comparing 1376f6a31ea35f1222c4c055b8f79e30f93d152d and master on ryan.freumh.org/nixos

.dir-locals.el

This is a binary file and will not be displayed.

+63 -2

README.md

···

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1
        
       

     

       2
       -
       My NixOS configs.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       3
        
       

     

       4
       -
       Uses flakes.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       5

···

       1
       +
       # NixOS Configuration

     

       2
       +
       

     

       3
       +
       My personal Nix and NixOS configuration for reproducible, declarative systems and environments across multiple hosts.

     

       4
       +
       This is a personal configuration with limited applicability to others, though some patterns may be useful for reference.

     

       5
       +
       Common self-hosting services have been extracted to a separate project, [Eilean](https://github.com/RyanGibb/eilean-nix).

     

       6
       +
       

     

       7
       +
       ## Usage

     

       8
       +
       

     

       9
       +
       ### NixOS

     

       10
       +
       

     

       11
       +
       See the [NixOS manual](https://nixos.org/manual/nixos/stable/#ch-installation) for how to install NixOS.

     

       12
       +
       

     

       13
       +
       1. Clone this repository to `/etc/nixos/` on a NixOS system.

     

       14
       +
       2. Set up the host configuration in `/etc/nixos/hosts/<hostname>/`.

     

       15
       +
       3. Deploy the host with `nixos-rebuild switch`.

     

       16
       +
       

     

       17
       +
       ### Remote Deployment

     

       18
       +
       

     

       19
       +
       [`deploy-rs`](https://github.com/serokell/deploy-rs) can be used to update remote hosts via SSH with `deploy .#hostname`.

     

       20
       +
       

     

       21
       +
       ### Home Manager

     

       22
       +
       

     

       23
       +
       For non-NixOS systems, you can use Home Manager standalone:

     

       24
       +
       

     

       25
       +
       1. Install [Nix](https://nixos.org/download/) and [enable flakes](https://nixos.wiki/wiki/flakes#Other_Distros.2C_without_Home-Manager).

     

       26
       +
       2. Clone this repository and follow the [Home Manager manual](https://nix-community.github.io/home-manager/index.xhtml#sec-install-standalone).

     

       27
       +
       3. Deploy the profile with `home-manager switch`.

     

       28
       +
       

     

       29
       +
       ### Nix-on-Droid

     

       30
       +
       

     

       31
       +
       See [upstream](https://github.com/nix-community/nix-on-droid/).

     

       32
       +
       

     

       33
       +
       ## Repository Structure

     

       34
        
       

     

       35
       +
       - [`flake.nix`](./flake.nix) - Entry point where inputs, outputs, and [overlays](https://nixos.org/manual/nixpkgs/stable/#chap-overlays) are defined.

     

       36
       +
         The [`flake.lock`](./flake.lock) file locks these inputs for reproducibility.

     

       37
       +
       - [`hosts/`](./hosts/) - Host-specific configurations where each subdirectory represents a separate machine.

     

       38
       +
         - Hosts are named after animals, following a rough naming scheme where,

     

       39
       +
           - Stationary hosts are mammals.

     

       40
       +
             - Servers are even-toed ungulates ([Artiodactyls](https://en.wikipedia.org/wiki/Artiodactyl)), e.g. the [Network-Attached Storage (NAS) server](https://ryan.freumh.org/nas.html) [`elephant`](./hosts/elephant).

     

       41
       +
             - SBCs are small mammals ([Eulipotyphla](https://en.wikipedia.org/wiki/Eulipotyphla)), e.g. the [Home Assistant](https://www.home-assistant.io/) server and [Zigbee](https://en.wikipedia.org/wiki/Zigbee) bridge [`shrew`](./hosts/shrew).

     

       42
       +
             - Desktops are carnivores ([Carnivora](https://en.wikipedia.org/wiki/Carnivora)), e.g. the tower PC [`vulpine`](./hosts/vulpine).

     

       43
       +
           - Mobile (battery powered) hosts are reptiles, e.g. the laptop [`gecko`](./hosts/gecko).

     

       44
       +
           - Virtual hosts are birds, e.g. the virtual private server (VPS) [`owl`](./hosts/owl).

     

       45
       +
           - Work-associated hosts are aquatic, e.g. the VPSs for [Eon](https://github.com/RyanGibb/eon) experiments [`duck`](./hosts/duck), and running the [EEG](https://www.cst.cam.ac.uk/research/eeg) infrastructure including using the federated [Shibboleth](https://www.shibboleth.net/) identity server to provision [Matrix](https://matrix.org/) accounts [`swan`](./hosts/swan).

     

       46
       +
           - [`barnacle`](./hosts/barnacle/default.nix) builds an ISO image that can be written to media like a USB flash drive to create a read-only live USB that can be booted to provide the custom environment on all my other hosts and used to, for example, install an operating system, with the [`install.sh`](./hosts/barnacle/install.sh) script.

     

       47
       +
         - Each host directory typically contains,

     

       48
       +
           - `default.nix` - Main configuration entry point that imports other modules.

     

       49
       +
           - `hardware-configuration.nix` - Hardware-specific configuration generated by `nixos-generate-config`.

     

       50
       +
           - `minimal.nix` - A minimal configuration that can be useful when updating with insufficient disk space.

     

       51
       +
             The minimal configuration can be build, the `default.nix` system garbage collected, and then the updated configuration built.

     

       52
       +
             Note this precludes trivial rollback.

     

       53
       +
           - Other modules separating functionality, such as `services.nix`.

     

       54
       +
       - [`modules/`](./modules/) - NixOS modules of common functionality extracted into modular components which can be enabled by host configurations.

     

       55
       +
       - [`pkgs/`](./pkgs/) - Custom package definitions for packages not available in nixpkgs or requiring modifications.

     

       56
       +
       - [`home/`](./home/) - Home-manager NixOS modules configurations.

     

       57
       +
       - [`secrets/`](./secrets/) - Encrypted secrets managed by agenix.

     

       58
       +
       - [`scripts/`](./scripts/) - Miscellaneous scripts.

     

       59
       +
       - [`nix-on-droid/`](./nix-on-droid/) - [Nix-on-Droid](./#nix-on-droid) configuration.

     

       60
        
       

     

       61
       +
       ## Managing Secrets

     

       62
       +
       

     

       63
       +
       Secrets are managed using [agenix](https://github.com/ryantm/agenix).

     

       64
       +
       To add a new secret, update [secrets.nix](./secrets/secrets.nix) and run `cd secrets && agenix -e <secret-name>.age`.

     

       65
       +
       To update an existing secret you need only do the latter.

     

       66

+227 -134

flake.lock

···

       8
        
               "systems": "systems"

     

       9
        
             },

     

       10
        
             "locked": {

     

       11
       -
               "lastModified": 1723293904,

     

       12
       -
               "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",

     

       13
        
               "owner": "ryantm",

     

       14
        
               "repo": "agenix",

     

       15
       -
               "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",

     

       16
        
               "type": "github"

     

       17
        
             },

     

       18
        
             "original": {

     
···

       58
        
               "type": "gitlab"

     

       59
        
             }

     

       60
        
           },

     

       61
       -
           "colour-guesser": {

     

       62
       -
             "inputs": {

     

       63
       -
               "flake-utils": "flake-utils_2",

     

       64
       -
               "nix-filter": "nix-filter",

     

       65
       -
               "nixpkgs": [

     

       66
       -
                 "nixpkgs"

     

       67
       -
               ]

     

       68
       -
             },

     

       69
       -
             "locked": {

     

       70
       -
               "lastModified": 1713180220,

     

       71
       -
               "narHash": "sha256-hTdD8t3/hvaexQXDFL2lsXgyxg93IrTFszXeCrBcmEY=",

     

       72
       -
               "ref": "develop",

     

       73
       -
               "rev": "6ecf853ca91af2e6ddcecd64e6eaa1214aaf87fa",

     

       74
       -
               "revCount": 11,

     

       75
       -
               "type": "git",

     

       76
       -
               "url": "ssh://git@github.com/ryangibb/colour-guesser.git"

     

       77
       -
             },

     

       78
       -
             "original": {

     

       79
       -
               "ref": "develop",

     

       80
       -
               "type": "git",

     

       81
       -
               "url": "ssh://git@github.com/ryangibb/colour-guesser.git"

     

       82
       -
             }

     

       83
       -
           },

     

       84
        
           "darwin": {

     

       85
        
             "inputs": {

     

       86
        
               "nixpkgs": [

     
···

       125
        
               "type": "github"

     

       126
        
             }

     

       127
        
           },

     

       128
       -
           "eilean": {

     

       129
        
             "inputs": {

     

       130
       -
               "eon": [

     

       131
       -
                 "eon"

     

       132
       -
               ],

     

       133
       -
               "nixos-mailserver": "nixos-mailserver",

     

       134
        
               "nixpkgs": [

     

       135
        
                 "nixpkgs"

     

       136
        
               ]

     

       137
        
             },

     

       138
        
             "locked": {

     

       139
       -
               "lastModified": 1734089719,

     

       140
       -
               "narHash": "sha256-ZBh6KrIQXPGXhR7AWUIMdkY/99MFunfULoNqWpm+K6k=",

     

       141
       -
               "owner": "RyanGibb",

     

       142
       -
               "repo": "eilean-nix",

     

       143
       -
               "rev": "e048d7e4fba2029f9e70c2a770b59c1f88575670",

     

       144
        
               "type": "github"

     

       145
        
             },

     

       146
        
             "original": {

     

       147
       -
               "owner": "RyanGibb",

     

       148
       -
               "ref": "main",

     

       149
       -
               "repo": "eilean-nix",

     

       150
        
               "type": "github"

     

       151
        
             }

     

       152
        
           },

     

       153
       -
           "emacs-overlay": {

     

       154
        
             "inputs": {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       155
        
               "nixpkgs": [

     

       156
        
                 "nixpkgs"

     

       157
       -
               ],

     

       158
       -
               "nixpkgs-stable": "nixpkgs-stable"

     

       159
        
             },

     

       160
        
             "locked": {

     

       161
       -
               "lastModified": 1734599675,

     

       162
       -
               "narHash": "sha256-jTfIoLxbVK3r6rFHKs0JS8WEYrmp0AGomzGaPTDZvrE=",

     

       163
       -
               "owner": "nix-community",

     

       164
       -
               "repo": "emacs-overlay",

     

       165
       -
               "rev": "df40078d8d4f3f0439e52a3f3e44af0005e6072e",

     

       166
        
               "type": "github"

     

       167
        
             },

     

       168
        
             "original": {

     

       169
       -
               "owner": "nix-community",

     

       170
       -
               "repo": "emacs-overlay",

     

       0
        
       
     

       171
        
               "type": "github"

     

       172
        
             }

     

       173
        
           },

     

       174
        
           "eon": {

     

       175
        
             "inputs": {

     

       176
       -
               "flake-utils": "flake-utils_3",

     

       177
        
               "nixpkgs": [

     

       178
        
                 "nixpkgs"

     

       179
        
               ],

     

       180
        
               "opam-nix": "opam-nix"

     

       181
        
             },

     

       182
        
             "locked": {

     

       183
       -
               "lastModified": 1733764648,

     

       184
       -
               "narHash": "sha256-VjetFOh45WJiXYwnOCQARhvCDknkzre7MqfKg8bIS8E=",

     

       185
        
               "owner": "RyanGibb",

     

       186
        
               "repo": "eon",

     

       187
       -
               "rev": "fedd96cc5df1c5026670a0ae3f9ab16ab8ba5725",

     

       188
        
               "type": "github"

     

       189
        
             },

     

       190
        
             "original": {

     
···

       308
        
           },

     

       309
        
           "flake-utils_2": {

     

       310
        
             "inputs": {

     

       311
       -
               "systems": "systems_2"

     

       312
       -
             },

     

       313
       -
             "locked": {

     

       314
       -
               "lastModified": 1681202837,

     

       315
       -
               "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",

     

       316
       -
               "owner": "numtide",

     

       317
       -
               "repo": "flake-utils",

     

       318
       -
               "rev": "cfacdce06f30d2b68473a46042957675eebb3401",

     

       319
       -
               "type": "github"

     

       320
       -
             },

     

       321
       -
             "original": {

     

       322
       -
               "id": "flake-utils",

     

       323
       -
               "type": "indirect"

     

       324
       -
             }

     

       325
       -
           },

     

       326
       -
           "flake-utils_3": {

     

       327
       -
             "inputs": {

     

       328
       -
               "systems": "systems_5"

     

       329
        
             },

     

       330
        
             "locked": {

     

       331
        
               "lastModified": 1731533236,

     
···

       341
        
               "type": "github"

     

       342
        
             }

     

       343
        
           },

     

       344
       -
           "flake-utils_4": {

     

       345
        
             "locked": {

     

       346
        
               "lastModified": 1676283394,

     

       347
        
               "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",

     
···

       355
        
               "type": "indirect"

     

       356
        
             }

     

       357
        
           },

     

       358
       -
           "flake-utils_5": {

     

       359
        
             "inputs": {

     

       360
       -
               "systems": "systems_6"

     

       361
        
             },

     

       362
        
             "locked": {

     

       363
        
               "lastModified": 1694529238,

     
···

       373
        
               "type": "github"

     

       374
        
             }

     

       375
        
           },

     

       376
       -
           "flake-utils_6": {

     

       377
        
             "locked": {

     

       378
        
               "lastModified": 1638122382,

     

       379
        
               "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",

     
···

       388
        
               "type": "github"

     

       389
        
             }

     

       390
        
           },

     

       391
       -
           "flake-utils_7": {

     

       392
        
             "inputs": {

     

       393
       -
               "systems": "systems_7"

     

       394
        
             },

     

       395
        
             "locked": {

     

       396
        
               "lastModified": 1692799911,

     
···

       408
        
           },

     

       409
        
           "fn06-website": {

     

       410
        
             "inputs": {

     

       411
       -
               "flake-utils": "flake-utils_4",

     

       412
        
               "nixpkgs": [

     

       413
        
                 "nixpkgs"

     

       414
        
               ]

     
···

       424
        
             "original": {

     

       425
        
               "owner": "RyanGibb",

     

       426
        
               "repo": "fn06",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       427
        
               "type": "github"

     

       428
        
             }

     

       429
        
           },

     
···

       477
        
               ]

     

       478
        
             },

     

       479
        
             "locked": {

     

       480
       -
               "lastModified": 1733951536,

     

       481
       -
               "narHash": "sha256-Zb5ZCa7Xj+0gy5XVXINTSr71fCfAv+IKtmIXNrykT54=",

     

       482
        
               "owner": "nix-community",

     

       483
        
               "repo": "home-manager",

     

       484
       -
               "rev": "1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f",

     

       485
        
               "type": "github"

     

       486
        
             },

     

       487
        
             "original": {

     
···

       491
        
               "type": "github"

     

       492
        
             }

     

       493
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       494
        
           "hyperbib-eeg": {

     

       495
        
             "inputs": {

     

       496
       -
               "flake-utils": "flake-utils_5",

     

       497
        
               "nixpkgs": [

     

       498
        
                 "nixpkgs"

     

       499
        
               ],

     
···

       517
        
           },

     

       518
        
           "i3-workspace-history": {

     

       519
        
             "inputs": {

     

       520
       -
               "flake-utils": "flake-utils_7",

     

       521
        
               "gomod2nix": "gomod2nix",

     

       522
        
               "nixpkgs": [

     

       523
        
                 "nixpkgs"

     
···

       537
        
               "type": "github"

     

       538
        
             }

     

       539
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       540
        
           "mirage-opam-overlays": {

     

       541
        
             "flake": false,

     

       542
        
             "locked": {

     
···

       569
        
               "type": "github"

     

       570
        
             }

     

       571
        
           },

     

       572
       -
           "nix-filter": {

     

       573
       -
             "locked": {

     

       574
       -
               "lastModified": 1681154353,

     

       575
       -
               "narHash": "sha256-MCJ5FHOlbfQRFwN0brqPbCunLEVw05D/3sRVoNVt2tI=",

     

       576
       -
               "owner": "numtide",

     

       577
       -
               "repo": "nix-filter",

     

       578
       -
               "rev": "f529f42792ade8e32c4be274af6b6d60857fbee7",

     

       579
       -
               "type": "github"

     

       580
       -
             },

     

       581
       -
             "original": {

     

       582
       -
               "owner": "numtide",

     

       583
       -
               "repo": "nix-filter",

     

       584
       -
               "type": "github"

     

       585
       -
             }

     

       586
       -
           },

     

       587
        
           "nix-formatter-pack": {

     

       588
        
             "inputs": {

     

       589
        
               "nixpkgs": [

     
···

       659
        
           },

     

       660
        
           "nixos-hardware": {

     

       661
        
             "locked": {

     

       662
       -
               "lastModified": 1733861262,

     

       663
       -
               "narHash": "sha256-+jjPup/ByS0LEVIrBbt7FnGugJgLeG9oc+ivFASYn2U=",

     

       664
        
               "owner": "nixos",

     

       665
        
               "repo": "nixos-hardware",

     

       666
       -
               "rev": "cf737e2eba82b603f54f71b10cb8fd09d22ce3f5",

     

       667
        
               "type": "github"

     

       668
        
             },

     

       669
        
             "original": {

     
···

       731
        
           },

     

       732
        
           "nixpkgs-compat": {

     

       733
        
             "locked": {

     

       734
       -
               "lastModified": 1733730953,

     

       735
       -
               "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=",

     

       736
        
               "owner": "nixos",

     

       737
        
               "repo": "nixpkgs",

     

       738
       -
               "rev": "7109b680d161993918b0a126f38bc39763e5a709",

     

       739
        
               "type": "github"

     

       740
        
             },

     

       741
        
             "original": {

     
···

       777
        
               "type": "github"

     

       778
        
             }

     

       779
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       780
        
           "nixpkgs-for-bootstrap": {

     

       781
        
             "locked": {

     

       782
        
               "lastModified": 1720244366,

     
···

       793
        
               "type": "github"

     

       794
        
             }

     

       795
        
           },

     

       796
       -
           "nixpkgs-stable": {

     

       797
        
             "locked": {

     

       798
        
               "lastModified": 1734323986,

     

       799
        
               "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=",

     

       800
       -
               "owner": "NixOS",

     

       801
        
               "repo": "nixpkgs",

     

       802
        
               "rev": "394571358ce82dff7411395829aa6a3aad45b907",

     

       803
        
               "type": "github"

     

       804
        
             },

     

       805
        
             "original": {

     

       806
       -
               "owner": "NixOS",

     

       807
       -
               "ref": "nixos-24.11",

     

       808
        
               "repo": "nixpkgs",

     

       0
        
       
     

       809
        
               "type": "github"

     

       810
        
             }

     

       811
        
           },

     

       812
        
           "nixpkgs-unstable": {

     

       813
        
             "locked": {

     

       814
       -
               "lastModified": 1733940404,

     

       815
       -
               "narHash": "sha256-Pj39hSoUA86ZePPF/UXiYHHM7hMIkios8TYG29kQT4g=",

     

       816
        
               "owner": "nixos",

     

       817
        
               "repo": "nixpkgs",

     

       818
       -
               "rev": "5d67ea6b4b63378b9c13be21e2ec9d1afc921713",

     

       819
        
               "type": "github"

     

       820
        
             },

     

       821
        
             "original": {

     
···

       827
        
           },

     

       828
        
           "nixpkgs_2": {

     

       829
        
             "locked": {

     

       830
       -
               "lastModified": 1734083684,

     

       831
       -
               "narHash": "sha256-5fNndbndxSx5d+C/D0p/VF32xDiJCJzyOqorOYW4JEo=",

     

       832
        
               "owner": "nixos",

     

       833
        
               "repo": "nixpkgs",

     

       834
       -
               "rev": "314e12ba369ccdb9b352a4db26ff419f7c49fa84",

     

       835
        
               "type": "github"

     

       836
        
             },

     

       837
        
             "original": {

     
···

       935
        
               "opam2json": "opam2json"

     

       936
        
             },

     

       937
        
             "locked": {

     

       938
       -
               "lastModified": 1732617437,

     

       939
       -
               "narHash": "sha256-jj25fziYrES8Ix6HkfSiLzrN6MZjiwlHUxFSIuLRjgE=",

     

       940
        
               "owner": "tweag",

     

       941
        
               "repo": "opam-nix",

     

       942
       -
               "rev": "ea8b9cb81fe94e1fc45c6376fcff15f17319c445",

     

       943
        
               "type": "github"

     

       944
        
             },

     

       945
        
             "original": {

     
···

       951
        
           "opam-nix_2": {

     

       952
        
             "inputs": {

     

       953
        
               "flake-compat": "flake-compat_4",

     

       954
       -
               "flake-utils": "flake-utils_6",

     

       955
        
               "mirage-opam-overlays": "mirage-opam-overlays_2",

     

       956
        
               "nixpkgs": [

     

       957
        
                 "hyperbib-eeg",

     
···

       1013
        
           "opam-repository": {

     

       1014
        
             "flake": false,

     

       1015
        
             "locked": {

     

       1016
       -
               "lastModified": 1732612513,

     

       1017
       -
               "narHash": "sha256-kju4NWEQo4xTxnKeBIsmqnyxIcCg6sNZYJ1FmG/gCDw=",

     

       1018
        
               "owner": "ocaml",

     

       1019
        
               "repo": "opam-repository",

     

       1020
       -
               "rev": "3d52b66b04788999a23f22f0d59c2dfc831c4f32",

     

       1021
        
               "type": "github"

     

       1022
        
             },

     

       1023
        
             "original": {

     
···

       1090
        
             "inputs": {

     

       1091
        
               "agenix": "agenix",

     

       1092
        
               "alec-website": "alec-website",

     

       1093
       -
               "colour-guesser": "colour-guesser",

     

       1094
        
               "deploy-rs": "deploy-rs",

     

       0
        
       
     

       1095
        
               "eilean": "eilean",

     

       1096
       -
               "emacs-overlay": "emacs-overlay",

     

       1097
        
               "eon": "eon",

     

       1098
        
               "fn06-website": "fn06-website",

     

       1099
        
               "home-manager": "home-manager_2",

     
···

       1105
        
               "nixpkgs": "nixpkgs_2",

     

       1106
        
               "nixpkgs-compat": "nixpkgs-compat",

     

       1107
        
               "nixpkgs-element": "nixpkgs-element",

     

       0
        
       
     

       0
        
       
     

       1108
        
               "nixpkgs-unstable": "nixpkgs-unstable",

     

       1109
       -
               "nur": "nur"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1110
        
             }

     

       1111
        
           },

     

       1112
        
           "scss-reset": {

     
···

       1215
        
               "type": "github"

     

       1216
        
             }

     

       1217
        
           },

     

       1218
       -
           "systems_7": {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1219
        
             "locked": {

     

       1220
       -
               "lastModified": 1681028828,

     

       1221
       -
               "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

     

       1222
       -
               "owner": "nix-systems",

     

       1223
       -
               "repo": "default",

     

       1224
       -
               "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1225
        
               "type": "github"

     

       1226
        
             },

     

       1227
        
             "original": {

     

       1228
       -
               "owner": "nix-systems",

     

       1229
       -
               "repo": "default",

     

       1230
        
               "type": "github"

     

       1231
        
             }

     

       1232
        
           },

     
···

       1253
        
           },

     

       1254
        
           "utils": {

     

       1255
        
             "inputs": {

     

       1256
       -
               "systems": "systems_3"

     

       1257
        
             },

     

       1258
        
             "locked": {

     

       1259
        
               "lastModified": 1701680307,

     
···

       1271
        
           },

     

       1272
        
           "utils_2": {

     

       1273
        
             "inputs": {

     

       1274
       -
               "systems": "systems_4"

     

       1275
        
             },

     

       1276
        
             "locked": {

     

       1277
        
               "lastModified": 1709126324,

···

       8
        
               "systems": "systems"

     

       9
        
             },

     

       10
        
             "locked": {

     

       11
       +
               "lastModified": 1736955230,

     

       12
       +
               "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",

     

       13
        
               "owner": "ryantm",

     

       14
        
               "repo": "agenix",

     

       15
       +
               "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",

     

       16
        
               "type": "github"

     

       17
        
             },

     

       18
        
             "original": {

     
···

       58
        
               "type": "gitlab"

     

       59
        
             }

     

       60
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       61
        
           "darwin": {

     

       62
        
             "inputs": {

     

       63
        
               "nixpkgs": [

     
···

       102
        
               "type": "github"

     

       103
        
             }

     

       104
        
           },

     

       105
       +
           "disko": {

     

       106
        
             "inputs": {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       107
        
               "nixpkgs": [

     

       108
        
                 "nixpkgs"

     

       109
        
               ]

     

       110
        
             },

     

       111
        
             "locked": {

     

       112
       +
               "lastModified": 1743598667,

     

       113
       +
               "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=",

     

       114
       +
               "owner": "nix-community",

     

       115
       +
               "repo": "disko",

     

       116
       +
               "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6",

     

       117
        
               "type": "github"

     

       118
        
             },

     

       119
        
             "original": {

     

       120
       +
               "owner": "nix-community",

     

       121
       +
               "repo": "disko",

     

       0
        
       
     

       122
        
               "type": "github"

     

       123
        
             }

     

       124
        
           },

     

       125
       +
           "eilean": {

     

       126
        
             "inputs": {

     

       127
       +
               "eon": [

     

       128
       +
                 "eon"

     

       129
       +
               ],

     

       130
       +
               "nixos-mailserver": "nixos-mailserver",

     

       131
        
               "nixpkgs": [

     

       132
        
                 "nixpkgs"

     

       133
       +
               ]

     

       0
        
       
     

       134
        
             },

     

       135
        
             "locked": {

     

       136
       +
               "lastModified": 1740855157,

     

       137
       +
               "narHash": "sha256-qnKyiLva/VVWYTYWH2tN7xxj9jJ4dsl/jOxkpotlZIE=",

     

       138
       +
               "owner": "RyanGibb",

     

       139
       +
               "repo": "eilean-nix",

     

       140
       +
               "rev": "f68975d7d049ab10b7c26eeceb63a6ddd357bb30",

     

       141
        
               "type": "github"

     

       142
        
             },

     

       143
        
             "original": {

     

       144
       +
               "owner": "RyanGibb",

     

       145
       +
               "ref": "main",

     

       146
       +
               "repo": "eilean-nix",

     

       147
        
               "type": "github"

     

       148
        
             }

     

       149
        
           },

     

       150
        
           "eon": {

     

       151
        
             "inputs": {

     

       152
       +
               "flake-utils": "flake-utils_2",

     

       153
        
               "nixpkgs": [

     

       154
        
                 "nixpkgs"

     

       155
        
               ],

     

       156
        
               "opam-nix": "opam-nix"

     

       157
        
             },

     

       158
        
             "locked": {

     

       159
       +
               "lastModified": 1743149102,

     

       160
       +
               "narHash": "sha256-pW24ij8CqAdU8m5OFD1amwNmovf25YRygl1bv+s390o=",

     

       161
        
               "owner": "RyanGibb",

     

       162
        
               "repo": "eon",

     

       163
       +
               "rev": "81bdd51d1e2651c46df2a1ce38b7df5661e7eef1",

     

       164
        
               "type": "github"

     

       165
        
             },

     

       166
        
             "original": {

     
···

       284
        
           },

     

       285
        
           "flake-utils_2": {

     

       286
        
             "inputs": {

     

       287
       +
               "systems": "systems_4"

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       288
        
             },

     

       289
        
             "locked": {

     

       290
        
               "lastModified": 1731533236,

     
···

       300
        
               "type": "github"

     

       301
        
             }

     

       302
        
           },

     

       303
       +
           "flake-utils_3": {

     

       304
        
             "locked": {

     

       305
        
               "lastModified": 1676283394,

     

       306
        
               "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",

     
···

       314
        
               "type": "indirect"

     

       315
        
             }

     

       316
        
           },

     

       317
       +
           "flake-utils_4": {

     

       318
        
             "inputs": {

     

       319
       +
               "systems": "systems_5"

     

       320
        
             },

     

       321
        
             "locked": {

     

       322
        
               "lastModified": 1694529238,

     
···

       332
        
               "type": "github"

     

       333
        
             }

     

       334
        
           },

     

       335
       +
           "flake-utils_5": {

     

       336
        
             "locked": {

     

       337
        
               "lastModified": 1638122382,

     

       338
        
               "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",

     
···

       347
        
               "type": "github"

     

       348
        
             }

     

       349
        
           },

     

       350
       +
           "flake-utils_6": {

     

       351
        
             "inputs": {

     

       352
       +
               "systems": "systems_6"

     

       353
        
             },

     

       354
        
             "locked": {

     

       355
        
               "lastModified": 1692799911,

     
···

       367
        
           },

     

       368
        
           "fn06-website": {

     

       369
        
             "inputs": {

     

       370
       +
               "flake-utils": "flake-utils_3",

     

       371
        
               "nixpkgs": [

     

       372
        
                 "nixpkgs"

     

       373
        
               ]

     
···

       383
        
             "original": {

     

       384
        
               "owner": "RyanGibb",

     

       385
        
               "repo": "fn06",

     

       386
       +
               "type": "github"

     

       387
       +
             }

     

       388
       +
           },

     

       389
       +
           "gitignore": {

     

       390
       +
             "inputs": {

     

       391
       +
               "nixpkgs": [

     

       392
       +
                 "tangled",

     

       393
       +
                 "nixpkgs"

     

       394
       +
               ]

     

       395
       +
             },

     

       396
       +
             "locked": {

     

       397
       +
               "lastModified": 1709087332,

     

       398
       +
               "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",

     

       399
       +
               "owner": "hercules-ci",

     

       400
       +
               "repo": "gitignore.nix",

     

       401
       +
               "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",

     

       402
       +
               "type": "github"

     

       403
       +
             },

     

       404
       +
             "original": {

     

       405
       +
               "owner": "hercules-ci",

     

       406
       +
               "repo": "gitignore.nix",

     

       407
        
               "type": "github"

     

       408
        
             }

     

       409
        
           },

     
···

       457
        
               ]

     

       458
        
             },

     

       459
        
             "locked": {

     

       460
       +
               "lastModified": 1743387206,

     

       461
       +
               "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=",

     

       462
        
               "owner": "nix-community",

     

       463
        
               "repo": "home-manager",

     

       464
       +
               "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146",

     

       465
        
               "type": "github"

     

       466
        
             },

     

       467
        
             "original": {

     
···

       471
        
               "type": "github"

     

       472
        
             }

     

       473
        
           },

     

       474
       +
           "htmx-src": {

     

       475
       +
             "flake": false,

     

       476
       +
             "locked": {

     

       477
       +
               "narHash": "sha256-nm6avZuEBg67SSyyZUhjpXVNstHHgUxrtBHqJgowU08=",

     

       478
       +
               "type": "file",

     

       479
       +
               "url": "https://unpkg.com/htmx.org@2.0.4/dist/htmx.min.js"

     

       480
       +
             },

     

       481
       +
             "original": {

     

       482
       +
               "type": "file",

     

       483
       +
               "url": "https://unpkg.com/htmx.org@2.0.4/dist/htmx.min.js"

     

       484
       +
             }

     

       485
       +
           },

     

       486
        
           "hyperbib-eeg": {

     

       487
        
             "inputs": {

     

       488
       +
               "flake-utils": "flake-utils_4",

     

       489
        
               "nixpkgs": [

     

       490
        
                 "nixpkgs"

     

       491
        
               ],

     
···

       509
        
           },

     

       510
        
           "i3-workspace-history": {

     

       511
        
             "inputs": {

     

       512
       +
               "flake-utils": "flake-utils_6",

     

       513
        
               "gomod2nix": "gomod2nix",

     

       514
        
               "nixpkgs": [

     

       515
        
                 "nixpkgs"

     
···

       529
        
               "type": "github"

     

       530
        
             }

     

       531
        
           },

     

       532
       +
           "ia-fonts-src": {

     

       533
       +
             "flake": false,

     

       534
       +
             "locked": {

     

       535
       +
               "lastModified": 1686932517,

     

       536
       +
               "narHash": "sha256-2T165nFfCzO65/PIHauJA//S+zug5nUwPcg8NUEydfc=",

     

       537
       +
               "owner": "iaolo",

     

       538
       +
               "repo": "iA-Fonts",

     

       539
       +
               "rev": "f32c04c3058a75d7ce28919ce70fe8800817491b",

     

       540
       +
               "type": "github"

