Compare commits

...

2 commits

342 changed files with 14171 additions and 12792 deletions

View file

@ -2,22 +2,12 @@
end_of_line = lf end_of_line = lf
charset = utf-8 charset = utf-8
indent_style = tab indent_style = tab
indent_size = 2
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true trim_trailing_whitespace = true
[*.{nix,js}] [*.nix]
indent_size = 2 indent_style = space
indent_size = 2
[*.lua]
indent_size = 4
[*.sh]
indent_size = 8
[Makefile]
indent_size = 2
[*.md] [*.md]
indent_size = 8
trim_trailing_whitespace = false trim_trailing_whitespace = false

1
.gitignore vendored
View file

@ -1 +1,2 @@
/live /live
.NixRoot*

15
.treefmt.toml Normal file
View file

@ -0,0 +1,15 @@
# One CLI to format the code tree - https://git.numtide.com/numtide/treefmt
# [formatter.mylanguage]
# Formatter to run
# command = "command-to-run"
# Command-line arguments for the command
# options = []
# Glob pattern of files to include
# includes = [ "*.<language-extension>" ]
# Glob patterns of files to exclude
# excludes = []
[formatter.nixfmt-rfc-style]
command = "nixfmt"
includes = [ "*.nix" ]

View file

@ -26,6 +26,9 @@ check:
fix-ulimit: fix-ulimit:
ulimit -n 999999999 ulimit -n 999999999
format:
treefmt --no-cache --on-unmatched=info
gc: gc:
nix-collect-garbage -d nix-collect-garbage -d
# nix-store --gc # nix-store --gc
@ -59,9 +62,6 @@ live:
reboot: boot reboot: boot
reboot reboot
shell:
SHELL_NAME="default" nix develop
show: show:
nix flake show nix flake show

View file

@ -1,67 +1,68 @@
# Global settings. # Global settings.
# Just like I can configure each package, here I configure my config! :O) # Just like I can configure each package, here I configure my config! :O)
{ lib, ... }: { { lib, ... }:
options.setting = with lib; { {
# Ollama settings. options.setting = with lib; {
# I use the best light model by default. # Ollama settings.
ollama = mkOption { # I use the best light model by default.
default = { }; ollama = mkOption {
type = types.submodule { default = { };
# freeformType = lib.jsonFormat.type; type = types.submodule {
options = { # freeformType = lib.jsonFormat.type;
primaryModel = mkOption { options = {
default = "llama3"; primaryModel = mkOption {
type = types.str; default = "llama3";
}; type = types.str;
}; };
}; };
}; };
};
# Whether to use Dpi-aware setting in supported apps. # Whether to use Dpi-aware setting in supported apps.
dpiAware = mkOption { dpiAware = mkOption {
default = false; default = false;
type = types.bool; type = types.bool;
}; };
# Keyboard options. # Keyboard options.
keyboard = mkOption { keyboard = mkOption {
default = { }; default = { };
type = types.submodule { type = types.submodule {
options = { options = {
layouts = mkOption { layouts = mkOption {
default = "us,ru"; default = "us,ru";
type = types.str; type = types.str;
}; };
options = mkOption { options = mkOption {
default = "grp:toggle"; default = "grp:toggle";
type = types.str; type = types.str;
}; };
}; };
}; };
}; };
# CPU configurations. # CPU configurations.
cpu = mkOption { cpu = mkOption {
default = {}; default = { };
type = types.submodule { type = types.submodule {
options = { options = {
hwmon = mkOption { hwmon = mkOption {
default = {}; default = { };
type = types.submodule { type = types.submodule {
options = { options = {
path = mkOption { path = mkOption {
default = ""; default = "";
type = types.str; type = types.str;
}; };
file = mkOption { file = mkOption {
default = ""; default = "";
type = types.str; type = types.str;
}; };
}; };
}; };
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,108 +1,117 @@
{ lib, config, pkgs, __findFile, ... }: with lib; let {
cfg = config.style; lib,
config,
pkgs,
__findFile,
...
}:
with lib;
let
cfg = config.style;
mkTypeOption = default: type: mkOption { inherit default type; }; mkTypeOption = default: type: mkOption { inherit default type; };
mkStrOption = default: mkTypeOption default types.str; mkStrOption = default: mkTypeOption default types.str;
mkIntOption = default: mkTypeOption default types.int; mkIntOption = default: mkTypeOption default types.int;
mkFloatOption = default: mkTypeOption default types.float; mkFloatOption = default: mkTypeOption default types.float;
mkPkgOption = default: mkTypeOption default types.package; mkPkgOption = default: mkTypeOption default types.package;
in { in
options.style = { {
color = { options.style = {
bg = { color = {
dark = mkStrOption config.lib.stylix.colors.base00; bg = {
light = mkStrOption config.lib.stylix.colors.base07; dark = mkStrOption config.lib.stylix.colors.base00;
regular = mkStrOption config.lib.stylix.colors.base01; light = mkStrOption config.lib.stylix.colors.base07;
}; regular = mkStrOption config.lib.stylix.colors.base01;
fg = { };
dark = mkStrOption config.lib.stylix.colors.base04; fg = {
light = mkStrOption config.lib.stylix.colors.base06; dark = mkStrOption config.lib.stylix.colors.base04;
regular = mkStrOption config.lib.stylix.colors.base05; light = mkStrOption config.lib.stylix.colors.base06;
}; regular = mkStrOption config.lib.stylix.colors.base05;
accent = mkStrOption config.lib.stylix.colors.base0A; };
heading = mkStrOption config.lib.stylix.colors.base0D; accent = mkStrOption config.lib.stylix.colors.base0A;
hl = mkStrOption config.lib.stylix.colors.base03; heading = mkStrOption config.lib.stylix.colors.base0D;
keyword = mkStrOption config.lib.stylix.colors.base0E; hl = mkStrOption config.lib.stylix.colors.base03;
link = mkStrOption config.lib.stylix.colors.base09; keyword = mkStrOption config.lib.stylix.colors.base0E;
misc = mkStrOption config.lib.stylix.colors.base0F; link = mkStrOption config.lib.stylix.colors.base09;
negative = mkStrOption config.lib.stylix.colors.base08; misc = mkStrOption config.lib.stylix.colors.base0F;
neutral = mkStrOption config.lib.stylix.colors.base0C; negative = mkStrOption config.lib.stylix.colors.base08;
positive = mkStrOption config.lib.stylix.colors.base0B; neutral = mkStrOption config.lib.stylix.colors.base0C;
selection = mkStrOption config.lib.stylix.colors.base02; positive = mkStrOption config.lib.stylix.colors.base0B;
transparent = mkStrOption "ffffff00"; selection = mkStrOption config.lib.stylix.colors.base02;
transparent = mkStrOption "ffffff00";
accent-b = mkStrOption config.lib.stylix.colors.base0A-rgb-b; accent-b = mkStrOption config.lib.stylix.colors.base0A-rgb-b;
accent-g = mkStrOption config.lib.stylix.colors.base0A-rgb-g; accent-g = mkStrOption config.lib.stylix.colors.base0A-rgb-g;
accent-r = mkStrOption config.lib.stylix.colors.base0A-rgb-r; accent-r = mkStrOption config.lib.stylix.colors.base0A-rgb-r;
negative-b = mkStrOption config.lib.stylix.colors.base08-rgb-b; negative-b = mkStrOption config.lib.stylix.colors.base08-rgb-b;
negative-g = mkStrOption config.lib.stylix.colors.base08-rgb-g; negative-g = mkStrOption config.lib.stylix.colors.base08-rgb-g;
negative-r = mkStrOption config.lib.stylix.colors.base08-rgb-r; negative-r = mkStrOption config.lib.stylix.colors.base08-rgb-r;
neutral-b = mkStrOption config.lib.stylix.colors.base0C-rgb-b; neutral-b = mkStrOption config.lib.stylix.colors.base0C-rgb-b;
neutral-g = mkStrOption config.lib.stylix.colors.base0C-rgb-g; neutral-g = mkStrOption config.lib.stylix.colors.base0C-rgb-g;
neutral-r = mkStrOption config.lib.stylix.colors.base0C-rgb-r; neutral-r = mkStrOption config.lib.stylix.colors.base0C-rgb-r;
positive-b = mkStrOption config.lib.stylix.colors.base0B-rgb-b; positive-b = mkStrOption config.lib.stylix.colors.base0B-rgb-b;
positive-g = mkStrOption config.lib.stylix.colors.base0B-rgb-g; positive-g = mkStrOption config.lib.stylix.colors.base0B-rgb-g;
positive-r = mkStrOption config.lib.stylix.colors.base0B-rgb-r; positive-r = mkStrOption config.lib.stylix.colors.base0B-rgb-r;
bg-b = mkStrOption config.lib.stylix.colors.base00-rgb-b; bg-b = mkStrOption config.lib.stylix.colors.base00-rgb-b;
bg-g = mkStrOption config.lib.stylix.colors.base00-rgb-g; bg-g = mkStrOption config.lib.stylix.colors.base00-rgb-g;
bg-r = mkStrOption config.lib.stylix.colors.base00-rgb-r; bg-r = mkStrOption config.lib.stylix.colors.base00-rgb-r;
fg-b = mkStrOption config.lib.stylix.colors.base06-rgb-b; fg-b = mkStrOption config.lib.stylix.colors.base06-rgb-b;
fg-g = mkStrOption config.lib.stylix.colors.base06-rgb-g; fg-g = mkStrOption config.lib.stylix.colors.base06-rgb-g;
fg-r = mkStrOption config.lib.stylix.colors.base06-rgb-r; fg-r = mkStrOption config.lib.stylix.colors.base06-rgb-r;
border = mkStrOption config.lib.stylix.colors.base01; border = mkStrOption config.lib.stylix.colors.base01;
border-b = mkStrOption config.lib.stylix.colors.base01-rgb-b; border-b = mkStrOption config.lib.stylix.colors.base01-rgb-b;
border-g = mkStrOption config.lib.stylix.colors.base01-rgb-g; border-g = mkStrOption config.lib.stylix.colors.base01-rgb-g;
border-r = mkStrOption config.lib.stylix.colors.base01-rgb-r; border-r = mkStrOption config.lib.stylix.colors.base01-rgb-r;
}; };
font = { font = {
size = { size = {
application = mkIntOption 12; application = mkIntOption 12;
terminal = mkIntOption 14; terminal = mkIntOption 14;
popup = mkIntOption 12; popup = mkIntOption 12;
desktop = mkIntOption 14; desktop = mkIntOption 14;
}; };
serif = { serif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> {}); package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display"; name = mkStrOption "SF Pro Display";
}; };
sansSerif = { sansSerif = {
package = mkPkgOption (pkgs.callPackage <package/applefont> {}); package = mkPkgOption (pkgs.callPackage <package/applefont> { });
name = mkStrOption "SF Pro Display"; name = mkStrOption "SF Pro Display";
}; };
monospace = { monospace = {
package = mkPkgOption (pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }); package = mkPkgOption (pkgs.nerdfonts.override { fonts = [ "Terminus" ]; });
name = mkStrOption "Terminess Nerd Font Mono"; name = mkStrOption "Terminess Nerd Font Mono";
}; };
emoji = { emoji = {
package = mkPkgOption pkgs.noto-fonts-emoji; package = mkPkgOption pkgs.noto-fonts-emoji;
name = mkStrOption "Noto Color Emoji"; name = mkStrOption "Noto Color Emoji";
}; };
}; };
opacity = { opacity = {
application = mkFloatOption 0.85; application = mkFloatOption 0.85;
desktop = mkFloatOption 0.85; desktop = mkFloatOption 0.85;
popup = mkFloatOption 0.85; popup = mkFloatOption 0.85;
terminal = mkFloatOption 0.85; terminal = mkFloatOption 0.85;
hex = mkStrOption "D9"; hex = mkStrOption "D9";
}; };
cursor = { cursor = {
name = mkStrOption "Adwaita"; name = mkStrOption "Adwaita";
package = mkPkgOption pkgs.adwaita-icon-theme; package = mkPkgOption pkgs.adwaita-icon-theme;
size = mkIntOption 14; size = mkIntOption 14;
}; };
window = { window = {
gap = mkIntOption 8; gap = mkIntOption 8;
border = mkIntOption 4; border = mkIntOption 4;
}; };
}; };
} }

View file

@ -1,27 +1,42 @@
{ pkgs, config, __findFile, ... }: { {
stylix = { pkgs,
enable = true; config,
image = config.module.wallpaper.path; __findFile,
autoEnable = true; ...
polarity = "dark"; }:
fonts = { {
inherit (config.style.font) serif sansSerif monospace emoji; stylix = {
sizes = { enable = true;
inherit (config.style.font.size) terminal desktop; image = config.module.wallpaper.path;
applications = config.style.font.size.application; autoEnable = true;
popups = config.style.font.size.popup; polarity = "dark";
}; fonts = {
}; inherit (config.style.font)
opacity = { serif
inherit (config.style.opacity) desktop terminal; sansSerif
applications = config.style.opacity.application; monospace
popups = config.style.opacity.popups; emoji
}; ;
inherit (config.style) cursor; sizes = {
override = if config.module.wallpaper.forceContrastText then { inherit (config.style.font.size) terminal desktop;
base04 = "000000"; applications = config.style.font.size.application;
base05 = "ffffff"; popups = config.style.font.size.popup;
base06 = "ffffff"; };
} else {}; };
}; opacity = {
inherit (config.style.opacity) desktop terminal;
applications = config.style.opacity.application;
popups = config.style.opacity.popups;
};
inherit (config.style) cursor;
override =
if config.module.wallpaper.forceContrastText then
{
base04 = "000000";
base05 = "ffffff";
base06 = "ffffff";
}
else
{ };
};
} }

View file

@ -1,18 +1,21 @@
{ pkgs, lib, ... }: with lib; let { pkgs, lib, ... }:
url = "https://i.imgur.com/gYy0mzG.jpeg"; with lib;
sha256 = "0pwnq84mdbv8nrarhnbkq77iabwgh7znr0yig3fnshamxl2a3k7k"; let
forceContrastText = true; url = "https://i.imgur.com/gYy0mzG.jpeg";
in { sha256 = "0pwnq84mdbv8nrarhnbkq77iabwgh7znr0yig3fnshamxl2a3k7k";
options = { forceContrastText = true;
module.wallpaper = { in
forceContrastText = mkOption { {
default = warnIf forceContrastText "Style : Forced text contrast." forceContrastText; options = {
type = types.bool; module.wallpaper = {
}; forceContrastText = mkOption {
path = mkOption { default = warnIf forceContrastText "Style : Forced text contrast." forceContrastText;
default = pkgs.fetchurl { inherit url sha256; }; type = types.bool;
type = types.path; };
}; path = mkOption {
}; default = pkgs.fetchurl { inherit url sha256; };
}; type = types.path;
};
};
};
} }

View file

@ -1,49 +1,59 @@
{ container, lib, config, ... } @args: with lib; let {
cfg = config.container.module.change; container,
in { lib,
options = { config,
container.module.change = { ...
enable = mkEnableOption "Change detection service"; }@args:
address = mkOption { with lib;
default = "10.1.0.41"; let
type = types.str; cfg = config.container.module.change;
}; in
port = mkOption { {
default = 5000; options = {
type = types.int; container.module.change = {
}; enable = mkEnableOption "Change detection service";
domain = mkOption { address = mkOption {
default = "change.${config.container.domain}"; default = "10.1.0.41";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/change"; default = 5000;
type = types.str; type = types.int;
}; };
}; domain = mkOption {
}; default = "change.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/change";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.change = container.mkContainer cfg { containers.change = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/changedetection-io" = { "/var/lib/changedetection-io" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.changedetection-io = { { ... }:
enable = true; container.mkContainerConfig cfg {
baseURL = cfg.domain; services.changedetection-io = {
behindProxy = true; enable = true;
listenAddress = cfg.address; baseURL = cfg.domain;
}; behindProxy = true;
}; listenAddress = cfg.address;
}; };
}; };
};
};
} }

View file

@ -1,73 +1,87 @@
{ container, pkgs, lib, config, ... } @args: with lib; let {
cfg = config.container.module.cloud; container,
pkgs,
lib,
config,
...
}@args:
with lib;
let
cfg = config.container.module.cloud;
postgres = config.container.module.postgres; postgres = config.container.module.postgres;
proxy = config.container.module.proxy; proxy = config.container.module.proxy;
in { in
options = { {
container.module.cloud = { options = {
enable = mkEnableOption "File cloud service"; container.module.cloud = {
address = mkOption { enable = mkEnableOption "File cloud service";
default = "10.1.0.13"; address = mkOption {
type = types.str; default = "10.1.0.13";
}; type = types.str;
port = mkOption { };
default = 80; port = mkOption {
type = types.int; default = 80;
}; type = types.int;
domain = mkOption { };
default = "cloud.${config.container.domain}"; domain = mkOption {
type = types.str; default = "cloud.${config.container.domain}";
}; type = types.str;
storage = mkOption { };
default = "${config.container.storage}/cloud"; storage = mkOption {
type = types.str; default = "${config.container.storage}/cloud";
}; type = types.str;
}; };
}; };
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.cloud = container.mkContainer cfg { containers.cloud = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/nextcloud" = { "/var/lib/nextcloud" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, ... }: container.mkContainerConfig cfg { config =
services.nextcloud = { { config, ... }:
enable = true; container.mkContainerConfig cfg {
# package = pkgs.nextcloud29; services.nextcloud = {
hostName = cfg.domain; enable = true;
# phpOptions = { # package = pkgs.nextcloud29;
# memory_limit = lib.mkForce "20G"; hostName = cfg.domain;
# }; # phpOptions = {
config = { # memory_limit = lib.mkForce "20G";
adminuser = "root"; # };
adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}"; config = {
adminuser = "root";
adminpassFile = "${pkgs.writeText "NextcloudPassword" "root"}";
dbhost = postgres.address; dbhost = postgres.address;
dbname = "nextcloud"; dbname = "nextcloud";
dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}"; dbpassFile = "${pkgs.writeText "NextcloudDbPassword" "nextcloud"}";
dbtype = "pgsql"; dbtype = "pgsql";
dbuser = "nextcloud"; dbuser = "nextcloud";
}; };
extraApps = { extraApps = {
inherit (config.services.nextcloud.package.packages.apps) contacts calendar onlyoffice; inherit (config.services.nextcloud.package.packages.apps) contacts calendar onlyoffice;
}; };
extraAppsEnable = true; extraAppsEnable = true;
settings = { settings = {
trusted_domains = [ cfg.address cfg.domain ]; trusted_domains = [
trusted_proxies = [ proxy.address ]; cfg.address
allow_local_remote_servers = true; cfg.domain
}; ];
}; trusted_proxies = [ proxy.address ];
}; allow_local_remote_servers = true;
}; };
}; };
};
};
};
} }

View file

@ -1,54 +1,67 @@
{ container, lib, config, ... } @args: with lib; let {
cfg = config.container.module.ddns; container,
in { lib,
options = { config,
container.module.ddns = { ...
enable = mkEnableOption "Dynamic dns client."; }@args:
address = mkOption { with lib;
default = "10.1.0.31"; let
type = types.str; cfg = config.container.module.ddns;
}; in
storage = mkOption { {
default = "${config.container.storage}/ddns"; options = {
type = types.str; container.module.ddns = {
}; enable = mkEnableOption "Dynamic dns client.";
}; address = mkOption {
}; default = "10.1.0.31";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/ddns";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.ddns = container.mkContainer cfg { containers.ddns = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/data" = { "/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.cloudflare-dyndns = { { ... }:
enable = true; container.mkContainerConfig cfg {
apiTokenFile = "/data/token"; services.cloudflare-dyndns = {
deleteMissing = false; enable = true;
ipv4 = true; apiTokenFile = "/data/token";
ipv6 = false; deleteMissing = false;
proxied = false; ipv4 = true;
domains = let ipv6 = false;
domain = config.container.domain; proxied = false;
in [ domain ] ++ map (sub: "${sub}.${domain}") [ domains =
"cloud" let
"git" domain = config.container.domain;
"mail" in
"office" [ domain ]
"paste" ++ map (sub: "${sub}.${domain}") [
"play" "cloud"
"vpn" "git"
]; "mail"
}; "office"
}; "paste"
}; "play"
}; "vpn"
];
};
};
};
};
} }

View file

@ -1,128 +1,141 @@
{ container, pkgs, lib, config, util, ... } @args: with lib; let {
cfg = config.container.module.dns; container,
in { pkgs,
options = { lib,
container.module.dns = { config,
enable = mkEnableOption "Dns server."; util,
address = mkOption { ...
default = "10.1.0.6"; }@args:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.dns;
default = 53; in
type = types.int; {
}; options = {
}; container.module.dns = {
}; enable = mkEnableOption "Dns server.";
address = mkOption {
default = "10.1.0.6";
type = types.str;
};
port = mkOption {
default = 53;
type = types.int;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
containers.dns = container.mkContainer cfg { containers.dns = container.mkContainer cfg {
config = { ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = [ { ... }:
pkgs.cloudflared container.mkContainerConfig cfg {
]; environment.systemPackages = [
pkgs.cloudflared
];
systemd.services.cloudflared = { systemd.services.cloudflared = {
description = "Cloudflare DoH server."; description = "Cloudflare DoH server.";
enable = true; enable = true;
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
ExecStart = "${getExe pkgs.cloudflared} proxy-dns --port 5054"; ExecStart = "${getExe pkgs.cloudflared} proxy-dns --port 5054";
}; };
}; };
services.blocky = { services.blocky = {
enable = true; enable = true;
settings = { settings = {
upstream = { upstream = {
default = [ default = [
"0.0.0.0:5054" "0.0.0.0:5054"
"0.0.0.0:5054" "0.0.0.0:5054"
]; ];
}; };
blocking = { blocking = {
blackLists = { blackLists = {
suspicious = [ suspicious = [
"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
"https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt" "https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt"
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts" "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts"
"https://v.firebog.net/hosts/static/w3kbl.txt" "https://v.firebog.net/hosts/static/w3kbl.txt"
]; ];
ads = [ ads = [
"https://easylist-downloads.adblockplus.org/bitblock.txt" "https://easylist-downloads.adblockplus.org/bitblock.txt"
"https://adaway.org/hosts.txt" "https://adaway.org/hosts.txt"
"https://v.firebog.net/hosts/AdguardDNS.txt" "https://v.firebog.net/hosts/AdguardDNS.txt"
"https://v.firebog.net/hosts/Admiral.txt" "https://v.firebog.net/hosts/Admiral.txt"
"https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt" "https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
"https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt"
"https://v.firebog.net/hosts/Easylist.txt" "https://v.firebog.net/hosts/Easylist.txt"
"https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext" "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext"
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts" "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts"
"https://raw.githubusercontent.com/bigdargon/hostsVN/master/hosts" "https://raw.githubusercontent.com/bigdargon/hostsVN/master/hosts"
"https://github.com/easylist/ruadlist/blob/master/advblock/adservers.txt" "https://github.com/easylist/ruadlist/blob/master/advblock/adservers.txt"
]; ];
tracking = [ tracking = [
"https://v.firebog.net/hosts/Easyprivacy.txt" "https://v.firebog.net/hosts/Easyprivacy.txt"
"https://v.firebog.net/hosts/Prigent-Ads.txt" "https://v.firebog.net/hosts/Prigent-Ads.txt"
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts" "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts"
"https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt"
"https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt" "https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt"
]; ];
malicious = [ malicious = [
"https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt" "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt"
"https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt" "https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt"
"https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt" "https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt"
"https://v.firebog.net/hosts/Prigent-Crypto.txt" "https://v.firebog.net/hosts/Prigent-Crypto.txt"
"https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts" "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts"
"https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt" "https://bitbucket.org/ethanr/dns-blacklists/raw/8575c9f96e5b4a1308f2f12394abd86d0927a4a0/bad_lists/Mandiant_APT1_Report_Appendix_D.txt"
"https://phishing.army/download/phishing_army_blocklist_extended.txt" "https://phishing.army/download/phishing_army_blocklist_extended.txt"
"https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt" "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt"
"https://v.firebog.net/hosts/RPiList-Malware.txt" "https://v.firebog.net/hosts/RPiList-Malware.txt"
"https://v.firebog.net/hosts/RPiList-Phishing.txt" "https://v.firebog.net/hosts/RPiList-Phishing.txt"
"https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt" "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt"
"https://raw.githubusercontent.com/AssoEchap/stalkerware-indicators/master/generated/hosts" "https://raw.githubusercontent.com/AssoEchap/stalkerware-indicators/master/generated/hosts"
"https://urlhaus.abuse.ch/downloads/hostfile/" "https://urlhaus.abuse.ch/downloads/hostfile/"
]; ];
other = [ other = [
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
]; ];
}; };
# whiteLists = { # whiteLists = {
# other = [ # other = [
# "/.*.vk.com/" # "/.*.vk.com/"
# ]; # ];
# }; # };
clientGroupsBlock = { clientGroupsBlock = {
default = [ default = [
"suspicious" "suspicious"
"ads" "ads"
"tracking" "tracking"
"malicious" "malicious"
"other" "other"
]; ];
}; };
}; };
customDNS = { customDNS = {
mapping = let mapping =
block = "0.0.0.0"; let
in { block = "0.0.0.0";
# All subdomains to current host. in
# ${config.container.domain} = config.container.host; {
"voronind.com" = "10.0.0.1"; # All subdomains to current host.
# ${config.container.domain} = config.container.host;
"voronind.com" = "10.0.0.1";
# Blocklist. # Blocklist.
"gosuslugi.ru" = block; "gosuslugi.ru" = block;
"rutube.ru" = block; "rutube.ru" = block;
"vk.com" = block; "vk.com" = block;
}; };
}; };
port = cfg.port; port = cfg.port;
# httpPort = "80"; # httpPort = "80";
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,60 +1,70 @@
{ container, lib, config, ... }: with lib; let {
cfg = config.container.module.download; container,
in { lib,
options = { config,
container.module.download = { ...
enable = mkEnableOption "Downloader."; }:
address = mkOption { with lib;
default = "10.1.0.12"; let
type = types.str; cfg = config.container.module.download;
}; in
port = mkOption { {
default = 8112; options = {
type = types.int; container.module.download = {
}; enable = mkEnableOption "Downloader.";
domain = mkOption { address = mkOption {
default = "download.${config.container.domain}"; default = "10.1.0.12";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/download"; default = 8112;
type = types.str; type = types.int;
}; };
memLimit = mkOption { domain = mkOption {
default = "4G"; default = "download.${config.container.domain}";
type = types.str; type = types.str;
}; };
}; storage = mkOption {
}; default = "${config.container.storage}/download";
type = types.str;
};
memLimit = mkOption {
default = "4G";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.download = container.mkContainer cfg { containers.download = container.mkContainer cfg {
enableTun = true; enableTun = true;
bindMounts = { bindMounts = {
"/var/lib/deluge/.config/deluge" = { "/var/lib/deluge/.config/deluge" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
} // container.attachMedia "download" false; } // container.attachMedia "download" false;
config = { ... }: container.mkContainerConfig cfg { config =
services.deluge = { { ... }:
enable = true; container.mkContainerConfig cfg {
dataDir = "/var/lib/deluge"; services.deluge = {
web.enable = true; enable = true;
}; dataDir = "/var/lib/deluge";
web.enable = true;
};
systemd.services.deluged.serviceConfig = { systemd.services.deluged.serviceConfig = {
MemoryLimit = cfg.memLimit; MemoryLimit = cfg.memLimit;
Restart = lib.mkForce "always"; Restart = lib.mkForce "always";
RuntimeMaxSec = "1d"; RuntimeMaxSec = "1d";
}; };
}; };
}; };
}; };
} }

