voronind/nix
0
0
Fork 0
Code Issues 39 Pull requests Packages Projects Releases Wiki Activity

Purge nixfmt!

Browse source
This commit is contained in:
Dmitry Voronin 2024-11-04 04:37:29 +03:00
parent d590e6e590
commit a1f4bae2a6
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
356 changed files with 13267 additions and 16348 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.editorconfig
View file

@ -5,9 +5,5 @@ indent_style = tab
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true trim_trailing_whitespace = true
[*.nix]
indent_style = space
indent_size = 2
[*.md] [*.md]
trim_trailing_whitespace = false trim_trailing_whitespace = false

3
.readme/keyboard/Readme.md
View file

@ -1,3 +0,0 @@
# Keyd layouts.
http://www.keyboard-layout-editor.com

151
.readme/keyboard/alt/keyboard-layout.json
View file

@ -1,151 +0,0 @@
[
[
{
"c": "#8ec07c"
},
"Esc",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
"Q",
{
"c": "#8ec07c"
},
"Page Up",
{
"c": "#cccccc"
},
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"Caps Lock",
"Home",
"Page Down",
"End",
{
"c": "#cccccc"
},
"F",
"G",
{
"c": "#8ec07c"
},
"Left",
"Down",
"Up",
"Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
{
"c": "#8ec07c"
},
"Cut",
"Copy",
"Paste",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"c": "#d79921",
"w": 1.25
},
"Alterna-tive keys",
{
"c": "#cccccc",
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"c": "#8ec07c",
"w": 1.25
},
"Ctrl"
]
]

165
.readme/keyboard/app/firefox/keyboard-layout.json
View file

@ -1,165 +0,0 @@
[
[
"~\n`",
"!\n1\n\n\n\n\nTab 1",
"@\n2\n\n\n\n\nTab 2",
"#\n3\n\n\n\n\nTab 3",
"$\n4\n\n\n\n\nTab 4",
"%\n5\n\n\n\n\nTab 5",
"^\n6\n\n\n\n\nTab 6",
"&\n7\n\n\n\n\nTab 7",
"*\n8\n\n\n\n\nTab 8",
"(\n9\n\n\n\n\nTab 9",
")\n0\n\n\n\n\nTab 10",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Tab / Move",
"Up",
"Next Tab / Move",
"Full Refresh",
{
"c": "#cccccc"
},
"T",
"Y",
{
"c": "#8ec07c"
},
"Restore Tab",
{
"c": "#cccccc"
},
"I",
"O",
{
"c": "#8ec07c"
},
"Fill Pass-word",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Tab",
"Go Back",
"Down",
"Go Fwd",
"Find",
{
"c": "#cccccc"
},
"G",
"H",
"J",
"K",
{
"c": "#8ec07c"
},
"Toggle Dark Mode",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Alternative Action (after slash)",
{
"c": "#cccccc"
},
"Z",
{
"c": "#8ec07c"
},
"Close Tab",
{
"c": "#cccccc"
},
"C",
"V",
"B",
{
"c": "#8ec07c"
},
"Find Next / Prev",
{
"c": "#cccccc"
},
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#8ec07c",
"w": 6.25
},
"Toggle Address Bar",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

162
.readme/keyboard/app/jetbrains/keyboard-layout.json
View file

@ -1,162 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
{
"c": "#8ec07c"
},
"Reformat",
{
"c": "#cccccc",
"w": 2
},
"Backspace"
],
[
{
"c": "#8ec07c",
"w": 1.5
},
"Step Over (Tap) / Step Into (Hold)",
"Prev Tab",
{
"c": "#cccccc"
},
"W",
{
"c": "#8ec07c"
},
"Next Tab",
"Run",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
{
"c": "#8ec07c"
},
"Impl-ement",
"Over-ride",
{
"c": "#cccccc"
},
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Scratch",
"Attach Debug-ger",
"Refac-tor",
"Run Debug",
"Find",
"Go to Defini-tion",
{
"c": "#cccccc"
},
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Stop App",
"Close Tab",
"Close Bottom Panel",
"Show Doc",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Inline",
"Settings",
{
"c": "#cccccc"
},
"<\n,",
{
"c": "#8ec07c"
},
"Toggle Break-point\n.",
"Toggle Com-ment",
{
"c": "#cccccc",
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#cccccc",
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

167
.readme/keyboard/app/nautilus/keyboard-layout.json
View file

@ -1,167 +0,0 @@
[
[
"~\n`",
{
"c": "#8ec07c"
},
"List View",
"Grid View",
{
"c": "#cccccc"
},
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Tab / Move",
{
"c": "#cccccc"
},
"W",
{
"c": "#8ec07c"
},
"Next Tab / Move",
"Refresh Dir",
"New window",
"Copy Selection",
{
"c": "#cccccc"
},
"U",
{
"c": "#8ec07c"
},
"Invert Selec-tion",
{
"c": "#cccccc"
},
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Tab",
"Create Dir",
"Rename",
"Delete",
"Search Dir",
{
"c": "#cccccc"
},
"G",
{
"c": "#8ec07c"
},
"Toggle Hidden Files",
{
"c": "#cccccc"
},
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
{
"c": "#8ec07c"
},
"Close Tab",
{
"c": "#cccccc"
},
"C",
{
"c": "#8ec07c"
},
"File Info",
"Go Back",
{
"c": "#cccccc"
},
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#8ec07c",
"w": 6.25
},
"Focus Navigation Bar",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

160
.readme/keyboard/app/tmux/keyboard-layout.json
View file

@ -1,160 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
{
"c": "#8ec07c"
},
"Split / Align Vertical",
"Equalize Splits",
{
"c": "#cccccc",
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Window",
"Up",
"Next Window",
"Reload Settings",
{
"c": "#cccccc"
},
"T",
{
"c": "#8ec07c"
},
"Copy Selection",
{
"c": "#cccccc"
},
"U",
"I",
"O",
{
"c": "#8ec07c"
},
"Paste",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"c": "#8ec07c",
"w": 1.5
},
"Split / Align Horizontal"
],
[
{
"w": 1.75
},
"New Window",
"Left",
"Down",
"Right",
"Toggle Status Bar",
"Select Session",
"Resize Left",
"Resize/ Scroll Down",
"Resize/ Scroll Up",
"Resize Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Detach Session/Others",
"Close Window",
"Close Pane",
"Select",
{
"c": "#cccccc"
},
"B",
"N",
"M",
{
"c": "#8ec07c"
},
"Prev Session",
"Next Session",
{
"c": "#cccccc"
},
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#cccccc",
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

142
.readme/keyboard/main/keyboard-layout.json
View file

@ -1,142 +0,0 @@
[
[
{
"c": "#d79921",
"sm": "alps"
},
"System Controls",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"c": "#8ec07c",
"w": 2
},
"Delete"
],
[
{
"c": "#cccccc",
"w": 1.5
},
"Tab",
"Q",
"W",
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"Ctrl / Esc",
{
"c": "#cccccc"
},
"A",
"S",
"D",
{
"n": true
},
"F",
"G",
"H",
{
"n": true
},
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
"X",
"C",
"V",
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"c": "#8ec07c",
"w": 2.75
},
"Backspace"
],
[
{
"c": "#d79921",
"w": 1.25
},
"Alterna-tive Keys",
{
"w": 1.25
},
"WM Controls",
{
"w": 1.25
},
"App Controls",
{
"w": 6.25
},
"Neovim",
{
"c": "#8ec07c",
"w": 1.25
},
"Language Switch",
{
"c": "#d79921",
"w": 1.25
},
"Extra Numbers",
{
"w": 1.25
},
"Media Controls",
{
"c": "#cccccc",
"d": true
},
"Fn"
]
]

139
.readme/keyboard/media/keyboard-layout.json
View file

@ -1,139 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Song",
"Volume Up",
"Next Song",
{
"c": "#cccccc"
},
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
{
"c": "#8ec07c"
},
"Seek Back",
"Volume Down",
"Seek Fwd",
{
"c": "#cccccc"
},
"F",
"G",
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Mute Sound",
"Stop",
"Cycle Sound Device",
"Mute Mic",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"Play / Pause",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"c": "#d79921",
"w": 1.25
},
"Media Controls (RCtrl)"
]
]

144
.readme/keyboard/number/keyboard-layout.json
View file

@ -1,144 +0,0 @@
[
[
"~\n`",
{
"c": "#8ec07c"
},
"=",
"/",
"*",
"-",
{
"c": "#cccccc"
},
"f17",
"f18",
"f19",
"f20",
"f21",
"f22",
"f23",
"f24",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"7",
"8",
"9",
"+",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
{
"c": "#8ec07c"
},
"4",
"5",
"6",
"Enter",
{
"c": "#cccccc"
},
"G",
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Backspace",
"1",
"2",
"3",
". (dot)",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"0",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"Extra Numbers",
{
"c": "#cccccc",
"w": 1.25
},
"Ctrl"
]
]

158
.readme/keyboard/sway/keyboard-layout.json
View file

@ -1,158 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
{
"c": "#8ec07c"
},
"Split Vertic-ally",
{
"c": "#cccccc"
},
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"c": "#8ec07c",
"w": 1.5
},
"Tab mode toggle",
"Prev Work-space",
"Up",
"Next Work-space",
"Float layer / Waybar",
{
"c": "#cccccc"
},
"T",
{
"c": "#8ec07c"
},
"Full Scr / Rec",
{
"c": "#cccccc"
},
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"c": "#8ec07c",
"w": 1.5
},
"Split Hori-zontally"
],
[
{
"w": 1.75
},
"Terminal",
"Left",
"Down",
"Right",
"Full-screen / Float",
{
"c": "#cccccc"
},
"G",
{
"c": "#8ec07c"
},
"Resize Left",
"Resize Down",
"Resize Up",
"Resize Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Alternative action (after slash) or move window",
"Lock / +Sus-pend",
"Close Window",
"Scratch toggle / move",
"Select Scr / Rec",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Dismiss Notif / Repeat",
{
"c": "#cccccc"
},
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"c": "#d79921",
"w": 1.25
},
"WM Controls",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"Run",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

174
.readme/keyboard/system/keyboard-layout.json
View file

@ -1,174 +0,0 @@
[
[
{
"c": "#d79921"
},
"System controls",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
"Q",
{
"c": "#8ec07c"
},
"Bright- ness Up",
{
"c": "#cccccc"
},
"E",
{
"c": "#8ec07c"
},
"Live Config Reload",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
"I",
"O",
{
"c": "#8ec07c"
},
"Toggle power-save",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
"A",
{
"c": "#8ec07c"
},
"Bright-ness Down",
{
"c": "#cccccc"
},
"D",
"F",
{
"c": "#8ec07c"
},
"Toggle Gaming Mode",
{
"c": "#cccccc"
},
"H",
"J",
"K",
{
"c": "#8ec07c"
},
"Toggle charge limit",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Sus-pend",
"Power-off",
"Reboot",
"Toggle VPN",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Toggle DND",
"Toggle Monitor Power",
{
"c": "#cccccc"
},
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

16
.treefmt.toml
View file

@ -1,16 +0,0 @@
# One CLI to format the code tree - https://git.numtide.com/numtide/treefmt
# [formatter.mylanguage]
# Formatter to run
# command = "command-to-run"
# Command-line arguments for the command
# options = []
# Glob pattern of files to include
# includes = [ "*.<language-extension>" ]
# Glob patterns of files to exclude
# excludes = []
[formatter.nixfmt-rfc-style]
command = "nixfmt"
options = [ "-s" ]
includes = [ "*.nix" ]

3
Makefile
View file

@ -30,9 +30,6 @@ fix-ulimit:
fix-unlock: fix-unlock:
pkill nixos-rebuild || true pkill nixos-rebuild || true
format:
treefmt --no-cache --on-unmatched=info
gc: gc:
nix-collect-garbage -d nix-collect-garbage -d
# nix-store --gc # nix-store --gc

68
Readme.md
View file

@ -1,4 +1,4 @@
# Dmitry 🌊 NixOS, Home Manager and Nix-on-Droid configurations. # Dmitry 🌊 NixOS and Nix-on-Droid configurations.
## Please, support tabs in Nix! ## Please, support tabs in Nix!
@ -36,68 +36,4 @@ Newest first.
<a href="https://i.imgur.com/H943DFl.jpeg">Wallpaper link</a> <a href="https://i.imgur.com/H943DFl.jpeg">Wallpaper link</a>
</details> </details>
[My current wallpaper](config/Wallpaper.nix#L4) [My current wallpaper](module/Wallpaper.nix#L6)
Color theming based on wallpaper thanks to [Stylix](https://github.com/danth/stylix).
## Discovering my configuration.
Even tho I've tried to document everything I can in a dum-dum way, I still highly recommend you to learn the [very basics of Nix language](https://nixos.org/guides/nix-pills/). Start from the [Flake](flake.nix) file and follow the comments. If you have any questions, get in touch using [Telegram](https://t.me/voronind_com) or [Email](mailto:hi@voronind.com).
Please tell me if you find any undocumented parts.
## Configuration highlights.
* [Keyd](module/Keyd.nix) allows you to have QMK-like keyboard remaps. Killer-feature is the ability to have remaps per-application. I have pretty common remaps like CapsLock to Ctrl/Esc combo, Right Shift to Backspace, Backspace to Delete and overlays for System/Windows/Media/Application controls as well as Macros.
* NixOS Containers (nspawn). Containers are great. I LOVE containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! [Here](host/x86_64-linux/home/Container.nix) is how I add containers to the host, [here](container/default.nix) is the global configuration and [here](container) are all the containers.
* NixOnDroid can be used to set up your environment inside the Termux app on Android. It also gives you access to all the Nixpkgs binaries for Arm. Configuration can be found [here](home/Android.nix), but you also need to add the definition to the root `flake.nix (nixOnDroidConfigurations.default)`. [Here](https://github.com/nix-community/nix-on-droid) are the docs.
* [Stylix](config/Stylix.nix) can be used to change colors for the whole system based on current wallpaper. Example usages: [Sway](home/config/sway/module/Style.nix), [fuzzel](home/config/fuzzel/default.nix) and [Tmux](home/config/tmux/module/Status.nix).
* [Signed auto-updates](module/AutoUpdateSigned.nix). Updates are pulled every hour and require the last commit to be signed with my signature.
## Keyboard layouts.
Yellow are modifier keys, they enable layers when held. Green ones are just modified keys.
<details>
<summary>Default</summary>
<img src="https://i.imgur.com/MBb23eB.png" />
</details>
<details>
<summary>Alternative Keys</summary>
<img src="https://i.imgur.com/X9CGhLb.png" />
</details>
<details>
<summary>Sway keys</summary>
<img src="https://i.imgur.com/hiGZ86w.png" /><br>
</details>
<details>
<summary>Per-application controls</summary>
Firefox:<br>
<img src="https://i.imgur.com/GI0apoV.png" /><br>
Jetbrains:<br>
<img src="https://i.imgur.com/OFNlHnW.png" /><br>
Nautilus:<br>
<img src="https://i.imgur.com/9W1GmLn.png" /><br>
Tmux:<br>
<img src="https://i.imgur.com/GhmwyCO.png" />
</details>
<details>
<summary>Extra numbers</summary>
<img src="https://i.imgur.com/89ERKd9.png" />
</details>
<details>
<summary>Media Controls</summary>
<img src="https://i.imgur.com/HvdSdRP.png" />
</details>
<details>
<summary>System controls</summary>
<img src="https://i.imgur.com/rGC2HXf.png" />
</details>
[Link](http://www.keyboard-layout-editor.com) / [Source](https://github.com/ijprest/keyboard-layout-editor) of the tool I used to draw the images.

68
config/Setting.nix
View file

@ -1,68 +0,0 @@
# Global settings.
# Just like I can configure each package, here I configure my config! :O)
{ lib, ... }:
{
options.setting = with lib; {
# Ollama settings.
# I use the best light model by default.
ollama = mkOption {
default = { };
type = types.submodule {
# freeformType = lib.jsonFormat.type;
options = {
primaryModel = mkOption {
default = "llama3";
type = types.str;
};
};
};
};
# Whether to use Dpi-aware setting in supported apps.
dpiAware = mkOption {
default = false;
type = types.bool;
};
# Keyboard options.
keyboard = mkOption {
default = { };
type = types.submodule {
options = {
layouts = mkOption {
default = "us,ru";
type = types.str;
};
options = mkOption {
default = "grp:toggle";
type = types.str;
};
};
};
};
# CPU configurations.
cpu = mkOption {
default = { };
type = types.submodule {
options = {
hwmon = mkOption {
default = { };
type = types.submodule {
options = {
path = mkOption {
default = "";
type = types.str;
};
file = mkOption {
default = "";
type = types.str;
};
};
};
};
};
};
};
};
}

