diff --git a/.helix/languages.toml b/.helix/languages.toml index 29fc7109..5dd999ea 100644 --- a/.helix/languages.toml +++ b/.helix/languages.toml @@ -1,11 +1,6 @@ -[language-server.nixd] -command = "nixd" -# args = ["--log=debug"] -[language-server.nixd.config.nixd] -nixpkgs = { expr = "import (builtins.getFlake (builtins.toString ./.)).inputs.nixpkgs { }" } -options = { nixos = { expr = "(builtins.getFlake (builtins.toString ./.)).colmenaHive.nodes.theseus.options" }}#, home-manager = { expr = "(builtins.getFlake (builtins.toString ./.)).colmenaHive.nodes.theseus.options.home-manager.users.type.getSubOptions []" } } - +[language-server.nil] +command = "nil" [[language]] name = "nix" formatter = {command = "nixfmt"} -language-servers = [ "nixd" ] +language-servers = [ "nil" ] diff --git a/flake.lock b/flake.lock index 77a5a43c..7a14a408 100644 --- a/flake.lock +++ b/flake.lock @@ -1,76 +1,55 @@ { "nodes": { - "adw-colors": { + "authentik": { + "inputs": { + "authentik-src": "authentik-src", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils", + "napalm": "napalm", + "nixpkgs": [ + "nixpkgs" + ], + "pyproject-build-systems": "pyproject-build-systems", + "pyproject-nix": "pyproject-nix", + "systems": "systems", + "uv2nix": "uv2nix" + }, + "locked": { + "lastModified": 1759322529, + "narHash": "sha256-yiv/g/tiJI3PI95F7vhTnaf1TDsIkFLrmmFTjWfb6pQ=", + "owner": "nix-community", + "repo": "authentik-nix", + "rev": "69fac057b2e553ee17c9a09b822d735823d65a6c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "authentik-nix", + "type": "github" + } + }, + "authentik-src": { "flake": false, "locked": { - "lastModified": 1759892823, - "narHash": "sha256-ocrVOebwU2AN4MAQywTOHEA8Lwbx7iOMbuI85V5jk4I=", - "owner": "lassekongo83", - "repo": "adw-colors", - "rev": "4f32945ffe95e871b46191d96dc5f61b153d699f", + "lastModified": 1759190535, + "narHash": "sha256-pIzDaoDWc58cY/XhsyweCwc4dfRvkaT/zqsV1gDSnCI=", + "owner": "goauthentik", + "repo": "authentik", + "rev": "8d3a289d12c7de2f244c76493af7880f70d08af2", "type": "github" }, "original": { - "owner": "lassekongo83", - "repo": "adw-colors", - "type": "github" - } - }, - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager_2", - "nixpkgs": [ - "oldConf", - "nixpkgs" - ], - "systems": "systems" - }, - "locked": { - "lastModified": 1754433428, - "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=", - "owner": "ryantm", - "repo": "agenix", - "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d", - "type": "github" - }, - "original": { - "owner": "ryantm", - "ref": "main", - "repo": "agenix", - "type": "github" - } - }, - "attic": { - "inputs": { - "crane": "crane_2", - "flake-compat": "flake-compat_3", - "flake-parts": "flake-parts_2", - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "oldConf", - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2" - }, - "locked": { - "lastModified": 1758711588, - "narHash": "sha256-0nZlCCDC5PfndsQJXXtcyrtrfW49I3KadGMDlutzaGU=", - "owner": "zhaofengli", - "repo": "attic", - "rev": "12cbeca141f46e1ade76728bce8adc447f2166c6", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "repo": "attic", + "owner": "goauthentik", + "ref": "version/2025.8.4", + "repo": "authentik", "type": "github" } }, "colmena": { "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ], @@ -106,99 +85,7 @@ "type": "github" } }, - "crane_2": { - "locked": { - "lastModified": 1751562746, - "narHash": "sha256-smpugNIkmDeicNz301Ll1bD7nFOty97T79m4GUMUczA=", - "owner": "ipetkov", - "repo": "crane", - "rev": "aed2020fd3dc26e1e857d4107a5a67a33ab6c1fd", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "oldConf", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744478979, - "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "43975d782b418ebf4969e9ccba82466728c2851b", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "darwin_2": { - "inputs": { - "nixpkgs": [ - "oldConf", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1758805352, - "narHash": "sha256-BHdc43Lkayd+72W/NXRKHzX5AZ+28F3xaUs3a88/Uew=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "c48e963a5558eb1c3827d59d21c5193622a1477c", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { "flake": false, "locked": { "lastModified": 1747046372, @@ -214,7 +101,57 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "4524271976b625a4a605beefd893f270620fd751", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "lanzaboote", @@ -235,38 +172,19 @@ "type": "github" } }, - "flake-parts_2": { + "flake-parts_3": { "inputs": { "nixpkgs-lib": [ - "oldConf", - "attic", + "terranix", "nixpkgs" ] }, "locked": { - "lastModified": 1751413152, - "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", + "lastModified": 1736143030, + "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1738453229, - "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", + "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", "type": "github" }, "original": { @@ -276,6 +194,27 @@ } }, "flake-utils": { + "inputs": { + "systems": [ + "authentik", + "systems" + ] + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "locked": { "lastModified": 1659877975, "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", @@ -290,27 +229,9 @@ "type": "github" } }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flake-utils_3": { "inputs": { - "systems": "systems_4" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -326,21 +247,6 @@ "type": "github" } }, - "flakey-profile": { - "locked": { - "lastModified": 1712898590, - "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", - "owner": "lf-", - "repo": "flakey-profile", - "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", - "type": "github" - }, - "original": { - "owner": "lf-", - "repo": "flakey-profile", - "type": "github" - } - }, "gitignore": { "inputs": { "nixpkgs": [ @@ -371,11 +277,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1763430944, - "narHash": "sha256-tL2I302ZrTeo13D99vg4v/VajVCSHdOx5RncpMcjqa0=", + "lastModified": 1761141169, + "narHash": "sha256-5IZjbTvP5dNTD8CbEYlNbicdGcbCN9SC9ksMm2ZEXH0=", "owner": "helix-editor", "repo": "helix", - "rev": "68c7e8757f0183adeb01ba1fbbabd1cee2885b70", + "rev": "d79cce4e4bfc24dd204f1b294c899ed73f7e9453", "type": "github" }, "original": { @@ -391,11 +297,11 @@ ] }, "locked": { - "lastModified": 1763416652, - "narHash": "sha256-8EBEEvtzQ11LCxpQHMNEBQAGtQiCu/pqP9zSovDSbNM=", + "lastModified": 1761191301, + "narHash": "sha256-xsRL2Oyb4YRZZ1Tu4WzR2uFg1n931bH+PfLdFcqtLg8=", "owner": "nix-community", "repo": "home-manager", - "rev": "ea164b7c9ccdc2321379c2ff78fd4317b4c41312", + "rev": "4958aafe7b237dc1e857fb0c916efff72075048f", "type": "github" }, "original": { @@ -407,51 +313,6 @@ "home-manager_2": { "inputs": { "nixpkgs": [ - "oldConf", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1745494811, - "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_3": { - "inputs": { - "nixpkgs": [ - "oldConf", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_4": { - "inputs": { - "nixpkgs": [ - "oldConf", "zen-browser", "nixpkgs" ] @@ -470,27 +331,6 @@ "type": "github" } }, - "home-manager_5": { - "inputs": { - "nixpkgs": [ - "zen-browser", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1762964643, - "narHash": "sha256-RYHN8O/Aja59XDji6WSJZPkJpYVUfpSkyH+PEupBJqM=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "827f2a23373a774a8805f84ca5344654c31f354b", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, "impermanence": { "locked": { "lastModified": 1737831083, @@ -506,21 +346,6 @@ "type": "github" } }, - "impermanence_2": { - "locked": { - "lastModified": 1737831083, - "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", - "owner": "nix-community", - "repo": "impermanence", - "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "impermanence", - "type": "github" - } - }, "kmonad": { "inputs": { "nixpkgs": [ @@ -544,42 +369,16 @@ "url": "https://github.com/jokesper/kmonad" } }, - "kmonad_2": { - "inputs": { - "nixpkgs": [ - "oldConf", - "nixpkgs" - ] - }, - "locked": { - "dir": "nix", - "lastModified": 1751398458, - "narHash": "sha256-EHg2Z0EbsFN5zU1WrLc1sFszbUsLLpqZgFim7Zi8dRc=", - "ref": "feat-tap-overlap", - "rev": "fb0334cbd16ec64c5ebcc10f7982a9857bd97d27", - "revCount": 986, - "type": "git", - "url": "https://github.com/jokesper/kmonad" - }, - "original": { - "dir": "nix", - "ref": "feat-tap-overlap", - "type": "git", - "url": "https://github.com/jokesper/kmonad" - } - }, "lanzaboote": { "inputs": { "crane": "crane", - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts_2", "nixpkgs": [ "nixpkgs" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": [ - "rust-overlay" - ] + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1737639419, @@ -596,66 +395,14 @@ "type": "github" } }, - "lix": { - "flake": false, - "locked": { - "lastModified": 