voronind/nix
0
0
Fork 0
Code Issues 40 Pull requests Packages Projects Releases Wiki Activity

Purge nixfmt!

Browse source
This commit is contained in:
Dmitry Voronin 2024-11-04 04:37:29 +03:00
parent d590e6e590
commit a1f4bae2a6
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
356 changed files with 13267 additions and 16348 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.editorconfig
View file

@ -5,9 +5,5 @@ indent_style = tab
insert_final_newline = true
trim_trailing_whitespace = true
[*.nix]
indent_style = space
indent_size = 2
[*.md]
trim_trailing_whitespace = false

3
.readme/keyboard/Readme.md
View file

@ -1,3 +0,0 @@
# Keyd layouts.
http://www.keyboard-layout-editor.com

151
.readme/keyboard/alt/keyboard-layout.json
View file

@ -1,151 +0,0 @@
[
[
{
"c": "#8ec07c"
},
"Esc",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
"Q",
{
"c": "#8ec07c"
},
"Page Up",
{
"c": "#cccccc"
},
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"Caps Lock",
"Home",
"Page Down",
"End",
{
"c": "#cccccc"
},
"F",
"G",
{
"c": "#8ec07c"
},
"Left",
"Down",
"Up",
"Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
{
"c": "#8ec07c"
},
"Cut",
"Copy",
"Paste",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"c": "#d79921",
"w": 1.25
},
"Alterna-tive keys",
{
"c": "#cccccc",
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"c": "#8ec07c",
"w": 1.25
},
"Ctrl"
]
]

165
.readme/keyboard/app/firefox/keyboard-layout.json
View file

@ -1,165 +0,0 @@
[
[
"~\n`",
"!\n1\n\n\n\n\nTab 1",
"@\n2\n\n\n\n\nTab 2",
"#\n3\n\n\n\n\nTab 3",
"$\n4\n\n\n\n\nTab 4",
"%\n5\n\n\n\n\nTab 5",
"^\n6\n\n\n\n\nTab 6",
"&\n7\n\n\n\n\nTab 7",
"*\n8\n\n\n\n\nTab 8",
"(\n9\n\n\n\n\nTab 9",
")\n0\n\n\n\n\nTab 10",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Tab / Move",
"Up",
"Next Tab / Move",
"Full Refresh",
{
"c": "#cccccc"
},
"T",
"Y",
{
"c": "#8ec07c"
},
"Restore Tab",
{
"c": "#cccccc"
},
"I",
"O",
{
"c": "#8ec07c"
},
"Fill Pass-word",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Tab",
"Go Back",
"Down",
"Go Fwd",
"Find",
{
"c": "#cccccc"
},
"G",
"H",
"J",
"K",
{
"c": "#8ec07c"
},
"Toggle Dark Mode",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Alternative Action (after slash)",
{
"c": "#cccccc"
},
"Z",
{
"c": "#8ec07c"
},
"Close Tab",
{
"c": "#cccccc"
},
"C",
"V",
"B",
{
"c": "#8ec07c"
},
"Find Next / Prev",
{
"c": "#cccccc"
},
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#8ec07c",
"w": 6.25
},
"Toggle Address Bar",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

162
.readme/keyboard/app/jetbrains/keyboard-layout.json
View file

@ -1,162 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
{
"c": "#8ec07c"
},
"Reformat",
{
"c": "#cccccc",
"w": 2
},
"Backspace"
],
[
{
"c": "#8ec07c",
"w": 1.5
},
"Step Over (Tap) / Step Into (Hold)",
"Prev Tab",
{
"c": "#cccccc"
},
"W",
{
"c": "#8ec07c"
},
"Next Tab",
"Run",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
{
"c": "#8ec07c"
},
"Impl-ement",
"Over-ride",
{
"c": "#cccccc"
},
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Scratch",
"Attach Debug-ger",
"Refac-tor",
"Run Debug",
"Find",
"Go to Defini-tion",
{
"c": "#cccccc"
},
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Stop App",
"Close Tab",
"Close Bottom Panel",
"Show Doc",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Inline",
"Settings",
{
"c": "#cccccc"
},
"<\n,",
{
"c": "#8ec07c"
},
"Toggle Break-point\n.",
"Toggle Com-ment",
{
"c": "#cccccc",
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#cccccc",
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

167
.readme/keyboard/app/nautilus/keyboard-layout.json
View file

@ -1,167 +0,0 @@
[
[
"~\n`",
{
"c": "#8ec07c"
},
"List View",
"Grid View",
{
"c": "#cccccc"
},
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Tab / Move",
{
"c": "#cccccc"
},
"W",
{
"c": "#8ec07c"
},
"Next Tab / Move",
"Refresh Dir",
"New window",
"Copy Selection",
{
"c": "#cccccc"
},
"U",
{
"c": "#8ec07c"
},
"Invert Selec-tion",
{
"c": "#cccccc"
},
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"New Tab",
"Create Dir",
"Rename",
"Delete",
"Search Dir",
{
"c": "#cccccc"
},
"G",
{
"c": "#8ec07c"
},
"Toggle Hidden Files",
{
"c": "#cccccc"
},
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
{
"c": "#8ec07c"
},
"Close Tab",
{
"c": "#cccccc"
},
"C",
{
"c": "#8ec07c"
},
"File Info",
"Go Back",
{
"c": "#cccccc"
},
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#8ec07c",
"w": 6.25
},
"Focus Navigation Bar",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

160
.readme/keyboard/app/tmux/keyboard-layout.json
View file

@ -1,160 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
{
"c": "#8ec07c"
},
"Split / Align Vertical",
"Equalize Splits",
{
"c": "#cccccc",
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Window",
"Up",
"Next Window",
"Reload Settings",
{
"c": "#cccccc"
},
"T",
{
"c": "#8ec07c"
},
"Copy Selection",
{
"c": "#cccccc"
},
"U",
"I",
"O",
{
"c": "#8ec07c"
},
"Paste",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"c": "#8ec07c",
"w": 1.5
},
"Split / Align Horizontal"
],
[
{
"w": 1.75
},
"New Window",
"Left",
"Down",
"Right",
"Toggle Status Bar",
"Select Session",
"Resize Left",
"Resize/ Scroll Down",
"Resize/ Scroll Up",
"Resize Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Detach Session/Others",
"Close Window",
"Close Pane",
"Select",
{
"c": "#cccccc"
},
"B",
"N",
"M",
{
"c": "#8ec07c"
},
"Prev Session",
"Next Session",
{
"c": "#cccccc"
},
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"App Controls",
{
"c": "#cccccc",
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

142
.readme/keyboard/main/keyboard-layout.json
View file

@ -1,142 +0,0 @@
[
[
{
"c": "#d79921",
"sm": "alps"
},
"System Controls",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"c": "#8ec07c",
"w": 2
},
"Delete"
],
[
{
"c": "#cccccc",
"w": 1.5
},
"Tab",
"Q",
"W",
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"c": "#8ec07c",
"w": 1.75
},
"Ctrl / Esc",
{
"c": "#cccccc"
},
"A",
"S",
"D",
{
"n": true
},
"F",
"G",
"H",
{
"n": true
},
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
"Z",
"X",
"C",
"V",
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"c": "#8ec07c",
"w": 2.75
},
"Backspace"
],
[
{
"c": "#d79921",
"w": 1.25
},
"Alterna-tive Keys",
{
"w": 1.25
},
"WM Controls",
{
"w": 1.25
},
"App Controls",
{
"w": 6.25
},
"Neovim",
{
"c": "#8ec07c",
"w": 1.25
},
"Language Switch",
{
"c": "#d79921",
"w": 1.25
},
"Extra Numbers",
{
"w": 1.25
},
"Media Controls",
{
"c": "#cccccc",
"d": true
},
"Fn"
]
]

139
.readme/keyboard/media/keyboard-layout.json
View file

@ -1,139 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"Prev Song",
"Volume Up",
"Next Song",
{
"c": "#cccccc"
},
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
{
"c": "#8ec07c"
},
"Seek Back",
"Volume Down",
"Seek Fwd",
{
"c": "#cccccc"
},
"F",
"G",
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Mute Sound",
"Stop",
"Cycle Sound Device",
"Mute Mic",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"Play / Pause",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"c": "#d79921",
"w": 1.25
},
"Media Controls (RCtrl)"
]
]

144
.readme/keyboard/number/keyboard-layout.json
View file

@ -1,144 +0,0 @@
[
[
"~\n`",
{
"c": "#8ec07c"
},
"=",
"/",
"*",
"-",
{
"c": "#cccccc"
},
"f17",
"f18",
"f19",
"f20",
"f21",
"f22",
"f23",
"f24",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
{
"c": "#8ec07c"
},
"7",
"8",
"9",
"+",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
{
"c": "#8ec07c"
},
"4",
"5",
"6",
"Enter",
{
"c": "#cccccc"
},
"G",
"H",
"J",
"K",
"L",
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Backspace",
"1",
"2",
"3",
". (dot)",
{
"c": "#cccccc"
},
"B",
"N",
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"0",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"c": "#d79921",
"w": 1.25
},
"Extra Numbers",
{
"c": "#cccccc",
"w": 1.25
},
"Ctrl"
]
]

158
.readme/keyboard/sway/keyboard-layout.json
View file

@ -1,158 +0,0 @@
[
[
"~\n`",
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
{
"c": "#8ec07c"
},
"Split Vertic-ally",
{
"c": "#cccccc"
},
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"c": "#8ec07c",
"w": 1.5
},
"Tab mode toggle",
"Prev Work-space",
"Up",
"Next Work-space",
"Float layer / Waybar",
{
"c": "#cccccc"
},
"T",
{
"c": "#8ec07c"
},
"Full Scr / Rec",
{
"c": "#cccccc"
},
"U",
"I",
"O",
"P",
"{\n[",
"}\n]",
{
"c": "#8ec07c",
"w": 1.5
},
"Split Hori-zontally"
],
[
{
"w": 1.75
},
"Terminal",
"Left",
"Down",
"Right",
"Full-screen / Float",
{
"c": "#cccccc"
},
"G",
{
"c": "#8ec07c"
},
"Resize Left",
"Resize Down",
"Resize Up",
"Resize Right",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"c": "#8ec07c",
"w": 2.25
},
"Alternative action (after slash) or move window",
"Lock / +Sus-pend",
"Close Window",
"Scratch toggle / move",
"Select Scr / Rec",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Dismiss Notif / Repeat",
{
"c": "#cccccc"
},
"M",
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"c": "#d79921",
"w": 1.25
},
"WM Controls",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"c": "#8ec07c",
"w": 6.25
},
"Run",
{
"c": "#cccccc",
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

174
.readme/keyboard/system/keyboard-layout.json
View file

@ -1,174 +0,0 @@
[
[
{
"c": "#d79921"
},
"System controls",
{
"c": "#cccccc"
},
"!\n1",
"@\n2",
"#\n3",
"$\n4",
"%\n5",
"^\n6",
"&\n7",
"*\n8",
"(\n9",
")\n0",
"_\n-",
"+\n=",
{
"w": 2
},
"Backspace"
],
[
{
"w": 1.5
},
"Tab",
"Q",
{
"c": "#8ec07c"
},
"Bright- ness Up",
{
"c": "#cccccc"
},
"E",
{
"c": "#8ec07c"
},
"Live Config Reload",
{
"c": "#cccccc"
},
"T",
"Y",
"U",
"I",
"O",
{
"c": "#8ec07c"
},
"Toggle power-save",
{
"c": "#cccccc"
},
"{\n[",
"}\n]",
{
"w": 1.5
},
"|\n\\"
],
[
{
"w": 1.75
},
"Caps Lock",
"A",
{
"c": "#8ec07c"
},
"Bright-ness Down",
{
"c": "#cccccc"
},
"D",
"F",
{
"c": "#8ec07c"
},
"Toggle Gaming Mode",
{
"c": "#cccccc"
},
"H",
"J",
"K",
{
"c": "#8ec07c"
},
"Toggle charge limit",
{
"c": "#cccccc"
},
":\n;",
"\"\n'",
{
"w": 2.25
},
"Enter"
],
[
{
"w": 2.25
},
"Shift",
{
"c": "#8ec07c"
},
"Sus-pend",
"Power-off",
"Reboot",
"Toggle VPN",
{
"c": "#cccccc"
},
"B",
{
"c": "#8ec07c"
},
"Toggle DND",
"Toggle Monitor Power",
{
"c": "#cccccc"
},
"<\n,",
">\n.",
"?\n/",
{
"w": 2.75
},
"Shift"
],
[
{
"w": 1.25
},
"Ctrl",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Alt",
{
"a": 7,
"w": 6.25
},
"",
{
"a": 4,
"w": 1.25
},
"Alt",
{
"w": 1.25
},
"Win",
{
"w": 1.25
},
"Menu",
{
"w": 1.25
},
"Ctrl"
]
]

16
.treefmt.toml
View file

@ -1,16 +0,0 @@
# One CLI to format the code tree - https://git.numtide.com/numtide/treefmt
# [formatter.mylanguage]
# Formatter to run
# command = "command-to-run"
# Command-line arguments for the command
# options = []
# Glob pattern of files to include
# includes = [ "*.<language-extension>" ]
# Glob patterns of files to exclude
# excludes = []
[formatter.nixfmt-rfc-style]
command = "nixfmt"
options = [ "-s" ]
includes = [ "*.nix" ]

3
Makefile
View file

@ -30,9 +30,6 @@ fix-ulimit:
fix-unlock:
pkill nixos-rebuild || true
format:
treefmt --no-cache --on-unmatched=info
gc:
nix-collect-garbage -d
# nix-store --gc