123
config/Style.nix
View file

@ -1,123 +0,0 @@
{
lib,
config,
pkgs,
__findFile,
...
}:
with lib;
let
cfg = config.style;
mkTypeOption = default: type: mkOption { inherit default type; };
mkStrOption = default: mkTypeOption default types.str;
mkIntOption = default: mkTypeOption default types.int;
mkFloatOption = default: mkTypeOption default types.float;
mkPkgOption = default: mkTypeOption default types.package;
in
{
options.style = {
color = {
bg = {
dark = mkStrOption config.lib.stylix.colors.base00;
light = mkStrOption config.lib.stylix.colors.base07;
regular = mkStrOption config.lib.stylix.colors.base01;
};
fg = {
dark = mkStrOption config.lib.stylix.colors.base04;
light = mkStrOption config.lib.stylix.colors.base06;
regular = mkStrOption config.lib.stylix.colors.base05;
};
accent = mkStrOption config.lib.stylix.colors.base0A;
heading = mkStrOption config.lib.stylix.colors.base0D;
hl = mkStrOption config.lib.stylix.colors.base03;
keyword = mkStrOption config.lib.stylix.colors.base0E;
link = mkStrOption config.lib.stylix.colors.base09;
misc = mkStrOption config.lib.stylix.colors.base0F;
negative = mkStrOption config.lib.stylix.colors.base08;
neutral = mkStrOption config.lib.stylix.colors.base0C;
positive = mkStrOption config.lib.stylix.colors.base0B;
selection = mkStrOption config.lib.stylix.colors.base02;
transparent = mkStrOption "ffffff00";
accent-b = mkStrOption config.lib.stylix.colors.base0A-rgb-b;
accent-g = mkStrOption config.lib.stylix.colors.base0A-rgb-g;
accent-r = mkStrOption config.lib.stylix.colors.base0A-rgb-r;
negative-b = mkStrOption config.lib.stylix.colors.base08-rgb-b;
negative-g = mkStrOption config.lib.stylix.colors.base08-rgb-g;
negative-r = mkStrOption config.lib.stylix.colors.base08-rgb-r;
neutral-b = mkStrOption config.lib.stylix.colors.base0C-rgb-b;
neutral-g = mkStrOption config.lib.stylix.colors.base0C-rgb-g;
neutral-r = mkStrOption config.lib.stylix.colors.base0C-rgb-r;
positive-b = mkStrOption config.lib.stylix.colors.base0B-rgb-b;
positive-g = mkStrOption config.lib.stylix.colors.base0B-rgb-g;
positive-r = mkStrOption config.lib.stylix.colors.base0B-rgb-r;
bg-b = mkStrOption config.lib.stylix.colors.base00-rgb-b;
bg-g = mkStrOption config.lib.stylix.colors.base00-rgb-g;
bg-r = mkStrOption config.lib.stylix.colors.base00-rgb-r;
fg-b = mkStrOption config.lib.stylix.colors.base06-rgb-b;
fg-g = mkStrOption config.lib.stylix.colors.base06-rgb-g;
fg-r = mkStrOption config.lib.stylix.colors.base06-rgb-r;
border = mkStrOption config.lib.stylix.colors.base01;
border-b = mkStrOption config.lib.stylix.colors.base01-rgb-b;
border-g = mkStrOption config.lib.stylix.colors.base01-rgb-g;
border-r = mkStrOption config.lib.stylix.colors.base01-rgb-r;
};
font = {
size = {
application = mkIntOption 12;
terminal = mkIntOption 14;
popup = mkIntOption 12;
desktop = mkIntOption 14;
};
serif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display";
};
sansSerif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display";
};
monospace = {
package = mkPkgOption (pkgs.nerdfonts.override { fonts = [ "Terminus" ]; });
name = mkStrOption "Terminess Nerd Font Mono";
};
emoji = {
package = mkPkgOption pkgs.noto-fonts-emoji;
name = mkStrOption "Noto Color Emoji";
};
};
opacity = {
application = mkFloatOption 0.85;
desktop = mkFloatOption 0.85;
popup = mkFloatOption 0.85;
terminal = mkFloatOption 0.85;
hex = mkStrOption "D9";
};
# cursor = {
# name = mkStrOption "Adwaita";
# package = mkPkgOption pkgs.adwaita-icon-theme;
# size = mkIntOption 14;
# };
cursor = {
name = mkStrOption "phinger-cursors-light";
package = mkPkgOption pkgs.phinger-cursors;
size = mkIntOption 24;
};
window = {
gap = mkIntOption 8;
border = mkIntOption 4;
};
};
}

42
config/Stylix.nix
View file

@ -1,42 +0,0 @@
{
pkgs,
config,
__findFile,
...
}:
{
stylix = {
enable = true;
image = config.module.wallpaper.path;
autoEnable = true;
polarity = "dark";
fonts = {
inherit (config.style.font)
serif
sansSerif
monospace
emoji
;
sizes = {
inherit (config.style.font.size) terminal desktop;
applications = config.style.font.size.application;
popups = config.style.font.size.popup;
};
};
opacity = {
inherit (config.style.opacity) desktop terminal;
applications = config.style.opacity.application;
popups = config.style.opacity.popups;
};
inherit (config.style) cursor;
override =
if config.module.wallpaper.forceContrastText then
{
base04 = "000000";
base05 = "ffffff";
base06 = "ffffff";
}
else
{ };
};
}

21
config/Wallpaper.nix
View file

@ -1,21 +0,0 @@
{ pkgs, lib, ... }:
with lib;
let
url = "https://i.imgur.com/yuZ2XSf.jpeg";
sha256 = "sha256-Z35D7gn28d2dtPHHVwzySOingy/d8CWKmK9LQjpyjEk=";
forceContrastText = false;
in
{
options = {
module.wallpaper = {
forceContrastText = mkOption {
default = warnIf forceContrastText "Style : Forced text contrast." forceContrastText;
type = types.bool;
};
path = mkOption {
default = pkgs.fetchurl { inherit url sha256; };
type = types.path;
};
};
};
}

41
container/Change.nix
View file

@ -1,38 +1,35 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}@args: }: let
with lib;
let
cfg = config.container.module.change; cfg = config.container.module.change;
in in {
{ options.container.module.change = {
options = { enable = lib.mkEnableOption "the change detection service";
container.module.change = { address = lib.mkOption {
enable = mkEnableOption "Change detection service";
address = mkOption {
default = "10.1.0.41"; default = "10.1.0.41";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 5000; default = 5000;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "change.${config.container.domain}"; default = "change.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/change"; default = "${config.container.storage}/change";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.change = container.mkContainer cfg { containers.change = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -42,9 +39,7 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.changedetection-io = { services.changedetection-io = {
enable = true; enable = true;
baseURL = cfg.domain; baseURL = cfg.domain;

39
container/Chat.nix
View file

@ -1,18 +1,15 @@
{ {
config,
container, container,
lib, lib,
config,
pkgs, pkgs,
... ...
}: }: let
let
cfg = config.container.module.chat; cfg = config.container.module.chat;
db = config.container.module.postgres; db = config.container.module.postgres;
in in {
{ options.container.module.chat = {
options = { enable = lib.mkEnableOption "the chat container.";
container.module.chat = {
enable = lib.mkEnableOption "chat container.";
address = lib.mkOption { address = lib.mkOption {
default = "10.1.0.20"; default = "10.1.0.20";
type = lib.types.str; type = lib.types.str;
@ -30,11 +27,12 @@ in
type = lib.types.str; type = lib.types.str;
}; };
}; };
};
# WIP: https://search.nixos.org/options?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=mattermost # WIP: https://search.nixos.org/options?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=mattermost
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.chat = container.mkContainer cfg { containers.chat = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -44,9 +42,7 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.mattermost = { services.mattermost = {
enable = true; enable = true;
listenAddress = ":${toString cfg.port}"; listenAddress = ":${toString cfg.port}";
@ -56,18 +52,13 @@ in
siteName = "Chat"; siteName = "Chat";
siteUrl = "https://${cfg.domain}"; siteUrl = "https://${cfg.domain}";
statePath = "/var/lib/mattermost"; statePath = "/var/lib/mattermost";
plugins = plugins = [
let (pkgs.fetchurl rec {
calls =
let
version = "1.2.0";
in
pkgs.fetchurl {
url = "https://github.com/mattermost/mattermost-plugin-calls/releases/download/v${version}/mattermost-plugin-calls-v${version}.tar.gz";
hash = "sha256-yQGBpBPgXxC+Pm6dHlbwlNEdvn6wg9neSpNNTC4YYAA="; hash = "sha256-yQGBpBPgXxC+Pm6dHlbwlNEdvn6wg9neSpNNTC4YYAA=";
}; url = "https://github.com/mattermost/mattermost-plugin-calls/releases/download/v${version}/mattermost-plugin-calls-v${version}.tar.gz";
in version = "1.2.0";
[ calls ]; })
];
extraConfig = { extraConfig = {
SqlSettings = { SqlSettings = {
DataSource = "postgres://mattermost:any@${db.address}:${toString db.port}/mattermost?sslmode=disable&connect_timeout=10"; DataSource = "postgres://mattermost:any@${db.address}:${toString db.port}/mattermost?sslmode=disable&connect_timeout=10";

60
container/Cloud.nix
View file

@ -1,42 +1,38 @@
{ {
container,
pkgs,
lib,
config, config,
container,
lib,
pkgs,
... ...
}@args: }: let
with lib;
let
cfg = config.container.module.cloud; cfg = config.container.module.cloud;
postgres = config.container.module.postgres; postgres = config.container.module.postgres;
proxy = config.container.module.proxy; proxy = config.container.module.proxy;
in in {
{ options.container.module.cloud = {
options = { enable = lib.mkEnableOption "the file cloud service.";
container.module.cloud = { address = lib.mkOption {
enable = mkEnableOption "File cloud service";
address = mkOption {
default = "10.1.0.13"; default = "10.1.0.13";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 80; default = 80;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "cloud.${config.container.domain}"; default = "cloud.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/cloud"; default = "${config.container.storage}/cloud";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.cloud = container.mkContainer cfg { containers.cloud = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -46,20 +42,17 @@ in
}; };
}; };
config = config = { config, ... }: container.mkContainerConfig cfg {
{ config, ... }:
container.mkContainerConfig cfg {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
# package = pkgs.nextcloud29;
hostName = cfg.domain; hostName = cfg.domain;
# package = pkgs.nextcloud29;
# phpOptions = { # phpOptions = {
# memory_limit = lib.mkForce "20G"; # memory_limit = lib.mkForce "20G";
# }; # };
config = { config = {
adminuser = "root";
adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}"; adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}";
adminuser = "root";
dbhost = postgres.address; dbhost = postgres.address;
dbname = "nextcloud"; dbname = "nextcloud";
dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}"; dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}";
@ -67,16 +60,19 @@ in
dbuser = "nextcloud"; dbuser = "nextcloud";
}; };
extraApps = { extraApps = {
inherit (config.services.nextcloud.package.packages.apps) contacts calendar onlyoffice; inherit (config.services.nextcloud.package.packages.apps)
contacts calendar onlyoffice;
}; };
extraAppsEnable = true; extraAppsEnable = true;
settings = { settings = {
allow_local_remote_servers = true;
trusted_domains = [ trusted_domains = [
cfg.address cfg.address
cfg.domain cfg.domain
]; ];
trusted_proxies = [ proxy.address ]; trusted_proxies = [
allow_local_remote_servers = true; proxy.address
];
}; };
}; };
}; };

42
container/Ddns.nix
View file

@ -1,30 +1,27 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}@args: }: let
with lib;
let
cfg = config.container.module.ddns; cfg = config.container.module.ddns;
in in {
{ options.container.module.ddns = {
options = { enable = lib.mkEnableOption "the dynamic dns client.";
container.module.ddns = { address = lib.mkOption {
enable = mkEnableOption "Dynamic dns client.";
address = mkOption {
default = "10.1.0.31"; default = "10.1.0.31";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/ddns"; default = "${config.container.storage}/ddns";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.ddns = container.mkContainer cfg { containers.ddns = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -34,9 +31,7 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.cloudflare-dyndns = { services.cloudflare-dyndns = {
enable = true; enable = true;
apiTokenFile = "/data/token"; apiTokenFile = "/data/token";
@ -44,12 +39,11 @@ in
ipv4 = true; ipv4 = true;
ipv6 = false; ipv6 = false;
proxied = false; proxied = false;
domains = domains = let
let
domain = config.container.domain; domain = config.container.domain;
in in [
[ domain ] domain
++ map (sub: "${sub}.${domain}") [ ] ++ map (sub: "${sub}.${domain}") [
"cloud" "cloud"
"git" "git"
"mail" "mail"

55
container/Dns.nix
View file

@ -1,16 +1,13 @@
{ {
container,
pkgs,
lib,
config, config,
container,
lib,
pkgs,
... ...
}: }: let
let
cfg = config.container.module.dns; cfg = config.container.module.dns;
in in {
{ options.container.module.dns = {
options = {
container.module.dns = {
enable = lib.mkEnableOption "the DNS server."; enable = lib.mkEnableOption "the DNS server.";
address = lib.mkOption { address = lib.mkOption {
default = "10.1.0.6"; default = "10.1.0.6";
@ -21,33 +18,22 @@ in
type = lib.types.int; type = lib.types.int;
}; };
}; };
};
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
containers.dns = container.mkContainer cfg { containers.dns = container.mkContainer cfg {
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = [ pkgs.cloudflared ];
# systemd.services.cloudflared = {
# description = "Cloudflare DoH server.";
# enable = true;
# wantedBy = [ "multi-user.target" ];
# serviceConfig = {
# Type = "simple";
# ExecStart = "${lib.getExe pkgs.cloudflared} proxy-dns --port 5054";
# };
# };
services.blocky = { services.blocky = {
enable = true; enable = true;
# REF: https://0xerr0r.github.io/blocky/main/configuration/ # REF: https://0xerr0r.github.io/blocky/main/configuration/
settings = { settings = {
bootstrapDns = "tcp+udp:1.1.1.1"; bootstrapDns = "tcp+udp:1.1.1.1";
connectIPVersion = "v4"; connectIPVersion = "v4";
ports.dns = cfg.port;
# httpPort = "80";
upstreams.groups = { upstreams.groups = {
default = [ "https://dns.quad9.net/dns-query" ]; default = [
"https://dns.quad9.net/dns-query"
];
}; };
caching = { caching = {
maxItemsCount = 100000; maxItemsCount = 100000;
@ -65,9 +51,9 @@ in
refreshPeriod = "24h"; refreshPeriod = "24h";
strategy = "blocking"; strategy = "blocking";
downloads = { downloads = {
timeout = "5m";
attempts = 3; attempts = 3;
cooldown = "10s"; cooldown = "10s";
timeout = "5m";
}; };
}; };
# SRC: https://oisd.nl # SRC: https://oisd.nl
@ -112,30 +98,27 @@ in
# }; # };
clientGroupsBlock = { clientGroupsBlock = {
default = [ default = [
"suspicious"
"ads" "ads"
"tracking"
"malicious" "malicious"
"other" "other"
"suspicious"
"tracking"
]; ];
}; };
}; };
customDNS = { customDNS = {
mapping = mapping = let
let
block = host: { ${host} = "0.0.0.0"; }; block = host: { ${host} = "0.0.0.0"; };
in in {
{
# All subdomains to current host. # All subdomains to current host.
# ${config.container.domain} = config.container.host; # ${config.container.domain} = config.container.host;
"voronind.com" = "10.0.0.1"; "voronind.com" = "10.0.0.1";
} }
// block "gosuslugi.ru" // block "gosuslugi.ru"
// block "rutube.ru" // block "rutube.ru"
// block "vk.com"; // block "vk.com"
;
}; };
ports.dns = cfg.port;
# httpPort = "80";
}; };
}; };
}; };

51
container/Download.nix
View file

@ -1,62 +1,57 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.download; cfg = config.container.module.download;
in in {
{ options.container.module.download = {
options = { enable = lib.mkEnableOption "the bit-torrent downloader.";
container.module.download = { address = lib.mkOption {
enable = mkEnableOption "Downloader.";
address = mkOption {
default = "10.1.0.12"; default = "10.1.0.12";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8112; default = 8112;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "download.${config.container.domain}"; default = "download.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/download"; default = "${config.container.storage}/download";
type = types.str; type = lib.types.str;
}; };
memLimit = mkOption { memLimit = lib.mkOption {
default = "4G"; default = "4G";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.download = container.mkContainer cfg { containers.download = container.mkContainer cfg {
enableTun = true; enableTun = true;
bindMounts = { bindMounts = {
"/var/lib/deluge/.config/deluge" = { "/var/lib/deluge/.config/deluge" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
} // container.attachMedia "download" false; }
// container.attachMedia "download" false
;
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.deluge = { services.deluge = {
enable = true; enable = true;
dataDir = "/var/lib/deluge"; dataDir = "/var/lib/deluge";
web.enable = true; web.enable = true;
}; };
systemd.services.deluged.serviceConfig = { systemd.services.deluged.serviceConfig = {
MemoryLimit = cfg.memLimit; MemoryLimit = cfg.memLimit;
Restart = lib.mkForce "always"; Restart = lib.mkForce "always";

78
container/Frkn.nix
View file

@ -1,46 +1,42 @@
# TODO: Saved just in case for the dark future.
# в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна"
{ {
container,
pkgs,
lib,
config,
__findFile, __findFile,
config,
container,
lib,
pkgs,
util,
... ...
}: } @args: let
with lib;
let
cfg = config.container.module.frkn; cfg = config.container.module.frkn;
in in {
{ options.container.module.frkn = {
options = { enable = lib.mkEnableOption "the Allmighty FRKN service.";
container.module.frkn = { address = lib.mkOption {
enable = mkEnableOption "FRKN";
address = mkOption {
default = "10.1.0.69"; default = "10.1.0.69";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 1080; default = 1080;
type = types.int; type = lib.types.int;
}; };
torport = mkOption { torport = lib.mkOption {
default = 9150; default = 9150;
type = types.int; type = lib.types.int;
}; };
xrayport = mkOption { xrayport = lib.mkOption {
default = 1081; default = 1081;
type = types.int; type = lib.types.int;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/frkn"; default = "${config.container.storage}/frkn";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.frkn = container.mkContainer cfg { containers.frkn = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -50,15 +46,16 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: imports = [
container.mkContainerConfig cfg { (import <module/Zapret.nix> args)
];
boot.kernel.sysctl = { boot.kernel.sysctl = {
"net.ipv4.conf.all.src_valid_mark" = 1; "net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1; "net.ipv4.ip_forward" = 1;
}; };
imports = [ <module/Zapret.nix> ];
module.zapret = { module.zapret = {
enable = true; enable = true;
params = config.module.zapret.params; params = config.module.zapret.params;
@ -67,38 +64,33 @@ in
services = { services = {
microsocks = { microsocks = {
enable = true; enable = true;
disableLogging = true;
ip = cfg.address; ip = cfg.address;
port = cfg.port; port = cfg.port;
disableLogging = true;
#authUsername
#outgoingBindIp
#authOnce
}; };
tor = { tor = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = settings = let
let
exclude = "{RU},{UA},{BY},{KZ},{CN},{??}"; exclude = "{RU},{UA},{BY},{KZ},{CN},{??}";
in in {
{
# ExcludeExitNodes = exclude; # ExcludeExitNodes = exclude;
# ExcludeNodes = exclude; # ExcludeNodes = exclude;
#DNSPort = dnsport; # DNSPort = dnsport;
UseBridges = true; UseBridges = true;
ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/lyrebird"; ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/lyrebird";
Bridge = [ Bridge = [
"obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0"
"obfs4 121.45.140.249:12123 0922E212E33B04F0B7C1E398161E8EDE06734F26 cert=3AQ4iJFAzxzt7a/zgXIiFEs6fvrXInXt1Dtr09DgnpvUzG/iiyRTdXYZKSYpI124Zt3ZUA iat-mode=0" "obfs4 121.45.140.249:12123 0922E212E33B04F0B7C1E398161E8EDE06734F26 cert=3AQ4iJFAzxzt7a/zgXIiFEs6fvrXInXt1Dtr09DgnpvUzG/iiyRTdXYZKSYpI124Zt3ZUA iat-mode=0"
"obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0"
"obfs4 145.239.31.71:10161 882125D15B59BB82BE66F999056CB676D3F061F8 cert=AnD+EvcBMuQDVM7PwW7NgFAzW1M5jDm7DjQtIIcBSjoyAf1FJ2p535rrYL2Kk8POAd0+aw iat-mode=0" "obfs4 145.239.31.71:10161 882125D15B59BB82BE66F999056CB676D3F061F8 cert=AnD+EvcBMuQDVM7PwW7NgFAzW1M5jDm7DjQtIIcBSjoyAf1FJ2p535rrYL2Kk8POAd0+aw iat-mode=0"
"obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0"
"obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0"
]; ];
}; };
client = { client = {
enable = true; enable = true;
#dns.enable = true; # dns.enable = true;
socksListenAddress = { socksListenAddress = {
IsolateDestAddr = true; IsolateDestAddr = true;
addr = cfg.address; addr = cfg.address;