1753223229, - "narHash": "sha256-tkT4aCZZE6IEmjYotOzKKa2rV3pGpH3ZREeQn7ACgdU=", - "rev": "7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a.tar.gz?rev=7ac20fc47cf2f1b7469c7a2f379e5a3a51a6789a" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz" - } - }, - "lix-module": { - "inputs": { - "flake-utils": "flake-utils_2", - "flakey-profile": "flakey-profile", - "lix": "lix", - "nixpkgs": [ - "oldConf", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1753282722, - "narHash": "sha256-KYMUrTV7H/RR5/HRnjV5R3rRIuBXMemyJzTLi50NFTs=", - "rev": "46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873.tar.gz?rev=46a9e8fcfe4be72b4c7c8082ee11d2c42da1e873" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.3-1.tar.gz" - } - }, - "miro": { - "flake": false, - "locked": { - "lastModified": 1644177791, - "narHash": "sha256-t8L6UboaOcg6JkGjX1NTd13Yw7ATySGxmnkJ7wUyZAE=", - "owner": "miromannino", - "repo": "miro-windows-manager", - "rev": "faa6f5f0bc025cc2465f3198609d2123d86101c2", - "type": "github" - }, - "original": { - "owner": "miromannino", - "repo": "miro-windows-manager", - "type": "github" - } - }, "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1763065138, - "narHash": "sha256-46lJeUYH8YrfTccAoKQbO9lprq4dlo9VVLk+StPBSWM=", + "lastModified": 1759261417, + "narHash": "sha256-TjuoBb8+isL3KTdGgtYh90XPyeUMFbgNAOG9l23CB3A=", "owner": "mobile-nixos", "repo": "mobile-nixos", - "rev": "1943b7b06fcd1a2c87f4b89df58231915cc2ca44", + "rev": "e6f6d527bf6abf94dd52fbba3143a720cef96431", "type": "github" }, "original": { @@ -680,14 +427,40 @@ "type": "github" } }, + "napalm": { + "inputs": { + "flake-utils": [ + "authentik", + "flake-utils" + ], + "nixpkgs": [ + "authentik", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1725806412, + "narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=", + "owner": "willibutz", + "repo": "napalm", + "rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5", + "type": "github" + }, + "original": { + "owner": "willibutz", + "ref": "avoid-foldl-stack-overflow", + "repo": "napalm", + "type": "github" + } + }, "nheko": { "flake": false, "locked": { - "lastModified": 1762138523, - "narHash": "sha256-93M4T6peRRMq0uL0X955+N0KnU1t/0AAyVQ/TV2zpQs=", + "lastModified": 1757886200, + "narHash": "sha256-FU73Pb47e6Q0qEAJcxDVhVLmL+hJ4gXvssRD9NcUNkM=", "owner": "Nheko-Reborn", "repo": "nheko", - "rev": "1bd2970c4dd69daa87d906f63d869d56cf5d4915", + "rev": "2769642d3c7bd3c0d830b2f18ef6b3bf6a710bf4", "type": "github" }, "original": { @@ -701,14 +474,14 @@ "nixpkgs": [ "nixpkgs-master" ], - "rust-overlay": "rust-overlay_2" + "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1763729389, - "narHash": "sha256-VcToDv3/lw3q3sVIqQsMUhSGKEVdQM4h6rnr/XhPBwM=", + "lastModified": 1760940149, + "narHash": "sha256-KbM47vD6E0cx+v4jYQZ8mD5N186AKm2CQlyh34TW58U=", "owner": "YaLTeR", "repo": "niri", - "rev": "012700dd549a79c501bcab92839e5dcc46c372b5", + "rev": "b3245b81a6ed8edfaf5388a74d2e0a23c24941e5", "type": "github" }, "original": { @@ -722,7 +495,7 @@ "nixpkgs": [ "nixpkgs" ], - "rust-overlay": "rust-overlay_3" + "rust-overlay": "rust-overlay_4" }, "locked": { "lastModified": 1760113386, @@ -738,28 +511,6 @@ "url": "https://git.xyno.systems/xyno/nix-ci" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "oldConf", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1737420293, - "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -767,11 +518,11 @@ ] }, "locked": { - "lastModified": 1763265660, - "narHash": "sha256-Ad9Rd3ZAidrH01xP73S3CjPiyXo7ywZs3uCESjPwUdc=", + "lastModified": 1760846226, + "narHash": "sha256-xmU8kAsRprJiTGBTaGrwmjBP3AMA9ltlrxHKFuy5JWc=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "469ef53571ea80890c9497952787920c79c1ee6e", + "rev": "5024e1901239a76b7bf94a4cd27f3507e639d49e", "type": "github" }, "original": { @@ -782,27 +533,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1762847253, - "narHash": "sha256-BWWnUUT01lPwCWUvS0p6Px5UOBFeXJ8jR+ZdLX8IbrU=", + "lastModified": 1760958188, + "narHash": "sha256-2m1S4jl+GEDtlt2QqeHil8Ny456dcGSKJAM7q3j/BFU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "899dc449bc6428b9ee6b3b8f771ca2b0ef945ab9", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixos-hardware", - "type": "github" - } - }, - "nixos-hardware_2": { - "locked": { - "lastModified": 1758663926, - "narHash": "sha256-6CFdj7Xs616t1W4jLDH7IohAAvl5Dyib3qEv/Uqw1rk=", - "owner": "NixOS", - "repo": "nixos-hardware", - "rev": "170ff93c860b2a9868ed1e1102d4e52cb3d934e1", + "rev": "d6645c340ef7d821602fd2cd199e8d1eed10afbc", "type": "github" }, "original": { @@ -814,11 +549,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "lastModified": 1761114652, + "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", "type": "github" }, "original": { @@ -828,41 +563,28 @@ "type": "github" } }, - "nixpkgs-darwin": { - "locked": { - "lastModified": 1735564410, - "narHash": "sha256-HB/FA0+1gpSs8+/boEavrGJH+Eq08/R2wWNph1sM1Dg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1e7a8f391f1a490460760065fa0630b5520f9cf8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-24.05-darwin", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-lib": { "locked": { - "lastModified": 1738452942, - "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "lastModified": 1754788789, + "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" } }, "nixpkgs-master": { "locked": { - "lastModified": 1763730167, - "narHash": "sha256-GkVAHiVPF8/IXFn3Ygz+ky//lPi/a3HsaM1vr+A2hh4=", + "lastModified": 1761228883, + "narHash": "sha256-8jKkT4Yc8I/PnDczaD9diDcJkckwP7WAstQcYbMSo4s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5c61264a3eff3d96f39870d27a61ea95774ae2e5", + "rev": "0cfbb4d10f6e813e6e9750fbf5396747cf3b6212", "type": "github" }, "original": { @@ -872,22 +594,6 @@ "type": "github" } }, - "nixpkgs-master_2": { - "locked": { - "lastModified": 1759258560, - "narHash": "sha256-ykJfEwNYol4x+gQdbePWc5tfxwky7aXpM4ZJDyCpK5Y=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "66063074cf41f08c39738b1436f4bdae7fb97265", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1730741070, @@ -904,124 +610,6 @@ "type": "github" } }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1751741127, - "narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "29e290002bfff26af1db6f64d070698019460302", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1759143472, - "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1736320768, - "narHash": "sha256-nIYdTAiKIGnFNugbomgBJR+Xv5F1ZQU+HfaBqJKroC0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "4bc9c909d9ac828a039f288cf872d16d38185db8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1755615617, - "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "20075955deac2583bb12f07151c2df830ef346b4", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "oldConf": { - "inputs": { - "agenix": "agenix", - "attic": "attic", - "darwin": "darwin_2", - "home-manager": "home-manager_3", - "impermanence": "impermanence_2", - "kmonad": "kmonad_2", - "lix-module": "lix-module", - "miro": "miro", - "nixos-hardware": "nixos-hardware_2", - "nixpkgs": "nixpkgs_2", - "nixpkgs-darwin": "nixpkgs-darwin", - "nixpkgs-master": "nixpkgs-master_2", - "pandoc-latex-template": "pandoc-latex-template", - "quadlet-nix": "quadlet-nix", - "spoons": "spoons", - "synapse": "synapse", - "utils": "utils", - "wired": "wired", - "x": "x", - "xynoblog": "xynoblog", - "zen-browser": "zen-browser" - }, - "locked": { - "lastModified": 1763388752, - "narHash": "sha256-wbxKwJ+kkixY93ZEQwRuMOxrmul+zWk5Gypl7blCj6U=", - "owner": "thexyno", - "repo": "nixos-config", - "rev": "62a64a79a8608712f1b2e07b902318679b022379", - "type": "github" - }, - "original": { - "owner": "thexyno", - "repo": "nixos-config", - "type": "github" - } - }, - "pandoc-latex-template": { - "flake": false, - "locked": { - "lastModified": 1758365407, - "narHash": "sha256-gat4bW9oW5UEcB23s026vmBmxwQE7Eyejgr/qIS7CsM=", - "owner": "Wandmalfarbe", - "repo": "pandoc-latex-template", - "rev": "f99fe1dbda926be29f567196b1edfeb92f96ac10", - "type": "github" - }, - "original": { - "owner": "Wandmalfarbe", - "repo": "pandoc-latex-template", - "type": "github" - } - }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -1049,24 +637,59 @@ "type": "github" } }, - "quadlet-nix": { + "pyproject-build-systems": { + "inputs": { + "nixpkgs": [ + "authentik", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik", + "pyproject-nix" + ], + "uv2nix": [ + "authentik", + "uv2nix" + ] + }, "locked": { - "lastModified": 1758631655, - "narHash": "sha256-EGeZ963L7xsNAY7snvP1JHQe7LWLVCM6f49+PzWjhEE=", - "owner": "SEIAROTg", - "repo": "quadlet-nix", - "rev": "2ebe01b175e2e1e6de3f172d23f0c3b88713eec9", + "lastModified": 