meow

instances/theseus/configuration.nix

@@ -54,9 +54,6 @@ in
     gimp3
     anytype
     monero-gui
-    orca-slicer
-    unstable.kicad
-    dune3d
     pencil2d
     python311Packages.brother-ql
     ptouch-print

modules/desktop/wpaperd.nix

@@ -50,6 +50,7 @@ in
       unitConfig.Requisite = "graphical-session.target";
       serviceConfig.Restart = "on-failure";
       wantedBy = [ "swww-daemon.service" ];
+      path = with pkgs;[ coreutils findutils cfg.package gnused];
       script = ''
         set -eox
         export DEFAULT_INTERVAL=300 # In seconds
@@ -62,22 +63,20 @@ in
         export SWWW_TRANSITION_DURATION="1"
         # export SWWW_TRANSITION_STEP="90"
       
+        images=( ) # array of randomized images
+
         while true; do
-        	find "''$DIR" -type f \
+        	for d in ''$(swww query  | sed -nE 's/^: ([^:]+).*/\1/p'); do # see swww-query(1)
-        	| while read -r img; do
+            if [[ ''${#images[@]} == 0 ]]; then
-        		echo "''$(</dev/urandom tr -dc a-zA-Z0-9 | head -c 8):''$img"
+              images=( $(find $DIR -regextype posix-extended -type f -regex '.*\.(jpg|jpeg|gif|png|bmp|dds|exr|ico|tga|tiff|webp)$' | shuf) ) # fill queue if arr empty (rust image crate supported formats)
-        	done \
+            fi
-        	| sort -n | cut -d':' -f2- \
+
-        	| while read -r img; do
+        		swww img --resize "''$RESIZE_TYPE" --outputs "''$d" "''${images[0]}" # show first image of arr
-        		for d in ''$(${cfg.package}/bin/swww query | grep -Po "^[^:]+"); do # see ${cfg.package}/bin/swww-query(1)
+
-        			# Get next random image for this display, or re-shuffle images
+            images=("''${images[@]:1}") # pop first image of arr
-        			# and pick again if no more unused images are remaining
+
-        			[ -z "''$img" ] && if read -r img; then true; else break 2; fi
-        			${cfg.package}/bin/swww img --resize "''$RESIZE_TYPE" --outputs "''$d" "''$img"
-        			unset -v img # Each image should only be used once per loop
-        		done
-        		sleep "''${DEFAULT_INTERVAL}"
         	done
+        	sleep "''${DEFAULT_INTERVAL}" || true # pkill sleep for next wallpaper xd
         done
       '';
       # restartTriggers = [wpaperdConf];

modules/module-list.nix

@@ -23,8 +23,8 @@
   ./presets/gui.nix
   ./presets/server.nix
   ./presets/home-manager.nix
-  ./services/authentik.nix
+  ./services/authentik
-  ./services/caddy.nix
+  ./services/caddy
   ./services/monitoring.nix
   ./services/wireguard.nix
   ./system/impermanence.nix

modules/presets/development.nix

@@ -10,7 +10,7 @@ let
 in
 {
   options.xyno.presets.development.enable =
-    mkEnableOption "enables xynos configs for a development machine";
+    mkEnableOption "enables xynos configs for a development/workstation machine";
   config = mkIf cfg.enable {
     home-manager.users.${config.xyno.system.user.name} = mkIf config.xyno.presets.home-manager.enable (
       { ... }:
@@ -25,6 +25,10 @@ in
     virtualisation.podman.enable = true;
 
     environment.systemPackages = with pkgs; [
+      orca-slicer
+      unstable.kicad
+      freecad
+      dune3d
       jetbrains.rider
       # android-studio
       nixpkgs-manual

modules/services/authentik/default.nix

@@ -45,7 +45,7 @@ let
   terranixConfig = inputs.terranix.lib.terranixConfiguration {
     system = pkgs.system;
     modules = [
-      ./authentik/provider.nix
+      ./provider.nix
       {
         inherit (cfg)
           oauthApps
@@ -192,7 +192,7 @@ in
 
     };
     sops.secrets."authentik/env" = {
-      sopsFile = ../../instances/${config.networking.hostName}/secrets/authentik.yaml;
+      sopsFile = ../../../instances/${config.networking.hostName}/secrets/authentik.yaml;
     };
 
     services.caddy.extraConfig = ''

modules/services/caddy/caddy-config.nix

@@ -0,0 +1,5 @@
+{ json, lib, ...}: with lib;
+types.submodule {
+  freeformType = json.type;
+  
+}