     

       541
       +
             },

     

       542
       +
             "original": {

     

       543
       +
               "owner": "iaolo",

     

       544
       +
               "repo": "iA-Fonts",

     

       545
       +
               "type": "github"

     

       546
       +
             }

     

       547
       +
           },

     

       548
       +
           "indigo": {

     

       549
       +
             "flake": false,

     

       550
       +
             "locked": {

     

       551
       +
               "lastModified": 1738491661,

     

       552
       +
               "narHash": "sha256-+njDigkvjH4XmXZMog5Mp0K4x9mamHX6gSGJCZB9mE4=",

     

       553
       +
               "owner": "oppiliappan",

     

       554
       +
               "repo": "indigo",

     

       555
       +
               "rev": "feb802f02a462ac0a6392ffc3e40b0529f0cdf71",

     

       556
       +
               "type": "github"

     

       557
       +
             },

     

       558
       +
             "original": {

     

       559
       +
               "owner": "oppiliappan",

     

       560
       +
               "repo": "indigo",

     

       561
       +
               "type": "github"

     

       562
       +
             }

     

       563
       +
           },

     

       564
       +
           "lucide-src": {

     

       565
       +
             "flake": false,

     

       566
       +
             "locked": {

     

       567
       +
               "lastModified": 1742302029,

     

       568
       +
               "narHash": "sha256-OyPVtpnC4/AAmPq84Wt1r1Gcs48d9KG+UBCtZK87e9k=",

     

       569
       +
               "type": "tarball",

     

       570
       +
               "url": "https://github.com/lucide-icons/lucide/releases/download/0.483.0/lucide-icons-0.483.0.zip"

     

       571
       +
             },

     

       572
       +
             "original": {

     

       573
       +
               "type": "tarball",

     

       574
       +
               "url": "https://github.com/lucide-icons/lucide/releases/download/0.483.0/lucide-icons-0.483.0.zip"

     

       575
       +
             }

     

       576
       +
           },

     

       577
        
           "mirage-opam-overlays": {

     

       578
        
             "flake": false,

     

       579
        
             "locked": {

     
···

       606
        
               "type": "github"

     

       607
        
             }

     

       608
        
           },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       609
        
           "nix-formatter-pack": {

     

       610
        
             "inputs": {

     

       611
        
               "nixpkgs": [

     
···

       681
        
           },

     

       682
        
           "nixos-hardware": {

     

       683
        
             "locked": {

     

       684
       +
               "lastModified": 1743420942,

     

       685
       +
               "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=",

     

       686
        
               "owner": "nixos",

     

       687
        
               "repo": "nixos-hardware",

     

       688
       +
               "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4",

     

       689
        
               "type": "github"

     

       690
        
             },

     

       691
        
             "original": {

     
···

       753
        
           },

     

       754
        
           "nixpkgs-compat": {

     

       755
        
             "locked": {

     

       756
       +
               "lastModified": 1735563628,

     

       757
       +
               "narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=",

     

       758
        
               "owner": "nixos",

     

       759
        
               "repo": "nixpkgs",

     

       760
       +
               "rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798",

     

       761
        
               "type": "github"

     

       762
        
             },

     

       763
        
             "original": {

     
···

       799
        
               "type": "github"

     

       800
        
             }

     

       801
        
           },

     

       802
       +
           "nixpkgs-flaresolverr": {

     

       803
       +
             "locked": {

     

       804
       +
               "lastModified": 1721411720,

     

       805
       +
               "narHash": "sha256-74Y9UdhWyT3lo94SnwZTKpzE6hBA1o7aOjCq4mqAYng=",

     

       806
       +
               "owner": "nixos",

     

       807
       +
               "repo": "nixpkgs",

     

       808
       +
               "rev": "ebbc0409688869938bbcf630da1c1c13744d2a7b",

     

       809
       +
               "type": "github"

     

       810
       +
             },

     

       811
       +
             "original": {

     

       812
       +
               "owner": "nixos",

     

       813
       +
               "repo": "nixpkgs",

     

       814
       +
               "rev": "ebbc0409688869938bbcf630da1c1c13744d2a7b",

     

       815
       +
               "type": "github"

     

       816
       +
             }

     

       817
       +
           },

     

       818
        
           "nixpkgs-for-bootstrap": {

     

       819
        
             "locked": {

     

       820
        
               "lastModified": 1720244366,

     
···

       831
        
               "type": "github"

     

       832
        
             }

     

       833
        
           },

     

       834
       +
           "nixpkgs-sonarr": {

     

       835
        
             "locked": {

     

       836
        
               "lastModified": 1734323986,

     

       837
        
               "narHash": "sha256-m/lh6hYMIWDYHCAsn81CDAiXoT3gmxXI9J987W5tZrE=",

     

       838
       +
               "owner": "nixos",

     

       839
        
               "repo": "nixpkgs",

     

       840
        
               "rev": "394571358ce82dff7411395829aa6a3aad45b907",

     

       841
        
               "type": "github"

     

       842
        
             },

     

       843
        
             "original": {

     

       844
       +
               "owner": "nixos",

     

       0
        
       
     

       845
        
               "repo": "nixpkgs",

     

       846
       +
               "rev": "394571358ce82dff7411395829aa6a3aad45b907",

     

       847
        
               "type": "github"

     

       848
        
             }

     

       849
        
           },

     

       850
        
           "nixpkgs-unstable": {

     

       851
        
             "locked": {

     

       852
       +
               "lastModified": 1743448293,

     

       853
       +
               "narHash": "sha256-bmEPmSjJakAp/JojZRrUvNcDX2R5/nuX6bm+seVaGhs=",

     

       854
        
               "owner": "nixos",

     

       855
        
               "repo": "nixpkgs",

     

       856
       +
               "rev": "77b584d61ff80b4cef9245829a6f1dfad5afdfa3",

     

       857
        
               "type": "github"

     

       858
        
             },

     

       859
        
             "original": {

     
···

       865
        
           },

     

       866
        
           "nixpkgs_2": {

     

       867
        
             "locked": {

     

       868
       +
               "lastModified": 1743501102,

     

       869
       +
               "narHash": "sha256-7PCBQ4aGVF8OrzMkzqtYSKyoQuU2jtpPi4lmABpe5X4=",

     

       870
        
               "owner": "nixos",

     

       871
        
               "repo": "nixpkgs",

     

       872
       +
               "rev": "02f2af8c8a8c3b2c05028936a1e84daefa1171d4",

     

       873
        
               "type": "github"

     

       874
        
             },

     

       875
        
             "original": {

     
···

       973
        
               "opam2json": "opam2json"

     

       974
        
             },

     

       975
        
             "locked": {

     

       976
       +
               "lastModified": 1741156005,

     

       977
       +
               "narHash": "sha256-JBPvXe5g1V2xpmPVMlf5CP5+T1E+TCK73lqeqV89EJE=",

     

       978
        
               "owner": "tweag",

     

       979
        
               "repo": "opam-nix",

     

       980
       +
               "rev": "e71936b31658f0b039a7d26b0c9c7a461d949ba4",

     

       981
        
               "type": "github"

     

       982
        
             },

     

       983
        
             "original": {

     
···

       989
        
           "opam-nix_2": {

     

       990
        
             "inputs": {

     

       991
        
               "flake-compat": "flake-compat_4",

     

       992
       +
               "flake-utils": "flake-utils_5",

     

       993
        
               "mirage-opam-overlays": "mirage-opam-overlays_2",

     

       994
        
               "nixpkgs": [

     

       995
        
                 "hyperbib-eeg",

     
···

       1051
        
           "opam-repository": {

     

       1052
        
             "flake": false,

     

       1053
        
             "locked": {

     

       1054
       +
               "lastModified": 1740730647,

     

       1055
       +
               "narHash": "sha256-6veU2WjUGcWDAzLDjoAI1L6GWZd0KIUq19sHcbJS+u8=",

     

       1056
        
               "owner": "ocaml",

     

       1057
        
               "repo": "opam-repository",

     

       1058
       +
               "rev": "f1f75fef5fbf1e8bd1cc9544e50b89ba59f625e2",

     

       1059
        
               "type": "github"

     

       1060
        
             },

     

       1061
        
             "original": {

     
···

       1128
        
             "inputs": {

     

       1129
        
               "agenix": "agenix",

     

       1130
        
               "alec-website": "alec-website",

     

       0
        
       
     

       1131
        
               "deploy-rs": "deploy-rs",

     

       1132
       +
               "disko": "disko",

     

       1133
        
               "eilean": "eilean",

     

       0
        
       
     

       1134
        
               "eon": "eon",

     

       1135
        
               "fn06-website": "fn06-website",

     

       1136
        
               "home-manager": "home-manager_2",

     
···

       1142
        
               "nixpkgs": "nixpkgs_2",

     

       1143
        
               "nixpkgs-compat": "nixpkgs-compat",

     

       1144
        
               "nixpkgs-element": "nixpkgs-element",

     

       1145
       +
               "nixpkgs-flaresolverr": "nixpkgs-flaresolverr",

     

       1146
       +
               "nixpkgs-sonarr": "nixpkgs-sonarr",

     

       1147
        
               "nixpkgs-unstable": "nixpkgs-unstable",

     

       1148
       +
               "nur": "nur",

     

       1149
       +
               "tangled": "tangled",

     

       1150
       +
               "timewall": "timewall"

     

       1151
       +
             }

     

       1152
       +
           },

     

       1153
       +
           "rust-overlay": {

     

       1154
       +
             "inputs": {

     

       1155
       +
               "nixpkgs": [

     

       1156
       +
                 "timewall",

     

       1157
       +
                 "nixpkgs"

     

       1158
       +
               ]

     

       1159
       +
             },

     

       1160
       +
             "locked": {

     

       1161
       +
               "lastModified": 1734230139,

     

       1162
       +
               "narHash": "sha256-zsp0Mz8VgyIAnU8UhP/YT1g+zlsl+NIJTBMAbY+RifQ=",

     

       1163
       +
               "owner": "oxalica",

     

       1164
       +
               "repo": "rust-overlay",

     

       1165
       +
               "rev": "150fbc8aa2bc501041810bbc1dbfe73694a861be",

     

       1166
       +
               "type": "github"

     

       1167
       +
             },

     

       1168
       +
             "original": {

     

       1169
       +
               "owner": "oxalica",

     

       1170
       +
               "repo": "rust-overlay",

     

       1171
       +
               "type": "github"

     

       1172
        
             }

     

       1173
        
           },

     

       1174
        
           "scss-reset": {

     
···

       1277
        
               "type": "github"

     

       1278
        
             }

     

       1279
        
           },

     

       1280
       +
           "tangled": {

     

       1281
       +
             "inputs": {

     

       1282
       +
               "gitignore": "gitignore",

     

       1283
       +
               "htmx-src": "htmx-src",

     

       1284
       +
               "ia-fonts-src": "ia-fonts-src",

     

       1285
       +
               "indigo": "indigo",

     

       1286
       +
               "lucide-src": "lucide-src",

     

       1287
       +
               "nixpkgs": [

     

       1288
       +
                 "nixpkgs"

     

       1289
       +
               ]

     

       1290
       +
             },

     

       1291
        
             "locked": {

     

       1292
       +
               "lastModified": 1743620557,

     

       1293
       +
               "narHash": "sha256-w7a9Qn/IUdCe+gk5cMvSUS+YKItK2iTiu2Qcq49a+zU=",

     

       1294
       +
               "ref": "refs/heads/master",

     

       1295
       +
               "rev": "19ee94f42ab259c218762e6f0ed87952f80b5162",

     

       1296
       +
               "revCount": 420,

     

       1297
       +
               "type": "git",

     

       1298
       +
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1299
       +
             },

     

       1300
       +
             "original": {

     

       1301
       +
               "type": "git",

     

       1302
       +
               "url": "https://tangled.sh/@tangled.sh/core"

     

       1303
       +
             }

     

       1304
       +
           },

     

       1305
       +
           "timewall": {

     

       1306
       +
             "inputs": {

     

       1307
       +
               "nixpkgs": [

     

       1308
       +
                 "nixpkgs"

     

       1309
       +
               ],

     

       1310
       +
               "rust-overlay": "rust-overlay"

     

       1311
       +
             },

     

       1312
       +
             "locked": {

     

       1313
       +
               "lastModified": 1743524557,

     

       1314
       +
               "narHash": "sha256-0rNcLtKWbjI0VqlusrqPMcpPgdkkZGkOIt9s3CnsCao=",

     

       1315
       +
               "owner": "bcyran",

     

       1316
       +
               "repo": "timewall",

     

       1317
       +
               "rev": "789befef40bf0d45e48285f17f512b41924cfeb7",

     

       1318
        
               "type": "github"

     

       1319
        
             },

     

       1320
        
             "original": {

     

       1321
       +
               "owner": "bcyran",

     

       1322
       +
               "repo": "timewall",

     

       1323
        
               "type": "github"

     

       1324
        
             }

     

       1325
        
           },

     
···

       1346
        
           },

     

       1347
        
           "utils": {

     

       1348
        
             "inputs": {

     

       1349
       +
               "systems": "systems_2"

     

       1350
        
             },

     

       1351
        
             "locked": {

     

       1352
        
               "lastModified": 1701680307,

     
···

       1364
        
           },

     

       1365
        
           "utils_2": {

     

       1366
        
             "inputs": {

     

       1367
       +
               "systems": "systems_3"

     

       1368
        
             },

     

       1369
        
             "locked": {

     

       1370
        
               "lastModified": 1709126324,

+48 -48

flake.nix

···

       4
        
           nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";

     

       5
        
           nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";

     

       6
        
           nixpkgs-element.url = "github:nixos/nixpkgs/b91f647a35c4e18a73adf617e6ef9eb5f3baa503";

     

       0
        
       
     

       0
        
       
     

       7
        
           nixos-hardware.url = "github:nixos/nixos-hardware";

     

       8
        
           home-manager.url = "github:nix-community/home-manager/release-24.11";

     

       9
        
           agenix.url = "github:ryantm/agenix";

     
···

       13
        
           eilean.url = "github:RyanGibb/eilean-nix/main";

     

       14
        
           alec-website.url = "github:alexanderhthompson/website";

     

       15
        
           fn06-website.url = "github:RyanGibb/fn06";

     

       16
       -
           colour-guesser.url = "git+ssh://git@github.com/ryangibb/colour-guesser.git?ref=develop";

     

       17
        
           i3-workspace-history.url = "github:RyanGibb/i3-workspace-history";

     

       18
        
           hyperbib-eeg.url = "github:RyanGibb/hyperbib?ref=nixify";

     

       19
        
           nix-rpi5.url = "gitlab:vriska/nix-rpi5?ref=main";

     

       20
        
           nur.url = "github:nix-community/NUR/e9e77b7985ef9bdeca12a38523c63d47555cc89b";

     

       21
       -
           emacs-overlay.url = "github:nix-community/emacs-overlay";

     

       0
        
       
     

       0
        
       
     

       22
        
       

     

       23
        
           # deduplicate flake inputs

     

       24
        
           eilean.inputs.nixpkgs.follows = "nixpkgs";

     
···

       30
        
           alec-website.inputs.nixpkgs.follows = "nixpkgs";

     

       31
        
           fn06-website.inputs.nixpkgs.follows = "nixpkgs";

     

       32
        
           eon.inputs.nixpkgs.follows = "nixpkgs";

     

       33
       -
           colour-guesser.inputs.nixpkgs.follows = "nixpkgs";

     

       34
        
           i3-workspace-history.inputs.nixpkgs.follows = "nixpkgs";

     

       35
        
           hyperbib-eeg.inputs.nixpkgs.follows = "nixpkgs";

     

       36
        
           nix-rpi5.inputs.nixpkgs.follows = "nixpkgs";

     

       37
        
           nur.inputs.nixpkgs.follows = "nixpkgs";

     

       38
       -
           emacs-overlay.inputs.nixpkgs.follows = "nixpkgs";

     

       0
        
       
     

       0
        
       
     

       39
        
         };

     

       40
        
       

     

       41
        
         outputs =

     

       42
       -
           {

     

       43
       -
             self,

     

       44
       -
             nixpkgs-compat,

     

       45
       -
             nixpkgs,

     

       46
       -
             nixpkgs-unstable,

     

       47
       -
             nixpkgs-element,

     

       48
       -
             home-manager,

     

       49
       -
             agenix,

     

       50
       -
             deploy-rs,

     

       51
       -
             nix-on-droid,

     

       52
       -
             eilean,

     

       53
       -
             nur,

     

       54
       -
             ...

     

       55
       -
           }@inputs:

     

       56
        
           let

     

       57
        
             getSystemOverlays = system: nixpkgsConfig: [

     

       58
        
               (final: prev: {

     

       59
        
                 # https://github.com/mautrix/whatsapp/issues/749

     

       60
       -
                 overlay-compat = import nixpkgs-compat {

     

       61
        
                   inherit system;

     

       62
        
                   # follow stable nixpkgs config

     

       63
        
                   config = nixpkgsConfig;

     

       64
        
                 };

     

       65
       -
                 overlay-unstable = import nixpkgs-unstable {

     

       66
        
                   inherit system;

     

       67
        
                   # follow stable nixpkgs config

     

       68
        
                   config = nixpkgsConfig;

     
···

       86
        
                 immich = final.overlay-unstable.immich;

     

       87
        
                 mautrix-whatsapp = final.overlay-compat.mautrix-whatsapp;

     

       88
        
                 element-desktop =

     

       89
       -
                   (import nixpkgs-element {

     

       90
        
                     inherit system;

     

       91
        
                     config = nixpkgsConfig;

     

       92
        
                   }).element-desktop;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       93
        
               })

     

       94
       -
               nur.overlays.default

     

       95
        
             ];

     

       96
        
           in

     

       97
        
           {

     
···

       100
        
                 mkMode =

     

       101
        
                   mode: host:

     

       102
        
                   let

     

       103
       -
                     host-nixpkgs = nixpkgs;

     

       104
       -
                     host-home-manager = home-manager;

     

       105
        
                   in

     

       106
        
                   host-nixpkgs.lib.nixosSystem {

     

       107
        
                     # use system from config.localSystem

     
···

       115
        
                       (

     

       116
        
                         { config, ... }:

     

       117
        
                         {

     

       118
       -
                           networking.hostName = "${host}";

     

       119
        
                           # pin nix command's nixpkgs flake to the system flake to avoid unnecessary downloads

     

       120
        
                           nix.registry.nixpkgs.flake = host-nixpkgs;

     

       121
        
                           system.stateVersion = "24.05";

     

       122
        
                           # record git revision (can be queried with `nixos-version --json)

     

       123
       -
                           system.configurationRevision = host-nixpkgs.lib.mkIf (self ? rev) self.rev;

     

       124
        
                           nixpkgs = {

     

       125
        
                             config.allowUnfree = true;

     

       126
        
                             config.permittedInsecurePackages = [

     
···

       141
        
                         }

     

       142
        
                       )

     

       143
        
                       host-home-manager.nixosModule

     

       144
       -
                       eilean.nixosModules.default

     

       145
       -
                       agenix.nixosModules.default

     

       146
        
                     ];

     

       147
        
                   };

     

       148
        
                 readModes =

     
···

       151
        
                     files = builtins.readDir dir;

     

       152
        
                   in

     

       153
        
                   let

     

       154
       -
                     filtered = nixpkgs.lib.attrsets.filterAttrs (

     

       155
        
                       n: v: v == "regular" && (n == "default.nix" || n == "minimal.nix")

     

       156
        
                     ) files;

     

       157
        
                   in

     

       158
        
                   let

     

       159
       -
                     names = nixpkgs.lib.attrNames filtered;

     

       160
        
                   in

     

       161
       -
                   builtins.map (f: nixpkgs.lib.strings.removeSuffix ".nix" f) names;

     

       162
        
                 mkModes =

     

       163
        
                   host: modes:

     

       164
        
                   builtins.map (mode: {

     
···

       171
        
                     nestedList = builtins.map (host: mkModes host (readModes ./hosts/${host})) hosts;

     

       172
        
                   in

     

       173
        
                   let

     

       174
       -
                     list = nixpkgs.lib.lists.flatten nestedList;

     

       175
        
                   in

     

       176
        
                   builtins.listToAttrs list;

     

       177
        
                 hosts = builtins.attrNames (builtins.readDir ./hosts);

     
···

       185
        
                   (

     

       186
        
                     name:

     

       187
        
                     let

     

       188
       -
                       machine = self.nixosConfigurations.${name};

     

       189
        
                       system = machine.pkgs.system;

     

       190
       -
                       pkgs = import nixpkgs { inherit system; };

     

       191
        
                       # nixpkgs with deploy-rs overlay but force the nixpkgs package

     

       192
       -
                       deployPkgs = import nixpkgs {

     

       193
        
                         inherit system;

     

       194
        
                         overlays = [

     

       195
       -
                           deploy-rs.overlay

     

       196
        
                           (self: super: {

     

       197
        
                             deploy-rs = {

     

       198
        
                               inherit (pkgs) deploy-rs;

     
···

       229
        
               );

     

       230
        
             };

     

       231
        
       

     

       232
       -
             nixOnDroidConfigurations.default = nix-on-droid.lib.nixOnDroidConfiguration {

     

       233
       -
               modules = [ ./nix-on-droid/default.nix ];

     

       234
       -
               pkgs = import nixpkgs {

     

       235
        
                 overlays = getSystemOverlays "aarch64-linux" { };

     

       236
        
                 config.permittedInsecurePackages = [

     

       237
        
                   # https://github.com/nix-community/nixd/issues/357

     
···

       244
        
               rtg24 =

     

       245
        
                 let

     

       246
        
                   system = "x86_64-linux";

     

       247
       -
                   pkgs = nixpkgs.legacyPackages.${system};

     

       248
        
                 in

     

       249
       -
                 home-manager.lib.homeManagerConfiguration {

     

       250
        
                   inherit pkgs;

     

       251
        
                   modules = [

     

       252
        
                     ./home/default.nix

     
···

       258
        
                       home.packages = with pkgs; [ home-manager ];

     

       259
        
                       custom = {

     

       260
        
                         machineColour = "red";

     

       261
       -
                         nvim-lsps = true;

     

       262
        
                       };

     

       263
        
                     }

     

       264
        
                   ];

     

       265
        
                 };

     

       266
        
             };

     

       267
        
       

     

       268
       -
             legacyPackages = nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed (system: {

     

       269
       -
               nixpkgs = import nixpkgs {

     

       270
        
                 inherit system;

     

       271
        
                 overlays = getSystemOverlays system { };

     

       272
        
               };

     

       273
        
             });

     

       274
        
       

     

       275
       -
             formatter = nixpkgs.lib.genAttrs nixpkgs.lib.systems.flakeExposed (

     

       276
       -
               system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style

     

       277
        
             );

     

       278
       -
       

     

       279
       -
             templates.host.path = ./templates/host;

     

       280
        
           };

     

       281
        
       }

···

       4
        
           nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";

     

       5
        
           nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";

     

       6
        
           nixpkgs-element.url = "github:nixos/nixpkgs/b91f647a35c4e18a73adf617e6ef9eb5f3baa503";

     

       7
       +
           nixpkgs-flaresolverr.url = "github:nixos/nixpkgs/ebbc0409688869938bbcf630da1c1c13744d2a7b";

     

       8
       +
           nixpkgs-sonarr.url = "github:nixos/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907";

     

       9
        
           nixos-hardware.url = "github:nixos/nixos-hardware";

     

       10
        
           home-manager.url = "github:nix-community/home-manager/release-24.11";

     

       11
        
           agenix.url = "github:ryantm/agenix";

     
···

       15
        
           eilean.url = "github:RyanGibb/eilean-nix/main";

     

       16
        
           alec-website.url = "github:alexanderhthompson/website";

     

       17
        
           fn06-website.url = "github:RyanGibb/fn06";

     

       0
        
       
     

       18
        
           i3-workspace-history.url = "github:RyanGibb/i3-workspace-history";

     

       19
        
           hyperbib-eeg.url = "github:RyanGibb/hyperbib?ref=nixify";

     

       20
        
           nix-rpi5.url = "gitlab:vriska/nix-rpi5?ref=main";

     

       21
        
           nur.url = "github:nix-community/NUR/e9e77b7985ef9bdeca12a38523c63d47555cc89b";

     

       22
       +
           timewall.url = "github:bcyran/timewall/";

     

       23
       +
           tangled.url = "git+https://tangled.sh/@tangled.sh/core";

     

       24
       +
           disko.url = "github:nix-community/disko";

     

       25
        
       

     

       26
        
           # deduplicate flake inputs

     

       27
        
           eilean.inputs.nixpkgs.follows = "nixpkgs";

     
···

       33
        
           alec-website.inputs.nixpkgs.follows = "nixpkgs";

     

       34
        
           fn06-website.inputs.nixpkgs.follows = "nixpkgs";

     

       35
        
           eon.inputs.nixpkgs.follows = "nixpkgs";

     

       0
        
       
     

       36
        
           i3-workspace-history.inputs.nixpkgs.follows = "nixpkgs";

     

       37
        
           hyperbib-eeg.inputs.nixpkgs.follows = "nixpkgs";

     

       38
        
           nix-rpi5.inputs.nixpkgs.follows = "nixpkgs";

     

       39
        
           nur.inputs.nixpkgs.follows = "nixpkgs";

     

       40
       +
           timewall.inputs.nixpkgs.follows = "nixpkgs";

     

       41
       +
           tangled.inputs.nixpkgs.follows = "nixpkgs";

     

       42
       +
           disko.inputs.nixpkgs.follows = "nixpkgs";

     

       43
        
         };

     

       44
        
       

     

       45
        
         outputs =

     

       46
       +
           inputs:

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       47
        
           let

     

       48
        
             getSystemOverlays = system: nixpkgsConfig: [

     

       49
        
               (final: prev: {

     

       50
        
                 # https://github.com/mautrix/whatsapp/issues/749

     

       51
       +
                 overlay-compat = import inputs.nixpkgs-compat {

     

       52
        
                   inherit system;

     

       53
        
                   # follow stable nixpkgs config

     

       54
        
                   config = nixpkgsConfig;

     

       55
        
                 };

     

       56
       +
                 overlay-unstable = import inputs.nixpkgs-unstable {

     

       57
        
                   inherit system;

     

       58
        
                   # follow stable nixpkgs config

     

       59
        
                   config = nixpkgsConfig;

     
···

       77
        
                 immich = final.overlay-unstable.immich;

     

       78
        
                 mautrix-whatsapp = final.overlay-compat.mautrix-whatsapp;

     

       79
        
                 element-desktop =

     

       80
       +
                   (import inputs.nixpkgs-element {

     

       81
        
                     inherit system;

     

       82
        
                     config = nixpkgsConfig;

     

       83
        
                   }).element-desktop;

     

       84
       +
                 # https://github.com/NixOS/nixpkgs/issues/332776

     

       85
       +
                 flaresolverr =

     

       86
       +
                   (import inputs.nixpkgs-flaresolverr {

     

       87
       +
                     inherit system;

     

       88
       +
                     config = nixpkgsConfig;

     

       89
       +
                   }).flaresolverr;

     

       90
       +
                 sonarr =

     

       91
       +
                   (import inputs.nixpkgs-sonarr {

     

       92
       +
                     inherit system;

     

       93
       +
                     config = nixpkgsConfig;

     

       94
       +
                   }).sonarr;

     

       95
       +
                 timewall = inputs.timewall.packages.${system}.default;

     

       96
        
               })

     

       97
       +
               inputs.nur.overlays.default

     

       98
        
             ];

     

       99
        
           in

     

       100
        
           {

     
···

       103
        
                 mkMode =

     

       104
        
                   mode: host:

     

       105
        
                   let

     

       106
       +
                     host-nixpkgs = inputs.nixpkgs;

     

       107
       +
                     host-home-manager = inputs.home-manager;

     

       108
        
                   in

     

       109
        
                   host-nixpkgs.lib.nixosSystem {

     

       110
        
                     # use system from config.localSystem

     
···

       118
        
                       (

     

       119
        
                         { config, ... }:

     

       120
        
                         {

     

       121
       +
                           networking.hostName = host-nixpkgs.lib.mkDefault "${host}";

     

       122
        
                           # pin nix command's nixpkgs flake to the system flake to avoid unnecessary downloads

     

       123
        
                           nix.registry.nixpkgs.flake = host-nixpkgs;

     

       124
        
                           system.stateVersion = "24.05";

     

       125
        
                           # record git revision (can be queried with `nixos-version --json)

     

       126
       +
                           system.configurationRevision = host-nixpkgs.lib.mkIf (inputs.self ? rev) inputs.self.rev;

     

       127
        
                           nixpkgs = {

     

       128
        
                             config.allowUnfree = true;

     

       129
        
                             config.permittedInsecurePackages = [

     
···

       144
        
                         }

     

       145
        
                       )

     

       146
        
                       host-home-manager.nixosModule

     

       147
       +
                       inputs.eilean.nixosModules.default

     

       148
       +
                       inputs.agenix.nixosModules.default

     

       149
        
                     ];

     

       150
        
                   };

     

       151
        
                 readModes =

     
···

       154
        
                     files = builtins.readDir dir;

     

       155
        
                   in

     

       156
        
                   let

     

       157
       +
                     filtered = inputs.nixpkgs.lib.attrsets.filterAttrs (

     

       158
        
                       n: v: v == "regular" && (n == "default.nix" || n == "minimal.nix")

     

       159
        
                     ) files;

     

       160
        
                   in

     

       161
        
                   let

     

       162
       +
                     names = inputs.nixpkgs.lib.attrNames filtered;

     

       163
        
                   in

     

       164
       +
                   builtins.map (f: inputs.nixpkgs.lib.strings.removeSuffix ".nix" f) names;

     

       165
        
                 mkModes =

     

       166
        
                   host: modes:

     

       167
        
                   builtins.map (mode: {

     
···

       174
        
                     nestedList = builtins.map (host: mkModes host (readModes ./hosts/${host})) hosts;

     

       175
        
                   in

     

       176
        
                   let

     

       177
       +
                     list = inputs.nixpkgs.lib.lists.flatten nestedList;

     

       178
        
                   in

     

       179
        
                   builtins.listToAttrs list;

     

       180
        
                 hosts = builtins.attrNames (builtins.readDir ./hosts);

     
···

       188
        
                   (

     

       189
        
                     name:

     

       190
        
                     let

     

       191
       +
                       machine = inputs.self.nixosConfigurations.${name};

     

       192
        
                       system = machine.pkgs.system;

     

       193
       +
                       pkgs = import inputs.nixpkgs { inherit system; };

     

       194
        
                       # nixpkgs with deploy-rs overlay but force the nixpkgs package

     

       195
       +
                       deployPkgs = import inputs.nixpkgs {

     

       196
        
                         inherit system;

     

       197
        
                         overlays = [

     

       198
       +
                           inputs.deploy-rs.overlay

     

       199
        
                           (self: super: {

     

       200
        
                             deploy-rs = {

     

       201
        
                               inherit (pkgs) deploy-rs;

     
···

       232
        
               );

     

       233
        
             };

     

       234
        
       

     

       235
       +
             nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {

     

       236
       +
               modules = [ (import ./nix-on-droid/default.nix inputs) ];

     

       237
       +
               pkgs = import inputs.nixpkgs {

     

       238
        
                 overlays = getSystemOverlays "aarch64-linux" { };

     

       239
        
                 config.permittedInsecurePackages = [

     

       240
        
                   # https://github.com/nix-community/nixd/issues/357

     
···

       247
        
               rtg24 =

     

       248
        
                 let

     

       249
        
                   system = "x86_64-linux";

     

       250
       +
                   pkgs = inputs.nixpkgs.legacyPackages.${system};

     

       251
        
                 in

     

       252
       +
                 inputs.home-manager.lib.homeManagerConfiguration {

     

       253
        
                   inherit pkgs;

     

       254
        
                   modules = [

     

       255
        
                     ./home/default.nix

     
···

       261
        
                       home.packages = with pkgs; [ home-manager ];

     

       262
        
                       custom = {

     

       263
        
                         machineColour = "red";

     

       0
        
       
     

       264
        
                       };

     

       265
        
                     }

     

       266
        
                   ];

     

       267
        
                 };

     

       268
        
             };

     

       269
        
       

     

       270
       +
             legacyPackages = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (system: {

     

       271
       +
               nixpkgs = import inputs.nixpkgs {

     

