christoph/flake-nixinator
1
Fork 0
Code Activity

Compare commits

base: christoph:master
Branches Tags
christoph:master
..
compare: christoph:d2e340534246eab7ce5f29d73cf93c79684d8f42
Branches Tags
christoph:master

1 Commits
master ... d2e3405342

Author SHA1 Message Date
Christoph Urlacher
d2e3405342 Home/Darwinix: Set environment variables 2026-03-21 15:39:07 +01:00
72 changed files with 1550 additions and 1527 deletions
Expand all files Collapse all files

BIN
Darwin.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.9 MiB

1
README.md
View File

@ -3,7 +3,6 @@
Modular NixOS configuration, using [Niri](https://github.com/niri-wm/niri) and [Waybar](https://github.com/Alexays/Waybar) for a light desktop. Modular NixOS configuration, using [Niri](https://github.com/niri-wm/niri) and [Waybar](https://github.com/Alexays/Waybar) for a light desktop.
![](FastFetch.png) ![](FastFetch.png)
![](Darwin.png)
To install, run `nixos-rebuild` with the `--flake` parameter from the `NixFlake` directory: `nixos-rebuild switch --flake .#nixinator`. To install, run `nixos-rebuild` with the `--flake` parameter from the `NixFlake` directory: `nixos-rebuild switch --flake .#nixinator`.
Alternatively, use `nh os switch` or `nh os boot`. Alternatively, use `nh os switch` or `nh os boot`.

4
config/navi/christoph.cheat
View File

@ -238,11 +238,11 @@ $ mode: echo -e "--export \tExport public key\n--export-secret-keys\t
% sops % sops
# Edit secrets.yaml # Edit secrets.yaml
sops ~/NixFlake/system/systemmodules/sops-nix/secrets.yaml sops ~/NixFlake/system/modules/sops-nix/secrets.yaml
% sops % sops
# Rekey secrets.yaml # Rekey secrets.yaml
sops updatekeys ~/NixFlake/system/systemmodules/sops-nix/secrets.yaml sops updatekeys ~/NixFlake/system/modules/sops-nix/secrets.yaml
% ssh % ssh
# Generate a new SSH key # Generate a new SSH key