View file

@ -1,118 +1,132 @@
# TODO: Saved just in case for the dark future. # TODO: Saved just in case for the dark future.
# в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна" # в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна"
{ container, pkgs, lib, config, __findFile, ... }: with lib; let {
cfg = config.container.module.frkn; container,
in { pkgs,
options = { lib,
container.module.frkn = { config,
enable = mkEnableOption "FRKN"; __findFile,
address = mkOption { ...
default = "10.1.0.69"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.frkn;
default = 1080; in
type = types.int; {
}; options = {
torport = mkOption { container.module.frkn = {
default = 9150; enable = mkEnableOption "FRKN";
type = types.int; address = mkOption {
}; default = "10.1.0.69";
xrayport = mkOption { type = types.str;
default = 1081; };
type = types.int; port = mkOption {
}; default = 1080;
storage = mkOption { type = types.int;
default = "${config.container.storage}/frkn"; };
type = types.str; torport = mkOption {
}; default = 9150;
}; type = types.int;
}; };
xrayport = mkOption {
default = 1081;
type = types.int;
};
storage = mkOption {
default = "${config.container.storage}/frkn";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.frkn = container.mkContainer cfg { containers.frkn = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/data" = { "/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
boot.kernel.sysctl = { { ... }:
"net.ipv4.conf.all.src_valid_mark" = 1; container.mkContainerConfig cfg {
"net.ipv4.ip_forward" = 1; boot.kernel.sysctl = {
}; "net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1;
};
imports = [ <module/Zapret.nix> ]; imports = [ <module/Zapret.nix> ];
module.zapret = { module.zapret = {
enable = true; enable = true;
params = config.module.zapret.params; params = config.module.zapret.params;
}; };
services = { services = {
microsocks = { microsocks = {
enable = true; enable = true;
ip = cfg.address; ip = cfg.address;
port = cfg.port; port = cfg.port;
disableLogging = true; disableLogging = true;
#authUsername #authUsername
#outgoingBindIp #outgoingBindIp
#authOnce #authOnce
}; };
tor = { tor = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = let settings =
exclude = "{RU},{UA},{BY},{KZ},{CN},{??}"; let
in { exclude = "{RU},{UA},{BY},{KZ},{CN},{??}";
# ExcludeExitNodes = exclude; in
# ExcludeNodes = exclude; {
#DNSPort = dnsport; # ExcludeExitNodes = exclude;
UseBridges = true; # ExcludeNodes = exclude;
ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/lyrebird"; #DNSPort = dnsport;
Bridge = [ UseBridges = true;
"obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0" ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/lyrebird";
"obfs4 121.45.140.249:12123 0922E212E33B04F0B7C1E398161E8EDE06734F26 cert=3AQ4iJFAzxzt7a/zgXIiFEs6fvrXInXt1Dtr09DgnpvUzG/iiyRTdXYZKSYpI124Zt3ZUA iat-mode=0" Bridge = [
"obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0" "obfs4 94.103.89.153:4443 5617848964FD6546968B5BF3FFA6C11BCCABE58B cert=tYsmuuTe9phJS0Gh8NKIpkVZP/XKs7gJCqi31o8LClwYetxzFz0fQZgsMwhNcIlZ0HG5LA iat-mode=0"
"obfs4 145.239.31.71:10161 882125D15B59BB82BE66F999056CB676D3F061F8 cert=AnD+EvcBMuQDVM7PwW7NgFAzW1M5jDm7DjQtIIcBSjoyAf1FJ2p535rrYL2Kk8POAd0+aw iat-mode=0" "obfs4 121.45.140.249:12123 0922E212E33B04F0B7C1E398161E8EDE06734F26 cert=3AQ4iJFAzxzt7a/zgXIiFEs6fvrXInXt1Dtr09DgnpvUzG/iiyRTdXYZKSYpI124Zt3ZUA iat-mode=0"
]; "obfs4 79.137.11.45:45072 ECA3197D49A29DDECD4ACBF9BCF15E4987B78137 cert=2FKyLWkPgMNCWxBD3cNOTRxJH3XP+HdStPGKMjJfw2YbvVjihIp3X2BCrtxQya9m5II5XA iat-mode=0"
}; "obfs4 145.239.31.71:10161 882125D15B59BB82BE66F999056CB676D3F061F8 cert=AnD+EvcBMuQDVM7PwW7NgFAzW1M5jDm7DjQtIIcBSjoyAf1FJ2p535rrYL2Kk8POAd0+aw iat-mode=0"
];
};
client = { client = {
enable = true; enable = true;
#dns.enable = true; #dns.enable = true;
socksListenAddress = { socksListenAddress = {
IsolateDestAddr = true; IsolateDestAddr = true;
addr = cfg.address; addr = cfg.address;
port = cfg.torport; port = cfg.torport;
}; };
}; };
}; };
xray = { xray = {
enable = true; enable = true;
settingsFile = "/data/Client.json"; settingsFile = "/data/Client.json";
}; };
}; };
systemd = { systemd = {
services.tor.wantedBy = lib.mkForce []; services.tor.wantedBy = lib.mkForce [ ];
timers.tor = { timers.tor = {
timerConfig = { timerConfig = {
OnBootSec = 5; OnBootSec = 5;
Unit = "tor.service"; Unit = "tor.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,108 +1,123 @@
{ container, pkgs, config, lib, ... }: with lib; let {
cfg = config.container.module.git; container,
in { pkgs,
options = { config,
container.module.git = { lib,
enable = mkEnableOption "Git server."; ...
address = mkOption { }:
default = "10.1.0.8"; with lib;
type = types.str; let
}; cfg = config.container.module.git;
port = mkOption { in
default = 3000; {
type = types.int; options = {
}; container.module.git = {
portSsh = mkOption { enable = mkEnableOption "Git server.";
default = 22144; address = mkOption {
type = types.int; default = "10.1.0.8";
}; type = types.str;
domain = mkOption { };
default = "git.${config.container.domain}"; port = mkOption {
type = types.str; default = 3000;
}; type = types.int;
storage = mkOption { };
default = "${config.container.storage}/git"; portSsh = mkOption {
type = types.str; default = 22144;
}; type = types.int;
}; };
}; domain = mkOption {
default = "git.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/git";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.git = container.mkContainer cfg { containers.git = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/forgejo" = { "/var/lib/forgejo" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = with pkgs; [ forgejo ]; { ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ forgejo ];
services.forgejo = { services.forgejo = {
enable = true; enable = true;
stateDir = "/var/lib/forgejo"; stateDir = "/var/lib/forgejo";
database = let database =
postgre = config.container.module.postgres; let
in { postgre = config.container.module.postgres;
type = "postgres"; in
host = postgre.address; {
port = postgre.port; type = "postgres";
user = "forgejo"; host = postgre.address;
name = "forgejo"; port = postgre.port;
createDatabase = false; user = "forgejo";
}; name = "forgejo";
createDatabase = false;
};
settings = let settings =
gcArgs = "--aggressive --no-cruft --prune=now"; let
gcTimeout = 600; gcArgs = "--aggressive --no-cruft --prune=now";
in { gcTimeout = 600;
"service".DISABLE_REGISTRATION = true; in
"log".LEVEL = "Error"; {
"server" = { "service".DISABLE_REGISTRATION = true;
DOMAIN = cfg.domain; "log".LEVEL = "Error";
HTTP_ADDR = cfg.address; "server" = {
ROOT_URL = "https://${cfg.domain}"; DOMAIN = cfg.domain;
HTTP_ADDR = cfg.address;
ROOT_URL = "https://${cfg.domain}";
BUILTIN_SSH_SERVER_USER = "git"; BUILTIN_SSH_SERVER_USER = "git";
DISABLE_SSH = false; DISABLE_SSH = false;
SSH_PORT = cfg.portSsh; SSH_PORT = cfg.portSsh;
START_SSH_SERVER = true; START_SSH_SERVER = true;
}; };
"ui" = { "ui" = {
AMBIGUOUS_UNICODE_DETECTION = false; AMBIGUOUS_UNICODE_DETECTION = false;
}; };
"repository" = { "repository" = {
DEFAULT_PRIVATE = "private"; DEFAULT_PRIVATE = "private";
DEFAULT_PUSH_CREATE_PRIVATE = true; DEFAULT_PUSH_CREATE_PRIVATE = true;
}; };
"repository.pull-request".DEFAULT_MERGE_STYLE = "rebase"; "repository.pull-request".DEFAULT_MERGE_STYLE = "rebase";
"repository.issue".MAX_PINNED = 99999; "repository.issue".MAX_PINNED = 99999;
"cron" = { "cron" = {
ENABLED = true; ENABLED = true;
RUN_AT_START = true; RUN_AT_START = true;
}; };
"repo-archive".ENABLED = false; "repo-archive".ENABLED = false;
"cron.update_mirrors".SCHEDULE = "@midnight"; "cron.update_mirrors".SCHEDULE = "@midnight";
"cron.cleanup_actions".ENABLED = true; "cron.cleanup_actions".ENABLED = true;
"cron.git_gc_repos" = { "cron.git_gc_repos" = {
ENABLED = true; ENABLED = true;
SCHEDULE = "@midnight"; SCHEDULE = "@midnight";
TIMEOUT = gcTimeout; TIMEOUT = gcTimeout;
ARGS = gcArgs; ARGS = gcArgs;
}; };
"git" = { "git" = {
GC_ARGS = gcArgs; GC_ARGS = gcArgs;
}; };
"git.timeout".GC = gcTimeout; "git.timeout".GC = gcTimeout;
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,70 +1,81 @@
# ISSUE: Broken, can't read/write sda device. # ISSUE: Broken, can't read/write sda device.
{ container, pkgs, config, lib, ... }: with lib; let {
cfg = config.container.module.hdd; container,
in { pkgs,
options = { config,
container.module.hdd = { lib,
enable = mkEnableOption "Hdd health monitor."; ...
address = mkOption { }:
default = "10.1.0.10"; with lib;
type = types.str; let
}; cfg = config.container.module.hdd;
port = mkOption { in
default = 8080; {
type = types.int; options = {
}; container.module.hdd = {
domain = mkOption { enable = mkEnableOption "Hdd health monitor.";
default = "hdd.${config.container.domain}"; address = mkOption {
type = types.str; default = "10.1.0.10";
}; type = types.str;
storage = mkOption { };
default = "${config.container.storage}/hdd"; port = mkOption {
type = types.str; default = 8080;
}; type = types.int;
}; };
}; domain = mkOption {
default = "hdd.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/hdd";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.hdd = container.mkContainer cfg { containers.hdd = container.mkContainer cfg {
# bindMounts = let # bindMounts = let
# attachDrive = hostPath: { # attachDrive = hostPath: {
# inherit hostPath; # inherit hostPath;
# isReadOnly = false; # isReadOnly = false;
# }; # };
# in { # in {
# "/opt/scrutiny" = { # "/opt/scrutiny" = {
# hostPath = "${cfg.storage}/data"; # hostPath = "${cfg.storage}/data";
# isReadOnly = false; # isReadOnly = false;
# }; # };
# "/dev/sda" = attachDrive "/dev/sda"; # "/dev/sda" = attachDrive "/dev/sda";
# }; # };
# allowedDevices = [ # allowedDevices = [
# { # {
# modifier = "rwm"; # modifier = "rwm";
# node = "/dev/sda"; # node = "/dev/sda";
# } # }
# ]; # ];
# additionalCapabilities = [ "CAP_SYS_ADMIN" ]; # additionalCapabilities = [ "CAP_SYS_ADMIN" ];
config = { ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = with pkgs; [ smartmontools ]; { ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ smartmontools ];
services.scrutiny = { services.scrutiny = {
enable = true; enable = true;
settings.web = { settings.web = {
listen = { listen = {
host = cfg.address; host = cfg.address;
port = cfg.port; port = cfg.port;
}; };
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,45 +1,58 @@
{ container, pkgs, util, lib, config, __findFile, ... } @args: with lib; let {
cfg = config.container.module.home; container,
package = (pkgs.callPackage <package/homer> args); pkgs,
in { util,
options = { lib,
container.module.home = { config,
enable = mkEnableOption "Dashboard."; __findFile,
address = mkOption { ...
default = "10.1.0.18"; }@args:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.home;
default = 80; package = (pkgs.callPackage <package/homer> args);
type = types.int; in
}; {
domain = mkOption { options = {
default = "home.${config.container.domain}"; container.module.home = {
type = types.str; enable = mkEnableOption "Dashboard.";
}; address = mkOption {
}; default = "10.1.0.18";
}; type = types.str;
};
port = mkOption {
default = 80;
type = types.int;
};
domain = mkOption {
default = "home.${config.container.domain}";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
containers.home = container.mkContainer cfg { containers.home = container.mkContainer cfg {
config = { ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = [ package ]; { ... }:
systemd.packages = [ package ]; container.mkContainerConfig cfg {
environment.systemPackages = [ package ];
systemd.packages = [ package ];
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts.${cfg.domain} = container.mkServer { virtualHosts.${cfg.domain} = container.mkServer {
default = true; default = true;
root = "${package}"; root = "${package}";
locations = { locations = {
"/".extraConfig = '' "/".extraConfig = ''
try_files $uri $uri/index.html; try_files $uri $uri/index.html;
''; '';
}; };
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,110 +1,125 @@
{ container, lib, config, pkgsStable, ... }: with lib; let {
cfg = config.container.module.iot; container,
in { lib,
options = { config,
container.module.iot = { pkgsStable,
enable = mkEnableOption "IoT service."; ...
address = mkOption { }:
default = "10.1.0.27"; with lib;
type = types.str; let
}; cfg = config.container.module.iot;
port = mkOption { in
default = 8123; {
type = types.int; options = {
}; container.module.iot = {
domain = mkOption { enable = mkEnableOption "IoT service.";
default = "iot.${config.container.domain}"; address = mkOption {
type = types.str; default = "10.1.0.27";
}; type = types.str;
storage = mkOption { };
default = "${config.container.storage}/iot"; port = mkOption {
type = types.str; default = 8123;
}; type = types.int;
}; };
}; domain = mkOption {
default = "iot.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/iot";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.iot = container.mkContainer cfg { containers.iot = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/hass" = { "/var/lib/hass" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
"/dev/ttyACM0" = { "/dev/ttyACM0" = {
hostPath = "/dev/ttyACM0"; hostPath = "/dev/ttyACM0";
isReadOnly = false; isReadOnly = false;
}; };
"/dev/serial/by-id" = { "/dev/serial/by-id" = {
hostPath = "/dev/serial/by-id"; hostPath = "/dev/serial/by-id";
isReadOnly = false; isReadOnly = false;
}; };
} // container.attachMedia "photo" true; } // container.attachMedia "photo" true;
allowedDevices = [ allowedDevices = [
{ {
modifier = "rwm"; modifier = "rwm";
node = "/dev/ttyACM0"; node = "/dev/ttyACM0";
} }
]; ];
config = { ... }: container.mkContainerConfig cfg { config =
# Allow Hass to talk to Zigbee dongle. { ... }:
users.users.hass.extraGroups = [ "dialout" "tty" ]; container.mkContainerConfig cfg {
# Allow Hass to talk to Zigbee dongle.
users.users.hass.extraGroups = [
"dialout"
"tty"
];
services.home-assistant = { services.home-assistant = {
# NOTE: Missing: hacs. Inside hacs: `card-mod`, `Clock Weather Card`, `WallPanel` and `Yandex.Station`. # NOTE: Missing: hacs. Inside hacs: `card-mod`, `Clock Weather Card`, `WallPanel` and `Yandex.Station`.
enable = true; enable = true;
extraComponents = [ extraComponents = [
"caldav" "caldav"
"met" "met"
"sun" "sun"
"systemmonitor" "systemmonitor"
"zha" "zha"
]; ];
extraPackages = python3Packages: with python3Packages; [ extraPackages =
aiodhcpwatcher python3Packages: with python3Packages; [
aiodiscover aiodhcpwatcher
aiogithubapi aiodiscover
arrow aiogithubapi
async-upnp-client arrow
av async-upnp-client
gtts av
ha-ffmpeg gtts
hassil ha-ffmpeg
home-assistant-intents hassil
mutagen home-assistant-intents
numpy mutagen
pymicro-vad numpy
pynacl pymicro-vad
python-telegram-bot pynacl
pyturbojpeg python-telegram-bot
pyspeex-noise pyturbojpeg
zeroconf pyspeex-noise
]; zeroconf
configDir = "/var/lib/hass"; ];
# lovelaceConfig = { configDir = "/var/lib/hass";
# title = "Home IoT control center."; # lovelaceConfig = {
# }; # title = "Home IoT control center.";
# NOTE: Using imperative config because of secrets. # };
config = null; # NOTE: Using imperative config because of secrets.
}; config = null;
};
# HACK: Delay so that nextcloud calendar can reply on reboot. # HACK: Delay so that nextcloud calendar can reply on reboot.
systemd = { systemd = {
services."home-assistant".wantedBy = mkForce []; services."home-assistant".wantedBy = mkForce [ ];
timers.fixsystemd = { timers.fixsystemd = {
timerConfig = { timerConfig = {
OnBootSec = 15; OnBootSec = 15;
Unit = "home-assistant.service"; Unit = "home-assistant.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,66 +1,85 @@
{ container, pkgsJobber, poetry2nixJobber, lib, config, __findFile, ... }: with lib; let {
cfg = config.container.module.jobber; container,
script = import <package/jobber> { poetry2nix = poetry2nixJobber; pkgs = pkgsJobber; }; pkgsJobber,
in { poetry2nixJobber,
options = { lib,
container.module.jobber = { config,
enable = mkEnableOption "Button pusher Stanley."; __findFile,
address = mkOption { ...
default = "10.1.0.32"; }:
type = types.str; with lib;
}; let
storage = mkOption { cfg = config.container.module.jobber;
default = "${config.container.storage}/jobber"; script = import <package/jobber> {
type = types.str; poetry2nix = poetry2nixJobber;
}; pkgs = pkgsJobber;
}; };
}; in
{
options = {
container.module.jobber = {
enable = mkEnableOption "Button pusher Stanley.";
address = mkOption {
default = "10.1.0.32";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/jobber";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.jobber = container.mkContainer cfg { containers.jobber = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/data" = { "/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = true; isReadOnly = true;
}; };
}; };
enableTun = true; enableTun = true;
config = { lib, ... }: let config =
packages = [ script ] ++ (with pkgsJobber; [ { lib, ... }:
firefox let
geckodriver packages =
openvpn [ script ]
python311 ++ (with pkgsJobber; [
]); firefox
in container.mkContainerConfig cfg { geckodriver
networking = lib.mkForce { openvpn
nameservers = [ python311
"10.30.218.2" ]);
]; in
}; container.mkContainerConfig cfg {
networking = lib.mkForce {
nameservers = [
"10.30.218.2"
];
};
systemd.services.jobber = { systemd.services.jobber = {
description = "My job is pushing the button."; description = "My job is pushing the button.";
enable = true; enable = true;
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = packages; path = packages;
environment = { environment = {
PYTHONUNBUFFERED = "1"; PYTHONUNBUFFERED = "1";
PYTHONDONTWRITEBYTECODE = "1"; PYTHONDONTWRITEBYTECODE = "1";
}; };
serviceConfig = { serviceConfig = {
Type = "simple"; Type = "simple";
ExecStart = "${script}/bin/jobber -u"; ExecStart = "${script}/bin/jobber -u";
Restart = "on-failure"; Restart = "on-failure";
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,228 +1,246 @@
# Guide: https://nixos-mailserver.readthedocs.io/en/latest/setup-guide.html # Guide: https://nixos-mailserver.readthedocs.io/en/latest/setup-guide.html
{ container, pkgs, util, const, lib, config, ... }: with lib; let {
cfg = config.container.module.mail; container,
domain = config.container.domain; pkgs,
in { util,
options = { const,
container.module.mail = { lib,
enable = mkEnableOption "Email server."; config,
address = mkOption { ...
default = "10.1.0.5"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.mail;
default = 80; domain = config.container.domain;
type = types.int; in
}; {
domain = mkOption { options = {
default = "mail.${config.container.domain}"; container.module.mail = {
type = types.str; enable = mkEnableOption "Email server.";
}; address = mkOption {
storage = mkOption { default = "10.1.0.5";
default = "${config.container.storage}/mail"; type = types.str;
type = types.str; };
}; port = mkOption {
}; default = 80;
}; type = types.int;
};
domain = mkOption {
default = "mail.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/mail";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
# "data/indices" # "data/indices"
# "data/vmail" # "data/vmail"
# "data/sieve" # "data/sieve"
# "data/dkim" # "data/dkim"
]; ];
containers.mail = container.mkContainer cfg { containers.mail = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/dovecot/indices" = { "/var/lib/dovecot/indices" = {
hostPath = "${cfg.storage}/data/indices"; hostPath = "${cfg.storage}/data/indices";
isReadOnly = false; isReadOnly = false;
}; };
"/var/vmail" = { "/var/vmail" = {
hostPath = "${cfg.storage}/data/vmail"; hostPath = "${cfg.storage}/data/vmail";
isReadOnly = false; isReadOnly = false;
}; };
"/var/sieve" = { "/var/sieve" = {
hostPath = "${cfg.storage}/data/sieve"; hostPath = "${cfg.storage}/data/sieve";
isReadOnly = false; isReadOnly = false;
}; };
"/var/dkim" = { "/var/dkim" = {
hostPath = "${cfg.storage}/data/dkim"; hostPath = "${cfg.storage}/data/dkim";
isReadOnly = false; isReadOnly = false;
}; };
"/acme" = { "/acme" = {
hostPath = "${config.container.module.proxy.storage}/letsencrypt"; hostPath = "${config.container.module.proxy.storage}/letsencrypt";
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { config, ... }: container.mkContainerConfig cfg { config =
imports = [ { config, ... }:
(builtins.fetchTarball { container.mkContainerConfig cfg {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz"; imports = [
sha256 = "sha256:0clvw4622mqzk1aqw1qn6shl9pai097q62mq1ibzscnjayhp278b"; (builtins.fetchTarball {
}) url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-${const.stateVersion}/nixos-mailserver-nixos-${const.stateVersion}.tar.gz";
]; sha256 = "sha256:0clvw4622mqzk1aqw1qn6shl9pai097q62mq1ibzscnjayhp278b";
})
];
mailserver = { mailserver = {
enable = true; enable = true;
domains = [ domain ]; domains = [ domain ];
fqdn = cfg.domain; fqdn = cfg.domain;
sendingFqdn = domain; sendingFqdn = domain;
# Use `mkpasswd -sm bcrypt`. # Use `mkpasswd -sm bcrypt`.
loginAccounts = let loginAccounts =
defaultQuota = "1G"; let
in { defaultQuota = "1G";
"admin@${domain}" = { in
name = "admin"; {
hashedPassword = "$2b$05$1O.dxXxaVshcBNybcqDRYuTlnYt3jDBwfPZWoDtP4BjOLoL0StYsi"; "admin@${domain}" = {
quota = defaultQuota; name = "admin";
}; hashedPassword = "$2b$05$1O.dxXxaVshcBNybcqDRYuTlnYt3jDBwfPZWoDtP4BjOLoL0StYsi";
"account@${domain}" = { quota = defaultQuota;
name = "account"; };
hashedPassword = "$2b$05$sCyZHdk98KqQ1qsTIvbrUeRJlNBOwBqDgpdc1QxiSnONlEkZ8xGNO"; "account@${domain}" = {
quota = defaultQuota; name = "account";
}; hashedPassword = "$2b$05$sCyZHdk98KqQ1qsTIvbrUeRJlNBOwBqDgpdc1QxiSnONlEkZ8xGNO";
"hi@${domain}" = { quota = defaultQuota;
name = "hi"; };
hashedPassword = "$2b$05$6fT5hIhzIasNfp9IQr/ds.5RuxH95VKU3QJWlX3hmrAzDF3mExanq"; "hi@${domain}" = {
quota = defaultQuota; name = "hi";
aliases = [ "voronind@${domain}" ]; hashedPassword = "$2b$05$6fT5hIhzIasNfp9IQr/ds.5RuxH95VKU3QJWlX3hmrAzDF3mExanq";
}; quota = defaultQuota;
"job@${domain}" = { aliases = [ "voronind@${domain}" ];
name = "job"; };
hashedPassword = "$2b$05$.sUmv2.9EWPfLwJn/oZw2e1UbR7HrpNQ2THc5jjX3ysy7CY8ZWHUC"; "job@${domain}" = {
quota = defaultQuota; name = "job";
}; hashedPassword = "$2b$05$.sUmv2.9EWPfLwJn/oZw2e1UbR7HrpNQ2THc5jjX3ysy7CY8ZWHUC";
"trash@${domain}" = { quota = defaultQuota;
name = "trash"; };
hashedPassword = "$2b$05$kn5ygZjN9NR3LXjnKKRw/.DXaZQNW.1XEottlCFIoKiDpIj.JGLJm"; "trash@${domain}" = {
catchAll = [ domain ]; name = "trash";
quota = defaultQuota; hashedPassword = "$2b$05$kn5ygZjN9NR3LXjnKKRw/.DXaZQNW.1XEottlCFIoKiDpIj.JGLJm";
}; catchAll = [ domain ];
"noreply@${domain}" = { quota = defaultQuota;
name = "noreply"; };
hashedPassword = "$2b$05$TaKwoYmcmkAhsRRv6xG5wOkChcz50cB9BP6QPUDKNAcxMbrY6AeMK"; "noreply@${domain}" = {
sendOnly = true; name = "noreply";
quota = defaultQuota; hashedPassword = "$2b$05$TaKwoYmcmkAhsRRv6xG5wOkChcz50cB9BP6QPUDKNAcxMbrY6AeMK";
}; sendOnly = true;
}; quota = defaultQuota;
};
};
enableImap = true; enableImap = true;
enableImapSsl = true; enableImapSsl = true;
enableSubmission = true; enableSubmission = true;
enableSubmissionSsl = true; enableSubmissionSsl = true;
enableManageSieve = true; enableManageSieve = true;
virusScanning = false; virusScanning = false;
certificateScheme = "manual"; certificateScheme = "manual";
keyFile = "/acme/live/${domain}/privkey.pem"; keyFile = "/acme/live/${domain}/privkey.pem";
certificateFile = "/acme/live/${domain}/cert.pem"; certificateFile = "/acme/live/${domain}/cert.pem";
indexDir = "/var/lib/dovecot/indices"; indexDir = "/var/lib/dovecot/indices";
mailDirectory = "/var/vmail"; mailDirectory = "/var/vmail";
sieveDirectory = "/var/sieve"; sieveDirectory = "/var/sieve";
dkimKeyDirectory = "/var/dkim"; dkimKeyDirectory = "/var/dkim";
mailboxes = { mailboxes = {
All = { All = {
auto = "subscribe"; auto = "subscribe";
specialUse = "All"; specialUse = "All";
}; };
Archive = { Archive = {
auto = "subscribe"; auto = "subscribe";
specialUse = "Archive"; specialUse = "Archive";
}; };
Drafts = { Drafts = {
auto = "subscribe"; auto = "subscribe";
specialUse = "Drafts"; specialUse = "Drafts";
}; };
Junk = { Junk = {
auto = "subscribe"; auto = "subscribe";
specialUse = "Junk"; specialUse = "Junk";
# autoexpunge = "3d"; # autoexpunge = "3d";
}; };
Sent = { Sent = {
auto = "subscribe"; auto = "subscribe";
specialUse = "Sent"; specialUse = "Sent";
}; };
Trash = { Trash = {
auto = "subscribe"; auto = "subscribe";
specialUse = "Trash"; specialUse = "Trash";
# autoexpunge = "30d"; # autoexpunge = "30d";
}; };
}; };
dmarcReporting = { dmarcReporting = {
inherit domain; inherit domain;
enable = true; enable = true;
organizationName = "voronind"; organizationName = "voronind";
# email = "noreply@${domain}"; # email = "noreply@${domain}";
}; };
# monitoring = { # monitoring = {
# enable = true; # enable = true;
# alertAddress = "admin@${domain}"; # alertAddress = "admin@${domain}";
# }; # };
}; };
services = { services = {
roundcube = { roundcube = {
enable = true; enable = true;
dicts = with pkgs.aspellDicts; [ en ru ]; dicts = with pkgs.aspellDicts; [
hostName = cfg.domain; en
plugins = [ ru
"managesieve" ];
]; hostName = cfg.domain;
extraConfig = '' plugins = [
# starttls needed for authentication, so the fqdn required to match "managesieve"
# the certificate ];
# $config['smtp_server'] = "tls://${config.mailserver.fqdn}"; extraConfig = ''
# $config['smtp_server'] = "tls://localhost"; # starttls needed for authentication, so the fqdn required to match
$config['smtp_server'] = "localhost:25"; # the certificate
$config['smtp_auth_type'] = null; # $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = ""; # $config['smtp_server'] = "tls://localhost";
$config['smtp_pass'] = ""; $config['smtp_server'] = "localhost:25";
# $config['smtp_user'] = "%u"; $config['smtp_auth_type'] = null;
# $config['smtp_pass'] = "%p"; $config['smtp_user'] = "";
''; $config['smtp_pass'] = "";
}; # $config['smtp_user'] = "%u";
# $config['smtp_pass'] = "%p";
'';
};
nginx = { nginx = {
virtualHosts.${cfg.domain} = { virtualHosts.${cfg.domain} = {
forceSSL = false; forceSSL = false;
enableACME = false; enableACME = false;
}; };
}; };
}; };
systemd = { systemd = {
services.autoexpunge = { services.autoexpunge = {
description = "Delete old mail"; description = "Delete old mail";
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
path = [ pkgs.dovecot ]; path = [ pkgs.dovecot ];
script = '' script = ''
doveadm expunge -A mailbox Junk SENTBEFORE 7d doveadm expunge -A mailbox Junk SENTBEFORE 7d
doveadm expunge -A mailbox Trash SENTBEFORE 30d doveadm expunge -A mailbox Trash SENTBEFORE 30d
doveadm expunge -u trash@voronind.com mailbox Inbox SENTBEFORE 30d doveadm expunge -u trash@voronind.com mailbox Inbox SENTBEFORE 30d
doveadm purge -A doveadm purge -A
''; '';
}; };
timers.autoexpunge = { timers.autoexpunge = {
timerConfig = { timerConfig = {
OnCalendar = "daily"; OnCalendar = "daily";
Persistent = true; Persistent = true;
Unit = "autoexpunge.service"; Unit = "autoexpunge.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -2,93 +2,107 @@
# 1. You need to change PSQL tables owner from root to onlyoffice, too. They don't do that automatically for some reason. # 1. You need to change PSQL tables owner from root to onlyoffice, too. They don't do that automatically for some reason.
# 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS # 2. TODO: Generate JWT secret at /var/lib/onlyoffice/jwt, i.e. 9wLfMGha1YrfvWpb5hyYjZf8pvJQ3swS
# See https://git.voronind.com/voronind/nixos/issues/74 # See https://git.voronind.com/voronind/nixos/issues/74
{ container, pkgs, util, lib, config, ... }: with lib; let {
cfg = config.container.module.office; container,
in { pkgs,
options = { util,
container.module.office = { lib,
enable = mkEnableOption "Office web suite."; config,
address = mkOption { ...
default = "10.1.0.21"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.office;
default = 8000; in
type = types.int; {
}; options = {
domain = mkOption { container.module.office = {
default = "office.${config.container.domain}"; enable = mkEnableOption "Office web suite.";
type = types.str; address = mkOption {
}; default = "10.1.0.21";
storage = mkOption { type = types.str;
default = "${config.container.storage}/office"; };
type = types.str; port = mkOption {
}; default = 8000;
}; type = types.int;
}; };
domain = mkOption {
default = "office.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/office";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.office = container.mkContainer cfg { containers.office = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/onlyoffice" = { "/var/lib/onlyoffice" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
# HACK: Temporarely run in docker due to https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/931
config =
{ pkgs, ... }:
container.mkContainerConfig cfg {
virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers.office = {
autoStart = true;
image = "dockerhub.timeweb.cloud/onlyoffice/documentserver:latest";
# ports = [ "${toString cfg.port}:8000" ];
extraOptions = [
"--network=host"
"--privileged"
];
environment = {
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
AMQP_URI = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}";
DB_HOST = config.container.module.postgres.address;
DB_PORT = toString config.container.module.postgres.port;
DB_NAME = "onlyoffice";
DB_USER = "onlyoffice";
DB_PWD = "onlyoffice";
};
};
};
# HACK: Temporarely run in docker due to https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/931 # config = { pkgs, ... }: container.mkContainerConfig cfg {
config = { pkgs, ... }: container.mkContainerConfig cfg { # # HACK: For whatever reason it does not detect my global allowUnfree (I pass pkgs from host system in mkContainerConfig).
virtualisation.oci-containers.backend = "docker"; # nixpkgs.overlays = [ (final: prev: {
virtualisation.oci-containers.containers.office = { # corefonts = prev.corefonts.overrideAttrs (old: {
autoStart = true; # meta.license = mkForce licenses.mit;
image = "dockerhub.timeweb.cloud/onlyoffice/documentserver:latest"; # });
# ports = [ "${toString cfg.port}:8000" ]; # })];
extraOptions = [ "--network=host" "--privileged" ];
environment = {
JWT_ENABLED = "true";
JWT_SECRET = "8wLfKGha8YRfvwpB5hYYjZf8vtUQs3wS";
AMQP_URI = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}";
DB_HOST = config.container.module.postgres.address;
DB_PORT = toString config.container.module.postgres.port;
DB_NAME = "onlyoffice";
DB_USER = "onlyoffice";
DB_PWD = "onlyoffice";
};
};
};
# config = { pkgs, ... }: container.mkContainerConfig cfg { # services.onlyoffice = let
# # HACK: For whatever reason it does not detect my global allowUnfree (I pass pkgs from host system in mkContainerConfig). # dbName = "onlyoffice";
# nixpkgs.overlays = [ (final: prev: { # in {
# corefonts = prev.corefonts.overrideAttrs (old: { # enable = true;
# meta.license = mkForce licenses.mit; # hostname = cfg.domain;
# });
# })];
# services.onlyoffice = let # postgresName = dbName;
# dbName = "onlyoffice"; # postgresHost = config.container.module.postgres.address;
# in { # postgresUser = dbName;
# enable = true; # postgresPasswordFile = "${pkgs.writeText "OfficeDbPassword" dbName}";
# hostname = cfg.domain;
# postgresName = dbName; # jwtSecretFile = "/var/lib/onlyoffice/jwt";
# postgresHost = config.container.module.postgres.address;
# postgresUser = dbName;
# postgresPasswordFile = "${pkgs.writeText "OfficeDbPassword" dbName}";
# jwtSecretFile = "/var/lib/onlyoffice/jwt"; # rabbitmqUrl = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}";
# rabbitmqUrl = "amqp://guest:guest@${config.container.module.rabbitmq.address}:${toString config.container.module.rabbitmq.port}"; # examplePort = cfg.port;
# enableExampleServer = true;
# examplePort = cfg.port; # };
# enableExampleServer = true; # };
# }; };
# }; };
};
};
} }