94
container/Git.nix
View file

@ -1,43 +1,40 @@
{ {
container,
pkgs,
config, config,
container,
lib, lib,
pkgs,
... ...
}: }: let
with lib;
let
cfg = config.container.module.git; cfg = config.container.module.git;
in in {
{ options.container.module.git = {
options = { enable = lib.mkEnableOption "the git server.";
container.module.git = { address = lib.mkOption {
enable = mkEnableOption "Git server.";
address = mkOption {
default = "10.1.0.8"; default = "10.1.0.8";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 3000; default = 3000;
type = types.int; type = lib.types.int;
}; };
portSsh = mkOption { portSsh = lib.mkOption {
default = 22144; default = 22144;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "git.${config.container.domain}"; default = "git.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/git"; default = "${config.container.storage}/git";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.git = container.mkContainer cfg { containers.git = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -47,41 +44,43 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: environment.systemPackages = with pkgs; [
container.mkContainerConfig cfg { forgejo
environment.systemPackages = with pkgs; [ forgejo ]; ];
services.forgejo = { services.forgejo = {
enable = true; enable = true;
stateDir = "/var/lib/forgejo"; stateDir = "/var/lib/forgejo";
database = database = let
let
postgre = config.container.module.postgres; postgre = config.container.module.postgres;
in in {
{
type = "postgres";
host = postgre.address;
port = postgre.port;
user = "forgejo";
name = "forgejo";
createDatabase = false; createDatabase = false;
host = postgre.address;
name = "forgejo";
port = postgre.port;
type = "postgres";
user = "forgejo";
}; };
settings = settings = let
let
gcArgs = "--aggressive --no-cruft --prune=now"; gcArgs = "--aggressive --no-cruft --prune=now";
gcTimeout = 600; gcTimeout = 600;
in in {
{ "cron.cleanup_actions".ENABLED = true;
"service".DISABLE_REGISTRATION = true; "cron.update_mirrors".SCHEDULE = "@midnight";
"git".GC_ARGS = gcArgs;
"git.timeout".GC = gcTimeout;
"log".LEVEL = "Error"; "log".LEVEL = "Error";
"repo-archive".ENABLED = false;
"repository.issue".MAX_PINNED = 99999;
"repository.pull-request".DEFAULT_MERGE_STYLE = "rebase";
"service".DISABLE_REGISTRATION = true;
"server" = { "server" = {
DOMAIN = cfg.domain; DOMAIN = cfg.domain;
HTTP_ADDR = cfg.address; HTTP_ADDR = cfg.address;
ROOT_URL = "https://${cfg.domain}"; ROOT_URL = "https://${cfg.domain}";
BUILTIN_SSH_SERVER_USER = "git"; BUILTIN_SSH_SERVER_USER = "git";
DISABLE_SSH = false; DISABLE_SSH = false;
SSH_PORT = cfg.portSsh; SSH_PORT = cfg.portSsh;
@ -94,25 +93,16 @@ in
DEFAULT_PRIVATE = "private"; DEFAULT_PRIVATE = "private";
DEFAULT_PUSH_CREATE_PRIVATE = true; DEFAULT_PUSH_CREATE_PRIVATE = true;
}; };
"repository.pull-request".DEFAULT_MERGE_STYLE = "rebase";
"repository.issue".MAX_PINNED = 99999;
"cron" = { "cron" = {
ENABLED = true; ENABLED = true;
RUN_AT_START = true; RUN_AT_START = true;
}; };
"repo-archive".ENABLED = false;
"cron.update_mirrors".SCHEDULE = "@midnight";
"cron.cleanup_actions".ENABLED = true;
"cron.git_gc_repos" = { "cron.git_gc_repos" = {
ENABLED = true; ENABLED = true;
ARGS = gcArgs;
SCHEDULE = "@midnight"; SCHEDULE = "@midnight";
TIMEOUT = gcTimeout; TIMEOUT = gcTimeout;
ARGS = gcArgs;
}; };
"git" = {
GC_ARGS = gcArgs;
};
"git.timeout".GC = gcTimeout;
}; };
}; };
}; };

79
container/Hdd.nix
View file

@ -1,79 +0,0 @@
# ISSUE: Broken, can't read/write sda device.
{
container,
pkgs,
config,
lib,
...
}:
with lib;
let
cfg = config.container.module.hdd;
in
{
options = {
container.module.hdd = {
enable = mkEnableOption "Hdd health monitor.";
address = mkOption {
default = "10.1.0.10";
type = types.str;
};
port = mkOption {
default = 8080;
type = types.int;
};
domain = mkOption {
default = "hdd.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/hdd";
type = types.str;
};
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
containers.hdd = container.mkContainer cfg {
# bindMounts = let
# attachDrive = hostPath: {
# inherit hostPath;
# isReadOnly = false;
# };
# in {
# "/opt/scrutiny" = {
# hostPath = "${cfg.storage}/data";
# isReadOnly = false;
# };
# "/dev/sda" = attachDrive "/dev/sda";
# };
# allowedDevices = [
# {
# modifier = "rwm";
# node = "/dev/sda";
# }
# ];
# additionalCapabilities = [ "CAP_SYS_ADMIN" ];
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ smartmontools ];
services.scrutiny = {
enable = true;
settings.web = {
listen = {
host = cfg.address;
port = cfg.port;
};
};
};
};
};
};
}

48
container/Home.nix
View file

@ -1,52 +1,48 @@
{ {
__findFile,
config,
container, container,
lib,
pkgs, pkgs,
util, util,
lib,
config,
__findFile,
... ...
}@args: } @args: let
with lib;
let
cfg = config.container.module.home; cfg = config.container.module.home;
package = (pkgs.callPackage <package/homer> args); package = (pkgs.callPackage <package/homer> args);
in in {
{ options.container.module.home = {
options = { enable = lib.mkEnableOption "the dashboard.";
container.module.home = { address = lib.mkOption {
enable = mkEnableOption "Dashboard.";
address = mkOption {
default = "10.1.0.18"; default = "10.1.0.18";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 80; default = 80;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "home.${config.container.domain}"; default = "home.${config.container.domain}";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
containers.home = container.mkContainer cfg { containers.home = container.mkContainer cfg {
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: environment.systemPackages = [
container.mkContainerConfig cfg { package
environment.systemPackages = [ package ]; ];
systemd.packages = [ package ]; systemd.packages = [
package
];
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts.${cfg.domain} = container.mkServer { virtualHosts.${cfg.domain} = container.mkServer {
default = true; default = true;
root = "${package}"; root = "${package}";
locations = { locations = {
"/".extraConfig = '' "/".extraConfig = util.trimTabs ''
try_files $uri $uri/index.html; try_files $uri $uri/index.html;
''; '';
}; };

58
container/Iot.nix
View file

@ -1,39 +1,35 @@
{ {
config,
container, container,
lib, lib,
config,
pkgsStable,
... ...
}: }: let
with lib;
let
cfg = config.container.module.iot; cfg = config.container.module.iot;
in in {
{ options.container.module.iot = {
options = { enable = lib.mkEnableOption "IoT service.";
container.module.iot = { address = lib.mkOption {
enable = mkEnableOption "IoT service.";
address = mkOption {
default = "10.1.0.27"; default = "10.1.0.27";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8123; default = 8123;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "iot.${config.container.domain}"; default = "iot.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/iot"; default = "${config.container.storage}/iot";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.iot = container.mkContainer cfg { containers.iot = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -49,7 +45,9 @@ in
hostPath = "/dev/serial/by-id"; hostPath = "/dev/serial/by-id";
isReadOnly = false; isReadOnly = false;
}; };
} // container.attachMedia "photo" true; }
// container.attachMedia "photo" true
;
allowedDevices = [ allowedDevices = [
{ {
@ -58,9 +56,7 @@ in
} }
]; ];
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
# Allow Hass to talk to Zigbee dongle. # Allow Hass to talk to Zigbee dongle.
users.users.hass.extraGroups = [ users.users.hass.extraGroups = [
"dialout" "dialout"
@ -70,6 +66,9 @@ in
services.home-assistant = { services.home-assistant = {
# NOTE: Missing: hacs. Inside hacs: `card-mod`, `Clock Weather Card`, `WallPanel` and `Yandex.Station`. # NOTE: Missing: hacs. Inside hacs: `card-mod`, `Clock Weather Card`, `WallPanel` and `Yandex.Station`.
enable = true; enable = true;
# NOTE: Using imperative config because of secrets.
config = null;
configDir = "/var/lib/hass";
extraComponents = [ extraComponents = [
"caldav" "caldav"
"met" "met"
@ -93,25 +92,22 @@ in
numpy numpy
pymicro-vad pymicro-vad
pynacl pynacl
pyspeex-noise
python-telegram-bot python-telegram-bot
pyturbojpeg pyturbojpeg
pyspeex-noise
zeroconf zeroconf
]; ];
configDir = "/var/lib/hass";
# lovelaceConfig = { # lovelaceConfig = {
# title = "Home IoT control center."; # title = "Home IoT control center.";
# }; # };
# NOTE: Using imperative config because of secrets.
config = null;
}; };
# HACK: Delay so that nextcloud calendar can reply on reboot. # HACK: Delay so that nextcloud calendar can reply on reboot.
systemd = { systemd = {
services."home-assistant".wantedBy = mkForce [ ]; services."home-assistant".wantedBy = lib.mkForce [ ];
timers.fixsystemd = { timers.fixsystemd = {
timerConfig = { timerConfig = {
OnBootSec = 15; OnBootSec = 60;
Unit = "home-assistant.service"; Unit = "home-assistant.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];

62
container/Jobber.nix
View file

@ -1,37 +1,34 @@
{ {
__findFile,
config,
container, container,
lib,
pkgsJobber, pkgsJobber,
poetry2nixJobber, poetry2nixJobber,
lib,
config,
__findFile,
... ...
}: }: let
with lib;
let
cfg = config.container.module.jobber; cfg = config.container.module.jobber;
script = import <package/jobber> { script = import <package/jobber> {
poetry2nix = poetry2nixJobber;
pkgs = pkgsJobber; pkgs = pkgsJobber;
poetry2nix = poetry2nixJobber;
}; };
in in {
{ options.container.module.jobber = {
options = { enable = lib.mkEnableOption "Stanley - the button pusher.";
container.module.jobber = { address = lib.mkOption {
enable = mkEnableOption "Button pusher Stanley.";
address = mkOption {
default = "10.1.0.32"; default = "10.1.0.32";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/jobber"; default = "${config.container.storage}/jobber";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.jobber = container.mkContainer cfg { containers.jobber = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -43,34 +40,37 @@ in
enableTun = true; enableTun = true;
config = config = { ... }: let
{ lib, ... }: packages = [
let script
packages = ] ++ (with pkgsJobber; [
[ script ]
++ (with pkgsJobber; [
firefox firefox
geckodriver geckodriver
openvpn openvpn
python311 python311
]); ]);
in in container.mkContainerConfig cfg {
container.mkContainerConfig cfg { networking = lib.mkForce {
networking = lib.mkForce { nameservers = [ "10.30.218.2" ]; }; nameservers = [
"10.30.218.2"
];
};
systemd.services.jobber = { systemd.services.jobber = {
description = "My job is pushing the button."; description = "My job is pushing the button.";
enable = true; enable = true;
wantedBy = [ "multi-user.target" ];
path = packages; path = packages;
wantedBy = [
"multi-user.target"
];
environment = { environment = {
PYTHONUNBUFFERED = "1";
PYTHONDONTWRITEBYTECODE = "1"; PYTHONDONTWRITEBYTECODE = "1";
PYTHONUNBUFFERED = "1";
}; };
serviceConfig = { serviceConfig = {
Type = "simple";
ExecStart = "${script}/bin/jobber -u"; ExecStart = "${script}/bin/jobber -u";
Restart = "on-failure"; Restart = "on-failure";
Type = "simple";
}; };
}; };
}; };

148
container/Mail.nix
View file

@ -1,48 +1,39 @@
# Guide: https://nixos-mailserver.readthedocs.io/en/latest/setup-guide.html # Guide: https://nixos-mailserver.readthedocs.io/en/latest/setup-guide.html
{ {
config,
const,
container, container,
lib,
pkgs, pkgs,
util, util,
const,
lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.mail; cfg = config.container.module.mail;
domain = config.container.domain; domain = config.container.domain;
in in {
{ options.container.module.mail = {
options = { enable = lib.mkEnableOption "the email server.";
container.module.mail = { address = lib.mkOption {
enable = mkEnableOption "Email server.";
address = mkOption {
default = "10.1.0.5"; default = "10.1.0.5";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 80; default = 80;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "mail.${config.container.domain}"; default = "mail.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/mail"; default = "${config.container.storage}/mail";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
# "data/indices"
# "data/vmail"
# "data/sieve"
# "data/dkim"
]; ];
containers.mail = container.mkContainer cfg { containers.mail = container.mkContainer cfg {
@ -69,13 +60,11 @@ in
}; };
}; };
config = config = { config, ... }: container.mkContainerConfig cfg {
{ config, ... }:
container.mkContainerConfig cfg {
imports = [ imports = [
(builtins.fetchTarball { (builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz";
sha256 = "sha256:0clvw4622mqzk1aqw1qn6shl9pai097q62mq1ibzscnjayhp278b"; sha256 = "sha256:0clvw4622mqzk1aqw1qn6shl9pai097q62mq1ibzscnjayhp278b";
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz";
}) })
]; ];
@ -86,43 +75,45 @@ in
sendingFqdn = domain; sendingFqdn = domain;
# Use `mkpasswd -sm bcrypt`. # Use `mkpasswd -sm bcrypt`.
loginAccounts = loginAccounts = let
let
defaultQuota = "1G"; defaultQuota = "1G";
in in {
{
"admin@${domain}" = { "admin@${domain}" = {
name = "admin";
hashedPassword = "$2b$05$1O.dxXxaVshcBNybcqDRYuTlnYt3jDBwfPZWoDtP4BjOLoL0StYsi"; hashedPassword = "$2b$05$1O.dxXxaVshcBNybcqDRYuTlnYt3jDBwfPZWoDtP4BjOLoL0StYsi";
name = "admin";
quota = defaultQuota; quota = defaultQuota;
}; };
"account@${domain}" = { "account@${domain}" = {
name = "account";
hashedPassword = "$2b$05$sCyZHdk98KqQ1qsTIvbrUeRJlNBOwBqDgpdc1QxiSnONlEkZ8xGNO"; hashedPassword = "$2b$05$sCyZHdk98KqQ1qsTIvbrUeRJlNBOwBqDgpdc1QxiSnONlEkZ8xGNO";
name = "account";
quota = defaultQuota; quota = defaultQuota;
}; };
"hi@${domain}" = { "hi@${domain}" = {
name = "hi";
hashedPassword = "$2b$05$6fT5hIhzIasNfp9IQr/ds.5RuxH95VKU3QJWlX3hmrAzDF3mExanq"; hashedPassword = "$2b$05$6fT5hIhzIasNfp9IQr/ds.5RuxH95VKU3QJWlX3hmrAzDF3mExanq";
name = "hi";
quota = defaultQuota; quota = defaultQuota;
aliases = [ "voronind@${domain}" ]; aliases = [
"voronind@${domain}"
];
}; };
"job@${domain}" = { "job@${domain}" = {
name = "job";
hashedPassword = "$2b$05$.sUmv2.9EWPfLwJn/oZw2e1UbR7HrpNQ2THc5jjX3ysy7CY8ZWHUC"; hashedPassword = "$2b$05$.sUmv2.9EWPfLwJn/oZw2e1UbR7HrpNQ2THc5jjX3ysy7CY8ZWHUC";
name = "job";
quota = defaultQuota; quota = defaultQuota;
}; };
"trash@${domain}" = { "trash@${domain}" = {
name = "trash";
hashedPassword = "$2b$05$kn5ygZjN9NR3LXjnKKRw/.DXaZQNW.1XEottlCFIoKiDpIj.JGLJm"; hashedPassword = "$2b$05$kn5ygZjN9NR3LXjnKKRw/.DXaZQNW.1XEottlCFIoKiDpIj.JGLJm";
catchAll = [ domain ]; name = "trash";
quota = defaultQuota; quota = defaultQuota;
catchAll = [
domain
];
}; };
"noreply@${domain}" = { "noreply@${domain}" = {
name = "noreply";
hashedPassword = "$2b$05$TaKwoYmcmkAhsRRv6xG5wOkChcz50cB9BP6QPUDKNAcxMbrY6AeMK"; hashedPassword = "$2b$05$TaKwoYmcmkAhsRRv6xG5wOkChcz50cB9BP6QPUDKNAcxMbrY6AeMK";
sendOnly = true; name = "noreply";
quota = defaultQuota; quota = defaultQuota;
sendOnly = true;
}; };
}; };
@ -134,43 +125,30 @@ in
enableManageSieve = true; enableManageSieve = true;
virusScanning = false; virusScanning = false;
certificateFile = "/acme/live/${domain}/cert.pem";
certificateScheme = "manual"; certificateScheme = "manual";
keyFile = "/acme/live/${domain}/privkey.pem"; keyFile = "/acme/live/${domain}/privkey.pem";
certificateFile = "/acme/live/${domain}/cert.pem";
dkimKeyDirectory = "/var/dkim";
indexDir = "/var/lib/dovecot/indices"; indexDir = "/var/lib/dovecot/indices";
mailDirectory = "/var/vmail"; mailDirectory = "/var/vmail";
sieveDirectory = "/var/sieve"; sieveDirectory = "/var/sieve";
dkimKeyDirectory = "/var/dkim";
mailboxes = { mailboxes = let
All = { mkSpecialBox = specialUse: {
${specialUse} = {
inherit specialUse;
auto = "subscribe"; auto = "subscribe";
specialUse = "All";
};
Archive = {
auto = "subscribe";
specialUse = "Archive";
};
Drafts = {
auto = "subscribe";
specialUse = "Drafts";
};
Junk = {
auto = "subscribe";
specialUse = "Junk";
# autoexpunge = "3d";
};
Sent = {
auto = "subscribe";
specialUse = "Sent";
};
Trash = {
auto = "subscribe";
specialUse = "Trash";
# autoexpunge = "30d";
}; };
}; };
in builtins.foldl' (acc: box: acc // (mkSpecialBox box)) {} [
"All"
"Archive"
"Drafts"
"Junk"
"Sent"
"Trash"
];
dmarcReporting = { dmarcReporting = {
inherit domain; inherit domain;
@ -188,17 +166,15 @@ in
services = { services = {
roundcube = { roundcube = {
enable = true; enable = true;
hostName = cfg.domain;
dicts = with pkgs.aspellDicts; [ dicts = with pkgs.aspellDicts; [
en en
ru ru
]; ];
hostName = cfg.domain; plugins = [
plugins = [ "managesieve" ]; "managesieve"
extraConfig = '' ];
# starttls needed for authentication, so the fqdn required to match extraConfig = util.trimTabs ''
# the certificate
# $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
# $config['smtp_server'] = "tls://localhost";
$config['smtp_server'] = "localhost:25"; $config['smtp_server'] = "localhost:25";
$config['smtp_auth_type'] = null; $config['smtp_auth_type'] = null;
$config['smtp_user'] = ""; $config['smtp_user'] = "";
@ -208,20 +184,22 @@ in
''; '';
}; };
nginx = { nginx.virtualHosts.${cfg.domain} = {
virtualHosts.${cfg.domain} = {
forceSSL = false;
enableACME = false; enableACME = false;
}; forceSSL = false;
}; };
}; };
systemd = { systemd = {
services.autoexpunge = { services.autoexpunge = {
description = "Delete old mail"; description = "Delete old mail";
serviceConfig.Type = "oneshot"; serviceConfig = {
path = [ pkgs.dovecot ]; Type = "oneshot";
script = '' };
path = [
pkgs.dovecot
];
script = util.trimTabs ''
doveadm expunge -A mailbox Junk SENTBEFORE 7d doveadm expunge -A mailbox Junk SENTBEFORE 7d
doveadm expunge -A mailbox Trash SENTBEFORE 30d doveadm expunge -A mailbox Trash SENTBEFORE 30d
doveadm expunge -u trash@voronind.com mailbox Inbox SENTBEFORE 30d doveadm expunge -u trash@voronind.com mailbox Inbox SENTBEFORE 30d
@ -235,7 +213,9 @@ in
Persistent = true; Persistent = true;
Unit = "autoexpunge.service"; Unit = "autoexpunge.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [
"timers.target"
];
}; };
}; };
}; };