78
flake.lock generated
View File

@ -287,11 +287,11 @@
}, },
"hardware": { "hardware": {
"locked": { "locked": {
"lastModified": 1774465523, "lastModified": 1772972630,
"narHash": "sha256-4v7HPm63Q90nNn4fgkgKsjW1AH2Klw7XzPtHJr562nM=", "narHash": "sha256-mUJxsNOrBMNOUJzN0pfdVJ1r2pxeqm9gI/yIKXzVVbk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "de895be946ad1d8aafa0bb6dfc7e7e0e9e466a29", "rev": "3966ce987e1a9a164205ac8259a5fe8a64528f72",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -307,11 +307,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1774534244, "lastModified": 1773332277,
"narHash": "sha256-WnmXKsbkwokDdrdI1XwRWH4RYYalOVKgV/hYQmL3/TE=", "narHash": "sha256-1V+wRrZD9Sw12AQBUWk9CR+XhDZQ8q6yBE0S3Wjbd1M=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "86014e836ca6f4a04d59b85111d39660bdda01cd", "rev": "4aeef1941f862fe3a70d1b8264b4e289358c2325",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -346,11 +346,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1774383212, "lastModified": 1773947929,
"narHash": "sha256-PyF1nTQp+q5oUYk05yjZMOFvd/rT43mMN1zXyycivBw=", "narHash": "sha256-flpkAPM3zpMpWoqvVkMTo3ptuBF0QKNi6Raa8rnIq7o=",
"owner": "JPyke3", "owner": "JPyke3",
"repo": "hytale-launcher-nix", "repo": "hytale-launcher-nix",
"rev": "f9392e30a2e74e502116eec6c7d42da7be87de0f", "rev": "a8d0a974b187f0997c03c23000dea552194edf39",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -456,11 +456,11 @@
"xwayland-satellite-unstable": "xwayland-satellite-unstable" "xwayland-satellite-unstable": "xwayland-satellite-unstable"
}, },
"locked": { "locked": {
"lastModified": 1774489385, "lastModified": 1773329386,
"narHash": "sha256-xGyog2cPoxTo8O6vW0CiCCUhkt866qpI3PN2su9XjV0=", "narHash": "sha256-Xoy4j0NKRrZEAkiFxtTKTsmtUumpvjh3ievyat00eA8=",
"owner": "sodiboo", "owner": "sodiboo",
"repo": "niri-flake", "repo": "niri-flake",
"rev": "11fe033ac3d0a97c1e62ffb33f9a6a1852fedab1", "rev": "815e692569fbb01701770a49ad2fe942cec7f431",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -598,11 +598,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1774244481, "lastModified": 1773222311,
"narHash": "sha256-4XfMXU0DjN83o6HWZoKG9PegCvKvIhNUnRUI19vzTcQ=", "narHash": "sha256-BHoB/XpbqoZkVYZCfXJXfkR+GXFqwb/4zbWnOr2cRcU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4590696c8693fea477850fe379a01544293ca4e2", "rev": "0590cd39f728e129122770c029970378a79d076a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -614,11 +614,11 @@
}, },
"nixpkgs-stable_2": { "nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1774244481, "lastModified": 1773814637,
"narHash": "sha256-4XfMXU0DjN83o6HWZoKG9PegCvKvIhNUnRUI19vzTcQ=", "narHash": "sha256-GNU+ooRmrHLfjlMsKdn0prEKVa0faVanm0jrgu1J/gY=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4590696c8693fea477850fe379a01544293ca4e2", "rev": "fea3b367d61c1a6592bc47c72f40a9f3e6a53e96",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -646,11 +646,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1774106199, "lastModified": 1773821835,
"narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", "narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", "rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -694,11 +694,11 @@
}, },
"nixpkgs_6": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1774386573, "lastModified": 1773122722,
"narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=", "narHash": "sha256-FIqHByVqxCprNjor1NqF80F2QQoiiyqanNNefdlvOg4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "46db2e09e1d3f113a13c0d7b81e2f221c63b8ce9", "rev": "62dc67aa6a52b4364dd75994ec00b51fbf474e50",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -749,11 +749,11 @@
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1774309640, "lastModified": 1772402258,
"narHash": "sha256-8oWL7YLwElBY9ebYri1LlSlhf/gd1Qoqj0nbBwG2yso=", "narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "28c58bf023bf537354f78d6e496a349d7a0ed554", "rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -793,11 +793,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1774534046, "lastModified": 1773339783,
"narHash": "sha256-7BrSW+vVmBFUJfpLhyyfymm70NWjjtax1bjgIWLEg2E=", "narHash": "sha256-07iRHomuUvJ7Mmp+F7qo68xIb+y3gy0o/B7kuR1K2Qc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "ef199666902a675bca657f63e32c96649aade49d", "rev": "1a4ca0d650fbfd4c58e1b1c2b153151fec77d6b2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -902,11 +902,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1774303811, "lastModified": 1773096132,
"narHash": "sha256-fhG4JAcLgjKwt+XHbjs8brpWnyKUfU4LikLm3s0Q/ic=", "narHash": "sha256-M3zEnq9OElB7zqc+mjgPlByPm1O5t2fbUrH3t/Hm5Ag=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "614e256310e0a4f8a9ccae3fa80c11844fba7042", "rev": "d1ff3b1034d5bab5d7d8086a7803c5a5968cd784",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -998,11 +998,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1774424849, "lastModified": 1773044834,
"narHash": "sha256-kDRdpgTmxuwyqTyTcXYtgycBvU28tTXm9Es9g/sDpxI=", "narHash": "sha256-R2u3z09DuUbSoWClASPUqKXQG/QZYlBsiy8vYXrJ2VU=",
"owner": "adriankarlen", "owner": "adriankarlen",
"repo": "textfox", "repo": "textfox",
"rev": "98ad395b4fb451b30dbca77be76975d04d97f281", "rev": "0b8873d30db55a94e9e0dd934405dcac5e4d8a73",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1053,11 +1053,11 @@
"xwayland-satellite-unstable": { "xwayland-satellite-unstable": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1773622265, "lastModified": 1772429643,
"narHash": "sha256-wToKwH7IgWdGLMSIWksEDs4eumR6UbbsuPQ42r0oTXQ=", "narHash": "sha256-M+bAeCCcjBnVk6w/4dIVvXvpJwOKnXjwi/lDbaN6Yws=",
"owner": "Supreeeme", "owner": "Supreeeme",
"repo": "xwayland-satellite", "repo": "xwayland-satellite",
"rev": "a879e5e0896a326adc79c474bf457b8b99011027", "rev": "10f985b84cdbcc3bbf35b3e7e43d1b2a84fa9ce2",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
flake.nix
View File