68
Readme.md
View file

@ -1,4 +1,4 @@
# Dmitry 🌊 NixOS, Home Manager and Nix-on-Droid configurations.
# Dmitry 🌊 NixOS and Nix-on-Droid configurations.
## Please, support tabs in Nix!
@ -36,68 +36,4 @@ Newest first.
<a href="https://i.imgur.com/H943DFl.jpeg">Wallpaper link</a>
</details>
[My current wallpaper](config/Wallpaper.nix#L4)
Color theming based on wallpaper thanks to [Stylix](https://github.com/danth/stylix).
## Discovering my configuration.
Even tho I've tried to document everything I can in a dum-dum way, I still highly recommend you to learn the [very basics of Nix language](https://nixos.org/guides/nix-pills/). Start from the [Flake](flake.nix) file and follow the comments. If you have any questions, get in touch using [Telegram](https://t.me/voronind_com) or [Email](mailto:hi@voronind.com).
Please tell me if you find any undocumented parts.
## Configuration highlights.
* [Keyd](module/Keyd.nix) allows you to have QMK-like keyboard remaps. Killer-feature is the ability to have remaps per-application. I have pretty common remaps like CapsLock to Ctrl/Esc combo, Right Shift to Backspace, Backspace to Delete and overlays for System/Windows/Media/Application controls as well as Macros.
* NixOS Containers (nspawn). Containers are great. I LOVE containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! Containers! [Here](host/x86_64-linux/home/Container.nix) is how I add containers to the host, [here](container/default.nix) is the global configuration and [here](container) are all the containers.
* NixOnDroid can be used to set up your environment inside the Termux app on Android. It also gives you access to all the Nixpkgs binaries for Arm. Configuration can be found [here](home/Android.nix), but you also need to add the definition to the root `flake.nix (nixOnDroidConfigurations.default)`. [Here](https://github.com/nix-community/nix-on-droid) are the docs.
* [Stylix](config/Stylix.nix) can be used to change colors for the whole system based on current wallpaper. Example usages: [Sway](home/config/sway/module/Style.nix), [fuzzel](home/config/fuzzel/default.nix) and [Tmux](home/config/tmux/module/Status.nix).
* [Signed auto-updates](module/AutoUpdateSigned.nix). Updates are pulled every hour and require the last commit to be signed with my signature.
## Keyboard layouts.
Yellow are modifier keys, they enable layers when held. Green ones are just modified keys.
<details>
<summary>Default</summary>
<img src="https://i.imgur.com/MBb23eB.png" />
</details>
<details>
<summary>Alternative Keys</summary>
<img src="https://i.imgur.com/X9CGhLb.png" />
</details>
<details>
<summary>Sway keys</summary>
<img src="https://i.imgur.com/hiGZ86w.png" /><br>
</details>
<details>
<summary>Per-application controls</summary>
Firefox:<br>
<img src="https://i.imgur.com/GI0apoV.png" /><br>
Jetbrains:<br>
<img src="https://i.imgur.com/OFNlHnW.png" /><br>
Nautilus:<br>
<img src="https://i.imgur.com/9W1GmLn.png" /><br>
Tmux:<br>
<img src="https://i.imgur.com/GhmwyCO.png" />
</details>
<details>
<summary>Extra numbers</summary>
<img src="https://i.imgur.com/89ERKd9.png" />
</details>
<details>
<summary>Media Controls</summary>
<img src="https://i.imgur.com/HvdSdRP.png" />
</details>
<details>
<summary>System controls</summary>
<img src="https://i.imgur.com/rGC2HXf.png" />
</details>
[Link](http://www.keyboard-layout-editor.com) / [Source](https://github.com/ijprest/keyboard-layout-editor) of the tool I used to draw the images.
[My current wallpaper](module/Wallpaper.nix#L6)

68
config/Setting.nix
View file

@ -1,68 +0,0 @@
# Global settings.
# Just like I can configure each package, here I configure my config! :O)
{ lib, ... }:
{
options.setting = with lib; {
# Ollama settings.
# I use the best light model by default.
ollama = mkOption {
default = { };
type = types.submodule {
# freeformType = lib.jsonFormat.type;
options = {
primaryModel = mkOption {
default = "llama3";
type = types.str;
};
};
};
};
# Whether to use Dpi-aware setting in supported apps.
dpiAware = mkOption {
default = false;
type = types.bool;
};
# Keyboard options.
keyboard = mkOption {
default = { };
type = types.submodule {
options = {
layouts = mkOption {
default = "us,ru";
type = types.str;
};
options = mkOption {
default = "grp:toggle";
type = types.str;
};
};
};
};
# CPU configurations.
cpu = mkOption {
default = { };
type = types.submodule {
options = {
hwmon = mkOption {
default = { };
type = types.submodule {
options = {
path = mkOption {
default = "";
type = types.str;
};
file = mkOption {
default = "";
type = types.str;
};
};
};
};
};
};
};
};
}

123
config/Style.nix
View file

@ -1,123 +0,0 @@
{
lib,
config,
pkgs,
__findFile,
...
}:
with lib;
let
cfg = config.style;
mkTypeOption = default: type: mkOption { inherit default type; };
mkStrOption = default: mkTypeOption default types.str;
mkIntOption = default: mkTypeOption default types.int;
mkFloatOption = default: mkTypeOption default types.float;
mkPkgOption = default: mkTypeOption default types.package;
in
{
options.style = {
color = {
bg = {
dark = mkStrOption config.lib.stylix.colors.base00;
light = mkStrOption config.lib.stylix.colors.base07;
regular = mkStrOption config.lib.stylix.colors.base01;
};
fg = {
dark = mkStrOption config.lib.stylix.colors.base04;
light = mkStrOption config.lib.stylix.colors.base06;
regular = mkStrOption config.lib.stylix.colors.base05;
};
accent = mkStrOption config.lib.stylix.colors.base0A;
heading = mkStrOption config.lib.stylix.colors.base0D;
hl = mkStrOption config.lib.stylix.colors.base03;
keyword = mkStrOption config.lib.stylix.colors.base0E;
link = mkStrOption config.lib.stylix.colors.base09;
misc = mkStrOption config.lib.stylix.colors.base0F;
negative = mkStrOption config.lib.stylix.colors.base08;
neutral = mkStrOption config.lib.stylix.colors.base0C;
positive = mkStrOption config.lib.stylix.colors.base0B;
selection = mkStrOption config.lib.stylix.colors.base02;
transparent = mkStrOption "ffffff00";
accent-b = mkStrOption config.lib.stylix.colors.base0A-rgb-b;
accent-g = mkStrOption config.lib.stylix.colors.base0A-rgb-g;
accent-r = mkStrOption config.lib.stylix.colors.base0A-rgb-r;
negative-b = mkStrOption config.lib.stylix.colors.base08-rgb-b;
negative-g = mkStrOption config.lib.stylix.colors.base08-rgb-g;
negative-r = mkStrOption config.lib.stylix.colors.base08-rgb-r;
neutral-b = mkStrOption config.lib.stylix.colors.base0C-rgb-b;
neutral-g = mkStrOption config.lib.stylix.colors.base0C-rgb-g;
neutral-r = mkStrOption config.lib.stylix.colors.base0C-rgb-r;
positive-b = mkStrOption config.lib.stylix.colors.base0B-rgb-b;
positive-g = mkStrOption config.lib.stylix.colors.base0B-rgb-g;
positive-r = mkStrOption config.lib.stylix.colors.base0B-rgb-r;
bg-b = mkStrOption config.lib.stylix.colors.base00-rgb-b;
bg-g = mkStrOption config.lib.stylix.colors.base00-rgb-g;
bg-r = mkStrOption config.lib.stylix.colors.base00-rgb-r;
fg-b = mkStrOption config.lib.stylix.colors.base06-rgb-b;
fg-g = mkStrOption config.lib.stylix.colors.base06-rgb-g;
fg-r = mkStrOption config.lib.stylix.colors.base06-rgb-r;
border = mkStrOption config.lib.stylix.colors.base01;
border-b = mkStrOption config.lib.stylix.colors.base01-rgb-b;
border-g = mkStrOption config.lib.stylix.colors.base01-rgb-g;
border-r = mkStrOption config.lib.stylix.colors.base01-rgb-r;
};
font = {
size = {
application = mkIntOption 12;
terminal = mkIntOption 14;
popup = mkIntOption 12;
desktop = mkIntOption 14;
};
serif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display";
};
sansSerif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display";
};
monospace = {
package = mkPkgOption (pkgs.nerdfonts.override { fonts = [ "Terminus" ]; });
name = mkStrOption "Terminess Nerd Font Mono";
};
emoji = {
package = mkPkgOption pkgs.noto-fonts-emoji;
name = mkStrOption "Noto Color Emoji";
};
};
opacity = {
application = mkFloatOption 0.85;
desktop = mkFloatOption 0.85;
popup = mkFloatOption 0.85;
terminal = mkFloatOption 0.85;
hex = mkStrOption "D9";
};
# cursor = {
# name = mkStrOption "Adwaita";
# package = mkPkgOption pkgs.adwaita-icon-theme;
# size = mkIntOption 14;
# };
cursor = {
name = mkStrOption "phinger-cursors-light";
package = mkPkgOption pkgs.phinger-cursors;
size = mkIntOption 24;
};
window = {
gap = mkIntOption 8;
border = mkIntOption 4;
};
};
}

42
config/Stylix.nix
View file

@ -1,42 +0,0 @@
{
pkgs,
config,
__findFile,
...
}:
{
stylix = {
enable = true;
image = config.module.wallpaper.path;
autoEnable = true;
polarity = "dark";
fonts = {
inherit (config.style.font)
serif
sansSerif
monospace
emoji
;
sizes = {
inherit (config.style.font.size) terminal desktop;
applications = config.style.font.size.application;
popups = config.style.font.size.popup;
};
};
opacity = {
inherit (config.style.opacity) desktop terminal;
applications = config.style.opacity.application;
popups = config.style.opacity.popups;
};
inherit (config.style) cursor;
override =
if config.module.wallpaper.forceContrastText then
{
base04 = "000000";
base05 = "ffffff";
base06 = "ffffff";
}
else
{ };
};
}

21
config/Wallpaper.nix
View file

@ -1,21 +0,0 @@
{ pkgs, lib, ... }:
with lib;
let
url = "https://i.imgur.com/yuZ2XSf.jpeg";
sha256 = "sha256-Z35D7gn28d2dtPHHVwzySOingy/d8CWKmK9LQjpyjEk=";
forceContrastText = false;
in
{
options = {
module.wallpaper = {
forceContrastText = mkOption {
default = warnIf forceContrastText "Style : Forced text contrast." forceContrastText;
type = types.bool;
};
path = mkOption {
default = pkgs.fetchurl { inherit url sha256; };
type = types.path;
};
};
};
}

41
container/Change.nix
View file

@ -1,38 +1,35 @@
{
config,
container,
lib,
config,
...
}@args:
with lib;
let
}: let
cfg = config.container.module.change;
in
{
options = {
container.module.change = {
enable = mkEnableOption "Change detection service";
address = mkOption {
in {
options.container.module.change = {
enable = lib.mkEnableOption "the change detection service";
address = lib.mkOption {
default = "10.1.0.41";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 5000;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "change.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/change";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.change = container.mkContainer cfg {
bindMounts = {
@ -42,9 +39,7 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.changedetection-io = {
enable = true;
baseURL = cfg.domain;

39
container/Chat.nix
View file

@ -1,18 +1,15 @@
{
config,
container,
lib,
config,
pkgs,
...
}:
let
}: let
cfg = config.container.module.chat;
db = config.container.module.postgres;
in
{
options = {
container.module.chat = {
enable = lib.mkEnableOption "chat container.";
in {
options.container.module.chat = {
enable = lib.mkEnableOption "the chat container.";
address = lib.mkOption {
default = "10.1.0.20";
type = lib.types.str;
@ -30,11 +27,12 @@ in
type = lib.types.str;
};
};
};
# WIP: https://search.nixos.org/options?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=mattermost
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.chat = container.mkContainer cfg {
bindMounts = {
@ -44,9 +42,7 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.mattermost = {
enable = true;
listenAddress = ":${toString cfg.port}";
@ -56,18 +52,13 @@ in
siteName = "Chat";
siteUrl = "https://${cfg.domain}";
statePath = "/var/lib/mattermost";
plugins =
let
calls =
let
version = "1.2.0";
in
pkgs.fetchurl {
url = "https://github.com/mattermost/mattermost-plugin-calls/releases/download/v${version}/mattermost-plugin-calls-v${version}.tar.gz";
plugins = [
(pkgs.fetchurl rec {
hash = "sha256-yQGBpBPgXxC+Pm6dHlbwlNEdvn6wg9neSpNNTC4YYAA=";
};
in
[ calls ];
url = "https://github.com/mattermost/mattermost-plugin-calls/releases/download/v${version}/mattermost-plugin-calls-v${version}.tar.gz";
version = "1.2.0";
})
];
extraConfig = {
SqlSettings = {
DataSource = "postgres://mattermost:any@${db.address}:${toString db.port}/mattermost?sslmode=disable&connect_timeout=10";

60
container/Cloud.nix
View file

@ -1,42 +1,38 @@
{
container,
pkgs,
lib,
config,
container,
lib,
pkgs,
...
}@args:
with lib;
let
}: let
cfg = config.container.module.cloud;
postgres = config.container.module.postgres;
proxy = config.container.module.proxy;
in
{
options = {
container.module.cloud = {
enable = mkEnableOption "File cloud service";
address = mkOption {
in {
options.container.module.cloud = {
enable = lib.mkEnableOption "the file cloud service.";
address = lib.mkOption {
default = "10.1.0.13";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 80;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "cloud.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/cloud";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.cloud = container.mkContainer cfg {
bindMounts = {
@ -46,20 +42,17 @@ in
};
};
config =
{ config, ... }:
container.mkContainerConfig cfg {
config = { config, ... }: container.mkContainerConfig cfg {
services.nextcloud = {
enable = true;
# package = pkgs.nextcloud29;
hostName = cfg.domain;
# package = pkgs.nextcloud29;
# phpOptions = {
# memory_limit = lib.mkForce "20G";
# };
config = {
adminuser = "root";
adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}";
adminuser = "root";
dbhost = postgres.address;
dbname = "nextcloud";
dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}";
@ -67,16 +60,19 @@ in
dbuser = "nextcloud";
};
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) contacts calendar onlyoffice;
inherit (config.services.nextcloud.package.packages.apps)
contacts calendar onlyoffice;
};
extraAppsEnable = true;
settings = {
allow_local_remote_servers = true;
trusted_domains = [
cfg.address
cfg.domain
];
trusted_proxies = [ proxy.address ];
allow_local_remote_servers = true;
trusted_proxies = [
proxy.address
];
};
};
};

42
container/Ddns.nix
View file

@ -1,30 +1,27 @@
{
config,
container,
lib,
config,
...
}@args:
with lib;
let
}: let
cfg = config.container.module.ddns;
in
{
options = {
container.module.ddns = {
enable = mkEnableOption "Dynamic dns client.";
address = mkOption {
in {
options.container.module.ddns = {
enable = lib.mkEnableOption "the dynamic dns client.";
address = lib.mkOption {
default = "10.1.0.31";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/ddns";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.ddns = container.mkContainer cfg {
bindMounts = {
@ -34,9 +31,7 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.cloudflare-dyndns = {
enable = true;
apiTokenFile = "/data/token";
@ -44,12 +39,11 @@ in
ipv4 = true;
ipv6 = false;
proxied = false;
domains =
let
domains = let
domain = config.container.domain;
in
[ domain ]
++ map (sub: "${sub}.${domain}") [
in [
domain
] ++ map (sub: "${sub}.${domain}") [
"cloud"
"git"
"mail"

