zfs";
};
fileSystems."/oldds9/persistent" = {
device = "spool/safe/persist";
fsType = "zfs";
};
fileSystems."/oldds9/varlog" = {
device = "spool/local/journal";
fsType = "zfs";
};
}

0
instances/ds9/secrets/atticd.yaml → instances/nemesis/secrets/atticd.yaml
View file

0
instances/ds9/secrets/authentik.yaml → instances/nemesis/secrets/authentik.yaml
View file

0
instances/ds9/secrets/wg.yaml → instances/nemesis/secrets/wg.yaml
View file

0
instances/ds9/secrets/woodpecker.yaml → instances/nemesis/secrets/woodpecker.yaml
View file

0
instances/ds9/services/attic.nix → instances/nemesis/services/attic.nix
View file

0
instances/ds9/services/immich.nix → instances/nemesis/services/immich.nix
View file

0
instances/ds9/services/jellyfin.nix → instances/nemesis/services/jellyfin.nix
View file

0
instances/ds9/services/paperless.nix → instances/nemesis/services/paperless.nix
View file

0
instances/ds9/services/woodpecker.nix → instances/nemesis/services/woodpecker.nix
View file

0
instances/ds9/services/ytdl-sub.nix → instances/nemesis/services/ytdl-sub.nix
View file

35
modules/services/traefik.nix
View file

@ -12,9 +12,21 @@ let
router = "simpleproxy-${n}-router";
service = "simpleproxy-${n}-service";
spl = lib.splitString "." v.host;
certDomain = if (builtins.length spl) > 2 then lib.concatStringsSep "." (builtins.tail spl) else spl;
certDomain =
if (builtins.length spl) > 2 then lib.concatStringsSep "." (builtins.tail spl) else spl;
in
{
routers."${router}-robotstxt" = {
service = "robotstxt";
rule = "Host(`${v.host}`) && Path(`/robots.txt`)";
tls.domains = [
{
main = certDomain;
sans = [ "*.${certDomain}" ];
}
];
};
routers.${router} = {
inherit service;
rule = "Host(`${v.host}`)";
@ -29,13 +41,21 @@ let
loadBalancer.servers = [
{ url = v.internal; }
];
};
services.robotstxt = {
loadBalancer.servers = [
{ url = "http://127.0.0.2"; }
];
};
}
) cfg.simpleProxy;
in
{
options.xyno.services.traefik.enable = lib.mkEnableOption "enables traefik";
options.xyno.services.traefik.noBots = lib.mkOption {
type = lib.types.bool;
default = true;
};
options.xyno.services.traefik.simpleProxy = lib.mkOption {
example = {
"example" = {
@ -57,12 +77,21 @@ in
host = lib.mkOption {
type = lib.types.str;
};
};
}
);
};
config = lib.mkIf cfg.enable {
services.nginx = {
enable = lib.mkIf cfg.noBots true;
defaultListenAddresses = lib.mkIf cfg.noBots [ "127.0.0.2" ];
virtualHosts.localhost.locations."/".root = pkgs.runCommand "nginx-robots" ''
mkdir $out
echo "User-Agent: *\nDisallow: /" > $out/robots.txt
'';
};
services.traefik = {
enable = true;
environmentFiles = [
@ -96,7 +125,7 @@ in
};
};
dynamicConfigOptions = {
http = simpleProxyOpts;
http = lib.mkMerge simpleProxyOpts;
tls.options.default = {
# mozilla modern
minVersion = "VersionTLS13";

1
old-conf/.envrc
View file

@ -1 +0,0 @@
use flake

131
old-conf/.github/flake-to-md.awk vendored
View file

@ -1,131 +0,0 @@
# Parses a flake lock update commit and output readable markdown with proper
# https://github.com/sandhose/nixconf/blob/master/misc/flake-to-markdown.awk
# compare links
function unquote (str) {
split(str, arr, "'");
return arr[2];
}
function parse_flakeref (flakeref, res) {
split(flakeref, arr, ":");
type = arr[1];
tmp = arr[2];
split(tmp, arr, "?");
tmp = arr[1];
n = split(tmp, arr, "/");
commit = arr[n];
repo = arr[1]
for (i = 2; i < n; i++) {
repo = repo "/" arr[i];
}
res["type"] = type;
res["commit"] = commit;
res["repo"] = repo;
}
function short (sha) {
return substr(sha, 1, 8);
}
# Show the raw output in a foldable section
BEGIN {
print "<details><summary>Raw output</summary><p>";
print "";
print "```";
}
# Print all lines anyway
{ print }
# This is a "Updated input 'x'" ine
$3 ~ /input/ {
input = unquote($4);
operations[input] = $2;
next;
}
# This is a "'type:foo/bar/1234' (2021-01-01)" line
$2 ~ /\(.*\)/ {
input_from[input] = unquote($1)
input_from_date[input] = substr($2, 2, 10);
next;
}
# This is a "→ 'type:foo/bar/1234' (2021-01-01)" line
$3 ~ /\(.*\)/ {
input_to[input] = unquote($2)
input_to_date[input] = substr($3, 2, 10);
next;
}
END {
print "```";
print "";
print "</p></details>";
print "";
# Once we gathered the information we needed, we can show it properly
for (input in operations) {
operation = operations[input];
details = "";
link = "";
# For "updated" inputs, we have two flake refs
if (operation == "Updated") {
from = input_from[input];
to = input_to[input];
from_date = input_from_date[input]
to_date = input_to_date[input]
parse_flakeref(from, parsed_from);
parse_flakeref(to, parsed_to);
type = parsed_to["type"];
repo = parsed_to["repo"];
from_commit = parsed_from["commit"];
to_commit = parsed_to["commit"];
compare = sprintf("`%s` ➡️ `%s`", short(from_commit), short(to_commit));
# Render the details according to the ref type
if (type == "github") {
compare = sprintf("[%s](https://github.com/%s/compare/%s...%s)", compare, repo, from_commit, to_commit);
link = sprintf("https://github.com/%s", repo);
} else if (type == "gitlab") {
compare = sprintf("[%s](https://gitlab.com/%s/-/compare/%s...%s)", compare, repo, from_commit, to_commit);
link = sprintf("https://gitlab.com/%s", repo);
}
details = sprintf("%s <sub>(%s to %s)</sub>", compare, from_date, to_date);
# For "added" inputs, we have one flake ref
} else if (operation == "Added") {
ref = input_from[input];
parse_flakeref(ref, parsed_ref);
type = parsed_ref["type"];
repo = parsed_ref["repo"];
commit = parsed_ref["commit"];
# Render the details according to the ref type
if (type == "github") {
details = sprintf("[github.com/%s](https://github.com/%s/tree/%s/)", repo, repo, commit);
link = sprintf("https://github.com/%s", repo);
} else if (type == "gitlab") {
details = sprintf("[gitlab.com/%s](https://gitlab.com/%s/-/tree/%s/)", repo, repo, commit);
link = sprintf("https://gitlab.com/%s", repo);
} else {
details = sprintf("`%s`", ref);
}
}
if (link) {
input_txt = sprintf("[`%s`](%s)", input, link);
} else {
input_txt = sprintf("`%s`", input);
}
if (details) {
printf(" - %s input %s: %s\n", operation, input_txt, details);
} else {
printf(" - %s input %s.\n", operation, input_txt);
}
}
}

53
old-conf/.github/workflows/update.yaml vendored
View file

@ -1,53 +0,0 @@
# https://github.com/sandhose/nixconf/blob/master/.github/workflows/update.yaml
name: "Update lock file"
on:
schedule:
- cron: "0 6 * * *"
workflow_dispatch:
jobs:
tests:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: tibdex/github-app-token@v1.5
id: generate-token
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
- uses: cachix/install-nix-action@v16
with:
install_url: https://releases.nixos.org/nix/nix-2.6.1/install
extra_nix_config: |
experimental-features = nix-command flakes
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Setup Git author
run: |
git config user.name 'GitHub Ations'
git config user.email 'noreply@github.com'
- name: Update lock file
run: nix flake update --no-use-registries --commit-lock-file
- name: Get commit message
id: commit
run: |
message="$(git log -1 --pretty=%B | tail +3 | awk -f ./.github/flake-to-md.awk)"
message="${message//'%'/'%25'}"
message="${message//$'\n'/'%0A'}"
message="${message//$'\r'/'%0D'}"
echo "::set-output name=message::$message"
- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
with:
token: "${{ steps.generate-token.outputs.token }}"
title: "Automated Flake update"
body: "${{ steps.commit.outputs.message }}"
delete-branch: true
assignees: thexyno

13
old-conf/.gitignore vendored
View file

@ -1,13 +0,0 @@
# Ignore configurable file with secrets
#/data/secrets.nix
.DS_Store
/.direnv
# Ignore build symlinks
result*
internal
.tmp
# Ignore vscode stuff
/.vscode/

6
old-conf/.helix/languages.toml
View file

@ -1,6 +0,0 @@
[language-server.nil]
command = "nil"
[[language]]
name = "nix"
formatter = {command = "nixfmt"}
language-servers = [ "nil" ]

8
old-conf/.nixd.json
View file

@ -1,8 +0,0 @@
{
"options": {
"enable": true,
"target": {
"installable": ".#nixosConfigurations.picard.options"
}
}
}

373
old-conf/LICENSE
View file

@ -1,373 +0,0 @@
Mozilla Public License Version 2.0
==================================
1. Definitions
--------------
1.1. "Contributor"
means each individual or legal entity that creates, contributes to
the creation of, or owns Covered Software.
1.2. "Contributor Version"
means the combination of the Contributions of others (if any) used
by a Contributor and that particular Contributor's Contribution.
1.3. "Contribution"
means Covered Software of a particular Contributor.
1.4. "Covered Software"
means Source Code Form to which the initial Contributor has attached
the notice in Exhibit A, the Executable Form of such Source Code
Form, and Modifications of such Source Code Form, in each case
including portions thereof.
1.5. "Incompatible With Secondary Licenses"
means
(a) that the initial Contributor has attached the notice described
in Exhibit B to the Covered Software; or
(b) that the Covered Software was made available under the terms of
version 1.1 or earlier of the License, but not also under the
terms of a Secondary License.
1.6. "Executable Form"
means any form of the work other than Source Code Form.
1.7. "Larger Work"
means a work that combines Covered Software with other material, in
a separate file or files, that is not Covered Software.
1.8. "License"
means this document.
1.9. "Licensable"
means having the right to grant, to the maximum extent possible,
whether at the time of the initial grant or subsequently, any and
all of the rights conveyed by this License.
1.10. "Modifications"
means any of the following:
(a) any file in Source Code Form that results from an addition to,
deletion from, or modification of the contents of Covered
Software; or
(b) any new file in Source Code Form that contains any Covered
Software.
1.11. "Patent Claims" of a Contributor
means any patent claim(s), including without limitation, method,
process, and apparatus claims, in any patent Licensable by such
Contributor that would be infringed, but for the grant of the
License, by the making, using, selling, offering for sale, having
made, import, or transfer of either its Contributions or its
Contributor Version.
1.12. "Secondary License"
means either the GNU General Public License, Version 2.0, the GNU
Lesser General Public License, Version 2.1, the GNU Affero General
Public License, Version 3.0, or any later versions of those
licenses.
1.13. "Source Code Form"
means the form of the work preferred for making modifications.
1.14. "You" (or "Your")
means an individual or a legal entity exercising rights under this
License. For legal entities, "You" includes any entity that
controls, is controlled by, or is under common control with You. For
purposes of this definition, "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than
fifty percent (50%) of the outstanding shares or beneficial
ownership of such entity.
2. License Grants and Conditions
--------------------------------
2.1. Grants
Each Contributor hereby grants You a world-wide, royalty-free,
non-exclusive license:
(a) under intellectual property rights (other than patent or trademark)
Licensable by such Contributor to use, reproduce, make available,
modify, display, perform, distribute, and otherwise exploit its
Contributions, either on an unmodified basis, with Modifications, or
as part of a Larger Work; and
(b) under Patent Claims of such Contributor to make, use, sell, offer
for sale, have made, import, and otherwise transfer either its
Contributions or its Contributor Version.
2.2. Effective Date
The licenses granted in Section 2.1 with respect to any Contribution
become effective for each Contribution on the date the Contributor first
distributes such Contribution.
2.3. Limitations on Grant Scope
The licenses granted in this Section 2 are the only rights granted under
this License. No additional rights or licenses will be implied from the
distribution or licensing of Covered Software under this License.
Notwithstanding Section 2.1(b) above, no patent license is granted by a
Contributor:
(a) for any code that a Contributor has removed from Covered Software;
or
(b) for infringements caused by: (i) Your and any other third party's
modifications of Covered Software, or (ii) the combination of its
Contributions with other software (except as part of its Contributor
Version); or
(c) under Patent Claims infringed by Covered Software in the absence of
its Contributions.
This License does not grant any rights in the trademarks, service marks,
or logos of any Contributor (except as may be necessary to comply with
the notice requirements in Section 3.4).
2.4. Subsequent Licenses
No Contributor makes additional grants as a result of Your choice to
distribute the Covered Software under a subsequent version of this
License (see Section 10.2) or under the terms of a Secondary License (if
permitted under the terms of Section 3.3).
2.5. Representation
Each Contributor represents that the Contributor believes its
Contributions are its original creation(s) or it has sufficient rights
to grant the rights to its Contributions conveyed by this License.
2.6. Fair Use
This License is not intended to limit any rights You have under
applicable copyright doctrines of fair use, fair dealing, or other
equivalents.
2.7. Conditions
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
in Section 2.1.
3. Responsibilities
-------------------
3.1. Distribution of Source Form
All distribution of Covered Software in Source Code Form, including any
Modifications that You create or to which You contribute, must be under
the terms of this License. You must inform recipients that the Source
Code Form of the Covered Software is governed by the terms of this
License, and how they can obtain a copy of this License. You may not
attempt to alter or restrict the recipients' rights in the Source Code
Form.
3.2. Distribution of Executable Form
If You distribute Covered Software in Executable Form then:
(a) such Covered Software must also be made available in Source Code
Form, as described in Section 3.1, and You must inform recipients of
the Executable Form how they can obtain a copy of such Source Code
Form by reasonable means in a timely manner, at a charge no more
than the cost of distribution to the recipient; and
(b) You may distribute such Executable Form under the terms of this
License, or sublicense it under different terms, provided that the
license for the Executable Form does not attempt to limit or alter
the recipients' rights in the Source Code Form under this License.
3.3. Distribution of a Larger Work
You may create and distribute a Larger Work under terms of Your choice,
provided that You also comply with the requirements of this License for
the Covered Software. If the Larger Work is a combination of Covered
Software with a work governed by one or more Secondary Licenses, and the
Covered Software is not Incompatible With Secondary Licenses, this
License permits You to additionally distribute such Covered Software
under the terms of such Secondary License(s), so that the recipient of
the Larger Work may, at their option, further distribute the Covered
Software under the terms of either this License or such Secondary
License(s).
3.4. Notices
You may not remove or alter the substance of any license notices
(including copyright notices, patent notices, disclaimers of warranty,
or limitations of liability) contained within the Source Code Form of
the Covered Software, except that You may alter any license notices to
the extent required to remedy known factual inaccuracies.
3.5. Application of Additional Terms
You may choose to offer, and to charge a fee for, warranty, support,
indemnity or liability obligations to one or more recipients of Covered
Software. However, You may do so only on Your own behalf, and not on
behalf of any Contributor. You must make it absolutely clear that any
such warranty, support, indemnity, or liability obligation is offered by
You alone, and You hereby agree to indemnify every Contributor for any
liability incurred by such Contributor as a result of warranty, support,
indemnity or liability terms You offer. You may include additional
disclaimers of warranty and limitations of liability specific to any
jurisdiction.
4. Inability to Comply Due to Statute or Regulation
---------------------------------------------------
If it is impossible for You to comply with any of the terms of this
License with respect to some or all of the Covered Software due to
statute, judicial order, or regulation then You must: (a) comply with
the terms of this License to the maximum extent possible; and (b)
describe the limitations and the code they affect. Such description must
be placed in a text file included with all distributions of the Covered
Software under this License. Except to the extent prohibited by statute
or regulation, such description must be sufficiently detailed for a
recipient of ordinary skill to be able to understand it.
5. Termination
--------------
5.1. The rights granted under this License will terminate automatically
if You fail to comply with any of its terms. However, if You become
compliant, then the rights granted under this License from a particular
Contributor are reinstated (a) provisionally, unless and until such
Contributor explicitly and finally terminates Your grants, and (b) on an
ongoing basis, if such Contributor fails to notify You of the
non-compliance by some reasonable means prior to 60 days after You have
come back into compliance. Moreover, Your grants from a particular
Contributor are reinstated on an ongoing basis if such Contributor
notifies You of the non-compliance by some reasonable means, this is the
first time You have received notice of non-compliance with this License
from such Contributor, and You become compliant prior to 30 days after
Your receipt of the notice.
5.2. If You initiate litigation against any entity by asserting a patent
infringement claim (excluding declaratory judgment actions,
counter-claims, and cross-claims) alleging that a Contributor Version
directly or indirectly infringes any patent, then the rights granted to
You by any and all Contributors for the Covered Software under Section
2.1 of this License shall terminate.
5.3. In the event of termination under Sections 5.1 or 5.2 above, all
end user license agreements (excluding distributors and resellers) which
have been validly granted by You or Your distributors under this License
prior to termination shall survive termination.
************************************************************************
* *
* 6. Disclaimer of Warranty *
* ------------------------- *
* *
* Covered Software is provided under this License on an "as is" *
* basis, without warranty of any kind, either expressed, implied, or *
* statutory, including, without limitation, warranties that the *
* Covered Software is free of defects, merchantable, fit for a *
* particular purpose or non-infringing. The entire risk as to the *
* quality and performance of the Covered Software is with You. *
* Should any Covered Software prove defective in any respect, You *
* (not any Contributor) assume the cost of any necessary servicing, *
* repair, or correction. This disclaimer of warranty constitutes an *
* essential part of this License. No use of any Covered Software is *
* authorized under this License except under this disclaimer. *
* *
************************************************************************
************************************************************************
* *
* 7. Limitation of Liability *
* -------------------------- *
* *
* Under no circumstances and under no legal theory, whether tort *
* (including negligence), contract, or otherwise, shall any *
* Contributor, or anyone who distributes Covered Software as *
* permitted above, be liable to You for any direct, indirect, *
* special, incidental, or consequential damages of any character *
* including, without limitation, damages for lost profits, loss of *
* goodwill, work stoppage, computer failure or malfunction, or any *
* and all other commercial damages or losses, even if such party *
* shall have been informed of the possibility of such damages. This *
* limitation of liability shall not apply to liability for death or *
* personal injury resulting from such party's negligence to the *
* extent applicable law prohibits such limitation. Some *
* jurisdictions do not allow the exclusion or limitation of *
* incidental or consequential damages, so this exclusion and *
* limitation may not apply to You. *
* *
************************************************************************
8. Litigation
-------------
Any litigation relating to this License may be brought only in the
courts of a jurisdiction where the defendant maintains its principal
place of business and such litigation shall be governed by laws of that
jurisdiction, without reference to its conflict-of-law provisions.
Nothing in this Section shall prevent a party's ability to bring
cross-claims or counter-claims.
9. Miscellaneous
----------------
This License represents the complete agreement concerning the subject
matter hereof. If any provision of this License is held to be
unenforceable, such provision shall be reformed only to the extent
necessary to make it enforceable. Any law or regulation which provides
that the language of a contract shall be construed against the drafter
shall not be used to construe this License against a Contributor.
10. Versions of the License
---------------------------
10.1. New Versions
Mozilla Foundation is the license steward. Except as provided in Section
10.3, no one other than the license steward has the right to modify or
publish new versions of this License. Each version will be given a
distinguishing version number.
10.2. Effect of New Versions
You may distribute the Covered Software under the terms of the version
of the License under which You originally received the Covered Software,
or under the terms of any subsequent version published by the license
steward.
10.3. Modified Versions
If you create software not governed by this License, and you want to
create a new license for such software, you may create and use a
modified version of this License if you rename the license and remove
any references to the name of the license steward (except to note that
such modified license differs from this License).
10.4. Distributing Source Code Form that is Incompatible With Secondary
Licenses
If You choose to distribute Source Code Form that is Incompatible With
Secondary Licenses under the terms of this version of the License, the
notice described in Exhibit B of this License must be attached.
Exhibit A - Source Code Form License Notice
-------------------------------------------
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
If it is not possible or desirable to put the notice in a particular
file, then You may include the notice in a location (such as a LICENSE
file in a relevant directory) where a recipient would be likely to look
for such a notice.
You may add additional accurate notices of copyright ownership.
Exhibit B - "Incompatible With Secondary Licenses" Notice
---------------------------------------------------------
This Source Code Form is "Incompatible With Secondary Licenses", as
defined by the Mozilla Public License, v. 2.0.

19
old-conf/README.md
View file

@ -1,19 +0,0 @@
# my nixos/nix-darwin Configs
## Folder structure
- `hosts/`
- host specific configuration
- `nixos-modules/`
- nixos modules
- `hm-imports/`
- home-manager modules
- `data/`
- some configuration files, pubkeys, ...
- `lib/`
- helper functions
- `packages/`
- packages to small to put into another repo
- `secrets/`
- agenix secrets

47
old-conf/darwin-common.nix
View file

@ -1,47 +0,0 @@
{ config, pkgs, inputs, ... }: {
programs.zsh.enable = true;
environment.pathsToLink = [ "/share/zsh" ];
services.nix-daemon.enable = true;
nix.settings.cores = 0; # use all cores
nix.settings.max-jobs = 10; # use all cores
nix.settings.experimental-features = [ "nix-command" "flakes" ];
security.pam.enableSudoTouchIdAuth = true;
programs.zsh.shellInit = ''
eval "$(/opt/homebrew/bin/brew shellenv)"
'';
environment.systemPath = [ "/opt/homebrew/bin" "/opt/homebrew/sbin" ];
#nix.settings.auto-optimise-store = true;
nix.distributedBuilds = true;
nix.nixPath = [{ nixpkgs = "${inputs.nixpkgs-darwin.outPath}"; nixpkgs-master = "${inputs.nixpkgs-master.outPath}"; nixpkgs-nixos = "${inputs.nixpkgs.outPath}"; }];
nix.buildMachines = [{
systems = [ "x86_64-linux" ];
supportedFeatures = [ "kvm" "big-parallel" ];
sshUser = "ragon";
maxJobs = 12;
hostName = "ds9";
sshKey = "/Users/xyno/.ssh/id_ed25519";
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUorQkJYdWZYQUpoeVVIVmZocWxrOFk0ekVLSmJLWGdKUXZzZEU0ODJscFYgcm9vdEBpc28K";
}];
nix.extraOptions = ''
builders-use-substitutes = true
'';
system.defaults = {
NSGlobalDomain.AppleShowAllExtensions = true;
NSGlobalDomain.InitialKeyRepeat = 25;
NSGlobalDomain.KeyRepeat = 4;
NSGlobalDomain.NSNavPanelExpandedStateForSaveMode = true;
NSGlobalDomain.PMPrintingExpandedStateForPrint = true;
NSGlobalDomain."com.apple.mouse.tapBehavior" = 1;
NSGlobalDomain."com.apple.trackpad.trackpadCornerClickBehavior" = 1;
dock.autohide = true;
dock.mru-spaces = false;
dock.show-recents = false;
dock.static-only = true;
dock.expose-animation-duration = 0.01;
finder.AppleShowAllExtensions = true;
finder.FXEnableExtensionChangeWarning = false;
loginwindow.GuestEnabled = false;
};
}

0
old-conf/darwin-modules/.gitkeep
View file

73
old-conf/darwin-modules/borgmatic.nix
View file

@ -1,73 +0,0 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.ragon.services.borgmatic;
settingsFormat = pkgs.formats.yaml { };
cfgType = with types; submodule {
freeformType = settingsFormat.type;
};
cfgfile = settingsFormat.generate "config.yaml" cfg.settings;
in
{
options.ragon.services.borgmatic = {
enable = mkEnableOption (mdDoc "borgmatic");
settings = mkOption {
description = mdDoc ''
See https://torsion.org/borgmatic/docs/reference/configuration/
'';
default = null;
type = types.nullOr cfgType;
};
configurations = mkOption {
description = mdDoc ''
Set of borgmatic configurations, see https://torsion.org/borgmatic/docs/reference/configuration/
'';
default = { };
type = types.attrsOf cfgType;
};
};
config = mkIf cfg.enable {
environment.systemPackages = [
#pkgs.borgmatic
pkgs.borgbackup
];
homebrew.brews = [ "borgmatic" ];
environment.etc = (optionalAttrs (cfg.settings != null) { "borgmatic/config.yaml".source = cfgfile; }) //
mapAttrs'
(name: value: nameValuePair
"borgmatic.d/${name}.yaml"
{ source = settingsFormat.generate "${name}.yaml" value; })
cfg.configurations;
launchd.user.agents.borgmatic = {
script = ''
if (pmset -g batt | grep -q 'AC Power'); then
borgmatic
else
echo "On Battery Power, skipping backup"
fi
'';
path = [ "/opt/homebrew/bin" config.environment.systemPath ];
serviceConfig = {
StartInterval = 60 * 60; # run every hour
StandardOutPath = "/var/log/borgmatic.log";
StandardErrorPath = "/var/log/borgmatic.log";
KeepAlive = true;
# NetworkState = true;
Nice = 1;
};
};
assertions = [
{
assertion = config.homebrew.enable;
message = "homebrew must be enabled for borgmatic to run";
}
];
};
}

17
old-conf/data/monitoring.toml
View file

@ -1,17 +0,0 @@
[master]
hostname = "beliskner"
ip = "beliskner.kangaroo-galaxy.ts.net" # tailscale
[hostOverrides]
[exporters.node]
hosts = [ "ds9", "picard" ]
[exporters.smartctl]
hosts = [ "ds9" ]
[exporters.blackbox]
hosts = [ "beliskner" ]
[promtail]
hosts = [ "picard", "ds9" ]

29
old-conf/data/pubkeys.nix
View file

@ -1,29 +0,0 @@
let
ragon =
let
user = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJwOH1b6xWmEr1VZh48kBIYhW11vtPFR3my8stAHlSi" # saurier
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIuwQJY0H/fdu1UmGXAut7VfcvAk2Dm78tJpkyyv2in2" # daedalus
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKZ0hlF6EFQXpw74kkpoA8vxMX6vVDTnpM41rCDXRMuo" # daedalusvm
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC6xx1IWlRoSQvCUZ+iyzekjFjoXBKmDT4Kxww4Tl+63" # iPad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJmN2QRbwQyeUChQ0ZxNzjNnUZTOUVbM4kDEGfEtmufc" # iPhone
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID/oMAi5jyQsNohfhcSH2ItisTpBGB0WtYTVxJYKKqhj" # theseus
];
server = user ++ hosts.ds9 ++ hosts.picard;
client = user;
hosts = {
ds9 = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+BBXufXAJhyUHVfhqlk8Y4zEKJbKXgJQvsdE482lpV" ];
picard = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAm3UXZaN95WBUaS9SiHLNEuI1tP1x1w07qnYxPe+vdr" ];
theseus = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/pPCcq0ziQhdyZSObly3bUUJqH56Ly+uYS6MNdR2D+"];
};
in
{
inherit user server client;
computers = user ++ (builtins.foldl' (a: b: a ++ b) [ ] (builtins.attrValues hosts)); # everything
host = hn: (hosts.${hn} ++ user);
hosts = hn: ((map (x: hosts.${x}) hn) ++ user);
};
in
{
inherit ragon;
}