View file

@ -1,96 +1,108 @@
{ container, pkgs, pkgsStable, lib, config, ... }: with lib; let {
cfg = config.container.module.paper; container,
in { pkgs,
options = { pkgsStable,
container.module.paper = { lib,
enable = mkEnableOption "Paper scans manager."; config,
address = mkOption { ...
default = "10.1.0.40"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.paper;
default = 28981; in
type = types.int; {
}; options = {
domain = mkOption { container.module.paper = {
default = "paper.${config.container.domain}"; enable = mkEnableOption "Paper scans manager.";
type = types.str; address = mkOption {
}; default = "10.1.0.40";
storage = mkOption { type = types.str;
default = "${config.container.storage}/paper"; };
type = types.str; port = mkOption {
}; default = 28981;
}; type = types.int;
}; };
domain = mkOption {
default = "paper.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/paper";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.paper = container.mkContainer cfg { containers.paper = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/paperless" = { "/var/lib/paperless" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
"/var/lib/paperless/media" = { "/var/lib/paperless/media" = {
hostPath = "${elemAt config.container.media.paper 0}"; hostPath = "${elemAt config.container.media.paper 0}";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { lib, ... }: container.mkContainerConfig cfg { config =
services.paperless = { { lib, ... }:
enable = true; container.mkContainerConfig cfg {
dataDir = "/var/lib/paperless"; services.paperless = {
# address = cfg.domain; enable = true;
address = "0.0.0.0"; dataDir = "/var/lib/paperless";
port = cfg.port; # address = cfg.domain;
# ISSUE: https://github.com/NixOS/nixpkgs/issues/322596 address = "0.0.0.0";
# package = pkgsStable.paperless-ngx; port = cfg.port;
passwordFile = pkgs.writeText "PaperlessPassword" "root"; # ISSUE: https://github.com/NixOS/nixpkgs/issues/322596
settings = { # package = pkgsStable.paperless-ngx;
PAPERLESS_URL = "https://${cfg.domain}"; passwordFile = pkgs.writeText "PaperlessPassword" "root";
PAPERLESS_ADMIN_USER = "root"; settings = {
PAPERLESS_DBHOST = config.container.module.postgres.address; PAPERLESS_URL = "https://${cfg.domain}";
PAPERLESS_DBENGINE = "postgresql"; PAPERLESS_ADMIN_USER = "root";
PAPERLESS_DBNAME = "paperless"; PAPERLESS_DBHOST = config.container.module.postgres.address;
PAPERLESS_DBPASS = "paperless"; PAPERLESS_DBENGINE = "postgresql";
PAPERLESS_DBPORT = config.container.module.postgres.port; PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBUSER = "paperless"; PAPERLESS_DBPASS = "paperless";
PAPERLESS_OCR_LANGUAGE = "rus"; PAPERLESS_DBPORT = config.container.module.postgres.port;
PAPERLESS_REDIS = "redis://${config.container.module.redis.address}:${toString config.container.module.redis.port}"; PAPERLESS_DBUSER = "paperless";
}; PAPERLESS_OCR_LANGUAGE = "rus";
}; PAPERLESS_REDIS = "redis://${config.container.module.redis.address}:${toString config.container.module.redis.port}";
};
};
# HACK: This is required for TCP postgres connection. # HACK: This is required for TCP postgres connection.
systemd = { systemd = {
services = { services = {
paperless-scheduler = { paperless-scheduler = {
serviceConfig.PrivateNetwork = mkForce false; serviceConfig.PrivateNetwork = mkForce false;
wantedBy = mkForce []; wantedBy = mkForce [ ];
}; };
paperless-consumer = { paperless-consumer = {
serviceConfig.PrivateNetwork = mkForce false; serviceConfig.PrivateNetwork = mkForce false;
wantedBy = mkForce []; wantedBy = mkForce [ ];
}; };
paperless-web = { paperless-web = {
wantedBy = mkForce []; wantedBy = mkForce [ ];
}; };
paperless-task-queue = { paperless-task-queue = {
wantedBy = mkForce []; wantedBy = mkForce [ ];
}; };
}; };
timers.fixsystemd = { timers.fixsystemd = {
timerConfig = { timerConfig = {
OnBootSec = 5; OnBootSec = 5;
Unit = "paperless-web.service"; Unit = "paperless-web.service";
}; };
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,57 +1,67 @@
{ container, lib, config, ... }: with lib; let {
cfg = config.container.module.pass; container,
in { lib,
options = { config,
container.module.pass = { ...
enable = mkEnableOption "Password manager"; }:
address = mkOption { with lib;
default = "10.1.0.9"; let
type = types.str; cfg = config.container.module.pass;
}; in
port = mkOption { {
default = 8000; options = {
type = types.int; container.module.pass = {
}; enable = mkEnableOption "Password manager";
domain = mkOption { address = mkOption {
default = "pass.${config.container.domain}"; default = "10.1.0.9";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/pass"; default = 8000;
type = types.str; type = types.int;
}; };
}; domain = mkOption {
}; default = "pass.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/pass";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.pass = container.mkContainer cfg { containers.pass = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/bitwarden_rs" = { "/var/lib/bitwarden_rs" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.vaultwarden = { { ... }:
enable = true; container.mkContainerConfig cfg {
dbBackend = "sqlite"; services.vaultwarden = {
environmentFile = "/var/lib/bitwarden_rs/Env"; enable = true;
config = { dbBackend = "sqlite";
# DATABASE_URL = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden"; environmentFile = "/var/lib/bitwarden_rs/Env";
DATA_FOLDER = "/var/lib/bitwarden_rs"; config = {
DOMAIN = "http://${cfg.domain}"; # DATABASE_URL = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden";
SIGNUPS_ALLOWED = false; DATA_FOLDER = "/var/lib/bitwarden_rs";
WEB_VAULT_ENABLED = true; DOMAIN = "http://${cfg.domain}";
ROCKET_ADDRESS = cfg.address; SIGNUPS_ALLOWED = false;
ROCKET_PORT = cfg.port; WEB_VAULT_ENABLED = true;
}; ROCKET_ADDRESS = cfg.address;
}; ROCKET_PORT = cfg.port;
}; };
}; };
}; };
};
};
} }

View file

@ -1,126 +1,138 @@
{ pkgs, util, container, lib, config, __findFile, ... } @args: with lib; let {
cfg = config.container.module.paste; pkgs,
package = (pkgs.callPackage <package/privatebin> args); container,
in { lib,
options = { config,
container.module.paste = { __findFile,
enable = mkEnableOption "Pastebin."; ...
address = mkOption { }@args:
default = "10.1.0.14"; with lib;
type = types.str; let
}; cfg = config.container.module.paste;
port = mkOption { package = (pkgs.callPackage <package/privatebin> args);
default = 80; in
type = types.int; {
}; options = {
domain = mkOption { container.module.paste = {
default = "paste.${config.container.domain}"; enable = mkEnableOption "Pastebin.";
type = types.str; address = mkOption {
}; default = "10.1.0.14";
storage = mkOption { type = types.str;
default = "${config.container.storage}/paste"; };
type = types.str; port = mkOption {
}; default = 80;
}; type = types.int;
}; };
domain = mkOption {
default = "paste.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/paste";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
"tmp" "tmp"
"nginxtmp" "nginxtmp"
"config" "config"
]; ];
containers.paste = container.mkContainer cfg { containers.paste = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/srv/data" = { "/srv/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
"/tmp" = { "/tmp" = {
hostPath = "${cfg.storage}/tmp"; hostPath = "${cfg.storage}/tmp";
isReadOnly = false; isReadOnly = false;
}; };
"/var/lib/nginx/tmp" = { "/var/lib/nginx/tmp" = {
hostPath = "${cfg.storage}/nginxtmp"; hostPath = "${cfg.storage}/nginxtmp";
isReadOnly = false; isReadOnly = false;
}; };
"/srv/config" = { "/srv/config" = {
hostPath = "${cfg.storage}/config"; hostPath = "${cfg.storage}/config";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = [ package ]; { config, ... }:
systemd.packages = [ package ]; container.mkContainerConfig cfg {
environment.systemPackages = [ package ];
systemd.packages = [ package ];
users.users.paste = { users.users.paste = {
group = "nginx"; group = "nginx";
isSystemUser = true; isSystemUser = true;
}; };
services.phpfpm.pools.paste = { services.phpfpm.pools.paste = {
user = "paste"; user = "paste";
group = "nginx"; group = "nginx";
phpPackage = pkgs.php; phpPackage = pkgs.php;
settings = { settings = {
"pm" = "dynamic"; "pm" = "dynamic";
"php_admin_value[error_log]" = "stderr"; "php_admin_value[error_log]" = "stderr";
"php_admin_flag[log_errors]" = true; "php_admin_flag[log_errors]" = true;
"listen.owner" = "nginx"; "listen.owner" = "nginx";
"catch_workers_output" = true; "catch_workers_output" = true;
"pm.max_children" = "32"; "pm.max_children" = "32";
"pm.start_servers" = "2"; "pm.start_servers" = "2";
"pm.min_spare_servers" = "2"; "pm.min_spare_servers" = "2";
"pm.max_spare_servers" = "4"; "pm.max_spare_servers" = "4";
"pm.max_requests" = "500"; "pm.max_requests" = "500";
}; };
phpEnv = { phpEnv = {
# CONFIG_PATH = "${package}/cfg"; # CONFIG_PATH = "${package}/cfg";
}; };
}; };
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts.${cfg.domain} = container.mkServer { virtualHosts.${cfg.domain} = container.mkServer {
default = true; default = true;
root = "${package}"; root = "${package}";
locations = { locations = {
"/".extraConfig = '' "/".extraConfig = ''
rewrite ^ /index.php; rewrite ^ /index.php;
''; '';
"~ \\.php$".extraConfig = util.trimTabs '' "~ \\.php$".extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.paste.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.paste.socket};
include ${config.services.nginx.package}/conf/fastcgi.conf; include ${config.services.nginx.package}/conf/fastcgi.conf;
include ${config.services.nginx.package}/conf/fastcgi_params; include ${config.services.nginx.package}/conf/fastcgi_params;
''; '';
"~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = util.trimTabs '' "~ \\.(js|css|ttf|woff2?|png|jpe?g|svg)$".extraConfig = ''
add_header Cache-Control "public, max-age=15778463"; add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer; add_header Referrer-Policy no-referrer;
access_log off; access_log off;
''; '';
}; };
extraConfig = util.trimTabs '' extraConfig = ''
try_files $uri /index.php; try_files $uri /index.php;
''; '';
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,86 +1,105 @@
{ container, lib, pkgs, config, ... }: with lib; let {
cfg = config.container.module.postgres; container,
in { lib,
options = { pkgs,
container.module.postgres = { config,
enable = mkEnableOption "Postgresql server."; ...
address = mkOption { }:
default = "10.1.0.3"; with lib;
type = types.str; let
}; cfg = config.container.module.postgres;
port = mkOption { in
default = 5432; {
type = types.int; options = {
}; container.module.postgres = {
storage = mkOption { enable = mkEnableOption "Postgresql server.";
default = "${config.container.storage}/postgres"; address = mkOption {
type = types.str; default = "10.1.0.3";
}; type = types.str;
}; };
}; port = mkOption {
default = 5432;
type = types.int;
};
storage = mkOption {
default = "${config.container.storage}/postgres";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.postgres = container.mkContainer cfg { containers.postgres = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/postgresql/data" = { "/var/lib/postgresql/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.postgresql = let { ... }:
# Populate with services here. container.mkContainerConfig cfg {
configurations = with config.container.module; { services.postgresql =
forgejo = git; let
invidious = yt; # Populate with services here.
nextcloud = cloud; configurations = with config.container.module; {
onlyoffice = office; forgejo = git;
paperless = paper; invidious = yt;
privatebin = paste; nextcloud = cloud;
}; onlyoffice = office;
paperless = paper;
privatebin = paste;
};
access = configurations // { access = configurations // {
all = { address = config.container.host; }; all = {
}; address = config.container.host;
};
};
authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" ( authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" (
mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access
); );
ensureDatabases = [ "root" ] ++ mapAttrsToList (name: _: name) configurations; ensureDatabases = [ "root" ] ++ mapAttrsToList (name: _: name) configurations;
ensureUsers = map (name: { ensureUsers = map (name: {
inherit name; inherit name;
ensureClauses = if name == "root" then { ensureClauses =
superuser = true; if name == "root" then
createrole = true; {
createdb = true; superuser = true;
} else {}; createrole = true;
ensureDBOwnership = true; createdb = true;
}) ensureDatabases; }
in { else
inherit authentication ensureDatabases ensureUsers; { };
ensureDBOwnership = true;
}) ensureDatabases;
in
{
inherit authentication ensureDatabases ensureUsers;
enable = true; enable = true;
package = pkgs.postgresql_14; package = pkgs.postgresql_14;
dataDir = "/var/lib/postgresql/data/14"; dataDir = "/var/lib/postgresql/data/14";
enableTCPIP = true; enableTCPIP = true;
# NOTE: Debug mode. # NOTE: Debug mode.
# settings = { # settings = {
# log_connections = true; # log_connections = true;
# log_destination = lib.mkForce "syslog"; # log_destination = lib.mkForce "syslog";
# log_disconnections = true; # log_disconnections = true;
# log_statement = "all"; # log_statement = "all";
# logging_collector = true; # logging_collector = true;
# }; # };
}; };
}; };
}; };
}; };
} }

View file

@ -2,66 +2,79 @@
# ipp://192.168.2.237 # ipp://192.168.2.237
# Pantum M6500W-Series # Pantum M6500W-Series
{ container, pkgs, lib, config, __findFile, ... } @args: with lib; let {
cfg = config.container.module.print; container,
package = pkgs.callPackage <package/print> args; pkgs,
host = config.container.host; lib,
in { config,
options = { __findFile,
container.module.print = { ...
enable = mkEnableOption "Printing server."; }@args:
address = mkOption { with lib;
default = "10.1.0.46"; let
type = types.str; cfg = config.container.module.print;
}; package = pkgs.callPackage <package/print> args;
port = mkOption { host = config.container.host;
default = 631; in
type = types.int; {
}; options = {
domain = mkOption { container.module.print = {
default = "print.${config.container.domain}"; enable = mkEnableOption "Printing server.";
type = types.str; address = mkOption {
}; default = "10.1.0.46";
storage = mkOption { type = types.str;
default = "${config.container.storage}/print"; };
type = types.str; port = mkOption {
}; default = 631;
}; type = types.int;
}; };
domain = mkOption {
default = "print.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/print";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.print = container.mkContainer cfg { containers.print = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/cups" = { "/var/lib/cups" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
networking.interfaces."eth0".ipv4.routes = [{ { ... }:
address = "192.168.2.237"; container.mkContainerConfig cfg {
prefixLength = 32; networking.interfaces."eth0".ipv4.routes = [
via = host; {
}]; address = "192.168.2.237";
prefixLength = 32;
via = host;
}
];
services.printing = { services.printing = {
enable = true; enable = true;
allowFrom = [ "all" ]; allowFrom = [ "all" ];
browsing = true; browsing = true;
defaultShared = true; defaultShared = true;
drivers = [ package ]; drivers = [ package ];
listenAddresses = [ "${cfg.address}:${toString cfg.port}" ]; listenAddresses = [ "${cfg.address}:${toString cfg.port}" ];
startWhenNeeded = true; startWhenNeeded = true;
stateless = false; stateless = false;
webInterface = true; webInterface = true;
}; };
}; };
}; };
}; };
} }