@ -221,9 +221,7 @@
hostname = "darwinix"; hostname = "darwinix";
username = "christoph"; username = "christoph";
headless = false; headless = false;
extraModules = [ extraModules = [];
inputs.sops-nix.darwinModules.sops
];
}; };
}; };

360
home/christoph/darwinix/default.nix
View File

@ -8,7 +8,9 @@
inputs, inputs,
... ...
}: { }: {
config = { config = let
inherit (config.homemodules) color;
in {
paths = rec { paths = rec {
nixflake = "${config.home.homeDirectory}/NixFlake"; nixflake = "${config.home.homeDirectory}/NixFlake";
dotfiles = "${nixflake}/config"; dotfiles = "${nixflake}/config";
@ -25,8 +27,26 @@
font = "MonoLisa Alt Script"; font = "MonoLisa Alt Script";
}; };
packages.enable = true; fish.enable = true;
terminal.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
kitty.enable = true;
lazygit.enable = true;
neovim = {
enable = true;
alias = true;
neovide = true;
};
yazi.enable = true;
}; };
home = { home = {
@ -42,13 +62,341 @@
TERMINAL = "kitty"; TERMINAL = "kitty";
}; };
# packages = with pkgs; []; # Configured in homemodules/packages packages = with pkgs; [
(ripgrep.override {withPCRE2 = true;})
gdu
duf
sd
fclones
tealdeer
killall
atool
exiftool
ouch
ffmpegthumbnailer
mediainfo
file
unrar
p7zip
unzip
progress
tokei
nix-search-tv
nix-tree
just
ffmpeg-full
imagemagick
poppler-utils
pdf2svg
pandoc
dig
tcpdump
gping
curlie
wget
doggo
rsync
rclone
httpie
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default
cachix
# GUI
ripdrag
jellyfin-tui
];
stateVersion = "25.11"; stateVersion = "25.11";
}; };
programs = {}; # TODO: Deduplicate with other configs
programs = {
home-manager.enable = true;
services = {}; bat = {
enable = true;
themes = {
catppuccin-latte = {
src = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "bat";
rev = "ba4d16880d63e656acced2b7d4e034e4a93f74b1";
sha256 = "sha256-6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
};
file = "Catppuccin-latte.tmTheme";
};
};
config = {
theme = "catppuccin-latte";
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
fastfetch = {
enable = true;
settings = {
logo = {
padding = {
top = 4;
left = 1;
right = 2;
};
};
display = {
separator = "";
key.width = 17;
};
# Box Drawing: ╭ ─ ╮ ╰ ╯ │
modules = [
# Title
{
type = "title";
format = "{#1} {#}{user-name-colored}";
}
# System Information
{
type = "custom";
format = "{#1} {#}System Information";
}
{
type = "os";
key = "{#separator} {#keys}󰍹 OS";
}
{
type = "kernel";
key = "{#separator} {#keys}󰒋 Kernel";
}
{
type = "bootmgr";
key = "{#separator} {#keys}󰒋 BootMGR";
}
{
type = "uptime";
key = "{#separator} {#keys}󰅐 Uptime";
}
{
type = "packages";
key = "{#separator} {#keys}󰏖 Packages";
# format = "{all}";
}
{
type = "custom";
format = "{#1}";
}
# Desktop Environment
{
type = "custom";
format = "{#1} {#}Desktop Environment";
}
{
type = "de";
key = "{#separator} {#keys}󰧨 DE";
}
{
type = "wm";
key = "{#separator} {#keys}󱂬 WM";
}
{
type = "wmtheme";
key = "{#separator} {#keys}󰉼 Theme";
}
{
type = "display";
key = "{#separator} {#keys}󰹑 Resolution";
}
{
type = "shell";
key = "{#separator} {#keys}󰞷 Shell";
}
{
type = "terminalfont";
key = "{#separator} {#keys}󰛖 Font";
}
{
type = "icons";
key = "{#separator} {#keys} Icons";
}
{
type = "cursor";
key = "{#separator} {#keys}󰆽 Cursor";
}
{
type = "custom";
format = "{#1}";
}
# Hardware Information
{
type = "custom";
format = "{#1} {#}Hardware Information";
}
{
type = "board";
key = "{#separator} {#keys} Board";
}
{
type = "cpu";
key = "{#separator} {#keys}󰻠 CPU";
}
{
type = "gpu";
key = "{#separator} {#keys}󰢮 GPU";
}
{
type = "memory";
key = "{#separator} {#keys}󰍛 Memory";
}
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (/)";
# folders = "/";
# }
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (~/Games)";
# folders = "/home/christoph/Games";
# }
{
type = "btrfs";
key = "{#separator} {#keys}󰋊 BTRFS";
}
{
type = "custom";
format = "{#1}";
}
# Colors Footer
{
type = "colors";
key = "{#separator} {#1}";
keyWidth = 6;
symbol = "circle";
}
];
};
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
forwardAgent = false;
addKeysToAgent = "yes";
compression = true;
serverAliveInterval = 0;
serverAliveCountMax = 3;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
};
"nixinator" = {
user = "christoph";
hostname = "192.168.86.50";
};
"servenix" = {
user = "christoph";
hostname = "local.chriphost.de";
};
"thinknix" = {
user = "christoph";
hostname = "think.chriphost.de";
};
"vps" = {
user = "root";
hostname = "vps.chriphost.de";
};
"mars" = {
user = "smchurla";
hostname = "mars.cs.tu-dortmund.de";
serverAliveInterval = 60;
localForwards = [
{
# Resultbrowser
bind.port = 22941;
host.address = "127.0.0.1";
host.port = 22941;
}
{
# Mysql
bind.port = 3306;
host.address = "127.0.0.1";
host.port = 3306;
}
];
};
};
};
tmux = {
enable = true;
clock24 = true;
escapeTime = 0; # Delay after pressing escape
# keyMode = "vi";
terminal = "xterm-256color";
plugins = with pkgs; [
{
plugin = tmuxPlugins.catppuccin;
extraConfig = ''
set -g @plugin 'catppuccin/tmux'
set -g @catppuccin_flavour 'latte' # or frappe, macchiato, mocha
'';
}
];
extraConfig = ''
set -g default-terminal "xterm-256color"
set-option -ga terminal-overrides ",xterm-256color:Tc"
'';
};
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
};
services = {
};
}; };
} }