749
old-conf/flake.lock generated
View file

@ -1,749 +0,0 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1754433428,
"narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"owner": "ryantm",
"repo": "agenix",
"rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"type": "github"
},
"original": {
"owner": "ryantm",
"ref": "main",
"repo": "agenix",
"type": "github"
}
},
"attic": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1758711588,
"narHash": "sha256-0nZlCCDC5PfndsQJXXtcyrtrfW49I3KadGMDlutzaGU=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "12cbeca141f46e1ade76728bce8adc447f2166c6",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "attic",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1751562746,
"narHash": "sha256-smpugNIkmDeicNz301Ll1bD7nFOty97T79m4GUMUczA=",
"owner": "ipetkov",
"repo": "crane",
"rev": "aed2020fd3dc26e1e857d4107a5a67a33ab6c1fd",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"darwin_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1758805352,
"narHash": "sha256-BHdc43Lkayd+72W/NXRKHzX5AZ+28F3xaUs3a88/Uew=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "c48e963a5558eb1c3827d59d21c5193622a1477c",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1751413152,
"narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flakey-profile": {
"locked": {
"lastModified": 1712898590,
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
"owner": "lf-",
"repo": "flakey-profile",
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
"type": "github"
},
"original": {
"owner": "lf-",
"repo": "flakey-profile",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1758463745,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"zen-browser",
"nixpkgs"
]
},
"locked": {
"lastModified": 1752603129,
"narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1737831083,
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"kmonad": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "nix",
"lastModified": 1751398458,
"narHash": "sha256-EHg2Z0EbsFN5zU1WrLc1sFszbUsLLpqZgFim7Zi8dRc=",
"ref": "feat-tap-overlap",
"rev": "fb0334cbd16ec64c5ebcc10f7982a9857bd97d27",
"revCount": 986,
"type": "git",
"url": "https://github.com/jokesper/kmonad"
},
"original": {
"dir": "nix",
"ref": "feat-tap-overlap",
"type": "git",
"url": "https://github.com/jokesper/kmonad"
}
},
"lix": {
"flake": false,
"locked": {
"lastModified": 1753223229,
"narHash": "sha256-tkT4aCZZE6IEmjYotOzKKa2rV3pGpH3ZREeQn7ACgdU=",
"rev": "7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a.tar.gz?rev=7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz"
}
},
"lix-module": {
"inputs": {
"flake-utils": "flake-utils",
"flakey-profile": "flakey-profile",
"lix": "lix",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1753282722,
"narHash": "sha256-KYMUrTV7H/RR5/HRnjV5R3rRIuBXMemyJzTLi50NFTs=",
"rev": "46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873",
"type": "tarball",
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz?rev=46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873"
},
"original": {
"type": "tarball",
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz"
}
},
"miro": {
"flake": false,
"locked": {
"lastModified": 1644177791,
"narHash": "sha256-t8L6UboaOcg6JkGjX1NTd13Yw7ATySGxmnkJ7wUyZAE=",
"owner": "miromannino",
"repo": "miro-windows-manager",
"rev": "faa6f5f0bc025cc2465f3198609d2123d86101c2",
"type": "github"
},
"original": {
"owner": "miromannino",
"repo": "miro-windows-manager",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"attic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1737420293,
"narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1758663926,
"narHash": "sha256-6CFdj7Xs616t1W4jLDH7IohAAvl5Dyib3qEv/Uqw1rk=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "170ff93c860b2a9868ed1e1102d4e52cb3d934e1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1759143472,
"narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-darwin": {
"locked": {
"lastModified": 1735564410,
"narHash": "sha256-HB/FA0+1gpSs8+/boEavrGJH+Eq08/R2wWNph1sM1Dg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1e7a8f391f1a490460760065fa0630b5520f9cf8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-24.05-darwin",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1738452942,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1759258560,
"narHash": "sha256-ykJfEwNYol4x+gQdbePWc5tfxwky7aXpM4ZJDyCpK5Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "66063074cf41f08c39738b1436f4bdae7fb97265",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1751741127,
"narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "29e290002bfff26af1db6f64d070698019460302",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1736320768,
"narHash": "sha256-nIYdTAiKIGnFNugbomgBJR+Xv5F1ZQU+HfaBqJKroC0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4bc9c909d9ac828a039f288cf872d16d38185db8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1755615617,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "20075955deac2583bb12f07151c2df830ef346b4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pandoc-latex-template": {
"flake": false,
"locked": {
"lastModified": 1758365407,
"narHash": "sha256-gat4bW9oW5UEcB23s026vmBmxwQE7Eyejgr/qIS7CsM=",
"owner": "Wandmalfarbe",
"repo": "pandoc-latex-template",
"rev": "f99fe1dbda926be29f567196b1edfeb92f96ac10",
"type": "github"
},
"original": {
"owner": "Wandmalfarbe",
"repo": "pandoc-latex-template",
"type": "github"
}
},
"quadlet-nix": {
"locked": {
"lastModified": 1758631655,
"narHash": "sha256-EGeZ963L7xsNAY7snvP1JHQe7LWLVCM6f49+PzWjhEE=",
"owner": "SEIAROTg",
"repo": "quadlet-nix",
"rev": "2ebe01b175e2e1e6de3f172d23f0c3b88713eec9",
"type": "github"
},
"original": {
"owner": "SEIAROTg",
"repo": "quadlet-nix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"attic": "attic",
"darwin": "darwin_2",
"home-manager": "home-manager_2",
"impermanence": "impermanence",
"kmonad": "kmonad",
"lix-module": "lix-module",
"miro": "miro",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs-darwin": "nixpkgs-darwin",
"nixpkgs-master": "nixpkgs-master",
"pandoc-latex-template": "pandoc-latex-template",
"quadlet-nix": "quadlet-nix",
"spoons": "spoons",
"synapse": "synapse",
"utils": "utils",
"wired": "wired",
"x": "x",
"xynoblog": "xynoblog",
"zen-browser": "zen-browser"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1740709839,
"narHash": "sha256-4dF++MXIXna/AwlZWDKr7bgUmY4xoEwvkF1GewjNrt0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "b4270835bf43c6f80285adac6f66a26d83f0f277",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"spoons": {
"flake": false,
"locked": {
"lastModified": 1747090751,
"narHash": "sha256-ZRSRb2QW8hrTkdCg5xezF09DntPocE842rc4ZKt7aHY=",
"owner": "Hammerspoon",
"repo": "Spoons",
"rev": "e5b871250346c3fe93bac0d431fc75f6f0e2f92a",
"type": "github"
},
"original": {
"owner": "Hammerspoon",
"repo": "Spoons",
"type": "github"
}
},
"synapse": {
"flake": false,
"locked": {
"lastModified": 1754934810,
"narHash": "sha256-4HAA9Xq4C3DHxz0BgqBitfM4wZwPSEu+IO/OPfHzLVw=",
"owner": "element-hq",
"repo": "synapse",
"rev": "4054d956f75056ace9edc729ee488edcbf00d1a2",
"type": "github"
},
"original": {
"owner": "element-hq",
"repo": "synapse",
"rev": "4054d956f75056ace9edc729ee488edcbf00d1a2",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"wired": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1743305055,
"narHash": "sha256-NIsi8Dno9YsOLUUTrLU4p+hxYeJr3Vkg1gIpQKVTaDs=",
"owner": "Toqozz",
"repo": "wired-notify",
"rev": "75d43f54a02b15f2a15f5c1a0e1c7d15100067a6",
"type": "github"
},
"original": {
"owner": "Toqozz",
"repo": "wired-notify",
"type": "github"
}
},
"x": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1680879729,
"narHash": "sha256-ItGaOeb0wt8ESKTJxPkFVbV8cyR/0RhSFVltelLQ9b4=",
"owner": "thexyno",
"repo": "x",
"rev": "5b15dd8e511c9cd39c7dbfa583e2c85ff30afecb",
"type": "github"
},
"original": {
"owner": "thexyno",
"repo": "x",
"type": "github"
}
},
"xynoblog": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1732833558,
"narHash": "sha256-KpAsXBkNJTNBHQuwqJkMSCsVWhbj9K7LLY7emgU6f4Q=",
"owner": "thexyno",
"repo": "blog",
"rev": "b020543dcb823c7be01a7aca9f1748a517ece659",
"type": "github"
},
"original": {
"owner": "thexyno",
"repo": "blog",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1759203282,
"narHash": "sha256-lsKz9cA0VpHsSbOXZcg8V2fGmUSvC183Fmmn++WAG5o=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "7c14e901ac9d2d5b994bad90a11dfbf25500c6cb",
"type": "github"
},
"original": {
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

221
old-conf/flake.nix
View file

@ -1,221 +0,0 @@
{
description = "ragons nix/nixos configs";
inputs = {
# base imports
utils.url = "github:numtide/flake-utils";
## nixos/nix-darwin dependencies
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-24.05-darwin";
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
agenix.url = "github:ryantm/agenix/main";
agenix.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-25.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
impermanence.url = "github:nix-community/impermanence";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
darwin.url = "github:lnl7/nix-darwin/master";
darwin.inputs.nixpkgs.follows = "nixpkgs";
quadlet-nix.url = "github:SEIAROTg/quadlet-nix";
quadlet-nix.inputs.nixpkgs.follows = "nixpkgs";
lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz";
inputs.nixpkgs.follows = "nixpkgs";
};
# programs
xynoblog.url = "github:thexyno/blog";
xynoblog.inputs.nixpkgs.follows = "nixpkgs";
x.url = "github:thexyno/x";
x.inputs.nixpkgs.follows = "nixpkgs";
# helix.url = "github:SofusA/helix-pull-diagnostics/pull-diagnostics";
wired.inputs.nixpkgs.follows = "nixpkgs";
wired.url = "github:Toqozz/wired-notify";
zen-browser.url = "github:0xc000022070/zen-browser-flake";
attic.url = "github:zhaofengli/attic";
attic.inputs.nixpkgs.follows = "nixpkgs";
synapse.url = "github:element-hq/synapse?rev=4054d956f75056ace9edc729ee488edcbf00d1a2";
synapse.flake = false;
kmonad = {
url = "git+https://github.com/jokesper/kmonad?dir=nix&ref=feat-tap-overlap";
inputs.nixpkgs.follows = "nixpkgs";
};
## editor stuff
# nixd.url = "github:nix-community/nixd";
# nixd.inputs.nixpkgs.follows = "nixpkgs";
## vim
# nnn-nvim.url = "github:luukvbaal/nnn.nvim";
# nnn-nvim.flake = false;
# notify-nvim.url = "github:rcarriga/nvim-notify";
# notify-nvim.flake = false;
# noice-nvim.url = "github:folke/noice.nvim";
# noice-nvim.flake = false;
# ## zsh
# zsh-completions.url = "github:zsh-users/zsh-completions";
# zsh-completions.flake = false;
# zsh-syntax-highlighting.url = "github:zsh-users/zsh-syntax-highlighting/master";
# zsh-syntax-highlighting.flake = false;
# zsh-vim-mode.url = "github:softmoth/zsh-vim-mode";
# zsh-vim-mode.flake = false;
# agkozak-zsh-prompt.url = "github:agkozak/agkozak-zsh-prompt";
# agkozak-zsh-prompt.flake = false;
# ## xonsh
# xonsh-fish-completer.url = "github:xonsh/xontrib-fish-completer";
# xonsh-fish-completer.flake = false;
# xonsh-direnv.url = "github:74th/xonsh-direnv";
# xonsh-direnv.flake = false;
## hammerspoon
miro.url = "github:miromannino/miro-windows-manager";
miro.flake = false;
spoons.url = "github:Hammerspoon/Spoons";
spoons.flake = false;
#other dependencies
pandoc-latex-template.url = "github:Wandmalfarbe/pandoc-latex-template";
pandoc-latex-template.flake = false;
};
outputs =
inputs @ { self
, nixpkgs
, nixpkgs-darwin
, nixpkgs-master
, agenix
, home-manager
, impermanence
, darwin
, utils
, xynoblog
# , lolpizza
, lix-module
, kmonad
, wired
, x
, ...
}:
let
extraSystems = [ ];
lib = nixpkgs.lib.extend (self: super: {
my = import ./lib { inherit inputs; lib = self; };
});
overlays = [
self.overlays.default
wired.overlays.default
];
genPkgsWithOverlays = system: import nixpkgs {
inherit system overlays;
config.allowUnfree = true;
};
genDarwinPkgsWithOverlays = system: import nixpkgs-darwin {
inherit system overlays;
config.allowUnfree = true;
};
rev = if (lib.hasAttrByPath [ "rev" ] self.sourceInfo) then self.sourceInfo.rev else "Dirty Build";
nixosSystem = system: extraModules: hostName:
let
pkgs = genPkgsWithOverlays system;
in
nixpkgs.lib.nixosSystem
rec {
inherit system;
specialArgs = { inherit lib inputs; };
modules = [
lix-module.nixosModules.default
agenix.nixosModules.age
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
kmonad.nixosModules.default
xynoblog.nixosModule
# lolpizza.nixosModule
x.nixosModule
({ config, ... }: lib.mkMerge [{
nixpkgs.pkgs = pkgs;
nixpkgs.overlays = overlays;
networking.hostName = hostName;
system.configurationRevision = rev;
services.getty.greetingLine =
"<<< Welcome to ${config.system.nixos.label} @ ${rev} - Please leave \\l >>>";
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit inputs; };
}])
./nixos-common.nix
] ++ extraModules;
};
darwinSystem = system: extraModules: hostName:
let
pkgs = genDarwinPkgsWithOverlays system;
in
darwin.lib.darwinSystem
{
inherit system;
specialArgs = { inherit lib inputs self darwin; };
modules = [
home-manager.darwinModules.home-manager
{
nixpkgs.overlays = overlays;
networking.hostName = hostName;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit inputs pkgs; };
}
./darwin-common.nix
lix-module.nixosModules.default
] ++ extraModules;
};
processConfigurations = lib.mapAttrs (n: v: v n);
in
{
lib = lib.my;
overlays.default = final: prev: {
unstable = import nixpkgs-master {
system = prev.system;
config.allowUnfree = true;
};
my = self.packages."${prev.system}";
};
# nixosModules = lib.my.mapModulesRec ./nixos-modules import;
# darwinModules = lib.my.mapModulesRec ./darwin-modules import;
nixosConfigurations = processConfigurations {
picard = nixosSystem "x86_64-linux" [ ./hosts/picard/default.nix ];
ds9 = nixosSystem "x86_64-linux" [ ./hosts/ds9/default.nix ];
voyager = nixosSystem "x86_64-linux" [ ./hosts/voyager/default.nix ];
theseus = nixosSystem "x86_64-linux" [ ./hosts/theseus/default.nix ];
};
darwinConfigurations = processConfigurations {
daedalus = darwinSystem "aarch64-darwin" [ ./hosts/daedalus/default.nix ];
};
} // utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system}; in
{
devShell = pkgs.mkShell {
buildInputs = with pkgs; [
pkgs.nixfmt-rfc-style
pkgs.nil
lefthook inputs.agenix.packages.${system}.agenix ];
};
packages = lib.my.mapModules ./packages (p: pkgs.callPackage p { inputs = inputs; });
});
}

86
old-conf/hm-modules/cli.nix
View file

@ -1,86 +0,0 @@
{ inputs, config, lib, pkgs, ... }:
{
home.stateVersion = lib.mkDefault "22.05";
home.packages = with pkgs; [
my.scripts
jq
nnn
bat
htop
eza
curl
fd
file
git
neofetch
ripgrep
direnv # needed for lorri
unzip
pv
killall
yt-dlp
aria2
];
home.shellAliases = {
v = "nvim";
c = "code";
vim = "nvim";
gpl = "git pull";
gp = "git push";
gpf = "git push --force-with-lease";
gd = "git diff";
lg = "lazygit";
gc = "git commit -v";
kb = "git commit -m \"\$(curl -s http://whatthecommit.com/index.txt)\"";
gs = "git status -v";
gfc = "git fetch && git checkout";
gl = "git log --graph";
l = "eza -la --git";
la = "eza -la --git";
ls = "eza";
ll = "eza -l --git";
cat = "bat";
p = "cd ~/proj";
ytl = ''yt-dlp -f "bv*+mergeall[vcodec=none]" --audio-multistreams'';
};
programs = {
bat = {
enable = true;
config.theme = "gruvbox-dark";
};
git = {
enable = true;
lfs.enable = true;
# Default configs
extraConfig = {
commit.gpgSign = true;
gpg.format = "ssh";
user.name = "Lucy Hochkamp";
user.email = "git@xyno.systems";
user.signingKey = # TODO: don't hardcode a computer
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID/oMAi5jyQsNohfhcSH2ItisTpBGB0WtYTVxJYKKqhj"; # theseus
# Set default "git pull" behaviour so it doesn't try to default to
# either "git fetch; git merge" (default) or "git fetch; git rebase".
pull.ff = "only";
};
};
# Htop configurations
htop = {
enable = true;
settings = {
hide_userland_threads = true;
highlight_base_name = true;
shadow_other_users = true;
show_program_path = false;
tree_view = false;
};
};
};
}

0
old-conf/hm-modules/eww/eww.scss
View file

39
old-conf/hm-modules/eww/eww.yuck
View file

@ -1,39 +0,0 @@
(defwindow bar
:monitor 0
:hexpand false
:vexpand false
:geometry (geometry :anchor "top left" :x 0 :y 0 :width "100%")
; :reserve (struts :distance "10px" :side "top")
(bar))
(defwidget bar
(centerbox :orientation "h"
(left)
(center)
(right)))
(defwidget left []
:halign "start"
(workspaces)
)
(defwidget workspaces []
(box :class "workspaces"
:orientation "h"
:space-evenly true
:spacing 5
(button :onclick "wmctrl -s 0" 1)
(button :onclick "wmctrl -s 1" 2)
(button :onclick "wmctrl -s 2" 3)
(button :onclick "wmctrl -s 3" 4)
(button :onclick "wmctrl -s 4" 5)
(button :onclick "wmctrl -s 5" 6)
(button :onclick "wmctrl -s 6" 7)
(button :onclick "wmctrl -s 7" 8)
(button :onclick "wmctrl -s 8" 9)))
(defwidget center []
:haligh "center"
(window_name))
(defwidget )

15
old-conf/hm-modules/files.nix
View file

@ -1,15 +0,0 @@
{ inputs, config, lib, pkgs, ... }:
{
imports = [
"${inputs.impermanence}/home-manager.nix"
];
home.file = {
# Home nix config.
".config/nixpkgs/config.nix".text = "{ allowUnfree = true; }";
".local/share/pandoc/templates/default.latex".source = "${inputs.pandoc-latex-template}/eisvogel.tex";
# empty zshrc to stop zsh-newuser-install from running
".zshrc".text = "";
};
}

145
old-conf/hm-modules/helix/default.nix
View file

@ -1,145 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.helix;
in
{
options.ragon.helix.enable = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
jsonnet-language-server
jsonnet
nixpkgs-fmt
# omnisharp-roslyn
## ts
# nodePackages_latest.prettier
typescript
dprint
nodePackages_latest.typescript-language-server
nodePackages_latest.vscode-langservers-extracted
## python
ruff-lsp
# nodePackages_latest.pyright
inputs.roslyn-language-server.packages.${pkgs.system}.roslyn-language-server
netcoredbg
];
programs.helix = {
package = inputs.helix.packages.${pkgs.system}.default;
enable = true;
defaultEditor = true;
settings = {
theme = "gruvbox_dark_hard";
editor = {
line-number = "relative";
bufferline = "multiple";
color-modes = true;
cursorline = true;
auto-format = true;
end-of-line-diagnostics = "hint";
inline-diagnostics = {
cursor-line = "hint";
};
lsp = {
display-messages = true;
display-inlay-hints = true;
};
popup-border = "popup";
statusline.left = [
"mode"
"spinner"
"spacer"
"version-control"
"file-name"
"diagnostics"
"read-only-indicator"
"file-modification-indicator"
"spacer"
];
statusline.right = [
"workspace-diagnostics"
"register"
"position"
"selections"
"file-encoding"
"file-type"
];
idle-timeout = 50;
completion-timeout = 100;
indent-guides = {
render = true;
character = "";
skip-levels = 1;
};
soft-wrap = {
enable = true;
};
whitespace = {
render = {
space = "none";
tab = "all";
newline = "none";
};
characters = {
nbsp = "·";
tab = "";
};
};
};
keys = {
normal = {
space."=" = ":fmt";
# smart tab++
tab = "move_parent_node_end";
S-tab = "move_parent_node_start";
};
insert = {
# smart tab ++
S-tab = "move_parent_node_start";
};
select = {
# smart tab++
tab = "extend_parent_node_end";
S-tab = "extend_parent_node_start";
};
};
};
languages = {
language-server.pyright.config.python.analysis.typeCheckingMode = "basic";
language-server.ruff = {
command = "ruff-lsp";
config.settings.args = [ "--ignore" "E501" ];
};
language-server.roslyn = {
command = "roslyn-language-server";
};
language = lib.flatten [
(map
(x: {
name = x;
language-servers = [ "typescript-language-server" "eslint" ];
#formatter = { command = "dprint"; args = [ "fmt" "--stdin" x ]; };
# formatter = { command = "prettier"; args = [ "--parser" "typescript" ]; };
}) [ "typescript" "javascript" "jsx" "tsx" ])
{
name = "nix";
formatter = { command = "nixpkgs-fmt"; };
}
{
name = "python";
language-servers = [ "pyright" "ruff" ];
}
{
name = "c-sharp";
language-servers = [ "roslyn" ];
formatter = { command = "dotnet"; args = [ "csharpier" ]; };
}
];
};
};
};
}

346
old-conf/hm-modules/nushell/default.nix
View file

@ -1,346 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.nushell;
aliasesJson = pkgs.writeText "shell-aliases.json" (builtins.toJSON config.home.shellAliases);
in
{
options.ragon.nushell.enable = lib.mkOption { default = false; };
options.ragon.nushell.isNixOS = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
programs.direnv = {
enable = true;
enableNushellIntegration = true;
};
programs.nushell = {
enable = true;
extraConfig = ''
$env.CARAPACE_BRIDGES = 'zsh,fish,bash,inshellisense'
let carapace_completer = {|spans: list<string>|
carapace $spans.0 nushell ...$spans
| from json
| if ($in | default [] | where value =~ '^-.*ERR$' | is-empty) { $in } else { null }
}
let external_completer = {|spans|
let expanded_alias = scope aliases
| where name == $spans.0
| get -i 0.expansion
let spans = if $expanded_alias != null {
$spans
| skip 1
| prepend ($expanded_alias | split row ' ' | take 1)
} else {
$spans
}
match $spans.0 {
# carapace completions are incorrect for nu
# nu => $fish_completer
# fish completes commits and branch names in a nicer way
# git => $fish_completer
# carapace doesn't have completions for asdf
# asdf => $fish_completer
# use zoxide completions for zoxide commands
# __zoxide_z | __zoxide_zi => $zoxide_completer
_ => $carapace_completer
} | do $in $spans
}
$env.config = {
edit_mode: vi
show_banner: false,
completions: {
case_sensitive: false # case-sensitive completions
quick: true # set to false to prevent auto-selecting completions
partial: true # set to false to prevent partial filling of the prompt
algorithm: "fuzzy" # prefix or fuzzy
external: {
# set to false to prevent nushell looking into $env.PATH to find more suggestions
enable: true
# set to lower can improve completion performance at the cost of omitting some options
max_results: 100
completer: $external_completer # check 'carapace_completer'
}
}
}
$env.EDITOR = "hx"
$env.VISUAL = "hx"
# alias no = open
# alias open = ^open
alias l = ls -al
alias ll = ls -l
alias ga = git add
alias gaa = git add -A
alias gd = git diff
alias gc = git commit
alias gp = git push
alias gpl = git pull
alias ytl = yt-dlp -f "bv*+mergeall[vcodec=none]" --audio-multistreams
alias conf = cd ~/proj/nixos-config
${(if !cfg.isNixOS then ''
$env.NIX_REMOTE = "daemon"
$env.NIX_USER_PROFILE_DIR = $"/nix/var/nix/profiles/per-user/($env.USER)"
$env.NIX_PROFILES = $"/nix/var/nix/profiles/default:($env.HOME)/.nix-profile"
$env.NIX_SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt"
$env.NIX_PATH = "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixpkgs:/nix/var/nix/profiles/per-user/root/channels"
$env.PATH = ($env.PATH |
split row (char esep) |
append /usr/bin/env |
append $"($env.HOME)/.nix-profile/bin" |
append "/nix/var/nix/profiles/default/bin" |
append $"/etc/profiles/per-user/($env.USER)/bin" |
append "/run/current-system/sw/bin" |
append "/opt/homebrew/bin" |
append $"($env.HOME)/.cargo/bin" |
append $"($env.HOME)/.local/bin"
)
'' else "")}
'';
shellAliases = {
vi = "hx";
vim = "hx";
nano = "hx";
};
};
programs.carapace.enable = true;
programs.carapace.enableNushellIntegration = true;
programs.starship = {
enable = true;
settings = {
"add_newline" = false;
# "format" = "($direnv$nix_shell$container$fill$git_metrics\n)$cmd_duration$hostname$localip$shlvl$shell$env_var$jobs$username$directory ";
"format" = "$cmd_duration$status$hostname$localip$shlvl$shell$env_var$jobs$username$directory";
"right_format" = "$nix_shell$git_branch$git_commit$git_state$git_status$package$custom$os$battery$time";
aws.disabled = true;
status.disabled = false;
battery.disabled = true;
"buf" = {
"format" = " [buf](italic) [$symbol $version $buf_version]($style)";
# "symbol" = "■ ";
};
"c" = {
"format" = " [$symbol($version(-$name))]($style)";
# "symbol" = " ";
};
"character" = {
"error_symbol" = "[:](italic purple)";
"format" = "$symbol ";
"success_symbol" = "[:](bold italic bright-yellow)";
"vimcmd_replace_one_symbol" = "r";
"vimcmd_replace_symbol" = "R";
"vimcmd_symbol" = "[>](italic dimmed green)";
"vimcmd_visual_symbol" = "SEL";
};
"cmd_duration" = {
"format" = "[$duration](italic white) ";
};
"conda" = {
"format" = " conda [$symbol$environment]($style)";
# "symbol" = "◯ ";
};
"continuation_prompt" = "[ ](dimmed white)";
"dart" = {
"format" = " dart [$symbol($version )]($style)";
# "symbol" = "◁◅ ";
};
"deno" = {
"format" = " [deno](italic) [ $version](green bold)";
"version_format" = "\${raw}";
};
"directory" = {
"format" = "[$path]($style)[$read_only]($read_only_style)";
"home_symbol" = "~";
"read_only" = " (ro) ";
"repo_root_format" = "[$before_root_path]($before_repo_root_style)[$repo_root]($repo_root_style)[$path]($style)[$read_only]($read_only_style)";
"repo_root_style" = "bold blue";
"style" = "italic blue";
"truncation_length" = 50;
"truncation_symbol" = "";
"use_os_path_sep" = true;
};
"docker_context" = {
"format" = " docker [$symbol$context]($style)";
# "symbol" = "◧ ";
};
direnv = {
disabled = false;
};
"elixir" = {
"format" = " exs [$symbol $version OTP $otp_version ]($style)";
# "symbol" = "△ ";
};
"elm" = {
"format" = " elm [$symbol($version )]($style)";
# "symbol" = "◩ ";
};
"env_var" = {
"VIMSHELL" = {
"format" = "[$env_value]($style)";
"style" = "green italic";
};
};
"fill" = {
"symbol" = " ";
};
"git_branch" = {
"format" = " [$branch(:$remote_branch)]($style)";
"ignore_branches" = [
"main"
"master"
];
"only_attached" = true;
"style" = "italic bright-blue";
"symbol" = "(bold italic bright-blue)";
# "symbol" = "[△](bold italic bright-blue)";
"truncation_length" = 13;
"truncation_symbol" = "";
};
"git_metrics" = {
"added_style" = "italic dimmed green";
"deleted_style" = "italic dimmed red";
"disabled" = false;
"format" = "([$added]($added_style))([$deleted]($deleted_style))";
"ignore_submodules" = true;
};
"git_status" = {
"ahead" = "[[\${count}](bold white)](italic green)";
"behind" = "[[\${count}](bold white)](italic red)";
"conflicted" = "[](italic bright-magenta)";
"deleted" = "[](italic red)";
"diverged" = "[ [\${ahead_count}](regular white)[\${behind_count}](regular white)](italic bright-magenta)";
"format" = "([$ahead_behind$staged$modified$untracked$renamed$deleted$conflicted$stashed]($style))";
"modified" = "[](italic yellow)";
"renamed" = "[](italic bright-blue)";
"staged" = "[[$count](bold white)](italic bright-cyan)";
"stashed" = "[](italic white)";
"style" = "bold italic bright-blue";
"untracked" = "[](italic bright-yellow)";
};
"golang" = {
"format" = " go [$symbol($version )]($style)";
# "symbol" = "∩ ";
};
"haskell" = {
"format" = " hs [$symbol($version )]($style)";
# "symbol" = "❯λ ";
};
"java" = {
"format" = " java [\${symbol}(\${version} )]($style)";
# "symbol" = " ";
};
"jobs" = {
"format" = "[$symbol$number]($style) ";
"style" = "white";
"symbol" = "[](blue italic)";
};
"julia" = {
"format" = " jl [$symbol($version )]($style)";
"symbol" = " ";
};
"localip" = {
"disabled" = false;
"format" = " [$localipv4](bold magenta)";
"ssh_only" = true;
};
"lua" = {
"format" = " [lua](italic) [\${symbol}\${version}]($style)";
"style" = "bold bright-yellow";
"symbol" = " ";
"version_format" = "\${raw}";
};
"memory_usage" = {
"format" = " mem [\${ram}( \${swap})]($style)";
"symbol" = " ";
};
"nim" = {
"format" = " nim [$symbol($version )]($style)";
"symbol" = " ";
};
"nix_shell" = {
"format" = "[$symbol]($style) [$name](italic dimmed white)";
"impure_msg" = "[impure](bold dimmed red)";
"pure_msg" = "[pure](bold dimmed green)";
"style" = "bold italic dimmed blue";
"symbol" = "󱄅";
"unknown_msg" = "[unknown](bold dimmed ellow)";
};
"nodejs" = {
"detect_extensions" = [
];
"detect_files" = [
"package-lock.json"
"yarn.lock"
"pnpm-lock.yaml"
];
"detect_folders" = [
"node_modules"
];
"format" = " [node](italic) [($version)](bold bright-green)";
"version_format" = "\${raw}";
};
"package" = {
"format" = " [pkg](italic dimmed) [$symbol$version]($style)";
"style" = "dimmed yellow italic bold";
# "symbol" = "◨ ";
"version_format" = "\${raw}";
};
"python" = {
"format" = " [py](italic) [\${symbol}\${version}]($style)";
"style" = "bold bright-yellow";
# "symbol" = "[⌉](bold bright-blue)⌊ ";
"version_format" = "\${raw}";
};
"ruby" = {
disabled = true;
"format" = " [rb](italic) [\${symbol}\${version}]($style)";
"style" = "bold red";
# "symbol" = "◆ ";
"version_format" = "\${raw}";
};
"rust" = {
"format" = " [rs](italic) [$symbol$version]($style)";
"style" = "bold red";
# "symbol" = "⊃ ";
"version_format" = "\${raw}";
};
"spack" = {
"format" = " spack [$symbol$environment]($style)";
# "symbol" = "◇ ";
};
"sudo" = {
"disabled" = true;
"format" = "[$symbol]($style)";
"style" = "bold italic bright-purple";
"symbol" = "sudo";
};
"swift" = {
"format" = " [sw](italic) [\${symbol}\${version}]($style)";
"style" = "bold bright-red";
# "symbol" = "◁ ";
"version_format" = "\${raw}";
};
"time" = {
"disabled" = true;
"format" = "[ $time]($style)";
"style" = "italic dimmed white";
"time_format" = "%R";
"utc_time_offset" = "local";
};
"username" = {
"disabled" = false;
"format" = "[$user]($style) ";
"show_always" = false;
"style_root" = "purple bold italic";
"style_user" = "bright-yellow bold italic";
};
};
};
programs.vscode.userSettings."terminal.integrated.profiles.osx" = {
nushell = {
path = "${pkgs.nushell}/bin/nushell";
};
};
programs.vscode.userSettings."terminal.integrated.defaultProfile.osx" = "nushell";
};
}