51
container/Office.nix
View file

@ -3,42 +3,39 @@
# 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS # 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS
# See https://git.voronind.com/voronind/nixos/issues/74 # See https://git.voronind.com/voronind/nixos/issues/74
{ {
config,
container, container,
lib,
pkgs, pkgs,
util, util,
lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.office; cfg = config.container.module.office;
in in {
{ options.container.module.office = {
options = { enable = lib.mkEnableOption "the office web suite.";
container.module.office = { address = lib.mkOption {
enable = mkEnableOption "Office web suite.";
address = mkOption {
default = "10.1.0.21"; default = "10.1.0.21";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8000; default = 8000;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "office.${config.container.domain}"; default = "office.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/office"; default = "${config.container.storage}/office";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.office = container.mkContainer cfg { containers.office = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -49,9 +46,7 @@ in
}; };
# HACK: Temporarely run in docker due to https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/931 # HACK: Temporarely run in docker due to https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/931
config = config = { pkgs, ... }: container.mkContainerConfig cfg {
{ pkgs, ... }:
container.mkContainerConfig cfg {
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers.office = { virtualisation.oci-containers.containers.office = {
autoStart = true; autoStart = true;
@ -62,14 +57,14 @@ in
"--privileged" "--privileged"
]; ];
environment = { environment = {
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
AMQP_URI = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}"; AMQP_URI = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}";
DB_HOST = config.container.module.postgres.address; DB_HOST = config.container.module.postgres.address;
DB_PORT = toString config.container.module.postgres.port;
DB_NAME = "onlyoffice"; DB_NAME = "onlyoffice";
DB_USER = "onlyoffice"; DB_PORT = toString config.container.module.postgres.port;
DB_PWD = "onlyoffice"; DB_PWD = "onlyoffice";
DB_USER = "onlyoffice";
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
}; };
}; };
}; };

75
container/Paper.nix
View file

@ -1,40 +1,36 @@
{ {
container,
pkgs,
pkgsStable,
lib,
config, config,
container,
lib,
pkgs,
... ...
}: }: let
with lib;
let
cfg = config.container.module.paper; cfg = config.container.module.paper;
in in {
{ options.container.module.paper = {
options = { enable = lib.mkEnableOption "the paper scans manager.";
container.module.paper = { address = lib.mkOption {
enable = mkEnableOption "Paper scans manager.";
address = mkOption {
default = "10.1.0.40"; default = "10.1.0.40";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 28981; default = 28981;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "paper.${config.container.domain}"; default = "paper.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/paper"; default = "${config.container.storage}/paper";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.paper = container.mkContainer cfg { containers.paper = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -43,34 +39,29 @@ in
isReadOnly = false; isReadOnly = false;
}; };
"/var/lib/paperless/media" = { "/var/lib/paperless/media" = {
hostPath = "${elemAt config.container.media.paper 0}"; hostPath = "${lib.elemAt config.container.media.paper 0}";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ lib, ... }:
container.mkContainerConfig cfg {
services.paperless = { services.paperless = {
enable = true; enable = true;
dataDir = "/var/lib/paperless";
# address = cfg.domain;
address = "0.0.0.0"; address = "0.0.0.0";
dataDir = "/var/lib/paperless";
port = cfg.port; port = cfg.port;
# ISSUE: https://github.com/NixOS/nixpkgs/issues/322596 passwordFile = pkgs.writeText "PaperlessPassword" "root"; # NOTE: Only for initial setup, change later.
# package = pkgsStable.paperless-ngx;
passwordFile = pkgs.writeText "PaperlessPassword" "root";
settings = { settings = {
PAPERLESS_URL = "https://${cfg.domain}";
PAPERLESS_ADMIN_USER = "root"; PAPERLESS_ADMIN_USER = "root";
PAPERLESS_DBHOST = config.container.module.postgres.address;
PAPERLESS_DBENGINE = "postgresql"; PAPERLESS_DBENGINE = "postgresql";
PAPERLESS_DBHOST = config.container.module.postgres.address;
PAPERLESS_DBNAME = "paperless"; PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBPASS = "paperless"; PAPERLESS_DBPASS = "paperless";
PAPERLESS_DBPORT = config.container.module.postgres.port; PAPERLESS_DBPORT = config.container.module.postgres.port;
PAPERLESS_DBUSER = "paperless"; PAPERLESS_DBUSER = "paperless";
PAPERLESS_OCR_LANGUAGE = "rus"; PAPERLESS_OCR_LANGUAGE = "rus";
PAPERLESS_REDIS = "redis://${config.container.module.redis.address}:${toString config.container.module.redis.port}"; PAPERLESS_REDIS = "redis://${config.container.module.redis.address}:${toString config.container.module.redis.port}";
PAPERLESS_URL = "https://${cfg.domain}";
}; };
}; };
@ -78,18 +69,18 @@ in
systemd = { systemd = {
services = { services = {
paperless-scheduler = { paperless-scheduler = {
serviceConfig.PrivateNetwork = mkForce false; serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = mkForce [ ]; wantedBy = lib.mkForce [ ];
}; };
paperless-consumer = { paperless-consumer = {
serviceConfig.PrivateNetwork = mkForce false; serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = mkForce [ ]; wantedBy = lib.mkForce [ ];
}; };
paperless-web = { paperless-web = {
wantedBy = mkForce [ ]; wantedBy = lib.mkForce [ ];
}; };
paperless-task-queue = { paperless-task-queue = {
wantedBy = mkForce [ ]; wantedBy = lib.mkForce [ ];
}; };
}; };
timers.fixsystemd = { timers.fixsystemd = {
@ -97,7 +88,9 @@ in
OnBootSec = 5; OnBootSec = 5;
Unit = "paperless-web.service"; Unit = "paperless-web.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [
"timers.target"
];
}; };
}; };
}; };

46
container/Pass.nix
View file

@ -1,38 +1,35 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.pass; cfg = config.container.module.pass;
in in {
{ options.container.module.pass = {
options = { enable = lib.mkEnableOption "the password manager.";
container.module.pass = { address = lib.mkOption {
enable = mkEnableOption "Password manager";
address = mkOption {
default = "10.1.0.9"; default = "10.1.0.9";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8000; default = 8000;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "pass.${config.container.domain}"; default = "pass.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/pass"; default = "${config.container.storage}/pass";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.pass = container.mkContainer cfg { containers.pass = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -42,21 +39,18 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
dbBackend = "sqlite"; dbBackend = "sqlite";
environmentFile = "/var/lib/bitwarden_rs/Env"; environmentFile = "/var/lib/bitwarden_rs/Env";
config = { config = {
# DATABASE_URL = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden";
DATA_FOLDER = "/var/lib/bitwarden_rs"; DATA_FOLDER = "/var/lib/bitwarden_rs";
DOMAIN = "http://${cfg.domain}"; DOMAIN = "http://${cfg.domain}";
SIGNUPS_ALLOWED = false;
WEB_VAULT_ENABLED = true;
ROCKET_ADDRESS = cfg.address; ROCKET_ADDRESS = cfg.address;
ROCKET_PORT = cfg.port; ROCKET_PORT = cfg.port;
SIGNUPS_ALLOWED = false;
WEB_VAULT_ENABLED = true;
}; };
}; };
}; };

98
container/Paste.nix
View file

@ -1,45 +1,41 @@
{ {
pkgs, __findFile,
config,
container, container,
lib, lib,
config, pkgs,
__findFile, util,
... ...
}@args: } @args: let
with lib;
let
cfg = config.container.module.paste; cfg = config.container.module.paste;
package = (pkgs.callPackage <package/privatebin> args); package = (pkgs.callPackage <package/privatebin> args);
in in {
{ options.container.module.paste = {
options = { enable = lib.mkEnableOption "the text share platform.";
container.module.paste = { address = lib.mkOption {
enable = mkEnableOption "Pastebin.";
address = mkOption {
default = "10.1.0.14"; default = "10.1.0.14";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 80; default = 80;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "paste.${config.container.domain}"; default = "paste.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/paste"; default = "${config.container.storage}/paste";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
"tmp"
"nginxtmp"
"config" "config"
"data"
"nginxtmp"
"tmp"
]; ];
containers.paste = container.mkContainer cfg { containers.paste = container.mkContainer cfg {
@ -62,72 +58,71 @@ in
}; };
}; };
config = config = { config, ... }: container.mkContainerConfig cfg {
{ config, ... }: environment.systemPackages = [
container.mkContainerConfig cfg { package
environment.systemPackages = [ package ]; ];
systemd.packages = [ package ]; systemd.packages = [
package
];
users.users.paste = { users.users.paste = {
group = "nginx"; group = "nginx";
isSystemUser = true; isSystemUser = true;
}; };
services.phpfpm.pools.paste = { services = {
user = "paste"; phpfpm.pools.paste = {
group = "nginx"; group = "nginx";
user = "paste";
phpPackage = pkgs.php; phpPackage = pkgs.php;
settings = { settings = {
"pm" = "dynamic";
"php_admin_value[error_log]" = "stderr";
"php_admin_flag[log_errors]" = true;
"listen.owner" = "nginx";
"catch_workers_output" = true; "catch_workers_output" = true;
"listen.owner" = "nginx";
"php_admin_flag[log_errors]" = true;
"php_admin_value[error_log]" = "stderr";
"pm" = "dynamic";
"pm.max_children" = "32"; "pm.max_children" = "32";
"pm.start_servers" = "2";
"pm.min_spare_servers" = "2";
"pm.max_spare_servers" = "4";
"pm.max_requests" = "500"; "pm.max_requests" = "500";
"pm.max_spare_servers" = "4";
"pm.min_spare_servers" = "2";
"pm.start_servers" = "2";
}; };
phpEnv = { phpEnv = {
# CONFIG_PATH = "${package}/cfg"; # CONFIG_PATH = "${package}/cfg"; # NOTE: Not working?
}; };
}; };
services.nginx = { nginx = {
enable = true; enable = true;
virtualHosts.${cfg.domain} = container.mkServer { virtualHosts.${cfg.domain} = container.mkServer {
default = true; default = true;
root = "${package}"; root = "${package}";
locations = { locations = {
"/".extraConfig = '' "/".extraConfig = util.trimTabs ''
rewrite ^ /index.php; rewrite ^ /index.php;
''; '';
"~ \\.php$".extraConfig = '' "~ \\.php$".extraConfig = util.trimTabs ''
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.paste.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.paste.socket};
include ${config.services.nginx.package}/conf/fastcgi.conf; include ${config.services.nginx.package}/conf/fastcgi.conf;
include ${config.services.nginx.package}/conf/fastcgi_params; include ${config.services.nginx.package}/conf/fastcgi_params;
''; '';
"~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = '' "~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = util.trimTabs ''
add_header Cache-Control "public, max-age=15778463"; add_header Cache-Control "public, max-age=15778463";
add_header Referrer-Policy no-referrer;
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer; add_header X-Robots-Tag none;
add_header X-XSS-Protection "1; mode=block";
access_log off; access_log off;
''; '';
}; };
extraConfig = '' extraConfig = util.trimTabs ''
try_files $uri /index.php; try_files $uri /index.php;
''; '';
}; };
@ -135,4 +130,5 @@ in
}; };
}; };
}; };
};
} }

75
container/Postgres.nix
View file

@ -1,35 +1,32 @@
{ {
config,
container, container,
lib, lib,
pkgs, pkgs,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.postgres; cfg = config.container.module.postgres;
in in {
{ options.container.module.postgres = {
options = { enable = lib.mkEnableOption "the PostgreSQL server.";
container.module.postgres = { address = lib.mkOption {
enable = mkEnableOption "Postgresql server.";
address = mkOption {
default = "10.1.0.3"; default = "10.1.0.3";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 5432; default = 5432;
type = types.int; type = lib.types.int;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/postgres"; default = "${config.container.storage}/postgres";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.postgres = container.mkContainer cfg { containers.postgres = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -39,11 +36,8 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: services.postgresql = let
container.mkContainerConfig cfg {
services.postgresql =
let
# Populate with services here. # Populate with services here.
configurations = with config.container.module; { configurations = with config.container.module; {
forgejo = git; forgejo = git;
@ -56,38 +50,35 @@ in
}; };
access = configurations // { access = configurations // {
all = { all.address = config.container.host;
address = config.container.host;
};
}; };
authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" ( authentication = let
mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access rules = lib.mapAttrsToList (db: cfg:
); "host ${db} ${db} ${cfg.address}/32 trust"
) access;
in builtins.foldl' (acc: item: acc + "${item}\n") "" rules;
ensureDatabases = [ "root" ] ++ mapAttrsToList (name: _: name) configurations; ensureDatabases = [
"root"
] ++ lib.mapAttrsToList (name: _: name) configurations;
ensureUsers = map (name: { ensureUsers = map (name: {
inherit name; inherit name;
ensureClauses =
if name == "root" then
{
superuser = true;
createrole = true;
createdb = true;
}
else
{ };
ensureDBOwnership = true; ensureDBOwnership = true;
ensureClauses = if name == "root" then {
createdb = true;
createrole = true;
superuser = true;
} else { };
}) ensureDatabases; }) ensureDatabases;
in in {
{
inherit authentication ensureDatabases ensureUsers; inherit authentication ensureDatabases ensureUsers;
enable = true; enable = true;
package = pkgs.postgresql_14;
dataDir = "/var/lib/postgresql/data/14"; dataDir = "/var/lib/postgresql/data/14";
enableTCPIP = true; enableTCPIP = true;
package = pkgs.postgresql_14;
# NOTE: Debug mode. # NOTE: Debug mode.
# settings = { # settings = {

52
container/Print.nix
View file

@ -1,46 +1,42 @@
# NOTE: Login to contaier, run passwd and use that root/pw combo for administration. `AllowFrom = all` doesn't seem to work. # NOTE: Login to contaier, run passwd and use that root/pw combo for administration. `AllowFrom = all` doesn't seem to work.
# ipp://192.168.2.237 # ipp://192.168.2.237
# Pantum M6500W-Series # Pantum M6500W-Series
{ {
container,
pkgs,
lib,
config,
__findFile, __findFile,
config,
container,
lib,
pkgs,
... ...
}@args: } @args: let
with lib;
let
cfg = config.container.module.print; cfg = config.container.module.print;
package = pkgs.callPackage <package/print> args;
host = config.container.host; host = config.container.host;
in package = pkgs.callPackage <package/print> args;
{ in {
options = { options.container.module.print = {
container.module.print = { enable = lib.mkEnableOption "the printing server.";
enable = mkEnableOption "Printing server."; address = lib.mkOption {
address = mkOption {
default = "10.1.0.46"; default = "10.1.0.46";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 631; default = 631;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "print.${config.container.domain}"; default = "print.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/print"; default = "${config.container.storage}/print";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.print = container.mkContainer cfg { containers.print = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -50,12 +46,10 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
networking.interfaces."eth0".ipv4.routes = [ networking.interfaces."eth0".ipv4.routes = [
{ {
address = "192.168.2.237"; address = "192.168.2.237"; # NOTE: Printer's IP address.
prefixLength = 32; prefixLength = 32;
via = host; via = host;
} }