485
home/christoph/default.nix
View File

@ -34,7 +34,8 @@ in
homemodules = { homemodules = {
beets.enable = !headless; beets.enable = !headless;
cava.enable = !headless;
btop.enable = true;
chromium = { chromium = {
enable = !headless; enable = !headless;
@ -77,15 +78,37 @@ in
disableTabBar = true; disableTabBar = true;
}; };
fish.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
kitty.enable = !headless;
lazygit.enable = true;
mpd.enable = !headless; mpd.enable = !headless;
neovim = {
enable = true;
alias = true;
neovide = !headless;
};
niri.enable = nixosConfig.programs.niri.enable; niri.enable = nixosConfig.programs.niri.enable;
nnn.enable = false; # Use yazi nnn.enable = false; # Use yazi
packages.enable = true;
qutebrowser.enable = !headless; qutebrowser.enable = !headless;
rmpc.enable = !headless; rmpc.enable = !headless;
rofi.enable = false;
terminal.enable = true; rofi = {
enable = false;
};
waybar.enable = !headless; waybar.enable = !headless;
yazi.enable = true;
zathura.enable = !headless; zathura.enable = !headless;
}; };
@ -247,13 +270,374 @@ in
}; };
# Add stuff for your user as you see fit: # Add stuff for your user as you see fit:
# packages = with pkgs; []; # Configured in homemodules/packages # TODO: Make the headless installations smaller. Don't install stuff here if !headless but in nixinator config.
packages = with pkgs;
lib.mkMerge [
[
# Shell utils
(ripgrep.override {withPCRE2 = true;}) # fast as fuck
gdu # Alternative to du-dust (I like it better)
duf # Disk usage analyzer (for all disk overview)
sd # Sed alternative
fclones # Duplicate file finder
tealdeer # Very fast tldr (so readable man)
killall
atool # Archive preview
exiftool
ouch # Unified compression/decompression
ffmpegthumbnailer # Video thumbnails
mediainfo # Media meta information
file # File meta information
unrar # Cooler WinRar
p7zip # Zip stuff
unzip # Unzip stuff
progress # Find coreutils processes and show their progress
tokei # Text file statistics in a project
playerctl # Media player control
pastel # Color tools
nvd # Nix rebuild diff
nix-search-tv # Search nixpkgs, nur, nixos options and homemanager options
nix-tree # Browse the nix store sorted by size (gdu for closures)
nurl # Generate nix fetcher sections based on URLs
python313 # Nicer scripting than bash
lazyjournal # Journalctl viewer
systemctl-tui
restic # Backups
gnumake
just # make alternative
binsider # .elf analyzer
jujutsu # git-like vcs
lurk # strace analysis
radare2
# Hardware/Software info
pciutils # lspci
mesa-demos # OpenGL info
wayland-utils # wayland-info
clinfo # OpenCL info
vulkan-tools # vulkaninfo
libva-utils # vainfo
vdpauinfo # Video-Decode and Presentation API for Unix info
hwloc # Generate CPU topology diagram
lm_sensors # Readout hardware sensors
acpica-tools # Dump ACPI tables etc.
smartmontools # Disk health
nvme-cli # NVME disk health
# Video/Image/Audio utils
ffmpeg-full # I love ffmpeg (including ffplay)
ffmpeg-normalize # Normalize audio
imagemagick # Convert image (magic)
mp3val # Validate mp3 files
flac # Validate flac files
# spotdl
# Document utils
poppler-utils # pdfunite
graphviz # generate graphs from code
d2 # generate diagrams from code
plantuml # generate diagrams
gnuplot # generate function plots
pdf2svg # extract vector graphics from pdf
pandoc # document converting madness
# Networking
dig # Make DNS requests