137
old-conf/hm-modules/nvim/config/lua/.luarc.json
View file

@ -1,137 +0,0 @@
{
"$schema": "https://raw.githubusercontent.com/sumneko/vscode-lua/master/setting/schema.json",
"Lua.workspace.checkThirdParty": false,
"Lua.workspace.library": [
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-buffer",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-cmdline",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-nvim-lsp",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-path",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp_luasnip",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/gruvbox",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/luasnip",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nnn-nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/noice-nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/notify-nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nui.nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-cmp",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-lspconfig",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-bash-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-beancount-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-bibtex-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-c-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-clojure-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-cmake-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-comment-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-commonlisp-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-cpp-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-css-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-cuda-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-c_sharp-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-dart-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-devicetree-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-dockerfile-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-dot-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-eex-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-elisp-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-elixir-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-elm-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-embedded_template-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-erlang-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-fennel-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-fish-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-fortran-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-gdscript-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-glimmer-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-glsl-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-go-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-godot_resource-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-gomod-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-gowork-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-graphql-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-haskell-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-hcl-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-heex-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-hjson-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-html-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-http-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-janet_simple-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-java-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-javascript-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-jsdoc-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-json-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-json5-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-jsonnet-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-julia-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-kotlin-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-latex-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ledger-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-llvm-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-lua-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-make-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-markdown-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-markdown_inline-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-nickel-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-nix-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-norg-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ocaml-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ocaml_interface-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-org-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-perl-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-pgn-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-php-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-pioasm-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-prisma-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-pug-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-python-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ql-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ql_dbscheme-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-query-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-r-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-regex-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-rego-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-rst-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-ruby-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-rust-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-scala-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-scheme-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-scss-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-smithy-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-sparql-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-sql-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-supercollider-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-surface-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-svelte-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-tiger-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-tlaplus-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-toml-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-tsq-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-tsx-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-turtle-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-typescript-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-verilog-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-vim-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-vue-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-yaml-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-yang-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/nvim-treesitter-zig-grammar",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/plenary.nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/rust-tools.nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/telescope.nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/toggleterm.nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/vim-tmux-navigator",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/vimspector",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/__python3_dependencies",
"/Users/ragon/.config/nvim",
"/Users/ragon/.local/share/nvim/site",
"/nix/store/j5myw4djaj1hmi5r8p5hxaynhingy8k5-neovim-unwrapped-0ecb4d7/share/nvim/runtime",
"/nix/store/j5myw4djaj1hmi5r8p5hxaynhingy8k5-neovim-unwrapped-0ecb4d7/lib/nvim",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-buffer/after",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-cmdline/after",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-nvim-lsp/after",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp-path/after",
"/nix/store/y7fc4px5ijgv7wpls3r0xiw2hd600q7n-vim-pack-dir/pack/myNeovimPackages/start/cmp_luasnip/after",
"${3rd}/love2d/library"
]
}

210
old-conf/hm-modules/nvim/config/lua/dark_notify.lua
View file

@ -1,210 +0,0 @@
-- http://lua-users.org/wiki/StringTrim
function trim6(s)
return s:match '^()%s*$' and '' or s:match '^%s*(.*%S)'
end
-- from norcalli/nvim_utils
function nvim_create_augroups(definitions)
for group_name, definition in pairs(definitions) do
vim.api.nvim_command('augroup ' .. group_name)
vim.api.nvim_command('autocmd!')
for _, def in ipairs(definition) do
-- if type(def) == 'table' and type(def[#def]) == 'function' then
-- def[#def] = lua_callback(def[#def])
-- end
local command = table.concat(vim.tbl_flatten { 'autocmd', def }, ' ')
vim.api.nvim_command(command)
end
vim.api.nvim_command('augroup END')
end
end
local state = {
initialized = false,
pid = -1,
stdin_handle = nil,
config = {},
}
local M = {}
local function ensure_config()
if state.config == nil then
state.config = {}
end
end
local function get_config()
ensure_config()
return state.config
end
local function edit_config(fn)
ensure_config()
fn(state.config)
end
local function apply_mode(mode)
local config = get_config()
local sel = config.schemes[mode] or {}
local colorscheme = sel.colorscheme or nil
local bg = sel.background or mode
local lualineTheme = sel.lualine or nil
vim.api.nvim_command('set background=' .. bg)
if colorscheme ~= nil then
vim.api.nvim_command('colorscheme ' .. colorscheme)
end
require('lualine').setup { options = { theme = lualineTheme } }
if config.onchange ~= nil then
config.onchange(mode)
end
state.current_mode = mode
end
function M.update()
local mode = vim.fn.system('dark-notify --exit')
mode = trim6(mode)
apply_mode(mode)
end
function M.set_mode(mode)
mode = trim6(mode)
if not (mode == "light" or mode == "dark") then
error("mode must be either \"light\" or \"dark\"" .. mode)
return
end
apply_mode(mode)
end
function M.toggle()
local mode = state.current_mode
if mode == "light" then
mode = "dark"
elseif mode == "dark" then
mode = "light"
else
M.update()
return
end
apply_mode(mode)
end
local function init_dark_notify()
-- Docs on this vim.loop stuff: https://github.com/luvit/luv
local handle, pid
local stdout = vim.loop.new_pipe(false)
local stdin = vim.loop.new_pipe(false)
local function onexit()
vim.loop.close(handle, vim.schedule_wrap(function()
vim.loop.shutdown(stdout)
vim.loop.shutdown(stdin)
state.initialized = false
state.pid = nil
state.stdin_handle = nil
end))
end
local function onread(err, chunk)
assert(not err, err)
if (chunk) then
local mode = trim6(chunk)
if not (mode == "light" or mode == "dark") then
error("dark-notify output not expected: " .. chunk)
return
end
apply_mode(mode)
end
end
handle, pid = vim.loop.spawn(
"dark-notify",
{ stdio = { stdin, stdout, nil } },
vim.schedule_wrap(onexit)
)
vim.loop.read_start(stdout, vim.schedule_wrap(onread))
state.initialized = true
state.pid = pid
state.stdin_handle = stdin
-- For whatever reason, nvim isn't killing child processes properly on exit
-- So if you don't do this, you get zombie dark-notify processes hanging about.
nvim_create_augroups({
DarkNotifyKillChildProcess = {
{ "VimLeave", "*", "lua require('dark_notify').stop()" },
}
})
end
-- For whatever reason, killing the child process doesn't work, at all. So we
-- send it the line "quit\n", and it kills itself.
function M.stop()
if state.stdin_handle == nil then
return
end
vim.loop.write(state.stdin_handle, "quit\n")
-- process quits itself, calls onexit
-- config gets edited from there
end
function M.configure(config)
if config == nil then
return
end
local lightline_loaders = config.lightline_loaders or {}
local schemes = config.schemes or {}
local onchange = config.onchange
for _, mode in pairs({ "light", "dark" }) do
if type(schemes[mode]) == "string" then
schemes[mode] = { colorscheme = schemes[mode] }
end
end
edit_config(function(conf)
conf.lightline_loaders = lightline_loaders
conf.schemes = schemes
conf.onchange = onchange
end)
end
function M.run(config)
if config ~= nil or get_config().schemes == nil then
-- if it's nil, it's a first run, so configure with no options.
config = config or {}
M.configure(config)
end
local config = get_config()
if not config.initialized then
-- first run on startup, also happens to apply current mode
init_dark_notify()
elseif state.current_mode ~= nil then
-- we have run it before, but we're updating the settings
-- so don't reset to system, but do apply changed config.
local mode = state.current_mode
apply_mode(mode)
end
end
return M
-- init.lua or init.vim in a lua <<EOF
-- require('dark_notify').run({
-- lightline_loaders = {
-- my_colorscheme = "path_to_my_colorscheme's lightline autoload file"
-- },
-- schemes = {
-- dark = "dark colorscheme name",
-- light = { colorscheme = "light scheme name", background = "optional override, either light or dark" }
-- },
-- onchange = function(mode)
-- end,
-- })

11
old-conf/hm-modules/nvim/config/lua/filetypes.lua
View file

@ -1,11 +0,0 @@
vim.cmd [[
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
augroup vimtex_mac
autocmd!
autocmd FileType tex call SetServerName()
augroup END
function! SetServerName()
call system('echo ' . v:servername . ' > /tmp/curvimserver')
endfunction
]]

68
old-conf/hm-modules/nvim/config/lua/keybindings.lua
View file

@ -1,68 +0,0 @@
local map = require('utils').map
-- split binds
map { 'n', '<A-h>', '<cmd>vertical resize -5<CR>', noremap = true, silent = true}
map { 'n', '<A-l>', '<cmd>vertical resize +5<CR>', noremap = true, silent = true}
map { 'n', '<A-j>', '<cmd>resize -5<CR>', noremap = true, silent = true}
map { 'n', '<A-k>', '<cmd>resize +5<CR>', noremap = true, silent = true}
map { 'n', '<A-=>', '<C-w> =', noremap = true, silent = true}
map { 'n', '<A-s>', '<cmd>vsp<CR>', noremap = true, silent = true}
map { 'n', '<C-s>', '<cmd>split<CR>', noremap = true, silent = true}
map { 'n', '<C-h>', '<C-w>h', noremap = true, silent = true}
map { 'n', '<C-j>', '<C-w>j', noremap = true, silent = true}
map { 'n', '<C-k>', '<C-w>k', noremap = true, silent = true}
map { 'n', '<C-l>', '<C-w>l', noremap = true, silent = true}
-- telescope
map { 'n', '<leader>b', '<cmd>Telescope buffers<CR>', noremap = false, silent = true}
--map { 'n', '<leader>ff', '<cmd>Telescope find_files<CR>', noremap = false, silent = true}
map { 'n', '<leader>s', '<cmd>Telescope live_grep<CR>', noremap = false, silent = true}
map { 'n', '<C-p>', '<cmd>Telescope registers<CR>', noremap = false, silent = true}
--map { 'n', '<leader>pp', '<cmd>lua require\'telescope\'.extensions.projects.projects{}<cr>', noremap = false, silent = true}
-- tab binds
map { 'n', '<C-t>', '<cmd>tabnew<CR>', noremap = false, silent = true}
map { 'n', '<C-Left>', '<cmd>tabprevious<CR>', noremap = false, silent = true}
map { 'n', '<C-Right>', '<cmd>tabnext<CR>', noremap = false, silent = true}
-- copy paste
map { 'v', '<C-c>', '"+y', noremap = true, silent = true}
--map { 'n', '<C-b>', '"+P', noremap = false, silent = true}
-- sudo :w
map { 'c', 'w!!', 'w !sudo tee > /dev/null %', noremap = false, silent = false}
-- vimspector
map { 'n', '<leader>di', '<Plug>VimspectorBalloonEval', noremap = false, silent = false }
map { 'x', '<leader>di', '<Plug>VimspectorBalloonEval', noremap = false, silent = false }
-- terminal
-- map { 'n', '<leader>t', ':term<CR>', noremap = false, silent = true}
-- map { 't', '<C-b>', '<C-\\><C-n>', noremap = true, silent = true}
-- plugins - nnn
map { 'n', '<tab>', '<cmd>:NnnPicker %:p:h<CR>', noremap = true, silent = true}
map { 'n', '<s-tab>', '<cmd>:NnnExplorer %:p:h<CR>', noremap = true, silent = true}
-- plugins - terminal
map {"n", "<leader>gg", "<cmd>lua _lazygit_toggle()<CR>", {noremap = true, silent = true}}
map {"n", "<leader>gl", "<cmd>lua _glab_toggle()<CR>", {noremap = true, silent = true}}
map {"n", "<leader>gh", "<cmd>lua _ghub_toggle()<CR>", {noremap = true, silent = true}}
-- diagnostic
map {"n", "<leader>e", "<cmd>lua require\'telescope.builtin\'.lsp_diagnostics{}<CR>", { noremap = true, silent = true}}
map {"n", "<leader>q", "<cmd>lua vim.diagnostic.setloclist()<CR>", { noremap = true, silent = true}}
map {"n", "]g", "<cmd>lua vim.diagnostic.goto_next()<CR>", { noremap = true, silent = true}}
map {"n", "[g", "<cmd>lua vim.diagnostic.goto_prev()<CR>", { noremap = true, silent = true}}
-- dap
map {"n", "<leader>db", "<cmd>lua require'dap'.toggle_breakpoint()<CR>", { noremap = true, silent = true}}
map {"n", "<leader>du", "<cmd>lua require'dapui'.toggle()<CR>", { noremap = true, silent = true}}
map {"n", "<leader>dc", "<cmd>lua require'dap'.continue()<CR>", { noremap = true, silent = true}}
map {"n", "<leader>dr", "<cmd>lua require'dap'.repl.open()<CR>", { noremap = true, silent = true}}
map {"n", "<leader>di", "<cmd>lua require'dap'.step_into()<CR>", { noremap = true, silent = true}}
-- cp
map {"n", "<leader>c", "<cmd>Copilot panel<CR>", { noremap = true, silent = true}}
vim.cmd [[
imap <silent><script><expr> <C-J> copilot#Accept("\<CR>")
]]

53
old-conf/hm-modules/nvim/config/lua/plugin/cmp.lua
View file

@ -1,53 +0,0 @@
local cmp = require 'cmp'
local lspkind = require 'lspkind'
local luasnip = require 'luasnip'
local has_words_before = function()
local line, col = unpack(vim.api.nvim_win_get_cursor(0))
return col ~= 0 and vim.api.nvim_buf_get_lines(0, line - 1, line, true)[1]:sub(col, col):match("%s") == nil
end
cmp.setup({
snippet = {
expand = function(args)
require('luasnip').lsp_expand(args.body)
end,
},
mapping = {
['<CR>'] = cmp.mapping.confirm({ select = true }), -- Accept currently selected item. Set `select` to `false` to only confirm explicitly selected items.
["<Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif luasnip.expand_or_jumpable() then
luasnip.expand_or_jump()
elseif has_words_before() then
cmp.complete()
else
fallback() -- The fallback function sends a already mapped key. In this case, it's probably `<Tab>`.
end
end, { "i", "s" }),
["<S-Tab>"] = cmp.mapping(function()
if cmp.visible() then
cmp.select_prev_item()
elseif luasnip.jumpable(-1) then
luasnip.jump(-1)
end
end, { "i", "s" }),
},
sources = cmp.config.sources({
{ name = "nvim_lsp" },
{ name = 'nvim_lsp_signature_help' },
{ name = "luasnip" },
}, { name = "buffer" }),
formatting = {
format = lspkind.cmp_format({
mode = "symbol_text",
menu = ({
buffer = "[Buffer]",
nvim_lsp = "[LSP]",
luasnip = "[LuaSnip]",
nvim_lua = "[Lua]",
latex_symbols = "[Latex]",
})
}),
},
})

25
old-conf/hm-modules/nvim/config/lua/plugin/dap.lua
View file

@ -1,25 +0,0 @@
local dap = require('dap')
dap.adapters.coreclr = {
type = 'executable',
command = '/nix/var/nix/profiles/per-user/ragon/home-manager/home-path/bin/netcoredbg', -- TODO this is a gross hack, please fix
args = {'--interpreter=vscode'}
}
dap.configurations.cs = {
{
type = "coreclr",
name = "launch - netcoredbg",
request = "launch",
program = function()
return vim.fn.input('Path to dll', vim.fn.getcwd() .. '/bin/Debug/', 'file')
end,
},
{
type = "coreclr",
name = "attach - netcoredbg",
mode = "local",
request = "attach",
processId = require("dap.utils").pick_process,
},
}
require'dapui'.setup {}

1
old-conf/hm-modules/nvim/config/lua/plugin/gitsigns.lua
View file

@ -1 +0,0 @@
require('gitsigns').setup {}

114
old-conf/hm-modules/nvim/config/lua/plugin/lsp.lua
View file

@ -1,114 +0,0 @@
local lspconfig = require 'lspconfig'
local util = require 'lspconfig.util'
local capabilities = require('cmp_nvim_lsp').default_capabilities()
-- lsp keymaps
local lsp_attach_keymappings = {
['gD'] = 'vim.lsp.buf.declaration()',
['gd'] = 'require\'telescope.builtin\'.lsp_definitions()',
['K'] = 'vim.lsp.buf.hover()',
['gi'] = 'require\'telescope.builtin\'.lsp_implementations()',
['<localleader>k'] = 'vim.lsp.buf.signature_help()',
['<leader>wa'] = 'vim.lsp.buf.add_workspace_folder()',
['<leader>wr'] = 'vim.lsp.buf.remove_workspace_folder()',
['<leader>ws'] = 'require\'telescope.builtin\'.lsp_workspace_symbols()',
['<leader>wl'] = 'print(vim.inspect(vim.lsp.buf.list_workspace_folders()))',
['<leader>D'] = 'require\'telescope.builtin\'.lsp_type_definitions()',
['<leader>rn'] = 'vim.lsp.buf.rename()',
['<leader>ca'] = 'vim.lsp.buf.code_action()',
['gr'] = 'require\'telescope.builtin\'.lsp_references()',
['<leader>f'] = 'vim.lsp.buf.format()'
}
local buf_nnoremap_lua = function(bufnr, keys, command)
vim.api.nvim_buf_set_keymap(bufnr, 'n', keys, '<cmd>lua ' .. command .. '<CR>', { noremap = true, silent = true })
end
local on_lsp_attach = function(_, bufnr)
-- Enable completion triggered by <c-x><c-o>:
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
for key, cmd in pairs(lsp_attach_keymappings) do buf_nnoremap_lua(bufnr, key, cmd) end
end
vim.g.markdown_fenced_languages = {
"ts=typescript"
}
lspconfig.denols.setup { capabilities = capabilities, on_attach = on_lsp_attach, root_dir = util.root_pattern("deno.json", "deno.jsonc") }
lspconfig.gopls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.pyright.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.dartls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.nil_ls.setup { capabilities = capabilities, on_attach = on_lsp_attach } -- nix
-- lspconfig.rnix.setup { capabilities = capabilities, on_attach = on_lsp_attach } -- nix
lspconfig.terraformls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.kotlin_language_server.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.sourcekit.setup { capabilities = capabilities, on_attach = on_lsp_attach, cmd = { "xcrun", "sourcekit-lsp" } } -- swift
lspconfig.tsserver.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.vimls.setup {
capabilities = capabilities,
on_attach = on_lsp_attach,
isNeovim = true,
}
lspconfig.csharp_ls.setup {
capabilities = capabilities,
on_attach = on_lsp_attach,
cmd = { vim.env.HOME .. "/.dotnet/tools/csharp-ls" },
}
lspconfig.ltex.setup { capabilities = capabilities, on_attach = on_lsp_attach }
-- start vscode included language servers
lspconfig.eslint.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.html.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.cssls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
lspconfig.jsonls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
-- end vscode included language servers
lspconfig.texlab.setup { capabilities = capabilities, on_attach = on_lsp_attach, settings = { texlab = {
build = {
executable = "tectonic",
args = { "%f", "--keep-logs", "--synctex" },
onSave = true,
forwardSearchAfter = true,
},
chktex = { onOpenAndSave = true, },
forwardSearch = {
executable = "/Applications/Skim.app/Contents/SharedSupport/displayline",
args = { "-r", "-d", "%l", "%p", "%f" },
},
} } }
lspconfig.sumneko_lua.setup {
capabilities = capabilities, on_attach = on_lsp_attach,
settings = {
Lua = {
runtime = {
version = 'LuaJIT'
},
diagnostics = { globals = { 'vim' } },
workspace = {
-- Make the LSP aware of Neovim runtime files:
checkThirdParty = false,
library = vim.api.nvim_get_runtime_file('', true)
},
format = {
enable = true,
defaultConfig = {
indent_style = 'space',
indent_size = '2',
}
},
}
}
}
-- haskell
lspconfig.hls.setup { capabilities = capabilities, on_attach = on_lsp_attach }
local rt = require("rust-tools")
rt.setup({
tools = {
inlay_hints = {
auto = true,
},
},
server = {
capabilities = capabilities, on_attach = on_lsp_attach,
},
})
local ft = require('flutter-tools')
ft.setup {}

215
old-conf/hm-modules/nvim/config/lua/plugin/lualine.lua
View file

@ -1,215 +0,0 @@
-- Eviline config for lualine
-- Author: shadmansaleh
-- Credit: glepnir
local lualine = require('lualine')
-- Color table for highlights
-- stylua: ignore
local colors = {
bg = '#202328',
fg = '#bbc2cf',
yellow = '#ECBE7B',
cyan = '#008080',
darkblue = '#081633',
green = '#98be65',
orange = '#FF8800',
violet = '#a9a1e1',
magenta = '#c678dd',
blue = '#51afef',
red = '#ec5f67',
}
local conditions = {
buffer_not_empty = function()
return vim.fn.empty(vim.fn.expand('%:t')) ~= 1
end,
hide_in_width = function()
return vim.fn.winwidth(0) > 80
end,
check_git_workspace = function()
local filepath = vim.fn.expand('%:p:h')
local gitdir = vim.fn.finddir('.git', filepath .. ';')
return gitdir and #gitdir > 0 and #gitdir < #filepath
end,
}
-- Config
local config = {
options = {
-- Disable sections and component separators
component_separators = '',
section_separators = '',
theme = 'gruvbox',
},
sections = {
-- these are to remove the defaults
lualine_a = {},
lualine_b = {},
lualine_y = {},
lualine_z = {},
-- These will be filled later
lualine_c = {},
lualine_x = {},
},
inactive_sections = {
-- these are to remove the defaults
lualine_a = {},
lualine_b = {},
lualine_y = {},
lualine_z = {},
lualine_c = {},
lualine_x = {},
},
}
-- Inserts a component in lualine_c at left section
local function ins_left(component)
table.insert(config.sections.lualine_c, component)
end
-- Inserts a component in lualine_x at right section
local function ins_right(component)
table.insert(config.sections.lualine_x, component)
end
ins_left {
function()
return ''
end,
color = { fg = colors.blue }, -- Sets highlighting of component
padding = { left = 0, right = 1 }, -- We don't need space before this
}
ins_left {
-- mode component
function()
return ''
end,
color = function()
-- auto change color according to neovims mode
local mode_color = {
n = colors.red,
i = colors.green,
v = colors.blue,
[''] = colors.blue,
V = colors.blue,
c = colors.magenta,
no = colors.red,
s = colors.orange,
S = colors.orange,
[''] = colors.orange,
ic = colors.yellow,
R = colors.violet,
Rv = colors.violet,
cv = colors.red,
ce = colors.red,
r = colors.cyan,
rm = colors.cyan,
['r?'] = colors.cyan,
['!'] = colors.red,
t = colors.red,
}
return { fg = mode_color[vim.fn.mode()] }
end,
padding = { right = 1 },
}
ins_left {
-- filesize component
'filesize',
cond = conditions.buffer_not_empty,
}
ins_left {
'filename',
cond = conditions.buffer_not_empty,
color = { fg = colors.magenta, gui = 'bold' },
}
ins_left { 'location' }
ins_left { 'progress', color = { fg = colors.fg, gui = 'bold' } }
ins_left {
'diagnostics',
sources = { 'nvim_diagnostic' },
symbols = { error = '', warn = '', info = '' },
diagnostics_color = {
color_error = { fg = colors.red },
color_warn = { fg = colors.yellow },
color_info = { fg = colors.cyan },
},
}
-- Insert mid section. You can make any number of sections in neovim :)
-- for lualine it's any number greater then 2
ins_left {
function()
return '%='
end,
}
ins_left {
-- Lsp server name .
function()
local msg = 'No Active Lsp'
local buf_ft = vim.api.nvim_buf_get_option(0, 'filetype')
local clients = vim.lsp.get_active_clients()
if next(clients) == nil then
return msg
end
for _, client in ipairs(clients) do
local filetypes = client.config.filetypes
if filetypes and vim.fn.index(filetypes, buf_ft) ~= -1 then
return client.name
end
end
return msg
end,
icon = ' LSP:',
color = { fg = '#ffffff', gui = 'bold' },
}
-- Add components to right sections
ins_right {
'o:encoding', -- option component same as &encoding in viml
fmt = string.upper, -- I'm not sure why it's upper case either ;)
cond = conditions.hide_in_width,
color = { fg = colors.green, gui = 'bold' },
}
ins_right {
'fileformat',
fmt = string.upper,
icons_enabled = false, -- I think icons are cool but Eviline doesn't have them. sigh
color = { fg = colors.green, gui = 'bold' },
}
ins_right {
'branch',
icon = '',
color = { fg = colors.violet, gui = 'bold' },
}
ins_right {
'diff',
-- Is it me or the symbol for modified us really weird
symbols = { added = '', modified = '', removed = '' },
diff_color = {
added = { fg = colors.green },
modified = { fg = colors.orange },
removed = { fg = colors.red },
},
cond = conditions.hide_in_width,
}
ins_right {
function()
return ''
end,
color = { fg = colors.blue },
padding = { left = 1 },
}
-- Now don't forget to initialize lualine
lualine.setup(config)

11
old-conf/hm-modules/nvim/config/lua/plugin/nnn.lua
View file

@ -1,11 +0,0 @@
require('nnn').setup({
set_default_mappings = 0,
replace_netrw = 1,
layout = {
window = {
width = 0.9,
height = 0.6,
highlight = 'Debug'
}
}
})

26
old-conf/hm-modules/nvim/config/lua/plugin/noice.lua
View file

@ -1,26 +0,0 @@
require("noice").setup({
views = {
notify = {
merge = true,
}
},
lsp = {
override = {
["vim.lsp.util.convert_input_to_markdown_lines"] = true,
["vim.lsp.util.stylize_markdown"] = true,
["cmp.entry.get_documentation"] = true,
},
},
-- you can enable a preset for easier configuration
presets = {
bottom_search = true, -- use a classic bottom cmdline for search
command_palette = true, -- position the cmdline and popupmenu together
long_message_to_split = true, -- long messages will be sent to a split
inc_rename = false, -- enables an input dialog for inc-rename.nvim
lsp_doc_border = false, -- add a border to hover docs and signature help
},
})
require("notify").setup({
-- stages = "static",
-- max_width = 70,
})

12
old-conf/hm-modules/nvim/config/lua/plugin/telescope.lua
View file

@ -1,12 +0,0 @@
local telescope = require('telescope')
telescope.setup {
extensions = {
["ui-select"] = {
require("telescope.themes").get_dropdown {
-- even more opts
}
}
}
}
telescope.load_extension('ui-select')

35
old-conf/hm-modules/nvim/config/lua/plugin/terminal.lua
View file

@ -1,35 +0,0 @@
require('toggleterm').setup {
direction = 'window',
open_mapping = [[<c-n>]],
}
local Terminal = require('toggleterm.terminal').Terminal
local lazygit = Terminal:new {
cmd = "lazygit",
hidden = true,
direction = 'float'
}
function _lazygit_toggle()
lazygit:toggle()
end
local glab = Terminal:new {
cmd = "glab ci view",
hidden = true,
direction = 'float'
}
function _glab_toggle()
glab:toggle()
end
local ghub = Terminal:new {
cmd = "gh run view",
hidden = true,
direction = 'float'
}
function _ghub_toggle()
ghub:toggle()
end

26
old-conf/hm-modules/nvim/config/lua/plugin/treesitter.lua
View file

@ -1,26 +0,0 @@
local treesitter_parser_install_dir = '/var/tmp/nvim-treesitter/parser'
require'nvim-treesitter.configs'.setup {
highlight = {
enable = true,
-- use_languagetree = true,
},
parser_install_dir = treesitter_parser_install_dir,
-- indent = {
-- enable = true,
-- },
-- autotag = {
-- enable = true,
-- },
-- context_commentstring = {
-- enable = true,
-- enable_autocmd = false,
-- },
-- refactor = {
-- highlight_definitions = { enable = true },
-- highlight_current_scope = { enable = false },
-- },
}
require'treesitter-context'.setup{
enable = true, -- Enable this plugin (Can be enabled/disabled later via commands)
}

21
old-conf/hm-modules/nvim/config/lua/utils.lua
View file

@ -1,21 +0,0 @@
-- cool map funciton from https://vonheikemen.github.io/devlog/tools/configuring-neovim-using-lua/
utils = {}
utils.map = function(key)
-- get the extra options
local opts = {noremap = false}
for i, v in pairs(key) do
if (i) == 'string' then opts[i] = v end
end
-- basic support for buffer-scoped keybindings
local buffer = opts.buffer
opts.buffer = nil
if buffer then
vim.api.nvim_buf_set_keymap(0, key[1], key[2], key[3], opts)
else
vim.api.nvim_set_keymap(key[1], key[2], key[3], opts)
end
end
return utils

75
old-conf/hm-modules/nvim/config/nvim.lua
View file

@ -1,75 +0,0 @@
-- general settings
vim.cmd [[
filetype plugin on
filetype indent plugin on
filetype plugin indent on
syntax on
]]
-- mapleader
local opt = vim.opt
vim.g.mapleader = ' '
vim.g.maplocalleader = ','
-- color stuff
opt.termguicolors = true -- 24bit color
require('gruvbox').setup({})
require('tokyonight').setup({})
opt.background = 'dark' -- dark gruvbox
vim.cmd ':colorscheme gruvbox'
require('dark_notify').run({
schemes = {
light = {
colorscheme = 'tokyonight',
background = 'light',
lualine = 'tokyonight'
},
dark = {
colorscheme = 'gruvbox',
background = 'dark',
lualine = 'gruvbox'
}
},
})
--vimspector
vim.g.vimspector_base_dir = vim.env.HOME .. "/.local/share/nvim/vimspector"
vim.g.vimspector_enable_mappings = "HUMAN"
vim.g.copilot_no_tab_map = true
opt.encoding = 'utf-8'
opt.number = true
opt.relativenumber = true
opt.undofile = true -- save undo chages even after computer restart
opt.showcmd = true -- show (partial) command in status line
opt.showmatch = true -- show match brackets
opt.wildmenu = true -- visual autocomplete for command menu
-- Splits open at the bottom and right, which is non-retarded, unlike vim defaults.
opt.splitbelow = true
opt.splitright = true
-- indents
opt.expandtab = true
opt.shiftwidth = 2
opt.softtabstop = 2
-- buffers don't get unloaded when hidden
opt.hidden = true
-- low updatetime so it isnt as slow
opt.updatetime = 100
require('utils')
require('keybindings')
require('filetypes')
-- load plugin luas (idk how to do that autmagically)
require('plugin.treesitter')
require('plugin.nnn')
require('plugin.terminal')
require('plugin.noice')
require('plugin.telescope')
require('plugin.cmp')
require('plugin.lsp')
require('plugin.dap')
require('plugin.lualine')
require('plugin.gitsigns')