1757296493, + "narHash": "sha256-6nzSZl28IwH2Vx8YSmd3t6TREHpDbKlDPK+dq1LKIZQ=", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "rev": "5b8e37fe0077db5c1df3a5ee90a651345f085d38", "type": "github" }, "original": { - "owner": "SEIAROTg", - "repo": "quadlet-nix", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "type": "github" + } + }, + "pyproject-nix": { + "inputs": { + "nixpkgs": [ + "authentik", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1757246327, + "narHash": "sha256-6pNlGhwOIMfhe/RLjHdpXveKS4FyLHvlGe+KtjDild4=", + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "rev": "8d77f342d66ad1601cdb9d97e9388b69f64d4c8e", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "pyproject.nix", "type": "github" } }, "root": { "inputs": { - "adw-colors": "adw-colors", + "authentik": "authentik", "colmena": "colmena", "helix": "helix", "home-manager": "home-manager", @@ -1082,11 +705,10 @@ "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nixpkgs-master": "nixpkgs-master", - "oldConf": "oldConf", - "rust-overlay": "rust-overlay_5", "sops-nix": "sops-nix", + "terranix": "terranix", "xwayland-satellite": "xwayland-satellite", - "zen-browser": "zen-browser_2" + "zen-browser": "zen-browser" } }, "rust-overlay": { @@ -1111,6 +733,27 @@ } }, "rust-overlay_2": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731897198, + "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_3": { "inputs": { "nixpkgs": [ "niri", @@ -1131,7 +774,7 @@ "type": "github" } }, - "rust-overlay_3": { + "rust-overlay_4": { "inputs": { "nixpkgs": [ "nix-ci", @@ -1152,45 +795,7 @@ "type": "github" } }, - "rust-overlay_4": { - "inputs": { - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1740709839, - "narHash": "sha256-4dF++MXIXna/AwlZWDKr7bgUmY4xoEwvkF1GewjNrt0=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "b4270835bf43c6f80285adac6f66a26d83f0f277", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, "rust-overlay_5": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1763692705, - "narHash": "sha256-tCKCyMYU0Vy+ph/xswlNsYXXjnFVweWBV+ew/5FS9tA=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "6fbf5d328dce1828d887b8ee7d44a785196a34e7", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_6": { "inputs": { "nixpkgs": [ "xwayland-satellite", @@ -1218,11 +823,11 @@ ] }, "locked": { - "lastModified": 1763607916, - "narHash": "sha256-VefBA1JWRXM929mBAFohFUtQJLUnEwZ2vmYUNkFnSjE=", + "lastModified": 1760998189, + "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "877bb495a6f8faf0d89fc10bd142c4b7ed2bcc0b", + "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3", "type": "github" }, "original": { @@ -1231,22 +836,6 @@ "type": "github" } }, - "spoons": { - "flake": false, - "locked": { - "lastModified": 1747090751, - "narHash": "sha256-ZRSRb2QW8hrTkdCg5xezF09DntPocE842rc4ZKt7aHY=", - "owner": "Hammerspoon", - "repo": "Spoons", - "rev": "e5b871250346c3fe93bac0d431fc75f6f0e2f92a", - "type": "github" - }, - "original": { - "owner": "Hammerspoon", - "repo": "Spoons", - "type": "github" - } - }, "stable": { "locked": { "lastModified": 1669735802, @@ -1263,35 +852,18 @@ "type": "github" } }, - "synapse": { - "flake": false, - "locked": { - "lastModified": 1754934810, - "narHash": "sha256-4HAA9Xq4C3DHxz0BgqBitfM4wZwPSEu+IO/OPfHzLVw=", - "owner": "element-hq", - "repo": "synapse", - "rev": "4054d956f75056ace9edc729ee488edcbf00d1a2", - "type": "github" - }, - "original": { - "owner": "element-hq", - "repo": "synapse", - "rev": "4054d956f75056ace9edc729ee488edcbf00d1a2", - "type": "github" - } - }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1325,80 +897,50 @@ "type": "github" } }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "utils": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "wired": { + "terranix": { "inputs": { "flake-parts": "flake-parts_3", "nixpkgs": [ - "oldConf", "nixpkgs" ], - "rust-overlay": "rust-overlay_4" + "systems": "systems_2" }, "locked": { - "lastModified": 1743305055, - "narHash": "sha256-NIsi8Dno9YsOLUUTrLU4p+hxYeJr3Vkg1gIpQKVTaDs=", - "owner": "Toqozz", - "repo": "wired-notify", - "rev": "75d43f54a02b15f2a15f5c1a0e1c7d15100067a6", + "lastModified": 1757278723, + "narHash": "sha256-hTMi6oGU+6VRnW9SZZ+muFcbfMEf2ajjOp7Z2KM5MMY=", + "owner": "terranix", + "repo": "terranix", + "rev": "924573fa6587ac57b0d15037fbd2d3f0fcdf17fb", "type": "github" }, "original": { - "owner": "Toqozz", - "repo": "wired-notify", + "owner": "terranix", + "repo": "terranix", "type": "github" } }, - "x": { + "uv2nix": { "inputs": { "nixpkgs": [ - "oldConf", + "authentik", "nixpkgs" + ], + "pyproject-nix": [ + "authentik", + "pyproject-nix" ] }, "locked": { - "lastModified": 1680879729, - "narHash": "sha256-ItGaOeb0wt8ESKTJxPkFVbV8cyR/0RhSFVltelLQ9b4=", - "owner": "thexyno", - "repo": "x", - "rev": "5b15dd8e511c9cd39c7dbfa583e2c85ff30afecb", + "lastModified": 1757925761, + "narHash": "sha256-7Hwz0vfHuFqCo5v7Q07GQgLBWuPvZCuf/5/pk4NoADg=", + "owner": "pyproject-nix", + "repo": "uv2nix", + "rev": "780494c40895bb7419a73d942bee326291e80b3b", "type": "github" }, "original": { - "owner": "thexyno", - "repo": "x", + "owner": "pyproject-nix", + "repo": "uv2nix", "type": "github" } }, @@ -1408,14 +950,14 @@ "nixpkgs": [ "nixpkgs-master" ], - "rust-overlay": "rust-overlay_6" + "rust-overlay": "rust-overlay_5" }, "locked": { - "lastModified": 1763704521, - "narHash": "sha256-ceYEV6PnvUN8Zixao4gpPuN+VT3B0SlAXKuPNHZhqUY=", + "lastModified": 1761173223, + "narHash": "sha256-FumZh+fPRaKXkl9Y1uTh5KV7Io/AyOZso+UkqLhLArs=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "f379ff5722a821212eb59ada9cf8e51cb3654aad", + "rev": "bf745144acda1343934e9a094cf9458a54d57889", "type": "github" }, "original": { @@ -1424,59 +966,19 @@ "type": "github" } }, - "xynoblog": { - "inputs": { - "nixpkgs": [ - "oldConf", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1732833558, - "narHash": "sha256-KpAsXBkNJTNBHQuwqJkMSCsVWhbj9K7LLY7emgU6f4Q=", - "owner": "thexyno", - "repo": "blog", - "rev": "b020543dcb823c7be01a7aca9f1748a517ece659", - "type": "github" - }, - "original": { - "owner": "thexyno", - "repo": "blog", - "type": "github" - } - }, "zen-browser": { "inputs": { - "home-manager": "home-manager_4", - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "lastModified": 1759203282, - "narHash": "sha256-lsKz9cA0VpHsSbOXZcg8V2fGmUSvC183Fmmn++WAG5o=", - "owner": "0xc000022070", - "repo": "zen-browser-flake", - "rev": "7c14e901ac9d2d5b994bad90a11dfbf25500c6cb", - "type": "github" - }, - "original": { - "owner": "0xc000022070", - "repo": "zen-browser-flake", - "type": "github" - } - }, - "zen-browser_2": { - "inputs": { - "home-manager": "home-manager_5", + "home-manager": "home-manager_2", "nixpkgs": [ "nixpkgs-master" ] }, "locked": { - "lastModified": 1763663426, - "narHash": "sha256-txr1cH5j+b14jYGvE0BQE/6OgSyHQqGoeeEFlJz7Q8o=", + "lastModified": 1761180075, + "narHash": "sha256-V4WLeUQ4gCGZiVihlXWBOZ/1FNcL0jM4zgTY1haJLvY=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "34fd0de7cea96cab0307cf07aa5723b60fd775ef", + "rev": "771a2604606905d8c0ffe3b818dc2cc5bd1405d8", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 15372389..3f8f6c0a 100644 --- a/flake.nix +++ b/flake.nix @@ -15,19 +15,12 @@ colmena.url = "github:zhaofengli/colmena/release-0.4.x"; colmena.inputs.nixpkgs.follows = "nixpkgs"; - - oldConf.url = "github:thexyno/nixos-config"; # software - rust-overlay = { # https://github.com/nix-community/lanzaboote/issues/485#issuecomment-3466684727 - url = "github:oxalica/rust-overlay"; - inputs.nixpkgs.follows = "nixpkgs"; - }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; # Optional but recommended to limit the size of your system closure. inputs.nixpkgs.follows = "nixpkgs"; - inputs.rust-overlay.follows = "rust-overlay"; }; zen-browser.url = "github:0xc000022070/zen-browser-flake"; @@ -40,6 +33,10 @@ niri.inputs.nixpkgs.follows = "nixpkgs-master"; xwayland-satellite.url = "github:Supreeeme/xwayland-satellite"; xwayland-satellite.inputs.nixpkgs.follows = "nixpkgs-master"; + nheko.url = "github:Nheko-Reborn/nheko"; + nheko.flake = false; + mtxclient.url = "github:Nheko-Reborn/mtxclient"; + mtxclient.flake = false; nix-ci.url = "git+https://git.xyno.systems/xyno/nix-ci"; nix-ci.inputs.nixpkgs.follows = "nixpkgs"; @@ -52,23 +49,13 @@ helix.inputs.nixpkgs.follows = "nixpkgs-master"; # csharp-language-server.url = "github:sofusa/csharp-language-server"; # csharp-language-server.inputs.nixpkgs.follows = "nixpkgs-master"; - - # # authentik - - # authentik.url = "github:nix-community/authentik-nix"; - # authentik.inputs.nixpkgs.follows = "nixpkgs"; - # terranix.url = "github:terranix/terranix"; - # terranix.inputs.nixpkgs.follows = "nixpkgs"; - - # non flake inputs, maybe use npins in the future? - adw-colors.url = "github:lassekongo83/adw-colors"; - adw-colors.flake = false; - nheko.url = "github:Nheko-Reborn/nheko"; - nheko.flake = false; - mtxclient.url = "github:Nheko-Reborn/mtxclient"; - mtxclient.flake = false; + # authentik + authentik.url = "github:nix-community/authentik-nix"; + authentik.inputs.nixpkgs.follows = "nixpkgs"; + terranix.url = "github:terranix/terranix"; + terranix.inputs.nixpkgs.follows = "nixpkgs"; }; @@ -114,7 +101,7 @@ inputs.lanzaboote.nixosModules.lanzaboote inputs.sops-nix.nixosModules.sops inputs.impermanence.nixosModules.impermanence - # inputs.authentik.nixosModules.default + inputs.authentik.nixosModules.default inputs.nix-index-database.nixosModules.nix-index ] ++ (import ./modules/module-list.nix); @@ -126,19 +113,11 @@ importConfigs = n: map (x: { - ${x} = - { nodes, pkgs, ... }: - { - nixpkgs.overlays = overlays; - nix.package = pkgs.unstable.lixPackageSets.latest.lix; - networking.hostName = x; - imports = modules ++ [ (./instances/${x}) ]; - _module.args.otherNodes = lib.filterAttrs (n: v: n != x) nodes; - deployment.privilegeEscalationCommand = [ - "run0" - "--unit=colmena-apply" - ]; - }; + ${x} = {nodes, ...