tcpdump # Listen in on TCP traffic
traceroute # "Follow" a packet
gping # ping with graph
curlie # curl a'la httpie
wget # download that shit
doggo # dns client
rsync # cp on steroids
rclone # Rsync for cloud
httpie # Cool http client
cifs-utils # Mount samba shares
nfs-utils # Mount NFS shares
sshfs # Mount remote directories via SSH
# Run unpatched binaries on NixOS
# Sets NIX_LD_LIBRARY_PATH and NIX_LD variables for nix-ld.
# Usage: "nix-alien-ld -- <Executable>".
inputs.nix-alien.packages.${pkgs.stdenv.hostPlatform.system}.nix-alien
# Search nixpkgs
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default
# Use NixCommunity binary cache
cachix
]
(lib.mkIf (!headless) [
ripdrag # drag & drop from terminal
veracrypt
wl-clipboard
# Proton
protonvpn-gui
protonmail-bridge-gui
# GUI stuff
nautilus # Just in case
signal-desktop
anki
font-manager # Previews fonts, but doesn't set them
nextcloud-client
keepassxc
thunderbird # TODO: Email module
obsidian
zotero
zeal # docs browser
# helvum # unmaintained
crosspipe
vlc
audacity
ferdium
gparted
# feishin # electron :(
jellyfin-tui
czkawka-full # file deduplicator
# Office
kdePackages.wacomtablet # For xournalpp/krita
xournalpp # Write with a pen, like old people
hunspell # I cna't type
hunspellDicts.en_US
hunspellDicts.de_DE
inputs.masssprings.packages.${stdenv.hostPlatform.system}.default
])
];
}; };
# home.file.".options-doc".source = "${pkgs.modules-options-doc}"; # home.file.".options-doc".source = "${pkgs.modules-options-doc}";
# Packages with extra options managed by HomeManager natively # Packages with extra options managed by HomeManager natively
programs = { programs = {
# The home-manager management tool.
# Will only be enabled if HM is installed standalone.
home-manager.enable = true;
bat = {
enable = true;
themes = {
catppuccin-latte = {
src = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "bat";
rev = "ba4d16880d63e656acced2b7d4e034e4a93f74b1";
sha256 = "sha256-6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
};
file = "Catppuccin-latte.tmTheme";
};
};
config = {
theme = "catppuccin-latte";
};
};
cava = {
enable = !headless;
settings = {
general = {
framerate = 60; # default 60
autosens = 1; # default 1
sensitivity = 100; # default 100
lower_cutoff_freq = 50; # not passed to cava if not provided
higher_cutoff_freq = 10000; # not passed to cava if not provided
};
smoothing = {
noise_reduction = 77; # default 77
monstercat = false; # default false
waves = false; # default false
};
color = {
# https://github.com/catppuccin/cava/blob/main/themes/latte-transparent.cava
gradient = 1;
gradient_color_1 = "'${color.hexS.teal}'";
gradient_color_2 = "'${color.hexS.sky}'";
gradient_color_3 = "'${color.hexS.sapphire}'";
gradient_color_4 = "'${color.hexS.blue}'";
gradient_color_5 = "'${color.hexS.mauve}'";
gradient_color_6 = "'${color.hexS.pink}'";
gradient_color_7 = "'${color.hexS.maroon}'";
gradient_color_8 = "'${color.hexS.red}'";
};
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
# TODO: Module
fastfetch = {
enable = true;
settings = {
logo = {
padding = {
top = 4;
left = 1;
right = 2;
};
};
display = {
separator = "";
key.width = 17;
};
# Box Drawing: ╭ ─ ╮ ╰ ╯ │
modules = [
# Title
{
type = "title";
format = "{#1} {#}{user-name-colored}";
}
# System Information
{
type = "custom";
format = "{#1} {#}System Information";
}
{
type = "os";