       272
        
                 inherit system;

     

       273
        
                 overlays = getSystemOverlays system { };

     

       274
        
               };

     

       275
        
             });

     

       276
        
       

     

       277
       +
             formatter = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (

     

       278
       +
               system: inputs.nixpkgs.legacyPackages.${system}.nixfmt-rfc-style

     

       279
        
             );

     

       0
        
       
     

       0
        
       
     

       280
        
           };

     

       281
        
       }

+4 -62

home/calendar.nix

···

       12
        
         options.custom.calendar.enable = lib.mkEnableOption "calendar";

     

       13
        
       

     

       14
        
         config = lib.mkIf cfg.enable {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       15
        
           programs = {

     

       16
        
             password-store.enable = true;

     

       17
        
             gpg.enable = true;

     

       18
       -
             vdirsyncer.enable = true;

     

       19
       -
             khal = {

     

       20
       -
               enable = true;

     

       21
       -
               locale = {

     

       22
       -
                 timeformat = "%I:%M%p";

     

       23
       -
                 dateformat = "%y-%m-%d";

     

       24
       -
                 longdateformat = "%Y-%m-%d";

     

       25
       -
                 datetimeformat = "%y-%m-%d %I:%M%p";

     

       26
       -
                 longdatetimeformat = "%Y-%m-%d %I:%M%p";

     

       27
       -
               };

     

       28
       -
               settings = {

     

       29
       -
                 default.default_calendar = "ryan_freumh_org";

     

       30
       -
                 keybindings.external_edit = "ctrl e";

     

       31
       -
                 keybindings.save = "ctrl s";

     

       32
       -
               };

     

       33
       -
             };

     

       34
        
           };

     

       35
        
       

     

       36
        
           services = {

     

       37
        
             gpg-agent.enable = true;

     

       38
       -
           };

     

       39
       -
       

     

       40
       -
           accounts.calendar = {

     

       41
       -
             basePath = "calendar";

     

       42
       -
             accounts = {

     

       43
       -
               "ryan_freumh_org" = {

     

       44
       -
                 khal = {

     

       45
       -
                   enable = true;

     

       46
       -
                   color = "white";

     

       47
       -
                 };

     

       48
       -
                 vdirsyncer = {

     

       49
       -
                   enable = true;

     

       50
       -
                 };

     

       51
       -
                 remote = {

     

       52
       -
                   type = "caldav";

     

       53
       -
                   url = "https://cal.freumh.org/ryan/f497c073-d027-2aa5-1e58-cbec1bf5a8c7/";

     

       54
       -
                   passwordCommand = [

     

       55
       -
                     "${pkgs.pass}/bin/pass"

     

       56
       -
                     "show"

     

       57
       -
                     "calendar/ryan@freumh.org"

     

       58
       -
                   ];

     

       59
       -
                   userName = "ryan";

     

       60
       -
                 };

     

       61
       -
                 local = {

     

       62
       -
                   type = "filesystem";

     

       63
       -
                   fileExt = ".ics";

     

       64
       -
                 };

     

       65
       -
               };

     

       66
       -
               "srg" = {

     

       67
       -
                 khal = {

     

       68
       -
                   enable = true;

     

       69
       -
                   color = "#CC3333";

     

       70
       -
                 };

     

       71
       -
                 vdirsyncer = {

     

       72
       -
                   enable = true;

     

       73
       -
                 };

     

       74
       -
                 remote = {

     

       75
       -
                   type = "http";

     

       76
       -
                   url = "https://talks.cam.ac.uk/show/ics/8316.ics";

     

       77
       -
                 };

     

       78
       -
                 local = {

     

       79
       -
                   type = "filesystem";

     

       80
       -
                   fileExt = ".ics";

     

       81
       -
                 };

     

       82
       -
               };

     

       83
       -
             };

     

       84
        
           };

     

       85
        
         };

     

       86
        
       }

···

       12
        
         options.custom.calendar.enable = lib.mkEnableOption "calendar";

     

       13
        
       

     

       14
        
         config = lib.mkIf cfg.enable {

     

       15
       +
           home.packages = with pkgs; [

     

       16
       +
             vdirsyncer

     

       17
       +
           ];

     

       18
       +
       

     

       19
        
           programs = {

     

       20
        
             password-store.enable = true;

     

       21
        
             gpg.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
           };

     

       23
        
       

     

       24
        
           services = {

     

       25
        
             gpg-agent.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       26
        
           };

     

       27
        
         };

     

       28
        
       }

+63 -71

home/default.nix

···

       6
        
       }:

     

       7
        
       

     

       8
        
       let

     

       9
       -
         cfg = config.custom;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       10
        
       in

     

       11
        
       {

     

       12
        
         imports = [

     
···

       30
        
             NIX_AUTO_RUN_INTERACTIVE = "y";

     

       31
        
             GOPATH = "$HOME/.go";

     

       32
        
           };

     

       33
       -
           home.packages =

     

       34
       -
             let

     

       35
       -
               status = pkgs.stdenv.mkDerivation {

     

       36
       -
                 name = "status";

     

       37
       -
       

     

       38
       -
                 src = ./status;

     

       39
       -
       

     

       40
       -
                 installPhase = ''

     

       41
       -
                   mkdir -p $out

     

       42
       -
                   cp -r * $out

     

       43
       -
                 '';

     

       44
       -
               };

     

       45
       -
             in

     

       46
       -
             with pkgs;

     

       47
       -
             [

     

       48
       -
               status

     

       49
       -
               tree

     

       50
       -
               htop

     

       51
       -
               gnumake

     

       52
       -
               killall

     

       53
       -
               inetutils

     

       54
       -
               dnsutils

     

       55
       -
               nmap

     

       56
       -
               gcc

     

       57
       -
               fzf

     

       58
       -
               nix-tree

     

       59
       -
               jq

     

       60
       -
               bc

     

       61
       -
               openssh

     

       62
       -
               # multicore rust command line utils

     

       63
       -
               dua

     

       64
       -
               fd

     

       65
       -
               bat

     

       66
       -
               ripgrep

     

       67
       -
             ];

     

       68
        
       

     

       69
        
           home.shellAliases = {

     

       70
        
             ls = "ls -p --color=auto";

     
···

       199
        
                       tmux set-option status off

     

       200
        
                   fi

     

       201
        
                 '';

     

       202
       -
                 # https://github.com/ThePrimeagen/.dotfiles/blob/master/bin/.local/scripts/tmux-sessionizer

     

       203
       -
                 sessionizer = pkgs.writeScript "sessionizer.sh" ''

     

       204
       -
                   #!/usr/bin/env bash

     

       205
       -
       

     

       206
       -
                   if [[ $# -eq 1 ]]; then

     

       207
       -
                       selected=$1

     

       208
       -
                   else

     

       209
       -
                       selected=$(find ~ -not -path '*/.*' -maxdepth 2 -type d | fzf)

     

       210
       -
                   fi

     

       211
       -
       

     

       212
       -
                   if [[ -z $selected ]]; then

     

       213
       -
                       exit 0

     

       214
       -
                   fi

     

       215
       -
       

     

       216
       -
                   selected_name=$(basename "$selected" | tr . _)

     

       217
       -
                   tmux_running=$(pgrep tmux)

     

       218
       -
       

     

       219
       -
                   if [[ -z $TMUX ]] && [[ -z $tmux_running ]]; then

     

       220
       -
                       tmux new-session -s $selected_name -c $selected

     

       221
       -
                       exit 0

     

       222
       -
                   fi

     

       223
       -
       

     

       224
       -
                   if ! tmux has-session -t=$selected_name 2> /dev/null; then

     

       225
       -
                       tmux new-session -ds $selected_name -c $selected

     

       226
       -
                   fi

     

       227
       -
       

     

       228
       -
                   tmux switch-client -t $selected_name

     

       229
       -
                 '';

     

       230
        
               in

     

       0
        
       
     

       231
        
               ''

     

       232
        
                 # alternative modifier

     

       233
        
                 unbind C-b

     

       234
        
                 set-option -g prefix C-a

     

       235
        
                 bind-key C-a send-prefix

     

       236
       -
       

     

       237
        
                 set-window-option -g mode-keys vi

     

       238
        
                 set-option -g mouse on

     

       239
        
                 set-option -g set-titles on

     
···

       247
        
                 # https://stackoverflow.com/questions/62182401/neovim-screen-lagging-when-switching-mode-from-insert-to-normal

     

       248
        
                 # locking

     

       249
        
                 set -s escape-time 0

     

       250
       -
                 set -g lock-command ${pkgs.vlock}/bin/vlock

     

       251
       -
                 set -g lock-after-time 0 # Seconds; 0 = never

     

       252
       -
                 bind L lock-session

     

       253
        
                 # for .zprofile display environment starting https://github.com/tmux/tmux/issues/3483

     

       254
        
                 set-option -g update-environment XDG_VTNR

     

       255
        
                 # Allow clipboard with OSC-52 work

     
···

       260
        
                 bind -T copy-mode-vi v send-keys -X begin-selection

     

       261
        
                 bind -T copy-mode-vi y send-keys -X copy-selection-and-cancel

     

       262
        
                 # find

     

       263
       -
                 bind-key -r g run-shell "tmux neww ${sessionizer}"

     

       264
        
                 # reload

     

       265
        
                 bind-key r source-file ~/.config/tmux/tmux.conf

     

       266
       -
                 # kill unattached

     

       267
       -
                 bind-key K run-shell 'tmux ls | grep -v attached | cut -d: -f1 | xargs -I {} tmux kill-window -t {}'

     

       268
        
               '';

     

       269
        
           };

     

       270

···

       6
        
       }:

     

       7
        
       

     

       8
        
       let

     

       9
       +
         tmux-sessionizer = pkgs.writeScriptBin "tmux-sessionizer" ''

     

       10
       +
           #!/usr/bin/env bash

     

       11
       +
       

     

       12
       +
           hist_file=~/.cache/sessionizer.hist

     

       13
       +
       

     

       14
       +
           if [[ $# -eq 1 ]]; then

     

       15
       +
               selected=$1

     

       16
       +
           else

     

       17
       +
               selected=$((tac "$hist_file"

     

       18
       +
                   find ~/ ~/projects -mindepth 1 -maxdepth 1 -type d -not -path '*/[.]*'

     

       19
       +
                   awk '{print "ssh " $1}' ~/.ssh/known_hosts 2>/dev/null | sort -u

     

       20
       +
                   echo /etc/nixos) | awk '!seen[$0]++' | fzf --print-query | tail -n 1)

     

       21
       +
           fi

     

       22
       +
       

     

       23
       +
           if [[ -z $selected ]]; then

     

       24
       +
               exit 0

     

       25
       +
           fi

     

       26
       +
       

     

       27
       +
           echo "$selected" >> $hist_file

     

       28
       +
       

     

       29
       +
           selected_name=$(basename "$selected" | tr . _)

     

       30
       +
           tmux_running=$(pgrep tmux)

     

       31
       +
       

     

       32
       +
           if [[ $selected == ssh\ * ]]; then

     

       33
       +
               if [[ -z $TMUX ]] && [[ -z $tmux_running ]]; then

     

       34
       +
                   tmux new-session -s "$selected_name" "$selected"

     

       35
       +
                   exit 0

     

       36
       +
               fi

     

       37
       +
       

     

       38
       +
               if ! tmux has-session -t="$selected_name" 2> /dev/null; then

     

       39
       +
                   tmux new-session -ds "$selected_name" "$selected"

     

       40
       +
               fi

     

       41
       +
           else

     

       42
       +
               if [[ -z $TMUX ]] && [[ -z "$tmux_running" ]]; then

     

       43
       +
                   tmux new-session -s "$selected_name" -c "$selected"

     

       44
       +
                   exit 0

     

       45
       +
               fi

     

       46
       +
       

     

       47
       +
               if ! tmux has-session -t="$selected_name" 2> /dev/null; then

     

       48
       +
                   tmux new-session -ds "$selected_name" -c "$selected"

     

       49
       +
               fi

     

       50
       +
           fi

     

       51
       +
       

     

       52
       +
       

     

       53
       +
           tmux switch-client -t "$selected_name"

     

       54
       +
         '';

     

       55
        
       in

     

       56
        
       {

     

       57
        
         imports = [

     
···

       75
        
             NIX_AUTO_RUN_INTERACTIVE = "y";

     

       76
        
             GOPATH = "$HOME/.go";

     

       77
        
           };

     

       78
       +
           home.packages = with pkgs; [

     

       79
       +
             htop

     

       80
       +
             gnumake

     

       81
       +
             inetutils

     

       82
       +
             dig

     

       83
       +
             fzf

     

       84
       +
             jq

     

       85
       +
             bc

     

       86
       +
             openssh

     

       87
       +
             # multicore rust command line utils

     

       88
       +
             dua

     

       89
       +
             fd

     

       90
       +
             ripgrep

     

       91
       +
             tmux-sessionizer

     

       92
       +
           ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       93
        
       

     

       94
        
           home.shellAliases = {

     

       95
        
             ls = "ls -p --color=auto";

     
···

       224
        
                       tmux set-option status off

     

       225
        
                   fi

     

       226
        
                 '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       227
        
               in

     

       228
       +
               # https://github.com/ThePrimeagen/.dotfiles/blob/master/bin/.local/scripts/tmux-sessionizer

     

       229
        
               ''

     

       230
        
                 # alternative modifier

     

       231
        
                 unbind C-b

     

       232
        
                 set-option -g prefix C-a

     

       233
        
                 bind-key C-a send-prefix

     

       0
        
       
     

       234
        
                 set-window-option -g mode-keys vi

     

       235
        
                 set-option -g mouse on

     

       236
        
                 set-option -g set-titles on

     
···

       244
        
                 # https://stackoverflow.com/questions/62182401/neovim-screen-lagging-when-switching-mode-from-insert-to-normal

     

       245
        
                 # locking

     

       246
        
                 set -s escape-time 0

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       247
        
                 # for .zprofile display environment starting https://github.com/tmux/tmux/issues/3483

     

       248
        
                 set-option -g update-environment XDG_VTNR

     

       249
        
                 # Allow clipboard with OSC-52 work

     
···

       254
        
                 bind -T copy-mode-vi v send-keys -X begin-selection

     

       255
        
                 bind -T copy-mode-vi y send-keys -X copy-selection-and-cancel

     

       256
        
                 # find

     

       257
       +
                 bind-key -r f run-shell "tmux neww tmux-sessionizer"

     

       258
        
                 # reload

     

       259
        
                 bind-key r source-file ~/.config/tmux/tmux.conf

     

       0
        
       
     

       0
        
       
     

       260
        
               '';

     

       261
        
           };

     

       262

+2 -6

home/emacs/default.nix

···

       3
        
         lib,

     

       4
        
         config,

     

       5
        
         ...

     

       6
       -
       }@inputs:

     

       7
        
       

     

       8
        
       let

     

       9
        
         cfg = config.custom.emacs;

     

       10
       -
         emacs = (pkgs.emacsPackagesFor pkgs.emacs29-pgtk).emacsWithPackages (

     

       11
        
           epkgs: with epkgs; [

     

       12
        
             treesit-grammars.with-all-grammars

     

       13
        
             vterm

     
···

       19
        
         options.custom.emacs.enable = lib.mkEnableOption "emacs";

     

       20
        
       

     

       21
        
         config = lib.mkIf cfg.enable {

     

       22
       -
           nixpkgs.overlays = [

     

       23
       -
             inputs.emacs-overlay.overlays.default

     

       24
       -
           ];

     

       25
       -
       

     

       26
        
           home.packages = with pkgs; [

     

       27
        
             binutils

     

       28
        
             emacs

···

       3
        
         lib,

     

       4
        
         config,

     

       5
        
         ...

     

       6
       +
       }:

     

       7
        
       

     

       8
        
       let

     

       9
        
         cfg = config.custom.emacs;

     

       10
       +
         emacs = (pkgs.emacsPackagesFor pkgs.emacs30-pgtk).emacsWithPackages (

     

       11
        
           epkgs: with epkgs; [

     

       12
        
             treesit-grammars.with-all-grammars

     

       13
        
             vterm

     
···

       19
        
         options.custom.emacs.enable = lib.mkEnableOption "emacs";

     

       20
        
       

     

       21
        
         config = lib.mkIf cfg.enable {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
           home.packages = with pkgs; [

     

       23
        
             binutils

     

       24
        
             emacs

+33 -2

home/gui/default.nix

···

       3
        
         config,

     

       4
        
         lib,

     

       5
        
         ...

     

       6
       -
       }:

     

       7
        
       

     

       8
        
       let

     

       9
        
         cfg = config.custom.gui;

     
···

       12
        
         imports = [

     

       13
        
           ./i3.nix

     

       14
        
           ./sway.nix

     

       0
        
       
     

       15
        
         ];

     

       16
        
       

     

       17
        
         options.custom.gui.enable = lib.mkEnableOption "gui";

     
···

       34
        
           };

     

       35
        
       

     

       36
        
           home = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       37
        
             sessionVariables = {

     

       38
        
               # evince workaround

     

       39
        
               GTK_THEME = "Gruvbox-Dark";

     
···

       117
        
                 news-feed-eradicator

     

       118
        
                 istilldontcareaboutcookies

     

       119
        
                 leechblock-ng

     

       120
       -
                 search-by-image

     

       121
        
                 simple-translate

     

       122
        
                 tree-style-tab

     

       123
        
                 tridactyl

     
···

       167
        
               desktop = "$HOME/";

     

       168
        
               templates = "$HOME/";

     

       169
        
               publicShare = "$HOME/";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       170
        
             };

     

       171
        
           };

     

       172
        
         };

···

       3
        
         config,

     

       4
        
         lib,

     

       5
        
         ...

     

       6
       +
       }@inputs:

     

       7
        
       

     

       8
        
       let

     

       9
        
         cfg = config.custom.gui;

     
···

       12
        
         imports = [

     

       13
        
           ./i3.nix

     

       14
        
           ./sway.nix

     

       15
       +
           inputs.timewall.homeManagerModules.default

     

       16
        
         ];

     

       17
        
       

     

       18
        
         options.custom.gui.enable = lib.mkEnableOption "gui";

     
···

       35
        
           };

     

       36
        
       

     

       37
        
           home = {

     

       38
       +
             packages =

     

       39
       +
               let

     

       40
       +
                 status = pkgs.stdenv.mkDerivation {

     

       41
       +
                   name = "status";

     

       42
       +
       

     

       43
       +
                   src = ../status;

     

       44
       +
       

     

       45
       +
                   installPhase = ''

     

       46
       +
                     mkdir -p $out

     

       47
       +
                     cp -r * $out

     

       48
       +
                   '';

     

       49
       +
                 };

     

       50
       +
               in

     

       51
       +
               [ status ];

     

       52
       +
       

     

       53
        
             sessionVariables = {

     

       54
        
               # evince workaround

     

       55
        
               GTK_THEME = "Gruvbox-Dark";

     
···

       133
        
                 news-feed-eradicator

     

       134
        
                 istilldontcareaboutcookies

     

       135
        
                 leechblock-ng

     

       136
       +
                 # search-by-image

     

       137
        
                 simple-translate

     

       138
        
                 tree-style-tab

     

       139
        
                 tridactyl

     
···

       183
        
               desktop = "$HOME/";

     

       184
        
               templates = "$HOME/";

     

       185
        
               publicShare = "$HOME/";

     

       186
       +
             };

     

       187
       +
           };

     

       188
       +
       

     

       189
       +
           services.timewall = lib.mkIf (inputs ? timewall) {

     

       190
       +
             enable = true;

     

       191
       +
             config = {

     

       192
       +
               geoclue.timeout = 1000;

     

       193
       +
               setter = {

     

       194
       +
                 command = [

     

       195
       +
                   "${pkgs.bash}/bin/sh"

     

       196
       +
                   "-c"

     

       197
       +
                   "${pkgs.coreutils}/bin/ln -fs %f ~/.cache/timewall/last_image && ${pkgs.swaybg}/bin/swaybg -i %f -c 282828 -m fill"

     

       198
       +
                 ];

     

       199
       +
                 overlap = 1000;

     

       200
       +
               };

     

       201
        
             };

     

       202
        
           };

     

       203
        
         };

-1

home/gui/i3.nix

···

       22
        
           drun = "rofi -i -modi drun -show drun";

     

       23
        
           dmenu = "rofi -i -dmenu -p";

     

       24
        
           displays = "arandr";

     

       25
       -
           bar = "i3bar";

     

       26
        
           notification_deamon = "dunst";

     

       27
        
           i3_workspace_history = "${i3-workspace-history}/bin/i3-workspace-history";

     

       28
        
           i3_workspace_history_args = "";

···

       22
        
           drun = "rofi -i -modi drun -show drun";

     

       23
        
           dmenu = "rofi -i -dmenu -p";

     

       24
        
           displays = "arandr";

     

       0
        
       
     

       25
        
           notification_deamon = "dunst";

     

       26
        
           i3_workspace_history = "${i3-workspace-history}/bin/i3-workspace-history";

     

       27
        
           i3_workspace_history_args = "";

+1 -3

home/gui/sway.nix

···

       18
        
           '';

     

       19
        
           locked = "--locked";

     

       20
        
           polkit_gnome = "${pkgs.polkit_gnome}";

     

       21
       -
           locker = "swaylock -f -i $WALLPAPER";

     

       22
        
           enable_output = "swaymsg output $laptop_output enable";

     

       23
        
           disable_output = "swaymsg output $laptop_output disable";

     

       24
        
           drun = "wofi -i --show drun --allow-images -a";

     

       25
        
           dmenu = "wofi -d -i -p";

     

       26
        
           displays = "wdisplays";

     

       27
       -
           bar = "swaybar";

     

       28
        
           notification_deamon = "dunst";

     

       29
        
           i3_workspace_history = "${i3-workspace-history}/bin/i3-workspace-history";

     

       30
        
           i3_workspace_history_args = "-sway";

     
···

       64
        
               export MOZ_ENABLE_WAYLAND=1

     

       65
        
               export MOZ_DBUS_REMOTE=1

     

       66
        
               export QT_STYLE_OVERRIDE="Fusion"

     

       67
       -
               export WLR_NO_HARDWARE_CURSORS=1

     

       68
        
               export NIXOS_OZONE_WL=1

     

       69
        
       

     

       70
        
               # for intellij

···

       18
        
           '';

     

       19
        
           locked = "--locked";

     

       20
        
           polkit_gnome = "${pkgs.polkit_gnome}";

     

       21
       +
           locker = "swaylock -f -i ~/.cache/timewall/last_image";

     

       22
        
           enable_output = "swaymsg output $laptop_output enable";

     

       23
        
           disable_output = "swaymsg output $laptop_output disable";

     

       24
        
           drun = "wofi -i --show drun --allow-images -a";

     

       25
        
           dmenu = "wofi -d -i -p";

     

       26
        
           displays = "wdisplays";

     

       0
        
       
     

       27
        
           notification_deamon = "dunst";

     

       28
        
           i3_workspace_history = "${i3-workspace-history}/bin/i3-workspace-history";

     

       29
        
           i3_workspace_history_args = "-sway";

     
···

       63
        
               export MOZ_ENABLE_WAYLAND=1

     

       64
        
               export MOZ_DBUS_REMOTE=1

     

       65
        
               export QT_STYLE_OVERRIDE="Fusion"

     

       0
        
       
     

       66
        
               export NIXOS_OZONE_WL=1

     

       67
        
       

     

       68
        
               # for intellij

+18 -18

home/gui/wm/config.d/bindings

···

       167
        
       bindsym $mod+Shift+numbersign move scratchpad

     

       168
        
       bindsym $mod+numbersign scratchpad show

     

       169
        
       

     

       170
       -
       bindsym $mod+Escape exec st date workspace mail idle disk temperature load_average memory backlight player battery

     

       171
       -
       bindsym $mod+Shift+Escape exec st

     

       172
        
       

     

       173
        
       # grave=`

     

       174
        
       bindsym $mod+grave workspace back_and_forth ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

     
···

       201
        
       bindsym $mod+Control+Shift+k resize shrink height 1px

     

       202
        
       bindsym $mod+Control+Shift+l resize grow   width  1px

     

       203
        
       

     

       204
       -
       bindsym $mod+$alt+h focus output left

     

       205
       -
       bindsym $mod+$alt+j focus output down

     

       206
       -
       bindsym $mod+$alt+k focus output up

     

       207
       -
       bindsym $mod+$alt+l focus output right

     

       208
        
       

     

       209
        
       bindsym $mod+$alt+Shift+h move container to output left

     

       210
        
       bindsym $mod+$alt+Shift+j move container to output down

     
···

       237
        
       bindsym $mod+Control+Shift+up    resize shrink height 1px

     

       238
        
       bindsym $mod+Control+Shift+right resize grow   width  1px

     

       239
        
       

     

       240
       -
       bindsym $mod+$alt+left  focus output left

     

       241
       -
       bindsym $mod+$alt+down  focus output down

     

       242
       -
       bindsym $mod+$alt+up    focus output up

     

       243
       -
       bindsym $mod+$alt+right focus output right

     

       244
        
       

     

       245
       -
       bindsym $mod+$alt+Shift+left  move container to output left

     

       246
       -
       bindsym $mod+$alt+Shift+down  move container to output down

     

       247
       -
       bindsym $mod+$alt+Shift+up    move container to output up

     

       248
       -
       bindsym $mod+$alt+Shift+right move container to output right

     

       249
        
       

     

       250
       -
       bindsym $mod+$alt+Control+left  move workspace to output left

     

       251
       -
       bindsym $mod+$alt+Control+down  move workspace to output down

     

       252
       -
       bindsym $mod+$alt+Control+up    move workspace to output up

     

       253
       -
       bindsym $mod+$alt+Control+right move workspace to output right

     

       254
        
       

     

       255
        
       bindsym $mod+bracketleft          focus output left              ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

     

       256
        
       bindsym $mod+bracketright         focus output right             ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

···

       167
        
       bindsym $mod+Shift+numbersign move scratchpad

     

       168
        
       bindsym $mod+numbersign scratchpad show

     

       169
        
       

     

       170
       +
       bindsym $mod+Escape exec st

     

       171
       +
       bindsym $mod+Shift+Escape exec st date workspace mail idle disk temperature load_average memory backlight player battery

     

       172
        
       

     

       173
        
       # grave=`

     

       174
        
       bindsym $mod+grave workspace back_and_forth ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

     
···

       201
        
       bindsym $mod+Control+Shift+k resize shrink height 1px

     

       202
        
       bindsym $mod+Control+Shift+l resize grow   width  1px

     

       203
        
       

     

       204
       +
       bindsym $mod+$alt+h focus output left ; exec st workspace -t 500

     

       205
       +
       bindsym $mod+$alt+j focus output down ; exec st workspace -t 500

     

       206
       +
       bindsym $mod+$alt+k focus output up ; exec st workspace -t 500

     

       207
       +
       bindsym $mod+$alt+l focus output right ; exec st workspace -t 500

     

       208
        
       

     

       209
        
       bindsym $mod+$alt+Shift+h move container to output left

     

       210
        
       bindsym $mod+$alt+Shift+j move container to output down

     
···

       237
        
       bindsym $mod+Control+Shift+up    resize shrink height 1px

     

       238
        
       bindsym $mod+Control+Shift+right resize grow   width  1px

     

       239
        
       

     

       240
       +
       bindsym $mod+$alt+left  focus output left  ; exec st workspace -t 500

     

       241
       +
       bindsym $mod+$alt+down  focus output down  ; exec st workspace -t 500

     

       242
       +
       bindsym $mod+$alt+up    focus output up    ; exec st workspace -t 500

     

       243
       +
       bindsym $mod+$alt+right focus output right ; exec st workspace -t 500

     

       244
        
       

     

       245
       +
       bindsym $mod+$alt+Shift+left  move container to output left  ; exec st workspace -t 500

     

       246
       +
       bindsym $mod+$alt+Shift+down  move container to output down  ; exec st workspace -t 500

     

       247
       +
       bindsym $mod+$alt+Shift+up    move container to output up    ; exec st workspace -t 500

     

       248
       +
       bindsym $mod+$alt+Shift+right move container to output right ; exec st workspace -t 500

     

       249
        
       

     

       250
       +
       bindsym $mod+$alt+Control+left  move workspace to output left  ; exec st workspace -t 500

     

       251
       +
       bindsym $mod+$alt+Control+down  move workspace to output down  ; exec st workspace -t 500

     

       252
       +
       bindsym $mod+$alt+Control+up    move workspace to output up    ; exec st workspace -t 500

     

       253
       +
       bindsym $mod+$alt+Control+right move workspace to output right ; exec st workspace -t 500

     

       254
        
       

     

       255
        
       bindsym $mod+bracketleft          focus output left              ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

     

       256
        
       bindsym $mod+bracketright         focus output right             ; exec dunstify -C `cat ~/.cache/st_id` && st workspace -t 500

-1

home/gui/wm/i3/bindings

···

       1
        
       

     

       2
       -
       bindsym $mod+r       exec "pkill i3bar; i3bar --bar_id bar-0"

     

       3
        
       bindsym $mod+Shift+r exec "i3-msg reload"

     

       4
        
       

     

       5
        
       bindsym $mod+q exec dunstctl close-all

···

       1
        
       

     

       0
        
       
     

       2
        
       bindsym $mod+Shift+r exec "i3-msg reload"

     

       3
        
       

     

       4
        
       bindsym $mod+q exec dunstctl close-all

home/gui/wm/scripts/dunst_restart.sh

···

       1
       +
       #!/usr/bin/env bash

     

       2
       +
       

     

       3
       +
       while true; do

     

       4
       +
               swaymsg -t subscribe '["output"]';

     

       5
       +
               sleep 3;

     

       6
       +
               pkill dunst

     

       7
       +
       done

+1 -1

home/gui/wm/scripts/swayidle_dpms.sh

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       -
       pkill swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       +
       pkill -x swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

+1 -1

home/gui/wm/scripts/swayidle_inhibit.sh

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       -
       pkill swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       +
       pkill -x swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

+1 -1

home/gui/wm/scripts/swayidle_lock.sh

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       -
       pkill swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       +
       pkill -x swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

+1 -1

home/gui/wm/scripts/swayidle_lock_no_dpms.sh

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       -
       pkill swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       +
       pkill -x swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

+2 -2

home/gui/wm/scripts/swayidle_suspend.sh

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       -
       pkill swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

     
···

       9
        
       		resume '@wmmsg@ "output * dpms on"'\

     

       10
        
       	timeout 240 'loginctl lock-session'\

     

       11
        
       	timeout 300 'systemctl suspend-then-hibernate'\

     

       0
        
       
     

       12
        
       	before-sleep 'playerctl -a pause; loginctl lock-session'

     

       13
       -

···

       1
        
       #!/usr/bin/env bash

     

       2
        
       

     

       3
       +
       pkill -x swayidle

     

       4
        
       

     

       5
        
       swayidle -w\

     

       6
        
       	lock '@locker@'\

     
···

       9
        
       		resume '@wmmsg@ "output * dpms on"'\

     

       10
        
       	timeout 240 'loginctl lock-session'\

     

       11
        
       	timeout 300 'systemctl suspend-then-hibernate'\

     

       12
       +
       	    resume 'timewall set'\

     

       13
        
       	before-sleep 'playerctl -a pause; loginctl lock-session'

     

       0

+1 -2

home/gui/wm/sway/bindings

···

       1
        
       

     

       2
       -
       bindsym $mod+r exec  "pkill swaybar; swaybar --bar_id bar-0"

     

       3
       -
       bindsym $mod+Shift+r exec "pkill swaybar; swaymsg reload"

     

       4
        
       

     

       5
        
       bindsym $mod+q         exec dunstctl close

     

       6
        
       bindsym $mod+Shift+q   exec dunstctl action

···

       1
        
       

     

       2
       +
       bindsym $mod+Shift+r exec swaymsg reload

     

       0
        
       
     

       3
        
       

     

       4
        
       bindsym $mod+q         exec dunstctl close

     

       5
        
       bindsym $mod+Shift+q   exec dunstctl action

+6 -1

home/gui/wm/sway/exec

···

       4
        
       exec_always "pkill kanshi; kanshi"

     

       5
        
       

     

       6
        
       # https://elis.nu/blog/2021/02/detailed-setup-of-screen-sharing-in-sway/#orga91b409

     

       7
       -
       exec systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP

     

       8
        
       exec dbus-update-activation-environment WAYLAND_DISPLAY

     