127
old-conf/hm-modules/nvim/default.nix
View file

@ -1,127 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.nvim;
in
{
options.ragon.nvim.enable = lib.mkOption { default = true; };
options.ragon.nvim.maximal = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
home.packages =
(with pkgs;[
# telescope
ripgrep
# embedded terminal
lazygit
glab
gh
# other stuff
neovim-remote
]) ++
lib.optionals cfg.maximal (with pkgs;[
# language servers
nil # nix
#inputs.rnix-lsp.packages."${pkgs.system}".rnix-lsp
gopls # go
pyright # python3
terraform-ls
terraform
nodePackages.typescript
nodePackages.typescript-language-server
haskell-language-server
sumneko-lua-language-server
pkgs.unstable.ltex-ls # languageTool
(hunspellWithDicts [ "de_DE" "en_US" ]) # spellcheck
hunspellDicts.de-de
nodePackages.vscode-langservers-extracted # eslint, ...
texlab # latex
tectonic
kotlin
kotlin-language-server
ktlint
# rust completion
cargo
rustc
rustfmt
unstable.rust-analyzer
# c# debugging
(pkgs.writeShellScriptBin "netcoredbg" ''exec ${pkgs.unstable.netcoredbg}/bin/netcoredbg "$@"'') # don't fill $path with dlls
]);
home.file.".config/nvim".source = ./config;
home.file.".config/nvim".recursive = true;
programs.neovim =
{
enable = true;
extraConfig = ''
set runtimepath^=~/.config/nvim
lua dofile('${./config/nvim.lua}')
'';
vimAlias = true;
viAlias = true;
plugins =
let
# nnn-nvim = pkgs.vimUtils.buildVimPlugin {
# pname = "nnn-nvim";
# version = "1.0.0";
# src = inputs.nnn-nvim;
# };
# notify-nvim = pkgs.vimUtils.buildVimPlugin {
# pname = "notify-nvim";
# version = "1.0.0";
# src = inputs.notify-nvim;
# };
# noice-nvim = pkgs.vimUtils.buildVimPlugin {
# pname = "noice-nvim";
# version = "1.0.0";
# src = inputs.noice-nvim;
# };
in
map (x: { plugin = x; }) (with pkgs.unstable.vimPlugins; [
vim-tmux-navigator # tmux
# nnn-nvim # nnn as filebrowser
gruvbox-nvim # theme
tokyonight-nvim # light theme
# complete ui overhaul
# notify-nvim
nui-nvim
# noice-nvim
telescope-nvim
telescope-ui-select-nvim
# line
lualine-nvim
# vcs integration
gitsigns-nvim
# completion
nvim-lspconfig # lsp
nvim-dap # dap
nvim-dap-ui # dap stuffzies
nvim-dap-go
pkgs.unstable.vimPlugins.rust-tools-nvim # rust special sauce
pkgs.unstable.vimPlugins.flutter-tools-nvim
# completion - nvim-cmp
cmp-nvim-lsp
cmp-buffer
cmp-path
cmp-cmdline
cmp-nvim-lsp-signature-help
nvim-cmp # completion ui
lspkind-nvim # icons for completion
# completion-snippets
luasnip
cmp_luasnip
friendly-snippets # some premade snippets
toggleterm-nvim # embed terminals (for lazygit,...)
# treesitter
(nvim-treesitter.withAllGrammars)
nvim-treesitter-context
]);
};
};
}

24
old-conf/hm-modules/tmux/default.nix
View file

@ -1,24 +0,0 @@
{ config, pkgs, ... }: {
programs.tmux = {
enable = true;
keyMode = "vi";
clock24 = true;
historyLimit = 10000;
plugins = with pkgs.tmuxPlugins; [
vim-tmux-navigator
];
extraConfig = ''
set -sg escape-time 0 # makes vim esc usable
new-session -s main
bind-key -n C-e send-prefix
bind '"' split-window -c "#{pane_current_path}"
bind % split-window -h -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
set-option -g default-terminal "tmux-256color"
set -as terminal-overrides ',xterm*:Tc:sitm=\E[3m'
run-shell -b '~/.config/tmux-switch-colors/start_theme_switcher.sh'
'';
};
home.file.".config/tmux-switch-colors".source = ./tmux-switch-colors;
}

50
old-conf/hm-modules/tmux/tmux-switch-colors/dark.tmux
View file

@ -1,50 +0,0 @@
## COLORSCHEME: gruvbox dark (medium)
set-option -g status "on"
# default statusbar color
set-option -g status-style bg=colour237,fg=colour223 # bg=bg1, fg=fg1
# default window title colors
set-window-option -g window-status-style bg=colour214,fg=colour237 # bg=yellow, fg=bg1
# default window with an activity alert
set-window-option -g window-status-activity-style bg=colour237,fg=colour248 # bg=bg1, fg=fg3
# active window title colors
set-window-option -g window-status-current-style bg=red,fg=colour237 # fg=bg1
# pane border
set-option -g pane-active-border-style fg=colour250 #fg2
set-option -g pane-border-style fg=colour237 #bg1
# message infos
set-option -g message-style bg=colour239,fg=colour223 # bg=bg2, fg=fg1
# writing commands inactive
set-option -g message-command-style bg=colour239,fg=colour223 # bg=fg3, fg=bg1
# pane number display
set-option -g display-panes-active-colour colour250 #fg2
set-option -g display-panes-colour colour237 #bg1
# clock
set-window-option -g clock-mode-colour colour109 #blue
# bell
set-window-option -g window-status-bell-style bg=colour167,fg=colour235 # bg=red, fg=bg
## Theme settings mixed with colors (unfortunately, but there is no cleaner way)
set-option -g status-justify "left"
set-option -g status-left-style none
set-option -g status-left-length "80"
set-option -g status-right-style none
set-option -g status-right-length "80"
set-window-option -g window-status-separator ""
set-option -g status-left "#[bg=colour241,fg=colour248] #S #[bg=colour237,fg=colour241,nobold,noitalics,nounderscore]"
set-option -g status-right "#[bg=colour237,fg=colour239 nobold, nounderscore, noitalics]#[bg=colour239,fg=colour246] %Y-%m-%d  %H:%M #[bg=colour239,fg=colour248,nobold,noitalics,nounderscore]#[bg=colour248,fg=colour237] #h "
set-window-option -g window-status-current-format "#[bg=colour214,fg=colour237,nobold,noitalics,nounderscore]#[bg=colour214,fg=colour239] #I #[bg=colour214,fg=colour239,bold] #W#{?window_zoomed_flag,*Z,} #[bg=colour237,fg=colour214,nobold,noitalics,nounderscore]"
set-window-option -g window-status-format "#[bg=colour239,fg=colour237,noitalics]#[bg=colour239,fg=colour223] #I #[bg=colour239,fg=colour223] #W #[bg=colour237,fg=colour239,noitalics]"
# vim: set ft=tmux tw=0 nowrap:

38
old-conf/hm-modules/tmux/tmux-switch-colors/light.tmux
View file

@ -1,38 +0,0 @@
#!/usr/bin/env bash
# TokyoNight colors for Tmux
set -g mode-style "fg=#2e7de9,bg=#a8aecb"
set -g message-style "fg=#2e7de9,bg=#a8aecb"
set -g message-command-style "fg=#2e7de9,bg=#a8aecb"
set -g pane-border-style "fg=#a8aecb"
set -g pane-active-border-style "fg=#2e7de9"
set -g status "on"
set -g status-justify "left"
set -g status-style "fg=#2e7de9,bg=#e9e9ec"
set -g status-left-length "100"
set -g status-right-length "100"
set -g status-left-style NONE
set -g status-right-style NONE
set -g status-left "#[fg=#e9e9ed,bg=#2e7de9,bold] #S #[fg=#2e7de9,bg=#e9e9ec,nobold,nounderscore,noitalics]"
set -g status-right "#[fg=#e9e9ec,bg=#e9e9ec,nobold,nounderscore,noitalics]#[fg=#2e7de9,bg=#e9e9ec] #{prefix_highlight} #[fg=#a8aecb,bg=#e9e9ec,nobold,nounderscore,noitalics]#[fg=#2e7de9,bg=#a8aecb] %Y-%m-%d  %I:%M %p #[fg=#2e7de9,bg=#a8aecb,nobold,nounderscore,noitalics]#[fg=#e9e9ed,bg=#2e7de9,bold] #h "
if-shell '[ "$(tmux show-option -gqv "clock-mode-style")" == "24" ]' {
set -g status-right "#[fg=#e9e9ec,bg=#e9e9ec,nobold,nounderscore,noitalics]#[fg=#2e7de9,bg=#e9e9ec] #{prefix_highlight} #[fg=#a8aecb,bg=#e9e9ec,nobold,nounderscore,noitalics]#[fg=#2e7de9,bg=#a8aecb] %Y-%m-%d  %H:%M #[fg=#2e7de9,bg=#a8aecb,nobold,nounderscore,noitalics]#[fg=#e9e9ed,bg=#2e7de9,bold] #h "
}
setw -g window-status-activity-style "underscore,fg=#6172b0,bg=#e9e9ec"
setw -g window-status-separator ""
setw -g window-status-style "NONE,fg=#6172b0,bg=#e9e9ec"
setw -g window-status-format "#[fg=#e9e9ec,bg=#e9e9ec,nobold,nounderscore,noitalics]#[default] #I  #W #F #[fg=#e9e9ec,bg=#e9e9ec,nobold,nounderscore,noitalics]"
setw -g window-status-current-format "#[fg=#e9e9ec,bg=#a8aecb,nobold,nounderscore,noitalics]#[fg=#2e7de9,bg=#a8aecb,bold] #I  #W #F #[fg=#a8aecb,bg=#e9e9ec,nobold,nounderscore,noitalics]"
# tmux-plugins/tmux-prefix-highlight support
set -g @prefix_highlight_output_prefix "#[fg=#8c6c3e]#[bg=#e9e9ec]#[fg=#e9e9ec]#[bg=#8c6c3e]"
set -g @prefix_highlight_output_suffix ""

9
old-conf/hm-modules/tmux/tmux-switch-colors/start_theme_switcher.sh
View file

@ -1,9 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o pipefail
DN=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
$DN/theme_switcher.sh

9
old-conf/hm-modules/tmux/tmux-switch-colors/theme_setter.sh
View file

@ -1,9 +0,0 @@
#!/usr/bin/env bash
DN=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
if [[ $1 == "dark" ]]; then
tmux source-file $DN/dark.tmux
else
tmux source-file $DN/light.tmux
fi

21
old-conf/hm-modules/tmux/tmux-switch-colors/theme_switcher.sh
View file

@ -1,21 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o pipefail
[[ "${TRACE-0}" =~ ^1|t|y|true|yes$ ]] && set -o xtrace
[[ ! $(type -P "dark-notify") ]] && echo "dark-notify command not found. Exiting..." && exit 0
DN=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
SCRIPT_NAME="$(basename $0)"
THEME_SETTER="$DN/theme_setter.sh"
if pgrep -qf "$SCRIPT_NAME"; then
dark-notify -e -c "$THEME_SETTER" # run once
exit 0
fi
while :; do
dark-notify -c "$THEME_SETTER"
done

0
old-conf/hm-modules/vscode/PLEASE FORGIVE ME FOR THIS SINFUL ACT
View file

236
old-conf/hm-modules/vscode/default.nix
View file

@ -1,236 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.vscode;
#marketplace = inputs.nix-vscode-extensions.extensions.${pkgs.system}.vscode-marketplace;
#marketplace-release = inputs.nix-vscode-extensions.extensions.${pkgs.system}.vscode-marketplace-release;
marketplace = (import ./vscode-extensions.nix { inherit pkgs lib; });
in
{
options.ragon.vscode.enable = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
#nixd
nixpkgs-fmt
(unstable.quarto.overrideAttrs (curr: { meta.platforms = [ pkgs.system ]; }))
];
programs.vscode = {
enable = true;
package = pkgs.unstable.vscode;
#mutableExtensionsDir = false;
extensions = with marketplace; [
vscodevim.vim # vim mode (hopefully good)
fathulfahmy.lunarkeymap
vspacecode.whichkey
jdinhlife.gruvbox # theme
mkhl.direnv # direnv
marketplace.eamodio.gitlens
marketplace.ms-vscode-remote.remote-containers
marketplace.sonarsource.sonarlint-vscode
# tomoki1207.pdf # reenable when latex workshop goes
marketplace.johnpapa.vscode-peacock # colors per workspace
# Language Support
## markdown/latex
marketplace.james-yu.latex-workshop # latex, also provides pdf preview
marketplace.quarto.quarto
# marketplace.pokey.cursorless # too much xe exposure
marketplace.valentjn.vscode-ltex # languagetool
#valentjn.vscode-ltex
#marketplace.gpoore.codebraid-preview
marketplace.ms-vscode.hexeditor # a hex editor
#ms-vscode-remote.remote-containers # container envs for stuff
marketplace.ms-vscode-remote.remote-ssh
## others
marketplace.vscjava.vscode-java-pack # java schmava
marketplace.vscjava.vscode-java-debug
marketplace.vscjava.vscode-java-test
marketplace.vscjava.vscode-java-dependency
marketplace.vscjava.vscode-maven
marketplace.redhat.java
marketplace.ms-vscode.cpptools-extension-pack # cpp
# marketplace.ms-vscode.cmake-tools # broken rn
marketplace.ms-vscode.cpptools
marketplace.ms-azuretools.vscode-docker # docker
jnoortheen.nix-ide # nix
golang.go # go
marketplace.ms-python.python # python
marketplace.ms-python.vscode-pylance # python
#marketplace.ms-python.debugpy # python
marketplace.donjayamanne.python-environment-manager # python
marketplace.denoland.vscode-deno # deno
marketplace.bradlc.vscode-tailwindcss
#ms-dotnettools.csharp # c# und so
#marketplace.ms-dotnettools.csdevkit
# marketplace.ms-dotnettools.csharp
# marketplace.ms-dotnettools.vscode-dotnet-runtime
# (marketplace.ms-dotnettools.csdevkit.overrideAttrs (super: a: { sourceRoot = "."; }))
rust-lang.rust-analyzer # rust
marketplace.sswg.swift-lang # swift
#marketplace.vadimcn.vscode-lldb # swift
#marketplace.ms-toolsai.jupyter # jupiter notebooks, broken on 2023-12-19
marketplace.ms-toolsai.jupyter-renderers
#ms-toolsai.jupyter
#marketplace.jakebecker.elixir-ls # elixir
marketplace.dart-code.flutter # dart/flutter
marketplace.dart-code.dart-code # dart/flutter
marketplace.alexisvt.flutter-snippets # flutter snippets
marketplace.tauri-apps.tauri-vscode # tauri
marketplace.dbaeumer.vscode-eslint # js
marketplace.firefox-devtools.vscode-firefox-debug # js debugging
marketplace.arcanis.vscode-zipfs # yarn
marketplace.foam.foam-vscode
marketplace."vsls-contrib"."gitdoc"
yzhang.markdown-all-in-one # markdown
marketplace.davidanson.vscode-markdownlint
marketplace.bierner.markdown-mermaid
marketplace.bpruitt-goddard.mermaid-markdown-syntax-highlighting
marketplace.bierner.markdown-footnotes
marketplace.hediet.vscode-drawio
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
];
userSettings =
let
fontFamily = "'JetBrainsMono Nerd Font', monospace";
in
{
"editor.fontFamily" = fontFamily;
"terminal.integrated.fontFamily" = fontFamily;
"terminal.integrated.scrollback" = 20000;
"workbench.colorTheme" = "Gruvbox Dark Soft";
"editor.autoClosingBrackets" = "never";
"editor.autoClosingQuotes" = "never";
"editor.minimap.autohide" = true;
"editor.tabCompletion" = "onlySnippets";
#"editor.snippetSuggestions" = "top";
# Addon Configuration
## Vim
"vim.leader" = "<space>";
# "vim.normalModeKeyBindings" = [
# { before = [ "<C-h>" ]; after = [ "<C-w>" "h" ]; }
# { before = [ "<C-j>" ]; after = [ "<C-w>" "j" ]; }
# { before = [ "<C-k>" ]; after = [ "<C-w>" "k" ]; }
# { before = [ "<C-l>" ]; after = [ "<C-w>" "l" ]; }
# ];
"vim.normalModeKeyBindingsNonRecursive" = [
# {
# before = [ "<leader>" "s" ];
# "commands" = [ "workbench.action.splitEditor" ];
# quiet = true;
# }
# {
# before = [ "<leader>" "a" "s" ];
# "commands" = [ "workbench.action.splitEditorDown" ];
# quiet = true;
# }
{
before = [ "<leader>" "q" ];
"commands" = [ "workbench.action.closeActiveEditor" ];
quiet = true;
}
{
before = [ "<leader>" "c" "a" ];
"commands" = [ "editor.action.sourceAction" ];
quiet = true;
}
{
before = [ "<leader>" "r" "n" ];
"commands" = [ "editor.action.rename" ];
quiet = true;
}
{
before = [ "<leader>" "c" "f" ];
"commands" = [ "editor.action.quickFix" ];
quiet = true;
}
{
before = [ "<leader>" "f" ];
"commands" = [ "editor.action.formatDocument" ];
quiet = true;
}
{
before = [ "]" "g" ];
"commands" = [ "editor.action.marker.next" ];
quiet = true;
}
{
before = [ "[" "g" ];
"commands" = [ "editor.action.marker.prev" ];
quiet = true;
}
{
before = [ "<leader>" "g" "r" ];
"commands" = [ "editor.action.goToReferences" ];
quiet = true;
}
];
"vim.useSystemClipboard" = false;
"vim.handleKeys" = {
"<C-w>" = false;
};
"vim.camelCaseMotion.enable" = true;
## git
"git.verboseCommit" = true;
"git.allowForcePush" = true;
"git.confirmSync" = false;
"git.confirmForcePush" = true; # is default but it feels safer to also specify it here
"git.useForcePushWithLease" = true; # is default but it feels safer to also specify it here
## Nix
"nix.serverPath" = "nixd";
"nix.enableLanguageServer" = true;
"nix.serverSettings" = {
"nixd" = {
"formatting" = {
"command" = "nixpkgs-fmt";
};
};
};
## dart/flutter
"[dart]" = {
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
"editor.rulers" = [ 80 ];
"editor.selectionHighlight" = false;
"editor.suggestSelection" = "first";
"editor.tabCompletion" = "onlySnippets";
"editor.wordBasedSuggestions" = "off";
};
## md preview
#"codebraid.preview.pandoc.build" = {
# "*.md" = {
# "reader" = "markdown"; # use pandoc markdown and not commonmark
# "preview" = { "html" = { defaults = {}; options = []; }; };
# };
#};
# swift
"lldb.library" = "/Applications/Xcode.app/Contents/SharedFrameworks/LLDB.framework/Versions/A/LLDB";
"lldb.launch.expressions" = "native";
# ltex-ls
#"ltex.language" = "de";
#"ltex.ltex-ls.path" = "${pkgs.ltex-ls}";
#"ltex.ltex-ls.logLevel" = "finest";
#"ltex.trace.server" = "verbose";
# idk
"hediet.vscode-drawio.resizeImages" = "null";
};
keybindings = [
{ "key" = "ctrl+w"; "command" = "whichkey.show"; }
];
};
};
}

196
old-conf/hm-modules/vscode/extensions.toml
View file

@ -1,196 +0,0 @@
vscode_version = "1.88.0"
[[extensions]]
publisher_name = "vscodevim"
extension_name = "vim"
[[extensions]]
publisher_name = "jdinhlife"
extension_name = "gruvbox"
[[extensions]]
publisher_name = "mkhl"
extension_name = "direnv"
# tomoki1207.pdf # reenable when latex workshop goes
[[extensions]]
publisher_name = "eamodio"
extension_name = "gitlens"
[[extensions]]
publisher_name = "ms-vscode-remote"
extension_name = "remote-containers"
[[extensions]]
publisher_name = "johnpapa"
extension_name = "vscode-peacock"
[[extensions]]
publisher_name = "sonarsource"
extension_name = "sonarlint-vscode"
[[extensions]]
publisher_name = "fathulfahmy"
extension_name = "lunarkeymap"
[[extensions]]
publisher_name = "VSpaceCode"
extension_name = "whichkey"
# notetaking
[[extensions]]
publisher_name = "foam"
extension_name = "foam-vscode"
[[extensions]]
publisher_name = "vsls-contrib"
extension_name = "gitdoc"
[[extensions]]
publisher_name = "bierner"
extension_name = "markdown-mermaid"
[[extensions]]
publisher_name = "bierner"
extension_name = "markdown-footnotes"
[[extensions]]
publisher_name = "bpruitt-goddard"
extension_name = "mermaid-markdown-syntax-highlighting"
[[extensions]]
publisher_name = "hediet"
extension_name = "vscode-drawio"
# Language Support
## markdown/latex
[[extensions]]
publisher_name = "james-yu"
extension_name = "latex-workshop" # latex, also provides pdf preview
[[extensions]]
publisher_name = "yzhang"
extension_name = "markdown-all-in-one" # markdown
[[extensions]]
publisher_name = "davidanson"
extension_name = "vscode-markdownlint"
[[extensions]]
publisher_name = "quarto"
extension_name = "quarto"
# marketplace.pokey.cursorless # too much xe exposure
[[extensions]]
publisher_name = "valentjn"
extension_name = "vscode-ltex" # languagetool
asset_url = '''
https://github.com/valentjn/vscode-ltex/releases/download/{{ extension.version }}/vscode-ltex-{{ extension.version }}-offline-mac-x64.vsix
'''
#marketplace.gpoore.codebraid-preview
[[extensions]]
publisher_name = "ms-vscode"
extension_name = "hexeditor" # a hex editor
#ms-vscode-remote.remote-containers # container envs for stuff
[[extensions]]
publisher_name = "ms-vscode-remote"
extension_name = "remote-ssh"
## others
[[extensions]]
publisher_name = "vscjava"
extension_name = "vscode-java-pack" # java schmava
[[extensions]]
publisher_name = "vscjava"
extension_name = "vscode-java-debug"
[[extensions]]
publisher_name = "vscjava"
extension_name = "vscode-java-test"
[[extensions]]
publisher_name = "vscjava"
extension_name = "vscode-java-dependency"
[[extensions]]
publisher_name = "vscjava"
extension_name = "vscode-maven"
[[extensions]]
publisher_name = "redhat"
extension_name = "java"
[[extensions]]
publisher_name = "ms-vscode"
extension_name = "cpptools-extension-pack" # cpp
[[extensions]]
publisher_name = "ms-vscode"
extension_name = "cmake-tools"
[[extensions]]
publisher_name = "ms-vscode"
extension_name = "cpptools"
[[extensions]]
publisher_name = "ms-azuretools"
extension_name = "vscode-docker" # docker
[[extensions]]
publisher_name = "jnoortheen"
extension_name = "nix-ide" # nix
[[extensions]]
publisher_name = "golang"
extension_name = "go"
[[extensions]]
publisher_name = "ms-python"
extension_name = "python"
[[extensions]]
publisher_name = "ms-python"
extension_name = "vscode-pylance"
[[extensions]]
publisher_name = "ms-python"
extension_name = "debugpy"
[[extensions]]
publisher_name = "donjayamanne"
extension_name = "python-environment-manager"
[[extensions]]
publisher_name = "denoland"
extension_name = "vscode-deno"
[[extensions]]
publisher_name = "bradlc"
extension_name = "vscode-tailwindcss"
[[extensions]]
publisher_name = "ms-dotnettools"
extension_name = "csharp"
[[extensions]]
publisher_name = "ms-dotnettools"
extension_name = "csdevkit"
[[extensions]]
publisher_name = "ms-dotnettools"
extension_name = "vscode-dotnet-runtime"
#(marketplace.ms-dotnettools.csdevkit.overrideAttrs (super: a: { sourceRoot = "."; }))
[[extensions]]
publisher_name = "rust-lang"
extension_name = "rust-analyzer"
[[extensions]]
publisher_name = "sswg"
extension_name = "swift-lang"
[[extensions]]
publisher_name = "vadimcn"
extension_name = "vscode-lldb"
asset_url = '''
https://github.com/vadimcn/codelldb/releases/download/v{{ extension.version }}/codelldb-{{ system.arch }}-darwin.vsix
'''
#[[extensions]]
#publisher_name = "ms-toolsai"
#extension_name = "jupyter"
[[extensions]]
publisher_name = "ms-toolsai"
extension_name = "jupyter-renderers"
#marketplace.jakebecker.elixir-ls # elixir
[[extensions]]
publisher_name = "dart-code"
extension_name = "flutter"
[[extensions]]
publisher_name = "dart-code"
extension_name = "dart-code"
[[extensions]]
publisher_name = "alexisvt"
extension_name = "flutter-snippets"
[[extensions]]
publisher_name = "tauri-apps"
extension_name = "tauri-vscode"
[[extensions]]
publisher_name = "dbaeumer"
extension_name = "vscode-eslint"
[[extensions]]
publisher_name = "firefox-devtools"
extension_name = "vscode-firefox-debug"
# needed for yarn
[[extensions]]
publisher_name = "arcanis"
extension_name = "vscode-zipfs"