key = "{#separator} {#keys}󰍹 OS";
}
{
type = "kernel";
key = "{#separator} {#keys}󰒋 Kernel";
}
{
type = "bootmgr";
key = "{#separator} {#keys}󰒋 BootMGR";
}
{
type = "uptime";
key = "{#separator} {#keys}󰅐 Uptime";
}
{
type = "packages";
key = "{#separator} {#keys}󰏖 Packages";
# format = "{all}";
}
{
type = "custom";
format = "{#1}";
}
# Desktop Environment
{
type = "custom";
format = "{#1} {#}Desktop Environment";
}
{
type = "de";
key = "{#separator} {#keys}󰧨 DE";
}
{
type = "wm";
key = "{#separator} {#keys}󱂬 WM";
}
{
type = "wmtheme";
key = "{#separator} {#keys}󰉼 Theme";
}
{
type = "display";
key = "{#separator} {#keys}󰹑 Resolution";
}
{
type = "shell";
key = "{#separator} {#keys}󰞷 Shell";
}
{
type = "terminalfont";
key = "{#separator} {#keys}󰛖 Font";
}
{
type = "icons";
key = "{#separator} {#keys} Icons";
}
{
type = "cursor";
key = "{#separator} {#keys}󰆽 Cursor";
}
{
type = "custom";
format = "{#1}";
}
# Hardware Information
{
type = "custom";
format = "{#1} {#}Hardware Information";
}
{
type = "board";
key = "{#separator} {#keys} Board";
}
{
type = "cpu";
key = "{#separator} {#keys}󰻠 CPU";
}
{
type = "gpu";
key = "{#separator} {#keys}󰢮 GPU";
}
{
type = "memory";
key = "{#separator} {#keys}󰍛 Memory";
}
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (/)";
# folders = "/";
# }
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (~/Games)";
# folders = "/home/christoph/Games";
# }
{
type = "btrfs";
key = "{#separator} {#keys}󰋊 BTRFS";
}
{
type = "custom";
format = "{#1}";
}
# Colors Footer
{
type = "colors";
key = "{#separator} {#1}";
keyWidth = 6;
symbol = "circle";
}
];
};
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
imv = { imv = {
enable = !headless; enable = !headless;
settings = { settings = {
@ -281,6 +665,11 @@ in
}; };
}; };
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
nix-index = { nix-index = {
enable = true; enable = true;
enableFishIntegration = config.homemodules.fish.enable; enableFishIntegration = config.homemodules.fish.enable;
@ -310,6 +699,92 @@ in
# pointer # pointer
# ]; # ];
# }; # };
ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
forwardAgent = false;
addKeysToAgent = "no";
compression = true;
serverAliveInterval = 0;
serverAliveCountMax = 3;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
};
"nixinator" = {
user = "christoph";
hostname = "192.168.86.50";
};
"servenix" = {
user = "christoph";
hostname = "local.chriphost.de";
};
"thinknix" = {
user = "christoph";
hostname = "think.chriphost.de";
};
"vps" = {
user = "root";
hostname = "vps.chriphost.de";
};
"mars" = {
user = "smchurla";
hostname = "mars.cs.tu-dortmund.de";
serverAliveInterval = 60;
localForwards = [
{
# Resultbrowser
bind.port = 22941;
host.address = "127.0.0.1";
host.port = 22941;
}
{
# Mysql
bind.port = 3306;
host.address = "127.0.0.1";
host.port = 3306;
}
];
};
};
};
tmux = {
enable = true;
clock24 = true;
escapeTime = 0; # Delay after pressing escape
# keyMode = "vi";
terminal = "xterm-256color";
plugins = with pkgs; [
{
plugin = tmuxPlugins.catppuccin;
extraConfig = ''
set -g @plugin 'catppuccin/tmux'
set -g @catppuccin_flavour 'latte' # or frappe, macchiato, mocha
'';
}
];
extraConfig = ''
set -g default-terminal "xterm-256color"
set-option -ga terminal-overrides ",xterm-256color:Tc"
'';
};
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
}; };
services = { services = {