55
container/Dns.nix
View file

@ -1,16 +1,13 @@
{
container,
pkgs,
lib,
config,
container,
lib,
pkgs,
...
}:
let
}: let
cfg = config.container.module.dns;
in
{
options = {
container.module.dns = {
in {
options.container.module.dns = {
enable = lib.mkEnableOption "the DNS server.";
address = lib.mkOption {
default = "10.1.0.6";
@ -21,33 +18,22 @@ in
type = lib.types.int;
};
};
};
config = lib.mkIf cfg.enable {
containers.dns = container.mkContainer cfg {
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = [ pkgs.cloudflared ];
# systemd.services.cloudflared = {
# description = "Cloudflare DoH server.";
# enable = true;
# wantedBy = [ "multi-user.target" ];
# serviceConfig = {
# Type = "simple";
# ExecStart = "${lib.getExe pkgs.cloudflared} proxy-dns --port 5054";
# };
# };
config = { ... }: container.mkContainerConfig cfg {
services.blocky = {
enable = true;
# REF: https://0xerr0r.github.io/blocky/main/configuration/
settings = {
bootstrapDns = "tcp+udp:1.1.1.1";
connectIPVersion = "v4";
ports.dns = cfg.port;
# httpPort = "80";
upstreams.groups = {
default = [ "https://dns.quad9.net/dns-query" ];
default = [
"https://dns.quad9.net/dns-query"
];
};
caching = {
maxItemsCount = 100000;
@ -65,9 +51,9 @@ in
refreshPeriod = "24h";
strategy = "blocking";
downloads = {
timeout = "5m";
attempts = 3;
cooldown = "10s";
timeout = "5m";
};
};
# SRC: https://oisd.nl
@ -112,30 +98,27 @@ in
# };
clientGroupsBlock = {
default = [
"suspicious"
"ads"
"tracking"
"malicious"
"other"
"suspicious"
"tracking"
];
};
};
customDNS = {
mapping =
let
mapping = let
block = host: { ${host} = "0.0.0.0"; };
in
{
in {
# All subdomains to current host.
# ${config.container.domain} = config.container.host;
"voronind.com" = "10.0.0.1";
}
// block "gosuslugi.ru"
// block "rutube.ru"
// block "vk.com";
// block "vk.com"
;
};
ports.dns = cfg.port;
# httpPort = "80";
};
};
};

51
container/Download.nix
View file

@ -1,62 +1,57 @@
{
config,
container,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.download;
in
{
options = {
container.module.download = {
enable = mkEnableOption "Downloader.";
address = mkOption {
in {
options.container.module.download = {
enable = lib.mkEnableOption "the bit-torrent downloader.";
address = lib.mkOption {
default = "10.1.0.12";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8112;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "download.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/download";
type = types.str;
type = lib.types.str;
};
memLimit = mkOption {
memLimit = lib.mkOption {
default = "4G";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.download = container.mkContainer cfg {
enableTun = true;
bindMounts = {
"/var/lib/deluge/.config/deluge" = {
hostPath = "${cfg.storage}/data";
isReadOnly = false;
};
} // container.attachMedia "download" false;
}
// container.attachMedia "download" false
;
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.deluge = {
enable = true;
dataDir = "/var/lib/deluge";
web.enable = true;
};
systemd.services.deluged.serviceConfig = {
MemoryLimit = cfg.memLimit;
Restart = lib.mkForce "always";

78
container/Frkn.nix
View file

@ -1,46 +1,42 @@
# TODO: Saved just in case for the dark future.
# в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна"
{
container,
pkgs,
lib,
config,
__findFile,
config,
container,
lib,
pkgs,
util,
...
}:
with lib;
let
} @args: let
cfg = config.container.module.frkn;
in
{
options = {
container.module.frkn = {
enable = mkEnableOption "FRKN";
address = mkOption {
in {
options.container.module.frkn = {
enable = lib.mkEnableOption "the Allmighty FRKN service.";
address = lib.mkOption {
default = "10.1.0.69";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 1080;
type = types.int;
type = lib.types.int;
};
torport = mkOption {
torport = lib.mkOption {
default = 9150;
type = types.int;
type = lib.types.int;
};
xrayport = mkOption {
xrayport = lib.mkOption {
default = 1081;
type = types.int;
type = lib.types.int;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/frkn";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.frkn = container.mkContainer cfg {
bindMounts = {
@ -50,15 +46,16 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
imports = [
(import <module/Zapret.nix> args)
];
boot.kernel.sysctl = {
"net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1;
};
imports = [ <module/Zapret.nix> ];
module.zapret = {
enable = true;
params = config.module.zapret.params;
@ -67,38 +64,33 @@ in
services = {
microsocks = {
enable = true;
disableLogging = true;
ip = cfg.address;
port = cfg.port;
disableLogging = true;
#authUsername
#outgoingBindIp
#authOnce
};
tor = {
enable = true;
openFirewall = true;
settings =
let
settings = let
exclude = "{RU},{UA},{BY},{KZ},{CN},{??}";
in
{
in {
# ExcludeExitNodes = exclude;
# ExcludeNodes = exclude;
#DNSPort = dnsport;
# DNSPort = dnsport;
UseBridges = true;
ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/lyrebird";
Bridge = [
"obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0"
"obfs4 121.45.140.249:12123 0922E212E33B04F0B7C1E398161E8EDE06734F26 cert=3AQ4iJFAzxzt7a/zgXIiFEs6fvrXInXt1Dtr09DgnpvUzG/iiyRTdXYZKSYpI124Zt3ZUA iat-mode=0"
"obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0"
"obfs4 145.239.31.71:10161 882125D15B59BB82BE66F999056CB676D3F061F8 cert=AnD+EvcBMuQDVM7PwW7NgFAzW1M5jDm7DjQtIIcBSjoyAf1FJ2p535rrYL2Kk8POAd0+aw iat-mode=0"
"obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0"
"obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0"
];
};
client = {
enable = true;
#dns.enable = true;
# dns.enable = true;
socksListenAddress = {
IsolateDestAddr = true;
addr = cfg.address;

94
container/Git.nix
View file

@ -1,43 +1,40 @@
{
container,
pkgs,
config,
container,
lib,
pkgs,
...
}:
with lib;
let
}: let
cfg = config.container.module.git;
in
{
options = {
container.module.git = {
enable = mkEnableOption "Git server.";
address = mkOption {
in {
options.container.module.git = {
enable = lib.mkEnableOption "the git server.";
address = lib.mkOption {
default = "10.1.0.8";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 3000;
type = types.int;
type = lib.types.int;
};
portSsh = mkOption {
portSsh = lib.mkOption {
default = 22144;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "git.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/git";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.git = container.mkContainer cfg {
bindMounts = {
@ -47,41 +44,43 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ forgejo ];
config = { ... }: container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [
forgejo
];
services.forgejo = {
enable = true;
stateDir = "/var/lib/forgejo";
database =
let
database = let
postgre = config.container.module.postgres;
in
{
type = "postgres";
host = postgre.address;
port = postgre.port;
user = "forgejo";
name = "forgejo";
in {
createDatabase = false;
host = postgre.address;
name = "forgejo";
port = postgre.port;
type = "postgres";
user = "forgejo";
};
settings =
let
settings = let
gcArgs = "--aggressive --no-cruft --prune=now";
gcTimeout = 600;
in
{
"service".DISABLE_REGISTRATION = true;
in {
"cron.cleanup_actions".ENABLED = true;
"cron.update_mirrors".SCHEDULE = "@midnight";
"git".GC_ARGS = gcArgs;
"git.timeout".GC = gcTimeout;
"log".LEVEL = "Error";
"repo-archive".ENABLED = false;
"repository.issue".MAX_PINNED = 99999;
"repository.pull-request".DEFAULT_MERGE_STYLE = "rebase";
"service".DISABLE_REGISTRATION = true;
"server" = {
DOMAIN = cfg.domain;
HTTP_ADDR = cfg.address;
ROOT_URL = "https://${cfg.domain}";
BUILTIN_SSH_SERVER_USER = "git";
DISABLE_SSH = false;
SSH_PORT = cfg.portSsh;
@ -94,25 +93,16 @@ in
DEFAULT_PRIVATE = "private";
DEFAULT_PUSH_CREATE_PRIVATE = true;
};
"repository.pull-request".DEFAULT_MERGE_STYLE = "rebase";
"repository.issue".MAX_PINNED = 99999;
"cron" = {
ENABLED = true;
RUN_AT_START = true;
};
"repo-archive".ENABLED = false;
"cron.update_mirrors".SCHEDULE = "@midnight";
"cron.cleanup_actions".ENABLED = true;
"cron.git_gc_repos" = {
ENABLED = true;
ARGS = gcArgs;
SCHEDULE = "@midnight";
TIMEOUT = gcTimeout;
ARGS = gcArgs;
};
"git" = {
GC_ARGS = gcArgs;
};
"git.timeout".GC = gcTimeout;
};
};
};

79
container/Hdd.nix
View file

@ -1,79 +0,0 @@
# ISSUE: Broken, can't read/write sda device.
{
container,
pkgs,
config,
lib,
...
}:
with lib;
let
cfg = config.container.module.hdd;
in
{
options = {
container.module.hdd = {
enable = mkEnableOption "Hdd health monitor.";
address = mkOption {
default = "10.1.0.10";
type = types.str;
};
port = mkOption {
default = 8080;
type = types.int;
};
domain = mkOption {
default = "hdd.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/hdd";
type = types.str;
};
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
containers.hdd = container.mkContainer cfg {
# bindMounts = let
# attachDrive = hostPath: {
# inherit hostPath;
# isReadOnly = false;
# };
# in {
# "/opt/scrutiny" = {
# hostPath = "${cfg.storage}/data";
# isReadOnly = false;
# };
# "/dev/sda" = attachDrive "/dev/sda";
# };
# allowedDevices = [
# {
# modifier = "rwm";
# node = "/dev/sda";
# }
# ];
# additionalCapabilities = [ "CAP_SYS_ADMIN" ];
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ smartmontools ];
services.scrutiny = {
enable = true;
settings.web = {
listen = {
host = cfg.address;
port = cfg.port;
};
};
};
};
};
};
}

48
container/Home.nix
View file

@ -1,52 +1,48 @@
{
__findFile,
config,
container,
lib,
pkgs,
util,
lib,
config,
__findFile,
...
}@args:
with lib;
let
} @args: let
cfg = config.container.module.home;
package = (pkgs.callPackage <package/homer> args);
in
{
options = {
container.module.home = {
enable = mkEnableOption "Dashboard.";
address = mkOption {
in {
options.container.module.home = {
enable = lib.mkEnableOption "the dashboard.";
address = lib.mkOption {
default = "10.1.0.18";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 80;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "home.${config.container.domain}";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
containers.home = container.mkContainer cfg {
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = [ package ];
systemd.packages = [ package ];
config = { ... }: container.mkContainerConfig cfg {
environment.systemPackages = [
package
];
systemd.packages = [
package
];
services.nginx = {
enable = true;
virtualHosts.${cfg.domain} = container.mkServer {
default = true;
root = "${package}";
locations = {
"/".extraConfig = ''
"/".extraConfig = util.trimTabs ''
try_files $uri $uri/index.html;
'';
};

58
container/Iot.nix
View file

@ -1,39 +1,35 @@
{
config,
container,
lib,
config,
pkgsStable,
...
}:
with lib;
let
}: let
cfg = config.container.module.iot;
in
{
options = {
container.module.iot = {
enable = mkEnableOption "IoT service.";
address = mkOption {
in {
options.container.module.iot = {
enable = lib.mkEnableOption "IoT service.";
address = lib.mkOption {
default = "10.1.0.27";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8123;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "iot.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/iot";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.iot = container.mkContainer cfg {
bindMounts = {
@ -49,7 +45,9 @@ in
hostPath = "/dev/serial/by-id";
isReadOnly = false;
};
} // container.attachMedia "photo" true;
}
// container.attachMedia "photo" true
;
allowedDevices = [
{
@ -58,9 +56,7 @@ in
}
];
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
# Allow Hass to talk to Zigbee dongle.
users.users.hass.extraGroups = [
"dialout"
@ -70,6 +66,9 @@ in
services.home-assistant = {
# NOTE: Missing: hacs. Inside hacs: `card-mod`, `Clock Weather Card`, `WallPanel` and `Yandex.Station`.
enable = true;
# NOTE: Using imperative config because of secrets.
config = null;
configDir = "/var/lib/hass";
extraComponents = [
"caldav"
"met"
@ -93,25 +92,22 @@ in
numpy
pymicro-vad
pynacl
pyspeex-noise
python-telegram-bot
pyturbojpeg
pyspeex-noise
zeroconf
];
configDir = "/var/lib/hass";
# lovelaceConfig = {
# title = "Home IoT control center.";
# };
# NOTE: Using imperative config because of secrets.
config = null;
};
# HACK: Delay so that nextcloud calendar can reply on reboot.
systemd = {
services."home-assistant".wantedBy = mkForce [ ];
services."home-assistant".wantedBy = lib.mkForce [ ];
timers.fixsystemd = {
timerConfig = {
OnBootSec = 15;
OnBootSec = 60;
Unit = "home-assistant.service";
};
wantedBy = [ "timers.target" ];

62
container/Jobber.nix
View file

@ -1,37 +1,34 @@
{
__findFile,
config,
container,
lib,
pkgsJobber,
poetry2nixJobber,
lib,
config,
__findFile,
...
}:
with lib;
let
}: let
cfg = config.container.module.jobber;
script = import <package/jobber> {
poetry2nix = poetry2nixJobber;
pkgs = pkgsJobber;
poetry2nix = poetry2nixJobber;
};
in
{
options = {
container.module.jobber = {
enable = mkEnableOption "Button pusher Stanley.";
address = mkOption {
in {
options.container.module.jobber = {
enable = lib.mkEnableOption "Stanley - the button pusher.";
address = lib.mkOption {
default = "10.1.0.32";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/jobber";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.jobber = container.mkContainer cfg {
bindMounts = {
@ -43,34 +40,37 @@ in
enableTun = true;
config =
{ lib, ... }:
let
packages =
[ script ]
++ (with pkgsJobber; [
config = { ... }: let
packages = [
script
] ++ (with pkgsJobber; [
firefox
geckodriver
openvpn
python311
]);
in
container.mkContainerConfig cfg {
networking = lib.mkForce { nameservers = [ "10.30.218.2" ]; };
in container.mkContainerConfig cfg {
networking = lib.mkForce {
nameservers = [
"10.30.218.2"
];
};
systemd.services.jobber = {
description = "My job is pushing the button.";
enable = true;
wantedBy = [ "multi-user.target" ];
path = packages;
wantedBy = [
"multi-user.target"
];
environment = {
PYTHONUNBUFFERED = "1";
PYTHONDONTWRITEBYTECODE = "1";
PYTHONUNBUFFERED = "1";
};
serviceConfig = {
Type = "simple";
ExecStart = "${script}/bin/jobber -u";
Restart = "on-failure";
Type = "simple";
};
};
};