View file

@ -9,107 +9,119 @@
# ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"; # ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
# ``` # ```
# For certbot to generate new keys: `certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.voronind.com" -d voronind.com` # For certbot to generate new keys: `certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.voronind.com" -d voronind.com`
{ util, container, pkgs, lib, config, ... } @args: with lib; let {
cfg = config.container.module.proxy; util,
virtualHosts = util.catSet (util.ls ./proxy/host) args; container,
in { pkgs,
options = { lib,
container.module.proxy = { config,
enable = mkEnableOption "Proxy server."; ...
address = mkOption { }@args:
default = "10.1.0.2"; with lib;
type = types.str; let
}; cfg = config.container.module.proxy;
port = mkOption { virtualHosts = util.catSet (util.ls ./proxy/host) args;
default = 443; in
type = types.int; {
}; options = {
storage = mkOption { container.module.proxy = {
default = "${config.container.storage}/proxy"; enable = mkEnableOption "Proxy server.";
type = types.str; address = mkOption {
}; default = "10.1.0.2";
}; type = types.str;
}; };
port = mkOption {
default = 443;
type = types.int;
};
storage = mkOption {
default = "${config.container.storage}/proxy";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"challenge" "challenge"
"letsencrypt" "letsencrypt"
]; ];
containers.proxy = container.mkContainer cfg { containers.proxy = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/etc/letsencrypt" = { "/etc/letsencrypt" = {
hostPath = "${cfg.storage}/letsencrypt"; hostPath = "${cfg.storage}/letsencrypt";
isReadOnly = false; isReadOnly = false;
}; };
"/var/www/.well-known" = { "/var/www/.well-known" = {
hostPath = "${cfg.storage}/challenge"; hostPath = "${cfg.storage}/challenge";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
environment.systemPackages = with pkgs; [ certbot ]; { ... }:
container.mkContainerConfig cfg {
environment.systemPackages = with pkgs; [ certbot ];
services.nginx = { services.nginx = {
inherit virtualHosts; inherit virtualHosts;
enable = true; enable = true;
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedProxySettings = true; recommendedProxySettings = true;
clientMaxBodySize = "4096m"; clientMaxBodySize = "4096m";
appendConfig = util.trimTabs '' appendConfig = ''
worker_processes 4; worker_processes 4;
''; '';
eventsConfig = util.trimTabs '' eventsConfig = ''
worker_connections 4096; worker_connections 4096;
''; '';
# TODO: Fix 80 redirect and 403 default. # TODO: Fix 80 redirect and 403 default.
appendHttpConfig = util.trimTabs '' appendHttpConfig = ''
proxy_max_temp_file_size 0; proxy_max_temp_file_size 0;
proxy_buffering off; proxy_buffering off;
server { server {
server_name default_server; server_name default_server;
listen 80; listen 80;
location / { location / {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
} }
map $http_accept_language $resume { map $http_accept_language $resume {
default https://git.${config.container.domain}/voronind/resume/releases/download/latest/VoronindEn.pdf; default https://git.${config.container.domain}/voronind/resume/releases/download/latest/VoronindEn.pdf;
~ru https://git.${config.container.domain}/voronind/resume/releases/download/latest/VoronindRu.pdf; ~ru https://git.${config.container.domain}/voronind/resume/releases/download/latest/VoronindRu.pdf;
} }
server { server {
server_name ${config.container.domain}; server_name ${config.container.domain};
listen 443 ssl; listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
return 301 $resume; return 301 $resume;
} }
server { server {
listen 443 ssl default_server; listen 443 ssl default_server;
server_name _; server_name _;
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
return 403; return 403;
} }
''; '';
}; };
}; };
}; };
}; };
} }

View file

@ -1,48 +1,60 @@
{ container, pkgs, util, lib, config, ... }: with lib; let {
cfg = config.container.module.rabbitmq; container,
in { pkgs,
options = { util,
container.module.rabbitmq = { lib,
enable = mkEnableOption "Mqtt server."; config,
address = mkOption { ...
default = "10.1.0.28"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.rabbitmq;
default = 5672; in
type = types.int; {
}; options = {
storage = mkOption { container.module.rabbitmq = {
default = "${config.container.storage}/rabbitmq"; enable = mkEnableOption "Mqtt server.";
type = types.str; address = mkOption {
}; default = "10.1.0.28";
}; type = types.str;
}; };
port = mkOption {
default = 5672;
type = types.int;
};
storage = mkOption {
default = "${config.container.storage}/rabbitmq";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.rabbitmq = container.mkContainer cfg { containers.rabbitmq = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/rabbitmq" = { "/var/lib/rabbitmq" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.rabbitmq = { { ... }:
enable = true; container.mkContainerConfig cfg {
listenAddress = cfg.address; services.rabbitmq = {
port = cfg.port; enable = true;
dataDir = "/var/lib/rabbitmq"; listenAddress = cfg.address;
configItems = { port = cfg.port;
"loopback_users" = "none"; dataDir = "/var/lib/rabbitmq";
}; configItems = {
}; "loopback_users" = "none";
}; };
}; };
}; };
};
};
} }

View file

@ -1,55 +1,63 @@
{ container, lib, pkgs, config, ... }: with lib; let {
cfg = config.container.module.read; container,
in { lib,
options = { pkgs,
container.module.read = { config,
enable = mkEnableOption "Reading server."; ...
address = mkOption { }:
default = "10.1.0.39"; with lib;
type = types.str; let
}; cfg = config.container.module.read;
port = mkOption { in
default = 5000; {
type = types.int; options = {
}; container.module.read = {
domain = mkOption { enable = mkEnableOption "Reading server.";
default = "read.${config.container.domain}"; address = mkOption {
type = types.str; default = "10.1.0.39";
}; type = types.str;
storage = mkOption { };
default = "${config.container.storage}/read"; port = mkOption {
type = types.str; default = 5000;
}; type = types.int;
}; };
}; domain = mkOption {
default = "read.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/read";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.read = container.mkContainer cfg { containers.read = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/kavita" = { "/var/lib/kavita" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
} } // container.attachMedia "book" true // container.attachMedia "manga" true;
// container.attachMedia "book" true
// container.attachMedia "manga" true
;
config = { ... }: container.mkContainerConfig cfg { config =
services.kavita = { { ... }:
enable = true; container.mkContainerConfig cfg {
dataDir = "/var/lib/kavita"; services.kavita = {
tokenKeyFile = pkgs.writeText "KavitaToken" "xY19aQOa939/Ie6GCRGbubVK8zRwrgBY/20AuyMpYshUjwK1Uyl7bw1yknVh6jJIFIfwq2vAjeotOUq7NEsf9Q=="; enable = true;
settings = { dataDir = "/var/lib/kavita";
IpAddresses = cfg.address; tokenKeyFile = pkgs.writeText "KavitaToken" "xY19aQOa939/Ie6GCRGbubVK8zRwrgBY/20AuyMpYshUjwK1Uyl7bw1yknVh6jJIFIfwq2vAjeotOUq7NEsf9Q==";
Port = cfg.port; settings = {
}; IpAddresses = cfg.address;
}; Port = cfg.port;
}; };
}; };
}; };
};
};
} }

View file

@ -1,31 +1,42 @@
{ container, pkgs, util, lib, config, ... }: with lib; let {
cfg = config.container.module.redis; container,
in { pkgs,
options = { util,
container.module.redis = { lib,
enable = mkEnableOption "Redis server."; config,
address = mkOption { ...
default = "10.1.0.38"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.redis;
default = 6379; in
type = types.int; {
}; options = {
}; container.module.redis = {
}; enable = mkEnableOption "Redis server.";
address = mkOption {
default = "10.1.0.38";
type = types.str;
};
port = mkOption {
default = 6379;
type = types.int;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
containers.redis = container.mkContainer cfg { containers.redis = container.mkContainer cfg {
config = { ... }: container.mkContainerConfig cfg { config =
services.redis.servers.main = { { ... }:
enable = true; container.mkContainerConfig cfg {
port = cfg.port; services.redis.servers.main = {
bind = cfg.address; enable = true;
extraParams = [ "--protected-mode no" ]; port = cfg.port;
}; bind = cfg.address;
}; extraParams = [ "--protected-mode no" ];
}; };
}; };
};
};
} }

View file

@ -1,43 +1,54 @@
{ container, pkgs, lib, config, ... }: with lib; let {
cfg = config.container.module.search; container,
in { pkgs,
options = { lib,
container.module.search = { config,
enable = mkEnableOption "Search frontend."; ...
address = mkOption { }:
default = "10.1.0.26"; with lib;
type = types.str; let
}; cfg = config.container.module.search;
port = mkOption { in
default = 8080; {
type = types.int; options = {
}; container.module.search = {
domain = mkOption { enable = mkEnableOption "Search frontend.";
default = "search.${config.container.domain}"; address = mkOption {
type = types.str; default = "10.1.0.26";
}; type = types.str;
storage = mkOption { };
default = "${config.container.storage}/search"; port = mkOption {
type = types.str; default = 8080;
}; type = types.int;
}; };
}; domain = mkOption {
default = "search.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/search";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
containers.search = container.mkContainer cfg { containers.search = container.mkContainer cfg {
config = { ... }: container.mkContainerConfig cfg { config =
services.searx = { { ... }:
enable = true; container.mkContainerConfig cfg {
package = pkgs.searxng; services.searx = {
settings = { enable = true;
server = { package = pkgs.searxng;
bind_address = cfg.address; settings = {
port = cfg.port; server = {
secret_key = "searxxx"; bind_address = cfg.address;
}; port = cfg.port;
}; secret_key = "searxxx";
}; };
}; };
}; };
}; };
};
};
} }

View file

@ -1,62 +1,71 @@
{ container, lib, config, ... }: with lib; let {
cfg = config.container.module.status; container,
in { lib,
options = { config,
container.module.status = { ...
enable = mkEnableOption "Status monitor."; }:
address = mkOption { with lib;
default = "10.1.0.22"; let
type = types.str; cfg = config.container.module.status;
}; in
port = mkOption { {
default = 3001; options = {
type = types.int; container.module.status = {
}; enable = mkEnableOption "Status monitor.";
domain = mkOption { address = mkOption {
default = "status.${config.container.domain}"; default = "10.1.0.22";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/status"; default = 3001;
type = types.str; type = types.int;
}; };
}; domain = mkOption {
}; default = "status.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/status";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.status = container.mkContainer cfg { containers.status = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/uptime-kuma" = { "/var/lib/uptime-kuma" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { lib, ... }: container.mkContainerConfig cfg { config =
networking = { { lib, ... }:
nameservers = mkForce [ container.mkContainerConfig cfg {
config.container.module.dns.address networking = {
]; nameservers = mkForce [
}; config.container.module.dns.address
];
};
services.uptime-kuma = { services.uptime-kuma = {
enable = true; enable = true;
settings = { settings = {
DATA_DIR = "/var/lib/uptime-kuma/"; DATA_DIR = "/var/lib/uptime-kuma/";
HOST = cfg.address; HOST = cfg.address;
PORT = toString cfg.port; PORT = toString cfg.port;
}; };
}; };
systemd.services.uptime-kuma = { systemd.services.uptime-kuma = {
serviceConfig.DynamicUser = mkForce false; serviceConfig.DynamicUser = mkForce false;
}; };
}; };
}; };
}; };
} }

View file

@ -1,57 +1,67 @@
{ container, lib, config, ... }: with lib; let {
cfg = config.container.module.stock; container,
in { lib,
options = { config,
container.module.stock = { ...
enable = mkEnableOption "Stock management."; }:
address = mkOption { with lib;
default = "10.1.0.45"; let
type = types.str; cfg = config.container.module.stock;
}; in
port = mkOption { {
default = 80; options = {
type = types.int; container.module.stock = {
}; enable = mkEnableOption "Stock management.";
domain = mkOption { address = mkOption {
default = "stock.${config.container.domain}"; default = "10.1.0.45";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/stock"; default = 80;
type = types.str; type = types.int;
}; };
}; domain = mkOption {
}; default = "stock.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/stock";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
]; ];
containers.stock = container.mkContainer cfg { containers.stock = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/grocy" = { "/var/lib/grocy" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
services.grocy = { { ... }:
enable = true; container.mkContainerConfig cfg {
dataDir = "/var/lib/grocy"; services.grocy = {
hostName = cfg.domain; enable = true;
nginx.enableSSL = false; dataDir = "/var/lib/grocy";
settings = { hostName = cfg.domain;
calendar = { nginx.enableSSL = false;
firstDayOfWeek = 1; settings = {
showWeekNumber = true; calendar = {
}; firstDayOfWeek = 1;
culture = "en"; showWeekNumber = true;
currency = "RUB"; };
}; culture = "en";
}; currency = "RUB";
}; };
}; };
}; };
};
};
} }

View file

@ -1,88 +1,100 @@
{ container, pkgs, lib, config, ... }: with lib; let {
cfg = config.container.module.vpn; container,
pkgs,
lib,
config,
...
}:
with lib;
let
cfg = config.container.module.vpn;
wireguardPeers = let wireguardPeers =
mkPeer = name: ip: PublicKey: { let
inherit PublicKey; mkPeer = name: ip: PublicKey: {
PresharedKeyFile = "/var/lib/wireguard/preshared/${name}"; inherit PublicKey;
AllowedIPs = [ "${ip}/32" ]; PresharedKeyFile = "/var/lib/wireguard/preshared/${name}";
}; AllowedIPs = [ "${ip}/32" ];
in [ };
(mkPeer "dashaphone" "10.1.1.3" "O/3y8+QKEY8UoLVlmbc8xdhs248L4wtQcl1MsBBfoQo=") in
(mkPeer "laptop" "10.1.1.9" "xxoCNPSB86zs8L8p+wXhqaIwpNDkiZu1Yjv8sj8XhgY=") [
(mkPeer "phone" "10.1.1.5" "bFmFisMqbDpIrAg3o/GiRl9XhceZEVnZtkegZDTL4yg=") (mkPeer "dashaphone" "10.1.1.3" "O/3y8+QKEY8UoLVlmbc8xdhs248L4wtQcl1MsBBfoQo=")
(mkPeer "tablet" "10.1.1.6" "BdslswVc9OgUpEhJd0sugDBmYw44DiS0FbUPT5EjOG0=") (mkPeer "laptop" "10.1.1.9" "xxoCNPSB86zs8L8p+wXhqaIwpNDkiZu1Yjv8sj8XhgY=")
(mkPeer "work" "10.1.1.2" "Pk0AASSInKO9O8RaQEmm1uNrl0cwWTJDcT8rLn7PSA0=") (mkPeer "phone" "10.1.1.5" "bFmFisMqbDpIrAg3o/GiRl9XhceZEVnZtkegZDTL4yg=")
]; (mkPeer "tablet" "10.1.1.6" "BdslswVc9OgUpEhJd0sugDBmYw44DiS0FbUPT5EjOG0=")
in { (mkPeer "work" "10.1.1.2" "Pk0AASSInKO9O8RaQEmm1uNrl0cwWTJDcT8rLn7PSA0=")
options = { ];
container.module.vpn = { in
enable = mkEnableOption "Vpn server."; {
address = mkOption { options = {
default = "10.1.0.23"; container.module.vpn = {
type = types.str; enable = mkEnableOption "Vpn server.";
}; address = mkOption {
port = mkOption { default = "10.1.0.23";
default = 51820; type = types.str;
type = types.int; };
}; port = mkOption {
storage = mkOption { default = 51820;
default = "${config.container.storage}/vpn"; type = types.int;
type = types.str; };
}; storage = mkOption {
}; default = "${config.container.storage}/vpn";
}; type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
"data/preshared" "data/preshared"
]; ];
containers.vpn = container.mkContainer cfg { containers.vpn = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/var/lib/wireguard" = { "/var/lib/wireguard" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { ... }: container.mkContainerConfig cfg { config =
boot.kernel.sysctl = { { ... }:
"net.ipv4.conf.all.src_valid_mark" = 1; container.mkContainerConfig cfg {
"net.ipv4.ip_forward" = 1; boot.kernel.sysctl = {
}; "net.ipv4.conf.all.src_valid_mark" = 1;
"net.ipv4.ip_forward" = 1;
};
environment.systemPackages = with pkgs; [ wireguard-tools ]; environment.systemPackages = with pkgs; [ wireguard-tools ];
networking.useNetworkd = true; networking.useNetworkd = true;
systemd.network = { systemd.network = {
enable = true; enable = true;
netdevs = { netdevs = {
"50-wg0" = { "50-wg0" = {
netdevConfig = { netdevConfig = {
Kind = "wireguard"; Kind = "wireguard";
MTUBytes = "1300"; MTUBytes = "1300";
Name = "wg0"; Name = "wg0";
}; };
wireguardConfig = { wireguardConfig = {
PrivateKeyFile = "/var/lib/wireguard/privkey"; PrivateKeyFile = "/var/lib/wireguard/privkey";
ListenPort = cfg.port; ListenPort = cfg.port;
}; };
inherit wireguardPeers; inherit wireguardPeers;
}; };
}; };
networks.wg0 = { networks.wg0 = {
matchConfig.Name = "wg0"; matchConfig.Name = "wg0";
address = ["10.1.1.0/24"]; address = [ "10.1.1.0/24" ];
networkConfig = { networkConfig = {
IPv4Forwarding = "yes"; IPv4Forwarding = "yes";
IPMasquerade = "ipv4"; IPMasquerade = "ipv4";
}; };
}; };
}; };
}; };
}; };
}; };
} }

View file

@ -1,86 +1,96 @@
{ container, lib, config, ... }: with lib; let {
cfg = config.container.module.watch; container,
in { lib,
options = { config,
container.module.watch = { ...
enable = mkEnableOption "Media server."; }:
address = mkOption { with lib;
default = "10.1.0.11"; let
type = types.str; cfg = config.container.module.watch;
}; in
port = mkOption { {
default = 8096; options = {
type = types.int; container.module.watch = {
}; enable = mkEnableOption "Media server.";
domain = mkOption { address = mkOption {
default = "watch.${config.container.domain}"; default = "10.1.0.11";
type = types.str; type = types.str;
}; };
storage = mkOption { port = mkOption {
default = "${config.container.storage}/watch"; default = 8096;
type = types.str; type = types.int;
}; };
memLimit = mkOption { domain = mkOption {
default = "8G"; default = "watch.${config.container.domain}";
type = types.str; type = types.str;
}; };
}; storage = mkOption {
}; default = "${config.container.storage}/watch";
type = types.str;
};
memLimit = mkOption {
default = "8G";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = container.mkContainerDir cfg [ systemd.tmpfiles.rules = container.mkContainerDir cfg [
"data" "data"
"cache" "cache"
]; ];
containers.watch = container.mkContainer cfg { containers.watch = container.mkContainer cfg {
bindMounts = { bindMounts =
"/var/lib/jellyfin" = { {
hostPath = "${cfg.storage}/data"; "/var/lib/jellyfin" = {
isReadOnly = false; hostPath = "${cfg.storage}/data";
}; isReadOnly = false;
"/var/cache/jellyfin" = { };
hostPath = "${cfg.storage}/cache"; "/var/cache/jellyfin" = {
isReadOnly = false; hostPath = "${cfg.storage}/cache";
}; isReadOnly = false;
"/dev/dri" = { };
hostPath = "/dev/dri"; "/dev/dri" = {
isReadOnly = false; hostPath = "/dev/dri";
}; isReadOnly = false;
} };
// container.attachMedia "anime" true }
// container.attachMedia "download" true // container.attachMedia "anime" true
// container.attachMedia "movie" true // container.attachMedia "download" true
// container.attachMedia "music" true // container.attachMedia "movie" true
// container.attachMedia "photo" true // container.attachMedia "music" true
// container.attachMedia "porn" true // container.attachMedia "photo" true
// container.attachMedia "show" true // container.attachMedia "porn" true
// container.attachMedia "study" true // container.attachMedia "show" true
// container.attachMedia "work" true // container.attachMedia "study" true
// container.attachMedia "youtube" true // container.attachMedia "work" true
; // container.attachMedia "youtube" true;
allowedDevices = [ allowedDevices = [
{ {
modifier = "rwm"; modifier = "rwm";
node = "/dev/dri/renderD128"; node = "/dev/dri/renderD128";
} }
]; ];
config = { ... }: container.mkContainerConfig cfg { config =
# users.users.jellyfin.extraGroups = [ { ... }:
# "video" container.mkContainerConfig cfg {
# "render" # users.users.jellyfin.extraGroups = [
# ]; # "video"
# "render"
# ];
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
cacheDir = "/var/cache/jellyfin"; cacheDir = "/var/cache/jellyfin";
dataDir = "/var/lib/jellyfin"; dataDir = "/var/lib/jellyfin";
}; };
systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit; systemd.services.jellyfin.serviceConfig.MemoryLimit = cfg.memLimit;
}; };
}; };
}; };
} }

View file

@ -1,52 +1,64 @@
{ container, pkgs, lib, config, __findFile, ... }: with lib; let {
cfg = config.container.module.yt; container,
in { pkgs,
options = { lib,
container.module.yt = { config,
enable = mkEnableOption "YouTube frontend."; __findFile,
address = mkOption { ...
default = "10.1.0.19"; }:
type = types.str; with lib;
}; let
port = mkOption { cfg = config.container.module.yt;
default = 3000; in
type = types.int; {
}; options = {
domain = mkOption { container.module.yt = {
default = "yt.${config.container.domain}"; enable = mkEnableOption "YouTube frontend.";
type = types.str; address = mkOption {
}; default = "10.1.0.19";
storage = mkOption { type = types.str;
default = "${config.container.storage}/yt"; };
type = types.str; port = mkOption {
}; default = 3000;
}; type = types.int;
}; };
domain = mkOption {
default = "yt.${config.container.domain}";
type = types.str;
};
storage = mkOption {
default = "${config.container.storage}/yt";
type = types.str;
};
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
containers.yt = container.mkContainer cfg { containers.yt = container.mkContainer cfg {
config = { ... }: container.mkContainerConfig cfg { config =
services.invidious = { { ... }:
enable = true; container.mkContainerConfig cfg {
domain = cfg.domain; services.invidious = {
port = cfg.port; enable = true;
nginx.enable = false; domain = cfg.domain;
database = { port = cfg.port;
port = config.container.module.postgres.port; nginx.enable = false;
host = config.container.module.postgres.address; database = {
createLocally = false; port = config.container.module.postgres.port;
passwordFile = "${pkgs.writeText "InvidiousDbPassword" "invidious"}"; host = config.container.module.postgres.address;
}; createLocally = false;
settings = { passwordFile = "${pkgs.writeText "InvidiousDbPassword" "invidious"}";
admins = [ "root" ]; };
captcha_enabled = false; settings = {
check_tables = true; admins = [ "root" ];
registration_enabled = false; captcha_enabled = false;
external_port = 443; check_tables = true;
https_only = true; registration_enabled = false;
}; external_port = 443;
}; https_only = true;
}; };
}; };
}; };
};
};
} }

View file

@ -1,58 +1,61 @@
{ lib, config, ... }: with lib; let { lib, config, ... }:
cfg = config.container; with lib;
in { let
options = { cfg = config.container;
container = { in
enable = mkEnableOption "Containers!!"; {
options = {
container = {
enable = mkEnableOption "Containers!!";
autoStart = mkOption { autoStart = mkOption {
default = false; default = false;
type = types.bool; type = types.bool;
}; };
host = mkOption { host = mkOption {
default = "0.0.0.0"; default = "0.0.0.0";
type = types.str; type = types.str;
}; };
localAccess = mkOption { localAccess = mkOption {
default = "0.0.0.0"; default = "0.0.0.0";
type = types.str; type = types.str;
}; };
storage = mkOption { storage = mkOption {
default = "/tmp/container"; default = "/tmp/container";
type = types.str; type = types.str;
}; };
domain = mkOption { domain = mkOption {
default = "local"; default = "local";
type = types.str; type = types.str;
}; };
interface = mkOption { interface = mkOption {
default = "lo"; default = "lo";
type = types.str; type = types.str;
}; };
media = mkOption { media = mkOption {
default = {}; default = { };
type = types.attrs; type = types.attrs;
}; };
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# This is the network for all the containers. # This is the network for all the containers.
# They are not available to the external interface by default, # They are not available to the external interface by default,
# instead they all expose specific ports in their configuration. # instead they all expose specific ports in their configuration.
networking = { networking = {
nat = { nat = {
enable = true; enable = true;
internalInterfaces = [ "ve-+" ]; internalInterfaces = [ "ve-+" ];
externalInterface = config.container.interface; externalInterface = config.container.interface;
}; };
networkmanager.unmanaged = [ "interface-name:ve-*" ]; networkmanager.unmanaged = [ "interface-name:ve-*" ];
}; };
}; };
} }