       9
        
       

     

       10
        
       # https://github.com/yory8/clipman/issues/59

     

       11
        
       exec wl-paste -t text --watch clipman store -P --max-items=100

     

       12
        
       

     

       13
        
       exec systemctl --user start gammastep

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       4
        
       exec_always "pkill kanshi; kanshi"

     

       5
        
       

     

       6
        
       # https://elis.nu/blog/2021/02/detailed-setup-of-screen-sharing-in-sway/#orga91b409

     

       7
       +
       exec systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP SWAYSOCK

     

       8
        
       exec dbus-update-activation-environment WAYLAND_DISPLAY

     

       9
        
       

     

       10
        
       # https://github.com/yory8/clipman/issues/59

     

       11
        
       exec wl-paste -t text --watch clipman store -P --max-items=100

     

       12
        
       

     

       13
        
       exec systemctl --user start gammastep

     

       14
       +
       

     

       15
       +
       exec systemctl --user start timewall

     

       16
       +
       

     

       17
       +
       # https://github.com/dunst-project/dunst/issues/1396

     

       18
       +
       exec $SCRIPT_DIR/dunst_restart.sh

-2

home/gui/wm/sway/output

···

       1
       -
       

     

       2
       -
       output * bg $WALLPAPER fill #282828

+19 -19

home/mail.nix

···

       12
        
           ${pkgs.ugrep}/bin/ugrep -jPh -m 100 --color=never "$1" cat ${config.accounts.email.maildirBasePath}/addressbook/cam-ldap)

     

       13
        
         '';

     

       14
        
         sync-mail = pkgs.writeScriptBin "sync-mail" ''

     

       15
       -
           #!/usr/bin/env bash

     

       16
       -
           ${pkgs.isync}/bin/mbsync "$1" || exit 1

     

       17
        
           ${pkgs.procps}/bin/pkill -2 -x mu

     

       18
       -
           sleep 1

     

       19
        
           ${pkgs.mu}/bin/mu index

     

       20
        
         '';

     

       21
        
         cfg = config.custom.mail;

     
···

       41
        
             mu.enable = true;

     

       42
        
             msmtp.enable = true;

     

       43
        
             aerc = {

     

       44
       -
               enable = true;

     

       45
        
               extraConfig = {

     

       46
        
                 general.unsafe-accounts-conf = true;

     

       47
        
                 general.default-save-path = "~/downloads";

     
···

       67
        
               extraBinds = import ./aerc-binds.nix { inherit pkgs; };

     

       68
        
             };

     

       69
        
             neomutt = {

     

       70
       -
               enable = true;

     

       71
        
               extraConfig = ''

     

       72
        
                 # Macro to switch accounts

     

       73
        
                 macro index,pager <F1> '"<change-folder> ${config.accounts.email.maildirBasePath}/ryan@freumh.org/Inbox<enter>"'

     
···

       81
        
                                                "mu find results"

     

       82
        
               '';

     

       83
        
             };

     

       84
       -
             notmuch.enable = true;

     

       85
        
           };

     

       86
        
       

     

       87
        
           services = {

     
···

       112
        
                 imapnotify = {

     

       113
        
                   enable = true;

     

       114
        
                   boxes = [ "Inbox" ];

     

       115
       -
                   onNotify = "${sync-mail}/bin/mbsync ryan@freumh.org";

     

       116
        
                 };

     

       117
        
                 mbsync = {

     

       118
        
                   enable = true;

     
···

       126
        
                 aerc = {

     

       127
        
                   enable = true;

     

       128
        
                   extraAccounts = {

     

       129
       -
                     check-mail-cmd = "${sync-mail}/bin/mbsync ryan@freumh.org";

     

       130
        
                     check-mail-timeout = "1m";

     

       131
        
                     check-mail = "1h";

     

       132
        
                     folders-sort = [

     
···

       153
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       154
        
                   '';

     

       155
        
                 };

     

       156
       -
                 notmuch.enable = true;

     

       157
        
               };

     

       158
        
               "misc@freumh.org" = rec {

     

       159
        
                 userName = "misc@freumh.org";

     
···

       174
        
                 imapnotify = {

     

       175
        
                   enable = true;

     

       176
        
                   boxes = [ "Inbox" ];

     

       177
       -
                   onNotify = "${sync-mail}/bin/mbsync misc@freumh.org";

     

       178
        
                 };

     

       179
        
                 mbsync = {

     

       180
        
                   enable = true;

     
···

       195
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       196
        
                   '';

     

       197
        
                 };

     

       198
       -
                 notmuch.enable = true;

     

       199
        
               };

     

       200
        
               "ryan.gibb@cl.cam.ac.uk" = rec {

     

       201
        
                 userName = "rtg24@fm.cl.cam.ac.uk";

     
···

       211
        
                 };

     

       212
        
                 imapnotify = {

     

       213
        
                   enable = true;

     

       214
       -
                   boxes = [ "Inbox" ];

     

       215
       -
                   onNotify = "${sync-mail}/bin/mbsync ryan.gibb@cl.cam.ac.uk";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       216
        
                 };

     

       217
        
                 mbsync = {

     

       218
        
                   enable = true;

     
···

       226
        
                 aerc = {

     

       227
        
                   enable = true;

     

       228
        
                   extraAccounts = {

     

       229
       -
                     check-mail-cmd = "${sync-mail}/bin/mbsync ryan.gibb@cl.cam.ac.uk";

     

       230
        
                     check-mail-timeout = "1m";

     

       231
        
                     check-mail = "1h";

     

       232
        
                     aliases = "rtg24@cam.ac.uk";

     
···

       254
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       255
        
                   '';

     

       256
        
                 };

     

       257
       -
                 notmuch.enable = true;

     

       258
        
               };

     

       259
        
               "ryangibb321@gmail.com" = rec {

     

       260
        
                 userName = "ryangibb321@gmail.com";

     
···

       270
        
                 };

     

       271
        
                 imapnotify = {

     

       272
        
                   enable = true;

     

       273
       -
                   boxes = [ "Inbox" ];

     

       274
       -
                   onNotify = "${sync-mail}/bin/mbsync ryangibb321@gmail.com";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       275
        
                 };

     

       276
        
                 mbsync = {

     

       277
        
                   enable = true;

     
···

       285
        
                 aerc = {

     

       286
        
                   enable = true;

     

       287
        
                   extraAccounts = {

     

       288
       -
                     check-mail-cmd = "${sync-mail}/bin/mbsync ryangibb321@gmail.com";

     

       289
        
                     check-mail-timeout = "1m";

     

       290
        
                     check-mail = "1h";

     

       291
        
                     folders-sort = [

     
···

       312
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       313
        
                   '';

     

       314
        
                 };

     

       315
       -
                 notmuch.enable = true;

     

       316
        
               };

     

       317
        
               search = {

     

       318
        
                 maildir.path = "search";

···

       12
        
           ${pkgs.ugrep}/bin/ugrep -jPh -m 100 --color=never "$1" cat ${config.accounts.email.maildirBasePath}/addressbook/cam-ldap)

     

       13
        
         '';

     

       14
        
         sync-mail = pkgs.writeScriptBin "sync-mail" ''

     

       15
       +
           ${pkgs.isync}/bin/mbsync "$@" || exit 1

     

       0
        
       
     

       16
        
           ${pkgs.procps}/bin/pkill -2 -x mu

     

       17
       +
           ${pkgs.coreutils}/bin/sleep 1

     

       18
        
           ${pkgs.mu}/bin/mu index

     

       19
        
         '';

     

       20
        
         cfg = config.custom.mail;

     
···

       40
        
             mu.enable = true;

     

       41
        
             msmtp.enable = true;

     

       42
        
             aerc = {

     

       43
       +
               # enable = true;

     

       44
        
               extraConfig = {

     

       45
        
                 general.unsafe-accounts-conf = true;

     

       46
        
                 general.default-save-path = "~/downloads";

     
···

       66
        
               extraBinds = import ./aerc-binds.nix { inherit pkgs; };

     

       67
        
             };

     

       68
        
             neomutt = {

     

       69
       +
               # enable = true;

     

       70
        
               extraConfig = ''

     

       71
        
                 # Macro to switch accounts

     

       72
        
                 macro index,pager <F1> '"<change-folder> ${config.accounts.email.maildirBasePath}/ryan@freumh.org/Inbox<enter>"'

     
···

       80
        
                                                "mu find results"

     

       81
        
               '';

     

       82
        
             };

     

       0
        
       
     

       83
        
           };

     

       84
        
       

     

       85
        
           services = {

     
···

       110
        
                 imapnotify = {

     

       111
        
                   enable = true;

     

       112
        
                   boxes = [ "Inbox" ];

     

       113
       +
                   onNotify = "${sync-mail}/bin/sync-mail ryan@freumh.org:INBOX";

     

       114
        
                 };

     

       115
        
                 mbsync = {

     

       116
        
                   enable = true;

     
···

       124
        
                 aerc = {

     

       125
        
                   enable = true;

     

       126
        
                   extraAccounts = {

     

       127
       +
                     check-mail-cmd = "${sync-mail}/bin/sync-mail ryan@freumh.org";

     

       128
        
                     check-mail-timeout = "1m";

     

       129
        
                     check-mail = "1h";

     

       130
        
                     folders-sort = [

     
···

       151
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       152
        
                   '';

     

       153
        
                 };

     

       0
        
       
     

       154
        
               };

     

       155
        
               "misc@freumh.org" = rec {

     

       156
        
                 userName = "misc@freumh.org";

     
···

       171
        
                 imapnotify = {

     

       172
        
                   enable = true;

     

       173
        
                   boxes = [ "Inbox" ];

     

       174
       +
                   onNotify = "${sync-mail}/bin/sync-mail misc@freumh.org:INBOX";

     

       175
        
                 };

     

       176
        
                 mbsync = {

     

       177
        
                   enable = true;

     
···

       192
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       193
        
                   '';

     

       194
        
                 };

     

       0
        
       
     

       195
        
               };

     

       196
        
               "ryan.gibb@cl.cam.ac.uk" = rec {

     

       197
        
                 userName = "rtg24@fm.cl.cam.ac.uk";

     
···

       207
        
                 };

     

       208
        
                 imapnotify = {

     

       209
        
                   enable = true;

     

       210
       +
                   boxes = [

     

       211
       +
                     "Inbox"

     

       212
       +
                     "Sidebox"

     

       213
       +
                   ];

     

       214
       +
                   onNotify = "${sync-mail}/bin/sync-mail ryan.gibb@cl.cam.ac.uk:INBOX ryan.gibb@cl.cam.ac.uk:Sidebox";

     

       215
        
                 };

     

       216
        
                 mbsync = {

     

       217
        
                   enable = true;

     
···

       225
        
                 aerc = {

     

       226
        
                   enable = true;

     

       227
        
                   extraAccounts = {

     

       228
       +
                     check-mail-cmd = "${sync-mail}/bin/sync-mail ryan.gibb@cl.cam.ac.uk";

     

       229
        
                     check-mail-timeout = "1m";

     

       230
        
                     check-mail = "1h";

     

       231
        
                     aliases = "rtg24@cam.ac.uk";

     
···

       253
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       254
        
                   '';

     

       255
        
                 };

     

       0
        
       
     

       256
        
               };

     

       257
        
               "ryangibb321@gmail.com" = rec {

     

       258
        
                 userName = "ryangibb321@gmail.com";

     
···

       268
        
                 };

     

       269
        
                 imapnotify = {

     

       270
        
                   enable = true;

     

       271
       +
                   boxes = [

     

       272
       +
                     "Inbox"

     

       273
       +
                     "Sidebox"

     

       274
       +
                   ];

     

       275
       +
                   onNotify = "${sync-mail}/bin/sync-mail ryangibb321@gmail.com:INBOX ryangibb321@gmail.com:Sidebox";

     

       276
        
                 };

     

       277
        
                 mbsync = {

     

       278
        
                   enable = true;

     
···

       286
        
                 aerc = {

     

       287
        
                   enable = true;

     

       288
        
                   extraAccounts = {

     

       289
       +
                     check-mail-cmd = "${sync-mail}/bin/sync-mail ryangibb321@gmail.com";

     

       290
        
                     check-mail-timeout = "1m";

     

       291
        
                     check-mail = "1h";

     

       292
        
                     folders-sort = [

     
···

       313
        
                     macro index gt "<change-folder>=${folders.trash}<enter>"

     

       314
        
                   '';

     

       315
        
                 };

     

       0
        
       
     

       316
        
               };

     

       317
        
               search = {

     

       318
        
                 maildir.path = "search";

+314 -373

home/nvim/default.nix

···

       16
        
             sha256 = "sha256-jY3ALr6h88xnWN2QdKe3R0vvRcSNhFWDW56b2NvnTCs=";

     

       17
        
           };

     

       18
        
         };

     

       19
       -
         cmp-spell = pkgs.vimUtils.buildVimPlugin {

     

       20
       -
           pname = "cmp-spell";

     

       21
       -
           version = "2024-05-07";

     

       22
       -
           src = pkgs.fetchFromGitHub {

     

       23
       -
             owner = "f3fora";

     

       24
       -
             repo = "cmp-spell";

     

       25
       -
             rev = "694a4e50809d6d645c1ea29015dad0c293f019d6";

     

       26
       -
             sha256 = "Gf7HSocvHmTleVQytNYmmN+fFX7kl5sYHQSpUJc0CGI=";

     

       27
       -
           };

     

       28
       -
           meta.homepage = "https://github.com/f3fora/cmp-spell/";

     

       29
       -
         };

     

       30
        
         vim-ledger-2024-07-15 = pkgs.vimUtils.buildVimPlugin {

     

       31
        
           pname = "vim-ledger";

     

       32
        
           version = "2024-07-15";

     
···

       52
        
         cfg = config.custom;

     

       53
        
       in

     

       54
        
       {

     

       55
       -
         options.custom.nvim-lsps = lib.mkEnableOption "nvim-lsps";

     

       56
       -
       

     

       57
        
         config = {

     

       58
        
           xdg.configFile = {

     

       59
        
             "ftplugin/mail.vim".text = ''

     
···

       65
        
             enable = true;

     

       66
        
             viAlias = true;

     

       67
        
             vimAlias = true;

     

       68
       -
             extraPackages =

     

       69
       -
               with pkgs;

     

       70
       -
               [

     

       71
       -
                 ripgrep

     

       72
       -
                 nixd

     

       73
       -
               ]

     

       74
       -
               ++ lib.lists.optionals cfg.nvim-lsps [

     

       75
       -
                 nixfmt-rfc-style

     

       76
       -
                 # stop complaining when launching but a devshell is better

     

       77
       -
                 ocamlPackages.ocaml-lsp

     

       78
       -
                 ocamlPackages.ocamlformat

     

       79
       -
                 lua-language-server

     

       80
       -
                 pyright

     

       81
       -
                 black

     

       82
       -
                 ltex-ls

     

       83
       -
                 jdt-language-server

     

       84
       -
                 nodejs_18

     

       85
       -
                 clang-tools

     

       86
       -
                 typst-lsp

     

       87
       -
               ];

     

       88
        
             extraLuaConfig = builtins.readFile ./init.lua;

     

       89
        
             # undo transparent background

     

       90
        
             # + "colorscheme gruvbox";

     

       91
       -
             plugins =

     

       92
       -
               with pkgs.vimPlugins;

     

       93
       -
               [

     

       94
       -
                 {

     

       95
       -
                   plugin = gruvbox-nvim;

     

       96
       -
                   type = "lua";

     

       97
       -
                   # TODO is there a better place to put this?

     

       98
       -
                   runtime =

     

       99
       -
                     let

     

       100
       -
                       ml-style = ''

     

       101
       -
                         setlocal expandtab

     

       102
       -
                         setlocal shiftwidth=2

     

       103
       -
                         setlocal tabstop=2

     

       104
       -
                         setlocal softtabstop=2

     

       105
       -
                       '';

     

       106
       -
                     in

     

       107
       -
                     {

     

       108
       -
                       "ftplugin/nix.vim".text = ml-style;

     

       109
       -
                       "ftplugin/ocaml.vim".text = ml-style;

     

       110
       -
                       "ftplugin/ledger.vim".text = ''

     

       111
       -
                         setlocal foldmethod=syntax

     

       112
       -
                       '';

     

       113
       -
                     };

     

       114
       -
                 }

     

       0
        
       
     

       115
        
       

     

       116
       -
                 {

     

       117
       -
                   plugin = telescope-nvim;

     

       118
       -
                   type = "lua";

     

       119
       -
                   config = builtins.readFile ./telescope-nvim.lua;

     

       120
       -
                 }

     

       121
       -
                 telescope-fzf-native-nvim

     

       122
       -
                 telescope-undo-nvim

     

       123
       -
                 telescope-file-browser-nvim

     

       124
        
       

     

       125
       -
                 {

     

       126
       -
                   plugin = trouble-nvim;

     

       127
       -
                   type = "lua";

     

       128
       -
                   config = ''

     

       129
       -
                     require('trouble').setup {

     

       130
       -
                     	icons = false,

     

       131
       -
                     }

     

       132
       -
                     vim.keymap.set('n', '<leader>xx', function() require('trouble').toggle() end, { desc = 'Trouble toggle' })

     

       133
       -
                     vim.keymap.set('n', '<leader>xw', function() require('trouble').toggle('workspace_diagnostics') end, { desc = 'Trouble workspace' })

     

       134
       -
                     vim.keymap.set('n', '<leader>xd', function() require('trouble').toggle('document_diagnostics') end, { desc = 'Trouble document' })

     

       135
       -
                     vim.keymap.set('n', '<leader>xq', function() require('trouble').toggle('quickfix') end, { desc = 'Trouble quickfix' })

     

       136
       -
                     vim.keymap.set('n', '<leader>xl', function() require('trouble').toggle('loclist') end, { desc = 'Trouble loclist' })

     

       137
       -
                     vim.keymap.set('n', '<leader>xr', function() require('trouble').toggle('lsp_references') end, { desc = 'Trouble LSP references' })

     

       138
       -
                   '';

     

       139
       -
                 }

     

       140
       -
                 {

     

       141
       -
                   plugin = gitsigns-nvim;

     

       142
       -
                   type = "lua";

     

       143
       -
                   config = ''

     

       144
       -
                     require('gitsigns').setup{

     

       145
       -
                       on_attach = function(bufnr)

     

       146
       -
                         local gitsigns = require('gitsigns')

     

       147
        
       

     

       148
       -
                         local function map(mode, l, r, opts)

     

       149
       -
                           opts = opts or {}

     

       150
       -
                           opts.buffer = bufnr

     

       151
       -
                           vim.keymap.set(mode, l, r, opts)

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       152
        
                         end

     

       0
        
       
     

       153
        
       

     

       154
       -
                         map('n', ']c', function()

     

       155
       -
                           if vim.wo.diff then

     

       156
       -
                             vim.cmd.normal({']c', bang = true})

     

       157
       -
                           else

     

       158
       -
                             gitsigns.nav_hunk('next')

     

       159
       -
                           end

     

       160
       -
                         end, { desc = 'Git next hunk' })

     

       161
        
       

     

       162
       -
                         map('n', '[c', function()

     

       163
       -
                           if vim.wo.diff then

     

       164
       -
                             vim.cmd.normal({'[c', bang = true})

     

       165
       -
                           else

     

       166
       -
                             gitsigns.nav_hunk('prev')

     

       167
       -
                           end

     

       168
       -
                         end, { desc = 'Git prev hunk' })

     

       169
       -
       

     

       170
       -
                         map('n', '<leader>gs', gitsigns.stage_hunk, { desc = 'Git stage hunk' })

     

       171
       -
                         map('n', '<leader>gr', gitsigns.reset_hunk, { desc = 'Git reset hunk' })

     

       172
       -
                         map('v', '<leader>gs', function() gitsigns.stage_hunk {vim.fn.line('.'), vim.fn.line('v')} end, { desc = 'Git stage hunk' })

     

       173
       -
                         map('v', '<leader>gr', function() gitsigns.reset_hunk {vim.fn.line('.'), vim.fn.line('v')} end, { desc = 'Git reset hunk' })

     

       174
       -
                         map('n', '<leader>gS', gitsigns.stage_buffer, { desc = 'Git stage buffer' })

     

       175
       -
                         map('n', '<leader>gu', gitsigns.undo_stage_hunk, { desc = 'Git unstage hunk' })

     

       176
       -
                         map('n', '<leader>gR', gitsigns.reset_buffer, { desc = 'Git reset buffer' })

     

       177
       -
                         map('n', '<leader>gp', gitsigns.preview_hunk, { desc = 'Git preview hunk' })

     

       178
       -
                         map('n', '<leader>gb', function() gitsigns.blame_line{full=true} end, { desc = 'Git blame' })

     

       179
       -
                         map('n', '<leader>gtb', gitsigns.toggle_current_line_blame, { desc = 'Git toggle line blame' })

     

       180
       -
                         map('n', '<leader>gd', gitsigns.diffthis, { desc = 'Git diff index' })

     

       181
       -
                         map('n', '<leader>gD', function() gitsigns.diffthis('~') end, { desc = 'Git diff last' })

     

       182
       -
                         map('n', '<leader>gtd', gitsigns.toggle_deleted, { desc = 'Git toggle deleted' })

     

       183
        
       

     

       184
       -
                         -- vih

     

       185
       -
                         map({'o', 'x'}, 'ih', ':<C-U>Git select_hunk<CR>', { desc = 'Gitsigns select hunk' })

     

       186
       -
                       end

     

       187
       -
                     }

     

       188
       -
                   '';

     

       189
       -
                 }

     

       190
       -
                 {

     

       191
       -
                   plugin = pkgs.overlay-unstable.vimPlugins.neogit;

     

       192
       -
                   type = "lua";

     

       193
       -
                   config = ''

     

       194
       -
                     local neogit = require('neogit')

     

       195
       -
                     neogit.setup {}

     

       196
       -
                   '';

     

       197
       -
                 }

     

       198
        
       

     

       199
       -
                 plenary-nvim

     

       200
       -
                 pkgs.ripgrep

     

       201
        
       

     

       202
       -
                 {

     

       203
       -
                   plugin = nvim-cmp;

     

       204
       -
                   type = "lua";

     

       205
       -
                   config = builtins.readFile ./nvim-cmp.lua;

     

       206
       -
                 }

     

       207
       -
                 cmp-path

     

       208
       -
                 cmp-buffer

     

       209
       -
                 cmp-cmdline

     

       210
       -
                 cmp-spell

     

       211
       -
                 {

     

       212
       -
                   plugin = cmp-dictionary;

     

       213
       -
                   type = "lua";

     

       214
       -
                   config = ''

     

       215
       -
                     require("cmp_dictionary").setup({

     

       216
       -
                       paths = { "${pkgs.scowl}/share/dict/words.txt" },

     

       217
       -
                       exact_length = 2,

     

       218
       -
                       first_case_insensitive = true,

     

       219
       -
                     })

     

       220
       -
                   '';

     

       221
       -
                 }

     

       222
        
       

     

       223
       -
                 {

     

       224
       -
                   plugin = luasnip;

     

       225
       -
                   type = "lua";

     

       226
       -
                   config = builtins.readFile ./luasnip.lua;

     

       227
       -
                 }

     

       228
       -
                 cmp_luasnip

     

       229
       -
                 pkgs.overlay-unstable.vimPlugins.friendly-snippets

     

       230
        
       

     

       231
       -
                 {

     

       232
       -
                   plugin = nvim-treesitter.withAllGrammars;

     

       233
       -
                   type = "lua";

     

       234
       -
                   config = ''

     

       235
       -
                     require'nvim-treesitter.configs'.setup {

     

       236
       -
                       highlight = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       237
        
                         enable = true,

     

       238
       -
                         -- :h vimtex-faq-treesitter

     

       239
       -
                         disable = { "latex" },

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       240
        
                       },

     

       241
       -
                     }

     

       242
       -
                     vim.opt.foldmethod = "expr"

     

       243
       -
                     vim.opt.foldexpr = "v:lua.vim.treesitter.foldexpr()"

     

       244
       -
                     vim.opt.foldenable = false

     

       245
       -
                   '';

     

       246
       -
                 }

     

       247
       -
                 {

     

       248
       -
                   plugin = nvim-treesitter-textobjects;

     

       249
       -
                   type = "lua";

     

       250
       -
                   config = ''

     

       251
       -
                     require'nvim-treesitter.configs'.setup {

     

       252
       -
                       textobjects = {

     

       253
       -
                         select = {

     

       254
       -
                           enable = true,

     

       255
       -
                           lookahead = true,

     

       256
       -
                           keymaps = {

     

       257
       -
                             ["af"] = "@function.outer",

     

       258
       -
                             ["if"] = "@function.inner",

     

       259
       -
                             ["ac"] = "@conditional.outer",

     

       260
       -
                             ["ic"] = "@conditional.inner",

     

       261
       -
                             ["al"] = "@loop.outer",

     

       262
       -
                             ["il"] = "@loop.inner",

     

       263
       -
                           },

     

       264
       -
                           include_surrounding_whitespace = true,

     

       265
        
                         },

     

       266
       -
                         swap = {

     

       267
       -
                           enable = true,

     

       268
       -
                           swap_next = {

     

       269
       -
                             ["<leader>a"] = "@parameter.inner",

     

       270
       -
                           },

     

       271
       -
                           swap_previous = {

     

       272
       -
                             ["<leader>A"] = "@parameter.inner",

     

       273
       -
                           },

     

       274
        
                         },

     

       275
       -
                         move = {

     

       276
       -
                           enable = true,

     

       277
       -
                           set_jumps = true,

     

       278
       -
                           goto_next_start = {

     

       279
       -
                             ["]m"] = "@function.outer",

     

       280
       -
                           },

     

       281
       -
                           goto_next_end = {

     

       282
       -
                             ["]M"] = "@function.outer",

     

       283
       -
                           },

     

       284
       -
                           goto_previous_start = {

     

       285
       -
                             ["[m"] = "@function.outer",

     

       286
       -
                           },

     

       287
       -
                           goto_previous_end = {

     

       288
       -
                             ["[M"] = "@function.outer",

     

       289
       -
                           },

     

       290
        
                         },

     

       291
        
                       },

     

       292
       -
                     }

     

       293
       -
                     -- could use some tweaking

     

       294
       -
                     vim.treesitter.query.set("ocaml", "textobjects", [[

     

       295
       -
                     ((value_definition (let_binding)) @function.outer)

     

       296
       -
                     ((let_binding body: (_) @function.inner))

     

       297
       -
                     ]])

     

       298
       -
                   '';

     

       299
       -
                 }

     

       0
        
       
     

       300
        
       

     

       301
       -
                 {

     

       302
       -
                   plugin = vimtex;

     

       303
       -
                   type = "lua";

     

       304
       -
                   config = ''

     

       305
       -
                     vim.cmd("filetype plugin indent on")

     

       306
       -
                     vim.cmd("syntax enable")

     

       307
       -
                     vim.g.vimtex_quickfix_mode = 0

     

       308
       -
                     vim.g.vimtex_view_general_viewer = 'evince'

     

       309
       -
                   '';

     

       310
       -
                 }

     

       311
       -
                 {

     

       312
       -
                   plugin = sved;

     

       313
       -
                   type = "lua";

     

       314
       -
                   config = ''

     

       315
       -
                     vim.keymap.set('n', '<leader>lv', ':call SVED_Sync()<CR>')

     

       0
        
       
     

       316
        
                   '';

     

       317
       -
                 }

     

       318
       -
                 cmp-omni

     

       0
        
       
     

       319
        
       

     

       320
       -
                 {

     

       321
       -
                   plugin = nvim-surround;

     

       322
       -
                   type = "lua";

     

       323
       -
                   config = ''

     

       324
       -
                     require('nvim-surround').setup({})

     

       325
       -
                   '';

     

       326
       -
                 }

     

       327
       -
                 {

     

       328
       -
                   plugin = comment-nvim;

     

       329
       -
                   type = "lua";

     

       330
       -
                   config = ''

     

       331
       -
                     require('Comment').setup()

     

       332
       -
                   '';

     

       333
       -
                 }

     

       334
       -
                 {

     

       335
       -
                   plugin = undotree;

     

       336
       -
                   type = "lua";

     

       337
       -
                   config = ''

     

       338
       -
                     vim.keymap.set('n', '<leader>u', vim.cmd.UndotreeToggle, { desc = 'Undotree toggle' })

     

       339
       -
                   '';

     

       340
       -
                 }

     

       341
       -
                 {

     

       342
       -
                   plugin = leap-nvim;

     

       343
       -
                   type = "lua";

     

       344
       -
                   config = ''

     

       345
       -
                     vim.keymap.set({'n', 'x', 'o'}, 's',  '<Plug>(leap-forward)', { desc = "Leap forward"} )

     

       346
       -
                     vim.keymap.set({'n', 'x', 'o'}, 'S',  '<Plug>(leap-backward)', { desc = "Leap backward"} )

     

       347
       -
                     vim.keymap.set({'n', 'x', 'o'}, 'gs', '<Plug>(leap-from-window)', { desc = "Leap from window"} )

     

       348
       -
                   '';

     

       349
       -
                 }

     

       350
       -
                 {

     

       351
       -
                   plugin = pkgs.overlay-unstable.vimPlugins.which-key-nvim;

     

       352
       -
                   type = "lua";

     

       353
       -
                   config = ''

     

       354
       -
                     local wk = require('which-key')

     

       355
       -
                     wk.setup({

     

       356
       -
                       plugins = {

     

       357
       -
                         spelling = {

     

       358
       -
                           enabled = false

     

       359
       -
                         },

     

       360
        
                       },

     

       361
       -
                       icons = { mappings = false },

     

       362
       -
                       triggers = {

     

       363
       -
                         { "<leader>", mode = { "n", "v" } },

     

       364
       -
                         { "<auto>", mode = "nixsotc" },

     

       365
       -
                       },

     

       366
       -
                       delay = 1000,

     

       367
       -
                     })

     

       368
       -
                     wk.add({

     

       369
       -
                       { "<leader>f", group = 'Find' },

     

       370
       -
                       { "<leader>l", group = 'LSP' },

     

       371
       -
                       { "<leader>;", group = 'DAP' },

     

       372
       -
                       { "<leader>s", group = 'Session' },

     

       373
       -
                       { "<leader>t", group = 'Tab' },

     

       374
       -
                       { "<leader>h", group = 'Hunk' },

     

       375
       -
                       { "<leader>x", group = 'Trouble' },

     

       376
       -
                       { "<leader>g", group = 'Git' },

     

       377
       -
                       { "<leader>i", group = 'Insert' },

     

       378
       -
                     })

     

       379
       -
                   '';

     

       380
       -
                 }

     

       0
        
       
     

       381
        
       

     

       382
       -
                 {

     

       383
       -
                   plugin = pkgs.notmuch;

     

       384
       -
                   runtime =

     

       385
       -
                     let

     

       386
       -
                       notmuch-style = ''

     

       387
       -
                         let g:notmuch_date_format = '%Y-%m-%d'

     

       388
       -
                         let g:notmuch_datetime_format = '%Y-%m-%d %I:%M%p'

     

       389
       -
                       '';

     

       390
       -
                     in

     

       391
       -
                     {

     

       392
       -
                       "ftplugin/notmuch-folders.vim".text = notmuch-style;

     

       393
       -
                       "ftplugin/notmuch-search.vim".text = notmuch-style;

     

       394
       -
                       "ftplugin/notmuch-show.vim".text = notmuch-style;

     

       395
       -
                       "ftplugin/notmuch-compose.vim".text = notmuch-style;

     

       396
       -
                     };

     

       397
       -
                 }

     

       398
        
       

     

       399
       -
                 {

     

       400
       -
                   plugin = vim-ledger-2024-07-15;

     

       401
       -
                   type = "lua";

     

       402
       -
                   config = ''

     

       403
       -
                     vim.g.ledger_fuzzy_account_completion = true

     

       404
       -
                     vim.g.ledger_extra_options = '--pedantic'

     

       405
       -
                     vim.g.ledger_align_at = 50

     

       406
       -
                     vim.g.ledger_accounts_cmd = 'ledger accounts --add-budget'

     

       407
        
       

     

       408
       -
                     vim.g.ledger_date_format = '%Y-%m-%d'

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       409
        
       

     

       410
       -
                     vim.cmd([[

     

       411
       -
                       autocmd FileType ledger nnoremap <buffer> <leader>e :call ledger#entry()<CR>

     

       412
       -
                     ]])

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       413
        
                   '';

     

       414
       -
                 }

     

       415
       -
                 {

     

       416
       -
                   plugin = obsidian-nvim;

     

       417
       -
                   type = "lua";

     

       418
       -
                   config = builtins.readFile ./obsidian.lua;

     

       419
       -
                 }

     

       420
       -
       

     

       421
       -
                 {

     

       422
       -
                   plugin = calendar-nvim;

     

       423
       -
                   type = "lua";

     

       424
       -
                   config = ''

     

       425
       -
                     require('calendar')

     

       426
       -
                   '';

     

       427
       -
                 }

     

       428
       -
               ]

     

       429
       -
               ++ lib.lists.optionals cfg.nvim-lsps [

     

       430
       -
                 {

     

       431
       -
                   plugin = nvim-lspconfig;

     

       432
       -
                   type = "lua";

     

       433
       -
                   config = builtins.readFile ./lsp.lua;

     

       434
       -
                   runtime = {

     

       435
       -
                     "ftplugin/java.lua".text = ''

     

       436
       -
                       local project_name = vim.fn.fnamemodify(vim.fn.getcwd(), ':p:h:t')

     

       437
       -
                       local workspace_dir = '~/.cache/jdt/' .. project_name

     

       438
       -
                       require('jdtls').start_or_attach {

     

       439
       -
                       	on_attach = On_attach,

     

       440
       -
                       	capabilities = Capabilities,

     

       441
       -
                       	cmd = { 'jdt-language-server', '-data', workspace_dir, },

     

       442
       -
                       	root_dir = vim.fs.dirname(vim.fs.find({'gradlew', '.git', 'mvnw'}, { upward = true })[1]),

     

       443
       -
                       }

     

       444
       -
                     '';

     

       445
       -
                   };

     

       446
       -
                 }

     

       447
       -
                 {

     

       448
       -
                   plugin = nvim-dap;

     

       449
       -
                   type = "lua";

     

       450
       -
                   config = builtins.readFile ./dap.lua;

     

       451
       -
                 }

     

       452
       -
                 cmp-nvim-lsp

     

       453
       -
                 cmp-nvim-lsp-signature-help

     

       454
       -
                 ltex-ls-nvim

     

       455
       -
                 nvim-jdtls

     

       456
       -
               ];

     

       457
        
           };

     

       458
        
         };

     

       459
        
       }

···

       16
        
             sha256 = "sha256-jY3ALr6h88xnWN2QdKe3R0vvRcSNhFWDW56b2NvnTCs=";

     

       17
        
           };

     

       18
        
         };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       19
        
         vim-ledger-2024-07-15 = pkgs.vimUtils.buildVimPlugin {

     

       20
        
           pname = "vim-ledger";

     

       21
        
           version = "2024-07-15";

     
···

       41
        
         cfg = config.custom;

     

       42
        
       in

     

       43
        
       {

     

       0
        
       
     

       0
        
       
     

       44
        
         config = {

     

       45
        
           xdg.configFile = {

     

       46
        
             "ftplugin/mail.vim".text = ''

     
···

       52
        
             enable = true;

     

       53
        
             viAlias = true;

     

       54
        
             vimAlias = true;

     

       55
       +
             extraPackages = with pkgs; [ ripgrep ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       56
        
             extraLuaConfig = builtins.readFile ./init.lua;

     

       57
        
             # undo transparent background

     

       58
        
             # + "colorscheme gruvbox";

     

       59
       +
             plugins = with pkgs.vimPlugins; [

     

       60
       +
               {

     

       61
       +
                 plugin = gruvbox-nvim;

     

       62
       +
                 type = "lua";

     

       63
       +
                 # TODO is there a better place to put this?

