From 7cff7f09c38ebf133e11bdaca12735b5be142bd9 Mon Sep 17 00:00:00 2001 From: Lucy Hochkamp Date: Mon, 6 Oct 2025 21:29:04 +0200 Subject: [PATCH] split waybar into multiple files --- flake.lock | 122 ++--- hm-modules/firefox.nix | 62 +++ hm-modules/helix.nix | 93 ++-- instances/ds9/services/woodpecker.nix | 2 +- instances/theseus/configuration.nix | 15 +- instances/theseus/default.nix | 1 + instances/theseus/hardware-configuration.nix | 8 +- modules/cli/fish.nix | 5 +- modules/cli/tmux.nix | 6 +- modules/desktop/foot.nix | 3 +- modules/desktop/niri.nix | 7 +- modules/desktop/waybar.nix | 451 ------------------ modules/desktop/waybar/cal.nix | 93 ++++ modules/desktop/waybar/default.nix | 250 ++++++++++ modules/desktop/waybar/kmonad.nix | 35 ++ modules/desktop/waybar/laptop.nix | 87 ++++ modules/desktop/waybar/niri.nix | 71 +++ .../{ => waybar}/waybar-wireplumber-db.patch | 0 modules/hardware/kmonad.nix | 3 + modules/hardware/kmonad/builtin.kbd | 61 +-- modules/hardware/smartcard.nix | 20 + modules/module-list.nix | 5 +- modules/presets/cli.nix | 31 +- modules/presets/development.nix | 2 +- modules/presets/gui.nix | 3 +- modules/user-services/khal.nix | 63 +++ overlays/default.nix | 13 +- secrets/desktop/calendar.yaml | 40 ++ sops.nix | 18 +- 29 files changed, 953 insertions(+), 617 deletions(-) delete mode 100644 modules/desktop/waybar.nix create mode 100644 modules/desktop/waybar/cal.nix create mode 100644 modules/desktop/waybar/default.nix create mode 100644 modules/desktop/waybar/kmonad.nix create mode 100644 modules/desktop/waybar/laptop.nix create mode 100644 modules/desktop/waybar/niri.nix rename modules/desktop/{ => waybar}/waybar-wireplumber-db.patch (100%) create mode 100644 modules/hardware/smartcard.nix create mode 100644 modules/user-services/khal.nix create mode 100644 secrets/desktop/calendar.yaml diff --git a/flake.lock b/flake.lock index 7bfda666..0715d670 100644 --- a/flake.lock +++ b/flake.lock @@ -16,11 +16,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1757676906, - "narHash": "sha256-2Zbde5orbGsYdzroe51P1AW8pFMCNyqHgLjmHYJvOmE=", + "lastModified": 1759322529, + "narHash": "sha256-yiv/g/tiJI3PI95F7vhTnaf1TDsIkFLrmmFTjWfb6pQ=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "04db807ac00ba6d62808ffab18b3b6d500b6f7cb", + "rev": "69fac057b2e553ee17c9a09b822d735823d65a6c", "type": "github" }, "original": { @@ -32,16 +32,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1755873658, - "narHash": "sha256-5l1g55b0xozGg0NaZFimiO5JbHGcudaNSEn1/XsweaU=", + "lastModified": 1759190535, + "narHash": "sha256-pIzDaoDWc58cY/XhsyweCwc4dfRvkaT/zqsV1gDSnCI=", "owner": "goauthentik", "repo": "authentik", - "rev": "dd7c6b29d950664deadbcf5390272619a8bf9a5e", + "rev": "8d3a289d12c7de2f244c76493af7880f70d08af2", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.8.1", + "ref": "version/2025.8.4", "repo": "authentik", "type": "github" } @@ -98,11 +98,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1754487366, - "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", + "rev": "4524271976b625a4a605beefd893f270620fd751", "type": "github" }, "original": { @@ -222,11 +222,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1757982959, - "narHash": "sha256-b2a0ikawsIBcqwM05mv4tjsn0YfptAEcdEcTNhOD8Pk=", + "lastModified": 1759759529, + "narHash": "sha256-t+fUXdpBv3r/nhciqJpkALCWdXGIeGfUshm1KfC69KM=", "owner": "helix-editor", "repo": "helix", - "rev": "c0921202a0a9f9e3003a845824d3365e2f08467f", + "rev": "c599e4e7ee5222692c6c2a2de1edc1994afb39ee", "type": "github" }, "original": { @@ -242,11 +242,11 @@ ] }, "locked": { - "lastModified": 1757997814, - "narHash": "sha256-F+1aoG+3NH4jDDEmhnDUReISyq6kQBBuktTUqCUWSiw=", + "lastModified": 1759761710, + "narHash": "sha256-6ZG7VZZsbg39gtziGSvCJKurhIahIuiCn+W6TGB5kOU=", "owner": "nix-community", "repo": "home-manager", - "rev": "5820376beb804de9acf07debaaff1ac84728b708", + "rev": "929535c3082afdf0b18afec5ea1ef14d7689ff1c", "type": "github" }, "original": { @@ -343,11 +343,11 @@ "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1757174863, - "narHash": "sha256-PFu4TTHm/GSbrBBl6waxSNyQfpMoC4YkL1RMXkb2gyE=", + "lastModified": 1759261417, + "narHash": "sha256-TjuoBb8+isL3KTdGgtYh90XPyeUMFbgNAOG9l23CB3A=", "owner": "mobile-nixos", "repo": "mobile-nixos", - "rev": "c3164daaf62a81d0c4bfab67e6763a4319212557", + "rev": "e6f6d527bf6abf94dd52fbba3143a720cef96431", "type": "github" }, "original": { @@ -359,11 +359,11 @@ "mtxclient": { "flake": false, "locked": { - "lastModified": 1754164950, - "narHash": "sha256-v/TaaGrCO3M86pF1P0O25iN0+s2t84iPKhgOtxZT0wQ=", + "lastModified": 1758395358, + "narHash": "sha256-zxpvRDKpp8sWSmf/xLgoHDWMzmdkQenZepXg+CoGtcg=", "owner": "Nheko-Reborn", "repo": "mtxclient", - "rev": "fa181521c2300d57ac4d3a833a059317b1ea6dc3", + "rev": "d6f10427d1c5e5b1a45f426274f8d2e8dd0b64be", "type": "github" }, "original": { @@ -422,11 +422,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1758000903, - "narHash": "sha256-FyfB40rl2mbRGIvF2/6Iwv9xHDxOmhaE1MhlV6Efsg4=", + "lastModified": 1759395653, + "narHash": "sha256-sv9J1z6CrTPf9lRJLyCN90fZVdQz7LFeX7pIlInH8BQ=", "owner": "YaLTeR", "repo": "niri", - "rev": "c30e5c91851d77d48ff2120f0e710501b19d61b4", + "rev": "ba6e5e082a79901dc89b0d49c5da1b769d652aec", "type": "github" }, "original": { @@ -437,11 +437,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1757943327, - "narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=", + "lastModified": 1759582739, + "narHash": "sha256-spZegilADH0q5OngM86u6NmXxduCNv5eX9vCiUPhOYc=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "67a709cfe5d0643dafd798b0b613ed579de8be05", + "rev": "3441b5242af7577230a78ffb03542add264179ab", "type": "github" }, "original": { @@ -453,11 +453,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1757745802, - "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -469,11 +469,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1753579242, - "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=", + "lastModified": 1754788789, + "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e", + "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", "type": "github" }, "original": { @@ -484,11 +484,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1758007619, - "narHash": "sha256-ADv63t4pEj5zhTAggwzyCbSpQosDtxKy0qg9cB9a1Eo=", + "lastModified": 1759769540, + "narHash": "sha256-s77ilbEVvMAjxjjWStsExk1vzBXCPsnQa1tKjGYo85M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "64334fda8d632bec7c80c9bef668ad9633a8dd64", + "rev": "dbe62f817c129a464d33bbae02bb36fb04871fa6", "type": "github" }, "original": { @@ -557,11 +557,11 @@ ] }, "locked": { - "lastModified": 1756087852, - "narHash": "sha256-4jc3JDQt75fYXFrglgqyzF6C6zLU0QGLymzian4aP+U=", + "lastModified": 1757296493, + "narHash": "sha256-6nzSZl28IwH2Vx8YSmd3t6TREHpDbKlDPK+dq1LKIZQ=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "6edb3ae27395cd88be3d64b732d1539957dad59c", + "rev": "5b8e37fe0077db5c1df3a5ee90a651345f085d38", "type": "github" }, "original": { @@ -578,11 +578,11 @@ ] }, "locked": { - "lastModified": 1756395552, - "narHash": "sha256-5aJM14MpoLk2cdZAetu60OkLQrtFLWTICAyn1EP7ZpM=", + "lastModified": 