52
container/Proxy.nix
View file

@ -10,38 +10,33 @@
# ``` # ```
# For certbot to generate new keys: `certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.voronind.com" -d voronind.com` # For certbot to generate new keys: `certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.voronind.com" -d voronind.com`
{ {
util,
container,
pkgs,
lib,
config, config,
container,
lib,
pkgs,
util,
... ...
}@args: } @args: let
with lib;
let
cfg = config.container.module.proxy; cfg = config.container.module.proxy;
virtualHosts = util.catSet (util.ls ./proxy/host) args; virtualHosts = util.catSet (util.ls ./proxy/host) args;
in in {
{ options.container.module.proxy = {
options = { enable = lib.mkEnableOption "the proxy server.";
container.module.proxy = { address = lib.mkOption {
enable = mkEnableOption "Proxy server.";
address = mkOption {
default = "10.1.0.2"; default = "10.1.0.2";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 443; default = 443;
type = types.int; type = lib.types.int;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/proxy"; default = "${config.container.storage}/proxy";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"challenge" "challenge"
"letsencrypt" "letsencrypt"
@ -59,25 +54,24 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: environment.systemPackages = with pkgs; [
container.mkContainerConfig cfg { certbot
environment.systemPackages = with pkgs; [ certbot ]; ];
services.nginx = { services.nginx = {
inherit virtualHosts; inherit virtualHosts;
enable = true; enable = true;
clientMaxBodySize = "4096m";
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedProxySettings = true; recommendedProxySettings = true;
clientMaxBodySize = "4096m"; appendConfig = util.trimTabs ''
appendConfig = ''
worker_processes 4; worker_processes 4;
''; '';
eventsConfig = '' eventsConfig = util.trimTabs ''
worker_connections 4096; worker_connections 4096;
''; '';
appendHttpConfig = '' appendHttpConfig = util.trimTabs ''
proxy_max_temp_file_size 0; proxy_max_temp_file_size 0;
proxy_buffering off; proxy_buffering off;

41
container/Rabbitmq.nix
View file

@ -1,36 +1,33 @@
{ {
config,
container, container,
lib,
pkgs, pkgs,
util, util,
lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.rabbitmq; cfg = config.container.module.rabbitmq;
in in {
{ options.container.module.rabbitmq = {
options = { enable = lib.mkEnableOption "the mqtt server.";
container.module.rabbitmq = { address = lib.mkOption {
enable = mkEnableOption "Mqtt server.";
address = mkOption {
default = "10.1.0.28"; default = "10.1.0.28";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 5672; default = 5672;
type = types.int; type = lib.types.int;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/rabbitmq"; default = "${config.container.storage}/rabbitmq";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.rabbitmq = container.mkContainer cfg { containers.rabbitmq = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -40,14 +37,12 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.rabbitmq = { services.rabbitmq = {
enable = true; enable = true;
dataDir = "/var/lib/rabbitmq";
listenAddress = cfg.address; listenAddress = cfg.address;
port = cfg.port; port = cfg.port;
dataDir = "/var/lib/rabbitmq";
configItems = { configItems = {
"loopback_users" = "none"; "loopback_users" = "none";
}; };

46
container/Read.nix
View file

@ -1,39 +1,36 @@
{ {
config,
container, container,
lib, lib,
pkgs, pkgs,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.read; cfg = config.container.module.read;
in in {
{ options.container.module.read = {
options = { enable = lib.mkEnableOption "the reading server.";
container.module.read = { address = lib.mkOption {
enable = mkEnableOption "Reading server.";
address = mkOption {
default = "10.1.0.39"; default = "10.1.0.39";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 5000; default = 5000;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "read.${config.container.domain}"; default = "read.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/read"; default = "${config.container.storage}/read";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.read = container.mkContainer cfg { containers.read = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -41,11 +38,12 @@ in
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
} // container.attachMedia "book" true // container.attachMedia "manga" true; }
// container.attachMedia "book" true
// container.attachMedia "manga" true
;
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.kavita = { services.kavita = {
enable = true; enable = true;
dataDir = "/var/lib/kavita"; dataDir = "/var/lib/kavita";

37
container/Redis.nix
View file

@ -1,40 +1,33 @@
{ {
container,
pkgs,
util,
lib,
config, config,
container,
lib,
... ...
}: }: let
with lib;
let
cfg = config.container.module.redis; cfg = config.container.module.redis;
in in {
{ options.container.module.redis = {
options = { enable = lib.mkEnableOption "the Redis server.";
container.module.redis = { address = lib.mkOption {
enable = mkEnableOption "Redis server.";
address = mkOption {
default = "10.1.0.38"; default = "10.1.0.38";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 6379; default = 6379;
type = types.int; type = lib.types.int;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
containers.redis = container.mkContainer cfg { containers.redis = container.mkContainer cfg {
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.redis.servers.main = { services.redis.servers.main = {
enable = true; enable = true;
port = cfg.port; port = cfg.port;
bind = cfg.address; bind = cfg.address;
extraParams = [ "--protected-mode no" ]; extraParams = [
"--protected-mode no"
];
}; };
}; };
}; };

87
container/Search.nix
View file

@ -1,42 +1,35 @@
{ {
container,
pkgs,
lib,
config, config,
container,
lib,
pkgs,
... ...
}: }: let
with lib;
let
cfg = config.container.module.search; cfg = config.container.module.search;
in in {
{ options.container.module.search = {
options = { enable = lib.mkEnableOption "the search frontend.";
container.module.search = { address = lib.mkOption {
enable = mkEnableOption "Search frontend.";
address = mkOption {
default = "10.1.0.26"; default = "10.1.0.26";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8080; default = 8080;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "search.${config.container.domain}"; default = "search.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/search"; default = "${config.container.storage}/search";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
containers.search = container.mkContainer cfg { containers.search = container.mkContainer cfg {
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.searx = { services.searx = {
enable = true; enable = true;
package = pkgs.searxng; package = pkgs.searxng;
@ -44,38 +37,38 @@ in
settings = { settings = {
general = { general = {
debug = false; debug = false;
instance_name = "SearX";
enable_metrics = false; enable_metrics = false;
instance_name = "SearX";
}; };
server = { server = {
bind_address = cfg.address; bind_address = cfg.address;
port = cfg.port;
secret_key = "searxxx";
limiter = false;
public_instance = false;
image_proxy = false; image_proxy = false;
limiter = false;
method = "GET"; method = "GET";
port = cfg.port;
public_instance = false;
secret_key = "searxxx";
}; };
search = { search = {
safe_search = 0;
autocomplete = ""; autocomplete = "";
autocomplete_min = 4; autocomplete_min = 4;
default_lang = "auto"; default_lang = "auto";
safe_search = 0;
}; };
ui = { ui = {
infinite_scroll = false;
default_theme = "simple";
center_alignment = false; center_alignment = false;
default_locale = ""; default_locale = "";
simple_style = "dark"; default_theme = "simple";
hotkeys = "vim"; hotkeys = "vim";
infinite_scroll = false;
simple_style = "dark";
}; };
outgoing = { outgoing = {
request_timeout = 3.0; enable_http2 = true;
max_request_timeout = 10.0; max_request_timeout = 10.0;
pool_connections = 100; pool_connections = 100;
pool_maxsize = 20; pool_maxsize = 20;
enable_http2 = true; request_timeout = 3.0;
# proxies = { # proxies = {
# "all://" = with config.container.module; [ # "all://" = with config.container.module; [
# # "socks5:${frkn.address}:${frkn.port}" # # "socks5:${frkn.address}:${frkn.port}"
@ -89,13 +82,13 @@ in
# plugins = [ ]; # plugins = [ ];
enabled_plugins = [ enabled_plugins = [
"Basic Calculator" "Basic Calculator"
"Tracker URL remover"
"Hostnames plugin" "Hostnames plugin"
"Tracker URL remover"
]; ];
hostnames = { hostnames = {
replace = with config.container.module; { replace = with config.container.module; {
"(.*\.)?youtube\.com$" = yt.domain;
"(.*\.)?youtu\.be$" = yt.domain; "(.*\.)?youtu\.be$" = yt.domain;
"(.*\.)?youtube\.com$" = yt.domain;
}; };
remove = [ remove = [
"(.*\.)?dzen\.ru?$" "(.*\.)?dzen\.ru?$"
@ -109,19 +102,22 @@ in
"(.*\.)?google(\..*)?$" "(.*\.)?google(\..*)?$"
"(.*\.)?microsoft\.com?$" "(.*\.)?microsoft\.com?$"
]; ];
high_priority = [ "(.*\.)?wikipedia.org$" ]; high_priority = [
"(.*\.)?4pda.to$"
"(.*\.)?github.com$"
"(.*\.)?wikipedia.org$"
];
}; };
categories_as_tabs = { categories_as_tabs = {
files = { };
general = { }; general = { };
images = { }; images = { };
videos = { };
news = { };
map = { };
it = { }; it = { };
files = { }; map = { };
news = { };
videos = { };
}; };
engines = engines = let
let
mkEnable = name: { mkEnable = name: {
inherit name; inherit name;
disabled = false; disabled = false;
@ -130,8 +126,7 @@ in
inherit name; inherit name;
disabled = true; disabled = true;
}; };
in in [
[
(mkEnable "bing") (mkEnable "bing")
(mkDisable "qwant") (mkDisable "qwant")
]; ];

49
container/Status.nix
View file

@ -1,38 +1,35 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.status; cfg = config.container.module.status;
in in {
{ options.container.module.status = {
options = { enable = lib.mkEnableOption "the status monitor.";
container.module.status = { address = lib.mkOption {
enable = mkEnableOption "Status monitor.";
address = mkOption {
default = "10.1.0.22"; default = "10.1.0.22";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 3001; default = 3001;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "status.${config.container.domain}"; default = "status.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/status"; default = "${config.container.storage}/status";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.status = container.mkContainer cfg { containers.status = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -42,11 +39,11 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ lib, ... }:
container.mkContainerConfig cfg {
networking = { networking = {
nameservers = mkForce [ config.container.module.dns.address ]; nameservers = lib.mkForce [
config.container.module.dns.address
];
}; };
services.uptime-kuma = { services.uptime-kuma = {
@ -59,7 +56,9 @@ in
}; };
systemd.services.uptime-kuma = { systemd.services.uptime-kuma = {
serviceConfig.DynamicUser = mkForce false; serviceConfig = {
DynamicUser = lib.mkForce false;
};
}; };
}; };
}; };

45
container/Stock.nix
View file

@ -1,38 +1,35 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.stock; cfg = config.container.module.stock;
in in {
{ options.container.module.stock = {
options = { enable = lib.mkEnableOption "the stock management.";
container.module.stock = { address = lib.mkOption {
enable = mkEnableOption "Stock management.";
address = mkOption {
default = "10.1.0.45"; default = "10.1.0.45";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 80; default = 80;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "stock.${config.container.domain}"; default = "stock.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/stock"; default = "${config.container.storage}/stock";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ]; systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.stock = container.mkContainer cfg { containers.stock = container.mkContainer cfg {
bindMounts = { bindMounts = {
@ -42,14 +39,14 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.grocy = { services.grocy = {
enable = true; enable = true;
dataDir = "/var/lib/grocy"; dataDir = "/var/lib/grocy";
hostName = cfg.domain; hostName = cfg.domain;
nginx.enableSSL = false; nginx = {
enableSSL = false;
};
settings = { settings = {
calendar = { calendar = {
firstDayOfWeek = 1; firstDayOfWeek = 1;

64
container/Vpn.nix
View file

@ -1,50 +1,45 @@
{ {
container,
pkgs,
lib,
config, config,
container,
lib,
pkgs,
... ...
}: }: let
with lib;
let
cfg = config.container.module.vpn; cfg = config.container.module.vpn;
wireguardPeers = wireguardPeers = let
let
mkPeer = name: ip: PublicKey: { mkPeer = name: ip: PublicKey: {
inherit PublicKey; inherit PublicKey;
PresharedKeyFile = "/var/lib/wireguard/preshared/${name}"; PresharedKeyFile = "/var/lib/wireguard/preshared/${name}";
AllowedIPs = [ "${ip}/32" ]; AllowedIPs = [
"${ip}/32"
];
}; };
in in [
[
(mkPeer "dashaphone" "10.1.1.3" "O/3y8+QKEY8UoLVlmbc8xdhs248L4wtQcl1MsBBfoQo=") (mkPeer "dashaphone" "10.1.1.3" "O/3y8+QKEY8UoLVlmbc8xdhs248L4wtQcl1MsBBfoQo=")
(mkPeer "laptop" "10.1.1.9" "xxoCNPSB86zs8L8p+wXhqaIwpNDkiZu1Yjv8sj8XhgY=") (mkPeer "laptop" "10.1.1.9" "xxoCNPSB86zs8L8p+wXhqaIwpNDkiZu1Yjv8sj8XhgY=")
(mkPeer "phone" "10.1.1.5" "bFmFisMqbDpIrAg3o/GiRl9XhceZEVnZtkegZDTL4yg=") (mkPeer "phone" "10.1.1.5" "bFmFisMqbDpIrAg3o/GiRl9XhceZEVnZtkegZDTL4yg=")
(mkPeer "tablet" "10.1.1.6" "BdslswVc9OgUpEhJd0sugDBmYw44DiS0FbUPT5EjOG0=") (mkPeer "tablet" "10.1.1.6" "BdslswVc9OgUpEhJd0sugDBmYw44DiS0FbUPT5EjOG0=")
(mkPeer "work" "10.1.1.2" "Pk0AASSInKO9O8RaQEmm1uNrl0cwWTJDcT8rLn7PSA0=") (mkPeer "work" "10.1.1.2" "Pk0AASSInKO9O8RaQEmm1uNrl0cwWTJDcT8rLn7PSA0=")
]; ];
in in {
{ options.container.module.vpn = {
options = { enable = lib.mkEnableOption "the vpn server.";
container.module.vpn = { address = lib.mkOption {
enable = mkEnableOption "Vpn server.";
address = mkOption {
default = "10.1.0.23"; default = "10.1.0.23";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 51820; default = 51820;
type = types.int; type = lib.types.int;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/vpn"; default = "${config.container.storage}/vpn";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
"data/preshared" "data/preshared"
@ -58,39 +53,40 @@ in
}; };
}; };
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: networking.useNetworkd = true;
container.mkContainerConfig cfg {
boot.kernel.sysctl = { boot.kernel.sysctl = {
"net.ipv4.conf.all.src_valid_mark" = 1; "net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1; "net.ipv4.ip_forward" = 1;
}; };
environment.systemPackages = with pkgs; [
environment.systemPackages = with pkgs; [ wireguard-tools ]; wireguard-tools
networking.useNetworkd = true; ];
systemd.network = { systemd.network = {
enable = true; enable = true;
netdevs = { netdevs = {
"50-wg0" = { "50-wg0" = {
inherit wireguardPeers;
netdevConfig = { netdevConfig = {
Kind = "wireguard"; Kind = "wireguard";
MTUBytes = "1300"; MTUBytes = "1300";
Name = "wg0"; Name = "wg0";
}; };
wireguardConfig = { wireguardConfig = {
PrivateKeyFile = "/var/lib/wireguard/privkey";
ListenPort = cfg.port; ListenPort = cfg.port;
PrivateKeyFile = "/var/lib/wireguard/privkey";
}; };
inherit wireguardPeers;
}; };
}; };
networks.wg0 = { networks.wg0 = {
matchConfig.Name = "wg0"; matchConfig.Name = "wg0";
address = [ "10.1.1.0/24" ]; address = [
"10.1.1.0/24"
];
networkConfig = { networkConfig = {
IPv4Forwarding = "yes";
IPMasquerade = "ipv4"; IPMasquerade = "ipv4";
IPv4Forwarding = "yes";
}; };
}; };
}; };

61
container/Watch.nix
View file

@ -1,49 +1,43 @@
{ {
config,
container, container,
lib, lib,
config,
... ...
}: }: let
with lib;
let
cfg = config.container.module.watch; cfg = config.container.module.watch;
in in {
{ options.container.module.watch = {
options = { enable = lib.mkEnableOption "the media server.";
container.module.watch = { address = lib.mkOption {
enable = mkEnableOption "Media server.";
address = mkOption {
default = "10.1.0.11"; default = "10.1.0.11";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 8096; default = 8096;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "watch.${config.container.domain}"; default = "watch.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/watch"; default = "${config.container.storage}/watch";
type = types.str; type = lib.types.str;
}; };
memLimit = mkOption { memLimit = lib.mkOption {
default = "8G"; default = "8G";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
"cache" "cache"
"data"
]; ];
containers.watch = container.mkContainer cfg { containers.watch = container.mkContainer cfg {
bindMounts = bindMounts = {
{
"/var/lib/jellyfin" = { "/var/lib/jellyfin" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
@ -66,7 +60,8 @@ in
// container.attachMedia "show" true // container.attachMedia "show" true
// container.attachMedia "study" true // container.attachMedia "study" true
// container.attachMedia "work" true // container.attachMedia "work" true
// container.attachMedia "youtube" true; // container.attachMedia "youtube" true
;
allowedDevices = [ allowedDevices = [
{ {
@ -75,21 +70,17 @@ in
} }
]; ];
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }: systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit;
container.mkContainerConfig cfg {
# users.users.jellyfin.extraGroups = [
# "video"
# "render"
# ];
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
cacheDir = "/var/cache/jellyfin"; cacheDir = "/var/cache/jellyfin";
dataDir = "/var/lib/jellyfin"; dataDir = "/var/lib/jellyfin";
}; };
# users.users.jellyfin.extraGroups = [
systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit; # "video"
# "render"
# ];
}; };
}; };
}; };

51
container/Yt.nix
View file

@ -1,61 +1,56 @@
{ {
container,
pkgs,
lib,
config,
__findFile, __findFile,
config,
container,
lib,
pkgs,
... ...
}: }: let
with lib;
let
cfg = config.container.module.yt; cfg = config.container.module.yt;
in in {
{ options.container.module.yt = {
options = { enable = lib.mkEnableOption "the YouTube frontend.";
container.module.yt = { address = lib.mkOption {
enable = mkEnableOption "YouTube frontend.";
address = mkOption {
default = "10.1.0.19"; default = "10.1.0.19";
type = types.str; type = lib.types.str;
}; };
port = mkOption { port = lib.mkOption {
default = 3000; default = 3000;
type = types.int; type = lib.types.int;
}; };
domain = mkOption { domain = lib.mkOption {
default = "yt.${config.container.domain}"; default = "yt.${config.container.domain}";
type = types.str; type = lib.types.str;
}; };
storage = mkOption { storage = lib.mkOption {
default = "${config.container.storage}/yt"; default = "${config.container.storage}/yt";
type = types.str; type = lib.types.str;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
containers.yt = container.mkContainer cfg { containers.yt = container.mkContainer cfg {
config = config = { ... }: container.mkContainerConfig cfg {
{ ... }:
container.mkContainerConfig cfg {
services.invidious = { services.invidious = {
enable = true; enable = true;
domain = cfg.domain; domain = cfg.domain;
port = cfg.port; port = cfg.port;
nginx.enable = false; nginx.enable = false;
database = { database = {
port = config.container.module.postgres.port;
host = config.container.module.postgres.address; host = config.container.module.postgres.address;
port = config.container.module.postgres.port;
createLocally = false; createLocally = false;
passwordFile = "${pkgs.writeText "InvidiousDbPassword" "invidious"}"; passwordFile = "${pkgs.writeText "InvidiousDbPassword" "invidious"}";
}; };
settings = { settings = {
admins = [ "root" ];
captcha_enabled = false; captcha_enabled = false;
check_tables = true; check_tables = true;
registration_enabled = false;
external_port = 443; external_port = 443;
https_only = true; https_only = true;
registration_enabled = false;
admins = [
"root"
];
}; };
}; };
}; };