}: { + networking.hostName = x; + imports = modules ++ [ (./instances/${x}) ]; + _module.args.otherNodes = lib.filterAttrs (n: v: n != x) nodes; + }; }) n; in lib.foldl' lib.recursiveUpdate { } ( @@ -151,9 +130,13 @@ specialArgs = { inherit inputs; }; nixpkgs = genPkgs "x86_64-linux"; }; + deployment.privilegeEscalationCommand = [ + "run0" + "--unit=colmena-apply" + ]; } (importConfigs [ - "nemesis" + "ds9" "picard" "theseus" ]) @@ -195,7 +178,6 @@ devShells.${system}.default = pkgs.mkShell { packages = [ pkgs.nixfmt-rfc-style - pkgs.nixd pkgs.nil pkgs.sops (pkgs.runCommand "nix-config-bin" { } '' diff --git a/hm-modules/dark-theme.nix b/hm-modules/dark-theme.nix index 880bdf86..de020bd2 100644 --- a/hm-modules/dark-theme.nix +++ b/hm-modules/dark-theme.nix @@ -23,10 +23,10 @@ in gtk4.extraConfig.gtk-application-prefer-dark-theme = 1; gtk3.extraConfig.gtk-application-prefer-dark-theme = 1; }; - # qt = { - # enable = true; - # style.name = "breeze"; - # }; + qt = { + enable = true; + style.name = "breeze"; + }; }; } diff --git a/hm-modules/firefox.nix b/hm-modules/firefox.nix index 6fc04d5b..a930af34 100644 --- a/hm-modules/firefox.nix +++ b/hm-modules/firefox.nix @@ -362,7 +362,7 @@ in "user-filters" = ''marketplace.visualstudio.com##+js(rpnt, script, /"(DisableVSCodeDownloadButtonEnabled|Microsoft\\.VisualStudio\\.Services\\.Gallery\\.DisableVSCodeDownloadButton)":true/, "$1":false)''; "hostnameSwitchesString" = - "no-large-media: behind-the-scene false\nno-remote-fonts: * false\nno-csp-reports: * true"; + "no-large-media: behind-the-scene false\nno-remote-fonts: * true\nno-csp-reports: * true"; }; }; diff --git a/hm-modules/git.nix b/hm-modules/git.nix index 41076a40..bf999b94 100644 --- a/hm-modules/git.nix +++ b/hm-modules/git.nix @@ -9,14 +9,13 @@ in { options.xyno.git.enable = lib.mkEnableOption "xynos git config"; config = lib.mkIf cfg.enable { - programs.difftastic.git.enable = true; - programs.difftastic.enable = true; programs.git = { enable = true; + difftastic.enable = true; lfs.enable = true; # Default configs - settings = { + extraConfig = { commit.gpgSign = true; gpg.format = "ssh"; diff --git a/hm-modules/helix.nix b/hm-modules/helix.nix index 13a3ca50..a123f96a 100644 --- a/hm-modules/helix.nix +++ b/hm-modules/helix.nix @@ -22,21 +22,20 @@ in # nodePackages_latest.prettier dprint markdown-oxide - # codebook + codebook ## python # ruff-lsp # nodePackages_latest.pyright # inputs.csharp-language-server.packages.${pkgs.system}.csharp-language-server ] ++ (optionals cfg.withLargeLSPs [ + netcoredbg nodePackages_latest.typescript-language-server nodePackages_latest.vscode-langservers-extracted typescript # jsonnet-language-server # jsonnet lazygit - ltex-ls-plus # languagetool - tinymist # typst lsp ]); programs.helix = { @@ -108,7 +107,8 @@ in keys = { normal = { space."=" = ":fmt"; - "C-g" = ":sh tmux popup -d \"#{pane_current_path}\" -xC -yC -w80%% -h80%% -E lazygit"; + "C-g" = + ":sh tmux popup -d \"#{pane_current_path}\" -xC -yC -w80%% -h80%% -E lazygit"; "C-t" = ":sh tmux split-window -v -l '35%%'"; "C-h" = ":sh tmux select-pane -t '{left-of}'"; "C-l" = ":sh tmux select-pane -t '{right-of}'"; @@ -143,143 +143,55 @@ in language-server.csharp = { command = "csharp-language-server"; }; - language-server.ltex = { - command = "ltex-ls-plus"; - config = { - additionalRules.motherTongue = "de-DE"; - additionalRules.enablePickyRules = true; - language = [ - "en-US" - "de-DE" - ]; - }; + language-server.codebook = { + command = "codebook-lsp"; + args = ["serve"]; }; - language-server.tinymist = { - command = "tinymist"; - }; - # language-server.nil = { - # command = "nil"; - # config.nil.nix = { - # maxMemoryMB = 5120; - # flake = { - # autoEvalInputs = true; - # autoArchive = true; - # }; - # }; - # }; - language = - let - applySingleConfig = - languages: config: - let - applied = - foldl' - ( - acc: l: - if (any (x: l.name == x) config.languages) then - { - done = acc.done ++ [ - (mkMerge [ - l - config.conf - ]) - ]; - notFound = filter (x: x != l.name) acc.notFound; - } - else - { - done = acc.done ++ [ l ]; - notFound = acc.notFound; - } - ) - { - done = [ ]; - notFound = config.languages; - } - languages; - in - applied.done ++ (map (x: { name = x; } // config.conf) applied.notFound); - applyConfs = lspConfs: languages: foldl' applySingleConfig languages lspConfs; - in - applyConfs + language = flatten [ + (map + (x: { + name = x; + language-servers = [ + "typescript-language-server" + "eslint" + ]; + #formatter = { command = "dprint"; args = [ "fmt" "--stdin" x ]; }; + # formatter = { command = "prettier"; args = [ "--parser" "typescript" ]; }; + }) [ - { - languages = [ - "typescript" - "javascript" - "jsx" - "tsx" - ]; - conf = { - language-servers = [ - "typescript-language-server" - "eslint" - ]; - }; - } - { - languages = [ - "markdown" - "typst" - "bibtex" - "comment" - "latex" - "html" - ]; - conf = { - language-servers = [ - "ltex" - ]; - }; - } + "typescript" + "javascript" + "jsx" + "tsx" ] - [ - { - name = "__common__"; - scope = "source.__common__"; - file-types = [ ]; - language-servers = [ - "ltex" - ]; - } - # { - # name = "nix"; - # language-servers = [ - # "nixd" - # ]; - # formatter = { - # command = "nixpkgs-fmt"; - # }; - # } - { - name = "python"; - language-servers = [ - "pyright" - "ruff" - ]; - } - { - name = "markdown"; - language-servers = [ - "markdown-oxide" - ]; - } - { - name = "typst"; - language-servers = [ - "tinymist" - ]; - } - { - name = "c-sharp"; - language-servers = [ "csharp" ]; - formatter = { - command = "dotnet"; - args = [ "csharpier" ]; - }; - - } + ) + { + name = "nix"; + formatter = { + command = "nixpkgs-fmt"; + }; + } + { + name = "python"; + language-servers = [ + "pyright" + "ruff" ]; + } + { + name = "markdown"; + language-servers = ["codebook"]; + } + { + name = "c-sharp"; + language-servers = [ "csharp" ]; + formatter = { + command = "dotnet"; + args = [ "csharpier" ]; + }; + + } + ]; }; }; }; diff --git a/hm-modules/mpv.nix b/hm-modules/mpv.nix index 7f37504b..852657d7 100644 --- a/hm-modules/mpv.nix +++ b/hm-modules/mpv.nix @@ -14,11 +14,6 @@ in programs.mpv = { enable = true; scripts = with pkgs.mpvScripts; [ mpv-webm sponsorblock ]; - config = { - profile = "gpu-hq"; - ytdl-format = "bestvideo[width<=1920]+bestaudio"; - cache-secs = 1200; - }; }; }; diff --git a/instances/ds9/configuration.nix b/instances/ds9/configuration.nix new file mode 100644 index 00000000..8f640680 --- /dev/null +++ b/instances/ds9/configuration.nix @@ -0,0 +1,36 @@ +{ + config, + pkgs, + lib, + ... +}: +{ + nixpkgs.system = "x86_64-linux"; + imports = [ + ./hardware-configuration.nix + ./services/attic.nix + ./services/immich.nix + ./services/jellyfin.nix + ./services/paperless.nix + ./services/ytdl-sub.nix + + ]; + time.timeZone = "Europe/Berlin"; + + networking.hostId = "7b4c2932"; + + xyno.presets.cli.enable = true; + xyno.presets.server.enable = true; + xyno.services.wireguard.enable = true; + xyno.services.caddy.enable = true; + xyno.services.monitoring.enable = true; + xyno.services.authentik.enable = true; + xyno.presets.home-manager.enable = true; + xyno.system.user.enable = true; + xyno.networking.networkd = { + enable = true; + }; + + + system.stateVersion = "24.11"; +} diff --git a/instances/ds9/default.nix b/instances/ds9/default.nix new file mode 100644 index 00000000..a324215e --- /dev/null +++ b/instances/ds9/default.nix @@ -0,0 +1,11 @@ +{ + imports = [ ./configuration.nix ]; + xyno.services.monitoring.prometheusServer = true; + xyno.meta = { + sopsKey = "fada7e7be28e186e463ad745a38d17f36849d8a7"; + }; + xyno.services.wireguard.pubKey = "aZvSeAhKG3B5I2My5IqQoSlntMzbCHM6OU92WEScohc="; + deployment = { + targetHost = "ds9.hailsatan.eu"; + }; +} diff --git a/instances/ds9/hardware-configuration.nix b/instances/ds9/hardware-configuration.nix new file mode 100644 index 00000000..338b716d --- /dev/null +++ b/instances/ds9/hardware-configuration.nix @@ -0,0 +1,59 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ "${modulesPath}/installer/scan/not-detected.nix" ]; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + boot.loader.systemd-boot.enable = lib.mkForce false; + + + + boot.initrd.availableKernelModules = [ "r8169" "ahci" "vfio-pci" "xhci_pci" "ehci_pci" "nvme" "usbhid" "sd_mod" "sr_mod" ]; + boot.kernelModules = [ "kvm-amd" ]; + nix.settings.max-jobs = lib.mkDefault 12; + powerManagement.powertop.enable = true; + powerManagement.cpuFreqGovernor = "powersave"; + powerManagement.scsiLinkPolicy = "min_power"; + + services.zfs.autoScrub.enable = true; + + services.sanoid.datasets."rpool/content/safe/data/media" = { }; + services.sanoid.enable = true; + services.sanoid.interval = "0/8:00:00"; + + swapDevices = [{ device = "/dev/disk/by-id/nvme-eui.000000000000000100a075202c247839-part1"; randomEncryption = true; }]; + fileSystems."