View file

@ -1,25 +1,31 @@
{ util, config, lib, container, ... }: let {
domain = "camera.${config.container.domain}"; config,
address = "192.168.2.249"; container,
port = 554; ...
in { }:
${domain} = container.mkServer { let
extraConfig = util.trimTabs '' domain = "camera.${config.container.domain}";
listen 443 ssl; address = "192.168.2.249";
port = 554;
in
{
${domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
return 301 rtsp://${address}:${toString port}/live/main; return 301 rtsp://${address}:${toString port}/live/main;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,28 +1,30 @@
{ util, config, container, ... }: let { config, container, ... }:
cfg = config.container.module.change; let
name = "change"; cfg = config.container.module.change;
in { name = "change";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
add_header Referrer-Policy 'origin'; add_header Referrer-Policy 'origin';
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,30 +1,31 @@
{ util, config, container, ... }: let { config, container, ... }:
cfg = config.container.module.cloud; let
name = "cloud"; cfg = config.container.module.cloud;
in { name = "cloud";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location ~ ^/(settings/admin|settings/users|settings/apps|login|api) { location ~ ^/(settings/admin|settings/users|settings/apps|login|api) {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
location / { location / {
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, config, container, ... }: let { config, container, ... }:
cfg = config.container.module.download; let
name = "download"; cfg = config.container.module.download;
in { name = "download";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,33 +1,35 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.git; let
name = "git"; cfg = config.container.module.git;
in { name = "git";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location ~ ^/(admin|api|user) { location ~ ^/(admin|api|user) {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
location / { location / {
# allow ${config.container.localAccess}; # allow ${config.container.localAccess};
# allow ${config.container.module.status.address}; # allow ${config.container.module.status.address};
# allow ${config.container.module.vpn.address}; # allow ${config.container.module.vpn.address};
# allow ${config.container.module.frkn.address}; # allow ${config.container.module.frkn.address};
# deny all; # deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,31 @@
{ util, container, config, ... }: let {
cfg = config.container.module.hdd; container,
name = "hdd"; config,
in { ...
${cfg.domain} = container.mkServer { }:
extraConfig = util.trimTabs '' let
listen 443 ssl; cfg = config.container.module.hdd;
set ''$${name} ${cfg.address}:${toString cfg.port}; name = "hdd";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,31 @@
{ util, config, container, ... }: let {
cfg = config.container.module.home; config,
name = "home"; container,
in { ...
${cfg.domain} = container.mkServer { }:
extraConfig = util.trimTabs '' let
listen 443 ssl; cfg = config.container.module.home;
set ''$${name} ${cfg.address}:${toString cfg.port}; name = "home";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,32 +1,38 @@
{ util, container, config, ... }: let {
cfg = config.container.module.iot; container,
name = "iot"; config,
in { ...
${cfg.domain} = container.mkServer { }:
extraConfig = util.trimTabs '' let
listen 443 ssl; cfg = config.container.module.iot;
set ''$${name} ${cfg.address}:${toString cfg.port}; name = "iot";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.mail; let
name = "mail"; cfg = config.container.module.mail;
in { name = "mail";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,26 +1,28 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.office; let
name = "office"; cfg = config.container.module.office;
in { name = "office";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
# allow ${config.container.localAccess}; # allow ${config.container.localAccess};
# allow ${config.container.module.status.address}; # allow ${config.container.module.status.address};
# allow ${config.container.module.vpn.address}; # allow ${config.container.module.vpn.address};
# allow ${config.container.module.frkn.address}; # allow ${config.container.module.frkn.address};
# deny all; # deny all;
add_header X-Forwarded-Proto https; add_header X-Forwarded-Proto https;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.paper; let
name = "paper"; cfg = config.container.module.paper;
in { name = "paper";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.pass; let
name = "pass"; cfg = config.container.module.pass;
in { name = "pass";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,24 +1,26 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.paste; let
name = "paste"; cfg = config.container.module.paste;
in { name = "paste";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location = / { location = / {
return 403; return 403;
} }
location / { location / {
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,30 +1,32 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.print; let
name = "print"; cfg = config.container.module.print;
in { name = "print";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
proxy_set_header Host "127.0.0.1"; proxy_set_header Host "127.0.0.1";
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,27 +1,29 @@
{ util, container, config, ... }: let { container, config, ... }:
address = "192.168.2.237"; let
domain = "printer.${config.container.domain}"; address = "192.168.2.237";
port = 80; domain = "printer.${config.container.domain}";
name = "printer"; port = 80;
in { name = "printer";
${domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${domain} = container.mkServer {
set ''$${name} ${address}:${toString port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${address}:${toString port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.read; let
name = "read"; cfg = config.container.module.read;
in { name = "read";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,28 +1,29 @@
{ util, container, config, ... }: let { container, config, ... }:
address = "10.0.0.2"; let
domain = "router.${config.container.domain}"; address = "10.0.0.2";
port = 80; domain = "router.${config.container.domain}";
name = "router"; port = 80;
in { name = "router";
${domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${domain} = container.mkServer {
set ''$${name} ${address}:${toString port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${address}:${toString port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,31 @@
{ util, container, config, ... }: let {
cfg = config.container.module.search; container,
name = "search"; config,
in { ...
${cfg.domain} = container.mkServer { }:
extraConfig = util.trimTabs '' let
listen 443 ssl; cfg = config.container.module.search;
set ''$${name} ${cfg.address}:${toString cfg.port}; name = "search";
in
{
${cfg.domain} = container.mkServer {
extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,32 +1,34 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.status; let
name = "sstatus"; cfg = config.container.module.status;
in { name = "sstatus";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location ~ ^/(dashboard|settings) { location ~ ^/(dashboard|settings) {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.stock; let
name = "stock"; cfg = config.container.module.stock;
in { name = "stock";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,25 +1,27 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.watch; let
name = "watch"; cfg = config.container.module.watch;
in { name = "watch";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

View file

@ -1,35 +1,37 @@
{ util, container, config, ... }: let { container, config, ... }:
cfg = config.container.module.yt; let
name = "yt"; cfg = config.container.module.yt;
in { name = "yt";
${cfg.domain} = container.mkServer { in
extraConfig = util.trimTabs '' {
listen 443 ssl; ${cfg.domain} = container.mkServer {
set ''$${name} ${cfg.address}:${toString cfg.port}; extraConfig = ''
listen 443 ssl;
set ''$${name} ${cfg.address}:${toString cfg.port};
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.frkn.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Connection ""; proxy_set_header Connection "";
proxy_hide_header Content-Security-Policy; proxy_hide_header Content-Security-Policy;
proxy_hide_header X-Frame-Options; proxy_hide_header X-Frame-Options;
proxy_hide_header X-Content-Type-Options; proxy_hide_header X-Content-Type-Options;
} }
ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/${config.container.domain}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/${config.container.domain}/privkey.pem;
include /etc/letsencrypt/conf/options-ssl-nginx.conf; include /etc/letsencrypt/conf/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem;
''; '';
}; };
} }

623
flake.nix
View file

@ -1,328 +1,373 @@
# This is a configuration entry-point called "Flake". # This is a configuration entry-point called "Flake".
# Here you define your inputs (dependencies) and outputs (hosts). # Here you define your inputs (dependencies) and outputs (hosts).
{ {
# Those are external dependencies. # Those are external dependencies.
inputs = { inputs = {
# Core system. # Core system.
# Homepage: https://github.com/NixOS/nixpkgs # Homepage: https://github.com/NixOS/nixpkgs
# Manual: https://nixos.org/manual/nixos/stable # Manual: https://nixos.org/manual/nixos/stable
# Search: https://search.nixos.org/packages and https://search.nixos.org/options # Search: https://search.nixos.org/packages and https://search.nixos.org/options
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgsStable.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgsStable.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgsMaster.url = "github:nixos/nixpkgs/master"; nixpkgsMaster.url = "github:nixos/nixpkgs/master";
# This thing manages user's /home directroies. Because NixOS only manages system itself. # This thing manages user's /home directroies. Because NixOS only manages system itself.
# Homepage: https://github.com/nix-community/home-manager # Homepage: https://github.com/nix-community/home-manager
# Manual: https://nix-community.github.io/home-manager # Manual: https://nix-community.github.io/home-manager
# Search: https://home-manager-options.extranix.com # Search: https://home-manager-options.extranix.com
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
# This means that home-manager and our Flake both depend on the same nixpkgs version. # This means that home-manager and our Flake both depend on the same nixpkgs version.
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# This allows automatic styling based on active Wallpaper. # This allows automatic styling based on active Wallpaper.
# Homepage: https://github.com/danth/stylix # Homepage: https://github.com/danth/stylix
# Manual: https://danth.github.io/stylix # Manual: https://danth.github.io/stylix
stylix.url = "github:danth/stylix"; stylix.url = "github:danth/stylix";
# I use this for a single container called jobber. WARN: Do not update. # I use this for a single container called jobber. WARN: Do not update.
# You likely won't need this one, so just skip it for now. # You likely won't need this one, so just skip it for now.
poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95"; poetry2nixJobber.url = "github:nix-community/poetry2nix/304f8235fb0729fd48567af34fcd1b58d18f9b95";
nixpkgsJobber.url = "github:nixos/nixpkgs/051f920625ab5aabe37c920346e3e69d7d34400e"; nixpkgsJobber.url = "github:nixos/nixpkgs/051f920625ab5aabe37c920346e3e69d7d34400e";
# Nix on Android (inside Termux). It has no NixOS modules, but still allows the use of Nixpkgs arm packages with Home-Manager configurations. # Nix on Android (inside Termux). It has no NixOS modules, but still allows the use of Nixpkgs arm packages with Home-Manager configurations.
# Homepage: https://github.com/nix-community/nix-on-droid # Homepage: https://github.com/nix-community/nix-on-droid
# Manual: https://github.com/nix-community/nix-on-droid/blob/master/README.md # Manual: https://github.com/nix-community/nix-on-droid/blob/master/README.md
nix-on-droid = { nix-on-droid = {
url = "github:t184256/nix-on-droid/release-23.11"; url = "github:t184256/nix-on-droid/release-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager"; inputs.home-manager.follows = "home-manager";
}; };
# Those are Nvim plugins. I do not use package managers like Packer or Lazy, instead I use Nix to download them and later configure in [Neovim module](module/common/Nvim.nix). # Those are Nvim plugins. I do not use package managers like Packer or Lazy, instead I use Nix to download them and later configure in [Neovim module](module/common/Nvim.nix).
nvimAlign = { nvimAlign = {
url = "github:echasnovski/mini.align"; url = "github:echasnovski/mini.align";
flake = false; flake = false;
}; };
nvimAutoclose = { nvimAutoclose = {
url = "github:m4xshen/autoclose.nvim"; url = "github:m4xshen/autoclose.nvim";
flake = false; flake = false;
}; };
nvimBufferline = { nvimBufferline = {
url = "github:akinsho/bufferline.nvim"; url = "github:akinsho/bufferline.nvim";
flake = false; flake = false;
}; };
nvimCloseBuffers = { nvimCloseBuffers = {
url = "github:kazhala/close-buffers.nvim"; url = "github:kazhala/close-buffers.nvim";
flake = false; flake = false;
}; };
nvimColorizer = { nvimColorizer = {
url = "github:brenoprata10/nvim-highlight-colors"; url = "github:brenoprata10/nvim-highlight-colors";
flake = false; flake = false;
}; };
nvimDevicons = { nvimDevicons = {
url = "github:nvim-tree/nvim-web-devicons"; url = "github:nvim-tree/nvim-web-devicons";
flake = false; flake = false;
}; };
nvimGitsigns = { nvimGitsigns = {
url = "github:lewis6991/gitsigns.nvim"; url = "github:lewis6991/gitsigns.nvim";
flake = false; flake = false;
}; };
nvimGruvboxMaterial = { nvimGruvboxMaterial = {
url = "github:sainnhe/gruvbox-material"; url = "github:sainnhe/gruvbox-material";
flake = false; flake = false;
}; };
nvimIndentoMatic = { nvimIndentoMatic = {
url = "github:Darazaki/indent-o-matic"; url = "github:Darazaki/indent-o-matic";
flake = false; flake = false;
}; };
nvimLspconfig = { nvimLspconfig = {
url = "github:neovim/nvim-lspconfig"; url = "github:neovim/nvim-lspconfig";
flake = false; flake = false;
}; };
nvimOllama = { nvimOllama = {
url = "github:nomnivore/ollama.nvim"; url = "github:nomnivore/ollama.nvim";
flake = false; flake = false;
}; };
nvimPlenary = { nvimPlenary = {
url = "github:nvim-lua/plenary.nvim"; url = "github:nvim-lua/plenary.nvim";
flake = false; flake = false;
}; };
nvimTelescope = { nvimTelescope = {
url = "github:nvim-telescope/telescope.nvim"; url = "github:nvim-telescope/telescope.nvim";
flake = false; flake = false;
}; };
nvimTodo = { nvimTodo = {
url = "github:folke/todo-comments.nvim"; url = "github:folke/todo-comments.nvim";
flake = false; flake = false;
}; };
nvimTree = { nvimTree = {
url = "github:nvim-tree/nvim-tree.lua"; url = "github:nvim-tree/nvim-tree.lua";
flake = false; flake = false;
}; };
nvimTreesitter = { nvimTreesitter = {
url = "github:nvim-treesitter/nvim-treesitter"; url = "github:nvim-treesitter/nvim-treesitter";
flake = false; flake = false;
}; };
nvimTrouble = { nvimTrouble = {
url = "github:folke/trouble.nvim"; url = "github:folke/trouble.nvim";
flake = false; flake = false;
}; };
}; };
# Those are outputs (hosts, configurations) that can be produced by this whole config. # Those are outputs (hosts, configurations) that can be produced by this whole config.
# Here you see a set of inputs we defined above, like nixpkgs, home-manager and so on. # Here you see a set of inputs we defined above, like nixpkgs, home-manager and so on.
# `...` at the end of a set means "ignore other arguments provided to this function". # `...` at the end of a set means "ignore other arguments provided to this function".
# @inputs means aliasing all the inputs to the `inputs` name, so we can pass them all at once later. # @inputs means aliasing all the inputs to the `inputs` name, so we can pass them all at once later.
outputs = { self, nixpkgs, nixpkgsStable, nixpkgsMaster, nix-on-droid, home-manager, stylix, poetry2nixJobber, nixpkgsJobber, ... } @inputs: { outputs =
# Constant values. {
const = { self,
droidStateVersion = "23.11"; nixpkgs,
stateVersion = "24.05"; nixpkgsStable,
timeZone = "Europe/Moscow"; nixpkgsMaster,
url = "https://git.voronind.com/voronind/nix.git"; nix-on-droid,
}; home-manager,
stylix,
poetry2nixJobber,
nixpkgsJobber,
...
}@inputs:
{
# Constant values.
const = {
droidStateVersion = "23.11";
stateVersion = "24.05";
timeZone = "Europe/Moscow";
url = "https://git.voronind.com/voronind/nix.git";
};
# Hack to use <container/Change.nix> in other files. # Hack to use <container/Change.nix> in other files.
# Need to add __findFile to args tho. # Need to add __findFile to args tho.
__findFile = _: p: ./${p}; __findFile = _: p: ./${p};
# List all files in a dir. # List all files in a dir.
findFiles = path: map (f: "${path}/${f}") ( findFiles =
builtins.filter (i: builtins.readFileType "${path}/${i}" == "regular") ( path:
builtins.attrNames (builtins.readDir path) map (f: "${path}/${f}") (
) builtins.filter (i: builtins.readFileType "${path}/${i}" == "regular") (
); builtins.attrNames (builtins.readDir path)
)
);
# Dev shell for this repo. # Dev shell for this repo.
devShells = let devShells =
system = "x86_64-linux"; let
lib = nixpkgs.lib; system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system}; lib = nixpkgs.lib;
in { pkgs = nixpkgs.legacyPackages.${system};
${system}.default = pkgs.mkShell { in
nativeBuildInputs = with pkgs; [ {
nixd ${system}.default = pkgs.mkShell {
]; nativeBuildInputs = with pkgs; [
# buildInputs = with pkgs; [ ]; nixd
nixfmt-rfc-style
treefmt
];
# buildInputs = with pkgs; [ ];
# LD_LIBRARY_PATH = "${lib.makeLibraryPath buildInputs}"; # LD_LIBRARY_PATH = "${lib.makeLibraryPath buildInputs}";
# SOURCE_DATE_EPOCH = "${toString self.lastModified}"; # SOURCE_DATE_EPOCH = "${toString self.lastModified}";
}; };
}; };
# Nixos systems. # Nixos systems.
nixosConfigurations = let nixosConfigurations =
# Function to create a host. It does basic setup, like adding common modules. let
mkHost = { system, hostname }: nixpkgs.lib.nixosSystem { # Function to create a host. It does basic setup, like adding common modules.
# `Inherit` is just an alias for `system = system;`, which means that mkHost =
# keep the `system` argument as a property in a resulting set. { system, hostname }:
inherit system; nixpkgs.lib.nixosSystem {
# `Inherit` is just an alias for `system = system;`, which means that
# keep the `system` argument as a property in a resulting set.
inherit system;
# List of modules to use by defualt for all the hosts. # List of modules to use by defualt for all the hosts.
modules = [ modules =
# Make a device hostname match the one from this config. [
{ networking.hostName = hostname; } # Make a device hostname match the one from this config.
{ networking.hostName = hostname; }
# Specify current release version. # Specify current release version.
{ system.stateVersion = self.const.stateVersion; } { system.stateVersion = self.const.stateVersion; }
# Add Home Manager module. # Add Home Manager module.
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
# Add Stylix module. # Add Stylix module.
stylix.nixosModules.stylix stylix.nixosModules.stylix
# HM config. # HM config.
./home/NixOs.nix ./home/NixOs.nix
] ]
++ (self.findFiles ./host/${system}/${hostname}) ++ (self.findFiles ./host/${system}/${hostname})
++ (self.findFiles ./config) ++ (self.findFiles ./config)
++ (self.findFiles ./container) ++ (self.findFiles ./container)
++ (self.findFiles ./module) ++ (self.findFiles ./module)
++ (self.findFiles ./system) ++ (self.findFiles ./system)
++ (self.findFiles ./overlay); ++ (self.findFiles ./overlay);
# SpecialArgs allows you to pass objects down to other NixOS modules. # SpecialArgs allows you to pass objects down to other NixOS modules.
specialArgs = let specialArgs =
pkgs = nixpkgs.legacyPackages.${system}.pkgs; let
lib = nixpkgs.lib; pkgs = nixpkgs.legacyPackages.${system}.pkgs;
config = self.nixosConfigurations.${hostname}.config; lib = nixpkgs.lib;
in { config = self.nixosConfigurations.${hostname}.config;
inherit inputs self; in
inherit (self) const __findFile; {
inherit inputs self;
inherit (self) const __findFile;
pkgsJobber = nixpkgsJobber.legacyPackages.${system}.pkgs; pkgsJobber = nixpkgsJobber.legacyPackages.${system}.pkgs;
pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs; pkgsStable = nixpkgsStable.legacyPackages.${system}.pkgs;
pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs; pkgsMaster = nixpkgsMaster.legacyPackages.${system}.pkgs;
secret = import ./secret {}; # Secrets (public keys). secret = import ./secret { }; # Secrets (public keys).
container = import ./lib/Container.nix { inherit lib pkgs config; inherit (self) const; }; # Container utils. container = import ./lib/Container.nix {
util = import ./lib/Util.nix { inherit lib; }; # Util functions. inherit lib pkgs config;
inherit (self) const;
}; # Container utils.
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
# Stuff for Jobber container, skip this part. # Stuff for Jobber container, skip this part.
inherit poetry2nixJobber; inherit poetry2nixJobber;
}; };
}; };
mkSystem = system: hostname: { mkSystem = system: hostname: {
"${hostname}" = mkHost { "${hostname}" = mkHost {
inherit system hostname; inherit system hostname;
}; };
}; };
in nixpkgs.lib.foldl' (acc: h: acc // h) {} ( in
map (system: nixpkgs.lib.foldl' (acc: h: acc // h) { } (
nixpkgs.lib.foldl' (acc: h: acc // h) {} ( map (
map (host: system:
mkSystem system host nixpkgs.lib.foldl' (acc: h: acc // h) { } (
) (builtins.attrNames (builtins.readDir ./host/${system})) map (host: mkSystem system host) (builtins.attrNames (builtins.readDir ./host/${system}))
) )
) (builtins.attrNames (builtins.readDir ./host)) ) (builtins.attrNames (builtins.readDir ./host))
); );
# Home manager (distro-independent).
# Install nix: sh <(curl -L https://nixos.org/nix/install) --no-daemon
# Or with --daemon for multi-user (as root).
# $ nix run home-manager/master -- init --switch
# $ nix shell '<home-manager>' -A install
# Add to /etc/nix/nix.conf > experimental-features = nix-command flakes
# And then # systemctl restart nix-daemon.service
# $ home-manager switch --flake ~/hmconf
homeConfigurations =
let
lib = nixpkgs.lib;
secret = import ./secret { };
util = import ./lib/Util.nix { inherit lib; };
# Home manager (distro-independent). mkCommonHome =
# Install nix: sh <(curl -L https://nixos.org/nix/install) --no-daemon username: homeDirectory: system: modules:
# Or with --daemon for multi-user (as root). let
# $ nix run home-manager/master -- init --switch pkgs = nixpkgs.legacyPackages.${system};
# $ nix shell '<home-manager>' -A install pkgsStable = nixpkgsStable.legacyPackages.${system};
# Add to /etc/nix/nix.conf > experimental-features = nix-command flakes pkgsMaster = nixpkgsMaster.legacyPackages.${system};
# And then # systemctl restart nix-daemon.service in
# $ home-manager switch --flake ~/hmconf {
homeConfigurations = let ${username} = home-manager.lib.homeManagerConfiguration {
lib = nixpkgs.lib; inherit pkgs;
secret = import ./secret {};
util = import ./lib/Util.nix { inherit lib; };
mkCommonHome = username: homeDirectory: system: modules: let extraSpecialArgs = {
pkgs = nixpkgs.legacyPackages.${system}; inherit
pkgsStable = nixpkgsStable.legacyPackages.${system}; self
pkgsMaster = nixpkgsMaster.legacyPackages.${system}; inputs
in { secret
${username} = home-manager.lib.homeManagerConfiguration { util
inherit pkgs; pkgs
pkgsStable
pkgsMaster
;
inherit (self) const __findFile;
};
modules = [
./home/HomeManager.nix
{
home.hm = {
inherit username homeDirectory;
enable = true;
package = {
core.enable = true;
};
};
}
extraSpecialArgs = { { nixpkgs.config.allowUnfree = true; }
inherit self inputs secret util pkgs pkgsStable pkgsMaster; { nixpkgs.config.allowUnfreePredicate = (pkg: true); }
inherit (self) const __findFile; { nix.package = pkgs.nix; }
}; {
modules = [ nix.settings.experimental-features = [
./home/HomeManager.nix "nix-command "
{ "flakes"
home.hm = { ];
inherit username homeDirectory; }
enable = true;
package = {
core.enable = true;
};
};
}
{ nixpkgs.config.allowUnfree = true; } inputs.stylix.homeManagerModules.stylix
{ nixpkgs.config.allowUnfreePredicate = (pkg: true); } ] ++ modules ++ (self.findFiles ./config);
{ nix.package = pkgs.nix; } };
{ nix.settings.experimental-features = [ "nix-command " "flakes" ]; } };
inputs.stylix.homeManagerModules.stylix x86LinuxHome = username: modules: mkCommonHome username "/home/${username}" "x86_64-linux" modules;
] x86LinuxRoot = mkCommonHome "root" "/root" "x86_64-linux" [ ];
++ modules in
++ (self.findFiles ./config); nixpkgs.lib.foldl' (acc: h: acc // h) { } [
}; x86LinuxRoot
}; (x86LinuxHome "voronind" [
{
home.hm.package = {
common.enable = true;
};
}
])
];
x86LinuxHome = username: modules: mkCommonHome username "/home/${username}" "x86_64-linux" modules; # Android.
x86LinuxRoot = mkCommonHome "root" "/root" "x86_64-linux" []; nixOnDroidConfigurations.default =
in nixpkgs.lib.foldl' (acc: h: acc // h) {} [ let
x86LinuxRoot config = self.nixOnDroidConfigurations.default.config;
(x86LinuxHome "voronind" [ lib = nixpkgs.lib;
{ pkgs = nixpkgs.legacyPackages."aarch64-linux".pkgs;
home.hm.package = { in
common.enable = true; nix-on-droid.lib.nixOnDroidConfiguration {
}; modules = [
} # Android release version.
]) { system.stateVersion = self.const.droidStateVersion; }
];
# Android. # I put all my Android configuration there.
nixOnDroidConfigurations.default = let ./home/Android.nix
config = self.nixOnDroidConfigurations.default.config; { home.android.enable = true; }
lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages."aarch64-linux".pkgs;
in nix-on-droid.lib.nixOnDroidConfiguration {
modules = [
# Android release version.
{ system.stateVersion = self.const.droidStateVersion; }
# I put all my Android configuration there. # { nixpkgs.config.allowUnfree = true; }
./home/Android.nix # { nixpkgs.config.allowUnfreePredicate = (pkg: true); }
{ home.android.enable = true; } { nix.extraOptions = "experimental-features = nix-command flakes"; }
{ home-manager.config.stylix.autoEnable = lib.mkForce false; }
# { nixpkgs.config.allowUnfree = true; } # Some common modules.
# { nixpkgs.config.allowUnfreePredicate = (pkg: true); } ./config/Setting.nix
{ nix.extraOptions = "experimental-features = nix-command flakes"; } ./config/Wallpaper.nix
{ home-manager.config.stylix.autoEnable = lib.mkForce false; } (import ./config/Style.nix {
inherit (config.home-manager) config;
inherit (self) __findFile;
inherit lib pkgs;
})
];
# Some common modules. # SpecialArgs allows you to pass objects down to other configuration.
./config/Setting.nix extraSpecialArgs = {
./config/Wallpaper.nix inherit inputs self;
(import ./config/Style.nix { inherit (self) const __findFile;
inherit (config.home-manager) config;
inherit (self) __findFile;
inherit lib pkgs;
})
];
# SpecialArgs allows you to pass objects down to other configuration. secret = import ./secret { }; # Secrets (public keys).
extraSpecialArgs = { util = import ./lib/Util.nix { inherit lib; }; # Util functions.
inherit inputs self; };
inherit (self) const __findFile; };
};
secret = import ./secret {}; # Secrets (public keys).
util = import ./lib/Util.nix { inherit lib; }; # Util functions.
};
};
};
} }
# That's it! # That's it!