1757246327, + "narHash": "sha256-6pNlGhwOIMfhe/RLjHdpXveKS4FyLHvlGe+KtjDild4=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "030dffc235dcf240d918c651c78dc5f158067b51", + "rev": "8d77f342d66ad1601cdb9d97e9388b69f64d4c8e", "type": "github" }, "original": { @@ -620,11 +620,11 @@ ] }, "locked": { - "lastModified": 1740623427, - "narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=", + "lastModified": 1759631821, + "narHash": "sha256-V8A1L0FaU/aSXZ1QNJScxC12uP4hANeRBgI4YdhHeRM=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab", + "rev": "1d7cbdaad90f8a5255a89a6eddd8af24dc89cafe", "type": "github" }, "original": { @@ -662,11 +662,11 @@ ] }, "locked": { - "lastModified": 1752374969, - "narHash": "sha256-Ky3ynEkJXih7mvWyt9DWoiSiZGqPeHLU1tlBU4b0mcc=", + "lastModified": 1757989933, + "narHash": "sha256-9cpKYWWPCFhgwQTww8S94rTXgg8Q8ydFv9fXM6I8xQM=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "75fb000638e6d0f57cb1e8b7a4550cbdd8c76f1d", + "rev": "8249aa3442fb9b45e615a35f39eca2fe5510d7c3", "type": "github" }, "original": { @@ -703,11 +703,11 @@ ] }, "locked": { - "lastModified": 1758007585, - "narHash": "sha256-HYnwlbY6RE5xVd5rh0bYw77pnD8lOgbT4mlrfjgNZ0c=", + "lastModified": 1759635238, + "narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=", "owner": "Mic92", "repo": "sops-nix", - "rev": "f77d4cfa075c3de66fc9976b80e0c4fc69e2c139", + "rev": "6e5a38e08a2c31ae687504196a230ae00ea95133", "type": "github" }, "original": { @@ -795,11 +795,11 @@ ] }, "locked": { - "lastModified": 1756466761, - "narHash": "sha256-ALXRHIMXQ4qVNfCbcWykC23MjMwUoHn9BreoBfqmq0Y=", + "lastModified": 1757925761, + "narHash": "sha256-7Hwz0vfHuFqCo5v7Q07GQgLBWuPvZCuf/5/pk4NoADg=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "0529e6d8227517205afcd1b37eee3088db745730", + "rev": "780494c40895bb7419a73d942bee326291e80b3b", "type": "github" }, "original": { @@ -817,11 +817,11 @@ "rust-overlay": "rust-overlay_4" }, "locked": { - "lastModified": 1757179758, - "narHash": "sha256-TIvyWzRt1miQj6Cf5Wy8Qz43XIZX7c4vTVwRLAT5S4Y=", + "lastModified": 1759707084, + "narHash": "sha256-0pkftKs6/LReNvxw7DVTN2AJEheZVgyeK0Aarbagi70=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "970728d0d9d1eada342bb8860af214b601139e58", + "rev": "a9188e70bd748118b4d56a529871b9de5adb9988", "type": "github" }, "original": { @@ -838,11 +838,11 @@ ] }, "locked": { - "lastModified": 1757999874, - "narHash": "sha256-kgV3ms4hR86tIxaNAYJI8NNgkmEygN+JwkXCPAx2P2U=", + "lastModified": 1759724568, + "narHash": "sha256-i/+YcMMMFXeUKWbR683eoxyz+4Jcb01MHVCjj6OHl0Y=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "7dcbd22ca3943e4cfb3122f96cf515f028b3236a", + "rev": "b63e1644c96baaaccb78f8d3101f39fbfee733cb", "type": "github" }, "original": { diff --git a/hm-modules/firefox.nix b/hm-modules/firefox.nix index 638007d6..b88ec901 100644 --- a/hm-modules/firefox.nix +++ b/hm-modules/firefox.nix @@ -42,12 +42,28 @@ in moz = name: "https://addons.mozilla.org/firefox/downloads/latest/${name}/latest.xpi"; in { + "{d07ccf11-c0cd-4938-a265-2a4d6ad01189}" = { + # web archives + default_area = "navbar"; + install_url = moz "view_page_archive"; + installation_mode = "force_installed"; + private_browsing = true; + }; + "de_DE@dicts.j3e.de" = { + install_url = moz "german_dictionary_de_de_for_sp"; + }; "uBlock0@raymondhill.net" = { default_area = "menupanel"; install_url = moz "ublock-origin"; installation_mode = "force_installed"; private_browsing = true; }; + "uMatrix@raymondhill.net" = { + default_area = "menupanel"; + install_url = moz "umatrix"; + installation_mode = "force_installed"; + private_browsing = true; + }; "vimium-c@gdh1995.cn" = { default_area = "navbar"; install_url = moz "vimium-c"; @@ -154,10 +170,21 @@ in "privacy.trackingprotection.enabled" = true; "privacy.trackingprotection.socialtracking.enabled" = true; "privacy.trackingprotection.emailtracking.enabled" = true; + "privacy.fingerprintingProtection" = true; + "privacy.clearOnShutdown_v2.formdata" = true; + "privacy.history.custom" = true; + "privacy.query_stripping.enabled" = true; + + "extensions.formautofill.addresses.enabled" = false; + "extensions.formautofill.creditCards.enabled" = false; "zen.view.use-single-toolbar" = false; "zen.welcome-screen.seen" = true; + "browser.translations.neverTranslateLanguages" = "de"; + "dom.security.https_only_mode" = true; + "dom.security.https_only_mode_ever_enabled" = true; + # things ripped from https://github.com/yokoffing/Betterfox/blob/main/Fastfox.js "media.memory_cache_max_size" = 65536; "media.cache_readahead_limit" = 7200; @@ -225,6 +252,13 @@ in ]; url = "https://nixos.org/manual/nixos/stable/#sec-option-declarations"; } + { + name = "Home Manager Options"; + tags = [ + "nix" + ]; + url = "https://nix-community.github.io/home-manager/options.xhtml"; + } { name = "homepage"; url = "https://nixos.org/"; @@ -244,6 +278,34 @@ in extensions.force = true; extensions.settings = { + "{d07ccf11-c0cd-4938-a265-2a4d6ad01189}".settings = { + engines = [ + "archiveIs" + "archiveOrg" + "archiveOrgAll" + "yandex" + "archiveIsAll" + "memento" + "permacc" + "megalodon" + "ghostarchive" + "webcite" + ]; + menuItems = [ + "openCurrentDoc_1" + "sep_1" + "search_allEngines_1" + "sep_2" + "search_archiveIs_1" + "search_archiveOrg_1" + "search_yandex_1" + "search_memento_1" + "search_permacc_1" + "search_megalodon_1" + "search_ghostarchive_1" + "search_webcite_1" + ]; + }; "vimium-c@gdh1995.cn".settings = { searchEngines = '' g|go|gg|google|Google: https://www.google.com/search?q=%s \\ diff --git a/hm-modules/helix.nix b/hm-modules/helix.nix index db7fcdb9..fe243c55 100644 --- a/hm-modules/helix.nix +++ b/hm-modules/helix.nix @@ -1,4 +1,10 @@ -{ pkgs, config, lib, inputs, ... }: +{ + pkgs, + config, + lib, + inputs, + ... +}: with lib; let cfg = config.xyno.helix; @@ -7,26 +13,30 @@ in options.xyno.helix.enable = mkOption { default = false; }; options.xyno.helix.withLargeLSPs = mkOption { default = false; }; config = mkIf cfg.enable { - home.packages = with pkgs; [ - nixpkgs-fmt - # omnisharp-roslyn - ## ts - # nodePackages_latest.prettier - dprint - markdown-oxide - ## python - # ruff-lsp - # nodePackages_latest.pyright - # inputs.csharp-language-server.packages.${pkgs.system}.csharp-language-server - ] ++ (optionals cfg.withLargeLSPs [ - netcoredbg - nodePackages_latest.typescript-language-server - nodePackages_latest.vscode-langservers-extracted - typescript - jsonnet-language-server - jsonnet - - ]); + home.packages = + with pkgs; + [ + nixpkgs-fmt + # omnisharp-roslyn + ## ts + # nodePackages_latest.prettier + dprint + markdown-oxide + ## python + # ruff-lsp + # nodePackages_latest.pyright + # inputs.csharp-language-server.packages.${pkgs.system}.csharp-language-server + ] + ++ (optionals cfg.withLargeLSPs [ + netcoredbg + nodePackages_latest.typescript-language-server + nodePackages_latest.vscode-langservers-extracted + typescript + jsonnet-language-server + jsonnet + lazygit + + ]); programs.helix = { package = inputs.helix.packages.${pkgs.system}.default; enable = true; @@ -94,6 +104,13 @@ in keys = { normal = { space."