/boot".device = "/dev/disk/by-uuid/149F-23AA"; + + + fileSystems."/" = { + device = "spool/safe/persist"; + fsType = "zfs"; + }; + fileSystems."/nix" = { + device = "spool/local/nix"; + fsType = "zfs"; + }; + fileSystems."/var/log" = { + device = "spool/local/journal"; + fsType = "zfs"; + }; + fileSystems."/data" = { + device = "rpool/content/safe/data"; + fsType = "zfs"; + }; + fileSystems."/data/media" = { + device = "rpool/content/safe/data/media"; + fsType = "zfs"; + }; + fileSystems."/backups" = { + device = "rpool/content/local/backups"; + fsType = "zfs"; + }; + +} diff --git a/instances/nemesis/secrets/atticd.yaml b/instances/ds9/secrets/atticd.yaml similarity index 100% rename from instances/nemesis/secrets/atticd.yaml rename to instances/ds9/secrets/atticd.yaml diff --git a/instances/nemesis/secrets/authentik.yaml b/instances/ds9/secrets/authentik.yaml similarity index 100% rename from instances/nemesis/secrets/authentik.yaml rename to instances/ds9/secrets/authentik.yaml diff --git a/instances/nemesis/secrets/wg.yaml b/instances/ds9/secrets/wg.yaml similarity index 100% rename from instances/nemesis/secrets/wg.yaml rename to instances/ds9/secrets/wg.yaml diff --git a/instances/nemesis/secrets/woodpecker.yaml b/instances/ds9/secrets/woodpecker.yaml similarity index 100% rename from instances/nemesis/secrets/woodpecker.yaml rename to instances/ds9/secrets/woodpecker.yaml diff --git a/instances/nemesis/services/attic.nix b/instances/ds9/services/attic.nix similarity index 100% rename from instances/nemesis/services/attic.nix rename to instances/ds9/services/attic.nix diff --git a/instances/nemesis/services/immich.nix b/instances/ds9/services/immich.nix similarity index 100% rename from instances/nemesis/services/immich.nix rename to instances/ds9/services/immich.nix diff --git a/instances/nemesis/services/jellyfin.nix b/instances/ds9/services/jellyfin.nix similarity index 100% rename from instances/nemesis/services/jellyfin.nix rename to instances/ds9/services/jellyfin.nix diff --git a/instances/nemesis/services/paperless.nix b/instances/ds9/services/paperless.nix similarity index 100% rename from instances/nemesis/services/paperless.nix rename to instances/ds9/services/paperless.nix diff --git a/instances/nemesis/services/woodpecker.nix b/instances/ds9/services/woodpecker.nix similarity index 100% rename from instances/nemesis/services/woodpecker.nix rename to instances/ds9/services/woodpecker.nix diff --git a/instances/nemesis/services/ytdl-sub.nix b/instances/ds9/services/ytdl-sub.nix similarity index 100% rename from instances/nemesis/services/ytdl-sub.nix rename to instances/ds9/services/ytdl-sub.nix diff --git a/instances/nemesis/configuration.nix b/instances/nemesis/configuration.nix deleted file mode 100644 index 3b53b1cc..00000000 --- a/instances/nemesis/configuration.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ - config, - pkgs, - lib, - inputs, - ... -}: -{ - nixpkgs.system = "x86_64-linux"; - imports = [ - ./hardware-configuration.nix - # ./services/attic.nix - # ./services/immich.nix - # ./services/jellyfin.nix - # ./services/paperless.nix - # ./services/ytdl-sub.nix - - ]; - time.timeZone = "Europe/Berlin"; - networking.hostId = "7b4c2932"; - - containers.ds9 = { - autoStart = true; - privateNetwork = true; - enableTun = true; - additionalCapabilities = [ - "CAP_NET_ADMIN" - "CAP_MKNOD" - "CAP_BPF" - "CAP_DAC_READ_SEARCH" - "CAP_SYS_RESOURCE" - "CAP_SYS_ADMIN" - ]; - hostAddress = "192.168.100.10"; - localAddress = "192.168.100.11"; - - path = inputs.oldConf.nixosConfigurations.ds9.config.system.build.toplevel; - - bindMounts = { - "/data" = { - hostPath = "/data"; - isReadOnly = false; - }; - "/backup" = { - hostPath = "/backup"; - isReadOnly = false; - }; - "/persistent" = { - hostPath = "/oldds9/persistent"; - isReadOnly = false; - }; - }; - }; - networking.nat.enable = true; - networking.nat.internalInterfaces = [ "ve-+" ]; - networking.nat.externalInterface = "enp1s0f1"; # TODO: changeme - - xyno.services.traefik = { - enable = true; - simpleProxy.oldds9 = { - host = "*.hailsatan.eu"; - internal = "http://192.168.100.11"; - }; - }; - - xyno.presets.cli.enable = true; - xyno.presets.server.enable = true; - # xyno.services.wireguard.enable = true; - # xyno.services.caddy.enable = true; - # xyno.services.monitoring.enable = true; - # xyno.services.authentik.enable = true; - xyno.presets.home-manager.enable = true; - xyno.system.user.enable = true; - xyno.networking.networkd = { - enable = true; - }; - - system.stateVersion = "25.11"; -} diff --git a/instances/nemesis/default.nix b/instances/nemesis/default.nix deleted file mode 100644 index 25b8ed78..00000000 --- a/instances/nemesis/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - imports = [ ./configuration.nix ]; - # xyno.services.monitoring.prometheusServer = true; - xyno.meta = { - sopsKey = "fada7e7be28e186e463ad745a38d17f36849d8a7"; - }; - # xyno.services.wireguard.pubKey = "aZvSeAhKG3B5I2My5IqQoSlntMzbCHM6OU92WEScohc="; - deployment = { - targetHost = "nemesis.xyno.systems"; - }; -} diff --git a/instances/nemesis/hardware-configuration.nix b/instances/nemesis/hardware-configuration.nix deleted file mode 100644 index 2efb83ca..00000000 --- a/instances/nemesis/hardware-configuration.nix +++ /dev/null @@ -1,128 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ "${modulesPath}/installer/scan/not-detected.nix" ]; - - boot.lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - boot.loader.systemd-boot.enable = lib.mkForce false; - - boot.initrd.availableKernelModules = [ - "r8169" - "ahci" - "vfio-pci" - "xhci_pci" - "ehci_pci" - "nvme" - "usbhid" - "sd_mod" - "sr_mod" - ]; - boot.kernelModules = [ "kvm-amd" ]; - nix.settings.max-jobs = lib.mkDefault 12; - powerManagement.powertop.enable = true; - powerManagement.cpuFreqGovernor = "powersave"; - powerManagement.scsiLinkPolicy = "min_power"; - - services.zfs.autoScrub.enable = true; - - services.sanoid.datasets."rpool/content/safe/data/media" = { }; - services.sanoid.datasets."rpool/content/safe/data" = { }; - services.sanoid.datasets."spool/nemesis/persistent" = { }; - services.sanoid.enable = true; - services.sanoid.interval = "0/8:00:00"; - - boot.initrd.systemd = { - enable = true; - }; - boot.initrd.network = { - enable = true; - postCommands = '' - zpool import rpool - zpool import spool - echo "zfs load-key -a; killall zfs" >> /root/.profile - ''; - ssh = { - enable = true; - port = 2222; - hostKeys = [ - "/persistent/initrd/ssh_host_rsa_key" - "/persistent/initrd/ssh_host_ed25519_key" - ]; - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID/oMAi5jyQsNohfhcSH2ItisTpBGB0WtYTVxJYKKqhj" # TODO - ]; - - }; - - }; - - # swapDevices = [ - # { - # device = "/dev/disk/by-id/nvme-eui.000000000000000100a075202c247839-part1"; - # randomEncryption = true; - # } - # ]; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/149F-23AA"; - fsType = "vfat"; - options = [ - "noauto" - "x-systemd.automount" - ]; - }; - - zramSwap.enable = true; - zramSwap.writebackDevice = "/dev/zvol/spool/nemesis/zswap"; - - fileSystems."/persistent/var/lib/postgres" = { # has things of https://wiki.archlinux.org/title/ZFS#Databases set - device = "spool/nemesis/postgres"; - fsType = "zfs"; - }; - fileSystems."/persistent" = { - device = "spool/nemesis/persistent"; - fsType = "zfs"; - }; - fileSystems."/var/log" = { - device = "spool/nemesis/varlog"; - fsType = "zfs"; - }; - fileSystems."/nix" = { - device = "spool/local/nix"; - fsType = "zfs"; - }; - - fileSystems."/data" = { - device = "rpool/content/safe/data"; - fsType = "zfs"; - }; - fileSystems."/data/media" = { - device = "rpool/content/safe/data/media"; - fsType = "zfs"; - }; - fileSystems."/backups" = { - device = "rpool/content/local/backups"; - fsType = "zfs"; - }; - - fileSystems."