148
container/Mail.nix
View file

@ -1,48 +1,39 @@
# Guide: https://nixos-mailserver.readthedocs.io/en/latest/setup-guide.html
{
config,
const,
container,
lib,
pkgs,
util,
const,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.mail;
domain = config.container.domain;
in
{
options = {
container.module.mail = {
enable = mkEnableOption "Email server.";
address = mkOption {
in {
options.container.module.mail = {
enable = lib.mkEnableOption "the email server.";
address = lib.mkOption {
default = "10.1.0.5";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 80;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "mail.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/mail";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
# "data/indices"
# "data/vmail"
# "data/sieve"
# "data/dkim"
];
containers.mail = container.mkContainer cfg {
@ -69,13 +60,11 @@ in
};
};
config =
{ config, ... }:
container.mkContainerConfig cfg {
config = { config, ... }: container.mkContainerConfig cfg {
imports = [
(builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz";
sha256 = "sha256:0clvw4622mqzk1aqw1qn6shl9pai097q62mq1ibzscnjayhp278b";
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz";
})
];
@ -86,43 +75,45 @@ in
sendingFqdn = domain;
# Use `mkpasswd -sm bcrypt`.
loginAccounts =
let
loginAccounts = let
defaultQuota = "1G";
in
{
in {
"admin@${domain}" = {
name = "admin";
hashedPassword = "$2b$05$1O.dxXxaVshcBNybcqDRYuTlnYt3jDBwfPZWoDtP4BjOLoL0StYsi";
name = "admin";
quota = defaultQuota;
};
"account@${domain}" = {
name = "account";
hashedPassword = "$2b$05$sCyZHdk98KqQ1qsTIvbrUeRJlNBOwBqDgpdc1QxiSnONlEkZ8xGNO";
name = "account";
quota = defaultQuota;
};
"hi@${domain}" = {
name = "hi";
hashedPassword = "$2b$05$6fT5hIhzIasNfp9IQr/ds.5RuxH95VKU3QJWlX3hmrAzDF3mExanq";
name = "hi";
quota = defaultQuota;
aliases = [ "voronind@${domain}" ];
aliases = [
"voronind@${domain}"
];
};
"job@${domain}" = {
name = "job";
hashedPassword = "$2b$05$.sUmv2.9EWPfLwJn/oZw2e1UbR7HrpNQ2THc5jjX3ysy7CY8ZWHUC";
name = "job";
quota = defaultQuota;
};
"trash@${domain}" = {
name = "trash";
hashedPassword = "$2b$05$kn5ygZjN9NR3LXjnKKRw/.DXaZQNW.1XEottlCFIoKiDpIj.JGLJm";
catchAll = [ domain ];
name = "trash";
quota = defaultQuota;
catchAll = [
domain
];
};
"noreply@${domain}" = {
name = "noreply";
hashedPassword = "$2b$05$TaKwoYmcmkAhsRRv6xG5wOkChcz50cB9BP6QPUDKNAcxMbrY6AeMK";
sendOnly = true;
name = "noreply";
quota = defaultQuota;
sendOnly = true;
};
};
@ -134,43 +125,30 @@ in
enableManageSieve = true;
virusScanning = false;
certificateFile = "/acme/live/${domain}/cert.pem";
certificateScheme = "manual";
keyFile = "/acme/live/${domain}/privkey.pem";
certificateFile = "/acme/live/${domain}/cert.pem";
dkimKeyDirectory = "/var/dkim";
indexDir = "/var/lib/dovecot/indices";
mailDirectory = "/var/vmail";
sieveDirectory = "/var/sieve";
dkimKeyDirectory = "/var/dkim";
mailboxes = {
All = {
mailboxes = let
mkSpecialBox = specialUse: {
${specialUse} = {
inherit specialUse;
auto = "subscribe";
specialUse = "All";
};
Archive = {
auto = "subscribe";
specialUse = "Archive";
};
Drafts = {
auto = "subscribe";
specialUse = "Drafts";
};
Junk = {
auto = "subscribe";
specialUse = "Junk";
# autoexpunge = "3d";
};
Sent = {
auto = "subscribe";
specialUse = "Sent";
};
Trash = {
auto = "subscribe";
specialUse = "Trash";
# autoexpunge = "30d";
};
};
in builtins.foldl' (acc: box: acc // (mkSpecialBox box)) {} [
"All"
"Archive"
"Drafts"
"Junk"
"Sent"
"Trash"
];
dmarcReporting = {
inherit domain;
@ -188,17 +166,15 @@ in
services = {
roundcube = {
enable = true;
hostName = cfg.domain;
dicts = with pkgs.aspellDicts; [
en
ru
];
hostName = cfg.domain;
plugins = [ "managesieve" ];
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
# $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
# $config['smtp_server'] = "tls://localhost";
plugins = [
"managesieve"
];
extraConfig = util.trimTabs ''
$config['smtp_server'] = "localhost:25";
$config['smtp_auth_type'] = null;
$config['smtp_user'] = "";
@ -208,20 +184,22 @@ in
'';
};
nginx = {
virtualHosts.${cfg.domain} = {
forceSSL = false;
nginx.virtualHosts.${cfg.domain} = {
enableACME = false;
};
forceSSL = false;
};
};
systemd = {
services.autoexpunge = {
description = "Delete old mail";
serviceConfig.Type = "oneshot";
path = [ pkgs.dovecot ];
script = ''
serviceConfig = {
Type = "oneshot";
};
path = [
pkgs.dovecot
];
script = util.trimTabs ''
doveadm expunge -A mailbox Junk SENTBEFORE 7d
doveadm expunge -A mailbox Trash SENTBEFORE 30d
doveadm expunge -u trash@voronind.com mailbox Inbox SENTBEFORE 30d
@ -235,7 +213,9 @@ in
Persistent = true;
Unit = "autoexpunge.service";
};
wantedBy = [ "timers.target" ];
wantedBy = [
"timers.target"
];
};
};
};

51
container/Office.nix
View file

@ -3,42 +3,39 @@
# 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS
# See https://git.voronind.com/voronind/nixos/issues/74
{
config,
container,
lib,
pkgs,
util,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.office;
in
{
options = {
container.module.office = {
enable = mkEnableOption "Office web suite.";
address = mkOption {
in {
options.container.module.office = {
enable = lib.mkEnableOption "the office web suite.";
address = lib.mkOption {
default = "10.1.0.21";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8000;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "office.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/office";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.office = container.mkContainer cfg {
bindMounts = {
@ -49,9 +46,7 @@ in
};
# HACK: Temporarely run in docker due to https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/931
config =
{ pkgs, ... }:
container.mkContainerConfig cfg {
config = { pkgs, ... }: container.mkContainerConfig cfg {
virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers.office = {
autoStart = true;
@ -62,14 +57,14 @@ in
"--privileged"
];
environment = {
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
AMQP_URI = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}";
DB_HOST = config.container.module.postgres.address;
DB_PORT = toString config.container.module.postgres.port;
DB_NAME = "onlyoffice";
DB_USER = "onlyoffice";
DB_PORT = toString config.container.module.postgres.port;
DB_PWD = "onlyoffice";
DB_USER = "onlyoffice";
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
};
};
};

75
container/Paper.nix
View file

@ -1,40 +1,36 @@
{
container,
pkgs,
pkgsStable,
lib,
config,
container,
lib,
pkgs,
...
}:
with lib;
let
}: let
cfg = config.container.module.paper;
in
{
options = {
container.module.paper = {
enable = mkEnableOption "Paper scans manager.";
address = mkOption {
in {
options.container.module.paper = {
enable = lib.mkEnableOption "the paper scans manager.";
address = lib.mkOption {
default = "10.1.0.40";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 28981;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "paper.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/paper";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.paper = container.mkContainer cfg {
bindMounts = {
@ -43,34 +39,29 @@ in
isReadOnly = false;
};
"/var/lib/paperless/media" = {
hostPath = "${elemAt config.container.media.paper 0}";
hostPath = "${lib.elemAt config.container.media.paper 0}";
isReadOnly = false;
};
};
config =
{ lib, ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.paperless = {
enable = true;
dataDir = "/var/lib/paperless";
# address = cfg.domain;
address = "0.0.0.0";
dataDir = "/var/lib/paperless";
port = cfg.port;
# ISSUE: https://github.com/NixOS/nixpkgs/issues/322596
# package = pkgsStable.paperless-ngx;
passwordFile = pkgs.writeText "PaperlessPassword" "root";
passwordFile = pkgs.writeText "PaperlessPassword" "root"; # NOTE: Only for initial setup, change later.
settings = {
PAPERLESS_URL = "https://${cfg.domain}";
PAPERLESS_ADMIN_USER = "root";
PAPERLESS_DBHOST = config.container.module.postgres.address;
PAPERLESS_DBENGINE = "postgresql";
PAPERLESS_DBHOST = config.container.module.postgres.address;
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBPASS = "paperless";
PAPERLESS_DBPORT = config.container.module.postgres.port;
PAPERLESS_DBUSER = "paperless";
PAPERLESS_OCR_LANGUAGE = "rus";
PAPERLESS_REDIS = "redis://${config.container.module.redis.address}:${toString config.container.module.redis.port}";
PAPERLESS_URL = "https://${cfg.domain}";
};
};
@ -78,18 +69,18 @@ in
systemd = {
services = {
paperless-scheduler = {
serviceConfig.PrivateNetwork = mkForce false;
wantedBy = mkForce [ ];
serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = lib.mkForce [ ];
};
paperless-consumer = {
serviceConfig.PrivateNetwork = mkForce false;
wantedBy = mkForce [ ];
serviceConfig.PrivateNetwork = lib.mkForce false;
wantedBy = lib.mkForce [ ];
};
paperless-web = {
wantedBy = mkForce [ ];
wantedBy = lib.mkForce [ ];
};
paperless-task-queue = {
wantedBy = mkForce [ ];
wantedBy = lib.mkForce [ ];
};
};
timers.fixsystemd = {
@ -97,7 +88,9 @@ in
OnBootSec = 5;
Unit = "paperless-web.service";
};
wantedBy = [ "timers.target" ];
wantedBy = [
"timers.target"
];
};
};
};

46
container/Pass.nix
View file

@ -1,38 +1,35 @@
{
config,
container,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.pass;
in
{
options = {
container.module.pass = {
enable = mkEnableOption "Password manager";
address = mkOption {
in {
options.container.module.pass = {
enable = lib.mkEnableOption "the password manager.";
address = lib.mkOption {
default = "10.1.0.9";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8000;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "pass.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/pass";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.pass = container.mkContainer cfg {
bindMounts = {
@ -42,21 +39,18 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
environmentFile = "/var/lib/bitwarden_rs/Env";
config = {
# DATABASE_URL = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden";
DATA_FOLDER = "/var/lib/bitwarden_rs";
DOMAIN = "http://${cfg.domain}";
SIGNUPS_ALLOWED = false;
WEB_VAULT_ENABLED = true;
ROCKET_ADDRESS = cfg.address;
ROCKET_PORT = cfg.port;
SIGNUPS_ALLOWED = false;
WEB_VAULT_ENABLED = true;
};
};
};

98
container/Paste.nix
View file

@ -1,45 +1,41 @@
{
pkgs,
__findFile,
config,
container,
lib,
config,
__findFile,
pkgs,
util,
...
}@args:
with lib;
let
} @args: let
cfg = config.container.module.paste;
package = (pkgs.callPackage <package/privatebin> args);
in
{
options = {
container.module.paste = {
enable = mkEnableOption "Pastebin.";
address = mkOption {
in {
options.container.module.paste = {
enable = lib.mkEnableOption "the text share platform.";
address = lib.mkOption {
default = "10.1.0.14";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 80;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "paste.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/paste";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
"tmp"
"nginxtmp"
"config"
"data"
"nginxtmp"
"tmp"
];
containers.paste = container.mkContainer cfg {
@ -62,72 +58,71 @@ in
};
};
config =
{ config, ... }:
container.mkContainerConfig cfg {
environment.systemPackages = [ package ];
systemd.packages = [ package ];
config = { config, ... }: container.mkContainerConfig cfg {
environment.systemPackages = [
package
];
systemd.packages = [
package
];
users.users.paste = {
group = "nginx";
isSystemUser = true;
};
services.phpfpm.pools.paste = {
user = "paste";
services = {
phpfpm.pools.paste = {
group = "nginx";
user = "paste";
phpPackage = pkgs.php;
settings = {
"pm" = "dynamic";
"php_admin_value[error_log]" = "stderr";
"php_admin_flag[log_errors]" = true;
"listen.owner" = "nginx";
"catch_workers_output" = true;
"listen.owner" = "nginx";
"php_admin_flag[log_errors]" = true;
"php_admin_value[error_log]" = "stderr";
"pm" = "dynamic";
"pm.max_children" = "32";
"pm.start_servers" = "2";
"pm.min_spare_servers" = "2";
"pm.max_spare_servers" = "4";
"pm.max_requests" = "500";
"pm.max_spare_servers" = "4";
"pm.min_spare_servers" = "2";
"pm.start_servers" = "2";
};
phpEnv = {
# CONFIG_PATH = "${package}/cfg";
# CONFIG_PATH = "${package}/cfg"; # NOTE: Not working?
};
};
services.nginx = {
nginx = {
enable = true;
virtualHosts.${cfg.domain} = container.mkServer {
default = true;
root = "${package}";
locations = {
"/".extraConfig = ''
"/".extraConfig = util.trimTabs ''
rewrite ^ /index.php;
'';
"~ \\.php$".extraConfig = ''
"~ \\.php$".extraConfig = util.trimTabs ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.paste.socket};
include ${config.services.nginx.package}/conf/fastcgi.conf;
include ${config.services.nginx.package}/conf/fastcgi_params;
'';
"~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = ''
"~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = util.trimTabs ''
add_header Cache-Control "public, max-age=15778463";
add_header Referrer-Policy no-referrer;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Robots-Tag none;
add_header X-XSS-Protection "1; mode=block";
access_log off;
'';
};
extraConfig = ''
extraConfig = util.trimTabs ''
try_files $uri /index.php;
'';
};
@ -135,4 +130,5 @@ in
};
};
};
};
}

75
container/Postgres.nix
View file

@ -1,35 +1,32 @@
{
config,
container,
lib,
pkgs,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.postgres;
in
{
options = {
container.module.postgres = {
enable = mkEnableOption "Postgresql server.";
address = mkOption {
in {
options.container.module.postgres = {
enable = lib.mkEnableOption "the PostgreSQL server.";
address = lib.mkOption {
default = "10.1.0.3";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 5432;
type = types.int;
type = lib.types.int;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/postgres";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.postgres = container.mkContainer cfg {
bindMounts = {
@ -39,11 +36,8 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
services.postgresql =
let
config = { ... }: container.mkContainerConfig cfg {
services.postgresql = let
# Populate with services here.
configurations = with config.container.module; {
forgejo = git;
@ -56,38 +50,35 @@ in
};
access = configurations // {
all = {
address = config.container.host;
};
all.address = config.container.host;
};
authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" (
mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access
);
authentication = let
rules = lib.mapAttrsToList (db: cfg:
"host ${db} ${db} ${cfg.address}/32 trust"
) access;
in builtins.foldl' (acc: item: acc + "${item}\n") "" rules;
ensureDatabases = [ "root" ] ++ mapAttrsToList (name: _: name) configurations;
ensureDatabases = [
"root"
] ++ lib.mapAttrsToList (name: _: name) configurations;
ensureUsers = map (name: {
inherit name;
ensureClauses =
if name == "root" then
{
superuser = true;
createrole = true;
createdb = true;
}
else
{ };
ensureDBOwnership = true;
ensureClauses = if name == "root" then {
createdb = true;
createrole = true;
superuser = true;
} else { };
}) ensureDatabases;
in
{
in {
inherit authentication ensureDatabases ensureUsers;
enable = true;
package = pkgs.postgresql_14;
dataDir = "/var/lib/postgresql/data/14";
enableTCPIP = true;
package = pkgs.postgresql_14;
# NOTE: Debug mode.
# settings = {