     

       64
       +
                 runtime =

     

       65
       +
                   let

     

       66
       +
                     ml-style = ''

     

       67
       +
                       setlocal expandtab

     

       68
       +
                       setlocal shiftwidth=2

     

       69
       +
                       setlocal tabstop=2

     

       70
       +
                       setlocal softtabstop=2

     

       71
       +
                     '';

     

       72
       +
                   in

     

       73
       +
                   {

     

       74
       +
                     "ftplugin/nix.vim".text = ml-style;

     

       75
       +
                     "ftplugin/ocaml.vim".text = ml-style;

     

       76
       +
                     "ftplugin/haskell.vim".text = ml-style;

     

       77
       +
                     "ftplugin/ledger.vim".text = ''

     

       78
       +
                       setlocal foldmethod=syntax

     

       79
       +
                       vnoremap <silent> <buffer> <Tab> :LedgerAlign<CR>

     

       80
       +
                       nnoremap <silent> <buffer> <Tab> :LedgerAlign<CR>

     

       81
       +
                     '';

     

       82
       +
                   };

     

       83
       +
               }

     

       84
        
       

     

       85
       +
               {

     

       86
       +
                 plugin = telescope-nvim;

     

       87
       +
                 type = "lua";

     

       88
       +
                 config = builtins.readFile ./telescope-nvim.lua;

     

       89
       +
               }

     

       90
       +
               telescope-fzf-native-nvim

     

       91
       +
               telescope-undo-nvim

     

       92
       +
               telescope-file-browser-nvim

     

       93
        
       

     

       94
       +
               {

     

       95
       +
                 plugin = gitsigns-nvim;

     

       96
       +
                 type = "lua";

     

       97
       +
                 config = ''

     

       98
       +
                   require('gitsigns').setup{

     

       99
       +
                     on_attach = function(bufnr)

     

       100
       +
                       local gitsigns = require('gitsigns')

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       101
        
       

     

       102
       +
                       local function map(mode, l, r, opts)

     

       103
       +
                         opts = opts or {}

     

       104
       +
                         opts.buffer = bufnr

     

       105
       +
                         vim.keymap.set(mode, l, r, opts)

     

       106
       +
                       end

     

       107
       +
       

     

       108
       +
                       map('n', ']c', function()

     

       109
       +
                         if vim.wo.diff then

     

       110
       +
                           vim.cmd.normal({']c', bang = true})

     

       111
       +
                         else

     

       112
       +
                           gitsigns.nav_hunk('next')

     

       113
        
                         end

     

       114
       +
                       end, { desc = 'Git next hunk' })

     

       115
        
       

     

       116
       +
                       map('n', '[c', function()

     

       117
       +
                         if vim.wo.diff then

     

       118
       +
                           vim.cmd.normal({'[c', bang = true})

     

       119
       +
                         else

     

       120
       +
                           gitsigns.nav_hunk('prev')

     

       121
       +
                         end

     

       122
       +
                       end, { desc = 'Git prev hunk' })

     

       123
        
       

     

       124
       +
                       map('n', '<leader>gs', gitsigns.stage_hunk, { desc = 'Git stage hunk' })

     

       125
       +
                       map('n', '<leader>gr', gitsigns.reset_hunk, { desc = 'Git reset hunk' })

     

       126
       +
                       map('v', '<leader>gs', function() gitsigns.stage_hunk {vim.fn.line('.'), vim.fn.line('v')} end, { desc = 'Git stage hunk' })

     

       127
       +
                       map('v', '<leader>gr', function() gitsigns.reset_hunk {vim.fn.line('.'), vim.fn.line('v')} end, { desc = 'Git reset hunk' })

     

       128
       +
                       map('n', '<leader>gS', gitsigns.stage_buffer, { desc = 'Git stage buffer' })

     

       129
       +
                       map('n', '<leader>gu', gitsigns.undo_stage_hunk, { desc = 'Git unstage hunk' })

     

       130
       +
                       map('n', '<leader>gR', gitsigns.reset_buffer, { desc = 'Git reset buffer' })

     

       131
       +
                       map('n', '<leader>gp', gitsigns.preview_hunk, { desc = 'Git preview hunk' })

     

       132
       +
                       map('n', '<leader>gb', function() gitsigns.blame_line{full=true} end, { desc = 'Git blame' })

     

       133
       +
                       map('n', '<leader>gtb', gitsigns.toggle_current_line_blame, { desc = 'Git toggle line blame' })

     

       134
       +
                       map('n', '<leader>gd', gitsigns.diffthis, { desc = 'Git diff index' })

     

       135
       +
                       map('n', '<leader>gD', function() gitsigns.diffthis('~') end, { desc = 'Git diff last' })

     

       136
       +
                       map('n', '<leader>gtd', gitsigns.toggle_deleted, { desc = 'Git toggle deleted' })

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       137
        
       

     

       138
       +
                       -- vih

     

       139
       +
                       map({'o', 'x'}, 'ih', ':<C-U>Git select_hunk<CR>', { desc = 'Gitsigns select hunk' })

     

       140
       +
                     end

     

       141
       +
                   }

     

       142
       +
                 '';

     

       143
       +
               }

     

       144
       +
               {

     

       145
       +
                 plugin = pkgs.overlay-unstable.vimPlugins.neogit;

     

       146
       +
                 type = "lua";

     

       147
       +
                 config = ''

     

       148
       +
                   local neogit = require('neogit')

     

       149
       +
                   neogit.setup {}

     

       150
       +
                 '';

     

       151
       +
               }

     

       152
        
       

     

       153
       +
               plenary-nvim

     

       154
       +
               pkgs.ripgrep

     

       155
        
       

     

       156
       +
               {

     

       157
       +
                 plugin = nvim-cmp;

     

       158
       +
                 type = "lua";

     

       159
       +
                 config = builtins.readFile ./nvim-cmp.lua;

     

       160
       +
               }

     

       161
       +
               cmp-path

     

       162
       +
               cmp-buffer

     

       163
       +
               cmp-cmdline

     

       164
       +
               {

     

       165
       +
                 plugin = cmp-dictionary;

     

       166
       +
                 type = "lua";

     

       167
       +
                 config = ''

     

       168
       +
                   require("cmp_dictionary").setup({

     

       169
       +
                     paths = { "${pkgs.scowl}/share/dict/words.txt" },

     

       170
       +
                     exact_length = 2,

     

       171
       +
                     first_case_insensitive = true,

     

       172
       +
                   })

     

       173
       +
                 '';

     

       174
       +
               }

     

       0
        
       
     

       175
        
       

     

       176
       +
               {

     

       177
       +
                 plugin = luasnip;

     

       178
       +
                 type = "lua";

     

       179
       +
                 config = builtins.readFile ./luasnip.lua;

     

       180
       +
               }

     

       181
       +
               cmp_luasnip

     

       182
       +
               pkgs.overlay-unstable.vimPlugins.friendly-snippets

     

       183
        
       

     

       184
       +
               {

     

       185
       +
                 plugin = nvim-treesitter.withAllGrammars;

     

       186
       +
                 type = "lua";

     

       187
       +
                 config = ''

     

       188
       +
                   require'nvim-treesitter.configs'.setup {

     

       189
       +
                     highlight = {

     

       190
       +
                       enable = true,

     

       191
       +
                       -- :h vimtex-faq-treesitter

     

       192
       +
                       disable = { "latex" },

     

       193
       +
                     },

     

       194
       +
                   }

     

       195
       +
                   vim.opt.foldmethod = "expr"

     

       196
       +
                   vim.opt.foldexpr = "v:lua.vim.treesitter.foldexpr()"

     

       197
       +
                   vim.opt.foldenable = false

     

       198
       +
                 '';

     

       199
       +
               }

     

       200
       +
               {

     

       201
       +
                 plugin = nvim-treesitter-textobjects;

     

       202
       +
                 type = "lua";

     

       203
       +
                 config = ''

     

       204
       +
                   require'nvim-treesitter.configs'.setup {

     

       205
       +
                     textobjects = {

     

       206
       +
                       select = {

     

       207
        
                         enable = true,

     

       208
       +
                         lookahead = true,

     

       209
       +
                         keymaps = {

     

       210
       +
                           ["af"] = "@function.outer",

     

       211
       +
                           ["if"] = "@function.inner",

     

       212
       +
                           ["ac"] = "@conditional.outer",

     

       213
       +
                           ["ic"] = "@conditional.inner",

     

       214
       +
                           ["al"] = "@loop.outer",

     

       215
       +
                           ["il"] = "@loop.inner",

     

       216
       +
                         },

     

       217
       +
                         include_surrounding_whitespace = true,

     

       218
       +
                       },

     

       219
       +
                       swap = {

     

       220
       +
                         enable = true,

     

       221
       +
                         swap_next = {

     

       222
       +
                           ["<leader>a"] = "@parameter.inner",

     

       223
       +
                         },

     

       224
       +
                         swap_previous = {

     

       225
       +
                           ["<leader>A"] = "@parameter.inner",

     

       226
       +
                         },

     

       227
        
                       },

     

       228
       +
                       move = {

     

       229
       +
                         enable = true,

     

       230
       +
                         set_jumps = true,

     

       231
       +
                         goto_next_start = {

     

       232
       +
                           ["]m"] = "@function.outer",

     

       233
       +
                         },

     

       234
       +
                         goto_next_end = {

     

       235
       +
                           ["]M"] = "@function.outer",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       236
        
                         },

     

       237
       +
                         goto_previous_start = {

     

       238
       +
                           ["[m"] = "@function.outer",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       239
        
                         },

     

       240
       +
                         goto_previous_end = {

     

       241
       +
                           ["[M"] = "@function.outer",

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       242
        
                         },

     

       243
        
                       },

     

       244
       +
                     },

     

       245
       +
                   }

     

       246
       +
                   -- could use some tweaking

     

       247
       +
                   vim.treesitter.query.set("ocaml", "textobjects", [[

     

       248
       +
                   ((value_definition (let_binding)) @function.outer)

     

       249
       +
                   ((let_binding body: (_) @function.inner))

     

       250
       +
                   ]])

     

       251
       +
                 '';

     

       252
       +
               }

     

       253
        
       

     

       254
       +
               {

     

       255
       +
                 plugin = vimtex;

     

       256
       +
                 type = "lua";

     

       257
       +
                 config = ''

     

       258
       +
                   vim.cmd("filetype plugin indent on")

     

       259
       +
                   vim.cmd("syntax enable")

     

       260
       +
                   vim.g.vimtex_quickfix_mode = 0

     

       261
       +
                   vim.g.vimtex_view_general_viewer = 'evince'

     

       262
       +
                 '';

     

       263
       +
               }

     

       264
       +
               {

     

       265
       +
                 plugin = sved;

     

       266
       +
                 type = "lua";

     

       267
       +
                 runtime = {

     

       268
       +
                   "ftplugin/tex.lua".text = ''

     

       269
       +
                     vim.keymap.set('n', '<localleader>v', ':call SVED_Sync()<CR>')

     

       270
        
                   '';

     

       271
       +
                 };

     

       272
       +
               }

     

       273
       +
               cmp-omni

     

       274
        
       

     

       275
       +
               {

     

       276
       +
                 plugin = nvim-surround;

     

       277
       +
                 type = "lua";

     

       278
       +
                 config = ''

     

       279
       +
                   require('nvim-surround').setup({})

     

       280
       +
                 '';

     

       281
       +
               }

     

       282
       +
               {

     

       283
       +
                 plugin = comment-nvim;

     

       284
       +
                 type = "lua";

     

       285
       +
                 config = ''

     

       286
       +
                   require('Comment').setup()

     

       287
       +
                 '';

     

       288
       +
               }

     

       289
       +
               {

     

       290
       +
                 plugin = undotree;

     

       291
       +
                 type = "lua";

     

       292
       +
                 config = ''

     

       293
       +
                   vim.keymap.set('n', '<leader>su', vim.cmd.UndotreeToggle, { desc = 'Undo history' })

     

       294
       +
                 '';

     

       295
       +
               }

     

       296
       +
               {

     

       297
       +
                 plugin = leap-nvim;

     

       298
       +
                 type = "lua";

     

       299
       +
                 config = ''

     

       300
       +
                   vim.keymap.set({'n', 'x', 'o'}, 's',  '<Plug>(leap-forward)', { desc = "Leap forward"} )

     

       301
       +
                   vim.keymap.set({'n', 'x', 'o'}, 'S',  '<Plug>(leap-backward)', { desc = "Leap backward"} )

     

       302
       +
                   vim.keymap.set({'n', 'x', 'o'}, 'gs', '<Plug>(leap-from-window)', { desc = "Leap from window"} )

     

       303
       +
                 '';

     

       304
       +
               }

     

       305
       +
               {

     

       306
       +
                 plugin = pkgs.overlay-unstable.vimPlugins.which-key-nvim;

     

       307
       +
                 type = "lua";

     

       308
       +
                 config = ''

     

       309
       +
                   local wk = require('which-key')

     

       310
       +
                   wk.setup({

     

       311
       +
                     plugins = {

     

       312
       +
                       spelling = {

     

       313
       +
                         enabled = false

     

       0
        
       
     

       314
        
                       },

     

       315
       +
                     },

     

       316
       +
                     icons = { mappings = false },

     

       317
       +
                     triggers = {

     

       318
       +
                       { "<leader>", mode = { "n", "v" } },

     

       319
       +
                       { "<auto>", mode = "nixsotc" },

     

       320
       +
                     },

     

       321
       +
                     delay = 1000,

     

       322
       +
                   })

     

       323
       +
                   wk.add({

     

       324
       +
                     { "<leader>f", group = 'Find' },

     

       325
       +
                     { "<leader>c", group = 'Code' },

     

       326
       +
                     { "<leader>;", group = 'DAP' },

     

       327
       +
                     { "<leader>s", group = 'Search' },

     

       328
       +
                     { "<leader>t", group = 'Tab' },

     

       329
       +
                     { "<leader>h", group = 'Hunk' },

     

       330
       +
                     { "<leader>x", group = 'Trouble' },

     

       331
       +
                     { "<leader>g", group = 'Git' },

     

       332
       +
                     { "<leader>i", group = 'Insert' },

     

       333
       +
                   })

     

       334
       +
                 '';

     

       335
       +
               }

     

       336
        
       

     

       337
       +
               {

     

       338
       +
                 plugin = vim-ledger-2024-07-15;

     

       339
       +
                 type = "lua";

     

       340
       +
                 config = ''

     

       341
       +
                   vim.g.ledger_fuzzy_account_completion = true

     

       342
       +
                   vim.g.ledger_extra_options = '--pedantic'

     

       343
       +
                   vim.g.ledger_align_at = 50

     

       344
       +
                   vim.g.ledger_accounts_cmd = 'ledger accounts --add-budget'

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       345
        
       

     

       346
       +
                   vim.g.ledger_date_format = '%Y-%m-%d'

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       347
        
       

     

       348
       +
                   vim.cmd([[

     

       349
       +
                     autocmd FileType ledger nnoremap <buffer> <leader>e :call ledger#entry()<CR>

     

       350
       +
                   ]])

     

       351
       +
                 '';

     

       352
       +
               }

     

       353
       +
               {

     

       354
       +
                 plugin = orgmode;

     

       355
       +
                 type = "lua";

     

       356
       +
                 config = ''

     

       357
       +
                   -- In any orgmode buffer press g? for help

     

       358
       +
                   require('orgmode').setup({

     

       359
       +
                     org_agenda_files = { '~/vault/*.org' },

     

       360
       +
                     org_default_notes_file = '~/vault/todo.org',

     

       361
       +
                     org_capture_templates = {

     

       362
       +
                       t = {

     

       363
       +
                         description = 'Task',

     

       364
       +
                         template = '* TODO %?\n  %u',

     

       365
       +
                       },

     

       366
       +
                     },

     

       367
       +
                   })

     

       368
       +
                 '';

     

       369
       +
               }

     

       370
        
       

     

       371
       +
               {

     

       372
       +
                 plugin = nvim-lspconfig;

     

       373
       +
                 type = "lua";

     

       374
       +
                 config = builtins.readFile ./lsp.lua;

     

       375
       +
                 runtime = {

     

       376
       +
                   "ftplugin/java.lua".text = ''

     

       377
       +
                     local project_name = vim.fn.fnamemodify(vim.fn.getcwd(), ':p:h:t')

     

       378
       +
                     local workspace_dir = '~/.cache/jdt/' .. project_name

     

       379
       +
                     require('jdtls').start_or_attach {

     

       380
       +
                       on_attach = On_attach,

     

       381
       +
                       capabilities = Capabilities,

     

       382
       +
                       cmd = { 'jdt-language-server', '-data', workspace_dir, },

     

       383
       +
                       root_dir = vim.fs.dirname(vim.fs.find({'gradlew', '.git', 'mvnw'}, { upward = true })[1]),

     

       384
       +
                     }

     

       385
        
                   '';

     

       386
       +
                 };

     

       387
       +
               }

     

       388
       +
               {

     

       389
       +
                 plugin = nvim-dap;

     

       390
       +
                 type = "lua";

     

       391
       +
                 config = builtins.readFile ./dap.lua;

     

       392
       +
               }

     

       393
       +
               cmp-nvim-lsp

     

       394
       +
               cmp-nvim-lsp-signature-help

     

       395
       +
               ltex-ls-nvim

     

       396
       +
               nvim-jdtls

     

       397
       +
             ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       398
        
           };

     

       399
        
         };

     

       400
        
       }

+9 -8

home/nvim/init.lua

···

       68
        
       

     

       69
        
       vim.o.cursorcolumn = true

     

       70
        
       

     

       71
       -
       vim.keymap.set('n', '<leader>w', ':w<CR>', { desc = 'Write file' })

     

       72
       -
       vim.keymap.set('n', '<leader>q', ':qa<CR>', { desc = 'Quit all' })

     

       73
        
       

     

       74
        
       vim.keymap.set('n', 'ZA', ':cquit<Enter>', { desc = 'Quit and fail' })

     

       75
        
       

     
···

       80
        
       

     

       81
        
       vim.keymap.set('n', '!', ':term ', { desc = 'terminal' })

     

       82
        
       

     

       83
       -
       vim.keymap.set('n', '<leader>gn', ':Neogit', { desc = 'Neogit' })

     

       84
        
       

     

       85
       -
       vim.keymap.set('n', '<leader>m', ':make<Enter>', { desc = 'Make' })

     

       0
        
       
     

       0
        
       
     

       86
        
       

     

       87
        
       -- go though spelling mistakes

     

       88
        
       vim.keymap.set('n', '<C-s>', ']s1z=', { desc = 'correct next spelling mistake' })

     
···

       199
        
       vim.api.nvim_create_user_command('SaveSession', save_session, { nargs = '?', complete = session_completion })

     

       200
        
       vim.api.nvim_create_user_command('LoadSession', load_session, { nargs = '?', complete = session_completion })

     

       201
        
       

     

       202
       -
       vim.keymap.set('n', '<leader>ss', ':SaveSession<CR>')

     

       203
       -
       vim.keymap.set('n', '<leader>sl', ':LoadSession<CR>')

     

       204
        
       

     

       205
        
       -- free real-estate

     

       206
        
       -- <leader>n

     

       207
        
       -- <leader>;

     

       208
        
       -- <leader>e

     

       209
        
       -- <leader>v

     

       210
       -
       -- <leader>c

     

       211
       -
       -- <leader>h

     

       212
        
       -- <leader>j

     

       213
        
       -- <leader>k

     

       214
        
       -- <leader>z

···

       68
        
       

     

       69
        
       vim.o.cursorcolumn = true

     

       70
        
       

     

       71
       +
       vim.keymap.set('n', '<leader>fs', ':w<CR>', { desc = 'Write file' })

     

       72
       +
       vim.keymap.set('n', '<leader>qq', ':qa<CR>', { desc = 'Quit all' })

     

       73
        
       

     

       74
        
       vim.keymap.set('n', 'ZA', ':cquit<Enter>', { desc = 'Quit and fail' })

     

       75
        
       

     
···

       80
        
       

     

       81
        
       vim.keymap.set('n', '!', ':term ', { desc = 'terminal' })

     

       82
        
       

     

       83
       +
       vim.keymap.set('n', '<leader>gg', ':Neogit<CR>', { desc = 'Neogit' })

     

       84
        
       

     

       85
       +
       vim.keymap.set('n', '<leader>om', ':make<Enter>', { desc = 'Make' })

     

       86
       +
       

     

       87
       +
       vim.keymap.set('n', '<leader>w', '<C-w>', { desc = 'Window commands' })

     

       88
        
       

     

       89
        
       -- go though spelling mistakes

     

       90
        
       vim.keymap.set('n', '<C-s>', ']s1z=', { desc = 'correct next spelling mistake' })

     
···

       201
        
       vim.api.nvim_create_user_command('SaveSession', save_session, { nargs = '?', complete = session_completion })

     

       202
        
       vim.api.nvim_create_user_command('LoadSession', load_session, { nargs = '?', complete = session_completion })

     

       203
        
       

     

       204
       +
       vim.keymap.set('n', '<leader>qs', ':SaveSession<CR>', { desc = 'Save session' })

     

       205
       +
       vim.keymap.set('n', '<leader>ql', ':LoadSession<CR>', { desc = 'Load session' })

     

       206
        
       

     

       207
        
       -- free real-estate

     

       208
        
       -- <leader>n

     

       209
        
       -- <leader>;

     

       210
        
       -- <leader>e

     

       211
        
       -- <leader>v

     

       212
       +
       -- <leader>l

     

       0
        
       
     

       213
        
       -- <leader>j

     

       214
        
       -- <leader>k

     

       215
        
       -- <leader>z

+8 -8

home/nvim/lsp.lua

···

       18
        
       	vim.keymap.set('n', 'gd', vim.lsp.buf.definition, { desc = 'Goto definition' })

     

       19
        
       	vim.keymap.set('n', '[d', vim.diagnostic.goto_next, { desc = 'Goto next issue' })

     

       20
        
       	vim.keymap.set('n', ']d', vim.diagnostic.goto_prev, { desc = 'Goto prev issue' })

     

       21
       -
       	vim.keymap.set('n', '<leader>li', vim.lsp.buf.implementation, { desc = 'Goto implementation' })

     

       22
       -
       	vim.keymap.set('n', '<leader>lt', vim.lsp.buf.type_definition, { desc = 'Goto type definition' })

     

       23
       -
       	vim.keymap.set('n', '<leader>lr', vim.lsp.buf.references, { desc = 'Show references' })

     

       24
       -
       	vim.keymap.set('n', '<leader>la', vim.lsp.buf.code_action, { desc = 'Code action' })

     

       25
       -
       	vim.keymap.set('n', '<leader>lR', vim.lsp.buf.rename, { desc = 'Rename' })

     

       26
       -
       	vim.keymap.set('n', '<leader>lf', function() vim.lsp.buf.format { async = true } end, { desc = 'Format' })

     

       27
       -
       	vim.keymap.set('n', '<leader>le', vim.diagnostic.open_float, { desc = 'Get error' })

     

       28
        
       end

     

       29
        
       

     

       30
        
       -- Add additional capabilities supported by nvim-cmp

     
···

       37
        
       local lspconfig = require('lspconfig')

     

       38
        
       

     

       39
        
       -- Enable some language servers with the additional completion capabilities offered by nvim-cmp

     

       40
       -
       local servers = { 'nixd', 'ocamllsp', 'clangd', 'rust_analyzer', 'pyright', 'gopls', 'typst_lsp' }

     

       41
        
       for _, lsp in ipairs(servers) do

     

       42
        
       	lspconfig[lsp].setup {

     

       43
        
       		on_attach = On_attach,

···

       18
        
       	vim.keymap.set('n', 'gd', vim.lsp.buf.definition, { desc = 'Goto definition' })

     

       19
        
       	vim.keymap.set('n', '[d', vim.diagnostic.goto_next, { desc = 'Goto next issue' })

     

       20
        
       	vim.keymap.set('n', ']d', vim.diagnostic.goto_prev, { desc = 'Goto prev issue' })

     

       21
       +
       	vim.keymap.set('n', '<leader>ci', vim.lsp.buf.implementation, { desc = 'Goto implementation' })

     

       22
       +
       	vim.keymap.set('n', '<leader>ct', vim.lsp.buf.type_definition, { desc = 'Goto type definition' })

     

       23
       +
       	vim.keymap.set('n', '<leader>cr', vim.lsp.buf.references, { desc = 'Show references' })

     

       24
       +
       	vim.keymap.set('n', '<leader>ca', vim.lsp.buf.code_action, { desc = 'Code action' })

     

       25
       +
       	vim.keymap.set('n', '<leader>cR', vim.lsp.buf.rename, { desc = 'Rename' })

     

       26
       +
       	vim.keymap.set('n', '<leader>cf', function() vim.lsp.buf.format { async = true } end, { desc = 'Format' })

     

       27
       +
       	vim.keymap.set('n', '<leader>ce', vim.diagnostic.open_float, { desc = 'Get error' })

     

       28
        
       end

     

       29
        
       

     

       30
        
       -- Add additional capabilities supported by nvim-cmp

     
···

       37
        
       local lspconfig = require('lspconfig')

     

       38
        
       

     

       39
        
       -- Enable some language servers with the additional completion capabilities offered by nvim-cmp

     

       40
       +
       local servers = { 'nixd', 'ocamllsp', 'clangd', 'rust_analyzer', 'pyright', 'gopls', 'typst_lsp', 'hls' }

     

       41
        
       for _, lsp in ipairs(servers) do

     

       42
        
       	lspconfig[lsp].setup {

     

       43
        
       		on_attach = On_attach,

+4 -7

home/nvim/nvim-cmp.lua

···

       12
        
       				omni = '[Omni]',

     

       13
        
       				nvim_lsp = '[LSP]',

     

       14
        
       				nvim_lsp_signature_help = '[Signature]',

     

       15
       -
       				spell = '[Spell]',

     

       16
        
       				dictionary = '[Dictionary]',

     

       17
        
       				buffer = '[Buffer]',

     

       18
        
       				path = '[Path]',

     

       19
        
       				ls = '[Luasnip]',

     

       0
        
       
     

       20
        
       			})[entry.source.name]

     

       21
        
       			return vim_item

     

       22
        
       		end,

     
···

       44
        
       		},

     

       45
        
       	},

     

       46
        
       	sources = cmp.config.sources({

     

       0
        
       
     

       47
        
       		{ name = 'nvim_lsp_signature_help', priority = 1000 },

     

       48
        
       		{ name = 'nvim_lsp',                priority = 900 },

     

       49
        
       		{ name = 'luasnip',                 priority = 800 },

     
···

       54
        
       			name = 'dictionary',

     

       55
        
       			priority = 400,

     

       56
        
       			keyword_length = 2,

     

       57
       -
       		},

     

       58
       -
       		{

     

       59
       -
       			name = 'spell',

     

       60
       -
       			priority = 300,

     

       61
       -
       			option = { preselect_correct_word = false }

     

       62
       -
       		},

     

       63
        
       	}),

     

       64
        
       	sorting = {

     

       65
        
       		priority_weight = 2,

···

       12
        
       				omni = '[Omni]',

     

       13
        
       				nvim_lsp = '[LSP]',

     

       14
        
       				nvim_lsp_signature_help = '[Signature]',

     

       0
        
       
     

       15
        
       				dictionary = '[Dictionary]',

     

       16
        
       				buffer = '[Buffer]',

     

       17
        
       				path = '[Path]',

     

       18
        
       				ls = '[Luasnip]',

     

       19
       +
       				orgmode = '[Orgmode]',

     

       20
        
       			})[entry.source.name]

     

       21
        
       			return vim_item

     

       22
        
       		end,

     
···

       44
        
       		},

     

       45
        
       	},

     

       46
        
       	sources = cmp.config.sources({

     

       47
       +
       		{ name = 'orgmode',                 priority = 1100 },

     

       48
        
       		{ name = 'nvim_lsp_signature_help', priority = 1000 },

     

       49
        
       		{ name = 'nvim_lsp',                priority = 900 },

     

       50
        
       		{ name = 'luasnip',                 priority = 800 },

     
···

       55
        
       			name = 'dictionary',

     

       56
        
       			priority = 400,

     

       57
        
       			keyword_length = 2,

     

       58
       +
       		}

     

       59
       +
       		,

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       60
        
       	}),

     

       61
        
       	sorting = {

     

       62
        
       		priority_weight = 2,

-57

home/nvim/obsidian.lua

···

       1
       -
       

     

       2
       -
       local function find_vault_path()

     

       3
       -
       	local cwd = vim.loop.cwd()

     

       4
       -
       	local path = cwd

     

       5
       -
       	while path ~= "/" do

     

       6
       -
       		if vim.fs.basename(path) == "vault" then

     

       7
       -
       			return path

     

       8
       -
       		end

     

       9
       -
       		path = vim.fs.dirname(path)

     

       10
       -
       	end

     

       11
       -
       	return nil

     

       12
       -
       end

     

       13
       -
       

     

       14
       -
       local vault_path = find_vault_path()

     

       15
       -
       

     

       16
       -
       if vault_path ~= nil then

     

       17
       -
       	require("obsidian").setup({

     

       18
       -
       		workspaces = {

     

       19
       -
       			{

     

       20
       -
       				name = "vault",

     

       21
       -
       				path = vault_path,

     

       22
       -
       			},

     

       23
       -
       		},

     

       24
       -
       		completion = {

     

       25
       -
       			nvim_cmp = true,

     

       26
       -
       			min_chars = 2,

     

       27
       -
       		},

     

       28
       -
       		mappings = {

     

       29
       -
       			-- Overrides the 'gf' mapping to work on markdown/wiki links within your vault.