/oldds9/persistent" = { - device = "spool/safe/persist"; - fsType = "zfs"; - }; - fileSystems."/oldds9/varlog" = { - device = "spool/local/journal"; - fsType = "zfs"; - }; - -} diff --git a/instances/theseus/configuration.nix b/instances/theseus/configuration.nix index cc235155..96d46ee9 100644 --- a/instances/theseus/configuration.nix +++ b/instances/theseus/configuration.nix @@ -12,35 +12,6 @@ let ''; in { - # containers.podmantest = { - # privateNetwork = true; - # enableTun = true; - # additionalCapabilities = [ - # "CAP_NET_ADMIN" - # "CAP_MKNOD" - # "CAP_BPF" - # "CAP_DAC_READ_SEARCH" - # "CAP_SYS_RESOURCE" - # "CAP_SYS_ADMIN" - # ]; - # hostAddress = "192.168.100.10"; - # localAddress = "192.168.100.11"; - # config = - # { ... }: - # { - # virtualisation.oci-containers.containers.test = { - # image = "docker.io/library/nginx"; - # ports = [ - # "80:80" - # "443:443" - # ]; - # }; - # }; - # }; - # networking.nat.enable = true; - # networking.nat.internalInterfaces = [ "ve-+" ]; - # networking.nat.externalInterface = "enp195s0f4u1u3"; - nixpkgs.system = "x86_64-linux"; imports = [ ./hardware-configuration.nix ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; @@ -77,7 +48,7 @@ in pandoc tectonic rquickshare - unstable.supersonic-wayland + supersonic-wayland nheko anki-bin gimp3 @@ -93,15 +64,14 @@ in time.timeZone = "Europe/Berlin"; + # orcaslicer networking.firewall.allowedTCPPorts = [ 1880 2021 - 4711 ]; networking.firewall.allowedUDPPorts = [ 1880 - 5353 2021 ]; diff --git a/instances/theseus/hardware-configuration.nix b/instances/theseus/hardware-configuration.nix index acfbaa6b..8f595bdc 100644 --- a/instances/theseus/hardware-configuration.nix +++ b/instances/theseus/hardware-configuration.nix @@ -16,7 +16,7 @@ "${inputs.nixos-hardware}/framework/13-inch/7040-amd" ]; hardware.framework.laptop13.audioEnhancement.enable = true; - hardware.framework.laptop13.audioEnhancement.hideRawDevice = false; + # hardware.framework.laptop13.audioEnhancement.hideRawDevice = false; services.fwupd.enable = true; boot.initrd.availableKernelModules = [ diff --git a/modules/desktop/audio.nix b/modules/desktop/audio.nix index 0d4d61ba..76cc1351 100644 --- a/modules/desktop/audio.nix +++ b/modules/desktop/audio.nix @@ -229,39 +229,9 @@ in ]; }; }; - configPackages = [ - (pkgs.writeTextDir "share/pipewire/pipewire.conf.d/snapcast-discover.conf" '' - context.modules = [ - { - name = libpipewire-module-snapcast-discover - args = { - snapcast.discover-local = true - stream.rules = [ - { - matches = [ - { - snapcast.ip = "~.*" - } - ] - actions = { - create-stream = { - # node.name = "Snapcast" - # snapcast.stream-name = "default" - } - } - } - ] - } - } -] - - '') - - ]; wireplumber.extraConfig."98-bluetooth"."wireplumber.settings"."bluetooth.autoswitch-to-headset-profile" = false; - wireplumber.configPackages = mapAttrsToList (n: v: eqPkg v) cfg.eq ++ [ - ]; + wireplumber.configPackages = mapAttrsToList (n: v: eqPkg v) cfg.eq; }; }; diff --git a/modules/desktop/fcitx5.nix b/modules/desktop/fcitx5.nix new file mode 100644 index 00000000..b57073f8 --- /dev/null +++ b/modules/desktop/fcitx5.nix @@ -0,0 +1,27 @@ +{ + pkgs, + config, + lib, + ... +}: +let + cfg = config.xyno.desktop.fcitx5; +in +{ + options.xyno.desktop.fcitx5.enable = lib.mkEnableOption "enable fcitx5 input daemon thing"; + config = lib.mkIf cfg.enable { + i18n.inputMethod = { + type = "fcitx5"; + enable = true; + fcitx5.addons = with pkgs; [ + fcitx5-table-other + ]; + fcitx5.waylandFrontend = true; + fcitx5.quickPhrase = { + ":pleading:" = "🥺"; + ":pointing_right:" = "👉"; + ":pointing_left:" = "👈"; + }; + }; + }; +} diff --git a/modules/desktop/ibus.nix b/modules/desktop/ibus.nix deleted file mode 100644 index c9e6beff..00000000 --- a/modules/desktop/ibus.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: -with lib; -let - cfg = config.xyno.desktop.ibus; -in -{ - options.xyno.desktop.ibus.enable = mkEnableOption "enable ibus input daemon thing"; - options.xyno.desktop.ibus.wantedBy = mkOption { - type = types.str; - default = "niri.service"; - }; - config = mkIf cfg.enable { - services.libinput.enable = true; - - # just... enable ibus as input method and maybe now we have consistent unicode input everywhere - # fuck qt tbh - i18n.inputMethod = { - enable = true; - package = pkgs.ibus-patched; - # ibus.engines = with pkgs.ibus-engines; [ uniemoji ]; - }; - # home-manager.sharedModules = [ - # ( - # { lib, ... }: - # { - # dconf.settings = { - # "org/gnome/desktop/input-sources" = { - # sources = [ - # (lib.hm.gvariant.mkTuple [ - # "xkb" - # "us" - # ]) - # (lib.hm.gvariant.mkTuple [ - # "ibus" - # "libpinyin" - # ]) - # (lib.hm.gvariant.mkTuple [ - # "ibus" - # "mozc-jp" - # ]) - # ]; - # }; - # }; - # } - # ) - # ]; - - systemd.user.services."org.freedesktop.IBus.session.generic".wantedBy = [ cfg.wantedBy ]; - systemd.packages = [ pkgs.ibus-patched ]; - # systemd.user.services.ibus = - # let - # ibusPackage = config.i18n.inputMethod.package; - # in - # assert hasPrefix "ibus-with-plugins" ibusPackage.name; - # { - # # panel is weird... - # # default is ${ibusPackage}/libexec/ibus-ui-gtk3 which works but sends a notification that it's misconfigured - # # wayland support can be enabled with --enable-wayland-im but that segfaults (possible due to zwp_input_method_v1 not being available?) - # script = '' - # exec ${ibusPackage}/bin/ibus-daemon --xim --replace --panel '${ibusPackage}/libexec/ibus-ui-gtk3' - # ''; - # serviceConfig = { - # Type = "dbus"; - # BusName = "org.freedesktop.IBus"; - # Restart = "on-abnormal"; - # }; - # unitConfig = { - # CollectMode = "inactive-or-failed"; - # }; - # # yeah we hardcoding this now, fuck it - # wantedBy = [ cfg.wantedBy ]; - # partOf = [ "graphical-session.target" ]; - # }; - - }; -} diff --git a/modules/desktop/niri.nix b/modules/desktop/niri.nix index 4f3fbce5..f93e1d31 100644 --- a/modules/desktop/niri.nix +++ b/modules/desktop/niri.nix @@ -14,8 +14,6 @@ let "KeePassXC" "org.gnome.NautilusPreviewer" "io.github.Qalculate.qalculate-qt" - "ibus-ui-emojier" - "ibus-ui-gtk3" ]; matchFloat = concatStringsSep "\n" ( map (x: '' @@ -54,22 +52,20 @@ in value = 1; } ]; - home-manager.sharedModules = [ - ( - { ... }: - { - xyno.dark-theme.enable = true; - # home.file.".config/xdg-desktop-portal-termfilechooser/config".text = '' - # [filechooser] - # cmd=${pkgs.xdg-desktop-portal-termfilechooser}/share/xdg-desktop-portal-termfilechooser/yazi-wrapper.sh - # default_dir=$HOME - # env=TERMCMD=footclient --app-id floating-alacritty - # open_mode = suggested - # save_mode = suggested - # ''; - } - ) - ]; + home-manager.users.${config.xyno.system.user.name} = mkIf config.xyno.presets.home-manager.enable ( + { ... }: + { + xyno.dark-theme.enable = true; + # home.file.".config/xdg-desktop-portal-termfilechooser/config".text = '' + # [filechooser] + # cmd=${pkgs.xdg-desktop-portal-termfilechooser}/share/xdg-desktop-portal-termfilechooser/yazi-wrapper.sh + # default_dir=$HOME + # env=TERMCMD=footclient --app-id floating-alacritty + # open_mode = suggested + # save_mode = suggested + # ''; + } + ); xdg.portal = { extraPortals = [ @@ -92,16 +88,7 @@ in environment.systemPackages = with pkgs; [ playerctl xwayland-satellite - nirius ]; - systemd.user.services.niriusd = { - unitConfig.PartOf = "graphical-session.target"; - unitConfig.After = "graphical-session.target"; - unitConfig.Requisite = "graphical-session.target"; - serviceConfig.Restart = "on-failure"; - wantedBy = [ "niri.service" ]; - script = "exec ${pkgs.nirius}/bin/niriusd"; - }; programs.niri.enable = true; environment.etc."niri/config.kdl".mode = "444"; # copy file so niri detects changes environment.etc."niri/config.kdl".text = '' @@ -118,15 +105,11 @@ in Mod+T { spawn "${cfg.term}" "tmux" "new-session" "-t" "main"; } Mod+Shift+T { spawn "${cfg.term}"; } Mod+Y { spawn "${cfg.term}" "--app-id" "floating-alacritty" "-W" "120x37" "yazi"; } - Mod+Shift+M { spawn "sh" "-c" "notify-send -t 3000 -a umpv umpv-paste $(wl-paste); umpv $(wl-paste)"; } Mod+P { spawn "keepassxc"; } Mod+S { spawn "qalculate-qt"; } Mod+Shift+N { spawn "makoctl" "dismiss" "-a"; } Mod+N { spawn "makoctl" "dismiss"; } Mod+E { spawn "makoctl" "menu" "fuzzel -d"; } - Mod+G { spawn "nirius" "toggle-follow-mode"; } - Mod+Shift+bracketleft { spawn "nirius" "scratchpad-show"; } - Mod+Shift+bracketright { spawn "nirius" "scratchpad-toggle"; } XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03+"; } XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.03-"; } XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; } diff --git a/modules/desktop/waybar/cal.nix b/modules/desktop/waybar/cal.nix index 8664509b..0cc35d99 100644 --- a/modules/desktop/waybar/cal.nix +++ b/modules/desktop/waybar/cal.nix @@ -24,14 +24,13 @@ let UNTIL="1d" EVENT="$( - (khal list "$SINCE" "$UNTIL" \ + khal list "$SINCE" "$UNTIL" \ --day-format 'SKIPME' \ --format "{start-end-time-style} {title:.31}{repeat-symbol}" | grep -v SKIPME | # filter out headers grep -v -P '↦|↔ |⇥' | # filter out continuing all day events grep -v '^ ' | # exclude full-day events head -n 1 # show just the first - ) || echo "" )" if [ -z "$EVENT" ]; then diff --git a/modules/module-list.nix b/modules/module-list.nix index 8b2f5bac..65fff1c0 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -5,9 +5,9 @@ ./desktop/audio.nix ./desktop/common-programs.nix ./desktop/easyeffects.nix + ./desktop/fcitx5.nix ./desktop/foot.nix ./desktop/fuzzel.nix - ./desktop/ibus.nix ./desktop/mako.nix ./desktop/niri.nix ./desktop/shikane.nix @@ -21,18 +21,17 @@ ./presets/common.nix ./presets/development.nix ./presets/gui.nix - ./presets/home-manager.nix ./presets/server.nix - # ./services/authentik - # ./services/caddy - ./services/traefik.nix + ./presets/home-manager.nix + ./services/authentik + ./services/caddy ./services/monitoring.nix ./services/wireguard.nix ./system/impermanence.nix ./system/meta.nix ./system/user.nix - ./to-upstream/fido2-hid-bridge.nix ./user-services/khal.nix ./user-services/syncthing.nix + ./to-upstream/fido2-hid-bridge.nix ] diff --git a/modules/presets/cli.nix b/modules/presets/cli.nix index 53ddffaf..408cfc02 100644 --- a/modules/presets/cli.nix +++ b/modules/presets/cli.nix @@ -1,6 +1,5 @@ { config, - inputs, lib, pkgs, ... @@ -45,11 +44,6 @@ in LC_COLLATE = "de_DE.UTF-8"; }; - nix.channel.enable = false; - nix.nixPath = [ - "nixpkgs=${inputs.nixpkgs}" - "nixpkgs-master=${inputs.nixpkgs-master}" - ]; nix.settings = { substituters = [ # "https://cache.lix.systems" @@ -61,7 +55,6 @@ in # "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" # "helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs=" ]; - trusted-users = lib.mkDefault [ "root" "@wheel" @@ -137,7 +130,7 @@ in imagemagick jq lm_sensors - moor + moar neofetch nix-output-monitor poppler @@ -152,7 +145,7 @@ in programs.mosh.enable = true; environment.variables.EDITOR = "hx"; environment.variables.VISUAL = "hx"; - environment.variables.PAGER = "moor"; + environment.variables.PAGER = "moar"; environment.shellAliases = { l = "ls -alh"; @@ -168,7 +161,7 @@ in p = "cd ~/proj"; ytl = ''yt-dlp -f "bv*+mergeall[vcodec=none]" --audio-multistreams''; sudo = "run0"; - less = "moor"; + less = "moar"; }; }; } diff --git a/modules/presets/gui.nix b/modules/presets/gui.nix index 156639f7..81680433 100644 --- a/modules/presets/gui.nix +++ b/modules/presets/gui.nix @@ -1,7 +1,6 @@ { pkgs, config, - inputs, lib, ... }: @@ -22,7 +21,6 @@ in pkgs.yubikey-personalization ]; xyno.desktop.niri.enable = true; - xyno.desktop.ibus.enable = true; xyno.desktop.audio.enable = mkDefault true; xyno.user-services.khal.enable = true; boot.kernelPackages = mkDefault pkgs.linuxPackages_zen; @@ -42,60 +40,9 @@ in qt = { enable = true; - platformTheme = "qt5ct"; + style = "breeze"; + # platformTheme = "gnome"; }; - home-manager.sharedModules = - let - gruvboxDarkColors = pkgs.writeText "gruvbox-dark.conf" '' - [ColorScheme] - active_colors=#ffebdbb2, #ff1d2021, #ffbdae93, #ffa89984, #ff3c3836, #ff504945, #ffebdbb2, #ffebdbb2, #ffebdbb2, #ff282828, #ff1d2021, #ff504945, #ff458588, #ff282828, #ff458588, #ffcc241d, #ff282828, #ffebdbb2, #ff1d2021, #ffebdbb2, #ffbdae93 - disabled_colors=#ffbdae93, #ff1d2021, #ffbdae93, #ffa89984, #ff3c3836, #ff504945, #ffbdae93, #ffbdae93, #ffbdae93, #ff282828, #ff1d2021, #ff504945, #ff438184, #ff3c3836, #ff458588, #ffcc241d, #ff282828, #ffebdbb2, #ff1d2021, #ffebdbb2, #ffbdae93 - inactive_colors=#ffebdbb2, #ff1d2021, #ffbdae93, #ffa89984, #ff3c3836, #ff504945, #ffebdbb2, #ffebdbb2, #ffebdbb2, #ff282828, #ff1d2021, #ff504945, #ff438184, #ffa89984, #ff458588, #ffcc241d, #ff282828, #ffebdbb2, #ff1d2021, #ffebdbb2, #ffbdae93 - ''; - qt5ctConf = pkgs.writeText "qt5ct.conf" '' - [Appearance] - color_scheme_path=${gruvboxDarkColors} - custom_palette=true - icon_theme=breeze-dark - standard_dialogs=xdgdesktopportal - style=Breeze - - [Fonts] - fixed="Source Sans 3,12,-1,5,50,0,0,0,0,0" - general="Source Sans 3,12,-1,5,50,0,0,0,0,0" - ''; - in - [ - { - home.file.".config/qt5ct/qt5ct.conf".source = qt5ctConf; - home.file.".config/qt6ct/qt6ct.conf".source = qt5ctConf; - dconf = { - settings = { - "org/gnome/desktop/interface" = { - color-scheme = "prefer-dark"; - gtk-theme = "adw-gtk3-dark"; - }; - }; - }; - gtk = { - enable = true; - iconTheme.name = "breeze-dark"; - gtk4.extraConfig.gtk-application-prefer-dark-theme = 1; - gtk3.extraConfig.gtk-application-prefer-dark-theme = 1; - gtk3.theme.package = pkgs.adw-gtk3; - gtk3.theme.name = "adw-gtk3-dark"; - - gtk3.extraCss = '' - @import url("${inputs.adw-colors}/themes/adw-gruvbox/gtk3-dark.css"); - ''; - gtk4.extraCss = '' - @import url("${inputs.adw-colors}/themes/adw-gruvbox/gtk4-dark.css"); - ''; - - }; - - } - ]; programs.yazi = { settings.keymap.mgr.prepend_keymap = [ @@ -123,34 +70,11 @@ in # enable the gnome shit services.gnome.gnome-keyring.enable = true; services.gnome.gnome-online-accounts.enable = true; - environment.systemPackages = with pkgs; [ - gnome-calendar - gnome-clocks - gnome-font-viewer - mate.engrampa - papirus-folders - kdePackages.gwenview - kdePackages.skanlite - kdePackages.okular - kdePackages.breeze-gtk - kdePackages.breeze.qt5 - kdePackages.breeze - kdePackages.breeze-icons - nautilus # for xdg portal - ]; + services.gnome.core-apps.enable = true; services.gnome.gcr-ssh-agent.enable = mkForce false; - # services.gnome.sushi.enable = true; + services.gnome.sushi.enable = true; services.gnome.gnome-settings-daemon.enable = true; - - programs.thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - }; - services.tumbler.enable = true; # thunar image preview - services.gvfs.enable = true; # thunar network device mount + services.gvfs.enable = true; xdg.terminal-exec = { enable = true; @@ -164,28 +88,35 @@ in { pkgs, ... }: { xyno.mpv.enable = true; - # xdg.mimeApps = { - # enable = true; - # defaultApplications = { - # "x-scheme-handler/mailto" = [ "aerc.desktop" ]; - # "inode/directory" = [ "org.gnome.Nautilus.desktop" ]; - # "application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ]; - # "x-scheme-handler/http" = "userapp-Zen-D2P132.desktop"; - # "x-scheme-handler/https" = "userapp-Zen-D2P132.desktop"; - # "x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop"; - # "text/html" = "userapp-Zen-D2P132.desktop"; - # "application/x-extension-htm" = "userapp-Zen-D2P132.desktop"; - # "application/x-extension-html" = "userapp-Zen-D2P132.desktop"; - # "application/x-extension-shtml" = "userapp-Zen-D2P132.desktop"; - # "application/xhtml+xml" = "userapp-Zen-D2P132.desktop"; - # "application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop"; - # "application/x-extension-xht" = "userapp-Zen-D2P132.desktop"; - # "application/pdf" = "org.gnome.Evince.desktop"; + # xdg.mimeApps = { + # enable = true; + # defaultApplications = { + # "x-scheme-handler/mailto" = [ "aerc.desktop" ]; + # "inode/directory" = [ "org.gnome.Nautilus.desktop" ]; + # "application/x-gnome-saved-search" = [ "org.gnome.Nautilus.desktop" ]; + # "x-scheme-handler/http" = "userapp-Zen-D2P132.desktop"; + # "x-scheme-handler/https" = "userapp-Zen-D2P132.desktop"; + # "x-scheme-handler/chrome" = "userapp-Zen-D2P132.desktop"; + # "text/html" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-htm" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-html" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-shtml" = "userapp-Zen-D2P132.desktop"; + # "application/xhtml+xml" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-xhtml" = "userapp-Zen-D2P132.desktop"; + # "application/x-extension-xht" = "userapp-Zen-D2P132.desktop"; + # "application/pdf" = "org.gnome.Evince.desktop"; - # }; - # }; + # }; + # }; }; + environment.systemPackages = with pkgs; [ + kdePackages.breeze-gtk + kdePackages.breeze.qt5 + kdePackages.breeze + kdePackages.breeze-icons + ]; + # fonts fonts.fontconfig.defaultFonts = { sansSerif = [ diff --git a/modules/services/caddy/default.nix b/modules/services/caddy/default.nix index 3986e1b0..bfdc9ea9 100644 --- a/modules/services/caddy/default.nix +++ b/modules/services/caddy/default.nix @@ -7,16 +7,71 @@ with lib; let cfg = config.xyno.services.caddy; - schema = import ./json-schema.nix { - inherit pkgs lib; - schema = builtins.fromJSON (builtins.readFile ./caddy_schema.json); + wildcardMatcherStr = wildcard: hostName: content: '' + @${hostName} host ${hostName}.