52
container/Print.nix
View file

@ -1,46 +1,42 @@
# NOTE: Login to contaier, run passwd and use that root/pw combo for administration. `AllowFrom = all` doesn't seem to work.
# ipp://192.168.2.237
# Pantum M6500W-Series
{
container,
pkgs,
lib,
config,
__findFile,
config,
container,
lib,
pkgs,
...
}@args:
with lib;
let
} @args: let
cfg = config.container.module.print;
package = pkgs.callPackage <package/print> args;
host = config.container.host;
in
{
options = {
container.module.print = {
enable = mkEnableOption "Printing server.";
address = mkOption {
package = pkgs.callPackage <package/print> args;
in {
options.container.module.print = {
enable = lib.mkEnableOption "the printing server.";
address = lib.mkOption {
default = "10.1.0.46";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 631;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "print.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/print";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.print = container.mkContainer cfg {
bindMounts = {
@ -50,12 +46,10 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
networking.interfaces."eth0".ipv4.routes = [
{
address = "192.168.2.237";
address = "192.168.2.237"; # NOTE: Printer's IP address.
prefixLength = 32;
via = host;
}

52
container/Proxy.nix
View file

@ -10,38 +10,33 @@
# ```
# For certbot to generate new keys: `certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.voronind.com" -d voronind.com`
{
util,
container,
pkgs,
lib,
config,
container,
lib,
pkgs,
util,
...
}@args:
with lib;
let
} @args: let
cfg = config.container.module.proxy;
virtualHosts = util.catSet (util.ls ./proxy/host) args;
in
{
options = {
container.module.proxy = {
enable = mkEnableOption "Proxy server.";
address = mkOption {
in {
options.container.module.proxy = {
enable = lib.mkEnableOption "the proxy server.";
address = lib.mkOption {
default = "10.1.0.2";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 443;
type = types.int;
type = lib.types.int;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/proxy";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"challenge"
"letsencrypt"
@ -59,25 +54,24 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ certbot ];
config = { ... }: container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [
certbot
];
services.nginx = {
inherit virtualHosts;
enable = true;
clientMaxBodySize = "4096m";
recommendedOptimisation = true;
recommendedProxySettings = true;
clientMaxBodySize = "4096m";
appendConfig = ''
appendConfig = util.trimTabs ''
worker_processes 4;
'';
eventsConfig = ''
eventsConfig = util.trimTabs ''
worker_connections 4096;
'';
appendHttpConfig = ''
appendHttpConfig = util.trimTabs ''
proxy_max_temp_file_size 0;
proxy_buffering off;

41
container/Rabbitmq.nix
View file

@ -1,36 +1,33 @@
{
config,
container,
lib,
pkgs,
util,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.rabbitmq;
in
{
options = {
container.module.rabbitmq = {
enable = mkEnableOption "Mqtt server.";
address = mkOption {
in {
options.container.module.rabbitmq = {
enable = lib.mkEnableOption "the mqtt server.";
address = lib.mkOption {
default = "10.1.0.28";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 5672;
type = types.int;
type = lib.types.int;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/rabbitmq";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.rabbitmq = container.mkContainer cfg {
bindMounts = {
@ -40,14 +37,12 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.rabbitmq = {
enable = true;
dataDir = "/var/lib/rabbitmq";
listenAddress = cfg.address;
port = cfg.port;
dataDir = "/var/lib/rabbitmq";
configItems = {
"loopback_users" = "none";
};

46
container/Read.nix
View file

@ -1,39 +1,36 @@
{
config,
container,
lib,
pkgs,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.read;
in
{
options = {
container.module.read = {
enable = mkEnableOption "Reading server.";
address = mkOption {
in {
options.container.module.read = {
enable = lib.mkEnableOption "the reading server.";
address = lib.mkOption {
default = "10.1.0.39";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 5000;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "read.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/read";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.read = container.mkContainer cfg {
bindMounts = {
@ -41,11 +38,12 @@ in
hostPath = "${cfg.storage}/data";
isReadOnly = false;
};
} // container.attachMedia "book" true // container.attachMedia "manga" true;
}
// container.attachMedia "book" true
// container.attachMedia "manga" true
;
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.kavita = {
enable = true;
dataDir = "/var/lib/kavita";

37
container/Redis.nix
View file

@ -1,40 +1,33 @@
{
container,
pkgs,
util,
lib,
config,
container,
lib,
...
}:
with lib;
let
}: let
cfg = config.container.module.redis;
in
{
options = {
container.module.redis = {
enable = mkEnableOption "Redis server.";
address = mkOption {
in {
options.container.module.redis = {
enable = lib.mkEnableOption "the Redis server.";
address = lib.mkOption {
default = "10.1.0.38";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 6379;
type = types.int;
};
type = lib.types.int;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
containers.redis = container.mkContainer cfg {
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.redis.servers.main = {
enable = true;
port = cfg.port;
bind = cfg.address;
extraParams = [ "--protected-mode no" ];
extraParams = [
"--protected-mode no"
];
};
};
};

87
container/Search.nix
View file

@ -1,42 +1,35 @@
{
container,
pkgs,
lib,
config,
container,
lib,
pkgs,
...
}:
with lib;
let
}: let
cfg = config.container.module.search;
in
{
options = {
container.module.search = {
enable = mkEnableOption "Search frontend.";
address = mkOption {
in {
options.container.module.search = {
enable = lib.mkEnableOption "the search frontend.";
address = lib.mkOption {
default = "10.1.0.26";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8080;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "search.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/search";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
containers.search = container.mkContainer cfg {
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.searx = {
enable = true;
package = pkgs.searxng;
@ -44,38 +37,38 @@ in
settings = {
general = {
debug = false;
instance_name = "SearX";
enable_metrics = false;
instance_name = "SearX";
};
server = {
bind_address = cfg.address;
port = cfg.port;
secret_key = "searxxx";
limiter = false;
public_instance = false;
image_proxy = false;
limiter = false;
method = "GET";
port = cfg.port;
public_instance = false;
secret_key = "searxxx";
};
search = {
safe_search = 0;
autocomplete = "";
autocomplete_min = 4;
default_lang = "auto";
safe_search = 0;
};
ui = {
infinite_scroll = false;
default_theme = "simple";
center_alignment = false;
default_locale = "";
simple_style = "dark";
default_theme = "simple";
hotkeys = "vim";
infinite_scroll = false;
simple_style = "dark";
};
outgoing = {
request_timeout = 3.0;
enable_http2 = true;
max_request_timeout = 10.0;
pool_connections = 100;
pool_maxsize = 20;
enable_http2 = true;
request_timeout = 3.0;
# proxies = {
# "all://" = with config.container.module; [
# # "socks5:${frkn.address}:${frkn.port}"
@ -89,13 +82,13 @@ in
# plugins = [ ];
enabled_plugins = [
"Basic Calculator"
"Tracker URL remover"
"Hostnames plugin"
"Tracker URL remover"
];
hostnames = {
replace = with config.container.module; {
"(.*\.)?youtube\.com$" = yt.domain;
"(.*\.)?youtu\.be$" = yt.domain;
"(.*\.)?youtube\.com$" = yt.domain;
};
remove = [
"(.*\.)?dzen\.ru?$"
@ -109,19 +102,22 @@ in
"(.*\.)?google(\..*)?$"
"(.*\.)?microsoft\.com?$"
];
high_priority = [ "(.*\.)?wikipedia.org$" ];
high_priority = [
"(.*\.)?4pda.to$"
"(.*\.)?github.com$"
"(.*\.)?wikipedia.org$"
];
};
categories_as_tabs = {
files = { };
general = { };
images = { };
videos = { };
news = { };
map = { };
it = { };
files = { };
map = { };
news = { };
videos = { };
};
engines =
let
engines = let
mkEnable = name: {
inherit name;
disabled = false;
@ -130,8 +126,7 @@ in
inherit name;
disabled = true;
};
in
[
in [
(mkEnable "bing")
(mkDisable "qwant")
];

49
container/Status.nix
View file

@ -1,38 +1,35 @@
{
config,
container,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.status;
in
{
options = {
container.module.status = {
enable = mkEnableOption "Status monitor.";
address = mkOption {
in {
options.container.module.status = {
enable = lib.mkEnableOption "the status monitor.";
address = lib.mkOption {
default = "10.1.0.22";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 3001;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "status.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/status";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.status = container.mkContainer cfg {
bindMounts = {
@ -42,11 +39,11 @@ in
};
};
config =
{ lib, ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
networking = {
nameservers = mkForce [ config.container.module.dns.address ];
nameservers = lib.mkForce [
config.container.module.dns.address
];
};
services.uptime-kuma = {
@ -59,7 +56,9 @@ in
};
systemd.services.uptime-kuma = {
serviceConfig.DynamicUser = mkForce false;
serviceConfig = {
DynamicUser = lib.mkForce false;
};
};
};
};

45
container/Stock.nix
View file

@ -1,38 +1,35 @@
{
config,
container,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.stock;
in
{
options = {
container.module.stock = {
enable = mkEnableOption "Stock management.";
address = mkOption {
in {
options.container.module.stock = {
enable = lib.mkEnableOption "the stock management.";
address = lib.mkOption {
default = "10.1.0.45";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 80;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "stock.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/stock";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ "data" ];
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
];
containers.stock = container.mkContainer cfg {
bindMounts = {
@ -42,14 +39,14 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.grocy = {
enable = true;
dataDir = "/var/lib/grocy";
hostName = cfg.domain;
nginx.enableSSL = false;
nginx = {
enableSSL = false;
};
settings = {
calendar = {
firstDayOfWeek = 1;

64
container/Vpn.nix
View file

@ -1,50 +1,45 @@
{
container,
pkgs,
lib,
config,
container,
lib,
pkgs,
...
}:
with lib;
let
}: let
cfg = config.container.module.vpn;
wireguardPeers =
let
wireguardPeers = let
mkPeer = name: ip: PublicKey: {
inherit PublicKey;
PresharedKeyFile = "/var/lib/wireguard/preshared/${name}";
AllowedIPs = [ "${ip}/32" ];
AllowedIPs = [
"${ip}/32"
];
};
in
[
in [
(mkPeer "dashaphone" "10.1.1.3" "O/3y8+QKEY8UoLVlmbc8xdhs248L4wtQcl1MsBBfoQo=")
(mkPeer "laptop" "10.1.1.9" "xxoCNPSB86zs8L8p+wXhqaIwpNDkiZu1Yjv8sj8XhgY=")
(mkPeer "phone" "10.1.1.5" "bFmFisMqbDpIrAg3o/GiRl9XhceZEVnZtkegZDTL4yg=")
(mkPeer "tablet" "10.1.1.6" "BdslswVc9OgUpEhJd0sugDBmYw44DiS0FbUPT5EjOG0=")
(mkPeer "work" "10.1.1.2" "Pk0AASSInKO9O8RaQEmm1uNrl0cwWTJDcT8rLn7PSA0=")
];
in
{
options = {
container.module.vpn = {
enable = mkEnableOption "Vpn server.";
address = mkOption {
in {
options.container.module.vpn = {
enable = lib.mkEnableOption "the vpn server.";
address = lib.mkOption {
default = "10.1.0.23";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 51820;
type = types.int;
type = lib.types.int;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/vpn";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
"data/preshared"
@ -58,39 +53,40 @@ in
};
};
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
networking.useNetworkd = true;
boot.kernel.sysctl = {
"net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1;
};
environment.systemPackages = with pkgs; [ wireguard-tools ];
networking.useNetworkd = true;
environment.systemPackages = with pkgs; [
wireguard-tools
];
systemd.network = {
enable = true;
netdevs = {
"50-wg0" = {
inherit wireguardPeers;
netdevConfig = {
Kind = "wireguard";
MTUBytes = "1300";
Name = "wg0";
};
wireguardConfig = {
PrivateKeyFile = "/var/lib/wireguard/privkey";
ListenPort = cfg.port;
PrivateKeyFile = "/var/lib/wireguard/privkey";
};
inherit wireguardPeers;
};
};
networks.wg0 = {
matchConfig.Name = "wg0";
address = [ "10.1.1.0/24" ];
address = [
"10.1.1.0/24"
];
networkConfig = {
IPv4Forwarding = "yes";
IPMasquerade = "ipv4";
IPv4Forwarding = "yes";
};
};
};

61
container/Watch.nix
View file

@ -1,49 +1,43 @@
{
config,
container,
lib,
config,
...
}:
with lib;
let
}: let
cfg = config.container.module.watch;
in
{
options = {
container.module.watch = {
enable = mkEnableOption "Media server.";
address = mkOption {
in {
options.container.module.watch = {
enable = lib.mkEnableOption "the media server.";
address = lib.mkOption {
default = "10.1.0.11";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 8096;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "watch.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/watch";
type = types.str;
type = lib.types.str;
};
memLimit = mkOption {
memLimit = lib.mkOption {
default = "8G";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data"
"cache"
"data"
];
containers.watch = container.mkContainer cfg {
bindMounts =
{
bindMounts = {
"/var/lib/jellyfin" = {
hostPath = "${cfg.storage}/data";
isReadOnly = false;
@ -66,7 +60,8 @@ in
// container.attachMedia "show" true
// container.attachMedia "study" true
// container.attachMedia "work" true
// container.attachMedia "youtube" true;
// container.attachMedia "youtube" true
;
allowedDevices = [
{
@ -75,21 +70,17 @@ in
}
];
config =
{ ... }:
container.mkContainerConfig cfg {
# users.users.jellyfin.extraGroups = [
# "video"
# "render"
# ];
config = { ... }: container.mkContainerConfig cfg {
systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit;
services.jellyfin = {
enable = true;
cacheDir = "/var/cache/jellyfin";
dataDir = "/var/lib/jellyfin";
};
systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit;
# users.users.jellyfin.extraGroups = [
# "video"
# "render"
# ];
};
};
};

51
container/Yt.nix
View file

@ -1,61 +1,56 @@
{
container,
pkgs,
lib,
config,
__findFile,
config,
container,
lib,
pkgs,
...
}:
with lib;
let
}: let
cfg = config.container.module.yt;
in
{
options = {
container.module.yt = {
enable = mkEnableOption "YouTube frontend.";
address = mkOption {
in {
options.container.module.yt = {
enable = lib.mkEnableOption "the YouTube frontend.";
address = lib.mkOption {
default = "10.1.0.19";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
default = 3000;
type = types.int;
type = lib.types.int;
};
domain = mkOption {
domain = lib.mkOption {
default = "yt.${config.container.domain}";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "${config.container.storage}/yt";
type = types.str;
};
type = lib.types.str;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
containers.yt = container.mkContainer cfg {
config =
{ ... }:
container.mkContainerConfig cfg {
config = { ... }: container.mkContainerConfig cfg {
services.invidious = {
enable = true;
domain = cfg.domain;
port = cfg.port;
nginx.enable = false;
database = {
port = config.container.module.postgres.port;
host = config.container.module.postgres.address;
port = config.container.module.postgres.port;
createLocally = false;
passwordFile = "${pkgs.writeText "InvidiousDbPassword" "invidious"}";
};
settings = {
admins = [ "root" ];
captcha_enabled = false;
check_tables = true;
registration_enabled = false;
external_port = 443;
https_only = true;
registration_enabled = false;
admins = [
"root"
];
};
};
};