View file

@ -1,40 +1,45 @@
# This is a common user configuration. # This is a common user configuration.
{ const {
, pkgs const,
, self pkgs,
, config self,
, lib config,
, inputs lib,
, pkgsStable inputs,
, pkgsMaster pkgsStable,
, __findFile pkgsMaster,
, ... } @args: with lib; let __findFile,
cfg = config.home.android; ...
stylix = import <config/Stylix.nix> args; }@args:
android = import ./android args; with lib;
package = import <package> args; let
# homePath = "/data/data/com.termux.nix/files/home"; cfg = config.home.android;
in { stylix = import <config/Stylix.nix> args;
options = { android = import ./android args;
home.android = { package = import <package> args;
enable = mkEnableOption "Android HM config."; in
}; # homePath = "/data/data/com.termux.nix/files/home";
}; {
options = {
home.android = {
enable = mkEnableOption "Android HM config.";
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
time.timeZone = const.timeZone; time.timeZone = const.timeZone;
environment.packages = package.core; environment.packages = package.core;
home-manager.config = stylix // { home-manager.config = stylix // {
imports = [ inputs.stylix.homeManagerModules.stylix ]; imports = [ inputs.stylix.homeManagerModules.stylix ];
home = { home = {
stateVersion = const.droidStateVersion; stateVersion = const.droidStateVersion;
sessionVariables = import ./variable args; sessionVariables = import ./variable args;
file = (import ./config args) // { file = (import ./config args) // {
".termux/_font.ttf".source = android.font; ".termux/_font.ttf".source = android.font;
".termux/_colors.properties".text = android.colors; ".termux/_colors.properties".text = android.colors;
}; };
}; };
programs = import ./program args; programs = import ./program args;
}; };
}; };
} }

View file

@ -1,59 +1,64 @@
# This is a common user configuration. # This is a common user configuration.
{ const {
, util const,
, config util,
, lib config,
, __findFile lib,
, ... } @args: with lib; let __findFile,
cfg = config.home.hm; ...
package = import <package> args; }@args:
in { with lib;
options = { let
home.hm = { cfg = config.home.hm;
enable = mkEnableOption "Home-Manager standalone config."; package = import <package> args;
username = mkOption { in
default = null; {
type = types.str; options = {
}; home.hm = {
homeDirectory = mkOption { enable = mkEnableOption "Home-Manager standalone config.";
default = "/home/${cfg.username}"; username = mkOption {
type = types.str; default = null;
}; type = types.str;
package = mkOption { };
default = {}; homeDirectory = mkOption {
type = types.submodule { default = "/home/${cfg.username}";
options = { type = types.str;
common.enable = mkEnableOption "Common apps."; };
core.enable = mkEnableOption "Core apps."; package = mkOption {
creative.enable = mkEnableOption "Creative apps."; default = { };
desktop.enable = mkEnableOption "Desktop apps."; type = types.submodule {
dev.enable = mkEnableOption "Dev apps."; options = {
extra.enable = mkEnableOption "Extra apps."; common.enable = mkEnableOption "Common apps.";
gaming.enable = mkEnableOption "Gaming apps."; core.enable = mkEnableOption "Core apps.";
}; creative.enable = mkEnableOption "Creative apps.";
}; desktop.enable = mkEnableOption "Desktop apps.";
}; dev.enable = mkEnableOption "Dev apps.";
}; extra.enable = mkEnableOption "Extra apps.";
}; gaming.enable = mkEnableOption "Gaming apps.";
};
};
};
};
};
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [
{ {
home = { home = {
inherit (cfg) username homeDirectory; inherit (cfg) username homeDirectory;
inherit (const) stateVersion; inherit (const) stateVersion;
file = import ./config args; file = import ./config args;
sessionVariables = import ./variable args; sessionVariables = import ./variable args;
}; };
xdg = import ./xdg { inherit (cfg) homeDirectory; }; xdg = import ./xdg { inherit (cfg) homeDirectory; };
programs = import ./program args; programs = import ./program args;
dconf.settings = util.catSet (util.ls ./config/dconf) args; dconf.settings = util.catSet (util.ls ./config/dconf) args;
} }
(mkIf cfg.package.common.enable { home.packages = package.common; }) (mkIf cfg.package.common.enable { home.packages = package.common; })
(mkIf cfg.package.core.enable { home.packages = package.core; }) (mkIf cfg.package.core.enable { home.packages = package.core; })
(mkIf cfg.package.creative.enable { home.packages = package.creative; }) (mkIf cfg.package.creative.enable { home.packages = package.creative; })
(mkIf cfg.package.desktop.enable { home.packages = package.desktop; }) (mkIf cfg.package.desktop.enable { home.packages = package.desktop; })
(mkIf cfg.package.dev.enable { home.packages = package.dev; }) (mkIf cfg.package.dev.enable { home.packages = package.dev; })
(mkIf cfg.package.extra.enable { home.packages = package.extra; }) (mkIf cfg.package.extra.enable { home.packages = package.extra; })
(mkIf cfg.package.gaming.enable { home.packages = package.gaming; }) (mkIf cfg.package.gaming.enable { home.packages = package.gaming; })
]); ]);
} }

View file

@ -1,44 +1,53 @@
# This is a common user configuration. # This is a common user configuration.
{ const {
, config const,
, util config,
, lib util,
, pkgs lib,
, ... } @args: with lib; let pkgs,
cfg = config.home.nixos; ...
in { }@args:
imports = (util.ls ./user); with lib;
let
cfg = config.home.nixos;
in
{
imports = (util.ls ./user);
options = { options = {
home.nixos = { home.nixos = {
enable = mkEnableOption "NixOS user setup."; enable = mkEnableOption "NixOS user setup.";
users = mkOption { users = mkOption {
default = []; default = [ ];
type = types.listOf types.attrs; type = types.listOf types.attrs;
}; };
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home-manager = { home-manager = {
users = builtins.foldl' (acc: user: acc // { users = builtins.foldl' (
${user.username} = { acc: user:
home = { acc
inherit (const) stateVersion; // {
inherit (user) username homeDirectory; ${user.username} = {
file = import ./config args; home = {
sessionVariables = import ./variable args; inherit (const) stateVersion;
inherit (user) username homeDirectory;
file = import ./config args;
sessionVariables = import ./variable args;
# ISSUE: https://github.com/nix-community/home-manager/issues/5589 # ISSUE: https://github.com/nix-community/home-manager/issues/5589
extraActivationPath = with pkgs; [ openssh ]; extraActivationPath = with pkgs; [ openssh ];
}; };
xdg = import ./xdg { inherit (user) homeDirectory; }; xdg = import ./xdg { inherit (user) homeDirectory; };
programs = import ./program args; programs = import ./program args;
dconf.settings = util.catSet (util.ls ./config/dconf) args; dconf.settings = util.catSet (util.ls ./config/dconf) args;
}; };
}) {} cfg.users; }
) { } cfg.users;
backupFileExtension = "old"; backupFileExtension = "old";
}; };
}; };
} }

View file

@ -1,10 +1,13 @@
{ pkgs, util, config, ... }: { { pkgs, config, ... }:
font = pkgs.runCommandNoCC "font" {} '' {
cp ${pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out font = pkgs.runCommandNoCC "font" { } ''
''; cp ${
pkgs.nerdfonts.override { fonts = [ "Terminus" ]; }
}/share/fonts/truetype/NerdFonts/TerminessNerdFontMono-Regular.ttf $out
'';
colors = util.trimTabs '' colors = ''
background=#${config.style.color.bg.dark} background=#${config.style.color.bg.dark}
foreground=#${config.style.color.fg.light} foreground=#${config.style.color.fg.light}
''; '';
} }

View file

@ -1,249 +1,250 @@
{ config, util, ... }: { { ... }:
text = util.trimTabs '' {
#? Config file for btop v. 1.3.0 text = ''
#? Config file for btop v. 1.3.0
#* Name of a btop++/bpytop/bashtop formatted ".theme" file, "Default" and "TTY" for builtin themes. #* Name of a btop++/bpytop/bashtop formatted ".theme" file, "Default" and "TTY" for builtin themes.
#* Themes should be placed in "../share/btop/themes" relative to binary or "$HOME/.config/btop/themes" #* Themes should be placed in "../share/btop/themes" relative to binary or "$HOME/.config/btop/themes"
color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme" color_theme = "/usr/share/btop/themes/gruvbox_material_dark.theme"
#* If the theme set background should be shown, set to False if you want terminal background transparency. #* If the theme set background should be shown, set to False if you want terminal background transparency.
theme_background = False theme_background = False
#* Sets if 24-bit truecolor should be used, will convert 24-bit colors to 256 color (6x6x6 color cube) if false. #* Sets if 24-bit truecolor should be used, will convert 24-bit colors to 256 color (6x6x6 color cube) if false.
truecolor = True truecolor = True
#* Set to true to force tty mode regardless if a real tty has been detected or not. #* Set to true to force tty mode regardless if a real tty has been detected or not.
#* Will force 16-color mode and TTY theme, set all graph symbols to "tty" and swap out other non tty friendly symbols. #* Will force 16-color mode and TTY theme, set all graph symbols to "tty" and swap out other non tty friendly symbols.
force_tty = False force_tty = False
#* Define presets for the layout of the boxes. Preset 0 is always all boxes shown with default settings. Max 9 presets. #* Define presets for the layout of the boxes. Preset 0 is always all boxes shown with default settings. Max 9 presets.
#* Format: "box_name:P:G,box_name:P:G" P=(0 or 1) for alternate positions, G=graph symbol to use for box. #* Format: "box_name:P:G,box_name:P:G" P=(0 or 1) for alternate positions, G=graph symbol to use for box.
#* Use whitespace " " as separator between different presets. #* Use whitespace " " as separator between different presets.
#* Example: "cpu:0:default,mem:0:tty,proc:1:default cpu:0:braille,proc:0:tty" #* Example: "cpu:0:default,mem:0:tty,proc:1:default cpu:0:braille,proc:0:tty"
presets = "" presets = ""
#* Set to True to enable "h,j,k,l,g,G" keys for directional control in lists. #* Set to True to enable "h,j,k,l,g,G" keys for directional control in lists.
#* Conflicting keys for h:"help" and k:"kill" is accessible while holding shift. #* Conflicting keys for h:"help" and k:"kill" is accessible while holding shift.
vim_keys = True vim_keys = True
#* Rounded corners on boxes, is ignored if TTY mode is ON. #* Rounded corners on boxes, is ignored if TTY mode is ON.
rounded_corners = True rounded_corners = True
#* Default symbols to use for graph creation, "braille", "block" or "tty". #* Default symbols to use for graph creation, "braille", "block" or "tty".
#* "braille" offers the highest resolution but might not be included in all fonts. #* "braille" offers the highest resolution but might not be included in all fonts.
#* "block" has half the resolution of braille but uses more common characters. #* "block" has half the resolution of braille but uses more common characters.
#* "tty" uses only 3 different symbols but will work with most fonts and should work in a real TTY. #* "tty" uses only 3 different symbols but will work with most fonts and should work in a real TTY.
#* Note that "tty" only has half the horizontal resolution of the other two, so will show a shorter historical view. #* Note that "tty" only has half the horizontal resolution of the other two, so will show a shorter historical view.
graph_symbol = "braille" graph_symbol = "braille"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". # Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_cpu = "default" graph_symbol_cpu = "default"
# Graph symbol to use for graphs in gpu box, "default", "braille", "block" or "tty". # Graph symbol to use for graphs in gpu box, "default", "braille", "block" or "tty".
graph_symbol_gpu = "default" graph_symbol_gpu = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". # Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_mem = "default" graph_symbol_mem = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". # Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_net = "default" graph_symbol_net = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty". # Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_proc = "default" graph_symbol_proc = "default"
#* Manually set which boxes to show. Available values are "cpu mem net proc" and "gpu0" through "gpu5", separate values with whitespace. #* Manually set which boxes to show. Available values are "cpu mem net proc" and "gpu0" through "gpu5", separate values with whitespace.
shown_boxes = "cpu mem net proc" shown_boxes = "cpu mem net proc"
#* Update time in milliseconds, recommended 2000 ms or above for better sample times for graphs. #* Update time in milliseconds, recommended 2000 ms or above for better sample times for graphs.
update_ms = 2000 update_ms = 2000
#* Processes sorting, "pid" "program" "arguments" "threads" "user" "memory" "cpu lazy" "cpu direct", #* Processes sorting, "pid" "program" "arguments" "threads" "user" "memory" "cpu lazy" "cpu direct",
#* "cpu lazy" sorts top process over time (easier to follow), "cpu direct" updates top process directly. #* "cpu lazy" sorts top process over time (easier to follow), "cpu direct" updates top process directly.
proc_sorting = "memory" proc_sorting = "memory"
#* Reverse sorting order, True or False. #* Reverse sorting order, True or False.
proc_reversed = False proc_reversed = False
#* Show processes as a tree. #* Show processes as a tree.
proc_tree = False proc_tree = False
#* Use the cpu graph colors in the process list. #* Use the cpu graph colors in the process list.
proc_colors = True proc_colors = True
#* Use a darkening gradient in the process list. #* Use a darkening gradient in the process list.
proc_gradient = True proc_gradient = True
#* If process cpu usage should be of the core it's running on or usage of the total available cpu power. #* If process cpu usage should be of the core it's running on or usage of the total available cpu power.
proc_per_core = False proc_per_core = False
#* Show process memory as bytes instead of percent. #* Show process memory as bytes instead of percent.
proc_mem_bytes = True proc_mem_bytes = True
#* Show cpu graph for each process. #* Show cpu graph for each process.
proc_cpu_graphs = True proc_cpu_graphs = True
#* Use /proc/[pid]/smaps for memory information in the process info box (very slow but more accurate) #* Use /proc/[pid]/smaps for memory information in the process info box (very slow but more accurate)
proc_info_smaps = False proc_info_smaps = False
#* Show proc box on left side of screen instead of right. #* Show proc box on left side of screen instead of right.
proc_left = True proc_left = True
#* (Linux) Filter processes tied to the Linux kernel(similar behavior to htop). #* (Linux) Filter processes tied to the Linux kernel(similar behavior to htop).
proc_filter_kernel = True proc_filter_kernel = True
#* In tree-view, always accumulate child process resources in the parent process. #* In tree-view, always accumulate child process resources in the parent process.
proc_aggregate = False proc_aggregate = False
#* Sets the CPU stat shown in upper half of the CPU graph, "total" is always available. #* Sets the CPU stat shown in upper half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu. #* Select from a list of detected attributes from the options menu.
cpu_graph_upper = "total" cpu_graph_upper = "total"
#* Sets the CPU stat shown in lower half of the CPU graph, "total" is always available. #* Sets the CPU stat shown in lower half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu. #* Select from a list of detected attributes from the options menu.
cpu_graph_lower = "total" cpu_graph_lower = "total"
#* If gpu info should be shown in the cpu box. Available values = "Auto", "On" and "Off". #* If gpu info should be shown in the cpu box. Available values = "Auto", "On" and "Off".
show_gpu_info = "Auto" show_gpu_info = "Auto"
#* Toggles if the lower CPU graph should be inverted. #* Toggles if the lower CPU graph should be inverted.
cpu_invert_lower = True cpu_invert_lower = True
#* Set to True to completely disable the lower CPU graph. #* Set to True to completely disable the lower CPU graph.
cpu_single_graph = False cpu_single_graph = False
#* Show cpu box at bottom of screen instead of top. #* Show cpu box at bottom of screen instead of top.
cpu_bottom = False cpu_bottom = False
#* Shows the system uptime in the CPU box. #* Shows the system uptime in the CPU box.
show_uptime = True show_uptime = True
#* Show cpu temperature. #* Show cpu temperature.
check_temp = True check_temp = True
#* Which sensor to use for cpu temperature, use options menu to select from list of available sensors. #* Which sensor to use for cpu temperature, use options menu to select from list of available sensors.
cpu_sensor = "Auto" cpu_sensor = "Auto"
#* Show temperatures for cpu cores also if check_temp is True and sensors has been found. #* Show temperatures for cpu cores also if check_temp is True and sensors has been found.
show_coretemp = True show_coretemp = True
#* Set a custom mapping between core and coretemp, can be needed on certain cpus to get correct temperature for correct core. #* Set a custom mapping between core and coretemp, can be needed on certain cpus to get correct temperature for correct core.
#* Use lm-sensors or similar to see which cores are reporting temperatures on your machine. #* Use lm-sensors or similar to see which cores are reporting temperatures on your machine.
#* Format "x:y" x=core with wrong temp, y=core with correct temp, use space as separator between multiple entries. #* Format "x:y" x=core with wrong temp, y=core with correct temp, use space as separator between multiple entries.
#* Example: "4:0 5:1 6:3" #* Example: "4:0 5:1 6:3"
cpu_core_map = "" cpu_core_map = ""
#* Which temperature scale to use, available values: "celsius", "fahrenheit", "kelvin" and "rankine". #* Which temperature scale to use, available values: "celsius", "fahrenheit", "kelvin" and "rankine".
temp_scale = "celsius" temp_scale = "celsius"
#* Use base 10 for bits/bytes sizes, KB = 1000 instead of KiB = 1024. #* Use base 10 for bits/bytes sizes, KB = 1000 instead of KiB = 1024.
base_10_sizes = True base_10_sizes = True
#* Show CPU frequency. #* Show CPU frequency.
show_cpu_freq = True show_cpu_freq = True
#* Draw a clock at top of screen, formatting according to strftime, empty string to disable. #* Draw a clock at top of screen, formatting according to strftime, empty string to disable.
#* Special formatting: /host = hostname | /user = username | /uptime = system uptime #* Special formatting: /host = hostname | /user = username | /uptime = system uptime
clock_format = "%X" clock_format = "%X"
#* Update main ui in background when menus are showing, set this to false if the menus is flickering too much for comfort. #* Update main ui in background when menus are showing, set this to false if the menus is flickering too much for comfort.
background_update = True background_update = True
#* Custom cpu model name, empty string to disable. #* Custom cpu model name, empty string to disable.
custom_cpu_name = "" custom_cpu_name = ""
#* Optional filter for shown disks, should be full path of a mountpoint, separate multiple values with whitespace " ". #* Optional filter for shown disks, should be full path of a mountpoint, separate multiple values with whitespace " ".
#* Begin line with "exclude=" to change to exclude filter, otherwise defaults to "most include" filter. Example: disks_filter="exclude=/boot /home/user". #* Begin line with "exclude=" to change to exclude filter, otherwise defaults to "most include" filter. Example: disks_filter="exclude=/boot /home/user".
disks_filter = "exclude=/boot /boot/efi" disks_filter = "exclude=/boot /boot/efi"
#* Show graphs instead of meters for memory values. #* Show graphs instead of meters for memory values.
mem_graphs = True mem_graphs = True
#* Show mem box below net box instead of above. #* Show mem box below net box instead of above.
mem_below_net = False mem_below_net = False
#* Count ZFS ARC in cached and available memory. #* Count ZFS ARC in cached and available memory.
zfs_arc_cached = True zfs_arc_cached = True
#* If swap memory should be shown in memory box. #* If swap memory should be shown in memory box.
show_swap = True show_swap = True
#* Show swap as a disk, ignores show_swap value above, inserts itself after first disk. #* Show swap as a disk, ignores show_swap value above, inserts itself after first disk.
swap_disk = False swap_disk = False
#* If mem box should be split to also show disks info. #* If mem box should be split to also show disks info.
show_disks = True show_disks = True
#* Filter out non physical disks. Set this to False to include network disks, RAM disks and similar. #* Filter out non physical disks. Set this to False to include network disks, RAM disks and similar.
only_physical = True only_physical = True
#* Read disks list from /etc/fstab. This also disables only_physical. #* Read disks list from /etc/fstab. This also disables only_physical.
use_fstab = True use_fstab = True
#* Setting this to True will hide all datasets, and only show ZFS pools. (IO stats will be calculated per-pool) #* Setting this to True will hide all datasets, and only show ZFS pools. (IO stats will be calculated per-pool)
zfs_hide_datasets = False zfs_hide_datasets = False
#* Set to true to show available disk space for privileged users. #* Set to true to show available disk space for privileged users.
disk_free_priv = False disk_free_priv = False
#* Toggles if io activity % (disk busy time) should be shown in regular disk usage view. #* Toggles if io activity % (disk busy time) should be shown in regular disk usage view.
show_io_stat = True show_io_stat = True
#* Toggles io mode for disks, showing big graphs for disk read/write speeds. #* Toggles io mode for disks, showing big graphs for disk read/write speeds.
io_mode = False io_mode = False
#* Set to True to show combined read/write io graphs in io mode. #* Set to True to show combined read/write io graphs in io mode.
io_graph_combined = False io_graph_combined = False
#* Set the top speed for the io graphs in MiB/s (100 by default), use format "mountpoint:speed" separate disks with whitespace " ". #* Set the top speed for the io graphs in MiB/s (100 by default), use format "mountpoint:speed" separate disks with whitespace " ".
#* Example: "/mnt/media:100 /:20 /boot:1". #* Example: "/mnt/media:100 /:20 /boot:1".
io_graph_speeds = "" io_graph_speeds = ""
#* Set fixed values for network graphs in Mebibits. Is only used if net_auto is also set to False. #* Set fixed values for network graphs in Mebibits. Is only used if net_auto is also set to False.
net_download = 100 net_download = 100
net_upload = 100 net_upload = 100
#* Use network graphs auto rescaling mode, ignores any values set above and rescales down to 10 Kibibytes at the lowest. #* Use network graphs auto rescaling mode, ignores any values set above and rescales down to 10 Kibibytes at the lowest.
net_auto = True net_auto = True
#* Sync the auto scaling for download and upload to whichever currently has the highest scale. #* Sync the auto scaling for download and upload to whichever currently has the highest scale.
net_sync = True net_sync = True
#* Starts with the Network Interface specified here. #* Starts with the Network Interface specified here.
net_iface = "" net_iface = ""
#* Show battery stats in top right if battery is present. #* Show battery stats in top right if battery is present.
show_battery = True show_battery = True
#* Which battery to use if multiple are present. "Auto" for auto detection. #* Which battery to use if multiple are present. "Auto" for auto detection.
selected_battery = "Auto" selected_battery = "Auto"
#* Set loglevel for "~/.config/btop/btop.log" levels are: "ERROR" "WARNING" "INFO" "DEBUG". #* Set loglevel for "~/.config/btop/btop.log" levels are: "ERROR" "WARNING" "INFO" "DEBUG".
#* The level set includes all lower levels, i.e. "DEBUG" will show all logging info. #* The level set includes all lower levels, i.e. "DEBUG" will show all logging info.
log_level = "WARNING" log_level = "WARNING"
#* Measure PCIe throughput on NVIDIA cards, may impact performance on certain cards. #* Measure PCIe throughput on NVIDIA cards, may impact performance on certain cards.
nvml_measure_pcie_speeds = True nvml_measure_pcie_speeds = True
#* Horizontally mirror the GPU graph. #* Horizontally mirror the GPU graph.
gpu_mirror_graph = True gpu_mirror_graph = True
#* Custom gpu0 model name, empty string to disable. #* Custom gpu0 model name, empty string to disable.
custom_gpu_name0 = "" custom_gpu_name0 = ""
#* Custom gpu1 model name, empty string to disable. #* Custom gpu1 model name, empty string to disable.
custom_gpu_name1 = "" custom_gpu_name1 = ""
#* Custom gpu2 model name, empty string to disable. #* Custom gpu2 model name, empty string to disable.
custom_gpu_name2 = "" custom_gpu_name2 = ""
#* Custom gpu3 model name, empty string to disable. #* Custom gpu3 model name, empty string to disable.
custom_gpu_name3 = "" custom_gpu_name3 = ""
#* Custom gpu4 model name, empty string to disable. #* Custom gpu4 model name, empty string to disable.
custom_gpu_name4 = "" custom_gpu_name4 = ""
#* Custom gpu5 model name, empty string to disable. #* Custom gpu5 model name, empty string to disable.
custom_gpu_name5 = "" custom_gpu_name5 = ""
''; '';
} }

View file

@ -1,5 +1,6 @@
{ ... }: { { ... }:
"org/gnome/desktop/a11y" = { {
always-show-universal-access-status = true; "org/gnome/desktop/a11y" = {
}; always-show-universal-access-status = true;
};
} }

View file

@ -1,27 +1,28 @@
{ ... }: { { ... }:
"org/gtk/gtk4/settings/file-chooser" = { {
date-format = "regular"; "org/gtk/gtk4/settings/file-chooser" = {
location-mode = "path-bar"; date-format = "regular";
show-hidden = false; location-mode = "path-bar";
show-size-column = true; show-hidden = false;
show-type-column = true; show-size-column = true;
sidebar-width = "166"; show-type-column = true;
sort-column = "modified"; sidebar-width = "166";
sort-directories-first = true; sort-column = "modified";
sort-order = "descending"; sort-directories-first = true;
type-format = "category"; sort-order = "descending";
view-type = "list"; type-format = "category";
}; view-type = "list";
};
"org/gtk/settings/file-chooser" = { "org/gtk/settings/file-chooser" = {
date-format = "regular"; date-format = "regular";
location-mode = "path-bar"; location-mode = "path-bar";
show-hidden = false; show-hidden = false;
show-size-column = true; show-size-column = true;
show-type-column = true; show-type-column = true;
sort-column = "modified"; sort-column = "modified";
sort-directories-first = true; sort-directories-first = true;
sort-order = "descending"; sort-order = "descending";
type-format = "category"; type-format = "category";
}; };
} }

View file

@ -1,21 +1,40 @@
{ lib, config, ... }: { { lib, config, ... }:
"org/gnome/desktop/input-sources" = with lib.gvariant; { {
current = mkUint32 0; "org/gnome/desktop/input-sources" = with lib.gvariant; {
mru-sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ]; current = mkUint32 0;
per-window = false; mru-sources = [
show-all-sources = true; (mkTuple [
sources = [ (mkTuple [ "xkb" "us" ]) (mkTuple [ "xkb" "ru" ]) ]; "xkb"
xkb-options = [ config.setting.keyboard.options ]; "us"
}; ])
(mkTuple [
"xkb"
"ru"
])
];
per-window = false;
show-all-sources = true;
sources = [
(mkTuple [
"xkb"
"us"
])
(mkTuple [
"xkb"
"ru"
])
];
xkb-options = [ config.setting.keyboard.options ];
};
"org/gnome/desktop/peripherals/mouse" = { "org/gnome/desktop/peripherals/mouse" = {
accel-profile = "flat"; accel-profile = "flat";
natural-scroll = true; natural-scroll = true;
speed = "0.0"; speed = "0.0";
}; };
"org/gnome/desktop/peripherals/touchpad" = { "org/gnome/desktop/peripherals/touchpad" = {
tap-to-click = true; tap-to-click = true;
two-finger-scrolling-enabled = true; two-finger-scrolling-enabled = true;
}; };
} }

View file

@ -1,11 +1,12 @@
{ ... }: { { ... }:
"org/gnome/desktop/interface" = { {
clock-show-date = true; "org/gnome/desktop/interface" = {
clock-show-weekday = true; clock-show-date = true;
color-scheme = "prefer-dark"; clock-show-weekday = true;
enable-animations = false; color-scheme = "prefer-dark";
enable-hot-corners = false; enable-animations = false;
gtk-enable-primary-paste = false; enable-hot-corners = false;
show-battery-percentage = false; gtk-enable-primary-paste = false;
}; show-battery-percentage = false;
};
} }