${wildcard} + handle @${hostName} { + ${content.extraConfig} + } + + ''; + genOneWildcard = wildcard: host: { + extraConfig = '' + # extra pre + ${host.extraConfigPre} + # block bots + ${optionalString host.blockBots "import blockBots"} + # hosts handler + ${concatStrings (mapAttrsToList (n: v: wildcardMatcherStr wildcard n v) host.hosts)} + # extra post + ${host.extraConfigPost} + abort + ''; }; + genVHostsFromWildcard = mapAttrs' ( + n: v: nameValuePair "*.${n}" (genOneWildcard n v) + ) cfg.wildcardHosts; + schema = import ./json-schema.nix { inherit pkgs lib; schema = builtins.fromJSON (builtins.readFile ./caddy_schema.json); }; in { options.xyno.services.caddy.enable = mkEnableOption "enables caddy with the desec plugin"; options.xyno.services.caddy.config = mkOption { - default = { }; + default = {}; type = schema.type; + }; + options.xyno.services.caddy.wildcardHosts = mkOption { + example = { + "hailsatan.eu" = { + blockBots = true; + hosts.md.extraConfig = ''reverse_proxy ...''; + }; + }; + default = { }; + type = + with types; + attrsOf (submodule { + options = { + blockBots = mkOption { + type = bool; + default = false; + }; + extraConfigPre = mkOption { + type = str; + default = ""; + }; + extraConfigPost = mkOption { + type = str; + default = ""; + }; + hosts = mkOption { + default = {}; + type = attrsOf (submodule { + options = { + extraConfig = mkOption { type = lines; }; + }; + }); + }; + }; + }); }; config = lib.mkIf cfg.enable { networking.firewall.allowedTCPPorts = [ @@ -24,32 +79,34 @@ in 443 ]; networking.firewall.allowedUDPPorts = [ 443 ]; - xyno.services.caddy.config = { - apps = { - http.metrics.per_host = true; - tls.automation.policies = [ - { - issuers = [ - { - ca = "https://acme-v02.api.letsencrypt.org/directory"; - challenges.dns.provider = { - name = "desec"; - token.path = ""; # TODO - - }; - } - ]; - module = "acme"; - } - ]; - }; - }; - services.caddy = { enable = true; package = pkgs.caddy-desec; adapter = "json"; configFile = json.generate "caddy-config.json" cfg.config; + # virtualHosts = genVHostsFromWildcard; + # email = mkDefault "ssl@xyno.systems"; + # acmeCA = mkDefault "https://acme-v02.api.letsencrypt.org/directory"; + # globalConfig = '' + # metrics { + # per_host + # } + # ''; + # extraConfig = '' + # (blockBots) { + # @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot" + + # handle @botForbidden { + # redir https://hil-speed.hetzner.com/10GB.bin + # } + # handle /robots.txt { + # respond < 2 then lib.concatStringsSep "." (builtins.tail spl) else spl; - in - { - routers."${router}-robotstxt" = { - service = "robotstxt"; - rule = "Host(`${v.host}`) && Path(`/robots.txt`)"; - tls.domains = [ - { - main = certDomain; - sans = [ "*.${certDomain}" ]; - } - ]; - - }; - routers.${router} = { - inherit service; - rule = "Host(`${v.host}`)"; - tls.domains = [ - { - main = certDomain; - sans = [ "*.${certDomain}" ]; - } - ]; - }; - services.${service} = { - loadBalancer.servers = [ - { url = v.internal; } - ]; - }; - services.robotstxt = { - loadBalancer.servers = [ - { url = "http://127.0.0.2"; } - ]; - }; - } - ) cfg.simpleProxy; -in -{ - options.xyno.services.traefik.enable = lib.mkEnableOption "enables traefik"; - options.xyno.services.traefik.noBots = lib.mkOption { - type = lib.types.bool; - default = true; - }; - options.xyno.services.traefik.simpleProxy = lib.mkOption { - example = { - "example" = { - host = "example.org"; - middlewares = [ "meow" ]; - internal = "http://127.0.0.1:8080"; - }; - }; - default = { }; - type = lib.types.attrsOf ( - lib.types.submodule { - options = { - middlewares = lib.mkOption { - type = lib.types.nullOr (lib.types.listOf lib.types.str); - }; - internal = lib.mkOption { - type = lib.types.str; - }; - host = lib.mkOption { - type = lib.types.str; - }; - - }; - } - ); - - }; - config = lib.mkIf cfg.enable { - services.nginx = { - enable = lib.mkIf cfg.noBots true; - defaultListenAddresses = lib.mkIf cfg.noBots [ "127.0.0.2" ]; - virtualHosts.localhost.locations."/".root = pkgs.runCommand "nginx-robots" '' - mkdir $out - echo "User-Agent: *\nDisallow: /" > $out/robots.txt - ''; - }; - services.traefik = { - enable = true; - environmentFiles = [ - config.sops.templates."traefik.env".path - ]; - staticConfigOptions = { - metrics = lib.mkIf config.xyno.services.monitoring.enable { - otlp.http.endpoint = "http://localhost:8429/v1/metrics"; - }; - entryponts.web = { - address = ":80"; - redirections.entryPoint = { - to = "websecure"; - scheme = "https"; - permanent = true; - }; - }; - entryponts.websecure = { - address = ":443"; - tls.certResolver = "letsencrypt"; - http3 = { }; - - }; - log.level = "INFO"; - certificatesResolvers.letsencrypt.acme = { - email = "ssl@xyno.systems"; - caServer = "https://acme-v02.api.letsencrypt.org/directory"; - dnsChallenge = { - provider = "desec"; - }; - }; - }; - dynamicConfigOptions = { - http = lib.mkMerge simpleProxyOpts; - tls.options.default = { - # mozilla modern - minVersion = "VersionTLS13"; - curvePreferences = [ - "X25519" - "CurveP256" - "CurveP384" - ]; - }; - tls.options.old = { - # mozilla intermediate - minVersion = "VersionTLS12"; - curvePreferences = [ - "X25519" - "CurveP256" - "CurveP384" - ]; - cipherSuites = [ - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305" - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305" - ]; - - }; - }; - }; - networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; - networking.firewall.allowedUDPPorts = [ 443 ]; - xyno.impermanence.directories = [ config.services.traefik.dataDir ]; - sops.secrets."desec_token" = { - }; - sops.templates."traefik.env".content = '' - DESEC_TOKEN=${config.sops.placeholder.desec_token} - DESEC_PROPAGATION_TIMEOUT=1200 - ''; - sops.templates."traefik.env".reloadUnits = [ "traefik.service" ]; - # services.borgmatic.settings.traefikql_databases = [ - # { - # name = "all"; # gets run as root anyways so can log in - # } - # ]; - - }; -} diff --git a/overlays/default.nix b/overlays/default.nix index e5344178..8391833c 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -27,16 +27,16 @@ inputs: self: super: { fido2-hid-bridge = super.callPackage ../packages/fido2-hid-bridge.nix {}; python-uhid = super.callPackage ../packages/uhid.nix {}; caddy-desec = super.callPackage ../packages/caddy-desec.nix {}; - ibus-patched = super.unstable.ibus.overrideAttrs (old: { - patches = old.patches ++ [ - # (builtins.head old.patches) - # (builtins.head (builtins.tail old.patches)) + + # todo: remove on next supersonic release + supersonic-wayland = super.supersonic-wayland.overrideAttrs (old: { + patches = (if old?patches then old.patches else []) ++ [ (self.fetchpatch2 { - url = "https://github.com/ibus/ibus/commit/dde00b1b689037e70d79a703aa028f7c3de289e2.patch"; - hash = "sha256-Q5XANWsN7f9Kcno8Icgn8wlXL489YlcrlUrqeA67nWU="; + url = "https://github.com/dweymouth/supersonic/commit/ee742cf34ef7225d345c16354d9c21d72a41bf4a.patch"; + hash = "sha256-kSeEbzrfJ4Pe8JC4rIWlSmADOcjrCRBNWlcO8VfVnn4="; }) ]; + vendorHash = "sha256-Sh3PxRwb6ElSeWzdvIQ+nD9VVGlpUDwxG7nAoGWPTRQ="; }); - } diff --git a/secrets/common.yaml b/secrets/common.yaml index 2b1fbc70..0c72d97d 100644 --- a/secrets/common.yaml +++ b/secrets/common.yaml @@ -1,6 +1,5 @@ victoriametrics: basicAuthPassword: ENC[AES256_GCM,data:5QuhkQ344qDYzhGZBJimaX94C6oxgYBRZw4MSlycdgs6zRAudMIu/HF1gpjythQpait81jMpFhIn57w433s7QQ==,iv:gytJ63cBaJseCis7gEPmOX6LeddNloQsTjc1SnS56jo=,tag:Jn6TevGsBEeHxYmVHy896w==,type:str] -desec_token: ENC[AES256_GCM,data:3aqlfpAEMyOSNGdLXm4lc0VZajduPkTYkYd+WA==,iv:sktNkKWaD/hjsQpSJzAZeCvwYXfvkhQ2A44BKedCZRg=,tag:XbxIr09c60V0PMDitSOD/w==,type:str] wg: psk: ENC[AES256_GCM,data:Anpe6IxtzsqZyvas+ddV3yjJozdZgZOl2KG/Z4YtWUB5gAVLtxsQKc/WA/M=,iv:j/A5k2VXbdqUDXEd1WRfJYdb3DsUZ1B9gPHCpDpRjmw=,tag:KQGi1O5iP2+nQccgBzytSQ==,type:str] msmtp: @@ -11,8 +10,8 @@ msmtp: password: ENC[AES256_GCM,data:mAgsvDPzt8f/RB/2T8nrd+KUcuxUGIdCBDs5sFla5x0=,iv:qndiiKTuSpbf/gtNXPaZ6AnHHwzZ7IPJrDFriM7bKwE=,tag:5j+gjpaxIu03x1lBkRMLhQ==,type:str] aliases: ENC[AES256_GCM,data:fOZRYZ8rVs3IXhiS+VaP54gF4bir66oIZvb7ZfKV,iv:bsmh1ZCwERZuHrvORP68hj5Gz7j3+K6ZW8BR3/IQVQg=,tag:jWozmXpjk3JHCINSgP4KGg==,type:str] sops: - lastmodified: "2025-11-19T16:17:02Z" - mac: ENC[AES256_GCM,data:dt2iRLTxfPWpYlxsZnOQgtUAvU/MWoXp6eLOJgP/uWLe5ooeU5K868I7PQNVGEnqkJGZTiiENpY7mkmt0niKn2nw7nD5KzRPMvFZ0/JXrLkzCScBfJDlbcuTtKFVqlDkPpz7kgF+fQy1cg5KiDyc9bsJAi/9qHhQHF3wFbeG5rI=,iv:E6YtLKZdnqgVZKx/goxdvn41p+hfMpkSbc7FJ/3yXQA=,tag:6iW9vkEsEuXOhptGdDwpdw==,type:str] + lastmodified: "2025-09-06T16:50:17Z" + mac: ENC[AES256_GCM,data:QdWLok9IBqTaO3StKRiAXcMIZSV5YJQoYY+3cZZ7xARbmvn5cDqnapv3HIJju7v5V48tNG3aXy1nJHG4kKVuDIMd7s7PPjLL1k0dEsnTs4YwE8XugZX86nXuSUZeUuQNfnR9sFOKho/o/I9W5hCp0IcEgo+Bs1dD3IvYxuv6Nzk=,iv:IHEDtI6lo76qPgBvBETg/SiT/tfFivN8r8J7tt93IbQ=,tag:ifW8UVaf5r8Y9HUUtCkAQQ==,type:str] pgp: - created_at: "2025-09-06T16:37:33Z" enc: |- @@ -64,4 +63,4 @@ sops: -----END PGP MESSAGE----- fp: b730b2bf54eb792a14bfd3e68c14c08894376c5f unencrypted_suffix: _unencrypted - version: 3.11.0 + version: 3.10.2