     

       30
       -
       			["gf"] = {

     

       31
       -
       				action = function()

     

       32
       -
       					return require("obsidian").util.gf_passthrough()

     

       33
       -
       				end,

     

       34
       -
       				opts = { noremap = false, expr = true, buffer = true },

     

       35
       -
       			},

     

       36
       -
       			-- Toggle check-boxes.

     

       37
       -
       			["<leader>ch"] = {

     

       38
       -
       				action = function()

     

       39
       -
       					return require("obsidian").util.toggle_checkbox()

     

       40
       -
       				end,

     

       41
       -
       				opts = { buffer = true },

     

       42
       -
       			},

     

       43
       -
       			-- Smart action depending on context, either follow link or toggle checkbox.

     

       44
       -
       			["<cr>"] = {

     

       45
       -
       				action = function()

     

       46
       -
       					return require("obsidian").util.smart_action()

     

       47
       -
       				end,

     

       48
       -
       				opts = { buffer = true, expr = true },

     

       49
       -
       			}

     

       50
       -
       		},

     

       51
       -
       		ui = {

     

       52
       -
       			enable = false,

     

       53
       -
       		},

     

       54
       -
       		disable_frontmatter = true,

     

       55
       -
       		wiki_link_func = "use_path_only",

     

       56
       -
       	})

     

       57
       -
       end

+12 -10

home/nvim/telescope-nvim.lua

···

       32
        
       }

     

       33
        
       

     

       34
        
       vim.keymap.set('n', '<leader>ff', require('telescope.builtin').find_files, { desc = 'Find files' })

     

       35
       -
       vim.keymap.set('n', '<leader>fg', require('telescope.builtin').live_grep, { desc = 'Find grep' })

     

       0
        
       
     

       36
        
       vim.keymap.set('n', '<leader>fv', require('telescope.builtin').git_files, { desc = 'Find version control' })

     

       37
       -
       vim.keymap.set('n', '<leader>fb', function() require('telescope.builtin').buffers({ sort_mru = true }) end, { desc = 'Find buffer' })

     

       38
       -
       vim.keymap.set('n', '<leader>fh', require('telescope.builtin').help_tags, { desc = 'Find help' })

     

       39
       -
       vim.keymap.set('n', '<leader>fq', require('telescope.builtin').command_history, { desc = 'Find command' })

     

       40
       -
       vim.keymap.set('n', '<leader>fs', require('telescope.builtin').search_history, { desc = 'Find search' })

     

       0
        
       
     

       41
        
       vim.keymap.set('n', '<leader>fj', require('telescope.builtin').jumplist, { desc = 'Find jumplist' })

     

       42
        
       vim.keymap.set('n', '<leader>fm', require('telescope.builtin').marks, { desc = 'Find marks' })

     

       43
        
       vim.keymap.set('n', '<leader>fx', require('telescope.builtin').diagnostics, { desc = 'Find diagnostics' })

     

       44
        
       vim.keymap.set('n', '<leader>fy', require('telescope.builtin').registers, { desc = 'Find registers' })

     

       45
        
       vim.keymap.set('v', '<leader>fy', require('telescope.builtin').registers, { desc = 'Find registers' })

     

       46
       -
       vim.keymap.set('n', '<leader>fr', require('telescope.builtin').lsp_references, { desc = 'Find references' })

     

       47
       -
       vim.keymap.set('n', '<leader>fS', require('telescope.builtin').lsp_document_symbols, { desc = 'Find LSP symbols' })

     

       48
       -
       vim.keymap.set('n', '<leader>fc', require('telescope.builtin').lsp_incoming_calls, { desc = 'Find LSP incoming calls' })

     

       49
       -
       vim.keymap.set('n', '<leader>fo', require('telescope.builtin').lsp_outgoing_calls, { desc = 'Find LSP outgoing calls' })

     

       50
       -
       vim.keymap.set('n', '<leader>fi', require('telescope.builtin').lsp_implementations, { desc = 'Find LSP implementations' })

     

       51
        
       vim.keymap.set('n', '<leader>fu', require('telescope').extensions.undo.undo, { desc = 'Find undo' })

     

       52
        
       vim.keymap.set('n', '<leader>fd', function() require('telescope').extensions.file_browser.file_browser({ path = '%:p:h', select_buffer = true }) end, { desc = 'Find directory' })

···

       32
        
       }

     

       33
        
       

     

       34
        
       vim.keymap.set('n', '<leader>ff', require('telescope.builtin').find_files, { desc = 'Find files' })

     

       35
       +
       vim.keymap.set('n', '<leader><leader>', require('telescope.builtin').find_files, { desc = 'Find files' })

     

       36
       +
       vim.keymap.set('n', '<leader>sd', require('telescope.builtin').live_grep, { desc = 'Search directory' })

     

       37
        
       vim.keymap.set('n', '<leader>fv', require('telescope.builtin').git_files, { desc = 'Find version control' })

     

       38
       +
       vim.keymap.set('n', '<leader>bb', function() require('telescope.builtin').buffers({ sort_mru = true }) end, { desc = 'Find buffer' })

     

       39
       +
       vim.keymap.set('n', '<leader>h', require('telescope.builtin').help_tags, { desc = 'Find help' })

     

       40
       +
       vim.keymap.set('n', '<leader>fq', require('telescope.builtin').commands, { desc = 'Find command' })

     

       41
       +
       vim.keymap.set('n', '<leader>fQ', require('telescope.builtin').command_history, { desc = 'Find command history' })

     

       42
       +
       vim.keymap.set('n', '<leader>f/', require('telescope.builtin').search_history, { desc = 'Find search' })

     

       43
        
       vim.keymap.set('n', '<leader>fj', require('telescope.builtin').jumplist, { desc = 'Find jumplist' })

     

       44
        
       vim.keymap.set('n', '<leader>fm', require('telescope.builtin').marks, { desc = 'Find marks' })

     

       45
        
       vim.keymap.set('n', '<leader>fx', require('telescope.builtin').diagnostics, { desc = 'Find diagnostics' })

     

       46
        
       vim.keymap.set('n', '<leader>fy', require('telescope.builtin').registers, { desc = 'Find registers' })

     

       47
        
       vim.keymap.set('v', '<leader>fy', require('telescope.builtin').registers, { desc = 'Find registers' })

     

       48
       +
       vim.keymap.set('n', '<leader>cD', require('telescope.builtin').lsp_references, { desc = 'Find references' })

     

       49
       +
       vim.keymap.set('n', '<leader>cS', require('telescope.builtin').lsp_document_symbols, { desc = 'Find LSP symbols' })

     

       50
       +
       vim.keymap.set('n', '<leader>cc', require('telescope.builtin').lsp_incoming_calls, { desc = 'Find LSP incoming calls' })

     

       51
       +
       vim.keymap.set('n', '<leader>co', require('telescope.builtin').lsp_outgoing_calls, { desc = 'Find LSP outgoing calls' })

     

       52
       +
       vim.keymap.set('n', '<leader>cfi', require('telescope.builtin').lsp_implementations, { desc = 'Find LSP implementations' })

     

       53
        
       vim.keymap.set('n', '<leader>fu', require('telescope').extensions.undo.undo, { desc = 'Find undo' })

     

       54
        
       vim.keymap.set('n', '<leader>fd', function() require('telescope').extensions.file_browser.file_browser({ path = '%:p:h', select_buffer = true }) end, { desc = 'Find directory' })

home/zsh.cfg

···

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1
        
       

     

       2
        
       setopt autocd nomatch notify interactive_comments inc_append_history 

     

       3
        
       unsetopt beep extendedglob share_history

     
···

       111
        
       	source /run/current-system/sw/share/bash-completion/completions/ledger.bash

     

       112
        
       fi

     

       113
        
       

     

       0

···

       1
       +
       

     

       2
       +
       # https://www.emacswiki.org/emacs/TrampMode#h5o-9

     

       3
       +
       [[ $TERM == "dumb" ]] && unsetopt zle && PS1='$ ' && return

     

       4
        
       

     

       5
        
       setopt autocd nomatch notify interactive_comments inc_append_history 

     

       6
        
       unsetopt beep extendedglob share_history

     
···

       114
        
       	source /run/current-system/sw/share/bash-completion/completions/ledger.bash

     

       115
        
       fi

     

       116
        
       

     

       117
       +
       eval $(opam env)

+3 -5

hosts/elephant/default.nix

···

       27
        
           powertop

     

       28
        
           hdparm

     

       29
        
           restic

     

       30
       -
           ffmpeg

     

       0
        
       
     

       0
        
       
     

       31
        
           #stig

     

       32
        
         ];

     

       33
        
       

     
···

       75
        
             # Video Acceleration API (VA-API) user mode driver

     

       76
        
             intel-media-driver

     

       77
        
             # Intel Video Processing Library (VPL) API runtime implementation

     

       78
       -
             # replace with`onevpl-intel-gpu` after https://github.com/NixOS/nixpkgs/pull/264621

     

       79
        
             vpl-gpu-rt

     

       80
        
           ];

     

       81
        
         };

     

       82
        
         nixpkgs.config.packageOverrides = prev: {

     

       83
        
           jellyfin-ffmpeg = prev.jellyfin-ffmpeg.overrideAttrs (_: {

     

       84
       -
             withVpl = true;

     

       85
       -
           });

     

       86
       -
           ffmpeg = prev.ffmpeg.overrideAttrs (_: {

     

       87
        
             withVpl = true;

     

       88
        
           });

     

       89
        
         };

···

       27
        
           powertop

     

       28
        
           hdparm

     

       29
        
           restic

     

       30
       +
           (ffmpeg.overrideAttrs (_: {

     

       31
       +
             withVpl = true;

     

       32
       +
           }))

     

       33
        
           #stig

     

       34
        
         ];

     

       35
        
       

     
···

       77
        
             # Video Acceleration API (VA-API) user mode driver

     

       78
        
             intel-media-driver

     

       79
        
             # Intel Video Processing Library (VPL) API runtime implementation

     

       0
        
       
     

       80
        
             vpl-gpu-rt

     

       81
        
           ];

     

       82
        
         };

     

       83
        
         nixpkgs.config.packageOverrides = prev: {

     

       84
        
           jellyfin-ffmpeg = prev.jellyfin-ffmpeg.overrideAttrs (_: {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       85
        
             withVpl = true;

     

       86
        
           });

     

       87
        
         };

+97 -2

hosts/elephant/services.nix

···

       3
        
         config,

     

       4
        
         pkgs,

     

       5
        
         lib,

     

       0
        
       
     

       6
        
         ...

     

       7
        
       }:

     

       8
        
       

     
···

       28
        
             "nextcloud.vpn.freumh.org"

     

       29
        
             "owntracks.vpn.freumh.org"

     

       30
        
             "immich.vpn.freumh.org"

     

       0
        
       
     

       0
        
       
     

       31
        
           ];

     

       32
        
         };

     

       33
        
       

     
···

       94
        
                 '';

     

       95
        
               };

     

       96
        
             };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       97
        
           };

     

       98
        
         };

     

       99
        
       

     
···

       178
        
           package = pkgs.transmission_3;

     

       179
        
           settings = {

     

       180
        
             download-dir = "/tank/transmission";

     

       181
       -
             incomplete-dir-enabled = true;

     

       182
        
             rpc-whitelist = "127.0.0.1,100.64.*.*,192.168.1.*";

     

       183
        
             rpc-bind-address = "0.0.0.0";

     

       184
        
             rpc-host-whitelist-enabled = false;

     

       185
        
             ratio-limit-enabled = true;

     

       0
        
       
     

       186
        
           };

     

       187
        
         };

     

       188
        
       

     

       189
        
         services.prowlarr.enable = true;

     

       0
        
       
     

       190
        
         services.sonarr.enable = true;

     

       191
        
         services.radarr.enable = true;

     

       192
        
         services.bazarr.enable = true;

     
···

       214
        
           config.services.transmission.user

     

       215
        
           config.services.nzbget.user

     

       216
        
         ];

     

       217
       -
         # services.calibre-server.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       218
        
       

     

       219
        
         age.secrets.restic-owl.file = ../../secrets/restic-owl.age;

     

       220
        
         age.secrets.restic-gecko.file = ../../secrets/restic-gecko.age;

     
···

       272
        
           mediaLocation = "/tank/immich";

     

       273
        
         };

     

       274
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       275
        
         services.fail2ban = {

     

       276
        
           enable = true;

     

       277
        
           bantime = "24h";

     
···

       302
        
             findTime = "43200";

     

       303
        
             logPath = "/var/lib/jellyseerr/logs/overseerr.log";

     

       304
        
           };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       305
        
         };

     

       306
        
         environment.etc = {

     

       307
        
           "fail2ban/filter.d/jellyfin.local".text = ''

     
···

       312
        
             [Definition]

     

       313
        
             failregex = ^.*\[warn\]\[Auth\]: Failed login attempt from user with incorrect Jellyfin credentials {"account":{"ip":"<HOST>","email":

     

       314
        
           '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       315
        
         };

     

       316
        
       }

···

       3
        
         config,

     

       4
        
         pkgs,

     

       5
        
         lib,

     

       6
       +
         nixpkgs-chromedriver,

     

       7
        
         ...

     

       8
        
       }:

     

       9
        
       

     
···

       29
        
             "nextcloud.vpn.freumh.org"

     

       30
        
             "owntracks.vpn.freumh.org"

     

       31
        
             "immich.vpn.freumh.org"

     

       32
       +
             "calibre.freumh.org"

     

       33
       +
             "audiobookshelf.vpn.freumh.org"

     

       34
        
           ];

     

       35
        
         };

     

       36
        
       

     
···

       97
        
                 '';

     

       98
        
               };

     

       99
        
             };

     

       100
       +
             "calibre.freumh.org" = {

     

       101
       +
               addSSL = true;

     

       102
       +
               locations."/" = {

     

       103
       +
                 recommendedProxySettings = true;

     

       104
       +
                 proxyPass = ''

     

       105
       +
                   http://127.0.0.1:${builtins.toString config.services.calibre-web.listen.port}

     

       106
       +
                 '';

     

       107
       +
                 proxyWebsockets = true;

     

       108
       +
                 extraConfig = ''

     

       109
       +
                   proxy_buffer_size 128k;

     

       110
       +
                   proxy_buffers 4 256k;

     

       111
       +
                   proxy_busy_buffers_size 256k;

     

       112
       +
                 '';

     

       113
       +
               };

     

       114
       +
             };

     

       115
       +
             "audiobookshelf.vpn.freumh.org" = {

     

       116
       +
               onlySSL = true;

     

       117
       +
               listenAddresses = [ "100.64.0.9" ];

     

       118
       +
               locations."/" = {

     

       119
       +
                 proxyPass = ''

     

       120
       +
                   http://localhost:${builtins.toString config.services.audiobookshelf.port}

     

       121
       +
                 '';

     

       122
       +
                 proxyWebsockets = true;

     

       123
       +
               };

     

       124
       +
             };

     

       125
        
           };

     

       126
        
         };

     

       127
        
       

     
···

       206
        
           package = pkgs.transmission_3;

     

       207
        
           settings = {

     

       208
        
             download-dir = "/tank/transmission";

     

       209
       +
             incomplete-dir-enabled = false;

     

       210
        
             rpc-whitelist = "127.0.0.1,100.64.*.*,192.168.1.*";

     

       211
        
             rpc-bind-address = "0.0.0.0";

     

       212
        
             rpc-host-whitelist-enabled = false;

     

       213
        
             ratio-limit-enabled = true;

     

       214
       +
             download-queue-size = 20;

     

       215
        
           };

     

       216
        
         };

     

       217
        
       

     

       218
        
         services.prowlarr.enable = true;

     

       219
       +
         services.flaresolverr.enable = true;

     

       220
        
         services.sonarr.enable = true;

     

       221
        
         services.radarr.enable = true;

     

       222
        
         services.bazarr.enable = true;

     
···

       244
        
           config.services.transmission.user

     

       245
        
           config.services.nzbget.user

     

       246
        
         ];

     

       247
       +
       

     

       248
       +
         services.calibre-web = {

     

       249
       +
           enable = true;

     

       250
       +
           listen = {

     

       251
       +
             port = 8084;

     

       252
       +
             ip = "127.0.0.1";

     

       253
       +
           };

     

       254
       +
           options = {

     

       255
       +
             enableBookConversion = true;

     

       256
       +
             enableBookUploading = true;

     

       257
       +
             enableKepubify = true;

     

       258
       +
           };

     

       259
       +
         };

     

       260
       +
         users.users.${config.services.calibre-web.user}.extraGroups = [

     

       261
       +
           config.services.readarr.user

     

       262
       +
         ];

     

       263
        
       

     

       264
        
         age.secrets.restic-owl.file = ../../secrets/restic-owl.age;

     

       265
        
         age.secrets.restic-gecko.file = ../../secrets/restic-gecko.age;

     
···

       317
        
           mediaLocation = "/tank/immich";

     

       318
        
         };

     

       319
        
       

     

       320
       +
         services.audiobookshelf = {

     

       321
       +
           enable = true;

     

       322
       +
           port = 8001;

     

       323
       +
         };

     

       324
       +
         users.users.${config.services.audiobookshelf.user}.extraGroups = [

     

       325
       +
           config.services.readarr.user

     

       326
       +
         ];

     

       327
       +
       

     

       328
        
         services.fail2ban = {

     

       329
        
           enable = true;

     

       330
        
           bantime = "24h";

     
···

       355
        
             findTime = "43200";

     

       356
        
             logPath = "/var/lib/jellyseerr/logs/overseerr.log";

     

       357
        
           };

     

       358
       +
           # requires 'Enable Proxy Support' for jellyseerr

     

       359
       +
           jails."calibre-web".settings = {

     

       360
       +
             backend = "auto";

     

       361
       +
             port = "80,443";

     

       362
       +
             protocol = "tcp";

     

       363
       +
             filter = "calibre-web";

     

       364
       +
             maxRetry = 3;

     

       365
       +
             bantime = "86400";

     

       366
       +
             findTime = "43200";

     

       367
       +
             logPath = "/var/lib/calibre-web/log";

     

       368
       +
           };

     

       369
        
         };

     

       370
        
         environment.etc = {

     

       371
        
           "fail2ban/filter.d/jellyfin.local".text = ''

     
···

       376
        
             [Definition]

     

       377
        
             failregex = ^.*\[warn\]\[Auth\]: Failed login attempt from user with incorrect Jellyfin credentials {"account":{"ip":"<HOST>","email":

     

       378
        
           '';

     

       379
       +
           "fail2ban/filter.d/calibre-web.local".text = ''

     

       380
       +
             [Definition]

     

       381
       +
             failregex = ^(?:\[\])?\s*WARN \{[^\}]*\} Login failed for user "<F-USER>[^"]*</F-USER>" IP-address: <ADDR>

     

       382
       +
           '';

     

       383
       +
         };

     

       384
       +
       

     

       385
       +
         systemd.services.ddns = {

     

       386
       +
           description = "Dynamic DNS";

     

       387
       +
           wantedBy = [ "multi-user.target" ];

     

       388
       +
           after = [ "network-online.target" ];

     

       389
       +
           wants = [ "network-online.target" ];

     

       390
       +
           serviceConfig = {

     

       391
       +
             ExecStart = pkgs.writeShellScript "update-dns" ''

     

       392
       +
               while true; do

     

       393
       +
                 IP="$(${pkgs.curl}/bin/curl https://ipinfo.io/ip 2> /dev/null)"

     

       394
       +
                 echo $IP

     

       395
       +
                 ${config.services.eon.package}/bin/capc update /run/agenix/eon-freumh.org.cap \

     

       396
       +
                   -u "remove|jellyfin.freumh.org|A" \

     

       397
       +
                   -u "remove|jellyseerr.freumh.org|A" \

     

       398
       +
                   -u "remove|calibre.freumh.org|A" \

     

       399
       +
                   -u "add|jellyfin.freumh.org|A|$IP|60" \

     

       400
       +
                   -u "add|jellyseerr.freumh.org|A|$IP|60" \

     

       401
       +
                   -u "add|calibre.freumh.org|A|$IP|60" \

     

       402
       +
                   ;

     

       403
       +
                 sleep 3600

     

       404
       +
               done

     

       405
       +
             '';

     

       406
       +
             Restart = "always";

     

       407
       +
             RestartSec = 5;

     

       408
       +
             User = "root";

     

       409
       +
           };

     

       410
        
         };

     

       411
        
       }

+52 -6

hosts/gecko/default.nix

···

       18
        
           printing = true;

     

       19
        
           gui.i3 = true;

     

       20
        
           gui.sway = true;

     

       21
       -
           ocaml = true;

     

       22
        
           workstation = true;

     

       23
        
           autoUpgrade.enable = true;

     

       24
        
           homeManager.enable = true;

     
···

       36
        
           };

     

       37
        
           custom = {

     

       38
        
             machineColour = "blue";

     

       39
       -
             nvim-lsps = true;

     

       40
        
             mail.enable = true;

     

       41
        
             calendar.enable = true;

     

       42
        
             battery.enable = true;

     

       43
        
             emacs.enable = true;

     

       44
        
           };

     

       45
        
           home.sessionVariables = {

     

       46
       -
             LEDGER_FILE = ''~/vault/ledger/`date "+%Y"`.ledger'';

     

       0
        
       
     

       47
        
           };

     

       48
        
           programs.git.extraConfig.commit.gpgSign = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       49
        
         };

     

       50
        
       

     

       51
        
         boot.loader.grub = {

     
···

       57
        
         };

     

       58
        
       

     

       59
        
         environment.systemPackages = with pkgs; [

     

       0
        
       
     

       60
        
           dell-command-configure

     

       61
        
           file-roller

     

       62
        
           unzip

     
···

       66
        
           calibre

     

       67
        
           zotero

     

       68
        
           element-desktop

     

       0
        
       
     

       69
        
           iamb

     

       70
        
           spotify

     

       71
        
           gimp

     
···

       100
        
           nix-prefetch-git

     

       101
        
           tcpdump

     

       102
        
           pandoc

     

       103
       -
           w3m

     

       104
       -
           ranger

     

       105
       -
           bluetuith

     

       106
        
           powertop

     

       107
        
           toot

     

       108
        
           ledger

     
···

       124
        
           ))

     

       125
        
           moreutils

     

       126
        
           gnome-calendar

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       127
        
         ];

     

       128
        
       

     

       129
        
         services.gnome.gnome-keyring.enable = true;

     
···

       184
        
       

     

       185
        
         # ddcutil

     

       186
        
         hardware.i2c.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       187
        
       }

···

       18
        
           printing = true;

     

       19
        
           gui.i3 = true;

     

       20
        
           gui.sway = true;

     

       0
        
       
     

       21
        
           workstation = true;

     

       22
        
           autoUpgrade.enable = true;

     

       23
        
           homeManager.enable = true;

     
···

       35
        
           };

     

       36
        
           custom = {

     

       37
        
             machineColour = "blue";

     

       0
        
       
     

       38
        
             mail.enable = true;

     

       39
        
             calendar.enable = true;

     

       40
        
             battery.enable = true;

     

       41
        
             emacs.enable = true;

     

       42
        
           };

     

       43
        
           home.sessionVariables = {

     

       44
       +
             LEDGER_FILE = "$HOME/vault/finances.ledger";

     

       45
       +
             CALENDAR_DIR = "$HOME/calendar";

     

       46
        
           };

     

       47
        
           programs.git.extraConfig.commit.gpgSign = true;

     

       48
       +
           programs.direnv = {

     

       49
       +
             enable = true;

     

       50
       +
             enableZshIntegration = true;

     

       51
       +
             enableBashIntegration = true;

     

       52
       +
           };

     

       53
        
         };

     

       54
        
       

     

       55
        
         boot.loader.grub = {

     
···

       61
        
         };

     

       62
        
       

     

       63
        
         environment.systemPackages = with pkgs; [

     

       64
       +
           gcc

     

       65
        
           dell-command-configure

     

       66
        
           file-roller

     

       67
        
           unzip

     
···

       71
        
           calibre

     

       72
        
           zotero

     

       73
        
           element-desktop

     

       74
       +
           nheko

     

       75
        
           iamb

     

       76
        
           spotify

     

       77
        
           gimp

     
···

       106
        
           nix-prefetch-git

     

       107
        
           tcpdump

     

       108
        
           pandoc

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
           powertop

     

       110
        
           toot

     

       111
        
           ledger

     
···

       127
        
           ))

     

       128
        
           moreutils

     

       129
        
           gnome-calendar

     

       130
       +
       

     

       131
       +
           # nix

     

       132
       +
           nixd

     

       133
       +
           nixfmt-rfc-style

     

       134
       +
           # ocaml

     

       135
       +
           opam

     

       136
       +
           pkg-config

     

       137
       +
           ocamlPackages.ocaml-lsp

     

       138
       +
           ocamlPackages.ocamlformat

     

       139
       +
           # rust

     

       140
       +
           overlay-unstable.cargo

     

       141
       +
           overlay-unstable.rustc

     

       142
       +
           overlay-unstable.rust-analyzer

     

       143
       +
           overlay-unstable.rustfmt

     

       144
       +
           # haskell

     

       145
       +
           cabal-install

     

       146
       +
           ghc

     

       147
       +
           haskell-language-server

     

       148
       +
           # python

     

       149
       +
           pyright

     

       150
       +
           black

     

       151
       +
           # jave

     

       152
       +
           jdt-language-server

     

       153
       +
           nodejs_18

     

       154
       +
           # c

     

       155
       +
           clang-tools

     

       156
       +
           # lua

     

       157
       +
           lua-language-server

     

       158
       +
           # other

     

       159
       +
           ltex-ls

     

       160
       +
           typst-lsp

     

       161
       +
       

     

       162
       +
           overlay-unstable.claude-code

     

       163
        
         ];

     

       164
        
       

     

       165
        
         services.gnome.gnome-keyring.enable = true;

     
···

       220
        
       

     

       221
        
         # ddcutil

     

       222
        
         hardware.i2c.enable = true;

     

       223
       +
       

     

       224
       +
         hardware.graphics = {

     

       225
       +
           enable = true;

     

       226
       +
           extraPackages = with pkgs; [

     

       227
       +
             # Video Acceleration API (VA-API) user mode driver

     

       228
       +
             intel-media-driver

     

       229
       +
             # Intel Video Processing Library (VPL) API runtime implementation

     

       230
       +
             vpl-gpu-rt

     

       231
       +
           ];

     

       232
       +
         };

     

       233
        
       }

+31

hosts/hippo/default.nix

···

       1
       +
       {

     

       2
       +
         pkgs,

     

       3
       +
         config,

     

       4
       +
         lib,

     

       5
       +
         disko,

     

       6
       +
         ...

     

       7
       +
       }:

     

       8
       +
       

     

       9
       +
       {

     

       10
       +
         imports = [

     

       11
       +
           ./hardware-configuration.nix

     

       12
       +
           disko.nixosModules.disko

     

       13
       +
           ./disk-config.nix

     

       14
       +
         ];

     

       15
       +
       

     

       16
       +
         custom = {

     

       17
       +
           enable = true;

     

       18
       +
           autoUpgrade.enable = true;

     

       19
       +
           homeManager.enable = true;

     

       20
       +
         };

     

       21
       +
       

     

       22
       +
         home-manager.users.${config.custom.username}.config.custom.machineColour = "blue";

     

       23
       +
       

     

       24
       +
         networking.hostName = "iphito";

     

       25
       +
       

     

       26
       +
         services.openssh.openFirewall = true;

     

       27
       +
       

     

       28
       +
         users.users.root.openssh.authorizedKeys.keys = [

     

       29
       +
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7UrJmBFWR3c7jVzpoyg4dJjON9c7t9bT9acfrj6G7i mtelvers"

     

       30
       +
         ];

     

       31
       +
       }

+33

hosts/hippo/disk-config.nix

···

       1
       +
       { lib, ... }:

     

       2
       +
       

     

       3
       +
       {

     

       4
       +
         disko.devices = {

     

       5
       +
           disk.disk1 = {

     

       6
       +
             device = lib.mkDefault "/dev/sda";

     

       7
       +
             type = "disk";

     

       8
       +
             content = {

     

       9
       +
               type = "gpt";

     

       10
       +
               partitions = {

     

       11
       +
                 ESP = {

     

       12
       +
                   type = "EF00";

     

       13
       +
                   size = "500M";

     

       14
       +
                   content = {

     

       15
       +
                     type = "filesystem";

     

       16
       +
                     format = "vfat";

     

       17
       +
                     mountpoint = "/boot";

     

       18
       +
                     mountOptions = [ "umask=0077" ];

     

       19
       +
                   };

     

       20
       +
                 };

     

       21
       +
                 root = {

     

       22
       +
                   size = "100%";

     

       23
       +
                   content = {

     

       24
       +
                     type = "filesystem";

     

       25
       +
                     format = "ext4";

     

       26
       +
                     mountpoint = "/";

     

       27
       +
                   };

     

       28
       +
                 };

     

       29
       +
               };

     

       30
       +
             };

     

       31
       +
           };

     

       32
       +
         };

     

       33
       +
       }

+40

hosts/hippo/hardware-configuration.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         lib,

     

       4
       +
         pkgs,

     

       5
       +
         modulesPath,

     

       6
       +
         ...

     

       7
       +
       }:

     

       8
       +
       

     

       9
       +
       {

     

       10
       +
         imports = [

     

       11
       +
           (modulesPath + "/installer/scan/not-detected.nix")

     

       12
       +
         ];

     

       13
       +
       

     

       14
       +
         boot.initrd.availableKernelModules = [

     

       15
       +
           "megaraid_sas"

     

       16
       +
           "xhci_pci"

     

       17
       +
           "nvme"

     

       18
       +
           "ahci"

     

       19
       +
           "sd_mod"

     

       20
       +
         ];

     

       21
       +
         boot.initrd.kernelModules = [ "dm-snapshot" ];

     

       22
       +
         boot.kernelModules = [ "kvm-amd" ];

     

       23
       +
         boot.extraModulePackages = [ ];

     

       24
       +
       

     

       25
       +
         networking.useDHCP = lib.mkDefault true;

     

       26
       +
       

     

       27
       +
         nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

     

       28
       +
         hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

     

       29
       +
       

     

       30
       +
         boot.loader.grub = {

     

       31
       +
           enable = true;

     

       32
       +
           device = "nodev";

     

       33
       +
           efiSupport = true;

     

       34
       +
           efiInstallAsRemovable = true;

     

       35
       +
         };

     

       36
       +
       

     

       37
       +
         boot.kernelParams = [

     

       38
       +
           "console=ttyS1,115200n8"

     

       39
       +
         ];

     

       40
       +
       }

+6 -468

hosts/owl/default.nix

···

       1
        
       {

     

       2
        
         pkgs,

     

       3
       -
         config,

     

       4
        
         lib,

     

       5
       -
         eon,

     

       6
        
         ...