62
container/default.nix
View file

@ -1,61 +1,57 @@
{ lib, config, ... }:
with lib;
let
cfg = config.container;
in
{ {
options = { config,
container = { lib,
enable = mkEnableOption "Containers!!"; ...
}: let
autoStart = mkOption { cfg = config.container;
in {
options.container = {
enable = lib.mkEnableOption "Containers!!";
autoStart = lib.mkOption {
default = false; default = false;
type = types.bool; type = lib.types.bool;
}; };
host = lib.mkOption {
host = mkOption {
default = "0.0.0.0"; default = "0.0.0.0";
type = types.str; type = lib.types.str;
}; };
localAccess = lib.mkOption {
localAccess = mkOption {
default = "0.0.0.0"; default = "0.0.0.0";
type = types.str; type = lib.types.str;
}; };
storage = lib.mkOption {
storage = mkOption {
default = "/tmp/container"; default = "/tmp/container";
type = types.str; type = lib.types.str;
}; };
domain = lib.mkOption {
domain = mkOption {
default = "local"; default = "local";
type = types.str; type = lib.types.str;
}; };
interface = lib.mkOption {
interface = mkOption {
default = "lo"; default = "lo";
type = types.str; type = lib.types.str;
}; };
media = lib.mkOption {
media = mkOption {
default = { }; default = { };
type = types.attrs; type = lib.types.attrs;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
# This is the network for all the containers. # This is the network for all the containers.
# They are not available to the external interface by default, # They are not available to the external interface by default,
# instead they all expose specific ports in their configuration. # instead they all expose specific ports in their configuration.
networking = { networking = {
nat = { nat = {
enable = true; enable = true;
internalInterfaces = [ "ve-+" ];
externalInterface = config.container.interface; externalInterface = config.container.interface;
internalInterfaces = [
"ve-+"
];
}; };
networkmanager.unmanaged = [ "interface-name:ve-*" ]; networkmanager.unmanaged = [
"interface-name:ve-*"
];
}; };
}; };
} }

17
container/proxy/host/Camera.nix
View file

@ -1,12 +1,15 @@
{ config, container, ... }:
let
domain = "camera.${config.container.domain}";
address = "192.168.2.249";
port = 554;
in
{ {
config,
container,
util,
...
}: let
address = "192.168.2.249";
domain = "camera.${config.container.domain}";
port = 554;
in {
${domain} = container.mkServer { ${domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
location / { location / {

13
container/proxy/host/Change.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }: {
let config,
container,
util,
...
}: let
cfg = config.container.module.change; cfg = config.container.module.change;
name = "change"; name = "change";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Chat.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }: {
let config,
container,
util,
...
}: let
cfg = config.container.module.chat; cfg = config.container.module.chat;
name = "chat"; name = "chat";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Cloud.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }: {
let config,
container,
util,
...
}: let
cfg = config.container.module.cloud; cfg = config.container.module.cloud;
name = "cloud"; name = "cloud";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Download.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }: {
let config,
container,
util,
...
}: let
cfg = config.container.module.download; cfg = config.container.module.download;
name = "download"; name = "download";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Git.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.git; cfg = config.container.module.git;
name = "git"; name = "git";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

27
container/proxy/host/Hdd.nix
View file

@ -1,27 +0,0 @@
{ container, config, ... }:
let
cfg = config.container.module.hdd;
name = "hdd";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / {
allow ${config.container.localAccess};
allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address};
deny all;
proxy_pass http://''$${name}$request_uri;
}
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
'';
};
}

13
container/proxy/host/Home.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }: {
let config,
container,
util,
...
}: let
cfg = config.container.module.home; cfg = config.container.module.home;
name = "home"; name = "home";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Iot.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.iot; cfg = config.container.module.iot;
name = "iot"; name = "iot";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Mail.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.mail; cfg = config.container.module.mail;
name = "mail"; name = "mail";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Office.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.office; cfg = config.container.module.office;
name = "office"; name = "office";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Paper.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.paper; cfg = config.container.module.paper;
name = "paper"; name = "paper";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Pass.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.pass; cfg = config.container.module.pass;
name = "pass"; name = "pass";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Paste.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.paste; cfg = config.container.module.paste;
name = "paste"; name = "paste";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Print.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.print; cfg = config.container.module.print;
name = "print"; name = "print";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

15
container/proxy/host/Printer.nix
View file

@ -1,13 +1,16 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
address = "192.168.2.237"; address = "192.168.2.237";
domain = "printer.${config.container.domain}"; domain = "printer.${config.container.domain}";
port = 80;
name = "printer"; name = "printer";
in port = 80;
{ in {
${domain} = container.mkServer { ${domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${address}:${toString port}; set ''$${name} ${address}:${toString port};

13
container/proxy/host/Read.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.read; cfg = config.container.module.read;
name = "read"; name = "read";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

14
container/proxy/host/Resume.nix
View file

@ -1,11 +1,13 @@
{ container, config, ... }:
let
domain = "resume.${config.container.domain}";
name = "resume";
in
{ {
container,
config,
util,
...
}: let
domain = "resume.${config.container.domain}";
in {
${domain} = container.mkServer { ${domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
server_name ${domain}; server_name ${domain};
listen 443 ssl; listen 443 ssl;

15
container/proxy/host/Router.nix
View file

@ -1,13 +1,16 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
address = "10.0.0.2"; address = "10.0.0.2";
domain = "router.${config.container.domain}"; domain = "router.${config.container.domain}";
port = 80;
name = "router"; name = "router";
in port = 80;
{ in {
${domain} = container.mkServer { ${domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${address}:${toString port}; set ''$${name} ${address}:${toString port};

13
container/proxy/host/Search.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.search; cfg = config.container.module.search;
name = "search"; name = "search";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Status.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.status; cfg = config.container.module.status;
name = "sstatus"; name = "sstatus";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Stock.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.stock; cfg = config.container.module.stock;
name = "stock"; name = "stock";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Watch.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.watch; cfg = config.container.module.watch;
name = "watch"; name = "watch";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Yt.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }: {
let container,
config,
util,
...
}: let
cfg = config.container.module.yt; cfg = config.container.module.yt;
name = "yt"; name = "yt";
in in {
{
${cfg.domain} = container.mkServer { ${cfg.domain} = container.mkServer {
extraConfig = '' extraConfig = util.trimTabs ''
listen 443 ssl; listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port}; set ''$${name} ${cfg.address}:${toString cfg.port};

334
flake.nix
View file

@ -1,142 +1,59 @@
# This is a configuration entry-point called "Flake".
# Here you define your inputs (dependencies) and outputs (hosts).
{ {
# Those are external dependencies.
inputs = { inputs = {
# Core system.
# Homepage: https://github.com/NixOS/nixpkgs
# Manual: https://nixos.org/manual/nixos/stable
# Search: https://search.nixos.org/packages and https://search.nixos.org/options
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgsUnstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgsUnstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgsStable.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgsStable.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgsMaster.url = "github:nixos/nixpkgs/master"; nixpkgsMaster.url = "github:nixos/nixpkgs/master";
# This thing manages user's /home directroies. Because NixOS only manages system itself.
# Homepage: https://github.com/nix-community/home-manager
# Manual: https://nix-community.github.io/home-manager
# Search: https://home-manager-options.extranix.com
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
# This means that home-manager and our Flake both depend on the same nixpkgs version.
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# This allows automatic styling based on active Wallpaper.
# Homepage: https://github.com/danth/stylix
# Manual: https://danth.github.io/stylix
stylix.url = "github:danth/stylix"; stylix.url = "github:danth/stylix";
# I use this for a single container called jobber. WARN: Do not update.
# You likely won't need this one, so just skip it for now.
poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95";
nixpkgsJobber.url = "github:nixos/nixpkgs/051f920625ab5aabe37c920346e3e69d7d34400e"; nixpkgsJobber.url = "github:nixos/nixpkgs/051f920625ab5aabe37c920346e3e69d7d34400e";
poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95";
# Nix on Android (inside Termux). It has no NixOS modules, but still allows the use of Nixpkgs arm packages with Home-Manager configurations.
# Homepage: https://github.com/nix-community/nix-on-droid
# Manual: https://github.com/nix-community/nix-on-droid/blob/master/README.md
nix-on-droid = { nix-on-droid = {
url = "github:t184256/nix-on-droid/release-23.11"; url = "github:t184256/nix-on-droid/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager"; inputs.home-manager.follows = "home-manager";
inputs.nixpkgs.follows = "nixpkgs";
}; };
# Those are Nvim plugins. I do not use package managers like Packer or Lazy, instead I use Nix to download them and later configure in [Neovim module](module/common/Nvim.nix). nvimAlign = { flake = false; url = "github:echasnovski/mini.align"; };
nvimAlign = { nvimAutoclose = { flake = false; url = "github:m4xshen/autoclose.nvim"; };
url = "github:echasnovski/mini.align"; nvimBufferline = { flake = false; url = "github:akinsho/bufferline.nvim"; };
flake = false; nvimCloseBuffers = { flake = false; url = "github:kazhala/close-buffers.nvim"; };
}; nvimColorizer = { flake = false; url = "github:brenoprata10/nvim-highlight-colors"; };
nvimAutoclose = { nvimDevicons = { flake = false; url = "github:nvim-tree/nvim-web-devicons"; };
url = "github:m4xshen/autoclose.nvim"; nvimDressing = { flake = false; url = "github:stevearc/dressing.nvim"; };
flake = false; nvimGen = { flake = false; url = "github:David-Kunz/gen.nvim"; };
}; nvimGitsigns = { flake = false; url = "github:lewis6991/gitsigns.nvim"; };
nvimBufferline = { nvimGruvboxMaterial = { flake = false; url = "github:sainnhe/gruvbox-material"; };
url = "github:akinsho/bufferline.nvim"; nvimIndentoMatic = { flake = false; url = "github:Darazaki/indent-o-matic"; };
flake = false; nvimLspconfig = { flake = false; url = "github:neovim/nvim-lspconfig"; };
}; nvimPlenary = { flake = false; url = "github:nvim-lua/plenary.nvim"; };
nvimCloseBuffers = { nvimTelescope = { flake = false; url = "github:nvim-telescope/telescope.nvim"; };
url = "github:kazhala/close-buffers.nvim"; nvimTodo = { flake = false; url = "github:folke/todo-comments.nvim"; };
flake = false; nvimTree = { flake = false; url = "github:nvim-tree/nvim-tree.lua"; };
}; nvimTreesitter = { flake = false; url = "github:nvim-treesitter/nvim-treesitter"; };
nvimColorizer = { nvimTrouble = { flake = false; url = "github:folke/trouble.nvim"; };
url = "github:brenoprata10/nvim-highlight-colors";
flake = false;
};
nvimDevicons = {
url = "github:nvim-tree/nvim-web-devicons";
flake = false;
};
nvimDressing = {
url = "github:stevearc/dressing.nvim";
flake = false;
};
nvimGen = {
url = "github:David-Kunz/gen.nvim";
flake = false;
};
nvimGitsigns = {
url = "github:lewis6991/gitsigns.nvim";
flake = false;
};
nvimGruvboxMaterial = {
url = "github:sainnhe/gruvbox-material";
flake = false;
};
nvimIndentoMatic = {
url = "github:Darazaki/indent-o-matic";
flake = false;
};
nvimLspconfig = {
url = "github:neovim/nvim-lspconfig";
flake = false;
};
nvimPlenary = {
url = "github:nvim-lua/plenary.nvim";
flake = false;
};
nvimTelescope = {
url = "github:nvim-telescope/telescope.nvim";
flake = false;
};
nvimTodo = {
url = "github:folke/todo-comments.nvim";
flake = false;
};
nvimTree = {
url = "github:nvim-tree/nvim-tree.lua";
flake = false;
};
nvimTreesitter = {
url = "github:nvim-treesitter/nvim-treesitter";
flake = false;
};
nvimTrouble = {
url = "github:folke/trouble.nvim";
flake = false;
};
}; };
# Those are outputs (hosts, configurations) that can be produced by this whole config. outputs = {
# Here you see a set of inputs we defined above, like nixpkgs, home-manager and so on.
# `...` at the end of a set means "ignore other arguments provided to this function".
# @inputs means aliasing all the inputs to the `inputs` name, so we can pass them all at once later.
outputs =
{
self,
nixpkgs,
nixpkgsUnstable,
nixpkgsStable,
nixpkgsMaster,
nix-on-droid,
home-manager, home-manager,
stylix, nix-on-droid,
poetry2nixJobber, nixpkgs,
nixpkgsJobber, nixpkgsJobber,
nixpkgsMaster,
nixpkgsStable,
nixpkgsUnstable,
poetry2nixJobber,
self,
stylix,
... ...
}@inputs: } @inputs: {
{
# Constant values.
const = { const = {
droidStateVersion = "23.11"; droidStateVersion = "23.11";
stateVersion = "24.05"; stateVersion = "24.05";
@ -144,32 +61,22 @@
url = "https://git.voronind.com/voronind/nix.git"; url = "https://git.voronind.com/voronind/nix.git";
}; };
# Hack to use <container/Change.nix> in other files.
# Need to add __findFile to args tho.
__findFile = _: p: ./${p}; __findFile = _: p: ./${p};
# List all files in a dir. findFiles = path: map (f: "${path}/${f}") (
findFiles =
path:
map (f: "${path}/${f}") (
builtins.filter (i: builtins.readFileType "${path}/${i}" == "regular") ( builtins.filter (i: builtins.readFileType "${path}/${i}" == "regular") (
builtins.attrNames (builtins.readDir path) builtins.attrNames (builtins.readDir path)
) )
); );
# Dev shell for this repo. devShells = let
devShells =
let
system = "x86_64-linux";
lib = nixpkgs.lib; lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
in system = "x86_64-linux";
{ in {
${system}.default = pkgs.mkShell { ${system}.default = pkgs.mkShell {
nativeBuildInputs = with pkgs; [ nativeBuildInputs = with pkgs; [
nixd nixd
nixfmt-rfc-style
treefmt
]; ];
# buildInputs = with pkgs; [ ]; # buildInputs = with pkgs; [ ];
@ -178,20 +85,10 @@
}; };
}; };
# Nixos systems. nixosConfigurations = let
nixosConfigurations = mkHost = { system, hostname }: nixpkgs.lib.nixosSystem {
let
# Function to create a host. It does basic setup, like adding common modules.
mkHost =
{ system, hostname }:
nixpkgs.lib.nixosSystem {
# `Inherit` is just an alias for `system = system;`, which means that
# keep the `system` argument as a property in a resulting set.
inherit system; inherit system;
modules = [
# List of modules to use by defualt for all the hosts.
modules =
[
# Make a device hostname match the one from this config. # Make a device hostname match the one from this config.
{ networking.hostName = hostname; } { networking.hostName = hostname; }
@ -207,169 +104,60 @@
# HM config. # HM config.
./home/NixOs.nix ./home/NixOs.nix
] ]
++ (self.findFiles ./host/${system}/${hostname})
++ (self.findFiles ./config)
++ (self.findFiles ./container) ++ (self.findFiles ./container)
++ (self.findFiles ./host/${system}/${hostname})
++ (self.findFiles ./module) ++ (self.findFiles ./module)
++ (self.findFiles ./overlay)
++ (self.findFiles ./system) ++ (self.findFiles ./system)
++ (self.findFiles ./overlay); ;
specialArgs = let
# SpecialArgs allows you to pass objects down to other NixOS modules.
specialArgs =
let
pkgs = nixpkgs.legacyPackages.${system}.pkgs; pkgs = nixpkgs.legacyPackages.${system}.pkgs;
lib = nixpkgs.lib; lib = nixpkgs.lib;
config = self.nixosConfigurations.${hostname}.config; config = self.nixosConfigurations.${hostname}.config;
in util = import ./lib/Util.nix { inherit lib; };
{ in {
inherit inputs self;
inherit (self) const __findFile; inherit (self) const __findFile;
inherit inputs self poetry2nixJobber util;
container = import ./lib/Container.nix { inherit lib pkgs config util; inherit (self) const; };
pkgsJobber = nixpkgsJobber.legacyPackages.${system}.pkgs; pkgsJobber = nixpkgsJobber.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs; pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs;
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs; pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs; secret = import ./secret { };
secret = import ./secret { }; # Secrets (public keys).
container = import ./lib/Container.nix {
inherit lib pkgs config;
inherit (self) const;
}; # Container utils.
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
# Stuff for Jobber container, skip this part.
inherit poetry2nixJobber;
}; };
}; };
mkSystem = system: hostname: { "${hostname}" = mkHost { inherit system hostname; }; }; mkSystem = system: hostname: { "${hostname}" = mkHost { inherit system hostname; }; };
in in nixpkgs.lib.foldl' (acc: h: acc // h) { } (
nixpkgs.lib.foldl' (acc: h: acc // h) { } ( map (system: nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (
system:
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (host: mkSystem system host) (builtins.attrNames (builtins.readDir ./host/${system})) map (host: mkSystem system host) (builtins.attrNames (builtins.readDir ./host/${system}))
) )) (builtins.attrNames (builtins.readDir ./host))
) (builtins.attrNames (builtins.readDir ./host))
); );
# Home manager (distro-independent). nixOnDroidConfigurations.default = let
# Install nix: sh <(curl -L https://nixos.org/nix/install) --no-daemon
# Or with --daemon for multi-user (as root).
# $ nix run home-manager/master -- init --switch
# $ nix shell '<home-manager>' -A install
# Add to /etc/nix/nix.conf > experimental-features = nix-command flakes
# And then # systemctl restart nix-daemon.service
# $ home-manager switch --flake ~/hmconf
homeConfigurations =
let
lib = nixpkgs.lib;
secret = import ./secret { };
util = import ./lib/Util.nix { inherit lib; };
mkCommonHome =
username: system:
let
pkgs = nixpkgs.legacyPackages.${system};
pkgsStable = nixpkgsStable.legacyPackages.${system};
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system};
pkgsMaster = nixpkgsMaster.legacyPackages.${system};
in
{
${username} = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = {
inherit
self
inputs
secret
util
pkgs
pkgsStable
pkgsMaster
;
inherit (self) const __findFile;
};
modules = [
./home/HomeManager.nix
{
home.hm = {
inherit username;
enable = true;
};
}
{ nixpkgs.config.allowUnfree = true; }
{ nixpkgs.config.allowUnfreePredicate = (pkg: true); }
{ nix.package = pkgs.nix; }
{
nix.settings.experimental-features = [
"nix-command "
"flakes"
];
}
inputs.stylix.homeManagerModules.stylix
] ++ (self.findFiles ./home/user/${system}/${username}) ++ (self.findFiles ./config);
};
};
in
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (
system:
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (username: mkCommonHome username system) (
builtins.attrNames (builtins.readDir ./home/user/${system})
)
)
) (builtins.attrNames (builtins.readDir ./home/user))
);
# Android.
nixOnDroidConfigurations.default =
let
system = "aarch64-linux";
config = self.nixOnDroidConfigurations.default.config; config = self.nixOnDroidConfigurations.default.config;
lib = nixpkgs.lib; lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages.${system}.pkgs; pkgs = nixpkgs.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs; pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs;
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs; pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs; system = "aarch64-linux";
in in nix-on-droid.lib.nixOnDroidConfiguration {
nix-on-droid.lib.nixOnDroidConfiguration {
modules = [ modules = [
# Android release version. (import ./module/Style.nix { inherit (config.home-manager) config; inherit (self) __findFile; inherit lib pkgs; })
{ system.stateVersion = self.const.droidStateVersion; }
# I put all my Android configuration there.
./home/Android.nix ./home/Android.nix
{ home.android.enable = true; } ./module/Wallpaper.nix
# { nixpkgs.config.allowUnfree = true; }
# { nixpkgs.config.allowUnfreePredicate = (pkg: true); }
{ nix.extraOptions = "experimental-features = nix-command flakes"; }
{ home-manager.config.stylix.autoEnable = lib.mkForce false; } { home-manager.config.stylix.autoEnable = lib.mkForce false; }
{ home.android.enable = true; }
# Some common modules. { nix.extraOptions = "experimental-features = nix-command flakes"; }
./config/Setting.nix { system.stateVersion = self.const.droidStateVersion; }
./config/Wallpaper.nix
(import ./config/Style.nix {
inherit (config.home-manager) config;
inherit (self) __findFile;
inherit lib pkgs;
})
]; ];
# SpecialArgs allows you to pass objects down to other configuration.
extraSpecialArgs = { extraSpecialArgs = {
inherit inputs self; inherit inputs self;
inherit (self) const __findFile; inherit (self) const __findFile;
secret = import ./secret { };
secret = import ./secret { }; # Secrets (public keys). util = import ./lib/Util.nix { inherit lib; };
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
}; };
}; };
}; };
} }
# That's it!