62
container/default.nix
View file

@ -1,61 +1,57 @@
{ lib, config, ... }:
with lib;
let
cfg = config.container;
in
{
options = {
container = {
enable = mkEnableOption "Containers!!";
autoStart = mkOption {
config,
lib,
...
}: let
cfg = config.container;
in {
options.container = {
enable = lib.mkEnableOption "Containers!!";
autoStart = lib.mkOption {
default = false;
type = types.bool;
type = lib.types.bool;
};
host = mkOption {
host = lib.mkOption {
default = "0.0.0.0";
type = types.str;
type = lib.types.str;
};
localAccess = mkOption {
localAccess = lib.mkOption {
default = "0.0.0.0";
type = types.str;
type = lib.types.str;
};
storage = mkOption {
storage = lib.mkOption {
default = "/tmp/container";
type = types.str;
type = lib.types.str;
};
domain = mkOption {
domain = lib.mkOption {
default = "local";
type = types.str;
type = lib.types.str;
};
interface = mkOption {
interface = lib.mkOption {
default = "lo";
type = types.str;
type = lib.types.str;
};
media = mkOption {
media = lib.mkOption {
default = { };
type = types.attrs;
};
type = lib.types.attrs;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
# This is the network for all the containers.
# They are not available to the external interface by default,
# instead they all expose specific ports in their configuration.
networking = {
nat = {
enable = true;
internalInterfaces = [ "ve-+" ];
externalInterface = config.container.interface;
internalInterfaces = [
"ve-+"
];
};
networkmanager.unmanaged = [ "interface-name:ve-*" ];
networkmanager.unmanaged = [
"interface-name:ve-*"
];
};
};
}

17
container/proxy/host/Camera.nix
View file

@ -1,12 +1,15 @@
{ config, container, ... }:
let
domain = "camera.${config.container.domain}";
address = "192.168.2.249";
port = 554;
in
{
config,
container,
util,
...
}: let
address = "192.168.2.249";
domain = "camera.${config.container.domain}";
port = 554;
in {
${domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
location / {

13
container/proxy/host/Change.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }:
let
{
config,
container,
util,
...
}: let
cfg = config.container.module.change;
name = "change";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Chat.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }:
let
{
config,
container,
util,
...
}: let
cfg = config.container.module.chat;
name = "chat";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Cloud.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }:
let
{
config,
container,
util,
...
}: let
cfg = config.container.module.cloud;
name = "cloud";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Download.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }:
let
{
config,
container,
util,
...
}: let
cfg = config.container.module.download;
name = "download";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Git.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.git;
name = "git";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

27
container/proxy/host/Hdd.nix
View file

@ -1,27 +0,0 @@
{ container, config, ... }:
let
cfg = config.container.module.hdd;
name = "hdd";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / {
allow ${config.container.localAccess};
allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address};
deny all;
proxy_pass http://''$${name}$request_uri;
}
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
'';
};
}

13
container/proxy/host/Home.nix
View file

@ -1,11 +1,14 @@
{ config, container, ... }:
let
{
config,
container,
util,
...
}: let
cfg = config.container.module.home;
name = "home";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Iot.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.iot;
name = "iot";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Mail.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.mail;
name = "mail";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Office.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.office;
name = "office";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Paper.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.paper;
name = "paper";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Pass.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.pass;
name = "pass";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Paste.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.paste;
name = "paste";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Print.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.print;
name = "print";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

15
container/proxy/host/Printer.nix
View file

@ -1,13 +1,16 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
address = "192.168.2.237";
domain = "printer.${config.container.domain}";
port = 80;
name = "printer";
in
{
port = 80;
in {
${domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${address}:${toString port};

13
container/proxy/host/Read.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.read;
name = "read";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

14
container/proxy/host/Resume.nix
View file

@ -1,11 +1,13 @@
{ container, config, ... }:
let
domain = "resume.${config.container.domain}";
name = "resume";
in
{
container,
config,
util,
...
}: let
domain = "resume.${config.container.domain}";
in {
${domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
server_name ${domain};
listen 443 ssl;

15
container/proxy/host/Router.nix
View file

@ -1,13 +1,16 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
address = "10.0.0.2";
domain = "router.${config.container.domain}";
port = 80;
name = "router";
in
{
port = 80;
in {
${domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${address}:${toString port};

13
container/proxy/host/Search.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.search;
name = "search";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Status.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.status;
name = "sstatus";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Stock.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.stock;
name = "stock";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Watch.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.watch;
name = "watch";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

13
container/proxy/host/Yt.nix
View file

@ -1,11 +1,14 @@
{ container, config, ... }:
let
{
container,
config,
util,
...
}: let
cfg = config.container.module.yt;
name = "yt";
in
{
in {
${cfg.domain} = container.mkServer {
extraConfig = ''
extraConfig = util.trimTabs ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};

334
flake.nix
View file

@ -1,142 +1,59 @@
# This is a configuration entry-point called "Flake".
# Here you define your inputs (dependencies) and outputs (hosts).
{
# Those are external dependencies.
inputs = {
# Core system.
# Homepage: https://github.com/NixOS/nixpkgs
# Manual: https://nixos.org/manual/nixos/stable
# Search: https://search.nixos.org/packages and https://search.nixos.org/options
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgsUnstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgsStable.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgsMaster.url = "github:nixos/nixpkgs/master";
# This thing manages user's /home directroies. Because NixOS only manages system itself.
# Homepage: https://github.com/nix-community/home-manager
# Manual: https://nix-community.github.io/home-manager
# Search: https://home-manager-options.extranix.com
home-manager = {
url = "github:nix-community/home-manager";
# This means that home-manager and our Flake both depend on the same nixpkgs version.
inputs.nixpkgs.follows = "nixpkgs";
};
# This allows automatic styling based on active Wallpaper.
# Homepage: https://github.com/danth/stylix
# Manual: https://danth.github.io/stylix
stylix.url = "github:danth/stylix";
# I use this for a single container called jobber. WARN: Do not update.
# You likely won't need this one, so just skip it for now.
poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95";
nixpkgsJobber.url = "github:nixos/nixpkgs/051f920625ab5aabe37c920346e3e69d7d34400e";
poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95";
# Nix on Android (inside Termux). It has no NixOS modules, but still allows the use of Nixpkgs arm packages with Home-Manager configurations.
# Homepage: https://github.com/nix-community/nix-on-droid
# Manual: https://github.com/nix-community/nix-on-droid/blob/master/README.md
nix-on-droid = {
url = "github:t184256/nix-on-droid/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# Those are Nvim plugins. I do not use package managers like Packer or Lazy, instead I use Nix to download them and later configure in [Neovim module](module/common/Nvim.nix).
nvimAlign = {
url = "github:echasnovski/mini.align";
flake = false;
};
nvimAutoclose = {
url = "github:m4xshen/autoclose.nvim";
flake = false;
};
nvimBufferline = {
url = "github:akinsho/bufferline.nvim";
flake = false;
};
nvimCloseBuffers = {
url = "github:kazhala/close-buffers.nvim";
flake = false;
};
nvimColorizer = {
url = "github:brenoprata10/nvim-highlight-colors";
flake = false;
};
nvimDevicons = {
url = "github:nvim-tree/nvim-web-devicons";
flake = false;
};
nvimDressing = {
url = "github:stevearc/dressing.nvim";
flake = false;
};
nvimGen = {
url = "github:David-Kunz/gen.nvim";
flake = false;
};
nvimGitsigns = {
url = "github:lewis6991/gitsigns.nvim";
flake = false;
};
nvimGruvboxMaterial = {
url = "github:sainnhe/gruvbox-material";
flake = false;
};
nvimIndentoMatic = {
url = "github:Darazaki/indent-o-matic";
flake = false;
};
nvimLspconfig = {
url = "github:neovim/nvim-lspconfig";
flake = false;
};
nvimPlenary = {
url = "github:nvim-lua/plenary.nvim";
flake = false;
};
nvimTelescope = {
url = "github:nvim-telescope/telescope.nvim";
flake = false;
};
nvimTodo = {
url = "github:folke/todo-comments.nvim";
flake = false;
};
nvimTree = {
url = "github:nvim-tree/nvim-tree.lua";
flake = false;
};
nvimTreesitter = {
url = "github:nvim-treesitter/nvim-treesitter";
flake = false;
};
nvimTrouble = {
url = "github:folke/trouble.nvim";
flake = false;
};
nvimAlign = { flake = false; url = "github:echasnovski/mini.align"; };
nvimAutoclose = { flake = false; url = "github:m4xshen/autoclose.nvim"; };
nvimBufferline = { flake = false; url = "github:akinsho/bufferline.nvim"; };
nvimCloseBuffers = { flake = false; url = "github:kazhala/close-buffers.nvim"; };
nvimColorizer = { flake = false; url = "github:brenoprata10/nvim-highlight-colors"; };
nvimDevicons = { flake = false; url = "github:nvim-tree/nvim-web-devicons"; };
nvimDressing = { flake = false; url = "github:stevearc/dressing.nvim"; };
nvimGen = { flake = false; url = "github:David-Kunz/gen.nvim"; };
nvimGitsigns = { flake = false; url = "github:lewis6991/gitsigns.nvim"; };
nvimGruvboxMaterial = { flake = false; url = "github:sainnhe/gruvbox-material"; };
nvimIndentoMatic = { flake = false; url = "github:Darazaki/indent-o-matic"; };
nvimLspconfig = { flake = false; url = "github:neovim/nvim-lspconfig"; };
nvimPlenary = { flake = false; url = "github:nvim-lua/plenary.nvim"; };
nvimTelescope = { flake = false; url = "github:nvim-telescope/telescope.nvim"; };
nvimTodo = { flake = false; url = "github:folke/todo-comments.nvim"; };
nvimTree = { flake = false; url = "github:nvim-tree/nvim-tree.lua"; };
nvimTreesitter = { flake = false; url = "github:nvim-treesitter/nvim-treesitter"; };
nvimTrouble = { flake = false; url = "github:folke/trouble.nvim"; };
};
# Those are outputs (hosts, configurations) that can be produced by this whole config.
# Here you see a set of inputs we defined above, like nixpkgs, home-manager and so on.
# `...` at the end of a set means "ignore other arguments provided to this function".
# @inputs means aliasing all the inputs to the `inputs` name, so we can pass them all at once later.
outputs =
{
self,
nixpkgs,
nixpkgsUnstable,
nixpkgsStable,
nixpkgsMaster,
nix-on-droid,
outputs = {
home-manager,
stylix,
poetry2nixJobber,
nix-on-droid,
nixpkgs,
nixpkgsJobber,
nixpkgsMaster,
nixpkgsStable,
nixpkgsUnstable,
poetry2nixJobber,
self,
stylix,
...
}@inputs:
{
# Constant values.
} @inputs: {
const = {
droidStateVersion = "23.11";
stateVersion = "24.05";
@ -144,32 +61,22 @@
url = "https://git.voronind.com/voronind/nix.git";
};
# Hack to use <container/Change.nix> in other files.
# Need to add __findFile to args tho.
__findFile = _: p: ./${p};
# List all files in a dir.
findFiles =
path:
map (f: "${path}/${f}") (
findFiles = path: map (f: "${path}/${f}") (
builtins.filter (i: builtins.readFileType "${path}/${i}" == "regular") (
builtins.attrNames (builtins.readDir path)
)
);
# Dev shell for this repo.
devShells =
let
system = "x86_64-linux";
devShells = let
lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages.${system};
in
{
system = "x86_64-linux";
in {
${system}.default = pkgs.mkShell {
nativeBuildInputs = with pkgs; [
nixd
nixfmt-rfc-style
treefmt
];
# buildInputs = with pkgs; [ ];
@ -178,20 +85,10 @@
};
};
# Nixos systems.
nixosConfigurations =
let
# Function to create a host. It does basic setup, like adding common modules.
mkHost =
{ system, hostname }:
nixpkgs.lib.nixosSystem {
# `Inherit` is just an alias for `system = system;`, which means that
# keep the `system` argument as a property in a resulting set.
nixosConfigurations = let
mkHost = { system, hostname }: nixpkgs.lib.nixosSystem {
inherit system;
# List of modules to use by defualt for all the hosts.
modules =
[
modules = [
# Make a device hostname match the one from this config.
{ networking.hostName = hostname; }
@ -207,169 +104,60 @@
# HM config.
./home/NixOs.nix
]
++ (self.findFiles ./host/${system}/${hostname})
++ (self.findFiles ./config)
++ (self.findFiles ./container)
++ (self.findFiles ./host/${system}/${hostname})
++ (self.findFiles ./module)
++ (self.findFiles ./overlay)
++ (self.findFiles ./system)
++ (self.findFiles ./overlay);
# SpecialArgs allows you to pass objects down to other NixOS modules.
specialArgs =
let
;
specialArgs = let
pkgs = nixpkgs.legacyPackages.${system}.pkgs;
lib = nixpkgs.lib;
config = self.nixosConfigurations.${hostname}.config;
in
{
inherit inputs self;
util = import ./lib/Util.nix { inherit lib; };
in {
inherit (self) const __findFile;
inherit inputs self poetry2nixJobber util;
container = import ./lib/Container.nix { inherit lib pkgs config util; inherit (self) const; };
pkgsJobber = nixpkgsJobber.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs;
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
secret = import ./secret { }; # Secrets (public keys).
container = import ./lib/Container.nix {
inherit lib pkgs config;
inherit (self) const;
}; # Container utils.
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
# Stuff for Jobber container, skip this part.
inherit poetry2nixJobber;
secret = import ./secret { };
};
};
mkSystem = system: hostname: { "${hostname}" = mkHost { inherit system hostname; }; };
in
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (
system:
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
in nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (system: nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (host: mkSystem system host) (builtins.attrNames (builtins.readDir ./host/${system}))
)
) (builtins.attrNames (builtins.readDir ./host))
)) (builtins.attrNames (builtins.readDir ./host))
);
# Home manager (distro-independent).
# Install nix: sh <(curl -L https://nixos.org/nix/install) --no-daemon
# Or with --daemon for multi-user (as root).
# $ nix run home-manager/master -- init --switch
# $ nix shell '<home-manager>' -A install
# Add to /etc/nix/nix.conf > experimental-features = nix-command flakes
# And then # systemctl restart nix-daemon.service
# $ home-manager switch --flake ~/hmconf
homeConfigurations =
let
lib = nixpkgs.lib;
secret = import ./secret { };
util = import ./lib/Util.nix { inherit lib; };
mkCommonHome =
username: system:
let
pkgs = nixpkgs.legacyPackages.${system};
pkgsStable = nixpkgsStable.legacyPackages.${system};
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system};
pkgsMaster = nixpkgsMaster.legacyPackages.${system};
in
{
${username} = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = {
inherit
self
inputs
secret
util
pkgs
pkgsStable
pkgsMaster
;
inherit (self) const __findFile;
};
modules = [
./home/HomeManager.nix
{
home.hm = {
inherit username;
enable = true;
};
}
{ nixpkgs.config.allowUnfree = true; }
{ nixpkgs.config.allowUnfreePredicate = (pkg: true); }
{ nix.package = pkgs.nix; }
{
nix.settings.experimental-features = [
"nix-command "
"flakes"
];
}
inputs.stylix.homeManagerModules.stylix
] ++ (self.findFiles ./home/user/${system}/${username}) ++ (self.findFiles ./config);
};
};
in
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (
system:
nixpkgs.lib.foldl' (acc: h: acc // h) { } (
map (username: mkCommonHome username system) (
builtins.attrNames (builtins.readDir ./home/user/${system})
)
)
) (builtins.attrNames (builtins.readDir ./home/user))
);
# Android.
nixOnDroidConfigurations.default =
let
system = "aarch64-linux";
nixOnDroidConfigurations.default = let
config = self.nixOnDroidConfigurations.default.config;
lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs;
pkgsUnstable = nixpkgsUnstable.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
in
nix-on-droid.lib.nixOnDroidConfiguration {
system = "aarch64-linux";
in nix-on-droid.lib.nixOnDroidConfiguration {
modules = [
# Android release version.
{ system.stateVersion = self.const.droidStateVersion; }
# I put all my Android configuration there.
(import ./module/Style.nix { inherit (config.home-manager) config; inherit (self) __findFile; inherit lib pkgs; })
./home/Android.nix
{ home.android.enable = true; }
# { nixpkgs.config.allowUnfree = true; }
# { nixpkgs.config.allowUnfreePredicate = (pkg: true); }
{ nix.extraOptions = "experimental-features = nix-command flakes"; }
./module/Wallpaper.nix
{ home-manager.config.stylix.autoEnable = lib.mkForce false; }
# Some common modules.
./config/Setting.nix
./config/Wallpaper.nix
(import ./config/Style.nix {
inherit (config.home-manager) config;
inherit (self) __findFile;
inherit lib pkgs;
})
{ home.android.enable = true; }
{ nix.extraOptions = "experimental-features = nix-command flakes"; }
{ system.stateVersion = self.const.droidStateVersion; }
];
# SpecialArgs allows you to pass objects down to other configuration.
extraSpecialArgs = {
inherit inputs self;
inherit (self) const __findFile;
secret = import ./secret { }; # Secrets (public keys).
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
secret = import ./secret { };
util = import ./lib/Util.nix { inherit lib; };
};
};
};
}
# That's it!