     

       7
        
       }@inputs:

     

       8
        
       

     

       9
       -
       let

     

       10
       -
         vpnRecords = [

     

       11
       -
           {

     

       12
       -
             name = "nix-cache.vpn.${config.networking.domain}.";

     

       13
       -
             type = "A";

     

       14
       -
             value = "100.64.0.9";

     

       15
       -
           }

     

       16
       -
           {

     

       17
       -
             name = "jellyfin.vpn.${config.networking.domain}.";

     

       18
       -
             type = "A";

     

       19
       -
             value = "100.64.0.9";

     

       20
       -
           }

     

       21
       -
           {

     

       22
       -
             name = "nextcloud.vpn.${config.networking.domain}.";

     

       23
       -
             type = "A";

     

       24
       -
             value = "100.64.0.9";

     

       25
       -
           }

     

       26
       -
           {

     

       27
       -
             name = "transmission.vpn.${config.networking.domain}.";

     

       28
       -
             type = "A";

     

       29
       -
             value = "100.64.0.9";

     

       30
       -
           }

     

       31
       -
           {

     

       32
       -
             name = "owntracks.vpn.${config.networking.domain}.";

     

       33
       -
             type = "A";

     

       34
       -
             value = "100.64.0.9";

     

       35
       -
           }

     

       36
       -
           {

     

       37
       -
             name = "immich.vpn.${config.networking.domain}.";

     

       38
       -
             type = "A";

     

       39
       -
             value = "100.64.0.9";

     

       40
       -
           }

     

       41
       -
         ];

     

       42
       -
       in

     

       43
        
       {

     

       44
        
         imports = [

     

       45
        
           ./hardware-configuration.nix

     

       46
        
           ./minimal.nix

     

       47
       -
           ../../modules/colour-guesser.nix

     

       48
        
           ../../modules/ryan-website.nix

     

       49
        
           ../../modules/alec-website.nix

     

       50
        
           ../../modules/fn06-website.nix

     

       0
        
       
     

       51
        
         ];

     

       52
        
       

     

       53
       -
         age.secrets.eon-capnp = {

     

       54
       -
           file = ../../secrets/eon-capnp.age;

     

       55
       -
           mode = "770";

     

       56
       -
           owner = "eon";

     

       57
       -
           group = "eon";

     

       58
       -
         };

     

       59
       -
         age.secrets.eon-sirref-primary = {

     

       60
       -
           file = ../../secrets/eon-sirref-primary.cap.age;

     

       61
       -
           mode = "770";

     

       62
       -
           owner = "eon";

     

       63
       -
           group = "eon";

     

       64
       -
         };

     

       65
       -
         services.eon = {

     

       66
       -
           capnpSecretKeyFile = config.age.secrets.eon-capnp.path;

     

       67
       -
           primaries = [ config.age.secrets.eon-sirref-primary.path ];

     

       68
       -
           prod = true;

     

       69
       -
           capnpAddress = "135.181.100.27";

     

       70
       -
           logLevel = 0;

     

       71
       -
         };

     

       72
       -
       

     

       73
       -
         security.acme-eon = {

     

       74
       -
           acceptTerms = true;

     

       75
       -
           package = eon.defaultPackage.${config.nixpkgs.hostPlatform.system};

     

       76
       -
           defaults.email = "${config.custom.username}@${config.networking.domain}";

     

       77
       -
           defaults.capFile = "/var/lib/eon/caps/domain/freumh.org.cap";

     

       78
       -
           certs = {

     

       79
       -
             "fn06.org".capFile = "/var/lib/eon/caps/domain/fn06.org.cap";

     

       80
       -
             "capybara.fn06.org".capFile = "/var/lib/eon/caps/domain/fn06.org.cap";

     

       81
       -
           };

     

       82
       -
         };

     

       83
       -
       

     

       84
       -
         eilean = {

     

       85
       -
           username = config.custom.username;

     

       86
       -
           serverIpv4 = "135.181.100.27";

     

       87
       -
           serverIpv6 = "2a01:4f9:c011:87ad:0:0:0:0";

     

       88
       -
           acme-eon = true;

     

       89
       -
           fail2ban.enable = true;

     

       90
       -
         };

     

       91
       -
         networking.domain = lib.mkDefault "freumh.org";

     

       92
       -
         eilean.publicInterface = "enp1s0";

     

       93
       -
         eilean.mailserver.enable = true;

     

       94
       -
         eilean.radicale = {

     

       95
       -
           enable = true;

     

       96
       -
           users = null;

     

       97
       -
         };

     

       98
       -
         age.secrets.matrix-shared-secret = {

     

       99
       -
           file = ../../secrets/matrix-shared-secret.age;

     

       100
       -
           mode = "770";

     

       101
       -
           owner = "${config.systemd.services.matrix-synapse.serviceConfig.User}";

     

       102
       -
           group = "${config.systemd.services.matrix-synapse.serviceConfig.Group}";

     

       103
       -
         };

     

       104
       -
         eilean.matrix = {

     

       105
       -
           enable = true;

     

       106
       -
           registrationSecretFile = config.age.secrets.matrix-shared-secret.path;

     

       107
       -
           bridges.whatsapp = true;

     

       108
       -
           bridges.signal = true;

     

       109
       -
           bridges.instagram = true;

     

       110
       -
           bridges.messenger = true;

     

       111
       -
         };

     

       112
       -
         eilean.turn.enable = true;

     

       113
       -
         eilean.mastodon.enable = true;

     

       114
       -
         eilean.headscale.enable = true;

     

       115
       -
         #eilean.dns.enable = lib.mkForce false;

     

       116
       -
       

     

       117
       -
         systemd.services.matrix-as-meta = {

     

       118
       -
           # voice messages need `ffmpeg`

     

       119
       -
           path = [ pkgs.ffmpeg ];

     

       120
       -
         };

     

       121
       -
       

     

       122
       -
         custom = {

     

       123
       -
           freumh.enable = true;

     

       124
       -
           rmfakecloud.enable = true;

     

       125
       -
           website = {

     

       126
       -
             ryan = {

     

       127
       -
               enable = true;

     

       128
       -
               cname = "vps";

     

       129
       -
             };

     

       130
       -
             alec = {

     

       131
       -
               enable = true;

     

       132
       -
               cname = "vps";

     

       133
       -
             };

     

       134
       -
             fn06 = {

     

       135
       -
               enable = true;

     

       136
       -
               cname = "vps";

     

       137
       -
               domain = "fn06.org";

     

       138
       -
             };

     

       139
       -
             colour-guesser = {

     

       140
       -
               # enable = true;

     

       141
       -
               cname = "vps";

     

       142
       -
             };

     

       143
       -
           };

     

       144
       -
         };

     

       145
       -
       

     

       146
       -
         eilean.dns.nameservers = [ "ns1" ];

     

       147
       -
         eilean.services.dns.zones = {

     

       148
       -
           ${config.networking.domain} = {

     

       149
       -
             ttl = 300;

     

       150
       -
             soa = {

     

       151
       -
               serial = 2018011660;

     

       152
       -
               refresh = 300;

     

       153
       -
             };

     

       154
       -
             records = [

     

       155
       -
               {

     

       156
       -
                 name = "@";

     

       157
       -
                 type = "TXT";

     

       158
       -
                 value = "google-site-verification=rEvwSqf7RYKRQltY412qMtTuoxPp64O3L7jMotj9Jnc";

     

       159
       -
               }

     

       160
       -
               {

     

       161
       -
                 name = "_atproto.ryan";

     

       162
       -
                 type = "TXT";

     

       163
       -
                 value = "did=did:plc:3lfhu6ehlynzjgehef6alnvg";

     

       164
       -
               }

     

       165
       -
       

     

       166
       -
               {

     

       167
       -
                 name = "teapot";

     

       168
       -
                 type = "CNAME";

     

       169
       -
                 value = "vps";

     

       170
       -
               }

     

       171
       -
       

     

       172
       -
               {

     

       173
       -
                 name = "@";

     

       174
       -
                 type = "NS";

     

       175
       -
                 value = "ns1.sirref.org.";

     

       176
       -
               }

     

       177
       -
       

     

       178
       -
               {

     

       179
       -
                 name = "@";

     

       180
       -
                 type = "A";

     

       181
       -
                 value = config.eilean.serverIpv4;

     

       182
       -
               }

     

       183
       -
               {

     

       184
       -
                 name = "@";

     

       185
       -
                 type = "AAAA";

     

       186
       -
                 value = config.eilean.serverIpv6;

     

       187
       -
               }

     

       188
       -
               {

     

       189
       -
                 name = "vps";

     

       190
       -
                 type = "A";

     

       191
       -
                 value = config.eilean.serverIpv4;

     

       192
       -
               }

     

       193
       -
               {

     

       194
       -
                 name = "vps";

     

       195
       -
                 type = "AAAA";

     

       196
       -
                 value = config.eilean.serverIpv6;

     

       197
       -
               }

     

       198
       -
       

     

       199
       -
               {

     

       200
       -
                 name = "@";

     

       201
       -
                 type = "LOC";

     

       202
       -
                 value = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m";

     

       203
       -
               }

     

       204
       -
       

     

       205
       -
               {

     

       206
       -
                 name = "ns.cl";

     

       207
       -
                 type = "A";

     

       208
       -
                 value = "128.232.113.136";

     

       209
       -
               }

     

       210
       -
               {

     

       211
       -
                 name = "cl";

     

       212
       -
                 type = "NS";

     

       213
       -
                 value = "ns.cl";

     

       214
       -
               }

     

       215
       -
       

     

       216
       -
               {

     

       217
       -
                 name = "ns1.eilean";

     

       218
       -
                 type = "A";

     

       219
       -
                 value = "65.109.10.223";

     

       220
       -
               }

     

       221
       -
               {

     

       222
       -
                 name = "eilean";

     

       223
       -
                 type = "NS";

     

       224
       -
                 value = "ns1.eilean";

     

       225
       -
               }

     

       226
       -
       

     

       227
       -
               {

     

       228
       -
                 name = "shrew";

     

       229
       -
                 type = "CNAME";

     

       230
       -
                 value = "vps";

     

       231
       -
               }

     

       232
       -
       

     

       233
       -
               # generate with

     

       234
       -
               #   sudo openssl x509 -in /var/lib/acme/mail.freumh.org/fullchain.pem -pubkey -noout | openssl pkey -pubin -outform der | sha256sum | awk '{print "3 1 1", $1}'

     

       235
       -
               {

     

       236
       -
                 name = "_25._tcp.mail";

     

       237
       -
                 type = "TLSA";

     

       238
       -
                 value = "3 1 1 2f0fd413f063c75141937dd196a9f4ab66139d599e0dcf2a7ce6d557647e26a6";

     

       239
       -
               }

     

       240
       -
               # generate with

     

       241
       -
               #   for i in r3 e1 r4-cross-signed e2

     

       242
       -
               #   openssl x509 -in ~/downloads/lets-encrypt-$i.pem -pubkey -noout | openssl pkey -pubin -outform der | sha256sum | awk '{print "2 1 1", $1}'

     

       243
       -
               # LE R3

     

       244
       -
               {

     

       245
       -
                 name = "_25._tcp.mail";

     

       246
       -
                 type = "TLSA";

     

       247
       -
                 value = "2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d";

     

       248
       -
               }

     

       249
       -
               # LE E1

     

       250
       -
               {

     

       251
       -
                 name = "_25._tcp.mail";

     

       252
       -
                 type = "TLSA";

     

       253
       -
                 value = "2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10";

     

       254
       -
               }

     

       255
       -
               # LE R4

     

       256
       -
               {

     

       257
       -
                 name = "_25._tcp.mail";

     

       258
       -
                 type = "TLSA";

     

       259
       -
                 value = "2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03";

     

       260
       -
               }

     

       261
       -
               # LE E2

     

       262
       -
               {

     

       263
       -
                 name = "_25._tcp.mail";

     

       264
       -
                 type = "TLSA";

     

       265
       -
                 value = "2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270";

     

       266
       -
               }

     

       267
       -
             ] ++ vpnRecords;

     

       268
       -
           };

     

       269
       -
           "fn06.org" = {

     

       270
       -
             soa.serial = 1706745602;

     

       271
       -
             records = [

     

       272
       -
               {

     

       273
       -
                 name = "@";

     

       274
       -
                 type = "NS";

     

       275
       -
                 value = "ns1";

     

       276
       -
               }

     

       277
       -
               {

     

       278
       -
                 name = "@";

     

       279
       -
                 type = "NS";

     

       280
       -
                 value = "ns2";

     

       281
       -
               }

     

       282
       -
       

     

       283
       -
               {

     

       284
       -
                 name = "ns1";

     

       285
       -
                 type = "A";

     

       286
       -
                 value = config.eilean.serverIpv4;

     

       287
       -
               }

     

       288
       -
               {

     

       289
       -
                 name = "ns1";

     

       290
       -
                 type = "AAAA";

     

       291
       -
                 value = config.eilean.serverIpv6;

     

       292
       -
               }

     

       293
       -
               {

     

       294
       -
                 name = "ns2";

     

       295
       -
                 type = "A";

     

       296
       -
                 value = config.eilean.serverIpv4;

     

       297
       -
               }

     

       298
       -
               {

     

       299
       -
                 name = "ns2";

     

       300
       -
                 type = "AAAA";

     

       301
       -
                 value = config.eilean.serverIpv6;

     

       302
       -
               }

     

       303
       -
       

     

       304
       -
               {

     

       305
       -
                 name = "@";

     

       306
       -
                 type = "A";

     

       307
       -
                 value = config.eilean.serverIpv4;

     

       308
       -
               }

     

       309
       -
               {

     

       310
       -
                 name = "@";

     

       311
       -
                 type = "AAAA";

     

       312
       -
                 value = config.eilean.serverIpv6;

     

       313
       -
               }

     

       314
       -
       

     

       315
       -
               {

     

       316
       -
                 name = "www.fn06.org.";

     

       317
       -
                 type = "CNAME";

     

       318
       -
                 value = "fn06.org.";

     

       319
       -
               }

     

       320
       -
       

     

       321
       -
               {

     

       322
       -
                 name = "@";

     

       323
       -
                 type = "LOC";

     

       324
       -
                 value = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m";

     

       325
       -
               }

     

       326
       -
       

     

       327
       -
               {

     

       328
       -
                 name = "capybara.fn06.org.";

     

       329
       -
                 type = "CNAME";

     

       330
       -
                 value = "fn06.org.";

     

       331
       -
               }

     

       332
       -
       

     

       333
       -
               {

     

       334
       -
                 name = "jellyfin.${config.networking.domain}.";

     

       335
       -
                 type = "A";

     

       336
       -
                 # TODO dynamic update

     

       337
       -
                 value = "81.153.45.163";

     

       338
       -
               }

     

       339
       -
               {

     

       340
       -
                 name = "jellyseerr.${config.networking.domain}.";

     

       341
       -
                 type = "A";

     

       342
       -
                 # TODO dynamic update

     

       343
       -
                 value = "81.153.45.163";

     

       344
       -
               }

     

       345
       -
             ];

     

       346
       -
           };

     

       347
       -
         };

     

       348
       -
         services.bind.zones.${config.networking.domain}.extraConfig =

     

       349
       -
           ''

     

       350
       -
             dnssec-policy default;

     

       351
       -
             inline-signing yes;

     

       352
       -
             journal "${config.services.bind.directory}/${config.networking.domain}.signed.jnl";

     

       353
       -
           ''

     

       354
       -
           +

     

       355
       -
             # dig ns org +short | xargs dig +short

     

       356
       -
             # replace with `checkds true;` in bind 9.20

     

       357
       -
             ''

     

       358
       -
               parental-agents {

     

       359
       -
                 199.19.56.1;

     

       360
       -
                 199.249.112.1;

     

       361
       -
                 199.19.54.1;

     

       362
       -
                 199.249.120.1;

     

       363
       -
                 199.19.53.1;

     

       364
       -
                 199.19.57.1;

     

       365
       -
               };

     

       366
       -
             '';

     

       367
       -
       

     

       368
       -
         services.nginx.commonHttpConfig = ''

     

       369
       -
           add_header Strict-Transport-Security max-age=31536000 always;

     

       370
       -
           add_header X-Frame-Options SAMEORIGIN always;

     

       371
       -
           add_header X-Content-Type-Options nosniff always;

     

       372
       -
           add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; base-uri 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self';" always;

     

       373
       -
           add_header Referrer-Policy 'same-origin';

     

       374
       -
         '';

     

       375
       -
         services.nginx.virtualHosts."teapot.${config.networking.domain}" = {

     

       376
       -
           extraConfig = ''

     

       377
       -
             return 418;

     

       378
       -
           '';

     

       379
       -
         };

     

       380
       -
         age.secrets.website-phd = {

     

       381
       -
           file = ../../secrets/website-phd.age;

     

       382
       -
           mode = "770";

     

       383
       -
           owner = "${config.systemd.services.nginx.serviceConfig.User}";

     

       384
       -
           group = "${config.systemd.services.nginx.serviceConfig.Group}";

     

       385
       -
         };

     

       386
       -
         services.nginx.virtualHosts."${config.custom.website.ryan.domain}" = {

     

       387
       -
           locations."/phd/" = {

     

       388
       -
             basicAuthFile = config.age.secrets.website-phd.path;

     

       389
       -
           };

     

       390
       -
         };

     

       391
       -
       

     

       392
       -
         security.acme-eon.nginxCerts = [

     

       393
       -
           "capybara.fn06.org"

     

       394
       -
           "shrew.freumh.org"

     

       395
        
         ];

     

       396
       -
         services.nginx.virtualHosts."capybara.fn06.org" = {

     

       397
       -
           forceSSL = true;

     

       398
       -
           locations."/" = {

     

       399
       -
             proxyPass = ''

     

       400
       -
               http://100.64.0.10:8123

     

       401
       -
             '';

     

       402
       -
             proxyWebsockets = true;

     

       403
       -
           };

     

       404
       -
         };

     

       405
       -
         services.nginx.virtualHosts."shrew.freumh.org" = {

     

       406
       -
           forceSSL = true;

     

       407
       -
           locations."/" = {

     

       408
       -
             # need to specify ip or there's a bootstrap problem with headscale

     

       409
       -
             proxyPass = ''

     

       410
       -
               http://100.64.0.6:8123

     

       411
       -
             '';

     

       412
       -
             proxyWebsockets = true;

     

       413
       -
           };

     

       414
       -
         };

     

       415
       -
       

     

       416
       -
         services.mastodon = {

     

       417
       -
           webProcesses = lib.mkForce 1;

     

       418
       -
           webThreads = lib.mkForce 1;

     

       419
       -
           sidekiqThreads = lib.mkForce 1;

     

       420
       -
           streamingProcesses = lib.mkForce 1;

     

       421
       -
         };

     

       422
       -
       

     

       423
       -
         boot.kernel.sysctl = {

     

       424
       -
           "net.ipv4.ip_forward" = 1;

     

       425
       -
           "net.ipv6.conf.all.forwarding" = 1;

     

       426
       -
         };

     

       427
       -
       

     

       428
       -
         services.headscale.settings.dns = {

     

       429
       -
           extra_records = vpnRecords;

     

       430
       -
           base_domain = "vpn.freumh.org";

     

       431
       -
           nameservers.global = config.networking.nameservers;

     

       432
       -
         };

     

       433
       -
       

     

       434
       -
         age.secrets.restic-owl.file = ../../secrets/restic-owl.age;

     

       435
       -
         services.restic.backups.${config.networking.hostName} = {

     

       436
       -
           repository = "rest:http://100.64.0.9:8000/${config.networking.hostName}/";

     

       437
       -
           passwordFile = config.age.secrets.restic-owl.path;

     

       438
       -
           initialize = true;

     

       439
       -
           paths = [

     

       440
       -
             "/var/"

     

       441
       -
             "/run/"

     

       442
       -
             "/etc/"

     

       443
       -
           ];

     

       444
       -
           timerConfig = {

     

       445
       -
             OnCalendar = "03:00";

     

       446
       -
             randomizedDelaySec = "1hr";

     

       447
       -
           };

     

       448
       -
         };

     

       449
        
       

     

       450
        
         nix = {

     

       451
        
           gc = {

     
···

       456
        
           };

     

       457
        
         };

     

       458
        
       

     

       459
       -
         age.secrets.email-ryan.file = ../../secrets/email-ryan.age;

     

       460
       -
         age.secrets.email-system.file = ../../secrets/email-system.age;

     

       461
       -
         eilean.mailserver.systemAccountPasswordFile = config.age.secrets.email-system.path;

     

       462
       -
         mailserver.loginAccounts = {

     

       463
       -
           "${config.eilean.username}@${config.networking.domain}" = {

     

       464
       -
             passwordFile = config.age.secrets.email-ryan.path;

     

       465
       -
             aliases = [

     

       466
       -
               "dns@${config.networking.domain}"

     

       467
       -
               "postmaster@${config.networking.domain}"

     

       468
       -
             ];

     

       469
       -
             sieveScript = ''

     

       470
       -
               require ["fileinto", "mailbox"];

     

       471
       -
       

     

       472
       -
               if header :contains ["to", "cc"] ["~rjarry/aerc-discuss@lists.sr.ht"] {

     

       473
       -
                 fileinto :create "lists.aerc";

     

       474
       -
                 stop;

     

       475
       -
               }

     

       476
       -
             '';

     

       477
       -
           };

     

       478
       -
           "misc@${config.networking.domain}" = {

     

       479
       -
             passwordFile = config.age.secrets.email-ryan.path;

     

       480
       -
             catchAll = [ "${config.networking.domain}" ];

     

       481
       -
           };

     

       482
       -
           "system@${config.networking.domain}" = {

     

       483
       -
             aliases = [ "nas@${config.networking.domain}" ];

     

       484
       -
           };

     

       485
       -
         };

     

       486
       -
       

     

       487
       -
         services.minecraft-server = {

     

       488
       -
           enable = true;

     

       489
       -
           package = pkgs.overlay-unstable.minecraft-server;

     

       490
       -
           eula = true;

     

       491
       -
           openFirewall = true;

     

       492
       -
         };

     

       493
       -
       

     

       494
       -
         networking.firewall.allowedTCPPorts = [ 7001 ];

     

       495
        
       }

···

       1
        
       {

     

       2
        
         pkgs,

     

       0
        
       
     

       3
        
         lib,

     

       0
        
       
     

       4
        
         ...

     

       5
        
       }@inputs:

     

       6
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       7
        
       {

     

       8
        
         imports = [

     

       9
        
           ./hardware-configuration.nix

     

       10
        
           ./minimal.nix

     

       11
       +
           ./services.nix

     

       12
        
           ../../modules/ryan-website.nix

     

       13
        
           ../../modules/alec-website.nix

     

       14
        
           ../../modules/fn06-website.nix

     

       15
       +
           inputs.tangled.nixosModules.knotserver

     

       16
        
         ];

     

       17
        
       

     

       18
       +
         environment.systemPackages = with pkgs; [

     

       19
       +
           nixd

     

       20
       +
           nixfmt-rfc-style

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       21
        
         ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
       

     

       23
        
         nix = {

     

       24
        
           gc = {

     
···

       29
        
           };

     

       30
        
         };

     

       31
        
       

     

       32
       +
         services.openssh.openFirewall = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       33
        
       }

-3

hosts/owl/minimal.nix

+518

hosts/owl/services.nix

···

       1
       +
       {

     

       2
       +
         pkgs,

     

       3
       +
         config,

     

       4
       +
         lib,

     

       5
       +
         eon,

     

       6
       +
         ...

     

       7
       +
       }:

     

       8
       +
       

     

       9
       +
       let

     

       10
       +
         vpnRecords = [

     

       11
       +
           {

     

       12
       +
             name = "nix-cache.vpn.${config.networking.domain}.";

     

       13
       +
             type = "A";

     

       14
       +
             value = "100.64.0.9";

     

       15
       +
           }

     

       16
       +
           {

     

       17
       +
             name = "jellyfin.vpn.${config.networking.domain}.";

     

       18
       +
             type = "A";

     

       19
       +
             value = "100.64.0.9";

     

       20
       +
           }

     

       21
       +
           {

     

       22
       +
             name = "nextcloud.vpn.${config.networking.domain}.";

     

       23
       +
             type = "A";

     

       24
       +
             value = "100.64.0.9";

     

       25
       +
           }

     

       26
       +
           {

     

       27
       +
             name = "transmission.vpn.${config.networking.domain}.";

     

       28
       +
             type = "A";

     

       29
       +
             value = "100.64.0.9";

     

       30
       +
           }

     

       31
       +
           {

     

       32
       +
             name = "owntracks.vpn.${config.networking.domain}.";

     

       33
       +
             type = "A";

     

       34
       +
             value = "100.64.0.9";

     

       35
       +
           }

     

       36
       +
           {

     

       37
       +
             name = "immich.vpn.${config.networking.domain}.";

     

       38
       +
             type = "A";

     

       39
       +
             value = "100.64.0.9";

     

       40
       +
           }

     

       41
       +
           {

     

       42
       +
             name = "audiobookshelf.vpn.${config.networking.domain}.";

     

       43
       +
             type = "A";

     

       44
       +
             value = "100.64.0.9";

     

       45
       +
           }

     

       46
       +
         ];

     

       47
       +
       in

     

       48
       +
       {

     

       49
       +
         # eilean

     

       50
       +
         networking.domain = lib.mkDefault "freumh.org";

     

       51
       +
         eilean = {

     

       52
       +
           username = config.custom.username;

     

       53
       +
           serverIpv4 = "135.181.100.27";

     

       54
       +
           serverIpv6 = "2a01:4f9:c011:87ad:0:0:0:0";

     

       55
       +
           publicInterface = "enp1s0";

     

       56
       +
           fail2ban.enable = true;

     

       57
       +
         };

     

       58
       +
       

     

       59
       +
         # eon

     

       60
       +
         age.secrets.eon-capnp = {

     

       61
       +
           file = ../../secrets/eon-capnp.age;

     

       62
       +
           mode = "660";

     

       63
       +
           owner = "eon";

     

       64
       +
           group = "eon";

     

       65
       +
         };

     

       66
       +
         age.secrets.eon-sirref-primary = {

     

       67
       +
           file = ../../secrets/eon-sirref-primary.cap.age;

     

       68
       +
           mode = "660";

     

       69
       +
           owner = "eon";

     

       70
       +
           group = "eon";

     

       71
       +
         };

     

       72
       +
         services.eon = {

     

       73
       +
           capnpSecretKeyFile = config.age.secrets.eon-capnp.path;

     

       74
       +
           primaries = [ config.age.secrets.eon-sirref-primary.path ];

     

       75
       +
           prod = true;

     

       76
       +
           capnpAddress = "135.181.100.27";

     

       77
       +
           logLevel = 0;

     

       78
       +
         };

     

       79
       +
       

     

       80
       +
         # certificates

     

       81
       +
         eilean.acme-eon = true;

     

       82
       +
         security.acme-eon = {

     

       83
       +
           acceptTerms = true;

     

       84
       +
           package = eon.defaultPackage.${config.nixpkgs.hostPlatform.system};

     

       85
       +
           defaults.email = "${config.custom.username}@${config.networking.domain}";

     

       86
       +
           defaults.capFile = "/var/lib/eon/caps/domain/freumh.org.cap";

     

       87
       +
           certs = {

     

       88
       +
             "fn06.org".capFile = "/var/lib/eon/caps/domain/fn06.org.cap";

     

       89
       +
             "capybara.fn06.org".capFile = "/var/lib/eon/caps/domain/fn06.org.cap";

     

       90
       +
           };

     

       91
       +
         };

     

       92
       +
         security.acme-eon.nginxCerts = [

     

       93
       +
           "capybara.fn06.org"

     

       94
       +
           "shrew.freumh.org"

     

       95
       +
           "knot.freumh.org"

     

       96
       +
           "enki.freumh.org"

     

       97
       +
         ];

     

       98
       +
       

     

       99
       +
         # VPN

     

       100
       +
         eilean.headscale.enable = true;

     

       101
       +
         services.headscale.settings.dns = {

     

       102
       +
           extra_records = vpnRecords;

     

       103
       +
           base_domain = "vpn.freumh.org";

     

       104
       +
           nameservers.global = config.networking.nameservers;

     

       105
       +
         };

     

       106
       +
         boot.kernel.sysctl = {

     

       107
       +
           "net.ipv4.ip_forward" = 1;

     

       108
       +
           "net.ipv6.conf.all.forwarding" = 1;

     

       109
       +
         };

     

       110
       +
       

     

       111
       +
         # websites

     

       112
       +
         custom = {

     

       113
       +
           freumh.enable = true;

     

       114
       +
           rmfakecloud.enable = true;

     

       115
       +
           website = {

     

       116
       +
             ryan = {

     

       117
       +
               enable = true;

     

       118
       +
               cname = "vps";

     

       119
       +
             };

     

       120
       +
             alec = {

     

       121
       +
               enable = true;

     

       122
       +
               cname = "vps";

     

       123
       +
             };

     

       124
       +
             fn06 = {

     

       125
       +
               enable = true;

     

       126
       +
               cname = "vps";

     

       127
       +
               domain = "fn06.org";

     

       128
       +
             };

     

       129
       +
           };

     

       130
       +
         };

     

       131
       +
         services.nginx.commonHttpConfig = ''

     

       132
       +
           add_header Strict-Transport-Security max-age=31536000 always;

     

       133
       +
           add_header X-Frame-Options SAMEORIGIN always;

     

       134
       +
           add_header X-Content-Type-Options nosniff always;

     

       135
       +
           add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; base-uri 'self'; frame-src 'self'; frame-ancestors 'self'; form-action 'self';" always;

     

       136
       +
           add_header Referrer-Policy 'same-origin';

     

       137
       +
         '';

     

       138
       +
         services.nginx.virtualHosts."teapot.${config.networking.domain}" = {

     

       139
       +
           extraConfig = ''

     

       140
       +
             return 418;

     

       141
       +
           '';

     

       142
       +
         };

     

       143
       +
       

     

       144
       +
         # mailserver

     

       145
       +
         eilean.mailserver.enable = true;

     

       146
       +
         age.secrets.email-ryan.file = ../../secrets/email-ryan.age;

     

       147
       +
         age.secrets.email-system.file = ../../secrets/email-system.age;

     

       148
       +
         eilean.mailserver.systemAccountPasswordFile = config.age.secrets.email-system.path;

     

       149
       +
         mailserver.loginAccounts = {

     

       150
       +
           "${config.eilean.username}@${config.networking.domain}" = {

     

       151
       +
             passwordFile = config.age.secrets.email-ryan.path;

     

       152
       +
             aliases = [

     

       153
       +
               "dns@${config.networking.domain}"

     

       154
       +
               "postmaster@${config.networking.domain}"

     

       155
       +
             ];

     

       156
       +
             sieveScript = ''

     

       157
       +
               require ["fileinto", "mailbox"];

     

       158
       +
       

     

       159
       +
               if header :contains ["to", "cc"] ["ai-control@ietf.org"] {

     

       160
       +
                 fileinto :create "lists.aietf";

     

       161
       +
                 stop;

     

       162
       +
               }

     

       163
       +
             '';

     

       164
       +
           };

     

       165
       +
           "misc@${config.networking.domain}" = {

     

       166
       +
             passwordFile = config.age.secrets.email-ryan.path;

     

       167
       +
             catchAll = [ "${config.networking.domain}" ];

     

       168
       +
           };

     

       169
       +
           "system@${config.networking.domain}" = {

     

       170
       +
             aliases = [ "nas@${config.networking.domain}" ];

     

       171
       +
           };

     

       172
       +
         };

     

       173
       +
       

     

       174
       +
         # CalDAV calendar server

     

       175
       +
         eilean.radicale = {

     

       176
       +
           enable = true;

     

       177
       +
           users = null;

     

       178
       +
         };

     

       179
       +
       

     

       180
       +
         # matrix

     

       181
       +
         age.secrets.matrix-shared-secret = {

     

       182
       +
           file = ../../secrets/matrix-shared-secret.age;

     

       183
       +
           mode = "770";

     

       184
       +
           owner = "${config.systemd.services.matrix-synapse.serviceConfig.User}";

     

       185
       +
           group = "${config.systemd.services.matrix-synapse.serviceConfig.Group}";

     

       186
       +
         };

     

       187
       +
         eilean.matrix = {

     

       188
       +
           enable = true;

     

       189
       +
           registrationSecretFile = config.age.secrets.matrix-shared-secret.path;

     

       190
       +
           bridges.whatsapp = true;

     

       191
       +
           bridges.signal = true;

     

       192
       +
           bridges.instagram = true;

     

       193
       +
           bridges.messenger = true;

     

       194
       +
         };

     

       195
       +
         eilean.turn.enable = true;

     

       196
       +
         systemd.services.matrix-as-meta = {

     

       197
       +
           path = [ pkgs.ffmpeg ];

     

       198
       +
         };

     

       199
       +
       

     

       200
       +
         # mastodon

     

       201
       +
         eilean.mastodon.enable = true;

     

       202
       +
         services.mastodon = {

     

       203
       +
           webProcesses = lib.mkForce 1;

     