332
old-conf/hm-modules/vscode/vscode-extensions.nix
View file

@ -1,332 +0,0 @@
{ pkgs, lib }:
let
vscode-utils = pkgs.vscode-utils;
in
{
"valentjn"."vscode-ltex" = (vscode-utils.buildVscodeExtension {
name = "valentjn.vscode-ltex";
vscodeExtPublisher = "valentjn";
vscodeExtName = "vscode-ltex";
src = (pkgs.fetchurl {
url = "https://github.com/valentjn/vscode-ltex/releases/download/13.1.0/vscode-ltex-13.1.0-offline-mac-x64.vsix";
sha256 = "0s9vkgapzsly3143w04axg71xh52miyzsm7q74wqnzydh29ql3dz";
name = "valentjn.vscode-ltex.zip";
}).outPath;
vscodeExtUniqueId = "valentjn.vscode-ltex";
version = "13.1.0";
});
"ms-python"."python" = vscode-utils.extensionFromVscodeMarketplace {
name = "python";
publisher = "ms-python";
version = "2024.3.10742127";
sha256 = "187x6j7300wgvcxh2lcic6ivvavsllzhq0cayqiji943pw3z3k2r";
};
"ms-python"."vscode-pylance" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-pylance";
publisher = "ms-python";
version = "2024.3.100";
sha256 = "1wgzf4gjrs3lijrgl24bmkbsngyisw8dsyc1370yxspi3npdmj59";
};
"ms-vscode"."cpptools" = vscode-utils.extensionFromVscodeMarketplace {
name = "cpptools";
publisher = "ms-vscode";
version = "1.19.8";
hash = "sha256-fY9ada+pQpk+RgzbmPe5FgOSdsxz0GpHwRnjjvd8CrI=";
};
"ms-toolsai"."jupyter-renderers" = vscode-utils.extensionFromVscodeMarketplace {
name = "jupyter-renderers";
publisher = "ms-toolsai";
version = "1.0.17";
sha256 = "1c065s2cllf2x90i174qs2qyzywrlsjkc6agcc9qvdsb426c6r9l";
};
"dbaeumer"."vscode-eslint" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-eslint";
publisher = "dbaeumer";
version = "2.4.4";
sha256 = "1c10n36a3bxwwjgd4vhrf79wg14dm0hxvz9z23pqdyxzcwrar49l";
};
"redhat"."java" = vscode-utils.extensionFromVscodeMarketplace {
name = "java";
publisher = "redhat";
version = "1.27.2024011308";
sha256 = "134b3ar8qacanp4jxrbdrj97lg7imv93bw6aa1kczppghdi5nhjh";
};
"ms-azuretools"."vscode-docker" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-docker";
publisher = "ms-azuretools";
version = "1.29.0";
sha256 = "0rz32qwdf7a5hn3nnhxviaf8spwsszfrxmhnbbskspi5r9b6qm4r";
};
"eamodio"."gitlens" = vscode-utils.extensionFromVscodeMarketplace {
name = "gitlens";
publisher = "eamodio";
version = "2024.3.1605";
sha256 = "1bp6jv6y6xl6yykh54cadlr6ip31s796728w5m1akbf5n8wr54yp";
};
"ms-vscode"."cmake-tools" = vscode-utils.extensionFromVscodeMarketplace {
name = "cmake-tools";
publisher = "ms-vscode";
version = "1.18.10";
sha256 = "0mp50k1wvrj6lzrr2g5hp5l20yflyjzwanvpsd2lqynnc2jrhs0s";
};
"vscjava"."vscode-java-debug" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-java-debug";
publisher = "vscjava";
version = "0.56.2024022605";
sha256 = "1r0xq2qsyd0vmk2vfa6i1vr8hahj74a2kn1sj7ij8pgks3hjv2x7";
};
"vscjava"."vscode-maven" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-maven";
publisher = "vscjava";
version = "0.44.2024013105";
sha256 = "0fpfr1g6dfrrrdc4i8q19xzx5rqd0irpsba2qhipx08kjr3z57iv";
};
"ms-vscode"."cpptools-extension-pack" = vscode-utils.extensionFromVscodeMarketplace {
name = "cpptools-extension-pack";
publisher = "ms-vscode";
version = "1.3.0";
sha256 = "11fk26siccnfxhbb92z6r20mfbl9b3hhp5zsvpn2jmh24vn96x5c";
};
"ms-dotnettools"."csharp" = vscode-utils.extensionFromVscodeMarketplace {
name = "csharp";
publisher = "ms-dotnettools";
version = "2.23.2";
sha256 = "0ysqwp50z8s2in9mbs401m1a8wjignimm8rj5yz0w7gqh0fzi2bg";
};
"vscjava"."vscode-java-dependency" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-java-dependency";
publisher = "vscjava";
version = "0.23.2024022305";
sha256 = "18amdhi17fdwhfzip4l14429fcqw9rl6d03kg4yjfxqshj87jwcr";
};
"vscjava"."vscode-java-test" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-java-test";
publisher = "vscjava";
version = "0.40.2024030709";
sha256 = "1y6kh35spjwxlwja70mzbf1740727fnzi37la86d2x4aashw49q6";
};
"vscjava"."vscode-java-pack" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-java-pack";
publisher = "vscjava";
version = "0.25.2023121402";
sha256 = "04vv88lmn4fs3gk84nyxcc0r5ay1pmzs59wwfrx78yqrd0mlj596";
};
"ms-vscode-remote"."remote-containers" = vscode-utils.extensionFromVscodeMarketplace {
name = "remote-containers";
publisher = "ms-vscode-remote";
version = "0.349.0";
sha256 = "0krahb8ymnamp20iq4crqjyj37wmvyfrijs4ippxs3620pb9mi6r";
};
"ms-vscode-remote"."remote-ssh" = vscode-utils.extensionFromVscodeMarketplace {
name = "remote-ssh";
publisher = "ms-vscode-remote";
version = "0.109.2024022215";
sha256 = "0bdlqbln7bhlshmi828qkv1l9646rffwaddrikfqiahrz19vm9g4";
};
"ms-python"."debugpy" = vscode-utils.extensionFromVscodeMarketplace {
name = "debugpy";
publisher = "ms-python";
version = "2024.3.10611007";
sha256 = "0bvhv8vxb6l5gyd85imm3p94j8qgfvmcym11v9gvzl0sns38z2bq";
};
"golang"."go" = vscode-utils.extensionFromVscodeMarketplace {
name = "go";
publisher = "golang";
version = "0.41.2";
sha256 = "13fdnwgci87x1rdz1hwq52ling81c3l67cqvmckcjzri2r8gsgvq";
};
"ms-dotnettools"."vscode-dotnet-runtime" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-dotnet-runtime";
publisher = "ms-dotnettools";
version = "2.0.2";
sha256 = "018fkmx47fa01hwzqqnjsb0b014vash04llifa8pbrn04lx7rp7c";
};
"dart-code"."dart-code" = vscode-utils.extensionFromVscodeMarketplace {
name = "dart-code";
publisher = "dart-code";
version = "3.85.20240313";
sha256 = "19frd9bs4ikz3x1nhy6np6y88jggcp05jvb1frsdgfd80d88ajwr";
};
"yzhang"."markdown-all-in-one" = vscode-utils.extensionFromVscodeMarketplace {
name = "markdown-all-in-one";
publisher = "yzhang";
version = "3.6.2";
sha256 = "1n9d3qh7vypcsfygfr5rif9krhykbmbcgf41mcjwgjrf899f11h4";
};
"dart-code"."flutter" = vscode-utils.extensionFromVscodeMarketplace {
name = "flutter";
publisher = "dart-code";
version = "3.85.20240301";
sha256 = "0wz6bzjjd1z3pg5gv6ywqv5is6qfi1isszqr4dm97nmlph4bh59d";
};
"donjayamanne"."python-environment-manager" = vscode-utils.extensionFromVscodeMarketplace {
name = "python-environment-manager";
publisher = "donjayamanne";
version = "1.2.4";
sha256 = "02pdq9cllnr2ih638cbhfldsw4l8v6091fxk8wp7yvpylfhywfyn";
};
"davidanson"."vscode-markdownlint" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-markdownlint";
publisher = "davidanson";
version = "0.54.0";
sha256 = "171qw6mymc9hmm8xin3gwr8r2ac8yfr3s8agagsqq9193cawbcq6";
};
"vscodevim"."vim" = vscode-utils.extensionFromVscodeMarketplace {
name = "vim";
publisher = "vscodevim";
version = "1.27.2";
sha256 = "0m5gdyvd3yg52d8zxwdw188wqjfvdyyvwnw5dz57pn633g5bi49v";
};
"bradlc"."vscode-tailwindcss" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-tailwindcss";
publisher = "bradlc";
version = "0.11.51";
sha256 = "1vb3xqvqs2s6zasfh9s943lx481a1ksfh14av59llvbbn5w4w4d6";
};
"ms-vscode"."hexeditor" = vscode-utils.extensionFromVscodeMarketplace {
name = "hexeditor";
publisher = "ms-vscode";
version = "1.9.14";
sha256 = "0fncakv8v8p1rhka5dvh87kc0vsfaxg1s48blwhv7r6fyw70b9jm";
};
"firefox-devtools"."vscode-firefox-debug" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-firefox-debug";
publisher = "firefox-devtools";
version = "2.9.10";
sha256 = "1w6ncs6f0azi4745zx82pi2z2zxn5vdvyr08y6kk7apzq89ybsy6";
};
"james-yu"."latex-workshop" = vscode-utils.extensionFromVscodeMarketplace {
name = "latex-workshop";
publisher = "james-yu";
version = "9.19.1";
sha256 = "15k0kd12kkgsxgdr8rw3379gbgffdcxw6hb2fzsca9n32bkwym1i";
};
"rust-lang"."rust-analyzer" = vscode-utils.extensionFromVscodeMarketplace {
name = "rust-analyzer";
publisher = "rust-lang";
version = "0.4.1882";
hash = "sha256-aHzFPj7t99H9ATZ51TV1FCPZYtaIVcH55k/7nH3fNnM=";
};
"ms-dotnettools"."csdevkit" = vscode-utils.extensionFromVscodeMarketplace {
name = "csdevkit";
publisher = "ms-dotnettools";
version = "1.5.4";
sha256 = "0cw42licnkblw90fc1d9jf06y134573w4r6lbmpq61g768gzj2mw";
};
"johnpapa"."vscode-peacock" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-peacock";
publisher = "johnpapa";
version = "4.2.3";
sha256 = "04a5akgdzwr05snwam7r9m9mgyani48hy4c4xx9hp8nh7ddfwn29";
};
"sonarsource"."sonarlint-vscode" = vscode-utils.extensionFromVscodeMarketplace {
name = "sonarlint-vscode";
publisher = "sonarsource";
version = "4.4.1";
sha256 = "1m31k6d2j3gifh7jplj900a20q2r756ynmwv3p7kwwkpbwpz4wqc";
};
"vsls-contrib"."gitdoc" = vscode-utils.extensionFromVscodeMarketplace {
name = "gitdoc";
publisher = "vsls-contrib";
version = "0.1.0";
sha256 = "0sb5iwsrcqh6gsdngqy1wm6f6kqgqmx2kpqp6hkqri41j2phydjy";
};
"hediet"."vscode-drawio" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-drawio";
publisher = "hediet";
version = "1.6.6";
sha256 = "0hwvcncl2206p7yjh7flr9qxxpk80mdj32fqh7wi57fb5sfi5xs8";
};
"bierner"."markdown-mermaid" = vscode-utils.extensionFromVscodeMarketplace {
name = "markdown-mermaid";
publisher = "bierner";
version = "1.22.0";
sha256 = "1ii6slnmj5ck40mdnixbybqjqbmqg7wl7yqw66p31wsnpqk71q28";
};
"alexisvt"."flutter-snippets" = vscode-utils.extensionFromVscodeMarketplace {
name = "flutter-snippets";
publisher = "alexisvt";
version = "3.0.0";
sha256 = "1vq4xpzdkk0bima5mx4nzxrfcqf168pm9wj0xi50lpv24vw4db24";
};
"denoland"."vscode-deno" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-deno";
publisher = "denoland";
version = "3.35.1";
sha256 = "07sm905zjvazp4dfghzc7bcwqaiynaplhfi1k5xdgx09i4f4rgbf";
};
"jdinhlife"."gruvbox" = vscode-utils.extensionFromVscodeMarketplace {
name = "gruvbox";
publisher = "jdinhlife";
version = "1.18.0";
sha256 = "07iy4649vjqif40agvp2ck9695vl1kv4zv69rn4j6hi0jra8dhg2";
};
"bierner"."markdown-footnotes" = vscode-utils.extensionFromVscodeMarketplace {
name = "markdown-footnotes";
publisher = "bierner";
version = "0.1.1";
sha256 = "1pp64x8cn4vmpscmzv2dg6bakjhnwd36rms2wl6bs5laq29k5wl7";
};
"bpruitt-goddard"."mermaid-markdown-syntax-highlighting" = vscode-utils.extensionFromVscodeMarketplace {
name = "mermaid-markdown-syntax-highlighting";
publisher = "bpruitt-goddard";
version = "1.6.0";
sha256 = "14vkkha82pnvvpg4pnzi4d5k9wp272mjmd2m3mrx0jn2kj9r10ax";
};
"sswg"."swift-lang" = vscode-utils.extensionFromVscodeMarketplace {
name = "swift-lang";
publisher = "sswg";
version = "1.8.1";
sha256 = "0bnhp25rgx8g6zgn4jh2vpq4lwbn6cj48v7g37s6rim7xkhzvhdc";
};
"arcanis"."vscode-zipfs" = vscode-utils.extensionFromVscodeMarketplace {
name = "vscode-zipfs";
publisher = "arcanis";
version = "3.0.0";
sha256 = "0wvrqnsiqsxb0a7hyccri85f5pfh9biifq4x2bllpl8mg79l5m68";
};
"tauri-apps"."tauri-vscode" = vscode-utils.extensionFromVscodeMarketplace {
name = "tauri-vscode";
publisher = "tauri-apps";
version = "0.2.6";
sha256 = "03nfyiac562kpndy90j7vc49njmf81rhdyhjk9bxz0llx4ap3lrv";
};
"foam"."foam-vscode" = vscode-utils.extensionFromVscodeMarketplace {
name = "foam-vscode";
publisher = "foam";
version = "0.25.8";
sha256 = "0b3bjiw5s0i1jajc9ybmmri566gr8mp68flbyxpn4mqs4bwdfxdn";
};
"quarto"."quarto" = vscode-utils.extensionFromVscodeMarketplace {
name = "quarto";
publisher = "quarto";
version = "1.111.0";
sha256 = "196axk27vclp3iaxf7230sgxjp592p858ga6idrhw61r7nnsngd8";
};
"vspacecode"."whichkey" = vscode-utils.extensionFromVscodeMarketplace {
name = "whichkey";
publisher = "vspacecode";
version = "0.11.4";
sha256 = "0g80ki2xv2sbzdgqnhvll37hl0bh31syz7bbcqvsr79pqvzwh2ws";
};
"jnoortheen"."nix-ide" = vscode-utils.extensionFromVscodeMarketplace {
name = "nix-ide";
publisher = "jnoortheen";
version = "0.3.1";
sha256 = "1cpfckh6zg8byi6x1llkdls24w9b0fvxx4qybi9zfcy5gc60r6nk";
};
"mkhl"."direnv" = vscode-utils.extensionFromVscodeMarketplace {
name = "direnv";
publisher = "mkhl";
version = "0.17.0";
sha256 = "1n2qdd1rspy6ar03yw7g7zy3yjg9j1xb5xa4v2q12b0y6dymrhgn";
};
"fathulfahmy"."lunarkeymap" = vscode-utils.extensionFromVscodeMarketplace {
name = "lunarkeymap";
publisher = "fathulfahmy";
version = "1.2.4";
sha256 = "0mcrkjl5xl09b7pgqbhm7w27n0wacgghiw9v8m3mmvx8zlmcamln";
};
}

91
old-conf/hm-modules/xonsh/default.nix
View file

@ -1,91 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.xonsh;
xonsh =
pkgs.unstable.xonsh.override {
extraPackages = ps: [
ps.numpy
ps.pandas
ps.requests
(ps.buildPythonPackage {
pname = "xonsh-direnv";
version = "0.0.0";
src = inputs.xonsh-direnv;
})
(ps.buildPythonPackage {
pname = "xonsh-fish-completer";
version = "0.0.0";
format = "pyproject";
src = inputs.xonsh-fish-completer;
prePatch = ''
pkgs.lib.substituteInPlace pyproject.toml --replace '"xonsh>=0.12.5"' ""
'';
patchPhase = "sed -i -e 's/^dependencies.*$/dependencies = []/' pyproject.toml";
doCheck = false;
propagatedBuildInputs = [
ps.setuptools
];
})
];
};
aliasesJson = pkgs.writeText "shell-aliases.json" (builtins.toJSON config.home.shellAliases);
in
{
options.ragon.xonsh.enable = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
home.packages = [
xonsh
];
programs.fish.enable = true; # for completions
home.file.".xonshrc".text = ''
$PROMPT_FIELDS['rootuser'] = lambda: "{RED}{user}{RESET}" if $USER == "root" else None
$PROMPT_FIELDS['sshhostname'] = lambda: f"{$PROMPT_FIELDS['user']}@{$PROMPT_FIELDS['hostname']}" if "SSH_TTY" in ''${...} else $PROMPT_FIELDS['rootuser']()
$PROMPT = '{gitstatus:{RESET}[{}{RESET}] }{sshhostname:{} }{BOLD_GREEN}{short_cwd}{RED}{last_return_code_if_nonzero: [{BOLD_INTENSE_RED}{}{RED}] }{RESET}{BOLD_BLUE}{RESET}> '
$VI_MODE = True
with open("${aliasesJson}") as f_in:
import json
aliases |= json.load(f_in)
# https://xon.sh/xonshrc.html?highlight=nix#use-the-nix-package-manager-with-xonsh
import os.path
if os.path.exists(f"{$HOME}/.nix-profile") and not __xonsh__.env.get("NIX_PATH"):
$NIX_REMOTE="daemon"
$NIX_USER_PROFILE_DIR="/nix/var/nix/profiles/per-user/" + $USER
$NIX_PROFILES="/nix/var/nix/profiles/default " + $HOME + "/.nix-profile"
$NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"
$NIX_PATH="nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixpkgs:/nix/var/nix/profiles/per-user/root/channels"
$PATH += [f"{$HOME}/.nix-profile/bin", "/nix/var/nix/profiles/default/bin"]
xontrib load direnv
xontrib load fish_completer
# >>> mamba initialize >>>
# !! Contents within this block are managed by 'mamba init' !!
$MAMBA_EXE = "/etc/profiles/per-user/xyno/bin/micromamba"
$MAMBA_ROOT_PREFIX = "/Users/xyno/micromamba"
import sys as _sys
from types import ModuleType as _ModuleType
_mod = _ModuleType("xontrib.mamba",
'Autogenerated from $($MAMBA_EXE shell hook -s xonsh -p $MAMBA_ROOT_PREFIX)')
__xonsh__.execer.exec($($MAMBA_EXE shell hook -s xonsh -p $MAMBA_ROOT_PREFIX),
glbs=_mod.__dict__,
filename='$($MAMBA_EXE shell hook -s xonsh -p $MAMBA_ROOT_PREFIX)')
_sys.modules["xontrib.mamba"] = _mod
del _sys, _mod, _ModuleType
# <<< mamba initialize <<<
execx($(mise activate xonsh))
'';
programs.vscode.userSettings."terminal.integrated.profiles.osx" = {
xonsh = {
path = "${xonsh}/bin/xonsh";
};
};
programs.vscode.userSettings."terminal.integrated.defaultProfile.osx" = "xonsh";
programs.tmux.extraConfig = ''
set-option -g default-command "${xonsh}/bin/xonsh"
'';
};
}

12
old-conf/hm-modules/zellij/default.nix
View file

@ -1,12 +0,0 @@
{ pkgs, config, lib, inputs, ... }:
let
cfg = config.ragon.zellij;
in
{
options.ragon.zellij.enable = lib.mkOption { default = false; };
config = lib.mkIf cfg.enable {
programs.zellij = {
enable = true;
};
};
}

36
old-conf/hm-modules/zsh/default.nix
View file

@ -1,36 +0,0 @@
{ inputs, config, lib, pkgs, ... }:
let
cfg = config.ragon.cli;
in
{
programs.zsh = {
enable = true;
enableCompletion = true;
initExtra =
let
zshrc = builtins.readFile ./zshrc;
p10k = builtins.readFile ./p10k.zsh;
sources = [
"${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme"
# "${inputs.agkozak-zsh-prompt}/agkozak-zsh-prompt.plugin.zsh"
"${pkgs.oh-my-zsh}/share/oh-my-zsh/plugins/git/git.plugin.zsh"
#"${pkgs.oh-my-zsh}/share/oh-my-zsh/plugins/globalias/globalias.plugin.zsh"
# "${inputs.zsh-vim-mode}/zsh-vim-mode.plugin.zsh"
# "${inputs.zsh-syntax-highlighting}/zsh-syntax-highlighting.plugin.zsh"
# "${inputs.zsh-completions}/zsh-completions.plugin.zsh"
];
source = map (x: "source " + x) sources;
plugins = builtins.concatStringsSep "\n" (source);
in
''
${p10k}
${zshrc}
${plugins}
'';
};
}

1644
old-conf/hm-modules/zsh/p10k.zsh
View file

File diff suppressed because it is too large Load diff

45
old-conf/hm-modules/zsh/zshrc
View file

@ -1,45 +0,0 @@
autoload -Uz history-search-end
zle -N history-beginning-search-backward-end history-search-end
zle -N history-beginning-search-forward-end history-search-end
bindkey -M vicmd '^[[A' history-beginning-search-backward-end \
'^[OA' history-beginning-search-backward-end \
'^[[B' history-beginning-search-forward-end \
'^[OB' history-beginning-search-forward-end
bindkey -M viins '^[[A' history-beginning-search-backward-end \
'^[OA' history-beginning-search-backward-end \
'^[[B' history-beginning-search-forward-end \
'^[OB' history-beginning-search-forward-end
hash go 2>/dev/null && export PATH=$PATH:$(go env GOPATH)/bin
hash yarn 2>/dev/null && export PATH=$PATH:$HOME/.yarn/bin
hash dotnet 2>/dev/null && export PATH=$PATH:$HOME/.dotnet/tools
hash direnv 2>/dev/null && eval "$(direnv hook zsh)"
export NNN_ARCHIVE="\\.(7z|a|ace|alz|arc|arj|bz|bz2|cab|cpio|deb|gz|jar|lha|lz|lzh|lzma|lzo|rar|rpm|rz|t7z|tar|tbz|tbz2|tgz|tlz|txz|tZ|tzo|war|xpi|xz|Z|zip)$"
n ()
{
# Block nesting of nnn in subshells
if [ -n $NNNLVL ] && [ "${NNNLVL:-0}" -ge 1 ]; then
echo "nnn is already running"
return
fi
export NNN_TMPFILE="$HOME/.config/nnn/.lastd"
# Unmask ^Q (, ^V etc.) (if required, see `stty -a`) to Quit nnn
# stty start undef
# stty stop undef
# stty lwrap undef
# stty lnext undef
nnn -d "$@"
if [ -f "$NNN_TMPFILE" ]; then
. "$NNN_TMPFILE"
rm -f "$NNN_TMPFILE" > /dev/null
fi
}

199
old-conf/hosts/daedalus/default.nix
View file

@ -1,199 +0,0 @@
{ pkgs, inputs, lib, ... }:
with lib;
with lib.my;
{
system.stateVersion = 5;
ids.gids.nixbld = 30000;
users.users.xyno = {
name = "xyno";
home = "/Users/xyno";
};
homebrew = {
enable = true;
taps = [
"cormacrelf/tap" # dark-notify
"leoafarias/fvm" # flutter version manager
];
brews = [
"cormacrelf/tap/dark-notify"
"lima"
"docker" # docker cli
"docker-compose"
# "leoafarias/fvm/fvm" # flutter version manager
"cocoapods" # flutter/other ios shit
# "butane"
"borgbackup" # time machine can eat my ass
];
casks = [
"plexamp"
"vorta" # (borgbackup GUI) time machine can eat my ass
"grandperspective"
"xquartz"
"hammerspoon"
"kicad"
"android-platform-tools"
# "nheko"
"raycast"
"ukelele"
"imhex"
# "homebrew/cask-drivers/zsa-wally"
"thunderbird"
"balenaetcher"
"audacity"
"openlens"
# "ferdium"
"discord"
"vlc"
"rectangle"
"floorp"
# "space-capsule"
"iterm2"
"signal"
"eqmac"
"syncthing"
"android-studio"
# "temurin"
"whisky"
"dbeaver-community"
"rider" # I'm sorry
# "qutebrowser" # rly want to switch to it
# "dmenu-mac"
];
#masApps = {
# # Install Mac App Store apps (install them manually and then do `mas list` to get the id)
# "AdGuard for Safari" = 1440147259;
# "Xcode" = 497799835;
# "Home as Assistant" = 1099568401;
# "WireGuard" = 1451685025;
# "UTM" = 1538878817;
# "Bitwarden" = 1352778147;
# "Shareful" = 1522267256;
# "app.seashore" = 1448648921;
# "Tailscale" = 1475387142;
#};
};
nix.configureBuildUsers = true;
ids.uids.nixbld = lib.mkForce 400;
environment.pathsToLink = [ "/share/fish" ];
#ragon.services.borgmatic =
# let
# tmMountPath = "/tmp/timeMachineSnapshotForBorg";
# in
# {
# enable = false;
# configurations."daedalus-ds9" = {
# source_directories = [
# # tmMountPath
# "/Users/ragon"
# ];
# exclude_if_present = [ ".nobackup" ];
# repositories = [
# { path = "ssh://ragon@ds9/backups/daedalus/borgmatic"; label = "ds9"; }
# { path = "ssh://root@gatebridge/media/backup/daedalus"; label = "gatebridge"; }
# ];
# encryption_passcommand = pkgs.writeShellScript "getBorgmaticPw" ''security find-generic-password -a daedalus -s borgmaticKey -g 2>&1 | grep -E 'password' | sed 's/^.*"\(.*\)"$/\1/g' '';
# compression = "auto,zstd,10";
# #ssh_command = "ssh -o GlobalKnownHostsFile=${config.age.secrets.gatebridgeHostKeys.path} -i ${config.age.secrets.picardResticSSHKey.path}";
# keep_hourly = 24;
# keep_daily = 7;
# keep_weekly = 4;
# keep_monthly = 12;
# keep_yearly = 10;
# # before_backup = [
# # (pkgs.writeShellScript
# # "apfsSnapshot"
# # ''
# # tmutil localsnapshot
# # SNAPSHOT=$(tmutil listlocalsnapshots / | grep TimeMachine | tail -n 1)
# # mkdir -p "${tmMountPath}"
# # mount_apfs -s $SNAPSHOT /System/Volumes/Data "${tmMountPath}"
# # '')
# # ];
# # after_backup = [
# # (pkgs.writeShellScript
# # "apfsSnapshotUnmount"
# # ''
# # diskutil unmount "${tmMountPath}"
# # SNAPSHOT=$(tmutil listlocalsnapshots / | grep TimeMachine | tail -n 1)
# # tmutil deletelocalsnapshots $(echo $SNAPSHOT | sed 's/com\.apple\.TimeMachine\.\(.*\)\.local/\1/g')
# # '')
# # ];
# # on_error = [
# #
# # (pkgs.writeShellScript
# # "apfsSnapshotUnmountError"
# # ''
# # diskutil unmount "${tmMountPath}"
# # '')
# # ];
# };
# };
home-manager.users.xyno = { pkgs, lib, inputs, config, ... }:
{
imports = [
../../hm-modules/nvim
../../hm-modules/tmux
../../hm-modules/vscode
../../hm-modules/xonsh
../../hm-modules/helix
../../hm-modules/zellij
../../hm-modules/nushell
../../hm-modules/cli.nix
../../hm-modules/files.nix
];
home.file.".hammerspoon/init.lua".source =
let
notmuchMails = pkgs.writeScript "notmuch-get-mail-count" ''
#!/usr/bin/env zsh
printf "I%s F%s W%s" $(notmuch search tag:inbox | wc -l) $(notmuch search tag:follow-up | wc -l) $(notmuch search tag:waiting | wc -l)
'';
in
pkgs.substituteAll {
src = ./hammerspoon.lua; inherit notmuchMails;
};
home.file.".hammerspoon/Spoons/MiroWindowsManager.spoon".source = "${inputs.miro}/MiroWindowsManager.spoon";
ragon.vscode.enable = true;
ragon.helix.enable = true;
ragon.nushell.enable = true;
ragon.zellij.enable = true;
programs.home-manager.enable = true;
home.stateVersion = "23.11";
#home.shellAliases = {
# v = lib.mkForce "emacsclient -t";
# vv = lib.mkForce "emacsclient -c";
#};
home.sessionVariables = {
# EDITOR = "nvim";
# VISUAL = "nvim";
COLORTERM = "truecolor"; # emacs tty fix
};
home.packages = with pkgs; [
mosh
pandoc
tectonic
micromamba
bitwarden-cli
rustup
ffmpeg
];
};
}

258
old-conf/hosts/daedalus/hammerspoon.lua
View file

@ -1,258 +0,0 @@
----------------------------------------------------------------------------------------------------
-- Settings
----------------------------------------------------------------------------------------------------
hs.autoLaunch(true)
hs.automaticallyCheckForUpdates(true)
hs.consoleOnTop(true)
hs.dockIcon(false)
hs.menuIcon(false)
hs.uploadCrashData(false)
hs.window.animationDuration = 0
configWatcher = hs.pathwatcher.new(hs.configdir, hs.reload)
configWatcher:start()
local moonlanderMode = false
local maximizeMode = false
----------------------------------------------------------------------------------------------------
-- Utilities
----------------------------------------------------------------------------------------------------
local modifier = {
cmd = "cmd",
shift = "shift",
ctrl = "ctrl",
option = "alt",
}
local modifiers = {
hyper = { modifier.cmd, modifier.shift, modifier.ctrl, modifier.option },
window = { modifier.ctrl, modifier.option },
clipboard = { modifier.ctrl, modifier.cmd }
}
local bundleID = {
activityMonitor = "com.apple.ActivityMonitor",
finder = "com.apple.finder",
firefox = "org.mozilla.firefox",
emacs = "org.gnu.emacs",
iterm = "com.googlecode.iterm2",
orion = "com.kagi.kagimacOS",
safariTechnologyPreview = "com.apple.SafariTechnologyPreview",
spotify = "com.spotify.client",
bitwarden = "com.bitwarden.desktop",
teams = "com.microsoft.teams",
faclieThings = "com.electron.nativefier.facilethings-nativefier-cf88de",
timeular = "com.timeular.zei",
logseq = "com.electron.logseq"
}
local usbDevice = {
moonlander = "Moonlander Mark I"
}
local function languageIsGerman() return hs.host.locale.preferredLanguages()[1]:sub(0, 2) == "de" end
----------------------------------------------------------------------------------------------------
-- Menu
----------------------------------------------------------------------------------------------------
local function menuItems()
return {
{
title = "Hammerspoon " .. hs.processInfo.version,
disabled = true
},
{ title = "-" },
{
title = "Moonlander Mode",
checked = moonlanderMode,
fn = function() moonlanderDetected(not moonlanderMode) end
},
-- {
-- title = "Maximize Mode",
-- checked = maximizeMode,
-- fn = function() maximizeMode = not maximizeMode end
-- },
{ title = "-" },
{
title = "Reload",
fn = hs.reload
},
{
title = "Console...",
fn = hs.openConsole
},
{ title = "-" },
{
title = "Quit",
fn = function() hs.application.get(hs.processInfo.processID):kill() end
}
}
end
menu = hs.menubar.new()
menu:setMenu(menuItems)
----------------------------------------------------------------------------------------------------
-- Moonlander Detection
----------------------------------------------------------------------------------------------------
local moonlanderModeConfig = {
[false] = {
keyboardLayout = "Colemak DH ISO copy",
icon = hs.configdir .. "/assets/statusicon_off.tiff"
},
[true] = {
keyboardLayout = "EurKEY v1.2",
icon = hs.configdir .. "/assets/statusicon_on.tiff"
}
}
local function isDeviceMoonlander(device) return device.productName == usbDevice.moonlander end
function moonlanderDetected(connected)
moonlanderMode = connected
hs.keycodes.setLayout(moonlanderModeConfig[connected].keyboardLayout)
menu:setIcon(moonlanderModeConfig[connected].icon)
end
local function searchMoonlander()
local usbDevices = hs.usb.attachedDevices()
local moonlanderConnected = hs.fnutils.find(usbDevices, isDeviceMoonlander) ~= nil
moonlanderDetected(moonlanderConnected)
end
searchMoonlander()
usbWatcher = hs.usb.watcher.new(function(event)
if event.productName == usbDevice.moonlander then
moonlanderDetected(event.eventType == "added")
end
end)
usbWatcher:start()
caffeinateWatcher = hs.caffeinate.watcher.new(function(event)
if event == hs.caffeinate.watcher.systemDidWake then
searchMoonlander()
end
end)
caffeinateWatcher:start()
----------------------------------------------------------------------------------------------------
-- Window Management
----------------------------------------------------------------------------------------------------
--hs.window.filter.ignoreAlways = {
-- ["Mail Web Content"] = true,
-- ["Mail-Webinhalt"] = true,
-- ["QLPreviewGenerationExtension (Finder)"] = true,
-- ["Reeder Web Content"] = true,
-- ["Reeder-Webinhalt"] = true,
-- ["Safari Web Content (Cached)"] = true,
-- ["Safari Web Content (Prewarmed)"] = true,
-- ["Safari Web Content"] = true,
-- ["Safari Technology Preview Web Content (Cached)"] = true,
-- ["Safari Technology Preview Web Content (Prewarmed)"] = true,
-- ["Safari Technology Preview Web Content"] = true,
-- ["Safari-Webinhalt (im Cache)"] = true,
-- ["Safari-Webinhalt (vorgeladen)"] = true,
-- ["Safari-Webinhalt"] = true,
-- ["Strongbox (Safari)"] = true,
--}
--windowFilter = hs.window.filter.new({
-- "App Store",
-- "Code",
-- "DataGrip",
-- "Firefox",
-- "Fork",
-- "Fotos",
-- "Google Chrome",
-- "Vivaldi",
-- "IntelliJ IDEA",
-- "Mail",
-- "Emacs",
-- "Microsoft Outlook",
-- "Microsoft Teams",
-- "Music",
-- "Musik",
-- "Photos",
-- "Postman",
-- "Reeder",
-- "Safari",
-- "Safari Technology Preview",
-- "Spotify",
-- "Strongbox",
-- "BitWarden",
-- "Logseq",
-- "Timeular",
-- "Tower",
--})
--windowFilter:subscribe({ hs.window.filter.windowCreated, hs.window.filter.windowFocused }, function(window)
-- if maximizeMode and window ~= nil and window:isStandard() and window:frame().h > 500 then
-- window:maximize()
-- end
--end)
----------------------------------------------------------------------------------------------------
-- Keyboard Shortcuts
----------------------------------------------------------------------------------------------------
-- function showHideBundleId(bundleId)
-- local focusedWindow = hs.window.focusedWindow()
-- if focusedWindow ~= nil and focusedWindow:application():bundleID() == bundleId then -- window is focused
-- focusedWindow:close() -- hide
-- else
-- hs.application.launchOrFocusByBundleID(bundleId)
-- hs.window.focusedWindow():centerOnScreen(hs.mouse.getCurrentScreen())
-- end
-- end
-- hs.loadSpoon("MiroWindowsManager")
-- hs.window.animationDuration = 0
-- spoon.MiroWindowsManager:bindHotkeys({
-- up = {modifiers.window, "up"},
-- right = {modifiers.window, "right"},
-- down = {modifiers.window, "down"},
-- left = {modifiers.window, "left"},
-- fullscreen = {modifiers.window, "return"},
-- nextscreen = {modifiers.hyper, "right"}
-- })
-- hs.hotkey.bind(modifiers.hyper, hs.keycodes.map.delete, function() hs.caffeinate.lockScreen() end)
-- hs.hotkey.bind(modifiers.hyper, "a", function() showHideBundleId(bundleID.activityMonitor) end)
-- hs.hotkey.bind(modifiers.hyper, "o", function() showHideBundleId(bundleID.orion) end)
-- hs.hotkey.bind(modifiers.hyper, "f", function() showHideBundleId(bundleID.faclieThings) end)
-- hs.hotkey.bind(modifiers.hyper, "p", function() showHideBundleId(bundleID.timeular) end)
-- hs.hotkey.bind(modifiers.hyper, "b", function() showHideBundleId(bundleID.bitwarden) end)
-- hs.hotkey.bind(modifiers.hyper, "t", function() showHideBundleId(bundleID.iterm) end)
----------------------------------------------------------------------------------------------------
-- Mouse Shortcuts
----------------------------------------------------------------------------------------------------
local function handleMouse4()
hs.eventtap.keyStroke({ modifier.cmd }, "left")
end
local function handleMouse5()
hs.eventtap.keyStroke({ modifier.cmd }, "right")
end
-- bind mouse3/4 to back and forward
mouseTap = hs.eventtap.new({ hs.eventtap.event.types.otherMouseDown }, function(event)
if event:getButtonState(3) then
handleMouse4()
return true
elseif event:getButtonState(4) then
handleMouse5()
return true
end
return false
end)
mouseTap:start()