42
home/Android.nix
View file

@ -1,48 +1,42 @@
# This is a common user configuration.
{
const,
pkgs,
self,
config,
lib,
inputs,
pkgsStable,
pkgsMaster,
__findFile,
config,
const,
inputs,
lib,
pkgs,
pkgsMaster,
pkgsStable,
self,
...
}@args:
with lib;
let
} @args: let
cfg = config.home.android;
stylix = import <config/Stylix.nix> args;
android = import ./android args;
package = import <package> args;
programs = import ./program args;
in
# homePath = "/data/data/com.termux.nix/files/home";
{
options = {
home.android = {
enable = mkEnableOption "Android HM config.";
};
stylix = import <system/Stylix.nix> args;
in {
options.home.android = {
enable = lib.mkEnableOption "the Android HM config.";
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
environment.packages = package.core;
time.timeZone = const.timeZone;
terminal = {
inherit (android) font colors;
};
home-manager.config = stylix // {
imports = [ inputs.stylix.homeManagerModules.stylix ];
programs = with programs; core;
imports = [
inputs.stylix.homeManagerModules.stylix
];
home = {
file = import ./config args;
sessionVariables = import ./variable args;
stateVersion = const.droidStateVersion;
};
programs = with programs; core;
};
};
}

70
home/HomeManager.nix
View file

@ -1,70 +0,0 @@
# This is a common user configuration.
{
const,
util,
config,
lib,
__findFile,
...
}@args:
with lib;
let
cfg = config.home.hm;
package = import <package> args;
programs = import ./program args;
in
{
options = {
home.hm = {
enable = mkEnableOption "Home-Manager standalone config.";
username = mkOption {
default = null;
type = types.str;
};
homeDirectory = mkOption {
default = "/home/${cfg.username}";
type = types.str;
};
package = mkOption {
default = { };
type = types.submodule {
options = {
common.enable = mkEnableOption "Common apps.";
core.enable = mkEnableOption "Core apps.";
creative.enable = mkEnableOption "Creative apps.";
desktop.enable = mkEnableOption "Desktop apps.";
dev.enable = mkEnableOption "Dev apps.";
extra.enable = mkEnableOption "Extra apps.";
gaming.enable = mkEnableOption "Gaming apps.";
};
};
};
};
};
config = mkIf cfg.enable (mkMerge [
{
home = {
inherit (cfg) username homeDirectory;
inherit (const) stateVersion;
file = import ./config args;
sessionVariables = import ./variable args;
};
xdg = import ./xdg { inherit (cfg) homeDirectory; };
programs = with programs; core;
dconf.settings = util.catSet (util.ls ./config/dconf) args;
}
(mkIf cfg.package.common.enable { home.packages = package.common; })
(mkIf cfg.package.core.enable { home.packages = package.core; })
(mkIf cfg.package.creative.enable { home.packages = package.creative; })
(mkIf cfg.package.desktop.enable {
home = {
packages = package.desktop;
programs = programs.desktop;
};
})
(mkIf cfg.package.dev.enable { home.packages = package.dev; })
(mkIf cfg.package.extra.enable { home.packages = package.extra; })
(mkIf cfg.package.gaming.enable { home.packages = package.gaming; })
]);
}

36
home/NixOs.nix
View file

@ -1,37 +1,31 @@
# This is a common user configuration.
{
const,
__findFile,
config,
util,
const,
lib,
pkgs,
__findFile,
util,
...
}@args:
with lib;
let
} @args: let
cfg = config.home.nixos;
programs = import ./program args;
in
{
in {
imports = (util.ls <user>);
options = {
home.nixos = {
enable = mkEnableOption "NixOS user setup.";
users = mkOption {
options.home.nixos = {
enable = lib.mkEnableOption "the NixOS user setup.";
users = lib.mkOption {
default = [ ];
type = types.listOf types.attrs;
};
type = with lib.types; listOf attrs;
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
home-manager = {
users = builtins.foldl' (
acc: user:
acc
// {
backupFileExtension = "backup-" + pkgs.lib.readFile "${pkgs.runCommand "timestamp" { } "echo -n date '+%Y%m%d%H%M%S' > $out"}";
users = builtins.foldl' (acc: user:
acc // {
${user.username} = {
home = {
inherit (const) stateVersion;
@ -48,10 +42,6 @@ in
};
}
) { } cfg.users;
backupFileExtension =
"backup-"
+ pkgs.lib.readFile "${pkgs.runCommand "timestamp" { } "echo -n date '+%Y%m%d%H%M%S' > $out"}";
};
};
}

11
home/android/default.nix
View file

@ -1,12 +1,13 @@
{ pkgs, config, ... }:
{
config,
pkgs,
...
}: {
font = pkgs.runCommandNoCC "font" { } ''
cp ${
pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }
}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out
cp ${pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out
'';
colors = with config.style.color; {
colors = with config.module.style.color; {
background = "#${bg.dark}";
cursor = "#${fg.light}";
foreground = "#${fg.light}";

346
home/config/btop/default.nix
View file

@ -1,250 +1,100 @@
{ ... }:
{
text = ''
#? Config file for btop v. 1.3.0
#* Name of a btop++/bpytop/bashtop formatted ".theme" file, "Default" and "TTY" for builtin themes.
#* Themes should be placed in "../share/btop/themes" relative to binary or "$HOME/.config/btop/themes"
color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme"
#* If the theme set background should be shown, set to False if you want terminal background transparency.
theme_background = False
#* Sets if 24-bit truecolor should be used, will convert 24-bit colors to 256 color (6x6x6 color cube) if false.
truecolor = True
#* Set to true to force tty mode regardless if a real tty has been detected or not.
#* Will force 16-color mode and TTY theme, set all graph symbols to "tty" and swap out other non tty friendly symbols.
force_tty = False
#* Define presets for the layout of the boxes. Preset 0 is always all boxes shown with default settings. Max 9 presets.
#* Format: "box_name:P:G,box_name:P:G" P=(0 or 1) for alternate positions, G=graph symbol to use for box.
#* Use whitespace " " as separator between different presets.
#* Example: "cpu:0:default,mem:0:tty,proc:1:default cpu:0:braille,proc:0:tty"
presets = ""
#* Set to True to enable "h,j,k,l,g,G" keys for directional control in lists.
#* Conflicting keys for h:"help" and k:"kill" is accessible while holding shift.
vim_keys = True
#* Rounded corners on boxes, is ignored if TTY mode is ON.
rounded_corners = True
#* Default symbols to use for graph creation, "braille", "block" or "tty".
#* "braille" offers the highest resolution but might not be included in all fonts.
#* "block" has half the resolution of braille but uses more common characters.
#* "tty" uses only 3 different symbols but will work with most fonts and should work in a real TTY.
#* Note that "tty" only has half the horizontal resolution of the other two, so will show a shorter historical view.
graph_symbol = "braille"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_cpu = "default"
# Graph symbol to use for graphs in gpu box, "default", "braille", "block" or "tty".
graph_symbol_gpu = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_mem = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_net = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_proc = "default"
#* Manually set which boxes to show. Available values are "cpu mem net proc" and "gpu0" through "gpu5", separate values with whitespace.
shown_boxes = "cpu mem net proc"
#* Update time in milliseconds, recommended 2000 ms or above for better sample times for graphs.
update_ms = 2000
#* Processes sorting, "pid" "program" "arguments" "threads" "user" "memory" "cpu lazy" "cpu direct",
#* "cpu lazy" sorts top process over time (easier to follow), "cpu direct" updates top process directly.
proc_sorting = "memory"
#* Reverse sorting order, True or False.
proc_reversed = False
#* Show processes as a tree.
proc_tree = False
#* Use the cpu graph colors in the process list.
proc_colors = True
#* Use a darkening gradient in the process list.
proc_gradient = True
#* If process cpu usage should be of the core it's running on or usage of the total available cpu power.
proc_per_core = False
#* Show process memory as bytes instead of percent.
proc_mem_bytes = True
#* Show cpu graph for each process.
proc_cpu_graphs = True
#* Use /proc/[pid]/smaps for memory information in the process info box (very slow but more accurate)
proc_info_smaps = False
#* Show proc box on left side of screen instead of right.
proc_left = True
#* (Linux) Filter processes tied to the Linux kernel(similar behavior to htop).
proc_filter_kernel = True
#* In tree-view, always accumulate child process resources in the parent process.
proc_aggregate = False
#* Sets the CPU stat shown in upper half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu.
cpu_graph_upper = "total"
#* Sets the CPU stat shown in lower half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu.
cpu_graph_lower = "total"
#* If gpu info should be shown in the cpu box. Available values = "Auto", "On" and "Off".
show_gpu_info = "Auto"
#* Toggles if the lower CPU graph should be inverted.
cpu_invert_lower = True
#* Set to True to completely disable the lower CPU graph.
cpu_single_graph = False
#* Show cpu box at bottom of screen instead of top.
cpu_bottom = False
#* Shows the system uptime in the CPU box.
show_uptime = True
#* Show cpu temperature.
check_temp = True
#* Which sensor to use for cpu temperature, use options menu to select from list of available sensors.
cpu_sensor = "Auto"
#* Show temperatures for cpu cores also if check_temp is True and sensors has been found.
show_coretemp = True
#* Set a custom mapping between core and coretemp, can be needed on certain cpus to get correct temperature for correct core.
#* Use lm-sensors or similar to see which cores are reporting temperatures on your machine.
#* Format "x:y" x=core with wrong temp, y=core with correct temp, use space as separator between multiple entries.
#* Example: "4:0 5:1 6:3"
cpu_core_map = ""
#* Which temperature scale to use, available values: "celsius", "fahrenheit", "kelvin" and "rankine".
temp_scale = "celsius"
#* Use base 10 for bits/bytes sizes, KB = 1000 instead of KiB = 1024.
base_10_sizes = True
#* Show CPU frequency.
show_cpu_freq = True
#* Draw a clock at top of screen, formatting according to strftime, empty string to disable.
#* Special formatting: /host = hostname | /user = username | /uptime = system uptime
clock_format = "%X"
#* Update main ui in background when menus are showing, set this to false if the menus is flickering too much for comfort.
background_update = True
#* Custom cpu model name, empty string to disable.
custom_cpu_name = ""
#* Optional filter for shown disks, should be full path of a mountpoint, separate multiple values with whitespace " ".
#* Begin line with "exclude=" to change to exclude filter, otherwise defaults to "most include" filter. Example: disks_filter="exclude=/boot /home/user".
disks_filter = "exclude=/boot /boot/efi"
#* Show graphs instead of meters for memory values.
mem_graphs = True
#* Show mem box below net box instead of above.
mem_below_net = False
#* Count ZFS ARC in cached and available memory.
zfs_arc_cached = True
#* If swap memory should be shown in memory box.
show_swap = True
#* Show swap as a disk, ignores show_swap value above, inserts itself after first disk.
swap_disk = False
#* If mem box should be split to also show disks info.
show_disks = True
#* Filter out non physical disks. Set this to False to include network disks, RAM disks and similar.
only_physical = True
#* Read disks list from /etc/fstab. This also disables only_physical.
use_fstab = True
#* Setting this to True will hide all datasets, and only show ZFS pools. (IO stats will be calculated per-pool)
zfs_hide_datasets = False
#* Set to true to show available disk space for privileged users.
disk_free_priv = False
#* Toggles if io activity % (disk busy time) should be shown in regular disk usage view.
show_io_stat = True
#* Toggles io mode for disks, showing big graphs for disk read/write speeds.
io_mode = False
#* Set to True to show combined read/write io graphs in io mode.
io_graph_combined = False
#* Set the top speed for the io graphs in MiB/s (100 by default), use format "mountpoint:speed" separate disks with whitespace " ".
#* Example: "/mnt/media:100 /:20 /boot:1".
io_graph_speeds = ""
#* Set fixed values for network graphs in Mebibits. Is only used if net_auto is also set to False.
net_download = 100
net_upload = 100
#* Use network graphs auto rescaling mode, ignores any values set above and rescales down to 10 Kibibytes at the lowest.
net_auto = True
#* Sync the auto scaling for download and upload to whichever currently has the highest scale.
net_sync = True
#* Starts with the Network Interface specified here.
net_iface = ""
#* Show battery stats in top right if battery is present.
show_battery = True
#* Which battery to use if multiple are present. "Auto" for auto detection.
selected_battery = "Auto"
#* Set loglevel for "~/.config/btop/btop.log" levels are: "ERROR" "WARNING" "INFO" "DEBUG".
#* The level set includes all lower levels, i.e. "DEBUG" will show all logging info.
log_level = "WARNING"
#* Measure PCIe throughput on NVIDIA cards, may impact performance on certain cards.
nvml_measure_pcie_speeds = True
#* Horizontally mirror the GPU graph.
gpu_mirror_graph = True
#* Custom gpu0 model name, empty string to disable.
custom_gpu_name0 = ""
#* Custom gpu1 model name, empty string to disable.
custom_gpu_name1 = ""
#* Custom gpu2 model name, empty string to disable.
custom_gpu_name2 = ""
#* Custom gpu3 model name, empty string to disable.
custom_gpu_name3 = ""
#* Custom gpu4 model name, empty string to disable.
custom_gpu_name4 = ""
#* Custom gpu5 model name, empty string to disable.
custom_gpu_name5 = ""
'';
pkgs,
lib,
...
}: let
config = {
background_update = true;
base_10_sizes = true;
check_temp = true;
clock_format = "%X";
color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme";
cpu_bottom = false;
cpu_core_map = "";
cpu_graph_lower = "total";
cpu_graph_upper = "total";
cpu_invert_lower = true;
cpu_sensor = "Auto";
cpu_single_graph = false;
custom_cpu_name = "";
custom_gpu_name0 = "";
custom_gpu_name1 = "";
custom_gpu_name2 = "";
custom_gpu_name3 = "";
custom_gpu_name4 = "";
custom_gpu_name5 = "";
disk_free_priv = false;
disks_filter = "exclude = /boot /boot/efi";
force_tty = false;
gpu_mirror_graph = true;
graph_symbol = "braille";
graph_symbol_cpu = "default";
graph_symbol_gpu = "default";
graph_symbol_mem = "default";
graph_symbol_net = "default";
graph_symbol_proc = "default";
io_graph_combined = false;
io_graph_speeds = "";
io_mode = false;
log_level = "WARNING";
mem_below_net = false;
mem_graphs = true;
net_auto = true;
net_download = 100;
net_iface = "";
net_sync = true;
net_upload = 100;
nvml_measure_pcie_speeds = true;
only_physical = true;
presets = "";
proc_aggregate = true;
proc_colors = true;
proc_cpu_graphs = true;
proc_filter_kernel = true;
proc_gradient = false;
proc_info_smaps = false;
proc_left = true;
proc_mem_bytes = true;
proc_per_core = true;
proc_reversed = false;
proc_sorting = "memory";
proc_tree = true;
rounded_corners = true;
selected_battery = "Auto";
show_battery = true;
show_coretemp = true;
show_cpu_freq = true;
show_disks = true;
show_gpu_info = "Auto";
show_io_stat = true;
show_swap = true;
show_uptime = true;
shown_boxes = "cpu mem net proc";
swap_disk = false;
temp_scale = "celsius";
theme_background = false;
truecolor = true;
update_ms = 2000;
use_fstab = true;
vim_keys = true;
zfs_arc_cached = true;
zfs_hide_datasets = false;
};
mkOption = k: v: lib.generators.mkKeyValueDefault { } " = " k v;
in {
file = pkgs.writeText "BtopConfig" (
builtins.foldl' (acc: line: acc + "${line}\n") "" (
lib.mapAttrsToList (k: v: let
value = if builtins.isString v then
"\"${v}\""
else if builtins.isBool v then
if v then "True" else "False"
else
v
;
in mkOption k value
) config
)
);
}