View file

@ -1,132 +1,134 @@
{ config, ... }: let { config, ... }:
mod = "<Super>"; let
in { mod = "<Super>";
"org/gnome/desktop/wm/keybindings" = { in
activate-window-menu = [ "" ]; {
begin-move = [ "" ]; "org/gnome/desktop/wm/keybindings" = {
begin-resize = [ "${mod}r" ]; activate-window-menu = [ "" ];
close = [ "${mod}x" ]; begin-move = [ "" ];
cycle-group = [ "" ]; begin-resize = [ "${mod}r" ];
cycle-group-backward = [ "" ]; close = [ "${mod}x" ];
cycle-panels = [ "" ]; cycle-group = [ "" ];
cycle-panels-backward = [ "" ]; cycle-group-backward = [ "" ];
cycle-windows = [ "" ]; cycle-panels = [ "" ];
cycle-windows-backward = [ "" ]; cycle-panels-backward = [ "" ];
maximize = [ "" ]; cycle-windows = [ "" ];
maximize-horizontally = [ "" ]; cycle-windows-backward = [ "" ];
minimize = [ "${mod}s" ]; maximize = [ "" ];
move-to-monitor-down = [ "" ]; maximize-horizontally = [ "" ];
move-to-monitor-left = [ "" ]; minimize = [ "${mod}s" ];
move-to-monitor-right = [ "" ]; move-to-monitor-down = [ "" ];
move-to-monitor-up = [ "" ]; move-to-monitor-left = [ "" ];
move-to-workspace-1 = [ "" ]; move-to-monitor-right = [ "" ];
move-to-workspace-2 = [ "" ]; move-to-monitor-up = [ "" ];
move-to-workspace-3 = [ "" ]; move-to-workspace-1 = [ "" ];
move-to-workspace-4 = [ "" ]; move-to-workspace-2 = [ "" ];
move-to-workspace-last = [ "" ]; move-to-workspace-3 = [ "" ];
move-to-workspace-left = [ "<Shift>${mod}q" ]; move-to-workspace-4 = [ "" ];
move-to-workspace-right = [ "<Shift>${mod}e" ]; move-to-workspace-last = [ "" ];
panel-run-dialog = [ "${mod}space" ]; move-to-workspace-left = [ "<Shift>${mod}q" ];
show-desktop = [ "${mod}c" ]; move-to-workspace-right = [ "<Shift>${mod}e" ];
switch-applications = [ "${mod}Tab" ]; panel-run-dialog = [ "${mod}space" ];
switch-applications-backward = [ "<Shift>${mod}Tab" ]; show-desktop = [ "${mod}c" ];
switch-group = [ "<Alt>Tab" ]; switch-applications = [ "${mod}Tab" ];
switch-group-backward = [ "<Shift><Alt>Tab" ]; switch-applications-backward = [ "<Shift>${mod}Tab" ];
switch-input-source = [ "" ]; switch-group = [ "<Alt>Tab" ];
switch-input-source-backward = [ "" ]; switch-group-backward = [ "<Shift><Alt>Tab" ];
switch-panels = [ "" ]; switch-input-source = [ "" ];
switch-panels-backward = [ "" ]; switch-input-source-backward = [ "" ];
switch-to-workspace-1 = [ "" ]; switch-panels = [ "" ];
switch-to-workspace-2 = [ "" ]; switch-panels-backward = [ "" ];
switch-to-workspace-3 = [ "" ]; switch-to-workspace-1 = [ "" ];
switch-to-workspace-4 = [ "" ]; switch-to-workspace-2 = [ "" ];
switch-to-workspace-last = [ "" ]; switch-to-workspace-3 = [ "" ];
switch-to-workspace-left = [ "${mod}q" ]; switch-to-workspace-4 = [ "" ];
switch-to-workspace-right = [ "${mod}e" ]; switch-to-workspace-last = [ "" ];
switch-windows = [ "" ]; switch-to-workspace-left = [ "${mod}q" ];
switch-windows-backward = [ "" ]; switch-to-workspace-right = [ "${mod}e" ];
toggle-fullscreen = [ "${mod}f" ]; switch-windows = [ "" ];
toggle-maximized = [ "${mod}w" ]; switch-windows-backward = [ "" ];
unmaximize = [ "" ]; toggle-fullscreen = [ "${mod}f" ];
}; toggle-maximized = [ "${mod}w" ];
unmaximize = [ "" ];
};
"org/gnome/mutter/keybindings" = { "org/gnome/mutter/keybindings" = {
toggle-tiled-left = [ "${mod}a" ]; toggle-tiled-left = [ "${mod}a" ];
toggle-tiled-right = [ "${mod}d" ]; toggle-tiled-right = [ "${mod}d" ];
}; };
"org/gnome/mutter/wayland/keybindings" = { "org/gnome/mutter/wayland/keybindings" = {
restore-shortcuts = [ "" ]; restore-shortcuts = [ "" ];
}; };
"org/gnome/settings-daemon/plugins/media-keys" = { "org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [ custom-keybindings = [
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom2/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom2/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom3/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom3/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom4/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom4/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5/" "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5/"
]; ];
magnifier = [ "" ]; magnifier = [ "" ];
magnifier-zoom-in = [ "" ]; magnifier-zoom-in = [ "" ];
magnifier-zoom-out = [ "" ]; magnifier-zoom-out = [ "" ];
screenreader = [ "" ]; screenreader = [ "" ];
screensaver = [ "${mod}z" ]; screensaver = [ "${mod}z" ];
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "${mod}Escape"; binding = "${mod}Escape";
command = "kgx -e bash -c 'tmux new-session -A -s main; bash'"; command = "kgx -e bash -c 'tmux new-session -A -s main; bash'";
name = "gnome-terminal"; name = "gnome-terminal";
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
binding = "printz"; binding = "printz";
command = "systemctl suspend -i"; command = "systemctl suspend -i";
name = "System Sleep"; name = "System Sleep";
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom2" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom2" = {
binding = "printx"; binding = "printx";
command = "systemctl poweroff -i"; command = "systemctl poweroff -i";
name = "System Poweroff"; name = "System Poweroff";
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom3" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom3" = {
binding = "printc"; binding = "printc";
command = "systemctl reboot -i"; command = "systemctl reboot -i";
name = "System Reboot"; name = "System Reboot";
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom4" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom4" = {
binding = "printp"; binding = "printp";
command = "powersave toggle"; command = "powersave toggle";
name = "Toggle Powersave"; name = "Toggle Powersave";
}; };
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5" = { "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom5" = {
binding = "printl"; binding = "printl";
command = "powerlimit toggle"; command = "powerlimit toggle";
name = "Toggle Powerlimit"; name = "Toggle Powerlimit";
}; };
"org/gnome/shell/keybindings" = { "org/gnome/shell/keybindings" = {
focus-active-notification = [ "" ]; focus-active-notification = [ "" ];
open-application-menu = [ "" ]; open-application-menu = [ "" ];
show-screenshot-ui = [ "${mod}v" ]; show-screenshot-ui = [ "${mod}v" ];
switch-to-application-1 = [ "" ]; switch-to-application-1 = [ "" ];
switch-to-application-2 = [ "" ]; switch-to-application-2 = [ "" ];
switch-to-application-3 = [ "" ]; switch-to-application-3 = [ "" ];
switch-to-application-4 = [ "" ]; switch-to-application-4 = [ "" ];
switch-to-application-5 = [ "" ]; switch-to-application-5 = [ "" ];
switch-to-application-6 = [ "" ]; switch-to-application-6 = [ "" ];
switch-to-application-7 = [ "" ]; switch-to-application-7 = [ "" ];
switch-to-application-8 = [ "" ]; switch-to-application-8 = [ "" ];
switch-to-application-9 = [ "" ]; switch-to-application-9 = [ "" ];
toggle-application-view = [ "" ]; toggle-application-view = [ "" ];
toggle-message-tray = [ "" ]; toggle-message-tray = [ "" ];
toggle-overview = [ "" ]; toggle-overview = [ "" ];
toggle-quick-settings = [ "" ]; toggle-quick-settings = [ "" ];
}; };
} }

View file

@ -1,7 +1,8 @@
{ ... }: { { ... }:
"org/gnome/desktop/media-handling" = { {
automount = false; "org/gnome/desktop/media-handling" = {
automount-open = false; automount = false;
autorun-never = true; automount-open = false;
}; autorun-never = true;
};
} }

View file

@ -1,21 +1,22 @@
{ ... }: { { ... }:
"org/gnome/nautilus/icon-view" = { {
default-zoom-level = "larger"; "org/gnome/nautilus/icon-view" = {
}; default-zoom-level = "larger";
};
"org/gnome/nautilus/list-view" = { "org/gnome/nautilus/list-view" = {
default-zoom-level = "small"; default-zoom-level = "small";
use-tree-view = false; use-tree-view = false;
}; };
"org/gnome/nautilus/preferences" = { "org/gnome/nautilus/preferences" = {
click-policy = "single"; click-policy = "single";
default-folder-viewer = "list-view"; default-folder-viewer = "list-view";
default-sort-in-reverse-order = false; default-sort-in-reverse-order = false;
default-sort-order = "name"; default-sort-order = "name";
migrated-gtk-settings = true; migrated-gtk-settings = true;
search-filter-time-type = "last_modified"; search-filter-time-type = "last_modified";
search-view = "list-view"; search-view = "list-view";
show-image-thumbnails = "local-only"; show-image-thumbnails = "local-only";
}; };
} }

View file

@ -1,10 +1,11 @@
{ ... }: { { ... }:
"org/gnome/settings-daemon/plugins/power" = { {
ambient-enabled = false; "org/gnome/settings-daemon/plugins/power" = {
idle-dim = false; ambient-enabled = false;
power-button-action = "nothing"; idle-dim = false;
sleep-inactive-ac-timeout = "0"; power-button-action = "nothing";
sleep-inactive-ac-type = "nothing"; sleep-inactive-ac-timeout = "0";
sleep-inactive-battery-type = "nothing"; sleep-inactive-ac-type = "nothing";
}; sleep-inactive-battery-type = "nothing";
};
} }

View file

@ -1,15 +1,16 @@
{ lib, ... }: { { lib, ... }:
"org/gnome/desktop/privacy" = with lib.gvariant; { {
disable-camera = false; "org/gnome/desktop/privacy" = with lib.gvariant; {
disable-microphone = false; disable-camera = false;
old-files-age = mkUint32 30; disable-microphone = false;
recent-files-max-age = mkUint32 30; old-files-age = mkUint32 30;
remove-old-temp-files = true; recent-files-max-age = mkUint32 30;
remove-old-trash-files = true; remove-old-temp-files = true;
report-technical-problems = true; remove-old-trash-files = true;
}; report-technical-problems = true;
};
"org/gnome/system/location" = { "org/gnome/system/location" = {
enabled = false; enabled = false;
}; };
} }

View file

@ -1,5 +1,6 @@
{ lib, ... }: { { lib, ... }:
"org/gnome/desktop/session" = with lib.gvariant; { {
idle-delay = mkUint32 0; "org/gnome/desktop/session" = with lib.gvariant; {
}; idle-delay = mkUint32 0;
};
} }

View file

@ -1,14 +1,15 @@
{ ... }: { { ... }:
"org/gnome/shell" = { {
disable-extension-version-validation = true; "org/gnome/shell" = {
disable-user-extensions = false; disable-extension-version-validation = true;
favorite-apps = [ "" ]; disable-user-extensions = false;
had-bluetooth-devices-setup = true; favorite-apps = [ "" ];
last-selected-power-profile = "power-saver"; had-bluetooth-devices-setup = true;
remember-mount-password = false; last-selected-power-profile = "power-saver";
}; remember-mount-password = false;
};
"system/proxy" = { "system/proxy" = {
mode = "none"; mode = "none";
}; };
} }

View file

@ -1,8 +1,9 @@
{ ... }: { { ... }:
"org/gnome/software" = { {
download-updates = false; "org/gnome/software" = {
download-updates-notify = false; download-updates = false;
first-run = false; download-updates-notify = false;
show-nonfree-prompt = false; first-run = false;
}; show-nonfree-prompt = false;
};
} }

View file

@ -1,7 +1,8 @@
{ ... }: { { ... }:
"org/gnome/desktop/sound" = { {
allow-volume-above-100-percent = false; "org/gnome/desktop/sound" = {
event-sounds = false; allow-volume-above-100-percent = false;
theme-name = "freedesktop"; event-sounds = false;
}; theme-name = "freedesktop";
};
} }

View file

@ -1,32 +1,33 @@
{ lib, ... }: { { lib, ... }:
"org/gnome/desktop/wm/preferences" = { {
action-middle-click-titlebar = "minimize"; "org/gnome/desktop/wm/preferences" = {
action-right-click-titlebar = "menu"; action-middle-click-titlebar = "minimize";
focus-mode = "click"; # `click` or `sloppy`. action-right-click-titlebar = "menu";
button-layout = "appmenu:close"; focus-mode = "click"; # `click` or `sloppy`.
}; button-layout = "appmenu:close";
};
"org/gnome/mutter" = { "org/gnome/mutter" = {
attach-modal-dialogs = true; attach-modal-dialogs = true;
center-new-windows = true; center-new-windows = true;
dynamic-workspaces = true; dynamic-workspaces = true;
edge-tiling = true; edge-tiling = true;
workspaces-only-on-primary = true; workspaces-only-on-primary = true;
}; };
"org/gnome/settings-daemon/plugins/color" = with lib.gvariant; { "org/gnome/settings-daemon/plugins/color" = with lib.gvariant; {
night-light-enabled = false; night-light-enabled = false;
night-light-schedule-automatic = false; night-light-schedule-automatic = false;
night-light-schedule-from = "0.0"; night-light-schedule-from = "0.0";
night-light-schedule-to = "0.0"; night-light-schedule-to = "0.0";
night-light-temperature = mkUint32 3700; night-light-temperature = mkUint32 3700;
}; };
"org/gnome/shell/app-switcher" = { "org/gnome/shell/app-switcher" = {
current-workspace-only = true; current-workspace-only = true;
}; };
"org/gnome/shell/overrides" = { "org/gnome/shell/overrides" = {
edge-tiling = false; edge-tiling = false;
}; };
} }

View file

@ -1,50 +1,57 @@
{ self, inputs, config, ... } @args: let {
btop = import ./btop args; self,
editor = import ./editorconfig args; inputs,
foot = import ./foot args; config,
fuzzel = import ./fuzzel args; ...
git = import ./git args; }@args:
gtk3 = import ./gtk/3 args; let
jetbrains = import ./jetbrains args; btop = import ./btop args;
keyd = import ./keyd args; editor = import ./editorconfig args;
mako = import ./mako args; foot = import ./foot args;
mangohud = import ./mangohud args; fuzzel = import ./fuzzel args;
nvim = import ./nvim args; git = import ./git args;
ssh = import ./ssh args; gtk3 = import ./gtk/3 args;
swappy = import ./swappy args; jetbrains = import ./jetbrains args;
sway = import ./sway args; keyd = import ./keyd args;
tmux = import ./tmux args; mako = import ./mako args;
waybar = import ./waybar args; mangohud = import ./mangohud args;
yazi = import ./yazi args; nvim = import ./nvim args;
in { ssh = import ./ssh args;
".Wallpaper".source = config.module.wallpaper.path; swappy = import ./swappy args;
".config/MangoHud/MangoHud.conf".source = mangohud.config; sway = import ./sway args;
".config/MangoHud/presets.conf".source = mangohud.presets; tmux = import ./tmux args;
".config/btop/btop.conf".text = btop.text; waybar = import ./waybar args;
".config/foot/foot.ini".source = foot.file; yazi = import ./yazi args;
".config/fuzzel/fuzzel.ini".source = fuzzel.file; in
".config/gtk-3.0/bookmarks".text = gtk3.bookmarks; {
".config/keyd/app.conf".text = keyd.text; ".Wallpaper".source = config.module.wallpaper.path;
".config/mako/config".source = mako.file; ".config/MangoHud/MangoHud.conf".source = mangohud.config;
".config/nvim/init.vim".text = nvim.text; ".config/MangoHud/presets.conf".source = mangohud.presets;
".config/swappy/config".source = swappy.config; ".config/btop/btop.conf".text = btop.text;
".config/sway/config".text = sway.text; ".config/foot/foot.ini".source = foot.file;
".config/tmux/tmux.conf".text = tmux.text; ".config/fuzzel/fuzzel.ini".source = fuzzel.file;
".config/waybar/config".source = waybar.config; ".config/gtk-3.0/bookmarks".text = gtk3.bookmarks;
".config/waybar/style.css".source = waybar.style; ".config/keyd/app.conf".text = keyd.text;
".config/yazi/init.lua".source = yazi.init; ".config/mako/config".source = mako.file;
".config/yazi/keymap.toml".source = yazi.keymap; ".config/nvim/init.vim".text = nvim.text;
".config/yazi/theme.toml".source = yazi.theme; ".config/swappy/config".source = swappy.config;
".config/yazi/yazi.toml".source = yazi.yazi; ".config/sway/config".text = sway.text;
".editorconfig".source = editor.file; ".config/tmux/tmux.conf".text = tmux.text;
".gitconfig".source = git.file; ".config/waybar/config".source = waybar.config;
".ideavimrc".text = jetbrains.ideavimrc; ".config/waybar/style.css".source = waybar.style;
".nix".source = self; ".config/yazi/init.lua".source = yazi.init;
".nixpkgs".source = inputs.nixpkgs; ".config/yazi/keymap.toml".source = yazi.keymap;
# TODO: Add after migrating to stable. ".config/yazi/theme.toml".source = yazi.theme;
# ".nixpkgs_unstable".source = inputs.nixpkgs; ".config/yazi/yazi.toml".source = yazi.yazi;
# ".nixpkgs_master".source = inputs.nixpkgs; ".editorconfig".source = editor.file;
".parallel/will-cite".text = ""; ".gitconfig".source = git.file;
".ssh/config".text = ssh.text; ".ideavimrc".text = jetbrains.ideavimrc;
".template".source = ./template; ".nix".source = self;
".nixpkgs".source = inputs.nixpkgs;
# TODO: Add after migrating to stable.
# ".nixpkgs_unstable".source = inputs.nixpkgs;
# ".nixpkgs_master".source = inputs.nixpkgs;
".parallel/will-cite".text = "";
".ssh/config".text = ssh.text;
".template".source = ./template;
} }

View file

@ -1,32 +1,34 @@
{ pkgs, ... }: { { pkgs, ... }:
file = (pkgs.formats.iniWithGlobalSection {}).generate "EditorconfigConfig" { {
globalSection.root = true; file = (pkgs.formats.iniWithGlobalSection { }).generate "EditorconfigConfig" {
globalSection.root = true;
sections = { sections = {
"*" = { "*" = {
end_of_line = "lf"; end_of_line = "lf";
charset = "utf-8"; charset = "utf-8";
indent_style = "tab"; indent_style = "tab";
indent_size = "2"; indent_size = 2;
insert_final_newline = "true"; insert_final_newline = "true";
trim_trailing_whitespace = "true"; trim_trailing_whitespace = "true";
}; };
Makefile = { "Makefile" = {
indent_size = 2; indent_size = 4;
}; };
"*.{nix,js}" = { "*.nix" = {
indent_size = 2; indent_style = "space";
}; indent_size = 2;
};
"*.{lua,kt,kts,rs,py}" = { "*.{lua,kt,kts,rs,py}" = {
indent_size = 4; indent_size = 4;
}; };
"*.{sh,md}" = { "*.{sh,md}" = {
indent_size = 8; indent_size = 8;
}; };
}; };
}; };
} }

View file

@ -1,28 +1,30 @@
{ config, pkgs, ... }: let { config, pkgs, ... }:
dpiAware = if config.setting.dpiAware then "yes" else "no"; let
borderSize = toString config.style.window.border; dpiAware = if config.setting.dpiAware then "yes" else "no";
fontStep = 1; borderSize = toString config.style.window.border;
in { fontStep = 1;
file = (pkgs.formats.iniWithGlobalSection {}).generate "FootConfig" { in
globalSection = { {
font = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}"; file = (pkgs.formats.iniWithGlobalSection { }).generate "FootConfig" {
# font-bold = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}"; globalSection = {
font-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}"; font = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-bold-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}"; # font-bold = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
dpi-aware = dpiAware; font-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
font-size-adjustment = fontStep; font-bold-italic = "${config.style.font.monospace.name}:size=${toString config.style.font.size.terminal}";
pad = "${borderSize}x${borderSize} center"; dpi-aware = dpiAware;
}; font-size-adjustment = fontStep;
pad = "${borderSize}x${borderSize} center";
};
sections = { sections = {
colors = { colors = {
alpha = config.style.opacity.terminal; alpha = config.style.opacity.terminal;
background = config.style.color.bg.dark; background = config.style.color.bg.dark;
foreground = config.style.color.fg.light; foreground = config.style.color.fg.light;
}; };
key-bindings = { key-bindings = {
show-urls-launch = "Mod1+o"; show-urls-launch = "Mod1+o";
}; };
}; };
}; };
} }

View file

@ -1,36 +1,40 @@
{ pkgs, config, ... }: let { pkgs, config, ... }:
dpiAware = if config.setting.dpiAware then "yes" else "no"; let
in { dpiAware = if config.setting.dpiAware then "yes" else "no";
file = (pkgs.formats.ini {}).generate "FuzzelConfig" { in
main = { {
dpi-aware = dpiAware; file = (pkgs.formats.ini { }).generate "FuzzelConfig" {
# font = "${style.font.serif.name}:size=${toString style.font.size.popup}"; main = {
font = "Minecraftia:size=${toString config.style.font.size.popup}"; dpi-aware = dpiAware;
lines = 20; # font = "${style.font.serif.name}:size=${toString style.font.size.popup}";
prompt = "\"\""; font = "Minecraftia:size=${toString config.style.font.size.popup}";
show-actions = "yes"; lines = 20;
terminal = "foot"; prompt = "\"\"";
width = 40; show-actions = "yes";
# list-executables-in-path = "no"; terminal = "foot";
}; width = 40;
border = { # list-executables-in-path = "no";
radius = 0; };
width = 1; border = {
}; radius = 0;
colors = let width = 1;
defaultOpacity = "ff"; };
in { colors =
background = config.style.color.bg.dark + config.style.opacity.hex; let
border = config.style.color.border + config.style.opacity.hex; defaultOpacity = "ff";
counter = config.style.color.bg.regular + defaultOpacity; in
input = config.style.color.fg.light + defaultOpacity; {
match = config.style.color.fg.light + defaultOpacity; background = config.style.color.bg.dark + config.style.opacity.hex;
placeholder = config.style.color.bg.regular + defaultOpacity; border = config.style.color.border + config.style.opacity.hex;
prompt = config.style.color.fg.light + defaultOpacity; counter = config.style.color.bg.regular + defaultOpacity;
selection = config.style.color.bg.regular + defaultOpacity; input = config.style.color.fg.light + defaultOpacity;
selection-match = config.style.color.accent + defaultOpacity; match = config.style.color.fg.light + defaultOpacity;
selection-text = config.style.color.fg.light + defaultOpacity; placeholder = config.style.color.bg.regular + defaultOpacity;
text = config.style.color.fg.light + defaultOpacity; prompt = config.style.color.fg.light + defaultOpacity;
}; selection = config.style.color.bg.regular + defaultOpacity;
}; selection-match = config.style.color.accent + defaultOpacity;
selection-text = config.style.color.fg.light + defaultOpacity;
text = config.style.color.fg.light + defaultOpacity;
};
};
} }

View file

@ -1,13 +1,14 @@
{ secret, pkgs, ... }: { { secret, pkgs, ... }:
file = (pkgs.formats.gitIni { listsAsDuplicateKeys = true; }).generate "GitConfig" { {
# credential.helper = "store"; file = (pkgs.formats.gitIni { listsAsDuplicateKeys = true; }).generate "GitConfig" {
gpg.format = secret.crypto.sign.git.format; # credential.helper = "store";
gpg.ssh.allowedSignersFile = toString secret.crypto.sign.git.allowed; gpg.format = secret.crypto.sign.git.format;
init.defaultBranch = "main"; gpg.ssh.allowedSignersFile = toString secret.crypto.sign.git.allowed;
pull.rebase = true; init.defaultBranch = "main";
push.autoSetupRemote = true; pull.rebase = true;
rebase.autoStash = true; push.autoSetupRemote = true;
safe.directory = "*"; rebase.autoStash = true;
user.signingkey = builtins.readFile secret.crypto.sign.git.key; safe.directory = "*";
}; user.signingkey = builtins.readFile secret.crypto.sign.git.key;
};
} }

View file

@ -1,9 +1,10 @@
{ util, ... }:{ { ... }:
bookmarks = util.trimTabs '' {
file:///storage bookmarks = ''
file:///home/voronind/tmp file:///storage
sftp://10.0.0.1:22143/storage/hot/docker/cloud/data/data/cakee/files/ home cloud file:///home/voronind/tmp
sftp://10.0.0.1:22143/ home sftp sftp://10.0.0.1:22143/storage/hot/docker/cloud/data/data/cakee/files/ home cloud
ftp://10.0.0.1/ home ftp sftp://10.0.0.1:22143/ home sftp
''; ftp://10.0.0.1/ home ftp
'';
} }

View file

@ -1,26 +1,27 @@
{ util, ... }: { { ... }:
ideavimrc = util.trimTabs '' {
" Plugins. ideavimrc = ''
Plug 'tpope/vim-commentary' " Plugins.
Plug 'machakann/vim-highlightedyank' Plug 'tpope/vim-commentary'
" Plug 'junegunn/vim-easy-align' Plug 'machakann/vim-highlightedyank'
" Plug 'junegunn/vim-easy-align'
" General config. " General config.
set scrolloff=4 set scrolloff=4
set incsearch set incsearch
set hlsearch set hlsearch
set clipboard=unnamedplus set clipboard=unnamedplus
set relativenumber set relativenumber
set number set number
" Space as a leader. " Space as a leader.
nnoremap <SPACE> <Nop> nnoremap <SPACE> <Nop>
let mapleader=" " let mapleader=" "
" Align. ISSUE: Broken. " Align. ISSUE: Broken.
" vmap <Leader>a <Plug>(EasyAlign) " vmap <Leader>a <Plug>(EasyAlign)
" Sort. " Sort.
vmap <Leader>A :sort<cr> vmap <Leader>A :sort<cr>
''; '';
} }

View file

@ -1,3 +1,4 @@
{ util, ... } @args: { { util, ... }@args:
text = util.catFile (util.ls ./module) args; {
text = util.catFile (util.ls ./module) args;
} }