modules/services/caddy/default.nix

@@ -30,9 +30,14 @@ let
   genVHostsFromWildcard = mapAttrs' (
     n: v: nameValuePair "*.${n}" (genOneWildcard n v)
   ) cfg.wildcardHosts;
+  schema = import ./json-schema.nix { inherit pkgs lib; schema = builtins.fromJSON (builtins.readFile ./caddy_schema.json); };
 in
 {
   options.xyno.services.caddy.enable = mkEnableOption "enables caddy with the desec plugin";
+  options.xyno.services.caddy.config = mkOption {
+    default = {};
+    type = schema.type;
+  }; 
   options.xyno.services.caddy.wildcardHosts = mkOption {
     example = {
       "hailsatan.eu" = {
@@ -77,29 +82,31 @@ in
     services.caddy = {
       enable = true;
       package = pkgs.caddy-desec;
-      virtualHosts = genVHostsFromWildcard;
+      adapter = "json";
-      email = mkDefault "ssl@xyno.systems";
+      configFile = json.generate "caddy-config.json" cfg.config;
-      acmeCA = mkDefault "https://acme-v02.api.letsencrypt.org/directory";
+      # virtualHosts = genVHostsFromWildcard;
-      globalConfig = ''
+      # email = mkDefault "ssl@xyno.systems";
-        metrics {
+      # acmeCA = mkDefault "https://acme-v02.api.letsencrypt.org/directory";
-          per_host
+      # globalConfig = ''
-        }
+      #   metrics {
-      '';
+      #     per_host
-      extraConfig = ''
+      #   }
-        (blockBots) {
+      # '';
-          @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot"
+      # extraConfig = ''
+      #   (blockBots) {
+      #     @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot"
 
-          handle @botForbidden   {
+      #     handle @botForbidden   {
-            redir https://hil-speed.hetzner.com/10GB.bin
+      #       redir https://hil-speed.hetzner.com/10GB.bin
-          }
+      #     }
-          handle /robots.txt {
+      #     handle /robots.txt {
-            respond <<TXT
+      #       respond <<TXT
-            User-Agent: *
+      #       User-Agent: *
-            Disallow: /
+      #       Disallow: /
-            TXT 200
+      #       TXT 200
-          }
+      #     }
-        }
+      #   }
-      '';
+      # '';
     };
     xyno.services.monitoring.exporters.caddy = 2019;
 

modules/services/caddy/json-schema.nix

@@ -0,0 +1,144 @@
+{
+  pkgs,
+  lib,
+  schema,
+  ...
+}:
+with lib;
+let
+  json = pkgs.formats.json { };
+  submoduleOptions =
+    {
+      spec,
+      depth,
+      extraRequires ? [ ],
+      ...
+    }:
+    let
+      isRequired = n: any (x: x == n) (extraRequires ++ (optionals (spec ? required) spec.required));
+    in
+    if spec ? "$ref" then
+      submoduleOptions (getRef x."$ref")
+    else
+      mapAttrs (
+        n: v:
+        buildOption {
+          inherit depth;
+          spec = v;
+          required = isRequired n;
+        }
+      ) (if spec ? properties then spec.properties else { });
+  getRef =
+    x:
+    let
+      path = splitString "/" (traceVal x);
+      result = attrByPath (tail path) (throw "ref ${x} not found") schema;
+    in
+    result;
+  deref = x: if x ? "$ref" then getRef x."$ref" else x;
+  buildOptionType =
+    {
+      spec,
+      depth ? 0,
+      ...
+    }:
+    let
+      strType = if spec ? enum then types.enum spec.enum else types.str;
+      objType = types.submodule {
+        freeformType = json.type;
+        options = submoduleOptions { inherit spec depth; };
+      };
+      arrType = types.listOf (
+        if spec ? items then
+          buildOptionType {
+            inherit depth;
+            spec = spec.items;
+          }
+        else
+          types.anything
+      );
+      allOfType =
+        let
+          resolve = x: if x ? "if" then x."then" else x; # just ignore conditionals for now
+          resolved = map (x: deref (resolve x)) spec.allOf;
+          # mergedDesc = concatStringsSep "\n" (
+          #   map (x: if x ? markdownDescription then x.markdownDescription else "") resolved
+          # );
+          combined = foldl (x: c: recursiveUpdate c x) { } resolved;
+          # options = map (
+          #   x:
+          #   submoduleOptions {
+          #     spec = x;
+          #     extraRequires = if spec ? required then spec.required else [ ];
+          #   }
+          # ) (traceValSeqN 4 resolved);
+        in
+        buildOptionType {
+          depth = depth + 1;
+          spec = combined;
+        };
+      type =
+        if depth > 3 then
+          types.deferredModule
+        else if spec ? "$ref" then
+          buildOptionType {
+            depth = depth + 1;
+            spec = getRef spec."$ref";
+          }
+        else if spec ? allOf then
+          allOfType
+        else if !spec ? type then
+          json.type
+
+        else if isList spec.type then
+          types.oneOf (map (x: buildOptionType x) spec.type)
+        else if spec.type == "string" then
+          strType
+        else if spec.type == "boolean" then
+          types.bool
+        else if spec.type == "number" then
+          types.number
+        else if spec.type == "array" then
+          arrType
+        else if spec.type == "object" then
+          objType
+        else
+          (throw "unknown json schema type: ${spec.type}");
+
+    in
+    type;
+
+  buildOption =
+    {
+      spec,
+      depth,
+      required ? false,
+      ...
+    }:
+    let
+      type = buildOptionType { inherit spec depth; };
+    in
+    mkOption {
+      type = if required then type else types.nullOr type;
+      description = if spec ? markdownDescription then spec.markdownDescription else "no description qwq";
+      default =
+        if required then
+          if spec.type == "object" then
+            { }
+          else if spec.type == "array" then
+            [ ]
+          else
+            null
+        else
+          null;
+
+    };
+
+in
+{
+  generate = json.generate;
+  type = buildOptionType {
+    depth = 0;
+    spec = schema;
+  };
+}