=" = ":fmt"; + "C-g" = + ":sh tmux popup -d \"#{pane_current_path}\" -xC -yC -w80%% -h80%% -E lazygit"; + "C-t" = ":sh tmux split-window -v -l '35%%'"; + "C-h" = ":sh tmux select-pane -t '{left-of}'"; + "C-l" = ":sh tmux select-pane -t '{right-of}'"; + "C-j" = ":sh tmux select-pane -t '{down-of}'"; + "C-k" = ":sh tmux select-pane -t '{up-of}'"; # smart tab++ tab = "move_parent_node_end"; @@ -110,13 +127,15 @@ in }; }; - }; languages = { language-server.pyright.config.python.analysis.typeCheckingMode = "basic"; language-server.ruff = { command = "ruff-lsp"; - config.settings.args = [ "--ignore" "E501" ]; + config.settings.args = [ + "--ignore" + "E501" + ]; }; language-server.csharp = { command = "csharp-language-server"; @@ -125,22 +144,40 @@ in (map (x: { name = x; - language-servers = [ "typescript-language-server" "eslint" ]; + language-servers = [ + "typescript-language-server" + "eslint" + ]; #formatter = { command = "dprint"; args = [ "fmt" "--stdin" x ]; }; # formatter = { command = "prettier"; args = [ "--parser" "typescript" ]; }; - }) [ "typescript" "javascript" "jsx" "tsx" ]) + }) + [ + "typescript" + "javascript" + "jsx" + "tsx" + ] + ) { name = "nix"; - formatter = { command = "nixpkgs-fmt"; }; + formatter = { + command = "nixpkgs-fmt"; + }; } { name = "python"; - language-servers = [ "pyright" "ruff" ]; + language-servers = [ + "pyright" + "ruff" + ]; } { name = "c-sharp"; language-servers = [ "csharp" ]; - formatter = { command = "dotnet"; args = [ "csharpier" ]; }; + formatter = { + command = "dotnet"; + args = [ "csharpier" ]; + }; } ]; diff --git a/instances/ds9/services/woodpecker.nix b/instances/ds9/services/woodpecker.nix index 99f347db..2c052e8a 100644 --- a/instances/ds9/services/woodpecker.nix +++ b/instances/ds9/services/woodpecker.nix @@ -52,7 +52,7 @@ WOODPECKER_SERVER = "[::1]:19000"; WOODPECKER_BACKEND = "docker"; WOODPECKER_MAX_WORKFLOWS = 4; - DOCKER_HOST = "unix:///run/podman/podman.sock"; + DOCKER_HOST = "unix:///run/podman/podman.sock"; # the woodpecker can have a little podman. as a treat }; environmentFile = [ config.sops.secrets."woodpecker/agent_secret".path diff --git a/instances/theseus/configuration.nix b/instances/theseus/configuration.nix index 6b2b138c..f8067c29 100644 --- a/instances/theseus/configuration.nix +++ b/instances/theseus/configuration.nix @@ -15,7 +15,10 @@ in nixpkgs.system = "x86_64-linux"; imports = [ ./hardware-configuration.nix ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - services.fido2-hid-bridge.enable = true; + + # TODO: remove when turning on impermanence + sops.gnupg.sshKeyPaths = [ "/etc/ssh/ssh_host_rsa_key" ]; + home-manager.users.${config.xyno.system.user.name} = ( { ... }: { @@ -25,8 +28,6 @@ in nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" ]; - services.vsmartcard-vpcd.enable = true; - hardware.gpgSmartcards.enable = true; networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 35963 ]; security.wrappers.unfuck-wifi = { owner = "root"; @@ -47,7 +48,7 @@ in pandoc tectonic rquickshare - supersonic + supersonic-wayland nheko anki-bin gimp3 @@ -59,10 +60,15 @@ in pencil2d python311Packages.brother-ql ptouch-print + hledger ]; + environment.variables."LEDGER_FILE" = "~/docs/hledger/main.journal"; time.timeZone = "Europe/Berlin"; + + + # orcaslicer networking.firewall.allowedTCPPorts = [ 1880 2021 @@ -77,6 +83,7 @@ in xyno.common.enable = true; xyno.desktop.common-programs.enable = true; xyno.hardware.kmonad.enable = true; + xyno.hardware.smartcard.enable = true; xyno.presets.cli.enable = true; xyno.presets.gui.enable = true; xyno.presets.development.enable = true; diff --git a/instances/theseus/default.nix b/instances/theseus/default.nix index eec9edd0..9a769c61 100644 --- a/instances/theseus/default.nix +++ b/instances/theseus/default.nix @@ -1,6 +1,7 @@ { modules = [ ./configuration.nix ]; hostName = "theseus"; + sopsKey = "4019fd893bba15618c2f93a38ef418ce360bc418"; wg = { pubKey = ""; }; diff --git a/instances/theseus/hardware-configuration.nix b/instances/theseus/hardware-configuration.nix index 100ae330..8f595bdc 100644 --- a/instances/theseus/hardware-configuration.nix +++ b/instances/theseus/hardware-configuration.nix @@ -60,9 +60,11 @@ ]; }; - swapDevices = [ - { device = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; } - ]; + # swapDevices = [ + # { device = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; } + # ]; + zramSwap.enable = true; + zramSwap.writebackDevice = "/dev/disk/by-uuid/96c380b3-4498-4eb8-8a18-5eebe2a41428"; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/modules/cli/fish.nix b/modules/cli/fish.nix index d9c3105c..429bfc76 100644 --- a/modules/cli/fish.nix +++ b/modules/cli/fish.nix @@ -13,7 +13,7 @@ in programs.bash = { # auto spawn fish if interactive interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + if [[ ($(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING}) || -n "$IN_NIX_SHELL" ]] then shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" exec ${pkgs.fish}/bin/fish $LOGIN_OPTION @@ -26,8 +26,11 @@ in fzf # needed for reverse history search ]; programs.direnv.enableFishIntegration = true; + programs.fish.generateCompletions = true; programs.fish.interactiveShellInit = '' set -g fish_key_bindings fish_vi_key_bindings + function fish_greeting + end function y set tmp (mktemp -t "yazi-cwd.XXXXXX") yazi $argv --cwd-file="$tmp" diff --git a/modules/cli/tmux.nix b/modules/cli/tmux.nix index a41315f3..2423624e 100644 --- a/modules/cli/tmux.nix +++ b/modules/cli/tmux.nix @@ -17,15 +17,17 @@ in historyLimit = 10000; plugins = with pkgs.tmuxPlugins; [ vim-tmux-navigator + gruvbox ]; + escapeTime = 0; + terminal = "tmux-256color"; + # newSession = true; extraConfig = '' - set -sg escape-time 0 # makes vim esc usable new-session -s main bind-key -n C-e send-prefix bind '"' split-window -c "#{pane_current_path}" bind % split-window -h -c "#{pane_current_path}" bind c new-window -c "#{pane_current_path}" - # set-option -g default-terminal "tmux-256color" # set -as terminal-overrides ',xterm*:Tc:sitm=\E[3m' ''; }; diff --git a/modules/desktop/foot.nix b/modules/desktop/foot.nix index 43e9d2a6..26835538 100644 --- a/modules/desktop/foot.nix +++ b/modules/desktop/foot.nix @@ -29,7 +29,8 @@ in theme = "gruvbox-dark"; settings = { main = { - font = "JetBrainsMono Nerd Font:size=11"; + font = "JetBrainsMono Nerd Font:size=11, Noto Color Emoji:size=10"; + term = "foot"; }; scrollback = { lines = 100000; diff --git a/modules/desktop/niri.nix b/modules/desktop/niri.nix index 4c0174c8..fd4115fd 100644 --- a/modules/desktop/niri.nix +++ b/modules/desktop/niri.nix @@ -102,8 +102,9 @@ in binds { Mod+D { spawn "${cfg.launcher}"; } Mod+Alt+L { spawn "lock"; } - Mod+T { spawn "${cfg.term}"; } - Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "yazi"; } + Mod+T { spawn "${cfg.term}" "tmux" "new-session" "-t" "main"; } + Mod+Shift+T { spawn "${cfg.term}"; } + Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "-W" "120x37" "yazi"; } Mod+P { spawn "keepassxc"; } Mod+S { spawn "qalculate-qt"; } Mod+Shift+N { spawn "makoctl" "dismiss" "-a"; } @@ -417,7 +418,7 @@ in keyboard { xkb { layout "eu" - // options "compose:lalt" + options "compose:caps,mod_led:compose" } } touchpad { diff --git a/modules/desktop/waybar.nix b/modules/desktop/waybar.nix deleted file mode 100644 index ff59deb3..00000000 --- a/modules/desktop/waybar.nix +++ /dev/null @@ -1,451 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: -let - cfg = config.xyno.desktop.waybar; - json = pkgs.formats.json { }; - waybarCfg = { - layer = "top"; - position = "top"; - height = 20; - modules-left = - (lib.optionals (cfg.mode == "river") [ - "river/tags" - "river/layout" - "river/window" - ]) - ++ (lib.optionals (cfg.mode == "niri") [ - "niri/workspaces" - "niri/window" - ]); - modules-right = [ - "tray" - "idle_inhibitor" - "wireplumber" - "battery" - "power-profiles-daemon" - "backlight" - "temperature" - "cpu" - "memory" - "disk" - "network" - "clock" - ]; - "power-profiles-daemon" = { - format = "{icon} "; - tooltip-format = "Power profile: {profile}\nDriver: {driver}"; - tooltip = true; - format-icons = { - "default" = ""; - "performance" = ""; - "balanced" = ""; - "power-saver" = ""; - }; - }; - "river/window" = { - max-length = 40; - }; - "niri/window" = { - max-length = 80; - }; - wireplumber = { - "format" = "{icon} {volume:.2f} dB"; - "format-muted" = " -inf dB"; - # "on-click" = "${pkgs.pwvucontrol}/bin/pwvucontrol"; - "on-click" = "${pkgs.pavucontrol}/bin/pavucontrol"; - "on-click-right" = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; - "on-scroll-up" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%+"; - "on-scroll-down" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%-"; - "format-icons" = [ - "" - "" - "" - ]; - }; - "backlight" = { - "device" = "amdgpu_bl1"; - "format" = "{icon} {percent}%"; - "format-icons" = [ - "󰃚" - "󰃛" - "󰃜" - "󰃝" - "󰃞" - "󰃟" - "󰃠" - ]; - "on-scroll-up" = "${pkgs.light}/bin/light -A 5"; - "on-scroll-down" = "${pkgs.light}/bin/light -U 5"; - }; - "idle_inhibitor" = { - format = "{icon} "; - format-icons = { - "activated" = "󰅶"; - "deactivated" = "󰾪"; - }; - }; - battery = { - "states" = { - "warning" = 30; - "critical" = 15; - }; - "format" = "{icon} {capacity}%"; - "format-icons" = [ - "" - "" - "" - "" - "" - ]; - "tooltip-format" = "Capacity: {capacity}%\nPower Draw: {power:0.2f}W\n{timeTo}\nCycles: {cycles}"; - "max-length" = 25; - }; - "cpu" = { - "interval" = 10; - "format" = " {:0.0f}%"; - "max-length" = 10; - }; - "temperature" = { - "format" = " {temperatureC}°C"; - }; - memory = { - interval = 30; - format = " {used:0.0f}/{total:0.0f}GB"; - }; - clock = { - interval = 1; - format = "{:%a %Y-%m-%dT%H:%M:%S%z}"; - "tooltip-format" = "{calendar}"; - "calendar" = { - "mode" = "year"; - "mode-mon-col" = 3; - "weeks-pos" = "right"; - "on-scroll" = 1; - "format" = { - "months" = "{}"; - "days" = "{}"; - "weeks" = "W{}"; - "weekdays" = "{}"; - "today" = "{}"; - }; - }; - "actions" = { - "on-click-right" = "mode"; - "on-scroll-up" = "shift_up"; - "on-scroll-down" = "shift_down"; - }; - }; - disk = { - format = "󰋊 {specific_used:0.1f}/{specific_total:0.1f}TB"; - unit = "TB"; - path = "/"; - }; - "network" = { - "on-click" = - "${pkgs.alacritty}/bin/alacritty --class floating-alacritty -e ${pkgs.impala}/bin/impala"; - "format" = "{ifname}"; - "format-wifi" = "󰖩 {essid}"; - "format-ethernet" = "󰈀 {ifname}"; - "format-disconnected" = "󰖪 "; - "tooltip-format" = "{ifname} via {gwaddr}\n{ipaddr}/{cidr}"; - "tooltip-format-wifi" = "{essid} ({signaldBm} dBm) {frequency} GHz\n{ipaddr}/{cidr}"; - "tooltip-format-ethernet" = "{ifname}\n{ipaddr}/{cidr}"; - "tooltip-format-disconnected" = "Disconnected"; - "max-length" = 50; - }; - }; - waybarCfgFile = json.generate "waybar-config.json" waybarCfg; - waybarStyleCss = '' - - * { - /* `otf-font-awesome` is required to be installed for icons */ - font-family: "Source Sans 3"; - font-size: 11px; - } - - - window#waybar { - color: #a89984; - background-color: #1d2021; - } - - window#waybar.hidden { - opacity: 0.2; - } - - /* - window#waybar.empty { - background-color: transparent; - } - window#waybar.solo { - background-color: #FFFFFF; - } - */ - - /*window#waybar.termite { - background-color: #3F3F3F; - } - - window#waybar.chromium { - background-color: #000000; - border: none; - }*/ - - #workspaces button { - padding: 0 2px; - background-color: #1d2021; - color: #ebdbb2; - /* Use box-shadow instead of border so the text isn't offset */ - box-shadow: inset 0 -3px transparent; - /* Avoid rounded borders under each workspace name */ - border: none; - border-radius: 0; - } - - /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ - #workspaces button:hover { - background: rgba(0, 0, 0, 0.2); - /* box-shadow: inset 0 -3px #fbf1c7; - */ - background-color: #3c3836; - } - - #workspaces button.focused { - /* box-shadow: inset 0 -3px #fbf1c7; - */ - background-color: #3c3836; - color: #ebdbb2; - } - - #workspaces button.occupied { - color: #d3869b; - } - #workspaces button.urgent { - background-color: #cc241d; - color: #ebdbb2; - } - - #mode { - background-color: #64727D; - border-bottom: 3px solid #fbf1c7; - } - - #clock, - #battery, - #cpu, - #memory, - #disk, - #temperature, - #backlight, - #network, - #pulseaudio, - #custom-media, - #tray, - #mode, - #idle_inhibitor, - #custom-poweroff, - #custom-suspend, - #mpd { - padding: 0 2px; - background-color: #1d2021; - color: #ebdbb2; - } - - #window, - #workspaces, - #tags { - margin: 0 2px; - } - - /* If workspaces is the leftmost module, omit left margin */ - .modules-left > widget:first-child > #workspaces { - margin-left: 0; - } - - /* If workspaces is the rightmost module, omit right margin */ - .modules-right > widget:last-child > #workspaces { - margin-right: 0; - } - - - #battery { - color: #d3869b; - } - - #battery.charging, #battery.plugged { - color: #98971a; - } - - @keyframes blink { - to { - background-color: #fbf1c7; - color: #df3f71; - } - } - - #battery.critical:not(.charging) { - background-color: #1d2021; - color: #d3869b; - animation-name: blink; - animation-duration: 0.5s; - animation-timing-function: linear; - animation-iteration-count: infinite; - animation-direction: alternate; - } - - label:focus { - background-color: #000000; - } - - #backlight { - color: #458588; - } - - #temperature { - color: #fabd2f; - } - - #temperature.critical { - background-color: #fbf1c7; - color: #b57614; - } - - #memory { - color: #FCF434; /* enby yellow */ - } - #disk { - color: #FFFFFF; /* enby white */ - } - #network { - color: #b8bb26; /* enby green */ - } - #clock { - color: #9C59D1; /* enby purple */ - /*color: #2C2C2C; enby black */ - } - - - #network.disconnected { - background-color: #fbf1c7; - color: #9d0006; - } - - - #wireplumber { - color: #fe8019; - } - - #tray { - } - - #tray > .needs-attention { - background-color: #fbf1c7; - color: #3c3836; - } - - #idle_inhibitor { - background-color: #1d2021; - color: #ebdbb2; - } - - #idle_inhibitor.activated { - background-color: #fbf1c7; - color: #3c3836; - } - - #custom-media { - background-color: #66cc99; - color: #2a5c45; - min-width: 100px; - } - - #custom-media.custom-spotify { - background-color: #66cc99; - } - - #custom-media.custom-vlc { - background-color: #ffa000; - } - - #mpd { - background-color: #66cc99; - color: #2a5c45; - } - - #mpd.disconnected { - background-color: #f53c3c; - } - - #mpd.stopped { - background-color: #90b1b1; - } - - #mpd.paused { - background-color: #51a37a; - } - - #language { - background: #00b093; - color: #740864; - padding: 0 5px; - margin: 0 5px; - min-width: 16px; - } - - #keyboard-state { - background: #97e1ad; - color: #000000; - padding: 0 0px; - margin: 0 5px; - min-width: 16px; - } - - #keyboard-state > label { - padding: 0 5px; - } - - #keyboard-state > label.locked { - background: rgba(0, 0, 0, 0.2); - } - ''; - waybarCssFile = pkgs.writeText "waybar.css" waybarStyleCss; - -in -{ - options.xyno.desktop.waybar.enable = lib.mkEnableOption "enable mako notification daemon"; - options.xyno.desktop.waybar.wantedBy = lib.mkOption { - type = lib.types.str; - default = "niri.service"; - }; - options.xyno.desktop.waybar.package = lib.mkOption { - type = lib.types.package; - default = pkgs.unstable.waybar; - }; - options.xyno.desktop.waybar.mode = lib.mkOption { - type = lib.types.str; - default = "niri"; - }; - config = lib.mkIf cfg.enable { - programs.waybar.enable = true; - programs.waybar.package = cfg.package.overrideAttrs (super: { - # version = super.version + "-patched"; - patches = [ - ./waybar-wireplumber-db.patch - ]; - }); - programs.light.enable = true; - - systemd.user.services.waybar.wantedBy = lib.mkForce [ cfg.wantedBy ]; - systemd.user.services.waybar.restartTriggers = [ - waybarCfgFile - waybarCssFile - ]; - environment.etc."xdg/waybar/config".source = waybarCfgFile; - environment.etc."xdg/waybar/style.css".source = waybarCssFile; - - }; -} diff --git a/modules/desktop/waybar/cal.nix b/modules/desktop/waybar/cal.nix new file mode 100644 index 00000000..1c854ef9 --- /dev/null +++ b/modules/desktop/waybar/cal.nix @@ -0,0 +1,93 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +let + calwatcher = + (pkgs.writeShellApplication { + name = "calwatcher"; + runtimeInputs = [ + pkgs.inotify-tools + pkgs.khal + pkgs.jq + ]; + text = '' + # in parts ripped from https://git.sr.ht/~whynothugo/dotfiles/tree/3768ec57/item/home/.local/lib/waybar-khal + render() { + # Find events starting in two minutes. + # So if my current event ends in two minutes and another one starts, the + # widget is already updated with what's upcoming. + SINCE="$(date -d 'now +2 min' '+%FT%H:%M:%S')" + UNTIL="1d" + + EVENT="$( + khal list "$SINCE" "$UNTIL" \ + --day-format 'SKIPME' \ + --format "{start-end-time-style} {title:.31}{repeat-symbol}" | + grep -v SKIPME | # filter out headers + grep -v -P '↦|↔ |⇥' | # filter out continuing all day events + grep -v '^ ' | # exclude full-day events + head -n 1 # show just the first + )" + + if [ -z "$EVENT" ]; then + TEXT=" (nothing upcoming)" + CLASS="no-event" + else + TEXT=" $EVENT" + CLASS="event" + fi + + jq --compact-output \ + --null-input \ + --arg text "$TEXT" \ + --arg class "$CLASS" \ + --arg tooltip "$(khal list today 7d --day-format '{name} {date-long}')" \ + '{"text": $text, "class": $class, "tooltip": $tooltip}' + } + + render # Render once for initial state. + + # In order to make sure events are updated as time passes, this re-renderes + # every two minutes. That aside, whenever a calendar event changes, we alreays + # re-render immediately. + # + # It would be ideal to determine _when_ the current event ends, and set the + # timeout accordinly. That would require parsing khal's output a bit more. + while true; do + (inotifywait \ + --event modify \ + --event create \ + --event delete \ + --event close_write \ + --event moved_to \ + --event move \ + --monitor \ + --timeout 120 \ + --recursive \ + "$HOME/.calendars" 2> /dev/null) || true | \ + while read -r _; do + render + timeout 3 cat || true # debounce for 3s, https://stackoverflow.com/a/69945839 + done + done + ''; + + }) + + "/bin/calwatcher"; +in +lib.mkIf (config.xyno.user-services.khal.enable) { + xyno.desktop.waybar.config = { + "custom/cal" = { + exec = calwatcher; + restart-interval = 5; + return-type = "json"; + "on-click" = "${pkgs.foot}/bin/footclient --app-id floating-alacritty ${pkgs.khal}/bin/ikhal"; + }; + modules-right = mkOrder 1999 [ "custom/cal" ]; # left of clock, right of everything else + }; + +} diff --git a/modules/desktop/waybar/default.nix b/modules/desktop/waybar/default.nix new file mode 100644 index 00000000..63ed8a19 --- /dev/null +++ b/modules/desktop/waybar/default.nix @@ -0,0 +1,250 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +let + cfg = config.xyno.desktop.waybar; + json = pkgs.formats.json { }; + +in +{ + options.xyno.desktop.waybar.enable = mkEnableOption "enable mako notification daemon"; + options.xyno.desktop.waybar.wantedBy = mkOption { + type = types.str; + default = "niri.service"; + }; + options.xyno.desktop.waybar.package = mkOption { + type = types.package; + default = pkgs.unstable.waybar; + }; + options.xyno.desktop.waybar.config = mkOption { + type = json.type; + default = { modules-left = []; modules-right = []; }; + }; + options.xyno.desktop.waybar.style = mkOption { + type = types.lines; + default = ""; + }; + imports = [ + ./cal.nix + ./kmonad.nix + ./laptop.nix + ./niri.nix + ]; + config = mkIf cfg.enable { + programs.waybar.enable = true; + programs.waybar.package = cfg.package.overrideAttrs (super: { + # version = super.version + "-patched"; + patches = [ + ./waybar-wireplumber-db.patch + ]; + }); + + systemd.user.services.waybar.wantedBy = mkForce [ cfg.wantedBy ]; + environment.etc."xdg/waybar/config".source = json.generate "waybar-config.json" cfg.config; + environment.etc."xdg/waybar/style.css".source = pkgs.writeText "waybar.css" cfg.style; + + xyno.desktop.waybar.config = { + layer = "top"; + position = "top"; + height = 20; + modules-right = mkMerge [ + (mkBefore [ + "tray" + "idle_inhibitor" + "wireplumber" + ]) + (mkAfter [ + "temperature" + "cpu" + "memory" + "disk" + "network" + ]) + (mkOrder 2000 [ "clock" ]) + ]; + wireplumber = { + "format" = "{icon} {volume:.2f} dB"; + "format-muted" = " -inf dB"; + # "on-click" = "${pkgs.pwvucontrol}/bin/pwvucontrol"; + "on-click" = "${pkgs.pavucontrol}/bin/pavucontrol"; + "on-click-right" = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; + "on-scroll-up" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%+"; + "on-scroll-down" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ -l 1 1%-"; + "format-icons" = [ + "" + "" + "" + ]; + }; + "idle_inhibitor" = { + format = "{icon} "; + format-icons = { + "activated" = "󰅶"; + "deactivated" = "󰾪"; + }; + }; + "cpu" = { + "interval" = 10; + "format" = " {:0.0f}%"; + "max-length" = 10; + }; + "temperature" = { + "format" = " {temperatureC}°C"; + }; + memory = { + interval = 30; + format = " {used:0.0f}/{total:0.0f}GB"; + }; + clock = { + interval = 1; + format = "{:%a %Y-%m-%dT%H:%M:%S%z}"; + "tooltip-format" = "{calendar}"; + "calendar" = { + "mode" = "year"; + "mode-mon-col" = 3; + "weeks-pos" = "right"; + "on-scroll" = 1; + "format" = { + "months" = "{}"; + "days" = "{}"; + "weeks" = "W{}"; + "weekdays" = "{}"; + "today" = "{}"; + }; + }; + "actions" = { + "on-click-right" = "mode"; + "on-scroll-up" = "shift_up"; + "on-scroll-down" = "shift_down"; + }; + }; + disk = { + format = "󰋊 {specific_used:0.1f}/{specific_total:0.1f}TB"; + unit = "TB"; + path = "/"; + }; + "network" = { + "on-click" = "${pkgs.foot}/bin/footclient --app-id floating-alacritty ${pkgs.impala}/bin/impala"; + "format" = "{ifname}"; + "format-wifi" = "󰖩 {essid}"; + "format-ethernet" = "󰈀 {ifname}"; + "format-disconnected" = "󰖪 "; + "tooltip-format" = "{ifname} via {gwaddr}\n{ipaddr}/{cidr}"; + "tooltip-format-wifi" = "{essid} ({signaldBm} dBm) {frequency} GHz\n{ipaddr}/{cidr}"; + "tooltip-format-ethernet" = "{ifname}\n{ipaddr}/{cidr}"; + "tooltip-format-disconnected" = "Disconnected"; + "max-length" = 50; + }; + }; + xyno.desktop.waybar.style = '' + * { + /* `otf-font-awesome` is required to be installed for icons */ + font-family: "Source Sans 3"; + font-size: 11px; + } + + window#waybar { + color: #a89984; + background-color: #1d2021; + } + + window#waybar.hidden { + opacity: 0.2; + } + + /* + window#waybar.empty { + background-color: transparent; + } + window#waybar.solo { + background-color: #FFFFFF; + } + */ + + /*window#waybar.termite { + background-color: #3F3F3F; + } + + window#waybar.chromium { + background-color: #000000; + border: none; + }*/ + + #clock, + #battery, + #cpu, + #memory, + #disk, + #temperature, + #backlight, + #network, + #pulseaudio, + #tray, + #mode, + #idle_inhibitor, + #mpd { + padding: 0 2px; + background-color: #1d2021; + color: #ebdbb2; + } + + label:focus { + background-color: #000000; + } + + + #temperature { + color: #fabd2f; + } + + #temperature.critical { + background-color: #fbf1c7; + color: #b57614; + } + + #memory { + color: #FCF434; /* enby yellow */ + } + #disk { + color: #FFFFFF; /* enby white */ + } + #network { + color: #b8bb26; /* enby green */ + } + #clock { + color: #9C59D1; /* enby purple */ + /*color: #2C2C2C; enby black */ + } + + + #network.disconnected { + background-color: #fbf1c7; + color: #9d0006; + } + + + #wireplumber { + color: #fe8019; + } + + #tray > .needs-attention { + background-color: #fbf1c7; + color: #3c3836; + } + + #idle_inhibitor { + background-color: #1d2021; + color: #ebdbb2; + } + + #idle_inhibitor.activated { + background-color: #fbf1c7; + color: #3c3836; + } + ''; + }; +} diff --git a/modules/desktop/waybar/kmonad.nix b/modules/desktop/waybar/kmonad.nix new file mode 100644 index 00000000..607595c6 --- /dev/null +++ b/modules/desktop/waybar/kmonad.nix @@ -0,0 +1,35 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +mkIf (config.xyno.hardware.kmonad.enable) { + xyno.desktop.waybar.config = { + "custom/kmonad" = { + exec = + (pkgs.writeShellApplication { + name = "kmonad-layer-watcher"; + runtimeInputs = [ pkgs.inotify-tools ]; + text = '' + cat /tmp/kmonad-layer; + while inotifywait -qq -e modify /tmp/kmonad-layer; do + cat /tmp/kmonad-layer; + done + ''; + }) + + "/bin/kmonad-layer-watcher"; + restart-interval = 5; + }; + modules-left = mkBefore [ "custom/kmonad" ]; + }; + xyno.desktop.waybar.style = '' + #custom-kmonad { + color: #84929D; + margin-left: 4px; + border-bottom: 3px solid #fbf1c7; + } + ''; + +} diff --git a/modules/desktop/waybar/laptop.nix b/modules/desktop/waybar/laptop.nix new file mode 100644 index 00000000..105b8f1b --- /dev/null +++ b/modules/desktop/waybar/laptop.nix @@ -0,0 +1,87 @@ +{ + pkgs, + config, + lib, + ... +}: +lib.mkIf (true) { + xyno.desktop.waybar.config = { + battery = { + "states" = { + "warning" = 30; + "critical" = 15; + }; + "format" = "{icon} {capacity}%"; + "format-icons" = [ + "" + "" + "" + "" + "" + ]; + "tooltip-format" = "Capacity: {capacity}%\nPower Draw: {power:0.2f}W\n{timeTo}\nCycles: {cycles}"; + "max-length" = 25; + }; + backlight = { + "device" = "amdgpu_bl1"; + "format" = "{icon} {percent}%"; + "format-icons" = [ + "󰃚" + "󰃛" + "󰃜" + "󰃝" + "󰃞" + "󰃟" + "󰃠" + ]; + "on-scroll-up" = "${pkgs.light}/bin/light -A 5"; + "on-scroll-down" = "${pkgs.light}/bin/light -U 5"; + }; + "power-profiles-daemon" = { + format = "{icon} "; + tooltip-format = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + format-icons = { + "default" = ""; + "performance" = ""; + "balanced" = ""; + "power-saver" = ""; + }; + }; + modules-right = [ + "battery" + "power-profiles-daemon" + "backlight" + ]; + }; + programs.light.enable = true; + xyno.desktop.waybar.style = '' + #battery { + color: #d3869b; + } + #battery.critical:not(.charging) { + background-color: #1d2021; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; + } + @keyframes blink { + to { + background-color: #fbf1c7; + color: #df3f71; + } + } + #battery.critical:not(.charging) { + background-color: #1d2021; + } + #battery.charging, #battery.plugged { + color: #98971a; + } + #backlight { + color: #458588; + } + ''; + +} diff --git a/modules/desktop/waybar/niri.nix b/modules/desktop/waybar/niri.nix new file mode 100644 index 00000000..7e5a725c --- /dev/null +++ b/modules/desktop/waybar/niri.nix @@ -0,0 +1,71 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +mkIf (config.xyno.desktop.niri.enable) { + xyno.desktop.waybar.config = { + "niri/window" = { + max-length = 80; + }; + modules-left = [ + "niri/workspaces" + "niri/window" + ]; + }; + xyno.desktop.waybar.style = '' + + #window, + #workspaces, + #tags { + margin: 0 2px; + } + + /* If workspaces is the leftmost module, omit left margin */ + .modules-left > widget:first-child > #workspaces { + margin-left: 0; + } + + /* If workspaces is the rightmost module, omit right margin */ + .modules-right > widget:last-child > #workspaces { + margin-right: 0; + } + #workspaces button { + padding: 0 2px; + background-color: #1d2021; + color: #ebdbb2; + /* Use box-shadow instead of border so the text isn't offset */ + box-shadow: inset 0 -3px transparent; + /* Avoid rounded borders under each workspace name */ + border: none; + border-radius: 0; + } + + + /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ + #workspaces button:hover { + background: rgba(0, 0, 0, 0.2); + /* box-shadow: inset 0 -3px #fbf1c7; + */ + background-color: #3c3836; + } + + #workspaces button.focused { + /* box-shadow: inset 0 -3px #fbf1c7; + */ + background-color: #3c3836; + color: #ebdbb2; + } + + #workspaces button.occupied { + color: #d3869b; + } + #workspaces button.urgent { + background-color: #cc241d; + color: #ebdbb2; + } + ''; + +} diff --git a/modules/desktop/waybar-wireplumber-db.patch b/modules/desktop/waybar/waybar-wireplumber-db.patch similarity index 100% rename from modules/desktop/waybar-wireplumber-db.patch rename to modules/desktop/waybar/waybar-wireplumber-db.patch diff --git a/modules/hardware/kmonad.nix b/modules/hardware/kmonad.nix index 7bf65015..f23347e6 100644 --- a/modules/hardware/kmonad.nix +++ b/modules/hardware/kmonad.nix @@ -10,8 +10,10 @@ in { options.xyno.hardware.kmonad.enable = lib.mkEnableOption "kmonad with xynos brain damage"; config = lib.mkIf cfg.enable { + services.kmonad = { enable = true; + extraArgs = [ "-c" ]; keyboards = { krane = { device = "/dev/input/by-id/usb-Google_Inc._Hammer_440041001157415636313920-event-kbd"; @@ -20,6 +22,7 @@ in builtin = { device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd"; config = builtins.readFile ./kmonad/builtin.kbd; + }; k70-office = { device = "/dev/input/by-id/usb-Corsair_CORSAIR_K70_CORE_RGB_TKL_Mechanical_Gaming_Keyboard_599A4D472DCAC05584072AFB922E3BFB-event-kbd"; diff --git a/modules/hardware/kmonad/builtin.kbd b/modules/hardware/kmonad/builtin.kbd index 3e8fec05..86d7807d 100644 --- a/modules/hardware/kmonad/builtin.kbd +++ b/modules/hardware/kmonad/builtin.kbd @@ -23,67 +23,26 @@ lsft 102d z x c v b n m , . / rsft lctl lmet lalt spc ralt rmet cmp rctl ) - -(defalias - ext (layer-toggle extend) ;; Bind 'ext' to the Extend Layer -) (defalias - cpy C-c - pst C-v - cut C-x - udo C-z - all C-a - fnd C-f - bk Back - fw Forward -) -(defalias - num (layer-toggle num) + qwerty-enter (tap-macro (cmd-button "echo qwerty > /tmp/kmonad-layer") (layer-switch qwerty)) + qwerty-exit (tap-macro (cmd-button "echo colemak > /tmp/kmonad-layer") (layer-switch colemak-dh)) ) (deflayer colemak-dh - esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 + caps f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 grv 1 2 3 4 5 6 7 8 9 0 - = bspc tab q w f p b j l u y ; [ ] esc (tap-hold-next-release 200 a lctrl) (tap-hold-next-release 200 r ralt) (tap-hold-next-release 200 s lmet) t g m n (tap-hold-next-release 200 e rmet) (tap-hold-next-release 200 i lalt) (tap-hold-next-release 200 o rctrl) ' \\ ret lsft z x c d v 102d k h , . / rsft - lctl lmet lalt spc ralt rmet _ _ -) -(deflayer num - esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 - grv 1 2 3 4 5 6 7 8 9 0 - = bspc - tab q w f p b j l u y ; [ ] - esc 1 2 3 4 5 6 7 8 9 0 ' \\ ret - lsft z x c d v 102d k h , . / rsft - lctl lmet lalt spc ralt rmet _ _ + lctl lmet lalt spc ralt _ @qwerty-enter @qwerty-enter ) -(deflayer colemak-dhk +(deflayer qwerty esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 - grv 1 2 3 4 5 6 7 8 9 0 - = bspc - tab q w f p b j l u y ; [ ] - @ext a r s t g k n e i o ' \\ ret - lsft z x c d v 102d m h , . / rsft - lctl lmet lalt spc ralt rmet _ _ + grv 1 2 3 4 5 6 7 8 9 0 - = bspc + tab q w e r t y u i o p [ ] + caps a s d f g h j k l ; ' \ ret + lsft 102d z x c v b n m , . / rsft + lctl lmet lalt spc ralt rmet @qwerty-exit @qwerty-exit ) - -(deflayer extend - _ play rewind previoussong nextsong ejectcd refresh brdn brup www mail prog1 prog2 - _ f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 _ - _ esc @bk @fnd @fw ins pgup home up end menu prnt slck - _ lalt lmet lsft lctl ralt pgdn lft down rght del caps _ _ - _ @udo @cut @cpy tab @pst _ pgdn bks lsft lctl comp _ - _ _ _ ret _ _ _ _ -) - - -(deflayer empty - _ _ _ _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ _ _ _ _ _ - _ _ _ _ _ _ _ _ -) - diff --git a/modules/hardware/smartcard.nix b/modules/hardware/smartcard.nix new file mode 100644 index 00000000..fa528252 --- /dev/null +++ b/modules/hardware/smartcard.nix @@ -0,0 +1,20 @@ +{ + pkgs, + lib, + config, + ... +}: +let + cfg = config.xyno.hardware.smartcard; +in +{ + options.xyno.hardware.smartcard.enable = + lib.mkEnableOption "enable stuff needed for smartcards to work right"; + config = lib.mkIf cfg.enable { + services.vsmartcard-vpcd.enable = true; + hardware.gpgSmartcards.enable = true; + services.fido2-hid-bridge.enable = true; + services.pcscd.enable = true; + }; + +} diff --git a/modules/module-list.nix b/modules/module-list.nix index e4f19646..1faedaaa 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -1,6 +1,7 @@ [ ./cli/fish.nix ./cli/starship.nix + ./cli/tmux.nix ./desktop/audio.nix ./desktop/common-programs.nix ./desktop/easyeffects.nix @@ -11,9 +12,10 @@ ./desktop/niri.nix ./desktop/shikane.nix ./desktop/swayidle.nix - ./desktop/waybar.nix + ./desktop/waybar ./desktop/wpaperd.nix ./hardware/kmonad.nix + ./hardware/smartcard.nix ./networking/networkd.nix ./presets/cli.nix ./presets/common.nix @@ -27,6 +29,7 @@ ./services/wireguard.nix ./system/impermanence.nix ./system/user.nix + ./user-services/khal.nix ./user-services/syncthing.nix ./to-upstream/fido2-hid-bridge.nix ] diff --git a/modules/presets/cli.nix b/modules/presets/cli.nix index 2a683663..e737f20e 100644 --- a/modules/presets/cli.nix +++ b/modules/presets/cli.nix @@ -24,6 +24,7 @@ in xyno.cli.fish.enable = true; xyno.cli.starship.enable = true; + xyno.cli.tmux.enable = true; security.sudo.enable = false; i18n.defaultLocale = "en_US.UTF-8"; @@ -71,10 +72,32 @@ in # https://github.com/NixOS/nixpkgs/issues/361592 needed for run0 security.pam.services.systemd-run0 = { }; - programs.tmux.enable = true; programs.yazi = { enable = true; + initLua = pkgs.writeText "yazi-init.lua" '' + function Linemode:size_and_mtime() + local time = math.floor(self._file.cha.mtime or 0) + if time == 0 then + time = "" + elseif os.date("%Y", time) == os.date("%Y") then + time = os.date("%b %d %H:%M", time) + else + time = os.date("%b %d %Y", time) + end + + local size = self._file:size() + return string.format("%s %s", size and ya.readable_size(size) or "-", time) + end + ''; + settings.yazi = { + mgr = { + sort_by = "mtime"; + linemode = "size_and_mtime"; + sort_reverse = true; + sort_dir_first = true; + }; + }; }; services.pcscd.enable = true; @@ -92,6 +115,7 @@ in bottom curl croc + comma dig fd ffmpeg @@ -110,7 +134,8 @@ in pv ripgrep w3m - yt-dlp + unstable.yt-dlp + gallery-dl p7zip ncdu ]; @@ -121,7 +146,7 @@ in environment.shellAliases = { l = "ls -alh"; - n = "yazi"; + n = "y"; gc = "git commit -v"; gpl = "git pull"; gd = "git diff"; diff --git a/modules/presets/development.nix b/modules/presets/development.nix index c06f739d..fcd46abe 100644 --- a/modules/presets/development.nix +++ b/modules/presets/development.nix @@ -25,7 +25,7 @@ in virtualisation.podman.enable = true; environment.systemPackages = with pkgs; [ - unstable.jetbrains.rider + jetbrains.rider # android-studio nixpkgs-manual nixpkgs-manual.lib-docs diff --git a/modules/presets/gui.nix b/modules/presets/gui.nix index 69c4e8de..a1f2f65d 100644 --- a/modules/presets/gui.nix +++ b/modules/presets/gui.nix @@ -22,6 +22,7 @@ in ]; xyno.desktop.niri.enable = true; xyno.desktop.audio.enable = mkDefault true; + xyno.user-services.khal.enable = true; boot.kernelPackages = mkDefault pkgs.linuxPackages_zen; security.soteria.enable = true; security.rtkit.enable = true; @@ -44,7 +45,7 @@ in }; programs.yazi = { - settings.keymap.manager.prepend_keymap = [ + settings.keymap.mgr.prepend_keymap = [ { on = "y"; run = [ diff --git a/modules/user-services/khal.nix b/modules/user-services/khal.nix new file mode 100644 index 00000000..d6118646 --- /dev/null +++ b/modules/user-services/khal.nix @@ -0,0 +1,63 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.xyno.user-services.khal; +in +{ + options.xyno.user-services.khal.enable = lib.mkEnableOption "enable khal and vdirsyncer"; + options.xyno.user-services.khal.wantedBy = lib.mkOption { + type = lib.types.str; + default = "niri.service"; + }; + config = lib.mkIf cfg.enable { + environment.systemPackages = [ + pkgs.khal + pkgs.vdirsyncer + ]; + systemd.packages = [ pkgs.vdirsyncer ]; + environment.etc."xdg/khal/config".text = '' + [locale] + weeknumbers = right + timeformat = "%H:%M" + longdatetimeformat = "%Y-%m-%dT%H:%M:%S" + datetimeformat = "%Y-%m-%dT%H:%M:%S" + dateformat = "%Y-%m-%d" + longdateformat = "%Y-%m-%d" + [calendars] + [[calendars]] + path = ~/.calendars/* + type = discover + ''; + systemd.user.services.vdirsyncer = { + environment.VDIRSYNCER_CONFIG = config.sops.secrets."vdirsyncer".path; + unitConfig = { + After = "network-online.target"; + Wants = "network-online.target"; + }; + serviceConfig = { + Type = "oneshot"; + }; + script = '' + ${pkgs.vdirsyncer}/bin/vdirsyncer metasync + ${pkgs.vdirsyncer}/bin/vdirsyncer sync + ''; + }; + systemd.user.timers.vdirsyncer = { + wantedBy = [ cfg.wantedBy "timers.target" ]; + timerConfig = { + OnCalendar = "*:0/15:00"; + Unit = "vdirsyncer.service"; + }; + }; + environment.sessionVariables.VDIRSYNCER_CONFIG = config.sops.secrets."vdirsyncer".path; + sops.secrets."vdirsyncer" = { + sopsFile = ../../secrets/desktop/calendar.yaml; + group = "users"; + owner = config.xyno.system.user.name; + }; + }; +} diff --git a/overlays/default.nix b/overlays/default.nix index 136bedbf..8391833c 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -8,7 +8,7 @@ inputs: self: super: { nheko = super.nheko.overrideAttrs (old: { version = "git-${builtins.substring 0 8 inputs.nheko.rev}-patched"; src = inputs.nheko; - patches = (old.patches or [ ]) ++ [ + patches = [ (self.fetchpatch2 { url = "https://github.com/Nheko-Reborn/nheko/pull/1838/commits/c9f1a449d825d5879735f95ebfb0c7acec101226.patch"; hash = "sha256-RhyP8HrGtT6gYMc9mI4I8snrHCN8f0YYzFbAoMKweyc="; @@ -28,4 +28,15 @@ inputs: self: super: { python-uhid = super.callPackage ../packages/uhid.nix {}; caddy-desec = super.callPackage ../packages/caddy-desec.nix {}; + # todo: remove on next supersonic release + supersonic-wayland = super.supersonic-wayland.overrideAttrs (old: { + patches = (if old?patches then old.patches else []) ++ [ + (self.fetchpatch2 { + url = "https://github.com/dweymouth/supersonic/commit/ee742cf34ef7225d345c16354d9c21d72a41bf4a.patch"; + hash = "sha256-kSeEbzrfJ4Pe8JC4rIWlSmADOcjrCRBNWlcO8VfVnn4="; + }) + ]; + vendorHash = "sha256-Sh3PxRwb6ElSeWzdvIQ+nD9VVGlpUDwxG7nAoGWPTRQ="; + }); + } diff --git a/secrets/desktop/calendar.yaml b/secrets/desktop/calendar.yaml new file mode 100644 index 00000000..aa6acbba --- /dev/null +++ b/secrets/desktop/calendar.yaml @@ -0,0 +1,40 @@ +vdirsyncer: ENC[AES256_GCM,data:4UoJJ86MMYWiwdQTcpgTayVMkASjrXCZgQHfm9m1OMEmHvOLhejlp6snz+nD0D8W1uA30KQPVRzP2ICtEgetOm70KaMXQkk22qtzCxkPZcZNk62K7zT7AB84CPfdwJNXEFw9d4SXQvvhyL1DEyp//yPs9oYiRtENwaPDWTw1FZkJpw85jniPGrUGekDNao/4TGxFLH6AWoYVmXokRlfFwee7BwG/5+5A16+IFk3Le2VhGlLAqz74DaJcC3k6q7HM1vx51IV/aZX5KszVOfFnmQgNKieV1zMkwMEXaMgWopnzlnhKscFbWov6mcVa3tdFLDFTwyjCbWpShcGUyXOEzhmhyapfhCrJeqItM/iuXVkldzVkW6pHWA4rNLNzzssYw0L8W4+IfhCq+NN1sExHoZIE+EfBMi48jI6beuMCYQ3FX9mV+Y0HopSV00lI1rQv5WZzPXxhKMAd6nWUtVtYdVERaB8mozm0ItCVRwtLuW9cUwNSfz4dIcHaRkllgAOmVF/P1rGE4xzVUJcgMefbKNLjdakt2CjYMMou8AwrIDl3hedqqdvbhlMqkzOYyGT7Dq0RS3FExW4ozJcLCPiYl9H5MfMl9C0Ye5kU6ejxD+z70fS6evX5CM5kHlEyDBB+5UnNHorCQhVhlIjv6cHMLUlpWsur39zsegGwTQuG06xk3hDiwUy5SgXD9YWDTOJDxxxRl328ihs2tyK6i7m47MLJqh1LZnZZOaTogh24NVCd+r0Se6xAzQr3cvijgVLi3XAZuhSbisU3dE/pw/17eJUY9MzP+DvY5+u4FFATLoi6BZKDv4ZM34BIxIa626b/Q6/dYQT1dzHCcIn6/cv9lnLQE33joj4tEFGA5oLCgXb/Y7kVmrQg6aAFVLuOLfvlA61pwPDX5hQPZVc2Hom/j7OGhvNoE27rNlMkeiWvkR1i0z5jeZpcgqWlJYR9Ny++fMeI2t1o9u6WKUeTRGKfdu+UCJlgD1U/yc86bE/3rXPmi6OV/enxCLMHVtczWSjd2NW4LTzG50LVnipUGYXhsS53tx2aHQHBtZDjoo4zTTlDlpXHg95J2toxJI3gnXNqdPnK0BUQCeREKn8l7Ckj8GPoo+y6nf40EMT9BQZisZYSrW6wjetC7v0igqRgPPvrAoidnVTH6PVByQRdlRbH/PBa6QcANz9wBbL8RD8DX8wvMY0qZZLgM+0KlicIeHrhaGiALKl2jn0AxbjlV5CMf7ZxDDJT/hGq1UUp2VQ1Nmauj87aLBqNWFRxHYMr0mnFPcNpYkKyvHx1KjZYCdTQn8CZ1GVC7XVcdPZk/F3znPN8dNWzoin80sWNRdjkO8mtARmq8k+cuGhbQ4l4J+3b3AsXH6/zmSoGud/cG6WDd811O30K/9qqpnzeHLFJXueU5rerCzYZJseDHWpOhdEDxYPl0eVzfL+VAMXEJgwnJ3iLKWDm7HvKtfWWIzckQJ56eQcFGmALAc1MBxrpEghCZ0pikm3gv1aGOwrB94i8he1ssasSMDg4VFTY2kAt0Kbph59ewkEWoMLIfsOWvAP/TBGZt23yh4wSNgKJPqUutTYHJ5rUal6afcY4ZPdJFxFwPeRxpxAhqInu0jJCCJbVtucj3tVkqMla/MBKk1Os1n5Ge7GJfog=,iv:xWlbxnn7Pgc88J6dFGrhRywXo6MekfSXbLQp3rKSI4k=,tag:c+7ebUU4BsCJFO1aqyN4Tw==,type:str] +sops: + lastmodified: "2025-10-06T17:49:51Z" + mac: ENC[AES256_GCM,data:5vEUwE8lHVj0GSgoD7G7YKWq0O3Isz7gLDjn7+wYjcGDB2JhcFcuBECtXB24VbcAYjf0ARKZiZwdVqdXfEXyWtHErBhNlCVX3JAHQx/jx6v7x6/8XbDDvuSf7oUXHJ0NOQWpn656nsvIi3pD5F4k1uDixNW6pLPZodp14y4sdFU=,iv:2Tn/l1nWSrWdu6WTHqhpEXQxfKHpJeqKN9Drzcx91kg=,tag:V8hd6IKPlgeE+SFRCOPmGQ==,type:str] + pgp: + - created_at: "2025-10-06T16:51:38Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hL4DAAAAAAAAAAASBAMEAHAJzr07bCD9inqyANqbuf6JlJIgd6yH4bA3xe8zZJC8 + tGWUMVlZJwsuAyGeAlsQvaHzg6ce/sowI6rgqPiXd2Bea0VY5pTIrbKUi5uxq/sK + HeUCZPPCdvaR45Bbkf+GTrvCjOrMJRcaLqG+Sgzy4hKdWkdNwRoVQeqk2JHJsVEw + zfVOwBd+rMHQ7CsUHgHSDvTh7BtUYDS0S65gR7VNh+yk9pod0J+PXNY+nqyBcqPu + 0l4Bdxo2Y2cg9GQiSL6ZGW7Dp6OtkF5CDwk7RmU26pA46OePtN21eiCiFQ6yg25n + AYXsBdqeH3580/Vety6MWSZZIaLtVaIPabGHpiKv+tVjzTkrF/2lHUKpDhoQ5Sye + =oEYU + -----END PGP MESSAGE----- + fp: 0D98D5964AC8BB1CA034CE4EC456133700066642 + - created_at: "2025-10-06T16:51:38Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAwAAAAAAAAAAARAAlCZXnkzHGj0bUqBzOzxBX3neGc6pyQQUyGEQfAUw40m9 + 6zxzYyXIwAaYOWpFjU5nwVuLpIImv63N55VLXejlk0IyT7yOcY/XlUdZ5gITX19J + uCCdEAAr4S4cbW9bul9URNAQyKI9FFqWXfrq1zzFTRlMODBECkjTbTlrr9yggB4v + BCCx6WqIAbmGAyXSTPMroat6pnv+x3VUd3VOeWEsmSL3qG3tqbWZc2Y061b3d9oA + uykKKcwhgNv9ubZ+qLh1Szw7NLIAVAxVDFc3iugTeu7PkleQYGXlSagZOWw/EkAt + wsqxsgccqFwb1DjHUwcaz48raylcCNIhKRtINGbYlNIHtFRIc1rTHwn4l344zwQp + CjxiWXxhwW42eoHYLt3b//EmOhWOasbRlg6LT3Wz01jBylahuqjDaAgQjOHPLUvO + v9/TbAIsmb7zrnoT4bISgbrPbO2hPETR9N1tVmgR1w58hrX455Uo3f4O8FY7TMVB + 9A+8+Pg5WKANKxyws4TyM3xZfSuxOIZgaI3IwZ6/7eiVcaz5aCEbt22MjzuwsCgQ + N1/Jld0VJGeg9jDChFgGF9YUelheyBAiuSx4G0+NA4ir6H/MbK2Ej5zUDJec4Fd7 + eqxFxcxWJxVtSMKZy+LmCRoe2gJRXFh86qXwkGJEIKBFfuQk7EF7KgUnf32AQwfS + WAHRf/20A+2kTjAmumVOHOY3PD3pS6fvQVwr0yliYQeYVJP8eUjRgjHuPaRwp9FQ + 4NlTKfVQGyyvoB1z8I0bMTVa1pkZhLs5dI290uk124LeQG6A93w+ajQ= + =VFO8 + -----END PGP MESSAGE----- + fp: 4019fd893bba15618c2f93a38ef418ce360bc418 + unencrypted_suffix: _unencrypted + version: 3.11.0 diff --git a/sops.nix b/sops.nix index 86386e9e..af34e3b3 100644 --- a/sops.nix +++ b/sops.nix @@ -11,10 +11,15 @@ let adminKeys = [ "0D98D5964AC8BB1CA034CE4EC456133700066642" # xyno main gpg key ]; - keysPerHost = (mapAttrs (n: v: (toList v.sopsKey)) ( - filterAttrs (n: v: v ? sopsKey) instanceConfigs - )); + keysPerHost = ( + mapAttrs (n: v: (toList v.sopsKey)) (filterAttrs (n: v: v ? sopsKey) instanceConfigs) + ); + desktopHostNames = [ "theseus" ]; + hostKeys = flatten (attrValues keysPerHost); + desktopKeys = flatten ( + attrValues (filterAttrs (n: v: any (x: x == n) desktopHostNames) keysPerHost) + ); sopsCfg = { keys = adminKeys ++ hostKeys; @@ -23,6 +28,10 @@ let path_regex = "secrets/[^/]+\.(yaml|json|env|ini)$"; key_groups = [ { pgp = adminKeys ++ hostKeys; } ]; } + { + path_regex = "secrets/desktop/[^/]+\.(yaml|json|env|ini)$"; + key_groups = [ { pgp = adminKeys ++ desktopKeys; } ]; + } ] ++ (mapAttrsToList (n: v: { # path_regex = "instances/${n}/secrets/[^/]+\.(yaml|json|env|ini)$"; @@ -33,4 +42,5 @@ let }; sopsCfgFile = writeText ".sops.yaml" (builtins.toJSON sopsCfg); -in sopsCfgFile +in +sopsCfgFile