35
home/config/chromium/default.nix
View file

@ -1,9 +1,18 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
preferences = (pkgs.formats.json { }).generate "ChromiumConfig" {
name = "Work";
bookmark_bar.show_on_all_tabs = false;
browser.show_home_button = false;
default_apps_install_state = 2;
download.prompt_for_download = false;
download_bubble.partial_view_enabled = false;
intl.selected_languages = "en-US,en";
session.restore_on_startup = 1;
side_panel.is_right_aligned = false;
default_search_provider = {
guid = "5761b040-db50-4f8e-9d00-c9ad985779a4";
synced_guid = "5761b040-db50-4f8e-9d00-c9ad985779a4";
@ -18,8 +27,6 @@
url = "https://search.voronind.com/search?q={searchTerms}";
};
};
download.prompt_for_download = false;
download_bubble.partial_view_enabled = false;
extensions = {
alerts.initialized = false;
commands = {
@ -50,25 +57,19 @@
};
};
};
intl.selected_languages = "en-US,en";
password_manager = {
autofillable_credentials_account_store_login_database = false;
autofillable_credentials_profile_store_login_database = false;
};
name = "Work";
session.restore_on_startup = 1;
side_panel.is_right_aligned = false;
webkit = {
webprefs = {
default_fixed_font_size = 14;
default_font_size = 17;
minimum_font_size = 16;
fonts =
let
mono = config.style.font.monospace.name;
sans = config.style.font.sansSerif.name;
in
{
fonts = let
mono = config.module.style.font.monospace.name;
sans = config.module.style.font.sansSerif.name;
in {
fixed.Zyyy = mono;
sansserif.Zyyy = sans;
serif.Zyyy = sans;
@ -80,14 +81,18 @@
localState = (pkgs.formats.json { }).generate "ChromiumLocalState" {
browser = {
enabled_labs_experiments = [ "smooth-scrolling@2" ];
first_run_finished = true;
enabled_labs_experiments = [
"smooth-scrolling@2"
];
};
};
# REF: https://chromeenterprise.google/intl/en_us/policies/
policy = (pkgs.formats.json { }).generate "ChromiumPolicy" {
URLBlocklist = [ "darkreader.org" ];
DefaultBrowserSettingEnabled = false;
URLBlocklist = [
"darkreader.org"
];
};
}

3
home/config/dconf/Accessibility.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/desktop/a11y" = {
always-show-universal-access-status = true;
};

3
home/config/dconf/Gtk.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gtk/gtk4/settings/file-chooser" = {
date-format = "regular";
location-mode = "path-bar";

36
home/config/dconf/Input.nix
View file

@ -1,30 +1,22 @@
{ lib, config, ... }:
{
"org/gnome/desktop/input-sources" = with lib.gvariant; {
current = mkUint32 0;
mru-sources = [
(mkTuple [
"xkb"
"us"
])
(mkTuple [
"xkb"
"ru"
])
lib,
config,
...
}: {
"org/gnome/desktop/input-sources" = with lib.gvariant; let
sources = [
(mkTuple [ "xkb" "us" ])
(mkTuple [ "xkb" "ru" ])
];
in {
inherit sources;
current = mkUint32 0;
mru-sources = sources;
per-window = false;
show-all-sources = true;
sources = [
(mkTuple [
"xkb"
"us"
])
(mkTuple [
"xkb"
"ru"
])
xkb-options = [
config.module.keyboard.options
];
xkb-options = [ config.setting.keyboard.options ];
};
"org/gnome/desktop/peripherals/mouse" = {

6
home/config/dconf/Key.nix
View file

@ -1,8 +1,6 @@
{ config, ... }:
let
{ ... }: let
mod = "<Super>";
in
{
in {
"org/gnome/desktop/wm/keybindings" = {
activate-window-menu = [ "" ];
begin-move = [ "" ];

3
home/config/dconf/Media.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/desktop/media-handling" = {
automount = false;
automount-open = false;

3
home/config/dconf/Nautilus.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/nautilus/icon-view" = {
default-zoom-level = "larger";
};

3
home/config/dconf/Power.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/settings-daemon/plugins/power" = {
ambient-enabled = false;
idle-dim = false;

4
home/config/dconf/Privacy.nix
View file

@ -1,5 +1,7 @@
{ lib, ... }:
{
lib,
...
}: {
"org/gnome/desktop/privacy" = with lib.gvariant; {
disable-camera = false;
disable-microphone = false;

4
home/config/dconf/Session.nix
View file

@ -1,5 +1,7 @@
{ lib, ... }:
{
lib,
...
}: {
"org/gnome/desktop/session" = with lib.gvariant; {
idle-delay = mkUint32 0;
};

3
home/config/dconf/Shell.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/shell" = {
disable-extension-version-validation = true;
disable-user-extensions = false;

3
home/config/dconf/Software.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/software" = {
download-updates = false;
download-updates-notify = false;

3
home/config/dconf/Sound.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
{ ... }: {
"org/gnome/desktop/sound" = {
allow-volume-above-100-percent = false;
event-sounds = false;

6
home/config/dconf/Wm.nix
View file

@ -1,10 +1,12 @@
{ lib, ... }:
{
lib,
...
}: {
"org/gnome/desktop/wm/preferences" = {
action-middle-click-titlebar = "minimize";
action-right-click-titlebar = "menu";
focus-mode = "click"; # `click` or `sloppy`.
button-layout = "appmenu:close";
focus-mode = "click"; # `click` or `sloppy`.
};
"org/gnome/mutter" = {

14
home/config/default.nix
View file

@ -1,17 +1,15 @@
{
self,
inputs,
config,
inputs,
self,
...
}@args:
let
} @args: let
btop = import ./btop args;
chromium = import ./chromium args;
editor = import ./editorconfig args;
foot = import ./foot args;
fuzzel = import ./fuzzel args;
git = import ./git args;
gtk3 = import ./gtk/3 args;
jetbrains = import ./jetbrains args;
keyd = import ./keyd args;
mako = import ./mako args;
@ -23,17 +21,15 @@ let
tmux = import ./tmux args;
waybar = import ./waybar args;
yazi = import ./yazi args;
in
{
in {
".Wallpaper".source = config.module.wallpaper.path;
".config/MangoHud/MangoHud.conf".source = mangohud.config;
".config/MangoHud/presets.conf".source = mangohud.presets;
".config/btop/btop.conf".text = btop.text;
".config/btop/btop.conf".source = btop.file;
".config/chromium/Default/Preferences".source = chromium.preferences;
".config/chromium/Local State".source = chromium.localState;
".config/foot/foot.ini".source = foot.file;
".config/fuzzel/fuzzel.ini".source = fuzzel.file;
".config/gtk-3.0/bookmarks".text = gtk3.bookmarks;
".config/keyd/app.conf".text = keyd.text;
".config/mako/config".source = mako.file;
".config/nvim/init.vim".text = nvim.text;

24
home/config/editorconfig/default.nix
View file

@ -1,34 +1,26 @@
{ pkgs, ... }:
{
pkgs,
...
}: {
file = (pkgs.formats.iniWithGlobalSection { }).generate "EditorconfigConfig" {
globalSection.root = true;
globalSection = {
root = true;
};
sections = {
"*" = {
end_of_line = "lf";
charset = "utf-8";
end_of_line = "lf";
indent_size = 8;
indent_style = "tab";
indent_size = 2;
insert_final_newline = false;
trim_trailing_whitespace = true;
};
"Makefile" = {
indent_size = 4;
};
"*.nix" = {
indent_style = "space";
indent_size = 2;
};
"*.{lua,kt,kts,rs,py}" = {
indent_size = 4;
};
"*.{sh,md}" = {
indent_size = 8;
};
};
};
}

29
home/config/foot/default.nix
View file

@ -1,26 +1,27 @@
{ config, pkgs, ... }:
let
dpiAware = if config.setting.dpiAware then "yes" else "no";
borderSize = toString config.style.window.border;
fontStep = 1;
in
{
config,
pkgs,
...
}: let
borderSize = toString config.module.style.window.border;
dpiAware = if config.module.dpi.aware then "yes" else "no";
fontStep = 1;
in {
file = (pkgs.formats.iniWithGlobalSection { }).generate "FootConfig" {
globalSection = {
font = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
# font-bold = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-bold-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
dpi-aware = dpiAware;
font = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-bold = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-bold-italic = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-italic = "${config.module.style.font.monospace.name}:size=${toString config.module.style.font.size.terminal}";
font-size-adjustment = fontStep;
pad = "${borderSize}x${borderSize} center";
};
sections = {
colors = {
alpha = config.style.opacity.terminal;
background = config.style.color.bg.dark;
foreground = config.style.color.fg.light;
alpha = config.module.style.opacity.terminal;
background = config.module.style.color.bg.dark;
foreground = config.module.style.color.fg.light;
};
key-bindings = {
show-urls-launch = "Mod1+o";

42
home/config/fuzzel/default.nix
View file

@ -1,40 +1,38 @@
{ pkgs, config, ... }:
let
dpiAware = if config.setting.dpiAware then "yes" else "no";
in
{
pkgs,
config,
...
}: let
dpiAware = if config.module.dpi.aware then "yes" else "no";
in {
file = (pkgs.formats.ini { }).generate "FuzzelConfig" {
main = {
dpi-aware = dpiAware;
# font = "${style.font.serif.name}:size=${toString style.font.size.popup}";
font = "Minecraftia:size=${toString config.style.font.size.popup}";
font = "Minecraftia:size=${toString config.module.style.font.size.popup}";
lines = 20;
prompt = "\"\"";
show-actions = "yes";
terminal = "foot";
width = 40;
# list-executables-in-path = "no";
};
border = {
radius = 0;
width = 1;
};
colors =
let
colors = let
defaultOpacity = "ff";
in
{
background = config.style.color.bg.dark + config.style.opacity.hex;
border = config.style.color.border + config.style.opacity.hex;
counter = config.style.color.bg.regular + defaultOpacity;
input = config.style.color.fg.light + defaultOpacity;
match = config.style.color.fg.light + defaultOpacity;
placeholder = config.style.color.bg.regular + defaultOpacity;
prompt = config.style.color.fg.light + defaultOpacity;
selection = config.style.color.bg.regular + defaultOpacity;
selection-match = config.style.color.accent + defaultOpacity;
selection-text = config.style.color.fg.light + defaultOpacity;
text = config.style.color.fg.light + defaultOpacity;
in {
background = config.module.style.color.bg.dark + config.module.style.opacity.hex;
border = config.module.style.color.border + config.module.style.opacity.hex;
counter = config.module.style.color.bg.regular + defaultOpacity;
input = config.module.style.color.fg.light + defaultOpacity;
match = config.module.style.color.fg.light + defaultOpacity;
placeholder = config.module.style.color.bg.regular + defaultOpacity;
prompt = config.module.style.color.fg.light + defaultOpacity;
selection = config.module.style.color.bg.regular + defaultOpacity;
selection-match = config.module.style.color.accent + defaultOpacity;
selection-text = config.module.style.color.fg.light + defaultOpacity;
text = config.module.style.color.fg.light + defaultOpacity;
};
};
}

6
home/config/git/default.nix
View file

@ -1,7 +1,9 @@
{ secret, pkgs, ... }:
{
secret,
pkgs,
...
}: {
file = (pkgs.formats.gitIni { listsAsDuplicateKeys = true; }).generate "GitConfig" {
# credential.helper = "store";
gpg.format = secret.crypto.sign.git.format;
gpg.ssh.allowedSignersFile = toString secret.crypto.sign.git.allowed;
init.defaultBranch = "main";

10
home/config/gtk/3/default.nix
View file

@ -1,10 +0,0 @@
{ ... }:
{
bookmarks = ''
file:///storage
file:///home/voronind/tmp
sftp://10.0.0.1:22143/storage/hot/docker/cloud/data/data/cakee/files/ home cloud
sftp://10.0.0.1:22143/ home sftp
ftp://10.0.0.1/ home ftp
'';
}

6
home/config/jetbrains/default.nix
View file

@ -1,6 +1,8 @@
{ ... }:
{
ideavimrc = ''
util,
...
}: {
ideavimrc = util.trimTabs ''
" Plugins.
Plug 'tpope/vim-commentary'
Plug 'machakann/vim-highlightedyank'

Some files were not shown because too many files have changed in this diff Show more