       204
       +
           webThreads = lib.mkForce 1;

     

       205
       +
           sidekiqThreads = lib.mkForce 1;

     

       206
       +
           streamingProcesses = lib.mkForce 1;

     

       207
       +
         };

     

       208
       +
       

     

       209
       +
         # restic

     

       210
       +
         age.secrets.restic-owl.file = ../../secrets/restic-owl.age;

     

       211
       +
         services.restic.backups.${config.networking.hostName} = {

     

       212
       +
           repository = "rest:http://100.64.0.9:8000/${config.networking.hostName}/";

     

       213
       +
           passwordFile = config.age.secrets.restic-owl.path;

     

       214
       +
           initialize = true;

     

       215
       +
           paths = [

     

       216
       +
             "/var/"

     

       217
       +
             "/run/"

     

       218
       +
             "/etc/"

     

       219
       +
           ];

     

       220
       +
           timerConfig = {

     

       221
       +
             OnCalendar = "03:00";

     

       222
       +
             randomizedDelaySec = "1hr";

     

       223
       +
           };

     

       224
       +
         };

     

       225
       +
       

     

       226
       +
         # reverse proxy

     

       227
       +
         services.nginx.virtualHosts."capybara.fn06.org" = {

     

       228
       +
           forceSSL = true;

     

       229
       +
           locations."/" = {

     

       230
       +
             proxyPass = ''

     

       231
       +
               http://100.64.0.10:8123

     

       232
       +
             '';

     

       233
       +
             proxyWebsockets = true;

     

       234
       +
           };

     

       235
       +
         };

     

       236
       +
         services.nginx.virtualHosts."shrew.freumh.org" = {

     

       237
       +
           forceSSL = true;

     

       238
       +
           locations."/" = {

     

       239
       +
             proxyPass = ''

     

       240
       +
               http://100.64.0.6:8123

     

       241
       +
             '';

     

       242
       +
             proxyWebsockets = true;

     

       243
       +
           };

     

       244
       +
         };

     

       245
       +
       

     

       246
       +
         # tangled

     

       247
       +
         age.secrets.tangled = {

     

       248
       +
           file = ../../secrets/tangled.age;

     

       249
       +
           mode = "660";

     

       250
       +
           owner = "git";

     

       251
       +
           group = "git";

     

       252
       +
         };

     

       253
       +
         services.tangled-knotserver = {

     

       254
       +
           enable = true;

     

       255
       +
           repo.mainBranch = "master";

     

       256
       +
           server.hostname = "knot.freumh.org";

     

       257
       +
           server = {

     

       258
       +
             secretFile = config.age.secrets.tangled.path;

     

       259
       +
             listenAddr = "127.0.0.1:5555";

     

       260
       +
             internalListenAddr = "127.0.0.1:5444";

     

       261
       +
           };

     

       262
       +
         };

     

       263
       +
         services.nginx.virtualHosts."knot.freumh.org" = {

     

       264
       +
           forceSSL = true;

     

       265
       +
           locations."/" = {

     

       266
       +
             proxyPass = ''

     

       267
       +
               http://${config.services.tangled-knotserver.server.listenAddr}

     

       268
       +
             '';

     

       269
       +
             proxyWebsockets = true;

     

       270
       +
           };

     

       271
       +
         };

     

       272
       +
       

     

       273
       +
         services.nginx.virtualHosts."enki.freumh.org" = {

     

       274
       +
           forceSSL = true;

     

       275
       +
           locations."/" = {

     

       276
       +
             proxyPass = ''

     

       277
       +
               http://localhost:8000

     

       278
       +
             '';

     

       279
       +
             proxyWebsockets = true;

     

       280
       +
             extraConfig = ''

     

       281
       +
               # SSE-specific settings

     

       282
       +
               proxy_buffering off;

     

       283
       +
               proxy_read_timeout 3600s;

     

       284
       +
               proxy_send_timeout 3600s;

     

       285
       +
               proxy_connect_timeout 60s;

     

       286
       +
       

     

       287
       +
               # Forward headers

     

       288
       +
               proxy_set_header Connection "";

     

       289
       +
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

     

       290
       +
               proxy_set_header X-Forwarded-Proto $scheme;

     

       291
       +
               proxy_set_header Host $host;

     

       292
       +
             '';

     

       293
       +
           };

     

       294
       +
         };

     

       295
       +
       

     

       296
       +
         # minecraft server

     

       297
       +
         services.minecraft-server = {

     

       298
       +
           enable = true;

     

       299
       +
           package = pkgs.overlay-unstable.minecraft-server;

     

       300
       +
           eula = true;

     

       301
       +
           openFirewall = true;

     

       302
       +
         };

     

       303
       +
       

     

       304
       +
         # DNS records

     

       305
       +
         eilean.dns.nameservers = [ "ns1" ];

     

       306
       +
         eilean.services.dns.zones = {

     

       307
       +
           ${config.networking.domain} = {

     

       308
       +
             ttl = 300;

     

       309
       +
             soa = {

     

       310
       +
               serial = 2018011660;

     

       311
       +
               refresh = 300;

     

       312
       +
             };

     

       313
       +
             records = [

     

       314
       +
               {

     

       315
       +
                 name = "@";

     

       316
       +
                 type = "TXT";

     

       317
       +
                 value = "google-site-verification=rEvwSqf7RYKRQltY412qMtTuoxPp64O3L7jMotj9Jnc";

     

       318
       +
               }

     

       319
       +
               {

     

       320
       +
                 name = "_atproto.ryan";

     

       321
       +
                 type = "TXT";

     

       322
       +
                 value = "did=did:plc:3lfhu6ehlynzjgehef6alnvg";

     

       323
       +
               }

     

       324
       +
       

     

       325
       +
               {

     

       326
       +
                 name = "teapot";

     

       327
       +
                 type = "CNAME";

     

       328
       +
                 value = "vps";

     

       329
       +
               }

     

       330
       +
       

     

       331
       +
               {

     

       332
       +
                 name = "@";

     

       333
       +
                 type = "ns";

     

       334
       +
                 value = "ns1.sirref.org.";

     

       335
       +
               }

     

       336
       +
       

     

       337
       +
               {

     

       338
       +
                 name = "vps";

     

       339
       +
                 type = "A";

     

       340
       +
                 value = config.eilean.serverIpv4;

     

       341
       +
               }

     

       342
       +
               {

     

       343
       +
                 name = "vps";

     

       344
       +
                 type = "AAAA";

     

       345
       +
                 value = config.eilean.serverIpv6;

     

       346
       +
               }

     

       347
       +
       

     

       348
       +
               {

     

       349
       +
                 name = "@";

     

       350
       +
                 type = "LOC";

     

       351
       +
                 value = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m";

     

       352
       +
               }

     

       353
       +
       

     

       354
       +
               {

     

       355
       +
                 name = "ns.cl";

     

       356
       +
                 type = "A";

     

       357
       +
                 value = "128.232.113.136";

     

       358
       +
               }

     

       359
       +
               {

     

       360
       +
                 name = "cl";

     

       361
       +
                 type = "NS";

     

       362
       +
                 value = "ns.cl";

     

       363
       +
               }

     

       364
       +
       

     

       365
       +
               {

     

       366
       +
                 name = "ns1.eilean";

     

       367
       +
                 type = "A";

     

       368
       +
                 value = "65.109.10.223";

     

       369
       +
               }

     

       370
       +
               {

     

       371
       +
                 name = "eilean";

     

       372
       +
                 type = "NS";

     

       373
       +
                 value = "ns1.eilean";

     

       374
       +
               }

     

       375
       +
       

     

       376
       +
               {

     

       377
       +
                 name = "shrew";

     

       378
       +
                 type = "CNAME";

     

       379
       +
                 value = "vps";

     

       380
       +
               }

     

       381
       +
       

     

       382
       +
               {

     

       383
       +
                 name = "knot";

     

       384
       +
                 type = "CNAME";

     

       385
       +
                 value = "vps";

     

       386
       +
               }

     

       387
       +
       

     

       388
       +
               {

     

       389
       +
                 name = "enki";

     

       390
       +
                 type = "CNAME";

     

       391
       +
                 value = "vps";

     

       392
       +
               }

     

       393
       +
       

     

       394
       +
               {

     

       395
       +
                 name = "hippo";

     

       396
       +
                 type = "A";

     

       397
       +
                 value = "128.232.124.251";

     

       398
       +
               }

     

       399
       +
       

     

       400
       +
               # generate with

     

       401
       +
               #   sudo openssl x509 -in /var/lib/acme/mail.freumh.org/fullchain.pem -pubkey -noout | openssl pkey -pubin -outform der | sha256sum | awk '{print "3 1 1", $1}'

     

       402
       +
               {

     

       403
       +
                 name = "_25._tcp.mail";

     

       404
       +
                 type = "TLSA";

     

       405
       +
                 value = "3 1 1 2f0fd413f063c75141937dd196a9f4ab66139d599e0dcf2a7ce6d557647e26a6";

     

       406
       +
               }

     

       407
       +
               # generate with

     

       408
       +
               #   for i in r3 e1 r4-cross-signed e2

     

       409
       +
               #   openssl x509 -in ~/downloads/lets-encrypt-$i.pem -pubkey -noout | openssl pkey -pubin -outform der | sha256sum | awk '{print "2 1 1", $1}'

     

       410
       +
               # LE R3

     

       411
       +
               {

     

       412
       +
                 name = "_25._tcp.mail";

     

       413
       +
                 type = "TLSA";

     

       414
       +
                 value = "2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d";

     

       415
       +
               }

     

       416
       +
               # LE E1

     

       417
       +
               {

     

       418
       +
                 name = "_25._tcp.mail";

     

       419
       +
                 type = "TLSA";

     

       420
       +
                 value = "2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10";

     

       421
       +
               }

     

       422
       +
               # LE R4

     

       423
       +
               {

     

       424
       +
                 name = "_25._tcp.mail";

     

       425
       +
                 type = "TLSA";

     

       426
       +
                 value = "2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03";

     

       427
       +
               }

     

       428
       +
               # LE E2

     

       429
       +
               {

     

       430
       +
                 name = "_25._tcp.mail";

     

       431
       +
                 type = "TLSA";

     

       432
       +
                 value = "2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270";

     

       433
       +
               }

     

       434
       +
       

     

       435
       +
               {

     

       436
       +
                 name = "jellyfin";

     

       437
       +
                 type = "AAAA";

     

       438
       +
                 value = "2a00:23c6:aa22:e401:8dff:9b9a:cb3c:3fcb";

     

       439
       +
               }

     

       440
       +
               {

     

       441
       +
                 name = "jellyseerr";

     

       442
       +
                 type = "AAAA";

     

       443
       +
                 value = "2a00:23c6:aa22:e401:8dff:9b9a:cb3c:3fcb";

     

       444
       +
               }

     

       445
       +
               {

     

       446
       +
                 name = "calibre";

     

       447
       +
                 type = "AAAA";

     

       448
       +
                 value = "2a00:23c6:aa22:e401:8dff:9b9a:cb3c:3fcb";

     

       449
       +
               }

     

       450
       +
             ] ++ vpnRecords;

     

       451
       +
           };

     

       452
       +
           "fn06.org" = {

     

       453
       +
             soa.serial = 1706745602;

     

       454
       +
             records = [

     

       455
       +
               {

     

       456
       +
                 name = "@";

     

       457
       +
                 type = "NS";

     

       458
       +
                 value = "ns1";

     

       459
       +
               }

     

       460
       +
               {

     

       461
       +
                 name = "@";

     

       462
       +
                 type = "NS";

     

       463
       +
                 value = "ns2";

     

       464
       +
               }

     

       465
       +
       

     

       466
       +
               {

     

       467
       +
                 name = "ns1";

     

       468
       +
                 type = "A";

     

       469
       +
                 value = config.eilean.serverIpv4;

     

       470
       +
               }

     

       471
       +
               {

     

       472
       +
                 name = "ns1";

     

       473
       +
                 type = "AAAA";

     

       474
       +
                 value = config.eilean.serverIpv6;

     

       475
       +
               }

     

       476
       +
               {

     

       477
       +
                 name = "ns2";

     

       478
       +
                 type = "A";

     

       479
       +
                 value = config.eilean.serverIpv4;

     

       480
       +
               }

     

       481
       +
               {

     

       482
       +
                 name = "ns2";

     

       483
       +
                 type = "AAAA";

     

       484
       +
                 value = config.eilean.serverIpv6;

     

       485
       +
               }

     

       486
       +
       

     

       487
       +
               {

     

       488
       +
                 name = "@";

     

       489
       +
                 type = "A";

     

       490
       +
                 value = config.eilean.serverIpv4;

     

       491
       +
               }

     

       492
       +
               {

     

       493
       +
                 name = "@";

     

       494
       +
                 type = "AAAA";

     

       495
       +
                 value = config.eilean.serverIpv6;

     

       496
       +
               }

     

       497
       +
       

     

       498
       +
               {

     

       499
       +
                 name = "www.fn06.org.";

     

       500
       +
                 type = "CNAME";

     

       501
       +
                 value = "fn06.org.";

     

       502
       +
               }

     

       503
       +
       

     

       504
       +
               {

     

       505
       +
                 name = "@";

     

       506
       +
                 type = "LOC";

     

       507
       +
                 value = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m";

     

       508
       +
               }

     

       509
       +
       

     

       510
       +
               {

     

       511
       +
                 name = "capybara.fn06.org.";

     

       512
       +
                 type = "CNAME";

     

       513
       +
                 value = "fn06.org.";

     

       514
       +
               }

     

       515
       +
             ];

     

       516
       +
           };

     

       517
       +
         };

     

       518
       +
       }

+2 -15

hosts/vulpine/default.nix

···

       20
        
           services.kdeconnect.enable = true;

     

       21
        
           custom = {

     

       22
        
             machineColour = "magenta";

     

       23
       -
             nvim-lsps = true;

     

       24
       -
             mail.enable = true;

     

       25
        
             calendar.enable = true;

     

       26
        
             battery.enable = true;

     

       27
        
           };

     

       28
        
           home.sessionVariables = {

     

       29
       -
             LEDGER_FILE = ''~/vault/ledger/`date "+%Y"`.ledger'';

     

       30
        
           };

     

       31
        
         };

     

       32
        
       

     
···

       60
        
           nix-prefetch-git

     

       61
        
           tcpdump

     

       62
        
           pandoc

     

       63
       -
           ranger

     

       64
       -
           bluetuith

     

       65
       -
           powertop

     

       66
        
           ledger

     

       67
        
         ];

     

       68
        
       

     
···

       70
        
           Defaults !tty_tickets

     

       71
        
         '';

     

       72
        
       

     

       73
       -
         services = {

     

       74
       -
           syncthing = {

     

       75
       -
             enable = true;

     

       76
       -
             user = config.custom.username;

     

       77
       -
             dataDir = "/home/ryan/syncthing";

     

       78
       -
             configDir = "/home/ryan/.config/syncthing";

     

       79
       -
           };

     

       80
       -
         };

     

       81
       -
       

     

       82
        
         services.avahi.enable = true;

     

       83
        
       

     

       84
        
         programs.steam.enable = true;

     

       85
        
       

     

       86
        
         specialisation.nvidia.configuration = {

     

       87
        
           services.xserver.videoDrivers = [ "nvidia" ];

     

       0
        
       
     

       88
        
         };

     

       89
        
       }

···

       20
        
           services.kdeconnect.enable = true;

     

       21
        
           custom = {

     

       22
        
             machineColour = "magenta";

     

       0
        
       
     

       0
        
       
     

       23
        
             calendar.enable = true;

     

       24
        
             battery.enable = true;

     

       25
        
           };

     

       26
        
           home.sessionVariables = {

     

       27
       +
             LEDGER_FILE = "~/vault/finances.ledger";

     

       28
        
           };

     

       29
        
         };

     

       30
        
       

     
···

       58
        
           nix-prefetch-git

     

       59
        
           tcpdump

     

       60
        
           pandoc

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       61
        
           ledger

     

       62
        
         ];

     

       63
        
       

     
···

       65
        
           Defaults !tty_tickets

     

       66
        
         '';

     

       67
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       68
        
         services.avahi.enable = true;

     

       69
        
       

     

       70
        
         programs.steam.enable = true;

     

       71
        
       

     

       72
        
         specialisation.nvidia.configuration = {

     

       73
        
           services.xserver.videoDrivers = [ "nvidia" ];

     

       74
       +
           hardware.nvidia.open = false;

     

       75
        
         };

     

       76
        
       }

-57

modules/colour-guesser.nix

···

       1
       -
       {

     

       2
       -
         pkgs,

     

       3
       -
         config,

     

       4
       -
         lib,

     

       5
       -
         options,

     

       6
       -
         colour-guesser,

     

       7
       -
         ...

     

       8
       -
       }:

     

       9
       -
       

     

       10
       -
       let

     

       11
       -
         cfg = config.custom.website.colour-guesser;

     

       12
       -
       in

     

       13
       -
       {

     

       14
       -
         options = {

     

       15
       -
           custom.website.colour-guesser = {

     

       16
       -
             enable = lib.mkEnableOption "Colour Guesser";

     

       17
       -
             domain = lib.mkOption {

     

       18
       -
               type = lib.types.str;

     

       19
       -
               default = "colour-guesser.${config.networking.domain}";

     

       20
       -
             };

     

       21
       -
             cname = lib.mkOption {

     

       22
       -
               type = lib.types.str;

     

       23
       -
               default = null;

     

       24
       -
               description = ''

     

       25
       -
                 CNAME to create DNS records for.

     

       26
       -
                 Ignored if null

     

       27
       -
               '';

     

       28
       -
             };

     

       29
       -
           };

     

       30
       -
         };

     

       31
       -
       

     

       32
       -
         config = lib.mkIf cfg.enable {

     

       33
       -
           security.acme-eon.nginxCerts = [ cfg.domain ];

     

       34
       -
           services.nginx = {

     

       35
       -
             enable = true;

     

       36
       -
             recommendedProxySettings = true;

     

       37
       -
             virtualHosts."${cfg.domain}" = {

     

       38
       -
               forceSSL = true;

     

       39
       -
               root = "${colour-guesser.packages.${pkgs.stdenv.hostPlatform.system}.default}";

     

       40
       -
             };

     

       41
       -
           };

     

       42
       -
       

     

       43
       -
           # requires dns module

     

       44
       -
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       45
       -
             {

     

       46
       -
               name = "${cfg.domain}.";

     

       47
       -
               type = "CNAME";

     

       48
       -
               value = cfg.cname;

     

       49
       -
             }

     

       50
       -
             {

     

       51
       -
               name = "www.${cfg.domain}.";

     

       52
       -
               type = "CNAME";

     

       53
       -
               value = cfg.cname;

     

       54
       -
             }

     

       55
       -
           ];

     

       56
       -
         };

     

       57
       -
       }

-1

modules/default.nix

···

       23
        
           ./laptop.nix

     

       24
        
           ./nix-cache.nix

     

       25
        
           ./nix-index.nix

     

       26
       -
           ./ocaml.nix

     

       27
        
           ./printing.nix

     

       28
        
           ./rmfakecloud.nix

     

       29
        
           ./scripts.nix

···

       23
        
           ./laptop.nix

     

       24
        
           ./nix-cache.nix

     

       25
        
           ./nix-index.nix

     

       0
        
       
     

       26
        
           ./printing.nix

     

       27
        
           ./rmfakecloud.nix

     

       28
        
           ./scripts.nix

+9 -2

modules/gui/default.nix

···

       63
        
           };

     

       64
        
       

     

       65
        
           hardware.bluetooth.enable = true;

     

       66
       -
           services.blueman.enable = true;

     

       67
        
       

     

       68
        
           environment.systemPackages =

     

       69
        
             with pkgs;

     
···

       81
        
               jq

     

       82
        
               playerctl

     

       83
        
               brightnessctl

     

       0
        
       
     

       84
        
               xdg-utils

     

       85
        
               yad

     

       86
        
               networkmanagerapplet

     
···

       100
        
               pulseaudio

     

       101
        
               tridactyl-native

     

       102
        
               vlc

     

       0
        
       
     

       0
        
       
     

       103
        
             ]

     

       104
        
             ++ desktopEntries;

     

       105
        
       

     

       106
        
           fonts.packages = with pkgs; [

     

       107
        
             noto-fonts

     

       108
        
             noto-fonts-emoji

     

       109
       -
             (nerdfonts.override { fonts = [ "DroidSansMono" "NerdFontsSymbolsOnly" ]; })

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       110
        
             wqy_zenhei

     

       111
        
             libertine

     

       112
        
           ];

···

       63
        
           };

     

       64
        
       

     

       65
        
           hardware.bluetooth.enable = true;

     

       0
        
       
     

       66
        
       

     

       67
        
           environment.systemPackages =

     

       68
        
             with pkgs;

     
···

       80
        
               jq

     

       81
        
               playerctl

     

       82
        
               brightnessctl

     

       83
       +
               bluetuith

     

       84
        
               xdg-utils

     

       85
        
               yad

     

       86
        
               networkmanagerapplet

     
···

       100
        
               pulseaudio

     

       101
        
               tridactyl-native

     

       102
        
               vlc

     

       103
       +
               timewall

     

       104
       +
               swaybg

     

       105
        
             ]

     

       106
        
             ++ desktopEntries;

     

       107
        
       

     

       108
        
           fonts.packages = with pkgs; [

     

       109
        
             noto-fonts

     

       110
        
             noto-fonts-emoji

     

       111
       +
             (nerdfonts.override {

     

       112
       +
               fonts = [

     

       113
       +
                 "DroidSansMono"

     

       114
       +
                 "NerdFontsSymbolsOnly"

     

       115
       +
               ];

     

       116
       +
             })

     

       117
        
             wqy_zenhei

     

       118
        
             libertine

     

       119
        
           ];

modules/gui/sway.nix

···

       55
        
             isAllowed = true;

     

       56
        
             isSystem = false;

     

       57
        
           };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       58
        
         };

     

       59
        
       }

···

       55
        
             isAllowed = true;

     

       56
        
             isSystem = false;

     

       57
        
           };

     

       58
       +
           services.geoclue2.appConfig.timewall = {

     

       59
       +
             isAllowed = true;

     

       60
       +
             isSystem = false;

     

       61
       +
           };

     

       62
        
         };

     

       63
        
       }

modules/home-manager.nix

···

       11
        
             useGlobalPkgs = true;

     

       12
        
             extraSpecialArgs = {

     

       13
        
               i3-workspace-history = inputs.i3-workspace-history;

     

       0
        
       
     

       14
        
             };

     

       15
        
             users.${config.custom.username} = import ../home/default.nix;

     

       16
        
           };

···

       11
        
             useGlobalPkgs = true;

     

       12
        
             extraSpecialArgs = {

     

       13
        
               i3-workspace-history = inputs.i3-workspace-history;

     

       14
       +
               timewall = inputs.timewall;

     

       15
        
             };

     

       16
        
             users.${config.custom.username} = import ../home/default.nix;

     

       17
        
           };

-2

modules/ocaml.nix

···

       13
        
       

     

       14
        
         config = lib.mkIf cfg.ocaml {

     

       15
        
           environment.systemPackages = with pkgs; [

     

       16
       -
             opam

     

       17
       -
             pkg-config

     

       18
        
           ];

     

       19
        
         };

     

       20
        
       }

···

       13
        
       

     

       14
        
         config = lib.mkIf cfg.ocaml {

     

       15
        
           environment.systemPackages = with pkgs; [

     

       0
        
       
     

       0
        
       
     

       16
        
           ];

     

       17
        
         };

     

       18
        
       }

+2 -2

modules/ryan-website.nix

···

       1
        
       {

     

       2
       -
         pkgs,

     

       3
        
         config,

     

       4
        
         lib,

     

       5
       -
         ryan-website,

     

       6
        
         ...

     

       7
        
       }:

     

       8
        
       

     
···

       44
        
               "${cfg.domain}" = {

     

       45
        
                 forceSSL = true;

     

       46
        
                 root = "/var/www/ryan.freumh.org/";

     

       0
        
       
     

       47
        
                 locations."/teapot".extraConfig = ''

     

       48
        
                   return 418;

     

       49
        
                 '';

     

       0
        
       
     

       50
        
                 extraConfig = ''

     

       51
        
                   error_page 403 =404 /404.html;

     

       52
        
                   error_page 404 /404.html;

···

       1
        
       {

     

       0
        
       
     

       2
        
         config,

     

       3
        
         lib,

     

       0
        
       
     

       4
        
         ...

     

       5
        
       }:

     

       6
        
       

     
···

       42
        
               "${cfg.domain}" = {

     

       43
        
                 forceSSL = true;

     

       44
        
                 root = "/var/www/ryan.freumh.org/";

     

       45
       +
                 locations."/".index = "home.html index.html";

     

       46
        
                 locations."/teapot".extraConfig = ''

     

       47
        
                   return 418;

     

       48
        
                 '';

     

       49
       +
                 locations."/var/".alias = "/var/www/var/";

     

       50
        
                 extraConfig = ''

     

       51
        
                   error_page 403 =404 /404.html;

     

       52
        
                   error_page 404 /404.html;

+4 -1

modules/workstation.nix

···

       13
        
       

     

       14
        
         config = lib.mkIf cfg.workstation {

     

       15
        
           services.localtimed.enable = true;

     

       16
       -
           services.geoclue2.enable = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       17
        
         };

     

       18
        
       }

···

       13
        
       

     

       14
        
         config = lib.mkIf cfg.workstation {

     

       15
        
           services.localtimed.enable = true;

     

       16
       +
           services.geoclue2 = {

     

       17
       +
             enable = true;

     

       18
       +
             geoProviderUrl = "https://api.beacondb.net/v1/geolocate";

     

       19
       +
           };

     

       20
        
         };

     

       21
        
       }

+10 -2

nix-on-droid/default.nix

···

       0
        
       
     

       0
        
       
     

       0
        
       
     

       1
        
       {

     

       2
        
         pkgs,

     

       3
        
         config,

     
···

       11
        
         environment.packages = with pkgs; [

     

       12
        
           util-linux # for whereis

     

       13
        
           gawk # for shell history search

     

       14
       -
           ffmpeg

     

       15
        
           ledger

     

       16
        
         ];

     

       17
        
         environment.etcBackupExtension = ".bak";

     
···

       25
        
       

     

       26
        
         home-manager = {

     

       27
        
           useGlobalPkgs = true;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       28
        
           config =

     

       29
        
             { pkgs, lib, ... }:

     

       30
        
             {

     

       31
        
               imports = [ ../home/default.nix ];

     

       0
        
       
     

       0
        
       
     

       32
        
       

     

       33
        
               # Use the same overlays as the system packages

     

       34
        
               nixpkgs = { inherit (config.nixpkgs) overlays; };

     
···

       66
        
               };

     

       67
        
       

     

       68
        
               home.sessionVariables = {

     

       69
       -
                 LEDGER_FILE = ''~/storage/Documents/vault/ledger/`date "+%Y"`.ledger'';

     

       70
        
               };

     

       71
        
       

     

       72
        
               home.stateVersion = "22.05";

···

       1
       +
       # TODO there has to be a better way of getting this in here

     

       2
       +
       inputs:

     

       3
       +
       

     

       4
        
       {

     

       5
        
         pkgs,

     

       6
        
         config,

     
···

       14
        
         environment.packages = with pkgs; [

     

       15
        
           util-linux # for whereis

     

       16
        
           gawk # for shell history search

     

       0
        
       
     

       17
        
           ledger

     

       18
        
         ];

     

       19
        
         environment.etcBackupExtension = ".bak";

     
···

       27
        
       

     

       28
        
         home-manager = {

     

       29
        
           useGlobalPkgs = true;

     

       30
       +
           extraSpecialArgs = {

     

       31
       +
             i3-workspace-history = inputs.i3-workspace-history;

     

       32
       +
             timewall = inputs.timewall;

     

       33
       +
           };

     

       34
        
           config =

     

       35
        
             { pkgs, lib, ... }:

     

       36
        
             {

     

       37
        
               imports = [ ../home/default.nix ];

     

       38
       +
       

     

       39
       +
               programs.gpg.enable = lib.mkForce false;

     

       40
        
       

     

       41
        
               # Use the same overlays as the system packages

     

       42
        
               nixpkgs = { inherit (config.nixpkgs) overlays; };

     
···

       74
        
               };

     

       75
        
       

     

       76
        
               home.sessionVariables = {

     

       77
       +
                 LEDGER_FILE = "~/storage/Documents/vault/finances.ledger";

     

       78
        
               };

     

       79
        
       

     

       80
        
               home.stateVersion = "22.05";

-3

scripts/backup.sh

···

       1
       -
       #!/usr/bin/env sh

     

       2
       -
       

     

       3
       -
       rsync -va --exclude={".cache", ".local/share/Steam/"} ~/ /run/media/ryan/external-hdd/home/

-7

scripts/obsidian_sync.sh

···

       1
       -
       #!/usr/bin/env sh

     

       2
       -
       

     

       3
       -
       cd /storage/emulated/0/Documents/vault

     

       4
       -
       git pull &&

     

       5
       -
       git add . &&

     

       6
       -
       git commit -m "phone $(date '+%Y-%m-%d %H.%M')" &&

     

       7
       -
       git push

secrets/secrets.nix

···

       47
        
           owl

     

       48
        
         ];

     

       49
        
         "eon-sirref-primary.cap.age".publicKeys = user ++ [ owl ];

     

       0
        
       
     

       50
        
       }

···

       47
        
           owl

     

       48
        
         ];

     

       49
        
         "eon-sirref-primary.cap.age".publicKeys = user ++ [ owl ];

     

       50
       +
         "tangled.age".publicKeys = user ++ [ owl ];

     

       51
        
       }

secrets/tangled.age

···

       1
       +
       age-encryption.org/v1

     

       2
       +
       -> ssh-ed25519 2wDnOw Ttbl5LTzHDAP3kG7kbRErJr+ayerVYZIWZeLPmZmD0U

     

       3
       +
       Uvon5zchwp3jwP/wHJ5/jIrmDhSVOxGKEhLGPtnQj9w

     

       4
       +
       -> ssh-ed25519 suwb0g N+Z7lyQailIdkJMiCuFapSN3LhYphejMvB0x4Au1zBI

     

       5
       +
       dC6ju3bdhzyLB19/WFwgmr+HxTG9vd2fO/EB/WYjodM

     

       6
       +
       --- s2WjTwvpTi8jhAn0/yqBcTmzh77wbpYulovyEdGE7KQ

     

       7
       +
       G����}w����{� n�od&i,V����U��%�'!R46�{>� )>to�]Hh�����2F��A����Tv�!�;���)R�lM%U=|W"?*��e��"����i�KB�F

-44

templates/host/default.nix

···

       1
       -
       {

     

       2
       -
         pkgs,

     

       3
       -
         lib,

     

       4
       -
         config,

     

       5
       -
         ...

     

       6
       -
       }:

     

       7
       -
       

     

       8
       -
       {

     

       9
       -
         imports = [

     

       10
       -
           ./hardware-configuration.nix

     

       11
       -
         ];

     

       12
       -
       

     

       13
       -
         boot.loader.grub = {

     

       14
       -
           enable = true;

     

       15
       -
           device = "nodev";

     

       16
       -
           efiSupport = true;

     

       17
       -
         };

     

       18
       -
         boot.loader.efi.canTouchEfiVariables = true;

     

       19
       -
       

     

       20
       -
         custom = {

     

       21
       -
           enable = true;

     

       22
       -
           #tailscale = true;

     

       23
       -
           #laptop = true;

     

       24
       -
           #gui.i3 = true;

     

       25
       -
           #gui.sway = true;

     

       26
       -
           #workstation = true;

     

       27
       -
           #autoUpgrade.enable = true;

     

       28
       -
           homeManager.enable = true;

     

       29
       -
         };

     

       30
       -
       

     

       31
       -
         home-manager.users.${config.custom.username} = {

     

       32
       -
           custom = {

     

       33
       -
             machineColour = "blue";

     

       34
       -
             # nvim-lsps = true;

     

       35
       -
           };

     

       36
       -
         };

     

       37
       -
       

     

       38
       -
         environment.systemPackages = with pkgs; [

     

       39
       -
           coreutils

     

       40
       -
         ];

     

       41
       -
       

     

       42
       -
         networking.networkmanager.enable = true;

     

       43
       -
         # services.openssh.openFirewall = true;

     

       44
       -
       }

Compare changes