59
old-conf/hosts/ds9/attic.nix
View file

@ -1,59 +0,0 @@
{
config,
pkgs,
lib,
inputs,
...
}:
let
stateDir = "/var/lib/atticd2";
in
{
# imports = [ inputs.attic.nixosModules.atticd ];
ragon.agenix.secrets.ds9AtticEnv = { };
ragon.persist.extraDirectories = [
stateDir
];
systemd.services.atticd.serviceConfig.ReadWritePaths = [ stateDir ];
services.atticd = {
enable = true;
# Replace with absolute path to your environment file
environmentFile = config.age.secrets.ds9AtticEnv.path;
settings = {
listen = "[::]:8089";
database.url = "sqlite://${stateDir}/server.db?mode=rwc";
storage = {
type = "local";
path = "${stateDir}/storage";
};
jwt = { };
# Data chunking
#
# Warning: If you change any of the values here, it will be
# difficult to reuse existing chunks for newly-uploaded NARs
# since the cutpoints will be different. As a result, the
# deduplication ratio will suffer for a while after the change.
chunking = {
# The minimum NAR size to trigger chunking
#
# If 0, chunking is disabled entirely for newly-uploaded NARs.
# If 1, all NARs are chunked.
nar-size-threshold = 64 * 1024; # 64 KiB
# The preferred minimum size of a chunk, in bytes
min-size = 16 * 1024; # 16 KiB
# The preferred average size of a chunk, in bytes
avg-size = 64 * 1024; # 64 KiB
# The preferred maximum size of a chunk, in bytes
max-size = 256 * 1024; # 256 KiB
};
};
};
}

91
old-conf/hosts/ds9/authentik.nix
View file

@ -1,91 +0,0 @@
{
pkgs,
config,
lib,
inputs,
...
}:
let version = "2025.10.1"; in
{
imports = [
inputs.quadlet-nix.nixosModules.quadlet
];
ragon.agenix.secrets.ds9AuthentikEnv = { };
ragon.agenix.secrets.ds9AuthentikLdapEnv = { };
virtualisation.quadlet = {
containers = {
authentik-server.containerConfig.image = "ghcr.io/goauthentik/server:${version}";
authentik-server.containerConfig.exec = "server";
authentik-server.containerConfig.networks = [
"podman"
"db-net"
"authentik-net"
];
authentik-server.containerConfig.volumes = [
"authentik-media:/media"
"authentik-certs:/certs"
];
authentik-server.containerConfig.environments = {
AUTHENTIK_REDIS__HOST = "authentik-redis";
AUTHENTIK_POSTGRESQL__HOST = "postgres";
AUTHENTIK_POSTGRESQL__USER = "authentik";
AUTHENTIK_POSTGRESQL__NAME = "authentik";
};
authentik-server.serviceConfig.TimeoutStartSec = "60";
authentik-server.containerConfig.environmentFiles = [
config.age.secrets.ds9AuthentikEnv.path
];
authentik-worker.containerConfig.image = "ghcr.io/goauthentik/server:${version}";
authentik-worker.containerConfig.exec = "worker";
authentik-worker.containerConfig.networks = [
"podman"
"db-net"
"authentik-net"
];
authentik-worker.containerConfig.volumes = [
"authentik-media:/media"
"authentik-certs:/certs"
];
authentik-worker.containerConfig.environments = {
AUTHENTIK_REDIS__HOST = "authentik-redis";
AUTHENTIK_POSTGRESQL__HOST = "postgres";
AUTHENTIK_POSTGRESQL__USER = "authentik";
AUTHENTIK_POSTGRESQL__NAME = "authentik";
};
authentik-worker.containerConfig.environmentFiles = [
config.age.secrets.ds9AuthentikEnv.path
];
authentik-worker.serviceConfig.TimeoutStartSec = "60";
authentik-ldap.containerConfig.image = "ghcr.io/goauthentik/ldap:${version}";
authentik-ldap.containerConfig.networks = [
"podman"
"authentik-net"
];
authentik-ldap.containerConfig.environments = {
AUTHENTIK_HOST = "http://authentik-server:9000";
AUTHENTIK_INSECURE = "true";
};
authentik-ldap.containerConfig.environmentFiles = [
config.age.secrets.ds9AuthentikLdapEnv.path
];
authentik-ldap.serviceConfig.TimeoutStartSec = "60";
authentik-redis.containerConfig.image = "docker.io/library/redis:alpine";
authentik-redis.containerConfig.networks = [
"authentik-net"
];
authentik-redis.containerConfig.volumes = [ "authentik-redis:/data" ];
authentik-redis.serviceConfig.TimeoutStartSec = "60";
};
networks = {
authentik.networkConfig.ipv6 = true;
authentik.networkConfig.name = "authentik-net";
authentik.networkConfig.internal = true;
};
};
}

49
old-conf/hosts/ds9/backup.nix
View file

@ -1,49 +0,0 @@
{ config, pkgs, lib, ... }: {
ragon.agenix.secrets."ds9OffsiteBackupSSH" = { };
ragon.agenix.secrets."ds9SyncoidHealthCheckUrl" = { };
ragon.agenix.secrets."gatebridgeHostKeys" = { };
ragon.agenix.secrets."borgmaticEncryptionKey" = { };
# Backup Target
users.users.picardbackup = {
createHome = false;
group = "users";
uid = 993;
home = "/backups/picard";
shell = "/run/current-system/sw/bin/bash";
isSystemUser = true;
openssh.authorizedKeys.keys = [
''command="${pkgs.borgbackup}/bin/borg serve --restrict-to-path /backups/picard/",restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvCF8KGgpF9O8Q7k+JXqZ5eMeEeTaMhCIk/2ZFOzXL0''
];
};
services.borgmatic = {
enable = true;
configurations."ds9-offsite" = {
source_directories = [ "/backups" "/data" "/persistent" ];
repositories = [{ label = "gatebridge"; path = "ssh://root@gatebridge/media/backup/ds9"; }];
exclude_if_present = [ ".nobackup" ];
#upload_rate_limit = "4000";
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.borgmaticEncryptionKey.path}";
compression = "auto,zstd,10";
extra_borg_options = {
init = "--lock-wait 600";
create = "--lock-wait 600";
prune = "--lock-wait 600";
compact = "--lock-wait 600";
check = "--lock-wait 600";
};
ssh_command = "ssh -o ServerAliveInterval=10 -o ServerAliveCountMax=30 -o GlobalKnownHostsFile=${config.age.secrets.gatebridgeHostKeys.path} -i ${config.age.secrets.ds9OffsiteBackupSSH.path}";
before_actions = [ "${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.ds9SyncoidHealthCheckUrl.path})/start" ];
after_actions = [ "${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.ds9SyncoidHealthCheckUrl.path})" ];
on_error = [ "${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.ds9SyncoidHealthCheckUrl.path})/fail" ];
retention = {
keep_daily = 7;
keep_weekly = 3;
keep_monthly = 6;
keep_yearly = 2;
};
};
};
}

467
old-conf/hosts/ds9/containers.nix
View file

@ -1,467 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
postgres-multi-db = pkgs.writeText "postgres-multiple-db.sh" ''
#!/usr/bin/env bash
set -eu
if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES"
(
for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do
echo "CREATE DATABASE $db;"
done
for user in $(echo $POSTGRES_MULTIPLE_DATABASES_USERS | tr ',' ' '); do
while IFS=":" read -r usr pw
do
echo "CREATE USER $usr PASSWORD '$pw';"
echo "GRANT ALL PRIVILEGES ON DATABASE \"$usr\" TO $usr;"
done <(echo $user)
done
) | psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER"
fi
'';
in
{
imports = [
./authentik.nix
];
networking.firewall.interfaces."podman+".allowedUDPPorts = [ 53 ];
networking.firewall.interfaces."podman+".allowedTCPPorts = [
12300
3001
];
fileSystems."/var/lib/containers" = {
device = "spool/safe/containers";
fsType = "zfs";
};
# plex
# networking.firewall = {
# allowedTCPPorts = [ 32400 3005 8324 32469 ];
# allowedUDPPorts = [ 1900 5353 32410 32412 32413 32414 ];
# };
# virtualisation.oci-containers.containers.plex = {
# image = "docker.io/plexinc/pms-docker";
# extraOptions = [ "--network=host" ];
# environment = {
# TZ = "Europe/Berlin";
# PLEX_UID = "1000";
# PLEX_GID = "100";
# };
# volumes = [
# "/data/media:/data/media"
# "plex-transcode:/transcode"
# "plex-db:/config"
# ];
# };
# postgres
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
ragon.agenix.secrets.ds9PostgresEnv = { };
systemd.services."podman-db-network" = {
script = ''
${pkgs.podman}/bin/podman network exists db-net || ${pkgs.podman}/bin/podman network create db-net --internal --ipv6
'';
};
virtualisation.oci-containers.containers.postgres = {
image = "docker.io/tensorchord/pgvecto-rs:pg16-v0.2.1";
extraOptions = [
"--network=db-net"
"--network=podman"
"--health-cmd"
"pg_isready -U postgres"
];
# dependsOn = [ "db-network" ];
environment = {
POSTGRES_INITDB_ARGS = "--data-checksums";
};
environmentFiles = [
config.age.secrets.ds9PostgresEnv.path
];
ports = [ "5432:5432" ];
volumes = [
"${postgres-multi-db}:/docker-entrypoint-initdb.d/create-multiple-postgresql-databases.sh"
"postgres:/var/lib/postgresql/data"
];
};
# immich
ragon.agenix.secrets.ds9ImmichEnv = { };
# systemd.services."podman-immich-network" = {
# script = ''
# echo "Creating immich network"
# ${pkgs.podman}/bin/podman network exists immich-net || ${pkgs.podman}/bin/podman network create immich-net --internal --ipv6
# echo "Created immich network"
# '';
# };
virtualisation.oci-containers.containers.immich-redis = {
image = "docker.io/valkey/valkey:7.2.6-alpine";
environment.TZ = "Europe/Berlin";
extraOptions = [
"--health-cmd"
"valkey-cli ping || exit 1"
"--network=immich-net"
];
environmentFiles = [
config.age.secrets.ds9ImmichEnv.path
];
# dependsOn = [ "immich-network" ];
};
virtualisation.oci-containers.containers.immich-server = {
user = "1000:100";
image = "ghcr.io/immich-app/immich-server:release";
extraOptions = [
"--network=podman"
"--network=immich-net"
"--network=db-net"
];
dependsOn = [
# "immich-network"
"immich-redis"
"postgres"
];
ports = [ "8765:3001" ];
volumes = [
"/data/immich:/usr/src/app/upload"
];
environment = {
IMICH_HOST = "0.0.0.0";
DB_HOSTNAME = "postgres";
REDIS_HOSTNAME = "immich-redis";
TZ = "Europe/Berlin";
};
environmentFiles = [
config.age.secrets.ds9ImmichEnv.path
];
};
virtualisation.oci-containers.containers.immich-machine-learning = {
user = "1000:100";
image = "ghcr.io/immich-app/immich-machine-learning:release";
extraOptions = [
"--network=immich-net"
"--network=db-net"
"--network=podman"
];
dependsOn = [
# "immich-network"
"immich-redis"
"postgres"
];
volumes = [
"immich-model-cache:/cache"
];
environment = {
DB_HOSTNAME = "postgres";
REDIS_HOSTNAME = "immich-redis";
TZ = "Europe/Berlin";
};
environmentFiles = [
config.age.secrets.ds9ImmichEnv.path
];
};
# navidrome
# virtualisation.oci-containers.containers.lms = {
# # don't tell mom
# # user = "1000:100";
# image = "epoupon/lms:latest";
# cmd = [ "/lms.conf" ];
# extraOptions = [ "--network=podman" ];
# volumes =
# let
# lmsConfig = pkgs.writeText "lms-config" ''
# original-ip-header = "X-Forwarded-For";
# behind-reverse-proxy = true;
# trusted-proxies =
# (
# "10.88.0.1"
# );
# authentication-backend = "http-headers";
# http-headers-login-field = "X-Webauth-User";
# '';
# in
# [
# "lightweight-music-server-data:/var/lms:rw"
# "${lmsConfig}:/lms.conf"
# "/data/media/beets/music:/music:ro"
# ];
# environment = { };
# };
# changedetection
systemd.services."podman-cd-network" = {
script = ''
${pkgs.podman}/bin/podman network exists cd-net || ${pkgs.podman}/bin/podman network create cd-net --internal --ipv6
'';
};
virtualisation.oci-containers.containers.changedetection = {
image = "ghcr.io/dgtlmoon/changedetection.io";
extraOptions = [
"--network=podman"
"--network=cd-net"
];
volumes = [
"changedetection-data:/datastore"
];
environment = {
PLAYWRIGHT_DRIVER_URL = "ws://changedetection-chrome:3000";
HIDE_REFERER = "true";
USE_X_SETTINGS = "1";
};
};
virtualisation.oci-containers.containers.changedetection-chrome = {
image = "dgtlmoon/sockpuppetbrowser:latest";
extraOptions = [
"--network=podman"
"--network=cd-net"
];
environment = {
SCREEN_WIDTH = "1920";
SCREEN_HEIGHT = "1024";
SCREEN_DEPTH = "16";
MAX_CONCURRENT_CHROME_PROCESSES = "10";
};
};
networking.firewall.interfaces."podman0".allowedTCPPorts = [ 9090 ];
virtualisation.oci-containers.containers.grafana = {
image = "grafana/grafana-oss:latest";
extraOptions = [
"--network=podman"
"--network=db-net"
];
volumes =
let
ini = pkgs.writeText "grafana.ini" ''
[users]
allow_sign_up = false
auto_assign_org = true
auto_assign_org_role = Viewer
[auth.proxy]
enabled = true
headers = Name:X-Authentik-Username Email:X-Authentik-Email Role:X-Grafana-Role
header_name = X-Authentik-Username
header_property = username
auto_sign_up = true
'';
in
[
"grafana-data:/var/lib/grafana"
"${ini}:/etc/grafana/grafana.ini"
];
environment = {
GF_SERVER_ROOT_URL = "https://grafana.hailsatan.eu/";
GF_INSTALL_PLUGINS = "";
GF_FEATURE_TOGGLES_ENABLE = "featureToggleAdminPage, regressionTransformation";
GF_FEATURE_MANAGEMENT_ALLOW_EDITING = "true";
};
};
virtualisation.oci-containers.containers.node-red = {
image = "nodered/node-red:latest";
extraOptions = [
"--network=podman"
"--network=db-net"
];
volumes = [
"nodered-data:/data"
];
};
virtualisation.oci-containers.containers.jellyfin = {
image = "jellyfin/jellyfin:latest";
user = "1000:100";
extraOptions = [
"--network=podman"
"--mount"
"type=bind,source=/data/media,destination=/media,ro=true,relabel=private"
"-p"
"127.0.0.1:8096:8096"
];
volumes = [
"jellyfin-config:/config"
"jellyfin-cache:/cache"
];
};
# archivebox
systemd.services."podman-archivebox-network" = {
script = ''
${pkgs.podman}/bin/podman network create archivebox-net --internal --ipv6 --ignore
'';
};
virtualisation.oci-containers.containers.archivebox = {
image = "archivebox/archivebox:dev";
environment = {
ALLOWED_HOSTS = "*"; # set this to the hostname(s) you're going to serve the site from!
CSRF_TRUSTED_ORIGINS = "https://archive.hailsatan.eu"; # you MUST set this to the server's URL for admin login and the REST API to work
REVERSE_PROXY_USER_HEADER = "X-Authentik-Username";
REVERSE_PROXY_WHITELIST = "10.88.0.1/32";
PUBLIC_INDEX = "False"; # set to False to prevent anonymous users from viewing snapshot list
PUBLIC_SNAPSHOTS = "False"; # set to False to prevent anonymous users from viewing snapshot content
PUBLIC_ADD_VIEW = "False"; # set to True to allow anonymous users to submit new URLs to archive
SEARCH_BACKEND_ENGINE = "sonic"; # tells ArchiveBox to use sonic container below for fast full-text search
SEARCH_BACKEND_HOST_NAME = "archivebox_sonic";
SEARCH_BACKEND_PASSWORD = "SomeSecretPassword";
};
extraOptions = [
"--network=archivebox-net"
"--network=podman"
];
volumes = [
"/data/media/archivebox:/data"
];
};
virtualisation.oci-containers.containers.archivebox_scheduler = {
image = "archivebox/archivebox:latest";
cmd = [
"schedule"
"--foreground"
"--update"
"--every=day"
];
environment = {
TIMEOUT = "120";
ALLOWED_HOSTS = "*"; # set this to the hostname(s) you're going to serve the site from!
CSRF_TRUSTED_ORIGINS = "https://archive.hailsatan.eu"; # you MUST set this to the server's URL for admin login and the REST API to work
PUBLIC_INDEX = "True"; # set to False to prevent anonymous users from viewing snapshot list
PUBLIC_SNAPSHOTS = "True"; # set to False to prevent anonymous users from viewing snapshot content
PUBLIC_ADD_VIEW = "False"; # set to True to allow anonymous users to submit new URLs to archive
SEARCH_BACKEND_ENGINE = "sonic"; # tells ArchiveBox to use sonic container below for fast full-text search
SEARCH_BACKEND_HOST_NAME = "archivebox_sonic";
SEARCH_BACKEND_PASSWORD = "SomeSecretPassword";
};
extraOptions = [
"--network=archivebox-net"
"--network=podman"
];
volumes = [
"/data/media/archivebox:/data"
];
};
virtualisation.oci-containers.containers.archivebox_sonic = {
image = "archivebox/sonic:latest";
environment = {
SEARCH_BACKEND_PASSWORD = "SomeSecretPassword";
};
extraOptions = [ "--network=archivebox-net" ];
volumes = [
"archivebox-sonic:/data"
];
};
# printer
virtualisation.oci-containers.containers.labello = {
image = "telegnom/labello:latest";
environment = {
LAB_PRINTER_DEVICE = "tcp://BRN008077572A96.lan:9100";
# LABELLO_DOWNLOAD_FONT = "yes";
};
extraOptions = [ "--network=podman" ];
volumes =
let
fonts = pkgs.runCommandNoCC "labello-fonts" { } ''
mkdir $out
cp ${pkgs.roboto}/share/fonts/truetype/* $out
cp ${pkgs.roboto-mono}/share/fonts/truetype/* $out
'';
in
[
"${fonts}:/opt/labello/fonts"
# "/nix/store:/nix/store"
];
};
virtualisation.oci-containers.containers.copyparty = {
image = "docker.io/copyparty/ac:latest";
extraOptions = [ "--network=podman" ];
ports = [ ];
volumes =
let
copypartyCfg = ''
[global]
xff-src: 10.88.0.1/24
idp-h-usr: X-Authentik-Username
idp-h-grp: X-Copyparty-Group
e2dsa # enable file indexing and filesystem scanning
e2ts # enable multimedia indexing
ansi # enable colors in log messages
re-maxage: 3600 # rescan every something
hist: /data/media/copyparty/cache
name: the gayest storage in the west
no-robots
shr: /shr
shr-adm: @admin
[/]
/data/media/copyparty/srv
accs:
A: @admin
r: *
[/dump]
/data/media/copyparty/srv/dump
flags:
dedup
accs:
A: @admin
w: *
[/pub]
/data/media/copyparty/srv/pub
flags:
dedup
accs:
A: @admin
rw: *
[/tv]
/data/media/tv
flags:
hist: /data/media/copyparty/hist/tv
accs:
r: *
[/movies]
/data/media/movies
flags:
hist: /data/media/copyparty/hist/movies
accs:
r: *
[/books]
/data/media/books
flags:
hist: /data/media/copyparty/hist/books
accs:
r: *
[/audiobooks]
/data/media/audiobooks
flags:
hist: /data/media/copyparty/hist/audiobooks
accs:
r: *
[/music]
/data/media/music
flags:
hist: /data/media/copyparty/hist/music
accs:
r: *
[/games]
/data/media/games
flags:
hist: /data/media/copyparty/hist/games
accs:
r: *
'';
cpp = pkgs.writeText "copyparty.conf" copypartyCfg;
in
[
"/data/media/tv:/data/media/tv:ro"
"/data/media/movies:/data/media/movies:ro"
"/data/media/audiobooks:/data/media/audiobooks:ro"
"/data/media/books:/data/media/books:ro"
"/data/media/games:/data/media/games:ro"
"/data/media/beets:/data/media/music:ro"
"/data/media/copyparty:/data/media/copyparty"
"/data/media/copyparty/cfg:/cfg"
"${cpp}:/cfg/copyparty.conf"
];
};
}