42
home/Android.nix
View file

@ -1,48 +1,42 @@
# This is a common user configuration. # This is a common user configuration.
{ {
const,
pkgs,
self,
config,
lib,
inputs,
pkgsStable,
pkgsMaster,
__findFile, __findFile,
config,
const,
inputs,
lib,
pkgs,
pkgsMaster,
pkgsStable,
self,
... ...
}@args: } @args: let
with lib;
let
cfg = config.home.android; cfg = config.home.android;
stylix = import <config/Stylix.nix> args;
android = import ./android args; android = import ./android args;
package = import <package> args; package = import <package> args;
programs = import ./program args; programs = import ./program args;
in stylix = import <system/Stylix.nix> args;
# homePath = "/data/data/com.termux.nix/files/home"; in {
{ options.home.android = {
options = { enable = lib.mkEnableOption "the Android HM config.";
home.android = {
enable = mkEnableOption "Android HM config.";
};
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.packages = package.core; environment.packages = package.core;
time.timeZone = const.timeZone; time.timeZone = const.timeZone;
terminal = { terminal = {
inherit (android) font colors; inherit (android) font colors;
}; };
home-manager.config = stylix // { home-manager.config = stylix // {
imports = [ inputs.stylix.homeManagerModules.stylix ]; programs = with programs; core;
imports = [
inputs.stylix.homeManagerModules.stylix
];
home = { home = {
file = import ./config args; file = import ./config args;
sessionVariables = import ./variable args; sessionVariables = import ./variable args;
stateVersion = const.droidStateVersion; stateVersion = const.droidStateVersion;
}; };
programs = with programs; core;
}; };
}; };
} }

70
home/HomeManager.nix
View file

@ -1,70 +0,0 @@
# This is a common user configuration.
{
const,
util,
config,
lib,
__findFile,
...
}@args:
with lib;
let
cfg = config.home.hm;
package = import <package> args;
programs = import ./program args;
in
{
options = {
home.hm = {
enable = mkEnableOption "Home-Manager standalone config.";
username = mkOption {
default = null;
type = types.str;
};
homeDirectory = mkOption {
default = "/home/${cfg.username}";
type = types.str;
};
package = mkOption {
default = { };
type = types.submodule {
options = {
common.enable = mkEnableOption "Common apps.";
core.enable = mkEnableOption "Core apps.";
creative.enable = mkEnableOption "Creative apps.";
desktop.enable = mkEnableOption "Desktop apps.";
dev.enable = mkEnableOption "Dev apps.";
extra.enable = mkEnableOption "Extra apps.";
gaming.enable = mkEnableOption "Gaming apps.";
};
};
};
};
};
config = mkIf cfg.enable (mkMerge [
{
home = {
inherit (cfg) username homeDirectory;
inherit (const) stateVersion;
file = import ./config args;
sessionVariables = import ./variable args;
};
xdg = import ./xdg { inherit (cfg) homeDirectory; };
programs = with programs; core;
dconf.settings = util.catSet (util.ls ./config/dconf) args;
}
(mkIf cfg.package.common.enable { home.packages = package.common; })
(mkIf cfg.package.core.enable { home.packages = package.core; })
(mkIf cfg.package.creative.enable { home.packages = package.creative; })
(mkIf cfg.package.desktop.enable {
home = {
packages = package.desktop;
programs = programs.desktop;
};
})
(mkIf cfg.package.dev.enable { home.packages = package.dev; })
(mkIf cfg.package.extra.enable { home.packages = package.extra; })
(mkIf cfg.package.gaming.enable { home.packages = package.gaming; })
]);
}

36
home/NixOs.nix
View file

@ -1,37 +1,31 @@
# This is a common user configuration. # This is a common user configuration.
{ {
const, __findFile,
config, config,
util, const,
lib, lib,
pkgs, pkgs,
__findFile, util,
... ...
}@args: } @args: let
with lib;
let
cfg = config.home.nixos; cfg = config.home.nixos;
programs = import ./program args; programs = import ./program args;
in in {
{
imports = (util.ls <user>); imports = (util.ls <user>);
options = { options.home.nixos = {
home.nixos = { enable = lib.mkEnableOption "the NixOS user setup.";
enable = mkEnableOption "NixOS user setup."; users = lib.mkOption {
users = mkOption {
default = [ ]; default = [ ];
type = types.listOf types.attrs; type = with lib.types; listOf attrs;
};
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
home-manager = { home-manager = {
users = builtins.foldl' ( backupFileExtension = "backup-" + pkgs.lib.readFile "${pkgs.runCommand "timestamp" { } "echo -n date '+%Y%m%d%H%M%S' > $out"}";
acc: user: users = builtins.foldl' (acc: user:
acc acc // {
// {
${user.username} = { ${user.username} = {
home = { home = {
inherit (const) stateVersion; inherit (const) stateVersion;
@ -48,10 +42,6 @@ in
}; };
} }
) { } cfg.users; ) { } cfg.users;
backupFileExtension =
"backup-"
+ pkgs.lib.readFile "${pkgs.runCommand "timestamp" { } "echo -n date '+%Y%m%d%H%M%S' > $out"}";
}; };
}; };
} }

11
home/android/default.nix
View file

@ -1,12 +1,13 @@
{ pkgs, config, ... }:
{ {
config,
pkgs,
...
}: {
font = pkgs.runCommandNoCC "font" { } '' font = pkgs.runCommandNoCC "font" { } ''
cp ${ cp ${pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out
pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }
}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out
''; '';
colors = with config.style.color; { colors = with config.module.style.color; {
background = "#${bg.dark}"; background = "#${bg.dark}";
cursor = "#${fg.light}"; cursor = "#${fg.light}";
foreground = "#${fg.light}"; foreground = "#${fg.light}";

346
home/config/btop/default.nix
View file

@ -1,250 +1,100 @@
{ ... }:
{ {
text = '' pkgs,
#? Config file for btop v. 1.3.0 lib,
...
#* Name of a btop++/bpytop/bashtop formatted ".theme" file, "Default" and "TTY" for builtin themes. }: let
#* Themes should be placed in "../share/btop/themes" relative to binary or "$HOME/.config/btop/themes" config = {
color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme" background_update = true;
base_10_sizes = true;
#* If the theme set background should be shown, set to False if you want terminal background transparency. check_temp = true;
theme_background = False clock_format = "%X";
color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme";
#* Sets if 24-bit truecolor should be used, will convert 24-bit colors to 256 color (6x6x6 color cube) if false. cpu_bottom = false;
truecolor = True cpu_core_map = "";
cpu_graph_lower = "total";
#* Set to true to force tty mode regardless if a real tty has been detected or not. cpu_graph_upper = "total";
#* Will force 16-color mode and TTY theme, set all graph symbols to "tty" and swap out other non tty friendly symbols. cpu_invert_lower = true;
force_tty = False cpu_sensor = "Auto";
cpu_single_graph = false;
#* Define presets for the layout of the boxes. Preset 0 is always all boxes shown with default settings. Max 9 presets. custom_cpu_name = "";
#* Format: "box_name:P:G,box_name:P:G" P=(0 or 1) for alternate positions, G=graph symbol to use for box. custom_gpu_name0 = "";
#* Use whitespace " " as separator between different presets. custom_gpu_name1 = "";
#* Example: "cpu:0:default,mem:0:tty,proc:1:default cpu:0:braille,proc:0:tty" custom_gpu_name2 = "";
presets = "" custom_gpu_name3 = "";
custom_gpu_name4 = "";
#* Set to True to enable "h,j,k,l,g,G" keys for directional control in lists. custom_gpu_name5 = "";
#* Conflicting keys for h:"help" and k:"kill" is accessible while holding shift. disk_free_priv = false;
vim_keys = True disks_filter = "exclude = /boot /boot/efi";
force_tty = false;
#* Rounded corners on boxes, is ignored if TTY mode is ON. gpu_mirror_graph = true;
rounded_corners = True graph_symbol = "braille";
graph_symbol_cpu = "default";
#* Default symbols to use for graph creation, "braille", "block" or "tty". graph_symbol_gpu = "default";
#* "braille" offers the highest resolution but might not be included in all fonts. graph_symbol_mem = "default";
#* "block" has half the resolution of braille but uses more common characters. graph_symbol_net = "default";
#* "tty" uses only 3 different symbols but will work with most fonts and should work in a real TTY. graph_symbol_proc = "default";
#* Note that "tty" only has half the horizontal resolution of the other two, so will show a shorter historical view. io_graph_combined = false;
graph_symbol = "braille" io_graph_speeds = "";
io_mode = false;
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". log_level = "WARNING";
graph_symbol_cpu = "default" mem_below_net = false;
mem_graphs = true;
# Graph symbol to use for graphs in gpu box, "default", "braille", "block" or "tty". net_auto = true;
graph_symbol_gpu = "default" net_download = 100;
net_iface = "";
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". net_sync = true;
graph_symbol_mem = "default" net_upload = 100;
nvml_measure_pcie_speeds = true;
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". only_physical = true;
graph_symbol_net = "default" presets = "";
proc_aggregate = true;
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". proc_colors = true;
graph_symbol_proc = "default" proc_cpu_graphs = true;
proc_filter_kernel = true;
#* Manually set which boxes to show. Available values are "cpu mem net proc" and "gpu0" through "gpu5", separate values with whitespace. proc_gradient = false;
shown_boxes = "cpu mem net proc" proc_info_smaps = false;
proc_left = true;
#* Update time in milliseconds, recommended 2000 ms or above for better sample times for graphs. proc_mem_bytes = true;
update_ms = 2000 proc_per_core = true;
proc_reversed = false;
#* Processes sorting, "pid" "program" "arguments" "threads" "user" "memory" "cpu lazy" "cpu direct", proc_sorting = "memory";
#* "cpu lazy" sorts top process over time (easier to follow), "cpu direct" updates top process directly. proc_tree = true;
proc_sorting = "memory" rounded_corners = true;
selected_battery = "Auto";
#* Reverse sorting order, True or False. show_battery = true;
proc_reversed = False show_coretemp = true;
show_cpu_freq = true;
#* Show processes as a tree. show_disks = true;
proc_tree = False show_gpu_info = "Auto";
show_io_stat = true;
#* Use the cpu graph colors in the process list. show_swap = true;
proc_colors = True show_uptime = true;
shown_boxes = "cpu mem net proc";
#* Use a darkening gradient in the process list. swap_disk = false;
proc_gradient = True temp_scale = "celsius";
theme_background = false;
#* If process cpu usage should be of the core it's running on or usage of the total available cpu power. truecolor = true;
proc_per_core = False update_ms = 2000;
use_fstab = true;
#* Show process memory as bytes instead of percent. vim_keys = true;
proc_mem_bytes = True zfs_arc_cached = true;
zfs_hide_datasets = false;
#* Show cpu graph for each process. };
proc_cpu_graphs = True
mkOption = k: v: lib.generators.mkKeyValueDefault { } " = " k v;
#* Use /proc/[pid]/smaps for memory information in the process info box (very slow but more accurate) in {
proc_info_smaps = False file = pkgs.writeText "BtopConfig" (
builtins.foldl' (acc: line: acc + "${line}\n") "" (
#* Show proc box on left side of screen instead of right. lib.mapAttrsToList (k: v: let
proc_left = True value = if builtins.isString v then
"\"${v}\""
#* (Linux) Filter processes tied to the Linux kernel(similar behavior to htop). else if builtins.isBool v then
proc_filter_kernel = True if v then "True" else "False"
else
#* In tree-view, always accumulate child process resources in the parent process. v
proc_aggregate = False ;
in mkOption k value
#* Sets the CPU stat shown in upper half of the CPU graph, "total" is always available. ) config
#* Select from a list of detected attributes from the options menu. )
cpu_graph_upper = "total" );
#* Sets the CPU stat shown in lower half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu.
cpu_graph_lower = "total"
#* If gpu info should be shown in the cpu box. Available values = "Auto", "On" and "Off".
show_gpu_info = "Auto"
#* Toggles if the lower CPU graph should be inverted.
cpu_invert_lower = True
#* Set to True to completely disable the lower CPU graph.
cpu_single_graph = False
#* Show cpu box at bottom of screen instead of top.
cpu_bottom = False
#* Shows the system uptime in the CPU box.
show_uptime = True
#* Show cpu temperature.
check_temp = True
#* Which sensor to use for cpu temperature, use options menu to select from list of available sensors.
cpu_sensor = "Auto"
#* Show temperatures for cpu cores also if check_temp is True and sensors has been found.
show_coretemp = True
#* Set a custom mapping between core and coretemp, can be needed on certain cpus to get correct temperature for correct core.
#* Use lm-sensors or similar to see which cores are reporting temperatures on your machine.
#* Format "x:y" x=core with wrong temp, y=core with correct temp, use space as separator between multiple entries.
#* Example: "4:0 5:1 6:3"
cpu_core_map = ""
#* Which temperature scale to use, available values: "celsius", "fahrenheit", "kelvin" and "rankine".
temp_scale = "celsius"
#* Use base 10 for bits/bytes sizes, KB = 1000 instead of KiB = 1024.
base_10_sizes = True
#* Show CPU frequency.
show_cpu_freq = True
#* Draw a clock at top of screen, formatting according to strftime, empty string to disable.
#* Special formatting: /host = hostname | /user = username | /uptime = system uptime
clock_format = "%X"
#* Update main ui in background when menus are showing, set this to false if the menus is flickering too much for comfort.
background_update = True
#* Custom cpu model name, empty string to disable.
custom_cpu_name = ""
#* Optional filter for shown disks, should be full path of a mountpoint, separate multiple values with whitespace " ".
#* Begin line with "exclude=" to change to exclude filter, otherwise defaults to "most include" filter. Example: disks_filter="exclude=/boot /home/user".
disks_filter = "exclude=/boot /boot/efi"
#* Show graphs instead of meters for memory values.
mem_graphs = True
#* Show mem box below net box instead of above.
mem_below_net = False
#* Count ZFS ARC in cached and available memory.
zfs_arc_cached = True
#* If swap memory should be shown in memory box.
show_swap = True
#* Show swap as a disk, ignores show_swap value above, inserts itself after first disk.
swap_disk = False
#* If mem box should be split to also show disks info.
show_disks = True
#* Filter out non physical disks. Set this to False to include network disks, RAM disks and similar.
only_physical = True
#* Read disks list from /etc/fstab. This also disables only_physical.
use_fstab = True
#* Setting this to True will hide all datasets, and only show ZFS pools. (IO stats will be calculated per-pool)
zfs_hide_datasets = False
#* Set to true to show available disk space for privileged users.
disk_free_priv = False
#* Toggles if io activity % (disk busy time) should be shown in regular disk usage view.
show_io_stat = True
#* Toggles io mode for disks, showing big graphs for disk read/write speeds.
io_mode = False
#* Set to True to show combined read/write io graphs in io mode.
io_graph_combined = False
#* Set the top speed for the io graphs in MiB/s (100 by default), use format "mountpoint:speed" separate disks with whitespace " ".
#* Example: "/mnt/media:100 /:20 /boot:1".
io_graph_speeds = ""
#* Set fixed values for network graphs in Mebibits. Is only used if net_auto is also set to False.
net_download = 100
net_upload = 100
#* Use network graphs auto rescaling mode, ignores any values set above and rescales down to 10 Kibibytes at the lowest.
net_auto = True
#* Sync the auto scaling for download and upload to whichever currently has the highest scale.
net_sync = True
#* Starts with the Network Interface specified here.
net_iface = ""
#* Show battery stats in top right if battery is present.
show_battery = True
#* Which battery to use if multiple are present. "Auto" for auto detection.
selected_battery = "Auto"
#* Set loglevel for "~/.config/btop/btop.log" levels are: "ERROR" "WARNING" "INFO" "DEBUG".
#* The level set includes all lower levels, i.e. "DEBUG" will show all logging info.
log_level = "WARNING"
#* Measure PCIe throughput on NVIDIA cards, may impact performance on certain cards.
nvml_measure_pcie_speeds = True
#* Horizontally mirror the GPU graph.
gpu_mirror_graph = True
#* Custom gpu0 model name, empty string to disable.
custom_gpu_name0 = ""
#* Custom gpu1 model name, empty string to disable.
custom_gpu_name1 = ""
#* Custom gpu2 model name, empty string to disable.
custom_gpu_name2 = ""
#* Custom gpu3 model name, empty string to disable.
custom_gpu_name3 = ""
#* Custom gpu4 model name, empty string to disable.
custom_gpu_name4 = ""
#* Custom gpu5 model name, empty string to disable.
custom_gpu_name5 = ""
'';
} }