View file

@ -1,32 +1,33 @@
{ pkgs, ... }: { { pkgs, ... }:
file = (pkgs.formats.ini {}).generate "KeydDrgConfig" { {
steam-app-548430 = { file = (pkgs.formats.ini { }).generate "KeydDrgConfig" {
"alt.1" = "macro(enter 10ms L e t ' s 10ms space d o 10ms space t h i s 10ms space T e x a s 10ms space s t y l e ! 10ms enter)"; steam-app-548430 = {
"alt.2" = "macro(enter 10ms H e c k space y e s ! enter)"; "alt.1" = "macro(enter 10ms L e t ' s 10ms space d o 10ms space t h i s 10ms space T e x a s 10ms space s t y l e ! 10ms enter)";
"alt.3" = "macro(enter 10ms J u s t space a space s i d e - j o b space w h i l e 10ms space w a i t i n g space f o r space a space s e x space u p d a t e . enter)"; "alt.2" = "macro(enter 10ms H e c k space y e s ! enter)";
"alt.4" = "macro(enter 10ms < 3 enter)"; "alt.3" = "macro(enter 10ms J u s t space a space s i d e - j o b space w h i l e 10ms space w a i t i n g space f o r space a space s e x space u p d a t e . enter)";
"alt.[" = "macro(enter 10ms W h a t space i s space c r u n c h y 10ms space o n space t h e space o u t s i d e , 10ms space g o o e y space o n space 10ms t h e space i n s i d e ? enter)"; "alt.4" = "macro(enter 10ms < 3 enter)";
"alt.]" = "macro(enter 10ms Q ' r o n a r space S h e l l b a c k ! enter)"; "alt.[" = "macro(enter 10ms W h a t space i s space c r u n c h y 10ms space o n space t h e space o u t s i d e , 10ms space g o o e y space o n space 10ms t h e space i n s i d e ? enter)";
"alt.a" = "macro(enter 10ms N o enter)"; "alt.]" = "macro(enter 10ms Q ' r o n a r space S h e l l b a c k ! enter)";
"alt.b" = "macro(enter 10ms I ' m space b a c k enter)"; "alt.a" = "macro(enter 10ms N o enter)";
"alt.c" = "macro(enter 10ms > space R i g h t enter)"; "alt.b" = "macro(enter 10ms I ' m space b a c k enter)";
"alt.d" = "macro(enter 10ms Y e s enter)"; "alt.c" = "macro(enter 10ms > space R i g h t enter)";
"alt.e" = "macro(enter 10ms T h a n k s ! enter)"; "alt.d" = "macro(enter 10ms Y e s enter)";
"alt.f" = "macro(enter 10ms I space n e e d space h e l p ! enter)"; "alt.e" = "macro(enter 10ms T h a n k s ! enter)";
"alt.g" = "macro(enter 10ms g g enter)"; "alt.f" = "macro(enter 10ms I space n e e d space h e l p ! enter)";
"alt.j" = "macro(enter 10ms G o o d space j o b enter)"; "alt.g" = "macro(enter 10ms g g enter)";
"alt.k" = "macro(enter 10ms O k a y enter)"; "alt.j" = "macro(enter 10ms G o o d space j o b enter)";
"alt.l" = "macro(enter 10ms L e a f space l o v e r enter)"; "alt.k" = "macro(enter 10ms O k a y enter)";
"alt.m" = "macro(enter 10ms I space r e p l y space u s i n g space m a c r o s . 10ms space U s e space s o f t w a r e space l i k e space k e y d , 10ms space o r space b u y space a space Q M K space k e y b o a r d . enter)"; "alt.l" = "macro(enter 10ms L e a f space l o v e r enter)";
"alt.q" = "macro(enter 10ms S o r r y ! enter)"; "alt.m" = "macro(enter 10ms I space r e p l y space u s i n g space m a c r o s . 10ms space U s e space s o f t w a r e space l i k e space k e y d , 10ms space o r space b u y space a space Q M K space k e y b o a r d . enter)";
"alt.r" = "macro(enter 10ms N e e d space m o r e space a m m o enter)"; "alt.q" = "macro(enter 10ms S o r r y ! enter)";
"alt.s" = "macro(enter 10ms W a i t enter)"; "alt.r" = "macro(enter 10ms N e e d space m o r e space a m m o enter)";
"alt.t" = "macro(enter 10ms M a y space I space t a k e space e x t r a ? enter)"; "alt.s" = "macro(enter 10ms W a i t enter)";
"alt.v" = "macro(enter 10ms A F K enter)"; "alt.t" = "macro(enter 10ms M a y space I space t a k e space e x t r a ? enter)";
"alt.w" = "macro(enter 10ms r enter)"; "alt.v" = "macro(enter 10ms A F K enter)";
"alt.x" = "macro(enter 10ms > space H e r e space < enter)"; "alt.w" = "macro(enter 10ms r enter)";
"alt.z" = "macro(enter 10ms < space L e f t enter)"; "alt.x" = "macro(enter 10ms > space H e r e space < enter)";
leftshift = "timeout(leftcontrol, 150, leftshift)"; "alt.z" = "macro(enter 10ms < space L e f t enter)";
}; leftshift = "timeout(leftcontrol, 150, leftshift)";
}; };
};
} }

View file

@ -1,24 +1,25 @@
{ pkgs, ... }: { { pkgs, ... }:
file = (pkgs.formats.ini {}).generate "KeydFirefoxConfig" { {
"firefox-esr" = { file = (pkgs.formats.ini { }).generate "KeydFirefoxConfig" {
"alt.capslock" = "C-t"; # New tab. "firefox-esr" = {
"alt.x" = "C-w"; # Close tab. "alt.capslock" = "C-t"; # New tab.
"alt.u" = "C-S-t"; # Restore closed tab. "alt.x" = "C-w"; # Close tab.
"alt.q" = "C-pageup"; # Prev tab. "alt.u" = "C-S-t"; # Restore closed tab.
"alt.e" = "C-pagedown"; # Next tab. "alt.q" = "C-pageup"; # Prev tab.
"alt.Q" = "C-S-pageup"; # Move tab left. "alt.e" = "C-pagedown"; # Next tab.
"alt.E" = "C-S-pagedown"; # Move tab right. "alt.Q" = "C-S-pageup"; # Move tab left.
"alt.a" = "A-left"; # Go back. "alt.E" = "C-S-pagedown"; # Move tab right.
"alt.d" = "A-right"; # Go forward. "alt.a" = "A-left"; # Go back.
"alt.s" = "down"; # Scroll down. "alt.d" = "A-right"; # Go forward.
"alt.w" = "up"; # Scroll up. "alt.s" = "down"; # Scroll down.
"alt.f" = "C-f"; # Find text. "alt.w" = "up"; # Scroll up.
"alt.N" = "S-f3"; # Find prev. "alt.f" = "C-f"; # Find text.
"alt.n" = "f3"; # Find next. "alt.N" = "S-f3"; # Find prev.
"alt.space" = "f6"; # Focus address bar. "alt.n" = "f3"; # Find next.
"alt.r" = "C-f5"; # Full refresh. "alt.space" = "f6"; # Focus address bar.
"alt.l" = "A-S-a"; # Toggle dark mode. "alt.r" = "C-f5"; # Full refresh.
"alt.p" = "C-S-l"; # Fill password. "alt.l" = "A-S-a"; # Toggle dark mode.
}; "alt.p" = "C-S-l"; # Fill password.
}; };
};
} }

View file

@ -1,28 +1,29 @@
{ pkgs, ... }: { { pkgs, ... }:
file = (pkgs.formats.ini {}).generate "KeydJetbrainsConfig" { {
"jetbrains-*" = { file = (pkgs.formats.ini { }).generate "KeydJetbrainsConfig" {
"alt./" = "C-/"; # Toggle comment. "jetbrains-*" = {
"alt.." = "C-f8"; # Toggle line breakpoint. "alt./" = "C-/"; # Toggle comment.
"alt.=" = "C-A-l"; # Reformat. "alt.." = "C-f8"; # Toggle line breakpoint.
"alt.c" = "S-escape"; # Close panel. "alt.=" = "C-A-l"; # Reformat.
"alt.capslock" = "C-A-S-insert"; # New scratch file. "alt.c" = "S-escape"; # Close panel.
"alt.q" = "A-left"; # Prev tab. "alt.capslock" = "C-A-S-insert"; # New scratch file.
"alt.e" = "A-right"; # Next tab. "alt.q" = "A-left"; # Prev tab.
"alt.x" = "C-f4"; # Close tab. "alt.e" = "A-right"; # Next tab.
"alt.f" = "C-S-f"; # Find text. "alt.x" = "C-f4"; # Close tab.
"alt.n" = "C-A-n"; # Find next. "alt.f" = "C-S-f"; # Find text.
"alt.g" = "macro(gd)"; # Go to definition. "alt.n" = "C-A-n"; # Find next.
"alt.i" = "C-i"; # Implement. "alt.g" = "macro(gd)"; # Go to definition.
"alt.o" = "C-o"; # Override. "alt.i" = "C-i"; # Implement.
"alt.r" = "S-f10"; # Run. "alt.o" = "C-o"; # Override.
"alt.z" = "C-f2"; # Stop app. "alt.r" = "S-f10"; # Run.
"alt.d" = "S-f9"; # Run debugger. "alt.z" = "C-f2"; # Stop app.
"alt.a" = "C-A-5"; # Attach debugger. "alt.d" = "S-f9"; # Run debugger.
"alt.m" = "C-A-s"; # Settings. "alt.a" = "C-A-5"; # Attach debugger.
"alt.v" = "C-q"; # Show doc under cursor. "alt.m" = "C-A-s"; # Settings.
"alt.s" = "C-S-A-t"; # Refactor selection. "alt.v" = "C-q"; # Show doc under cursor.
"alt.s" = "C-S-A-t"; # Refactor selection.
"alt.tab" = "timeout(f8, 150, macro2(0, 0, f7))"; # Tap to step over, hold to step into. "alt.tab" = "timeout(f8, 150, macro2(0, 0, f7))"; # Tap to step over, hold to step into.
}; };
}; };
} }

View file

@ -1,26 +1,27 @@
{ pkgs, ... }: { { pkgs, ... }:
file = (pkgs.formats.ini {}).generate "KeydNautilusConfig" { {
"org-gnome-nautilus" = { file = (pkgs.formats.ini { }).generate "KeydNautilusConfig" {
"alt.capslock" = "C-t"; # New tab. "org-gnome-nautilus" = {
"alt.t" = "C-n"; # New window. "alt.capslock" = "C-t"; # New tab.
"alt.x" = "C-w"; # Close tab. "alt.t" = "C-n"; # New window.
"alt.u" = "C-S-t"; # Restore tab. "alt.x" = "C-w"; # Close tab.
"alt.e" = "C-pagedown"; # Next tab. "alt.u" = "C-S-t"; # Restore tab.
"alt.q" = "C-pageup"; # Prev tab. "alt.e" = "C-pagedown"; # Next tab.
"alt.E" = "C-S-pagedown"; # Move tab next. "alt.q" = "C-pageup"; # Prev tab.
"alt.Q" = "C-S-pageup"; # Move tab prev. "alt.E" = "C-S-pagedown"; # Move tab next.
"alt.h" = "C-h"; # Toggle hidden files. "alt.Q" = "C-S-pageup"; # Move tab prev.
"alt.1" = "C-1"; # List view. "alt.h" = "C-h"; # Toggle hidden files.
"alt.2" = "C-2"; # Grid view. "alt.1" = "C-1"; # List view.
"alt.b" = "A-up"; # Go back. "alt.2" = "C-2"; # Grid view.
"alt.space" = "C-l"; # Focus location bar. "alt.b" = "A-up"; # Go back.
"alt.i" = "C-S-i"; # Invert selection. "alt.space" = "C-l"; # Focus location bar.
"alt.v" = "C-i"; # File info. "alt.i" = "C-S-i"; # Invert selection.
"alt.d" = "C-S-delete"; # Delete file. "alt.v" = "C-i"; # File info.
"alt.s" = "f2"; # Rename. "alt.d" = "C-S-delete"; # Delete file.
"alt.a" = "C-S-n"; # Create dir. "alt.s" = "f2"; # Rename.
"alt.f" = "C-f"; # Search dir. "alt.a" = "C-S-n"; # Create dir.
"alt.r" = "f5"; # Refresh dir. "alt.f" = "C-f"; # Search dir.
}; "alt.r" = "f5"; # Refresh dir.
}; };
};
} }

View file

@ -1,24 +1,26 @@
{ pkgs, config, ... }: let { pkgs, config, ... }:
alpha = config.style.opacity.hex; let
in { alpha = config.style.opacity.hex;
file = (pkgs.formats.iniWithGlobalSection {}).generate "MakoConfig" { in
globalSection = { {
anchor = "top-center"; file = (pkgs.formats.iniWithGlobalSection { }).generate "MakoConfig" {
background-color = "#${config.style.color.bg.dark}${alpha}"; globalSection = {
border-color = "#${config.style.color.border}${alpha}"; anchor = "top-center";
default-timeout = 10000; background-color = "#${config.style.color.bg.dark}${alpha}";
font = "${config.style.font.serif.name} ${toString config.style.font.size.popup}"; border-color = "#${config.style.color.border}${alpha}";
height = 120; default-timeout = 10000;
icons = 0; font = "${config.style.font.serif.name} ${toString config.style.font.size.popup}";
margin = 32; height = 120;
text-color = "#${config.style.color.fg.light}"; icons = 0;
width = 480; margin = 32;
}; text-color = "#${config.style.color.fg.light}";
width = 480;
};
sections = { sections = {
"mode=dnd" = { "mode=dnd" = {
invisible = 1; invisible = 1;
}; };
}; };
}; };
} }

View file

@ -1,44 +1,45 @@
{ pkgs, ... }: { { pkgs, ... }:
config = (pkgs.formats.iniWithGlobalSection {}).generate "MangoConfig" { {
globalSection = { config = (pkgs.formats.iniWithGlobalSection { }).generate "MangoConfig" {
blacklist = "example"; globalSection = {
fps_sampling_period = 1000; blacklist = "example";
frame_timing = 0; fps_sampling_period = 1000;
preset = "0,1,2"; frame_timing = 0;
toggle_logging = "F2"; preset = "0,1,2";
toggle_preset = "F1"; toggle_logging = "F2";
}; toggle_preset = "F1";
}; };
};
presets = (pkgs.formats.ini {}).generate "MangoPresets" { presets = (pkgs.formats.ini { }).generate "MangoPresets" {
"preset 0" = { "preset 0" = {
no_display = 1; no_display = 1;
}; };
"preset 1" = { "preset 1" = {
alpha = 1.0; alpha = 1.0;
arch = 0; arch = 0;
background_alpha = 0.5; background_alpha = 0.5;
battery = 1; battery = 1;
battery_time = 1; battery_time = 1;
benchmark_percentiles = 0; benchmark_percentiles = 0;
cpu_temp = 1; cpu_temp = 1;
device_battery = "gamepad,mouse"; device_battery = "gamepad,mouse";
font_size = 12; font_size = 12;
fps_sampling_period = 1000; fps_sampling_period = 1000;
gpu_junction_temp = 0; gpu_junction_temp = 0;
gpu_mem_temp = 1; gpu_mem_temp = 1;
gpu_temp = 1; gpu_temp = 1;
hud_no_margin = 1; hud_no_margin = 1;
ram = 1; ram = 1;
swap = 1; swap = 1;
throttling_status = 1; throttling_status = 1;
time = 1; time = 1;
vram = 1; vram = 1;
}; };
"preset 2" = { "preset 2" = {
full = 1; full = 1;
}; };
}; };
} }

View file

@ -1,83 +1,91 @@
{ inputs, pkgs, util, ... } @args: let {
# Create Neovim configuration. inputs,
nvimRc = { runtimes, configs }: let pkgs,
# Plugin paths to install. util,
runtimeRc = util.trimTabs (builtins.foldl' (acc: r: ...
acc + "set runtimepath+=${r}\n" }@args:
) "" runtimes); let
# Create Neovim configuration.
nvimRc =
{ runtimes, configs }:
let
# Plugin paths to install.
runtimeRc = builtins.foldl' (acc: r: acc + "set runtimepath+=${r}\n") "" runtimes;
# My configuration files combined into one big file. # My configuration files combined into one big file.
config = pkgs.writeText "nvimRc" (util.catText configs args); config = pkgs.writeText "nvimRc" (util.catText configs args);
# Tell Neovim to load this file. # Tell Neovim to load this file.
configRc = "lua dofile(\"${config}\")"; configRc = "lua dofile(\"${config}\")";
in runtimeRc + configRc; in
in { runtimeRc + configRc;
text = nvimRc { in
runtimes = [ {
"~/.cache/nvim" text = nvimRc {
"~/.cache/nvim/treesitter" runtimes = [
"${inputs.nvimAlign}" "~/.cache/nvim"
"${inputs.nvimAutoclose}" "~/.cache/nvim/treesitter"
"${inputs.nvimBufferline}" "${inputs.nvimAlign}"
"${inputs.nvimCloseBuffers}" "${inputs.nvimAutoclose}"
"${inputs.nvimColorizer}" "${inputs.nvimBufferline}"
"${inputs.nvimDevicons}" "${inputs.nvimCloseBuffers}"
"${inputs.nvimGitsigns}" "${inputs.nvimColorizer}"
"${inputs.nvimGruvboxMaterial}" "${inputs.nvimDevicons}"
"${inputs.nvimIndentoMatic}" "${inputs.nvimGitsigns}"
"${inputs.nvimLspconfig}" "${inputs.nvimGruvboxMaterial}"
"${inputs.nvimOllama}" "${inputs.nvimIndentoMatic}"
"${inputs.nvimPlenary}" "${inputs.nvimLspconfig}"
"${inputs.nvimTelescope}" "${inputs.nvimOllama}"
"${inputs.nvimTodo}" "${inputs.nvimPlenary}"
"${inputs.nvimTreesitter}" "${inputs.nvimTelescope}"
"${inputs.nvimTree}" "${inputs.nvimTodo}"
"${inputs.nvimTrouble}" "${inputs.nvimTreesitter}"
]; "${inputs.nvimTree}"
"${inputs.nvimTrouble}"
];
configs = [ configs = [
./module/key/Rekey.nix ./module/key/Rekey.nix
./module/key/Leader.nix ./module/key/Leader.nix
./module/config/Autoread.nix ./module/config/Autoread.nix
./module/config/Etc.nix ./module/config/Etc.nix
./module/config/Search.nix ./module/config/Search.nix
./module/config/Tab.nix ./module/config/Tab.nix
./module/config/Highlight.nix ./module/config/Highlight.nix
./module/plugin/Filetree.nix ./module/plugin/Filetree.nix
./module/plugin/Gruvbox.nix ./module/plugin/Gruvbox.nix
./module/plugin/Bufferline.nix ./module/plugin/Bufferline.nix
./module/plugin/Autoclose.nix ./module/plugin/Autoclose.nix
./module/plugin/Gitsigns.nix ./module/plugin/Gitsigns.nix
./module/plugin/Trouble.nix ./module/plugin/Trouble.nix
./module/plugin/Closebuffers.nix ./module/plugin/Closebuffers.nix
./module/plugin/Telescope.nix ./module/plugin/Telescope.nix
./module/plugin/Todo.nix ./module/plugin/Todo.nix
./module/plugin/Indent.nix ./module/plugin/Indent.nix
./module/plugin/Align.nix ./module/plugin/Align.nix
./module/plugin/Treesitter.nix ./module/plugin/Treesitter.nix
./module/plugin/Fold.nix ./module/plugin/Fold.nix
./module/plugin/Ollama.nix ./module/plugin/Ollama.nix
./module/plugin/Colorizer.nix ./module/plugin/Colorizer.nix
./module/plugin/lsp/Haskell.nix ./module/plugin/lsp/Haskell.nix
./module/plugin/lsp/Rust.nix ./module/plugin/lsp/Rust.nix
./module/plugin/lsp/Tex.nix ./module/plugin/lsp/Tex.nix
./module/plugin/lsp/Nix.nix ./module/plugin/lsp/Nix.nix
./module/key/Autocomplete.nix ./module/key/Autocomplete.nix
./module/key/Buffer.nix ./module/key/Buffer.nix
./module/key/Cmd.nix ./module/key/Cmd.nix
./module/key/Colorscheme.nix ./module/key/Colorscheme.nix
./module/key/Comment.nix ./module/key/Comment.nix
./module/key/Filetree.nix ./module/key/Filetree.nix
./module/key/Gitsigns.nix ./module/key/Gitsigns.nix
./module/key/Navigation.nix ./module/key/Navigation.nix
./module/key/Ollama.nix ./module/key/Ollama.nix
./module/key/Save.nix ./module/key/Save.nix
./module/key/Sort.nix ./module/key/Sort.nix
./module/key/TabWidth.nix ./module/key/TabWidth.nix
./module/key/Telescope.nix ./module/key/Telescope.nix
./module/key/Terminal.nix ./module/key/Terminal.nix
./module/key/Trouble.nix ./module/key/Trouble.nix
]; ];
}; };
} }

View file

@ -1,9 +1,10 @@
{ ... }: { { ... }:
text = '' {
vim.o.autoread = true text = ''
vim.api.nvim_create_autocmd({ "BufEnter", "CursorHold", "CursorHoldI", "FocusGained" }, { vim.o.autoread = true
command = "if mode() != 'c' | checktime | endif", vim.api.nvim_create_autocmd({ "BufEnter", "CursorHold", "CursorHoldI", "FocusGained" }, {
pattern = { "*" }, command = "if mode() != 'c' | checktime | endif",
}) pattern = { "*" },
''; })
'';
} }

View file

@ -1,36 +1,37 @@
{ ... }: { { ... }:
text = '' {
-- TODO: Add comments and separate files. text = ''
vim.opt.clipboard = "unnamedplus" -- TODO: Add comments and separate files.
vim.opt.cursorline = false vim.opt.clipboard = "unnamedplus"
vim.opt.fixeol = false vim.opt.cursorline = false
vim.opt.incsearch = true vim.opt.fixeol = false
vim.opt.number = true vim.opt.incsearch = true
vim.opt.scrolloff = 4 vim.opt.number = true
vim.opt.splitbelow = true vim.opt.scrolloff = 4
vim.opt.splitright = true vim.opt.splitbelow = true
vim.opt.termguicolors = true vim.opt.splitright = true
vim.opt.ttyfast = true vim.opt.termguicolors = true
vim.opt.wildmode = "longest,list" vim.opt.ttyfast = true
-- vim.opt.completeopt = "menuone,noselect" vim.opt.wildmode = "longest,list"
-- vim.opt.completeopt = "menuone,noselect"
-- Disable continuing comments on newline. -- Disable continuing comments on newline.
vim.cmd("autocmd BufEnter * set fo-=c fo-=r fo-=o") vim.cmd("autocmd BufEnter * set fo-=c fo-=r fo-=o")
-- Disable mouse. -- Disable mouse.
vim.cmd("set mouse=") vim.cmd("set mouse=")
-- Disable signs for diagnostics. -- Disable signs for diagnostics.
vim.diagnostic.config({ signs = false }) vim.diagnostic.config({ signs = false })
-- Display invisible characters. -- Display invisible characters.
-- vim.cmd("set list listchars=tab:>\\ ,trail:-,eol:,lead:.") -- vim.cmd("set list listchars=tab:>\\ ,trail:-,eol:,lead:.")
vim.cmd("set list listchars=tab:>\\ ,trail:-,lead:.") vim.cmd("set list listchars=tab:>\\ ,trail:-,lead:.")
-- Relative line numbers. -- Relative line numbers.
vim.wo.relativenumber = true vim.wo.relativenumber = true
-- Disable swap files. -- Disable swap files.
vim.opt.swapfile = false vim.opt.swapfile = false
''; '';
} }

View file

@ -1,27 +1,44 @@
{ config, lib, ... }: let { config, lib, ... }:
color = config.style.color; let
color = config.style.color;
mkHighlight = name: value: ''vim.api.nvim_set_hl(0, "${name}", ${lib.generators.toLua { multiline = false; asBindings = false; } value})''; mkHighlight =
name: value:
''vim.api.nvim_set_hl(0, "${name}", ${
lib.generators.toLua {
multiline = false;
asBindings = false;
} value
})'';
bg = { bg = "#${color.bg.regular}"; }; bg = {
selection = { bg = "#${color.selection}"; fg = "#${color.fg.dark}"; bold = true; }; bg = "#${color.bg.regular}";
transparent = { bg = lib.generators.mkLuaInline "clear"; }; };
in { selection = {
text = '' bg = "#${color.selection}";
vim.api.nvim_create_autocmd({"ColorScheme", "VimEnter"}, { fg = "#${color.fg.dark}";
group = vim.api.nvim_create_augroup('Color', {}), bold = true;
pattern = "*", };
callback = function () transparent = {
-- Backgrounds. bg = lib.generators.mkLuaInline "clear";
${mkHighlight "CursorLine" bg} };
${mkHighlight "TelescopeSelection" bg} in
{
text = ''
vim.api.nvim_create_autocmd({"ColorScheme", "VimEnter"}, {
group = vim.api.nvim_create_augroup('Color', {}),
pattern = "*",
callback = function ()
-- Backgrounds.
${mkHighlight "CursorLine" bg}
${mkHighlight "TelescopeSelection" bg}
-- Selection. -- Selection.
${mkHighlight "Visual" selection} ${mkHighlight "Visual" selection}
-- Transparent. -- Transparent.
${mkHighlight "NormalFloat" transparent} ${mkHighlight "NormalFloat" transparent}
end end
}) })
''; '';
} }

View file

@ -1,9 +1,10 @@
{ ... }: { { ... }:
text = '' {
vim.opt.hlsearch = true text = ''
vim.opt.ignorecase = true vim.opt.hlsearch = true
vim.opt.incsearch = true vim.opt.ignorecase = true
vim.opt.showmatch = true vim.opt.incsearch = true
vim.opt.smartcase = true vim.opt.showmatch = true
''; vim.opt.smartcase = true
'';
} }

View file

@ -1,15 +1,17 @@
{ ... }: let { ... }:
indentDefault = 2; let
in { indentDefault = 2;
text = '' in
vim.opt.autoindent = true {
vim.opt.expandtab = false text = ''
-- vim.opt.smartindent = true vim.opt.autoindent = true
vim.opt.shiftwidth = ${toString indentDefault} vim.opt.expandtab = false
vim.opt.softtabstop = ${toString indentDefault} -- vim.opt.smartindent = true
vim.opt.tabstop = ${toString indentDefault} vim.opt.shiftwidth = ${toString indentDefault}
vim.opt.softtabstop = ${toString indentDefault}
vim.opt.tabstop = ${toString indentDefault}
-- Disable Markdown forced formatting. -- Disable Markdown forced formatting.
vim.g.markdown_recommended_style = 0 vim.g.markdown_recommended_style = 0
''; '';
} }

View file

@ -1,9 +1,10 @@
{ ... }: { { ... }:
text = '' {
-- Autocomplete. text = ''
rekey_input("<C-space>", "<C-n>") -- Autocomplete.
rekey_input("<C-space>", "<C-n>")
-- LSP autocomplete. -- LSP autocomplete.
rekey_normal("<C-space>", "<cmd>lua vim.lsp.buf.code_action()<cr>") rekey_normal("<C-space>", "<cmd>lua vim.lsp.buf.code_action()<cr>")
''; '';
} }

Some files were not shown because too many files have changed in this diff Show more