495
old-conf/hosts/ds9/default.nix
View file

@ -1,495 +0,0 @@
{
config,
inputs,
pkgs,
lib,
...
}:
let
pubkeys = import ../../data/pubkeys.nix;
caddy-with-plugins = import ./custom-caddy.nix { inherit pkgs; };
in
{
imports = [
./hardware-configuration.nix
./containers.nix
./backup.nix
./grist.nix
# ./plex.nix
./samba.nix
./paperless.nix
./maubot.nix
./woodpecker.nix
./attic.nix
./ytdl-sub.nix
./snipe-it.nix
./radicale.nix
./lms.nix
../../nixos-modules/networking/tailscale.nix
../../nixos-modules/services/docker.nix
../../nixos-modules/services/libvirt.nix
../../nixos-modules/services/msmtp.nix
# ../../nixos-modules/services/paperless.nix
# ../../nixos-modules/services/photoprism.nix
../../nixos-modules/services/samba.nix
../../nixos-modules/services/ssh.nix
../../nixos-modules/services/caddy
../../nixos-modules/system/agenix.nix
../../nixos-modules/system/fs.nix
../../nixos-modules/system/persist.nix
../../nixos-modules/system/security.nix
../../nixos-modules/user
];
# Don't Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
# power save stuffzies
services.udev.path = [ pkgs.hdparm ];
services.udev.extraRules = ''
ACTION=="add|change", KERNEL=="sd[a-z]", ATTRS{queue/rotational}=="1", RUN+="${pkgs.hdparm}/bin/hdparm -S 60 -B 100 /dev/%k"
'';
services.syncthing.enable = true;
services.syncthing.user = "ragon";
programs.mosh.enable = true;
security.sudo.wheelNeedsPassword = false;
networking.useDHCP = true;
networking.useNetworkd = true;
systemd.network.networks."enp1s0f1".ipv6AcceptRAConfig = {
Token = "prefixstable";
};
networking.bridges."br0".interfaces = [ ];
networking.hostId = "7b4c2932";
networking.firewall.allowedTCPPorts = [
9000
25565
80
443
];
networking.firewall.allowedUDPPorts = [ 443 ]; # http3 :3
boot.initrd.network = {
enable = true;
postCommands = ''
zpool import rpool
zpool import spool
echo "zfs load-key -a; killall zfs" >> /root/.profile
'';
ssh = {
enable = true;
port = 2222;
hostKeys = [
"/persistent/etc/nixos/secrets/initrd/ssh_host_rsa_key"
"/persistent/etc/nixos/secrets/initrd/ssh_host_ed25519_key"
];
authorizedKeys = pubkeys.ragon.computers;
};
};
boot.kernel.sysctl."fs.inotify.max_user_instances" = 512;
# Immutable users due to tmpfs
users.mutableUsers = false;
# users.users.nia = {
# createHome = true;
# isNormalUser = true;
# extraGroups = [
# "docker"
# "podman"
# "wheel"
# ];
# openssh.authorizedKeys.keys = [
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDq+jk1Bi8/x0lYDiVi/iVnp9nEleocoQ+xHmlpDt9Qs"
# ];
# };
users.users.bzzt = {
description = "bzzt server service user";
home = "/var/lib/bzzt";
createHome = true;
isSystemUser = true;
group = "bzzt";
};
users.groups.bzzt = { };
users.users.minecraft = {
description = "Minecraft server service user";
home = "/var/lib/minecraft";
createHome = true;
isSystemUser = true;
group = "minecraft";
};
users.groups.minecraft = { };
environment.systemPackages = [
pkgs.jdk17
pkgs.borgbackup
pkgs.beets
];
services.smartd = {
enable = true;
extraOptions = [ "--interval=7200" ];
notifications.test = true;
};
services.zfs.zed.enableMail = true;
services.zfs.zed.settings = {
ZED_EMAIL_ADDR = [ "root" ];
ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
ZED_EMAIL_OPTS = "@ADDRESS@";
ZED_NOTIFY_INTERVAL_SECS = 7200;
ZED_NOTIFY_VERBOSE = true;
ZED_USE_ENCLOSURE_LEDS = false;
ZED_SCRUB_AFTER_RESILVER = true;
};
# dyndns
systemd.services."dyndns-refresh" = {
script = ''
set -eu
export PATH=$PATH:${pkgs.curl}/bin:${pkgs.jq}/bin:${pkgs.iproute2}/bin
${pkgs.bash}/bin/bash ${config.age.secrets.ds9DynDns.path}
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
startAt = "*:0/10";
};
# services.tailscaleAuth.enable = true;
# services.tailscaleAuth.group = config.services.caddy.group;
systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path;
services.caddy = {
# ragon.services.caddy is enabled
extraConfig = ''
(blockBots) {
@botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot"
handle @botForbidden {
redir https://hil-speed.hetzner.com/10GB.bin
}
handle /robots.txt {
respond <<TXT
User-Agent: *
Disallow: /
TXT 200
}
}
(podmanRedir) {
reverse_proxy {args[:]} {
transport http {
resolvers 10.88.0.1 # podman dns
}
}
}
(podmanRedirWithAuth) {
route {
# always forward outpost path to actual outpost
reverse_proxy /outpost.goauthentik.io/* http://authentik-server:9000 {
transport http {
resolvers 10.88.0.1 # podman dns
}
}
forward_auth http://authentik-server:9000 {
transport http {
resolvers 10.88.0.1 # podman dns
}
uri /outpost.goauthentik.io/auth/caddy
copy_headers {
X-Authentik-Username
X-Copyparty-Group
X-Authentik-Groups
X-Authentik-Entitlements
X-Authentik-Email
X-Authentik-Name
X-Authentik-Uid
X-Authentik-Jwt
X-Authentik-Meta-Jwks
X-Authentik-Meta-Outpost
X-Authentik-Meta-Provider
X-Authentik-Meta-App
X-Authentik-Meta-Version
X-Grafana-Role
X-Authentik-Username>X-Remote-User
}
}
reverse_proxy {args[:]} {
transport http {
resolvers 10.88.0.1 # podman dns
}
}
}
}
'';
globalConfig = ''
acme_ca https://acme-v02.api.letsencrypt.org/directory # hard coded so zerossl doesn't get used
acme_dns desec {
token "{$TOKEN}"
}
metrics {
per_host
}
servers {
trusted_proxies static 100.96.45.2/32 fd7a:115c:a1e0:ab12:4843:cd96:6260:2d02/128
}
'';
virtualHosts."*.hailsatan.eu ".logFormat = ''
output file ${config.services.caddy.logDir}/access-*hailsatan.eu_internet.log
'';
virtualHosts."*.hailsatan.eu ".extraConfig = ''
import blockBots
@blog host blog.hailsatan.eu
handle @blog {
route {
# always forward outpost path to actual outpost
reverse_proxy /outpost.goauthentik.io/* http://authentik-server:9000 {
transport http {
resolvers 10.88.0.1 # podman dns
}
}
forward_auth http://authentik-server:9000 {
transport http {
resolvers 10.88.0.1 # podman dns
}
uri /outpost.goauthentik.io/auth/caddy
copy_headers X-Authentik-Username X-Copyparty-Group X-Authentik-Groups X-Authentik-Entitlements X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version X-Grafana-Role
}
root * /srv/www/xynospace
file_server
}
}
@jellyfin host j.hailsatan.eu
handle @jellyfin {
handle /metrics* {
abort
}
import podmanRedir http://jellyfin:8096
}
@mautrix-signal host mautrix-signal.hailsatan.eu
handle @mautrix-signal {
import podmanRedir http://mautrix-signal:29328
}
@woodpecker host woodpecker.hailsatan.eu
handle @woodpecker {
import podmanRedir http://woodpecker-server:8000
}
@attic host attic.hailsatan.eu
handle @attic {
reverse_proxy http://[::1]:8089
}
@auth host auth.hailsatan.eu
handle @auth {
import podmanRedir http://authentik-server:9000
}
@radicale host radicale.hailsatan.eu
handle @radicale {
import podmanRedirWithAuth http://[::1]:5232
}
@grafana host grafana.hailsatan.eu
handle @grafana {
import podmanRedirWithAuth http://grafana:3000
}
@lms host lms.hailsatan.eu
handle @lms {
handle /rest* {
import podmanRedir http://localhost:5082
}
import podmanRedirWithAuth http://localhost:5082
}
@immich host immich.hailsatan.eu
handle @immich {
import podmanRedir http://immich-server:2283
}
@cd host cd.hailsatan.eu
handle @cd {
import podmanRedirWithAuth http://changedetection:5000
}
@node-red host node-red.hailsatan.eu
handle @node-red {
import podmanRedirWithAuth http://node-red:1880
}
@labello host labello.hailsatan.eu
handle @labello {
import podmanRedirWithAuth http://labello:4242
}
@paperless host paperless.hailsatan.eu
handle @paperless {
import podmanRedirWithAuth http://paperless-server:8000
}
@archivebox host archivebox.hailsatan.eu
handle @archivebox {
handle /api/* {
import podmanRedir http://archivebox:8000
}
handle {
import podmanRedirWithAuth http://archivebox:8000
}
}
@grist host grist.hailsatan.eu
handle @grist {
import podmanRedir http://grist:8484
}
@snipe-it host snipe-it.hailsatan.eu
handle @snipe-it {
root * ${pkgs.snipe-it}/share/php/snipe-it/public
php_fastcgi unix//${config.services.phpfpm.pools."snipe-it".socket}
file_server
}
@copyparty host c.hailsatan.eu
handle @copyparty {
# @proxy {
# header_regexp Cookie authentik_proxy_([a-zA-Z0-9])
# }
# handle @proxy {
# import podmanRedirWithAuth http://copyparty:3923
# }
handle /shr/* {
import podmanRedir http://copyparty:3923
}
handle /.cpr/* {
import podmanRedir http://copyparty:3923
}
# @noauth {
# path_regexp ^\/(noauth(\/.*|)|[a-z.]+\.(css|js)|[1-9].png)$
# }
# @getoptionshead {
# method GET OPTIONS HEAD
# }
# handle @noauth {
# handle @getoptionshead {
# import podmanRedir http://copyparty:3923
# }
# }
handle {
import podmanRedirWithAuth http://copyparty:3923
}
}
handle {
import podmanRedirWithAuth http://127.0.0.1:8001
}
'';
};
services.prometheus = {
enable = true;
exporters.node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
exporters.postgres = {
enable = true;
environmentFile = config.age.secrets.ds9PostgresExporterEnv.path;
};
scrapeConfigs = [
{
job_name = "postgres";
static_configs = [
{
targets = [
"localhost:${toString config.services.prometheus.exporters.postgres.port}"
"picard.kangaroo-galaxy.ts.net:${toString config.services.prometheus.exporters.postgres.port}"
];
}
];
}
{
job_name = "caddy";
static_configs = [
{
targets = [
"localhost:2019"
"picard.kangaroo-galaxy.ts.net:2019"
];
}
];
}
{
job_name = "node";
static_configs = [
{
targets = [
"localhost:${toString config.services.prometheus.exporters.node.port}"
"picard.kangaroo-galaxy.ts.net:${toString config.services.prometheus.exporters.node.port}"
];
}
];
}
];
};
home-manager.users.ragon =
{
pkgs,
lib,
inputs,
config,
...
}:
{
imports = [
# ../../hm-modules/nvim
../../hm-modules/helix
# ../../hm-modules/zsh
../../hm-modules/tmux
# ../../hm-modules/xonsh
../../hm-modules/cli.nix
../../hm-modules/files.nix
];
# ragon.xonsh.enable = true;
programs.home-manager.enable = true;
home.stateVersion = "23.11";
};
# begin kube
# services.k3s = {
# enable = true;
# extraFlags = "--disable=traefik --cluster-cidr 10.42.0.0/16,2001:cafe:42::/56 --service-cidr=10.43.0.0/16,2001:cafe:43::/112 --vpn-auth-file=/persistent/tailscale-auth-file";
#};
# systemd.services.k3s.path = [pkgs.tailscale pkgs.coreutils pkgs.bash];
# end kube
ragon = {
agenix.secrets."desec" = { };
agenix.secrets."ds9DynDns" = { };
agenix.secrets."ds9PostgresExporterEnv" = { };
user.enable = true;
persist.enable = true;
persist.extraDirectories = [
"/home/nia"
"/var/lib/syncthing"
"/var/lib/minecraft"
"/var/lib/bzzt"
"/var/lib/rancher"
"/etc/rancher"
"/root/.cache"
"/srv/www"
"/var/lib/${config.services.prometheus.stateDir}"
];
services = {
caddy.enable = true;
docker.enable = true;
ssh.enable = true;
msmtp.enable = true;
# photoprism.enable = true;
tailscale.enable = true;
tailscale.exitNode = true;
tailscale.extraUpCommands = "--advertise-routes=10.0.0.0/16";
# libvirt.enable = true;
# paperless.enable = true;
};
};
}

34
old-conf/hosts/ds9/grist.nix
View file

@ -1,34 +0,0 @@
{
pkgs,
config,
lib,
...
}:
{
ragon.agenix.secrets.ds9GristEnv = { };
virtualisation.quadlet = {
containers.grist = {
containerConfig = {
image = "docker.io/gristlabs/grist-oss";
networks = [
"podman"
"db-net"
];
volumes = [
"grist:/persist"
];
environments = {
GRIST_SANDBOX_FLAVOR = "gvisor";
APP_HOME_URL = "https://grist.hailsatan.eu";
GRIST_FORCE_LOGIN = "true";
GRIST_TELEMETRY_LEVEL = "off";
GRIST_ALLOW_AUTOMATIC_VERSION_CHECKING = "false";
};
addCapabilities = [ "SYS_PTRACE" ];
environmentFiles = [
config.age.secrets.ds9GristEnv.path
];
};
};
};
}

57
old-conf/hosts/ds9/hardware-configuration.nix
View file

@ -1,57 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ "${modulesPath}/installer/scan/not-detected.nix" ];
boot.initrd.availableKernelModules = [ "r8169" "ahci" "vfio-pci" "xhci_pci" "ehci_pci" "nvme" "usbhid" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-amd" ];
nix.settings.max-jobs = lib.mkDefault 12;
powerManagement.powertop.enable = true;
powerManagement.cpuFreqGovernor = "powersave";
powerManagement.scsiLinkPolicy = "min_power";
services.zfs.autoScrub.enable = true;
ragon.system.fs = {
enable = true;
mediadata = false;
swap = false;
persistentSnapshot = false;
nix = "spool/local/nix";
varlog = "spool/local/journal";
persistent = "spool/safe/persist";
arcSize = 16;
};
services.sanoid.datasets."rpool/content/safe/data/media" = { };
services.sanoid.enable = true;
services.sanoid.interval = "0/8:00:00";
swapDevices = [{ device = "/dev/disk/by-id/nvme-eui.000000000000000100a075202c247839-part1"; randomEncryption = true; }];
fileSystems."/boot".device = "/dev/disk/by-uuid/149F-23AA";
fileSystems."/data" = {
device = "rpool/content/safe/data";
fsType = "zfs";
};
fileSystems."/data/media" = {
device = "rpool/content/safe/data/media";
fsType = "zfs";
};
fileSystems."/backups/DaedalusTimeMachine" = {
device = "rpool/content/local/backups/daedalus";
fsType = "zfs";
};
fileSystems."/backups" = {
device = "rpool/content/local/backups";
fsType = "zfs";
};
# fileSystems."/data/media/nzbr" = {
# device = "10.0.1.2:/storage/media";
# fsType = "nfs";
# options = [ "x-systemd.automount" "noauto" ];
# };
}

101
old-conf/hosts/ds9/lms.nix
View file

@ -1,101 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
inherit (lib) concatStringsSep concatMapStringsSep mapAttrsToList;
lmsConfig = {
api-subsonic-support-user-password-auth = true;
behind-reverse-proxy = true;
authentication-backend = "http-headers";
http-headers-login-field = "X-Remote-User";
working-dir = "/var/lib/lms";
scanner-skip-duplicate-mbid = true;
ffmpeg-file = "${pkgs.ffmpeg-full}/bin/ffmpeg";
wt-resources = "${pkgs.wt}/share/Wt/resources";
docroot = "${pkgs.lms}/share/lms/docroot/;/resources,/css,/images,/js,/favicon.ico";
approot = "${pkgs.lms}/share/lms/approot";
# log-min-severity = "debug";
trusted-proxies = ["127.0.0.1" "::1"];
# db-show-queries = true;
};
writeVal =
x:
if builtins.typeOf x == "string" then
''"${x}"''
else if builtins.typeOf x == "list" then
''(${(concatMapStringsSep ",\n" writeVal x)})''
else if builtins.typeOf x == "bool" then
(if x then "true" else "false")
else
(writeVal (toString x));
lmsConfigFile = pkgs.writeText "lms.conf" (
(concatStringsSep "\n" (mapAttrsToList (n: v: "${n} = ${writeVal v};") lmsConfig)) + "\n"
);
in
{
systemd.services.lms = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment.OMP_THREAD_LIMIT = "1";
serviceConfig = {
DynamicUser = true;
ExecStart = ''
${pkgs.lms}/bin/lms ${lmsConfigFile}
'';
Group = "users";
StateDirectory = "lms";
RuntimeDirectory = "lms";
WorkingDirectory = "/var/lib/lms";
RootDirectory = "/run/lms";
ReadWritePaths = "";
BindReadOnlyPaths = [
"${config.security.pki.caBundle}:/etc/ssl/certs/ca-certificates.crt"
builtins.storeDir
"/etc"
"/data/media/beets/music"
]
++ lib.optionals config.services.resolved.enable [
"/run/systemd/resolve/stub-resolv.conf"
"/run/systemd/resolve/resolv.conf"
];
CapabilityBoundingSet = "";
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
PrivateDevices = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
RestrictRealtime = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
UMask = "0066";
ProtectHostname = true;
};
};
ragon.persist.extraDirectories = [
{
directory = "/var/lib/private/lms";
mode = "0700";
defaultPerms.mode = "0700";
}
];
}

25
old-conf/hosts/ds9/maubot.nix
View file

@ -1,25 +0,0 @@
{
config,
pkgs,
lib,
...
}:
{
virtualisation.quadlet = {
containers = {
mautrix-signal = {
containerConfig.image = "dock.mau.dev/mautrix/signal:latest";
containerConfig.volumes = [
"mautrix-signal:/data"
];
# containerConfig.publishPorts = [
# "100.83.96.25:29328:29328"
# ];
containerConfig.networks = [
"podman"
"db-net"
];
};
};
};
}

75
old-conf/hosts/ds9/paperless.nix
View file

@ -1,75 +0,0 @@
{
pkgs,
config,
lib,
inputs,
...
}:
{
virtualisation.quadlet = {
containers = {
paperless-server.containerConfig.image = "ghcr.io/paperless-ngx/paperless-ngx:latest";
paperless-server.containerConfig.networks = [
"podman"
"db-net"
"paperless-net"
];
paperless-server.containerConfig.volumes = [
"paperless-media:/usr/src/paperless/media"
"paperless-data:/usr/src/paperless/data"
"/data/paperless-export:/usr/src/paperless/export"
"/data/paperless-consume:/usr/src/paperless/consume"
];
paperless-server.containerConfig.environments = {
PAPERLESS_REDIS = "redis://paperless-redis:6379";
PAPERLESS_DBHOST = "postgres";
PAPERLESS_TIKA_ENABLED = "1";
PAPERLESS_TIKA_GOTENBERG_ENDPOINT = "http://paperless-gotenberg:3000";
PAPERLESS_TIKA_ENDPOINT = "http://paperless-tika:9998";
USERMAP_UID = "1000";
USERMAP_GID = "100";
PAPERLESS_URL = "https://paperless.hailsatan.eu";
PAPERLESS_TIME_ZONE = "Europe/Berlin";
PAPERLESS_OCR_LANGUAGE = "deu";
PAPERLESS_TRUSTED_PROXIES = "10.89.0.1";
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "true";
PAPERLESS_ENABLE_HTTP_REMOTE_API = "true";
PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_AUTHENTIK_USERNAME";
PAPERLESS_DISABLE_REGULAR_LOGIN = "true";
};
paperless-server.serviceConfig.TimeoutStartSec = "60";
paperless-redis.containerConfig.image = "docker.io/library/redis:alpine";
paperless-redis.containerConfig.networks = [
"paperless-net"
];
paperless-redis.containerConfig.volumes = [ "paperless-redis:/data" ];
paperless-redis.serviceConfig.TimeoutStartSec = "60";
paperless-gotenberg = {
containerConfig = {
image = "docker.io/gotenberg/gotenberg:8.7";
exec = "gotenberg --chromium-disable-javascript=true --chromium-allow-list=file:///tmp/.*";
networks = [
"paperless-net"
];
};
serviceConfig.TimeoutStartSec = "60";
};
paperless-tika = {
containerConfig = {
image = "docker.io/apache/tika:latest";
networks = [
"paperless-net"
];
};
serviceConfig.TimeoutStartSec = "60";
};
};
networks = {
paperless.networkConfig.ipv6 = true;
paperless.networkConfig.name = "paperless-net";
paperless.networkConfig.internal = true;
};
};
}

9
old-conf/hosts/ds9/plex.nix
View file

@ -1,9 +0,0 @@
{ config, pkgs, lib, inputs, ... }: {
ragon.persist.extraDirectories = [ config.services.plex.dataDir ];
services.plex = {
enable = true;
openFirewall = true;
user = "ragon";
group = "users";
};
}

43
old-conf/hosts/ds9/radicale.nix
View file

@ -1,43 +0,0 @@
{
pkgs,
config,
lib,
...
}:
{
services.radicale = {
enable = true;
settings = {
server.hosts = [ "[::1]:5232" ];
auth = {
type = "http_x_remote_user";
# remote_ip_source = "X-Remote-Addr";
};
storage = {
filesystem_folder = "/var/lib/radicale/collections";
};
};
rights = {
root = {
user = ".+";
collection = "";
permissions = "R";
};
principal = {
user = ".+";
collection = "{user}";
permissions = "RW";
};
calendars = {
user = ".+";
collection = "{user}/[^/]+";
permissions = "rw";
};
};
};
ragon.persist.extraDirectories = [
"/var/lib/radicale"
];
}

66
old-conf/hosts/ds9/samba.nix
View file

@ -1,66 +0,0 @@
{ config, pkgs, lib, ... }: {
# services.samba.extraConfig = ''
# min protocol = SMB3
# vfs objects = acl_xattr catia fruit streams_xattr
# fruit:nfs_aces = no
# inherit permissions = yes
# fruit:posix_rename = yes
# fruit:resource = xattr
# fruit:model = MacSamba
# fruit:veto_appledouble = no
# fruit:wipe_intentionally_left_blank_rfork = yes
# fruit:delete_empty_adfiles = yes
# fruit:metadata = stream
# '';
services.avahi.enable = true;
services.avahi.nssmdns = true;
services.avahi.publish.enable = true;
services.avahi.extraServiceFiles.smb = ''
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
<host-name>ds9.kangaroo-galaxy.ts.net</host-name>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=MacPro7,1@ECOLOR=226,226,224</txt-record>
</service>
<service>
<type>_adisk._tcp</type>
<txt-record>sys=waMa=0,adVF=0x100</txt-record>
<txt-record>dk0=adVN=TimeMachine,adVF=0x82</txt-record>
<host-name>ds9.kangaroo-galaxy.ts.net</host-name>
</service>
</service-group>
'';
ragon.services = {
samba.enable = true;
samba.shares = {
TimeMachine = {
path = "/backups/DaedalusTimeMachine";
comment = "DaedalusTimeMachine";
"write list" = "@wheel";
"read only" = "no";
"writable" = "yes";
"browseable" = "yes";
"fruit:time machine" = "yes";
"fruit:time machine max size" = "2050G";
"vfs objects" = "acl_xattr fruit streams_xattr";
"inherit acls" = "yes";
};
data = {
path = "/data";
comment = "some data for the people";
"write list" = "@wheel";
};
};
};
}

34
old-conf/hosts/ds9/snipe-it.nix
View file

@ -1,34 +0,0 @@
{
pkgs,
config,
lib,
...
}:
with lib;
{
users.users.nginx.isSystemUser = true;
users.users.nginx.group = "nginx";
users.groups.nginx = { };
services.nginx.enable = mkForce false;
services.nginx.virtualHosts."snipe-it" = mkForce null;
users.users.caddy.extraGroups = [ config.services.snipe-it.group ];
ragon.agenix.secrets.ds9SnipeIt = {
group = config.services.snipe-it.group;
owner = config.services.snipe-it.user;
mode = "440";
};
services.snipe-it = {
enable = true;
database.createLocally = true;
mail.driver = "sendmail";
appURL = "https://snipe-it.hailsatan.eu";
hostName = "snipe-it";
appKeyFile = config.age.secrets.ds9SnipeIt.path;
mail.from.address = "root@hailsatan.eu";
};
ragon.persist.extraDirectories = [
config.services.snipe-it.dataDir
"/var/lib/mysql"
];
}

59
old-conf/hosts/ds9/woodpecker.nix
View file

@ -1,59 +0,0 @@
{
config,
pkgs,
lib,
...
}:
{
virtualisation.podman.dockerSocket.enable = true;
ragon.agenix.secrets.ds9WoodpeckerEnv = { };
ragon.agenix.secrets.ds9WoodpeckerAgentSecretEnv = { };
virtualisation.quadlet = {
containers = {
woodpecker-server = {
containerConfig.image = "woodpeckerci/woodpecker-server:v3";
containerConfig.volumes = [
"woodpecker-server-data:/var/lib/woodpecker"
];
containerConfig.networks = [
"woodpecker-net"
"podman"
];
containerConfig.environments = {
WOODPECKER_HOST = "https://woodpecker.hailsatan.eu";
WOODPECKER_OPEN = "true";
WOODPECKER_ADMIN = "xyno";
};
containerConfig.environmentFiles = [
config.age.secrets.ds9WoodpeckerEnv.path
config.age.secrets.ds9WoodpeckerAgentSecretEnv.path
];
};
woodpecker-agent = {
containerConfig.environmentFiles = [
config.age.secrets.ds9WoodpeckerAgentSecretEnv.path
];
containerConfig.image = "woodpeckerci/woodpecker-agent:v3";
containerConfig.volumes = [
"woodpecker-agent-config:/etc/woodpecker"
"/var/run/docker.sock:/var/run/docker.sock"
];
containerConfig.environments = {
WOODPECKER_SERVER = "woodpecker-server:9000";
BACKEND_DOCKER_ENABLE_IPV6 = "true";
};
containerConfig.networks = [
"woodpecker-net"
"podman"
];
};
};
networks = {
woodpecker.networkConfig = {
ipv6 = true;
name = "woodpecker-net";
internal = false;
};
};
};
}

130
old-conf/hosts/ds9/ytdl-sub.nix
View file

@ -1,130 +0,0 @@
{
config,
pkgs,
lib,
inputs,
...
}:
with lib;
let
channels = {
"Entertainment" = [
"2BoredGuysOfficial"
"AlexPrinz"
"BagelBoyOfficial"
"DiedeutschenBackrooms"
"DankPods"
"Defunctland"
"Ididathing"
"GarbageTime420"
"Boy_Boy"
"ContraPoints"
"PhilosophyTube"
"PosyMusic"
"RobBubble"
"agingwheels"
"NileBlue"
"NileRed"
"styropyro"
"williamosman"
"billwurtz"
"f4micom"
"hbomberguy"
"simonegiertz"
"Parabelritter"
"DeviantOllam"
"MaxFosh"
"MichaelReeves"
"TomScottGo"
"WilliamOsman2"
];
"Tism" = [
"Echoray1" # alwin meschede
"TechnologyConnections"
"TechnologyConnextras"
"TheB1M"
"bahnblick_eu"
"jameshoffmann"
"scottmanley"
"theCodyReeder"
"standupmaths"
];
"Making" = [
"DIYPerks"
"MaxMakerChannel"
"Nerdforge"
"iliketomakestuff"
"ZackFreedman"
];
"Games" = [
"TylerMcVicker1"
"gabe.follower"
"altf4games"
];
"Programming" = [
"BenEater"
"NoBoilerplate"
"stacksmashing"
];
"Tech" = [
"LinusTechTips"
];
};
in
{
systemd.services."ytdl-sub-default".serviceConfig.ReadWritePaths = [ "/data/media/yt" ];
services.ytdl-sub = {
instances.default = {
enable = true;
schedule = "0/2:0";
config = {
presets."Sponsorblock" = {
ytdl_options.cookiefile = "/data/media/yt/cookies.Personal.txt";
subtitles = {
embed_subtitles = true;
languages = [
"en"
"de"
];
allow_auto_generated_subtitles = false;
};
chapters = {
embed_chapters = true;
sponsorblock_categories = [
# "outro"
"selfpromo"
"preview"
"interaction"
"sponsor"
"music_offtopic"
# "intro"
];
remove_sponsorblock_categories = "all";
force_key_frames = false;
};
};
};
subscriptions = {
"__preset__".overrides = {
tv_show_directory = "/data/media/yt";
only_recent_max_files = 30;
# only_recent_date_range = "30days";
};
"Jellyfin TV Show by Date | Sponsorblock | Only Recent | Max 1080p" = mapAttrs' (
n: v: nameValuePair "= ${n}" (genAttrs v (x: "https://youtube.com/@${x}"))
) channels;
"Jellyfin TV Show Collection | Sponsorblock" = {
"~Murder Drones" = {
s01_url = "https://www.youtube.com/playlist?list=PLHovnlOusNLiJz3sm0d5i2Evwa2LDLdrg";
tv_show_collection_episode_ordering = "playlist-index";
tv_show_directory = "/data/media/tv";
};
};
};
};
group = "users";
};
}

400
old-conf/hosts/picard/default.nix
View file

@ -1,400 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
inputs,
config,
pkgs,
lib,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./xynospace-matrix.nix
./plausible.nix
./obsidianshare.nix
./mail.nix
./gotosocial.nix
./ntfy.nix
# ./ts-ovpn.nix
../../nixos-modules/system/persist.nix
../../nixos-modules/system/agenix.nix
../../nixos-modules/system/fs.nix
../../nixos-modules/system/security.nix
../../nixos-modules/services/ssh.nix
../../nixos-modules/services/msmtp.nix
../../nixos-modules/services/caddy
../../nixos-modules/services/bitwarden.nix
../../nixos-modules/networking/tailscale.nix
# ../../nixos-modules/services/authelia.nix
../../nixos-modules/services/hedgedoc.nix
../../nixos-modules/services/ts3.nix
../../nixos-modules/user
];
documentation.enable = false;
documentation.nixos.enable = false;
documentation.man.enable = false;
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.systemd-boot.enable = false;
services.syncthing.enable = true;
services.syncthing.group = "users";
services.syncthing.user = "ragon";
networking.interfaces."ens3" = {
ipv6 = {
addresses = [
{
address = "2a03:4000:6:8120::1";
prefixLength = 64;
}
];
};
};
networking.defaultGateway6 = {
address = "fe80::1";
interface = "enp0s3";
};
networking.nameservers = [
"1.1.1.1"
"8.8.8.8"
];
# networking.interfaces.eno1.useDHCP = true;
networking.hostId = "7c21236a";
# Immutable users due to tmpfs
users.mutableUsers = false;
services.postgresql.package = pkgs.postgresql_17_jit;
services.postgresql.settings = {
shared_buffers = "4GB";
work_mem = "64MB";
};
systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path;
networking.firewall.allowedTCPPorts = [
80
443
config.services.forgejo.settings.server.SSH_PORT
25
143
465
587
993
];
networking.firewall.allowedUDPPorts = [ 443 ];
services.prometheus.exporters.node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
services.prometheus.exporters.postgres = {
enable = true;
runAsLocalSuperUser = true;
};
services.caddy = {
logFormat = "level INFO";
enable = true;
globalConfig = ''
email ssl@xyno.systems
acme_ca https://acme-v02.api.letsencrypt.org/directory # hard coded so zerossl doesn't get used
acme_dns desec {
token "{$TOKEN}"
}
admin :2019
metrics {
per_host
}
'';
virtualHosts."*.hailsatan.eu".extraConfig = ''
tls ssl@xyno.systems {
propagation_delay 1m
ca https://acme-v02.api.letsencrypt.org/directory # hard coded so zerossl doesn't get used
dns desec {
token "{$TOKEN}"
}
}
reverse_proxy https://ds9.kangaroo-galaxy.ts.net {
transport http {
tls_server_name {host}
}
}
'';
virtualHosts."l621.net".extraConfig = ''
reverse_proxy http://127.0.0.1:8186
'';
virtualHosts."xyno.space".extraConfig =
let
fqdn = "matrix.xyno.space";
wkServer = {
"m.server" = "${fqdn}:443";
};
wkClient = {
"m.homeserver" = {
"base_url" = "https://${fqdn}";
};
"m.identity_server" = {
"base_url" = "https://vector.im";
};
# "org.matrix.msc3575.proxy" = { "url" = "https://slidingsync.ragon.xyz"; };
};
in
''
encode zstd gzip
handle /.well-known/matrix/server {
header Content-Type application/json
respond `${builtins.toJSON wkServer}` 200
}
handle /.well-known/matrix/client {
header Content-Type application/json
header Access-Control-Allow-Origin "*"
respond `${builtins.toJSON wkClient}` 200
}
handle /gyakapyukawfyuokfgwtyutf.js {
rewrite * /js/plausible.outbound-links.js
reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
}
handle /api/event {
reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
}
redir /post/nix-darwin-introduction /posts/nix-darwin-introduction/ 301
redir /post/nixos-utm-rosetta /posts/nixos-utm-rosetta/ 301
redir /post/nix-store-nfs /posts/nix-store-nfs/ 301
redir /post/parcel-quicktemplate /posts/parcel-quicktemplate/ 301
redir /posts.rss /atom.xml 301
redir /posts.atom /atom.xml 301
root * /srv/www/xynospace
file_server
'';
virtualHosts."*.xyno.space".extraConfig = ''
@stats host stats.xyno.space
handle @stats {
reverse_proxy http://127.0.0.1:${toString config.services.plausible.server.port}
}
@matrix host matrix.xyno.space
handle @matrix {
handle /_matrix/* {
reverse_proxy http://192.168.100.11:8008
}
handle /notifications {
reverse_proxy http://192.168.100.11:8008
}
handle /_synapse/client/* {
reverse_proxy http://192.168.100.11:8008
}
handle /health {
reverse_proxy http://192.168.100.11:8008
}
}
handle {
abort
}
'';
virtualHosts."*.xyno.systems".extraConfig = ''
@lost host lost.xyno.systems
handle @lost {
handle /register {
header ?Set-Cookie lost-registered=true
respond registered 200
}
@lost-registered {
header Cookie *lost-registered=true*
}
handle @lost-registered {
redir https://snipe-it.hailsatan.eu/hardware{uri}
}
handle {
redir https://xyno.space/contact?utm-source=lost&utm-content={uri}
}
}
@md host md.xyno.systems
handle @md {
reverse_proxy http://[::1]:${toString config.services.hedgedoc.settings.port}
}
# @sso host sso.xyno.systems
# handle @sso {
# reverse_proxy http://127.0.0.1:9091
# }
@git host git.xyno.systems
handle @git {
reverse_proxy http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}
}
@notes host notes.xyno.systems
handle @notes {
reverse_proxy http://127.0.0.1:8086
}
@ntfy host ntfy.xyno.systems
handle @ntfy {
reverse_proxy http://127.0.0.1:15992
}
@bw host bw.xyno.systems
handle @bw {
reverse_proxy http://${config.services.vaultwarden.config.rocketAddress}:${toString config.services.vaultwarden.config.rocketPort}
}
handle {
abort
}
'';
virtualHosts."xyno.systems".extraConfig = ''
redir https://xyno.space{uri}
'';
virtualHosts."robotgirl.cloud".extraConfig = ''
handle / {
header Content-Type text/html
header Access-Control-Allow-Origin "*"
respond `<!DOCTYPE html><html><head><title>beep</title></head><body>
<h2>
beep :3
</h2>
<p>
all the robots are on <a href="https://catgirl.cloud">catgirl.cloud</a> mew :3
</p>
</body></head>` 200
}
'';
};
services.forgejo = {
enable = true;
lfs.enable = true;
settings = {
global.APP_NAME = "xyno.systems git";
session.COOKIE_SECURE = true;
server.DOMAIN = "git.xyno.systems";
server.ROOT_URL = "https://git.xyno.systems/";
server.HTTP_PORT = 3031;
server.HTTP_HOST = "127.0.0.1";
service.DISABLE_REGISTRATION = false;
service.ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
service.SHOW_REGISTRATION_BUTTON = false;
openid = {
ENABLE_OPENID_SIGNIN = false;
ENABLE_OPENID_SIGNUP = true;
WHITELISTED_URIS = "auth.hailsatan.eu";
};
};
};
ragon.agenix.secrets."desec" = { };
ragon.agenix.secrets."picardResticPassword" = { };
ragon.agenix.secrets."picardResticSSHKey" = { };
ragon.agenix.secrets."picardResticHealthCheckUrl" = { };
ragon.agenix.secrets."picardSlidingSyncSecret" = { };
ragon.agenix.secrets."gatebridgeHostKeys" = { };
services.postgresql.ensureUsers = [
{
name = "root";
ensureClauses.superuser = true;
}
];
services.borgmatic = {
enable = true;
configurations."picard-ds9" = {
source_directories = [ "/persistent" ];
repositories = [
{
label = "ds9";
path = "ssh://picardbackup@ds9/backups/picard/borgmatic";
}
{
label = "gatebridge";
path = "ssh://root@gatebridge/media/backup/picard";
}
];
exclude_if_present = [ ".nobackup" ];
encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.picardResticPassword.path}";
compression = "auto,zstd,10";
ssh_command = "ssh -o GlobalKnownHostsFile=${config.age.secrets.gatebridgeHostKeys.path} -i ${config.age.secrets.picardResticSSHKey.path}";
retention = {
keep_daily = 7;
keep_weekly = 4;
keep_monthly = 12;
keep_yearly = 10;
};
before_actions = [
"${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.picardResticHealthCheckUrl.path})/start"
];
after_actions = [
"${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.picardResticHealthCheckUrl.path})"
];
on_error = [
"${pkgs.curl}/bin/curl -fss -m 10 --retry 5 -o /dev/null $(${pkgs.coreutils}/bin/cat ${config.age.secrets.picardResticHealthCheckUrl.path})/fail"
];
postgresql_databases = [
{
name = "all";
pg_dump_command = "${pkgs.postgresql}/bin/pg_dumpall";
pg_restore_command = "${pkgs.postgresql}/bin/pg_restore";
}
];
};
};
nixpkgs.overlays = [
(self: super: {
zfs = super.zfs.override { enableMail = true; };
})
];
# services.xynoblog.enable = true;
# services.lolpizza2.enable = true;
programs.mosh.enable = true;
home-manager.users.ragon =
{
pkgs,
lib,
inputs,
config,
...
}:
{
imports = [
# ../../hm-modules/nvim
# ../../hm-modules/zsh
../../hm-modules/tmux
../../hm-modules/cli.nix
../../hm-modules/files.nix
];
programs.home-manager.enable = true;
home.stateVersion = "23.11";
};
ragon = {
user.enable = true;
persist.enable = true;
persist.extraDirectories = [
"/var/lib/nixos-containers"
"/srv/www"
config.services.caddy.dataDir
"/var/lib/syncthing"
# "/var/lib/${config.services.xynoblog.stateDirectory}"
"/var/lib/postgresql"
config.services.forgejo.stateDir
];
services = {
caddy.enable = true;
ssh.enable = true;
msmtp.enable = true;
bitwarden.enable = true;
tailscale.enable = true;
hedgedoc.enable = true;
# authelia.enable = true;
ts3.enable = true;
};
};
}