35
home/config/chromium/default.nix
View file

@ -1,9 +1,18 @@
{ pkgs, config, ... }:
{ {
pkgs,
config,
...
}: {
preferences = (pkgs.formats.json { }).generate "ChromiumConfig" { preferences = (pkgs.formats.json { }).generate "ChromiumConfig" {
name = "Work";
bookmark_bar.show_on_all_tabs = false; bookmark_bar.show_on_all_tabs = false;
browser.show_home_button = false; browser.show_home_button = false;
default_apps_install_state = 2; default_apps_install_state = 2;
download.prompt_for_download = false;
download_bubble.partial_view_enabled = false;
intl.selected_languages = "en-US,en";
session.restore_on_startup = 1;
side_panel.is_right_aligned = false;
default_search_provider = { default_search_provider = {
guid = "5761b040-db50-4f8e-9d00-c9ad985779a4"; guid = "5761b040-db50-4f8e-9d00-c9ad985779a4";
synced_guid = "5761b040-db50-4f8e-9d00-c9ad985779a4"; synced_guid = "5761b040-db50-4f8e-9d00-c9ad985779a4";
@ -18,8 +27,6 @@
url = "https://search.voronind.com/search?q={searchTerms}"; url = "https://search.voronind.com/search?q={searchTerms}";
}; };
}; };
download.prompt_for_download = false;
download_bubble.partial_view_enabled = false;
extensions = { extensions = {
alerts.initialized = false; alerts.initialized = false;
commands = { commands = {
@ -50,25 +57,19 @@
}; };
}; };
}; };
intl.selected_languages = "en-US,en";
password_manager = { password_manager = {
autofillable_credentials_account_store_login_database = false; autofillable_credentials_account_store_login_database = false;
autofillable_credentials_profile_store_login_database = false; autofillable_credentials_profile_store_login_database = false;
}; };
name = "Work";
session.restore_on_startup = 1;
side_panel.is_right_aligned = false;
webkit = { webkit = {
webprefs = { webprefs = {
default_fixed_font_size = 14; default_fixed_font_size = 14;
default_font_size = 17; default_font_size = 17;
minimum_font_size = 16; minimum_font_size = 16;
fonts = fonts = let
let mono = config.module.style.font.monospace.name;
mono = config.style.font.monospace.name; sans = config.module.style.font.sansSerif.name;
sans = config.style.font.sansSerif.name; in {
in
{
fixed.Zyyy = mono; fixed.Zyyy = mono;
sansserif.Zyyy = sans; sansserif.Zyyy = sans;
serif.Zyyy = sans; serif.Zyyy = sans;
@ -80,14 +81,18 @@
localState = (pkgs.formats.json { }).generate "ChromiumLocalState" { localState = (pkgs.formats.json { }).generate "ChromiumLocalState" {
browser = { browser = {
enabled_labs_experiments = [ "smooth-scrolling@2" ];
first_run_finished = true; first_run_finished = true;
enabled_labs_experiments = [
"smooth-scrolling@2"
];
}; };
}; };
# REF: https://chromeenterprise.google/intl/en_us/policies/ # REF: https://chromeenterprise.google/intl/en_us/policies/
policy = (pkgs.formats.json { }).generate "ChromiumPolicy" { policy = (pkgs.formats.json { }).generate "ChromiumPolicy" {
URLBlocklist = [ "darkreader.org" ];
DefaultBrowserSettingEnabled = false; DefaultBrowserSettingEnabled = false;
URLBlocklist = [
"darkreader.org"
];
}; };
} }

3
home/config/dconf/Accessibility.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/desktop/a11y" = { "org/gnome/desktop/a11y" = {
always-show-universal-access-status = true; always-show-universal-access-status = true;
}; };

3
home/config/dconf/Gtk.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gtk/gtk4/settings/file-chooser" = { "org/gtk/gtk4/settings/file-chooser" = {
date-format = "regular"; date-format = "regular";
location-mode = "path-bar"; location-mode = "path-bar";

36
home/config/dconf/Input.nix
View file

@ -1,30 +1,22 @@
{ lib, config, ... }:
{ {
"org/gnome/desktop/input-sources" = with lib.gvariant; { lib,
current = mkUint32 0; config,
mru-sources = [ ...
(mkTuple [ }: {
"xkb" "org/gnome/desktop/input-sources" = with lib.gvariant; let
"us" sources = [
]) (mkTuple [ "xkb" "us" ])
(mkTuple [ (mkTuple [ "xkb" "ru" ])
"xkb"
"ru"
])
]; ];
in {
inherit sources;
current = mkUint32 0;
mru-sources = sources;
per-window = false; per-window = false;
show-all-sources = true; show-all-sources = true;
sources = [ xkb-options = [
(mkTuple [ config.module.keyboard.options
"xkb"
"us"
])
(mkTuple [
"xkb"
"ru"
])
]; ];
xkb-options = [ config.setting.keyboard.options ];
}; };
"org/gnome/desktop/peripherals/mouse" = { "org/gnome/desktop/peripherals/mouse" = {

6
home/config/dconf/Key.nix
View file

@ -1,8 +1,6 @@
{ config, ... }: { ... }: let
let
mod = "<Super>"; mod = "<Super>";
in in {
{
"org/gnome/desktop/wm/keybindings" = { "org/gnome/desktop/wm/keybindings" = {
activate-window-menu = [ "" ]; activate-window-menu = [ "" ];
begin-move = [ "" ]; begin-move = [ "" ];

3
home/config/dconf/Media.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/desktop/media-handling" = { "org/gnome/desktop/media-handling" = {
automount = false; automount = false;
automount-open = false; automount-open = false;

3
home/config/dconf/Nautilus.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/nautilus/icon-view" = { "org/gnome/nautilus/icon-view" = {
default-zoom-level = "larger"; default-zoom-level = "larger";
}; };

3
home/config/dconf/Power.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/settings-daemon/plugins/power" = { "org/gnome/settings-daemon/plugins/power" = {
ambient-enabled = false; ambient-enabled = false;
idle-dim = false; idle-dim = false;

4
home/config/dconf/Privacy.nix
View file

@ -1,5 +1,7 @@
{ lib, ... }:
{ {
lib,
...
}: {
"org/gnome/desktop/privacy" = with lib.gvariant; { "org/gnome/desktop/privacy" = with lib.gvariant; {
disable-camera = false; disable-camera = false;
disable-microphone = false; disable-microphone = false;

4
home/config/dconf/Session.nix
View file

@ -1,5 +1,7 @@
{ lib, ... }:
{ {
lib,
...
}: {
"org/gnome/desktop/session" = with lib.gvariant; { "org/gnome/desktop/session" = with lib.gvariant; {
idle-delay = mkUint32 0; idle-delay = mkUint32 0;
}; };

3
home/config/dconf/Shell.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/shell" = { "org/gnome/shell" = {
disable-extension-version-validation = true; disable-extension-version-validation = true;
disable-user-extensions = false; disable-user-extensions = false;

3
home/config/dconf/Software.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/software" = { "org/gnome/software" = {
download-updates = false; download-updates = false;
download-updates-notify = false; download-updates-notify = false;

3
home/config/dconf/Sound.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }: {
{
"org/gnome/desktop/sound" = { "org/gnome/desktop/sound" = {
allow-volume-above-100-percent = false; allow-volume-above-100-percent = false;
event-sounds = false; event-sounds = false;

6
home/config/dconf/Wm.nix
View file

@ -1,10 +1,12 @@
{ lib, ... }:
{ {
lib,
...
}: {
"org/gnome/desktop/wm/preferences" = { "org/gnome/desktop/wm/preferences" = {
action-middle-click-titlebar = "minimize"; action-middle-click-titlebar = "minimize";
action-right-click-titlebar = "menu"; action-right-click-titlebar = "menu";
focus-mode = "click"; # `click` or `sloppy`.
button-layout = "appmenu:close"; button-layout = "appmenu:close";
focus-mode = "click"; # `click` or `sloppy`.
}; };
"org/gnome/mutter" = { "org/gnome/mutter" = {

14
home/config/default.nix
View file

@ -1,17 +1,15 @@
{ {
self,
inputs,
config, config,
inputs,
self,
... ...
}@args: } @args: let
let
btop = import ./btop args; btop = import ./btop args;
chromium = import ./chromium args; chromium = import ./chromium args;
editor = import ./editorconfig args; editor = import ./editorconfig args;
foot = import ./foot args; foot = import ./foot args;
fuzzel = import ./fuzzel args; fuzzel = import ./fuzzel args;
git = import ./git args; git = import ./git args;
gtk3 = import ./gtk/3 args;
jetbrains = import ./jetbrains args; jetbrains = import ./jetbrains args;
keyd = import ./keyd args; keyd = import ./keyd args;
mako = import ./mako args; mako = import ./mako args;
@ -23,17 +21,15 @@ let
tmux = import ./tmux args; tmux = import ./tmux args;
waybar = import ./waybar args; waybar = import ./waybar args;
yazi = import ./yazi args; yazi = import ./yazi args;
in in {
{
".Wallpaper".source = config.module.wallpaper.path; ".Wallpaper".source = config.module.wallpaper.path;
".config/MangoHud/MangoHud.conf".source = mangohud.config; ".config/MangoHud/MangoHud.conf".source = mangohud.config;
".config/MangoHud/presets.conf".source = mangohud.presets; ".config/MangoHud/presets.conf".source = mangohud.presets;
".config/btop/btop.conf".text = btop.text; ".config/btop/btop.conf".source = btop.file;
".config/chromium/Default/Preferences".source = chromium.preferences; ".config/chromium/Default/Preferences".source = chromium.preferences;
".config/chromium/Local State".source = chromium.localState; ".config/chromium/Local State".source = chromium.localState;
".config/foot/foot.ini".source = foot.file; ".config/foot/foot.ini".source = foot.file;
".config/fuzzel/fuzzel.ini".source = fuzzel.file; ".config/fuzzel/fuzzel.ini".source = fuzzel.file;
".config/gtk-3.0/bookmarks".text = gtk3.bookmarks;
".config/keyd/app.conf".text = keyd.text; ".config/keyd/app.conf".text = keyd.text;
".config/mako/config".source = mako.file; ".config/mako/config".source = mako.file;
".config/nvim/init.vim".text = nvim.text; ".config/nvim/init.vim".text = nvim.text;

24
home/config/editorconfig/default.nix
View file

@ -1,34 +1,26 @@
{ pkgs, ... }:
{ {
pkgs,
...
}: {
file = (pkgs.formats.iniWithGlobalSection { }).generate "EditorconfigConfig" { file = (pkgs.formats.iniWithGlobalSection { }).generate "EditorconfigConfig" {
globalSection.root = true; globalSection = {
root = true;
};
sections = { sections = {
"*" = { "*" = {
end_of_line = "lf";
charset = "utf-8"; charset = "utf-8";
end_of_line = "lf";
indent_size = 8;
indent_style = "tab"; indent_style = "tab";
indent_size = 2;
insert_final_newline = false; insert_final_newline = false;
trim_trailing_whitespace = true; trim_trailing_whitespace = true;
}; };
"Makefile" = {
indent_size = 4;
};
"*.nix" = { "*.nix" = {
indent_style = "space";
indent_size = 2; indent_size = 2;
}; };
"*.{lua,kt,kts,rs,py}" = { "*.{lua,kt,kts,rs,py}" = {
indent_size = 4; indent_size = 4;
}; };
"*.{sh,md}" = {
indent_size = 8;
};
}; };
}; };
} }

29
home/config/foot/default.nix
View file

@ -1,26 +1,27 @@
{ config, pkgs, ... }:
let
dpiAware = if config.setting.dpiAware then "yes" else "no";
borderSize = toString config.style.window.border;
fontStep = 1;
in
{ {
config,
pkgs,
...
}: let
borderSize = toString config.module.style.window.border;
dpiAware = if config.module.dpi.aware then "yes" else "no";
fontStep = 1;
in {
file = (pkgs.formats.iniWithGlobalSection { }).generate "FootConfig" { file = (pkgs.formats.iniWithGlobalSection { }).generate "FootConfig" {
globalSection = { globalSection = {
font = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
# font-bold = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-bold-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
dpi-aware = dpiAware; dpi-aware = dpiAware;
font = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-bold = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-bold-italic = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-italic = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-size-adjustment = fontStep; font-size-adjustment = fontStep;
pad = "${borderSize}x${borderSize} center"; pad = "${borderSize}x${borderSize} center";
}; };
sections = { sections = {
colors = { colors = {
alpha = config.style.opacity.terminal; alpha = config.module.style.opacity.terminal;
background = config.style.color.bg.dark; background = config.module.style.color.bg.dark;
foreground = config.style.color.fg.light; foreground = config.module.style.color.fg.light;
}; };
key-bindings = { key-bindings = {
show-urls-launch = "Mod1+o"; show-urls-launch = "Mod1+o";

42
home/config/fuzzel/default.nix
View file

@ -1,40 +1,38 @@
{ pkgs, config, ... }:
let
dpiAware = if config.setting.dpiAware then "yes" else "no";
in
{ {
pkgs,
config,
...
}: let
dpiAware = if config.module.dpi.aware then "yes" else "no";
in {
file = (pkgs.formats.ini { }).generate "FuzzelConfig" { file = (pkgs.formats.ini { }).generate "FuzzelConfig" {
main = { main = {
dpi-aware = dpiAware; dpi-aware = dpiAware;
# font = "${style.font.serif.name}:size=${toString style.font.size.popup}"; font = "Minecraftia:size=${toString config.module.style.font.size.popup}";
font = "Minecraftia:size=${toString config.style.font.size.popup}";
lines = 20; lines = 20;
prompt = "\"\""; prompt = "\"\"";
show-actions = "yes"; show-actions = "yes";
terminal = "foot"; terminal = "foot";
width = 40; width = 40;
# list-executables-in-path = "no";
}; };
border = { border = {
radius = 0; radius = 0;
width = 1; width = 1;
}; };
colors = colors = let
let
defaultOpacity = "ff"; defaultOpacity = "ff";
in in {
{ background = config.module.style.color.bg.dark + config.module.style.opacity.hex;
background = config.style.color.bg.dark + config.style.opacity.hex; border = config.module.style.color.border + config.module.style.opacity.hex;
border = config.style.color.border + config.style.opacity.hex; counter = config.module.style.color.bg.regular + defaultOpacity;
counter = config.style.color.bg.regular + defaultOpacity; input = config.module.style.color.fg.light + defaultOpacity;
input = config.style.color.fg.light + defaultOpacity; match = config.module.style.color.fg.light + defaultOpacity;
match = config.style.color.fg.light + defaultOpacity; placeholder = config.module.style.color.bg.regular + defaultOpacity;
placeholder = config.style.color.bg.regular + defaultOpacity; prompt = config.module.style.color.fg.light + defaultOpacity;
prompt = config.style.color.fg.light + defaultOpacity; selection = config.module.style.color.bg.regular + defaultOpacity;
selection = config.style.color.bg.regular + defaultOpacity; selection-match = config.module.style.color.accent + defaultOpacity;
selection-match = config.style.color.accent + defaultOpacity; selection-text = config.module.style.color.fg.light + defaultOpacity;
selection-text = config.style.color.fg.light + defaultOpacity; text = config.module.style.color.fg.light + defaultOpacity;
text = config.style.color.fg.light + defaultOpacity;
}; };
}; };
} }

6
home/config/git/default.nix
View file

@ -1,7 +1,9 @@
{ secret, pkgs, ... }:
{ {
secret,
pkgs,
...
}: {
file = (pkgs.formats.gitIni { listsAsDuplicateKeys = true; }).generate "GitConfig" { file = (pkgs.formats.gitIni { listsAsDuplicateKeys = true; }).generate "GitConfig" {
# credential.helper = "store";
gpg.format = secret.crypto.sign.git.format; gpg.format = secret.crypto.sign.git.format;
gpg.ssh.allowedSignersFile = toString secret.crypto.sign.git.allowed; gpg.ssh.allowedSignersFile = toString secret.crypto.sign.git.allowed;
init.defaultBranch = "main"; init.defaultBranch = "main";

10
home/config/gtk/3/default.nix
View file

@ -1,10 +0,0 @@
{ ... }:
{
bookmarks = ''
file:///storage
file:///home/voronind/tmp
sftp://10.0.0.1:22143/storage/hot/docker/cloud/data/data/cakee/files/ home cloud
sftp://10.0.0.1:22143/ home sftp
ftp://10.0.0.1/ home ftp
'';
}

6
home/config/jetbrains/default.nix
View file

@ -1,6 +1,8 @@
{ ... }:
{ {
ideavimrc = '' util,
...
}: {
ideavimrc = util.trimTabs ''
" Plugins. " Plugins.
Plug 'tpope/vim-commentary' Plug 'tpope/vim-commentary'
Plug 'machakann/vim-highlightedyank' Plug 'machakann/vim-highlightedyank'

Some files were not shown because too many files have changed in this diff Show more