22
old-conf/hosts/picard/gotosocial.nix
View file

@ -1,22 +0,0 @@
{ pkgs, config, ... }: {
virtualisation.oci-containers.containers."gts" = {
image = "superseriousbusiness/gotosocial:latest";
environment = {
GTS_HOST = "l621.net";
GTS_DB_TYPE = "sqlite";
GTS_DB_ADDRESS = "/gotosocial/storage/sqlite.db";
GTS_LETSENCRYPT_ENABLED = "false";
GTS_WAZERO_COMPILATION_CACHE = "/gotosocial/.cache";
GTS_TRUSTED_PROXIES = "10.88.0.0/16";
TZ = "Europe/Berlin";
};
ports = [
"127.0.0.1:8186:8080"
];
volumes = [
"/var/lib/gotosocial:/gotosocial/storage"
];
};
ragon.persist.extraDirectories = ["/var/lib/gotosocial"];
}

44
old-conf/hosts/picard/hardware-configuration.nix
View file

@ -1,44 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
pubkeys = import ../../data/pubkeys.nix;
in
{
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ];
boot.zfs.requestEncryptionCredentials = true;
ragon.system.fs.enable = true;
ragon.system.fs.nix = "rpool/nix";
ragon.system.fs.varlog = "rpool/varlog";
ragon.system.fs.persistent = "rpool/persist";
ragon.system.fs.swap = false;
ragon.system.fs.mediadata = false;
swapDevices = [
{ device = "/dev/sda2"; randomEncryption.enable = true; }
];
services.syncoid.enable = false; # disable failing zfs syncing
boot.initrd = {
network = {
enable = true;
postCommands = ''
zpool import rpool
echo "zfs load-key -a; killall zfs" >> /root/.profile
'';
ssh = {
enable = true;
port = 2222;
hostKeys = [
"/persistent/etc/nixos/secrets/initrd/ssh_host_rsa_key"
"/persistent/etc/nixos/secrets/initrd/ssh_host_ed25519_key"
];
authorizedKeys = pubkeys.ragon.user;
};
};
};
powerManagement.cpuFreqGovernor = "performance";
}

37
old-conf/hosts/picard/mail.nix
View file

@ -1,37 +0,0 @@
{
pkgs,
config,
lib,
...
}:
{
virtualisation.oci-containers.containers."mail" = {
image = "ghcr.io/docker-mailserver/docker-mailserver:latest";
hostname = "mail.hailsatan.eu";
ports = [
"25:25" # SMTP (explicit TLS => STARTTLS, Authentication is DISABLED => use port 465/587 instead)
"143:143" # IMAP4 (explicit TLS => STARTTLS)
"465:465" # ESMTP (implicit TLS)
"587:587" # ESMTP (explicit TLS => STARTTLS)
"993:993" # IMAP4 (implicit TLS)
];
volumes = [
"mail-data:/var/mail/"
"mail-state:/var/mail-state/"
"mail-logs:/var/log/mail/"
"mail-config:/tmp/docker-mailserver/"
"/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.hailsatan.eu:/srv/tls/meow:ro" # it hates this
];
environment = {
TZ = "Europe/Berlin";
SPOOF_PROTECTION = "1";
LOG_LEVEL = "info";
ENABLE_CLAMAV = "0";
ENABLE_FAIL2BAN = "0";
TLS_LEVEL = "intermediate"; # printers ahhh
SSL_TYPE = "manual";
SSL_CERT_PATH = "/srv/tls/meow/wildcard_.hailsatan.eu.crt";
SSL_KEY_PATH = "/srv/tls/meow/wildcard_.hailsatan.eu.key";
};
};
}

11
old-conf/hosts/picard/ntfy.nix
View file

@ -1,11 +0,0 @@
{pkgs,config,lib,...}:{
services.ntfy-sh = {
enable = true;
settings.base-url = "https://ntfy.xyno.systems";
settings.behind-proxy = true;
settings.listen-http = ":15992";
};
ragon.persist.extraDirectories = [
"/var/cache/ntfy"
];
}

17
old-conf/hosts/picard/obsidianshare.nix
View file

@ -1,17 +0,0 @@
{ pkgs, config, ... }: {
ragon.agenix.secrets.picardSharenoteEnv = { };
virtualisation.oci-containers.containers."sharenote" = {
image = "ghcr.io/thexyno/sharenote-py:latest";
environmentFiles = [
config.age.secrets.picardSharenoteEnv.path
];
ports = [
"127.0.0.1:8086:8086"
];
volumes = [
"/var/lib/sharenote:/sharenote-py/static"
];
};
ragon.persist.extraDirectories = ["/var/lib/sharenote"];
}

76
old-conf/hosts/picard/plausible.nix
View file

@ -1,76 +0,0 @@
{ config, lib, pkgs, ... }:
let domain = "stats.xyno.space";
in {
ragon.agenix.secrets."plausibleAdminPw" = { };
ragon.agenix.secrets."plausibleReleaseCookie" = { };
ragon.agenix.secrets."plausibleSecretKeybase" = { };
ragon.agenix.secrets."plausibleGoogleClientId" = { };
ragon.agenix.secrets."plausibleGoogleClientSecret" = { };
ragon.agenix.secrets."smtpPassword" = { };
systemd.services.plausible.serviceConfig.LoadCredential = [
"GOOGLE_CLIENT_ID:${config.age.secrets.plausibleGoogleClientId.path}"
"GOOGLE_CLIENT_SECRET:${config.age.secrets.plausibleGoogleClientSecret.path}"
];
systemd.services.plausible.environment = {
IP_GEOLOCATION_DB = "${pkgs.unstable.dbip-country-lite}/share/dbip/dbip-country-lite.mmdb";
DATABASE_URL = "postgresql:///plausible?host=/run/postgresql";
};
# systemd.services.plausible.script =
# let cfg = config.services.plausible; in lib.mkForce ''
# # Elixir does not start up if `RELEASE_COOKIE` is not set,
# # even though we set `RELEASE_DISTRIBUTION=none` so the cookie should be unused.
# # Thus, make a random one, which should then be ignored.
# export RELEASE_COOKIE=$(tr -dc A-Za-z0-9 < /dev/urandom | head -c 20)
# export ADMIN_USER_PWD="$(< $CREDENTIALS_DIRECTORY/ADMIN_USER_PWD )"
# export SECRET_KEY_BASE="$(< $CREDENTIALS_DIRECTORY/SECRET_KEY_BASE )"
# ${lib.optionalString (
# cfg.mail.smtp.passwordFile != null
# ) ''export SMTP_USER_PWD="$(< $CREDENTIALS_DIRECTORY/SMTP_USER_PWD )"''}
# echo setup
# ${lib.optionalString cfg.database.postgres.setup ''
# # setup
# ${cfg.package}/createdb.sh
# ''}
# echo migrate
# ${cfg.package}/migrate.sh
# export IP_GEOLOCATION_DB=${pkgs.dbip-country-lite}/share/dbip/dbip-country-lite.mmdb
# # ${cfg.package}/bin/plausible eval "(Plausible.Release.prepare() ; Plausible.Auth.create_user(\"$ADMIN_USER_NAME\", \"$ADMIN_USER_EMAIL\", \"$ADMIN_USER_PWD\"))"
# echo start
# exec plausible start
# '';
services.plausible = {
enable = true;
package = pkgs.unstable.plausible;
# releaseCookiePath = config.age.secrets.plausibleSecretKeybase.path;
# adminUser = {
# # activate is used to skip the email verification of the admin-user that's
# # automatically created by plausible. This is only supported if
# # postgresql is configured by the module. This is done by default, but
# # can be turned off with services.plausible.database.postgres.setup.
# activate = true;
# email = "plausible@xyno.space";
# passwordFile = config.age.secrets.plausibleAdminPw.path;
# };
server = {
baseUrl = "https://${domain}";
secretKeybaseFile = config.age.secrets.plausibleSecretKeybase.path;
};
mail.email = "plausible@hailsatan.eu";
mail.smtp = {
user = "plausible@hailsatan.eu";
passwordFile = config.age.secrets.smtpPassword.path;
hostAddr = "mail.hailsatan.eu";
hostPort = 465;
enableSSL = true;
};
};
ragon.persist.extraDirectories = [ "/var/lib/private/plausible" "/var/lib/clickhouse" ];
}

189
old-conf/hosts/picard/xynospace-matrix.nix
View file

@ -1,189 +0,0 @@
{ config, pkgs, lib,inputs, ... }:
let
fqdn = "matrix.xyno.space";
serverName = "xyno.space";
localAddress = "192.168.100.11";
hostAddress = "192.168.100.10";
stateVer = config.system.stateVersion;
in
{
users.users.matrix-synapse = {
group = "matrix-synapse";
shell = "${pkgs.bash}/bin/bash";
uid = config.ids.uids.matrix-synapse;
};
users.groups.matrix-synapse = {
gid = config.ids.gids.matrix-synapse;
};
ragon.agenix.secrets."matrixSecrets" = { owner = "matrix-synapse"; };
services.postgresql.enable = true;
services.postgresql.initialScript = lib.mkForce (pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse-xynospace"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "matrix-synapse-xynospace" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse-xynospace" WITH OWNER "matrix-synapse-xynospace"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'');
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-+" ];
networking.nat.externalInterface = "ens3";
networking.firewall.trustedInterfaces = [ "ve-+" ];
users.users.slidingsync = { isSystemUser = true; group = "slidingsync"; uid = 990; };
users.groups.slidingsync = { gid = 988; };
# virtualisation.oci-containers.containers."matrix-sliding-sync" = {
# image = "ghcr.io/matrix-org/sliding-sync:latest";
# ports = [ "127.0.0.1:8009:8008" ];
# user = "${toString config.users.users.slidingsync.uid}:${toString config.users.groups.slidingsync.gid}";
# volumes = [
# "/run/postgresql:/run/postgresql"
# ];
# environmentFiles = [ config.age.secrets.picardSlidingSyncSecret.path ];
# environment = {
# SYNCV3_SERVER = "https://${fqdn}";
# SYNCV3_BINDADDR = ":8008";
# SYNCV3_DB = "host=/run/postgresql user=slidingsync dbname=slidingsync password=slidingsync";
# };
# };
services.postgresql = {
ensureDatabases = [ "slidingsync" ];
ensureUsers = [
{
name = "slidingsync";
ensureDBOwnership = true;
}
];
};
containers.xynospace-matrix = let ms = config.age.secrets.matrixSecrets.path; unst = pkgs.unstable; in {
config = { config, pkgs, ... }: {
# nixpkgs.overlays = [(self: super: {
# matrix-synapse-unwrapped = super.matrix-synapse-unwrapped.overrideAttrs (super: self: {
# src = inputs.synapse;
# # cargoHash = "sha256-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=";
# });
# })];
system.stateVersion = stateVer;
networking.firewall.allowedTCPPorts = [ 8008 ];
services.matrix-synapse = {
enable = true;
# package = unst.matrix-synapse;
settings.server_name = serverName;
extraConfigFiles = [ "/host${ms}" ];
settings.experimental.msc3575_enabled = true;
settings.database.args.user = "matrix-synapse-xynospace";
settings.database.name = "psycopg2";
settings.database.args.database = "matrix-synapse-xynospace";
settings.database.args.host = hostAddress;
settings.trusted_key_servers = [
{ server_name = "catgirl.cloud"; }
{ server_name = "kif.rocks"; }
{ server_name = "fachschaften.org"; }
{ server_name = "matrix.org"; }
];
settings.ip_range_whitelist = [
"2a03:4000:6:8120::1/128"
"37.120.178.81/32"
];
settings.database.args.password = "synapse";
settings.app_service_config_files = [
"/var/lib/signalbot.yaml"
"/var/lib/doublepuppet.yaml"
];
settings.listeners = [
{
port = 8008;
bind_addresses = [ localAddress ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [ "client" "federation" ];
compress = false;
}
];
}
];
};
};
inherit localAddress hostAddress;
privateNetwork = true;
autoStart = true;
bindMounts = {
"/host/run" = { hostPath = "/run"; isReadOnly = true; };
"/run/agenix.d" = { hostPath = "/run/agenix.d"; isReadOnly = true; };
};
};
services.nginx.virtualHosts = {
"${serverName}" = {
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig =
let
# use 443 instead of the default 8448 port to unite
# the client-server and server-server port for simplicity
server = { "m.server" = "${fqdn}:443"; };
in
''
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
locations."= /.well-known/matrix/client".extraConfig =
let
client = {
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; };
"org.matrix.msc3575.proxy" = { "url" = "https://slidingsync.ragon.xyz"; };
};
# ACAO required to allow element-web on any URL to request this json file
in
''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON client}';
'';
};
# Reverse proxy for Matrix client-server and server-server communication
"${fqdn}" = {
forceSSL = true;
enableACME = true;
# Or do a redirect instead of the 404, or whatever is appropriate for you.
# But do not put a Matrix Web client here! See the Element web section below.
locations."/".extraConfig = ''
return 404;
'';
# forward all Matrix API calls to the synapse Matrix homeserver
locations."/_matrix" = {
proxyPass = "http://${localAddress}:8008"; # without a trailing /
};
locations."/notifications" = {
proxyPass = "http://${localAddress}:8008"; # without a trailing /
};
locations."/_synapse/client" = {
proxyPass = "http://${localAddress}:8008"; # without a trailing /
};
locations."/health" = {
proxyPass = "http://${localAddress}:8008"; # without a trailing /
};
};
};
ragon.persist.extraDirectories = [
"/var/lib/nixos-containers"
];
services.postgresql.authentication = ''
host all all ${localAddress}/32 md5
'';
services.postgresql.settings.listen_addresses = lib.mkForce "localhost,${hostAddress}";
}

99
old-conf/hosts/theseus/builtin.kbd
View file

@ -1,99 +0,0 @@
(defcfg
;; ** For Linux **
input (device-file "/dev/input/by-id/usb-04d9_USB-HID_Keyboard-event-kbd")
;; input (device-file "/dev/input/by-path/platform-i8042-serio-0-event-kbd")
output (uinput-sink "KMonad output")
;; ** For Windows **
;; input (low-level-hook)
;; output (send-event-sink)
;; ** For MacOS **
;; input (iokit-name "my-keyboard-product-string")
;; output (kext)
fallthrough true
)
(defsrc
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w e r t y u i o p [ ]
caps a s d f g h j k l ; ' \ ret
lsft 102d z x c v b n m , . / rsft
lctl lmet lalt spc ralt rmet cmp rctl
)
(defalias
ext (layer-toggle extend) ;; Bind 'ext' to the Extend Layer
)
(defalias
cpy C-c
pst C-v
cut C-x
udo C-z
all C-a
fnd C-f
bk Back
fw Forward
)
(defalias
num (layer-toggle num)
t (tap-hold-next-release 200 t (layer-toggle hjkl))
)
(deflayer colemak-dh
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) @t g m n (tap-hold-next-release 200 e rmet) (tap-hold-next-release 200 i lalt) (tap-hold-next-release 200 o rctrl) ' \\ ret
lsft z x c d v 102d k h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer hjkl
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) t g m h j k l ' \\ ret
lsft z x c d v 102d k h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer num
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
esc 1 2 3 4 5 6 7 8 9 0 ' \\ ret
lsft z x c d v 102d k h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer colemak-dhk
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w f p b j l u y ; [ ]
@ext a r s t g k n e i o ' \\ ret
lsft z x c d v 102d m h , . / rsft
lctl lmet lalt spc ralt rmet _ _
)
(deflayer extend
_ play rewind previoussong nextsong ejectcd refresh brdn brup www mail prog1 prog2
_ f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 _
_ esc @bk @fnd @fw ins pgup home up end menu prnt slck
_ lalt lmet lsft lctl ralt pgdn lft down rght del caps _ _
_ @udo @cut @cpy tab @pst _ pgdn bks lsft lctl comp _
_ _ _ ret _ _ _ _
)
(deflayer empty
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _
)

387
old-conf/hosts/theseus/default.nix
View file

@ -1,387 +0,0 @@
{
config,
inputs,
pkgs,
lib,
...
}:
{
imports = [
./hardware-configuration.nix
./kmonad.nix
../../nixos-modules/networking/tailscale.nix
../../nixos-modules/services/ssh.nix
../../nixos-modules/system/agenix.nix
../../nixos-modules/system/persist.nix
../../nixos-modules/user
# ./gnome.nix
];
# For mount.cifs, required unless domain name resolution is not needed.
environment.systemPackages = [ pkgs.cifs-utils ];
nix.extraOptions = # devenv
''
trusted-users = root ragon
'';
users.extraGroups.plugdev = { };
services.udev.packages = [
pkgs.openocd
pkgs.probe-rs-tools
];
hardware.keyboard.zsa.enable = true;
services.tailscale.useRoutingFeatures = lib.mkForce "client";
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk ];
config = {
river = {
"org.freedesktop.impl.portal.Secret" = [
"gnome-keyring"
];
default = [
"gtk"
];
"org.freedesktop.impl.portal.Screenshot" = "wlr";
"org.freedesktop.impl.portal.ScreenCast" = "wlr";
};
};
};
ragon.agenix.secrets.smbSecrets = { };
# fileSystems."/data" = {
# device = "//ds9.kangaroo-galaxy.ts.net/data";
# fsType = "cifs";
# options = let
# automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
# in ["${automount_opts},credentials=${config.age.secrets.smbSecrets.path},uid=1000,gid=100"];
# };
# Don't Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.initrd.luks.devices.cryptroot.device =
"/dev/disk/by-uuid/4cd8dbb3-8eea-48ff-87b1-92945be291ac";
programs.fuse.userAllowOther = true;
programs.sway.enable = true;
programs.nix-ld.enable = true;
programs.gamescope.enable = true;
programs.wireshark.enable = true;
services.gnome.sushi.enable = true;
services.gnome.gnome-settings-daemon.enable = true;
services.gvfs.enable = true;
services.logind.extraConfig = ''
# supspend on pw button press
HandlePowerKey=suspend
'';
programs.kdeconnect.enable = true;
services.power-profiles-daemon.enable = true;
programs.sway.extraSessionCommands = ''
export NIXOS_OZONE_WL=1
'';
# start bt
hardware.bluetooth.enable = true;
services.blueman.enable = true;
# end bt
# start printing
services.avahi = {
enable = true;
nssmdns4 = true;
nssmdns6 = true;
openFirewall = true;
};
services.printing.enable = true;
services.printing.logLevel = "debug";
# end printing
programs.light.enable = true;
# networking.networkmanager.enable = true;
# networking.networkmanager.wifi.backend = "iwd";
networking.wireless.iwd.enable = true;
networking.useDHCP = lib.mkDefault true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.enable = true;
services.xserver.displayManager.gdm.wayland = true;
programs.seahorse.enable = true;
services.gnome.gnome-keyring.enable = true;
services.gnome.gnome-online-accounts.enable = true;
services.gnome.core-utilities.enable = true;
services.displayManager.defaultSession = "river";
programs.river.enable = true;
services.upower.enable = true;
users.users.ragon.extraGroups = [
"networkmanager"
"video"
"netdev"
"plugdev"
"dialout"
"tape"
"uucp"
"wireshark"
];
fonts.packages = with pkgs; [
nerdfonts
cantarell-fonts
dejavu_fonts
source-code-pro # Default monospace font in 3.32
source-sans
b612
];
services.pipewire = {
enable = true;
raopOpenFirewall = true; # airplay
pulse.enable = true;
extraConfig.pipewire = {
"9-clock-allow-higher" = {
"context.properties" = {
"default.clock.allowed-rates" = [
"44100"
"48000"
"96000"
"192000"
];
};
};
"10-raop-discover" = {
"context.modules" = [
{
name = "libpipewire-module-raop-discover";
args = { };
}
];
};
};
};
services.fwupd.enable = true;
programs.ssh.startAgent = true;
programs.evolution.enable = true;
services.gnome.evolution-data-server.enable = true;
services.flatpak.enable = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
# dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
home-manager.users.ragon =
{
pkgs,
lib,
inputs,
config,
...
}:
{
imports = [
../../hm-modules/helix
../../hm-modules/nushell
../../hm-modules/zellij
../../hm-modules/cli.nix
./swaycfg.nix
./work.nix
./river.nix
../../hm-modules/files.nix
inputs.wired.homeManagerModules.default
];
ragon.helix.enable = true;
ragon.nushell.enable = true;
ragon.nushell.isNixOS = true;
ragon.zellij.enable = true;
services.gnome-keyring.enable = true;
home.file.".config/wezterm/wezterm.lua".text = ''
local wezterm = require 'wezterm'
-- This will hold the configuration.
local config = wezterm.config_builder()
config.default_prog = { 'nu' }
config.hide_tab_bar_if_only_one_tab = true
config.max_fps = 144
config.font = wezterm.font 'Source Code Pro'
-- This is where you actually apply your config choices
-- For example, changing the color scheme:
config.color_scheme = 'Gruvbox Dark (Gogh)'
-- and finally, return the configuration to wezterm
return config
'';
services.syncthing.enable = true;
services.syncthing.tray.enable = true;
services.syncthing.tray.command = "syncthingtray --wait";
programs.firefox.nativeMessagingHosts = [
pkgs.unstable.firefoxpwa
pkgs.unstable.keepassxc
];
programs.firefox.enable = true;
home.packages = with pkgs; [
# inputs.wezterm.packages.${pkgs.system}.default
element-desktop # this is not a place of honor
discord # shitcord
unstable.signal-desktop
unstable.firefoxpwa
mosh
unstable.plexamp
# firefox
obsidian
thunderbird
# unstable.orca-slicer
diebahn
vlc
dolphin
# unstable.kicad
unstable.devenv
lutris
libsecret
mixxx
unstable.harsh
libreoffice-qt6-fresh
inkscape
easyeffects
dune3d
ptyxis
appimage-run
unstable.keepassxc
# unstable.zenbrowser
inputs.zen-browser.packages."${pkgs.system}".default
aerc
w3m
# filezilla
broot
];
home.file.".zshrc".text = lib.mkForce ''
# we're using nushell as our interactive shell
# so if zsh gets spawned by our terminal emulator, exec nu
cat /proc/$PPID/cmdline | grep -q alacritty && exec nu
'';
services.kdeconnect = {
enable = true;
indicator = true;
package = pkgs.kdePackages.kdeconnect-kde;
};
# home.persistence."/persistent/home/ragon" =
# {
# directories = [
# ".mozilla"
# ".cache"
# ".ssh"
# "docs"
# "Images"
# "Downloads"
# "Music"
# "Pictures"
# "Documents"
# "Videos"
# "VirtualBox VMs"
# ".gnupg"
# ".ssh"
# ".local/share/keyrings"
# ".local/share/direnv"
# ".local/share/Steam"
# ];
# allowOther = true;
# };
programs.home-manager.enable = true;
home.stateVersion = "24.05";
programs.alacritty = {
enable = true;
settings = {
font.normal.family = "JetBrainsMono NerdFont";
colors = {
primary = {
# hard contrast
background = "#1d2021";
# normal background = "#282828";
# soft contrast background = = "#32302f"
foreground = "#ebdbb2";
};
normal = {
black = "#282828";
red = "#cc241d";
green = "#98971a";
yellow = "#d79921";
blue = "#458588";
magenta = "#b16286";
cyan = "#689d6a";
white = "#a89984";
};
bright = {
black = "#928374";
red = "#fb4934";
green = "#b8bb26";
yellow = "#fabd2f";
blue = "#83a598";
magenta = "#d3869b";
cyan = "#8ec07c";
white = "#ebdbb2";
};
};
};
};
programs.borgmatic = {
enable = true;
backups.system =
let
notify = "${pkgs.libnotify}/bin/notify-send";
in
{
location.sourceDirectories = [ "/persistent" ];
location.repositories = [ { path = "ssh://ragon@ds9//backups/theseus"; } ];
location.extraConfig.exclude_if_present = [ ".nobackup" ];
storage.encryptionPasscommand = "${pkgs.libsecret}/bin/secret-tool lookup borg-repository system";
location.extraConfig.before_backup = [
"${notify} -u low -a borgmatic borgmatic \"starting backup\" -t 10000"
];
location.extraConfig.after_backup = [
"${notify} -u low -a borgmatic borgmatic \"finished backup\" -t 10000"
];
location.extraConfig.on_error = [
"${notify} -u critical -a borgmatic borgmatic \"backup failed<br>maybe unlock keepass\""
];
location.extraConfig.ssh_command = "ssh -o IdentityAgent=/run/user/1000/ssh-agent";
location.extraConfig.one_file_system = true;
retention = {
keepHourly = 24;
keepDaily = 7;
keepWeekly = 4;
keepMonthly = 12;
keepYearly = 2;
};
};
};
services.borgmatic.enable = true;
};
ragon = {
user.enable = true;
persist.enable = true;
persist.extraDirectories = [
"/var/lib/bluetooth"
"/var/lib/flatpak"
"/var/lib/iwd"
"/var/log" # lol
];
services = {
ssh.enable = true;
tailscale.enable = true;
};
};
}

16
old-conf/hosts/theseus/gnome.nix
View file

@ -1,16 +0,0 @@
{ pkgs, config, inputs, lib, ... }:
let
gnomeExtensions = with pkgs.gnomeExtensions; [
paperwm
gsconnect
];
gnomeExtensionUuids = map (x: x.extensionUuid) gnomeExtensions;
in
{
services.xserver.desktopManager.gnome.enable = true;
environment.systemPackages = gnomeExtensions;
home-manager.users.ragon.dconf.settings."org/gnome/shell" = {
"disable-user-extensions" = false;
enabled-extensions = gnomeExtensionUuids;
};
}

54
old-conf/hosts/theseus/hardware-configuration.nix
View file

@ -1,54 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, inputs, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
"${inputs.nixos-hardware}/framework/13-inch/7040-amd"
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.supportedFilesystems = { xfs = true; };
fileSystems."/persistent" =
{ device = "/dev/disk/by-uuid/ca79f433-163a-4c5c-b176-8e694a674dda";
fsType = "xfs";
neededForBoot = true;
};
fileSystems."/nix" = {
device = "/persistent/nix";
fsType = "none";
depends = ["/persistent"];
options = ["bind"];
};
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
options = [ "size=32G" "defaults" "mode=755"];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/DA11-68A6";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" "noauto" "x-systemd.automount" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.interfaces.enp195s0f3u1u3.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

Some files were not shown because too many files have changed in this diff Show more