1
home/christoph/nixinator/default.nix
View File

@ -101,7 +101,6 @@
jellyfin-mpv-shim jellyfin-mpv-shim
# tidal-hifi # tidal-hifi
# tidal-dl-ng # TODO: Borked # tidal-dl-ng # TODO: Borked
# spotdl
tiddl tiddl
picard picard
handbrake handbrake

34
home/homemodules/bat/default.nix
View File

@ -1,34 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) bat color;
in {
options.homemodules.bat = import ./options.nix {inherit lib mylib;};
config = lib.mkIf bat.enable {
programs.bat = {
enable = true;
themes = {
catppuccin-latte = {
src = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "bat";
rev = "ba4d16880d63e656acced2b7d4e034e4a93f74b1";
sha256 = "sha256-6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
};
file = "Catppuccin-latte.tmTheme";
};
};
config = {
theme = "catppuccin-latte";
};
};
};
}

7
home/homemodules/bat/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable bat";
}

48
home/homemodules/cava/default.nix
View File

@ -1,48 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) cava color;
in {
options.homemodules.cava = import ./options.nix {inherit lib mylib;};
config = lib.mkIf cava.enable {
programs.cava = {
enable = true;
settings = {
general = {
framerate = 60; # default 60
autosens = 1; # default 1
sensitivity = 100; # default 100
lower_cutoff_freq = 50; # not passed to cava if not provided
higher_cutoff_freq = 10000; # not passed to cava if not provided
};
smoothing = {
noise_reduction = 77; # default 77
monstercat = false; # default false
waves = false; # default false
};
color = {
# https://github.com/catppuccin/cava/blob/main/themes/latte-transparent.cava
gradient = 1;
gradient_color_1 = "'${color.hexS.teal}'";
gradient_color_2 = "'${color.hexS.sky}'";
gradient_color_3 = "'${color.hexS.sapphire}'";
gradient_color_4 = "'${color.hexS.blue}'";
gradient_color_5 = "'${color.hexS.mauve}'";
gradient_color_6 = "'${color.hexS.pink}'";
gradient_color_7 = "'${color.hexS.maroon}'";
gradient_color_8 = "'${color.hexS.red}'";
};
};
};
};
}

7
home/homemodules/cava/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable cava";
}

8
home/homemodules/darwin.nix
View File

@ -1,21 +1,13 @@
{inputs, ...}: { {inputs, ...}: {
imports = [ imports = [
# My own HM modules # My own HM modules
./bat
./btop
./color ./color
./fastfetch
./fish ./fish
./git ./git
./jellyfin-tui
./kitty ./kitty
./lazygit ./lazygit
./neovim ./neovim
./packages
./paths ./paths
./ssh
./terminal
./tmux
./yazi ./yazi
# HM modules imported from the flake inputs # HM modules imported from the flake inputs

8
home/homemodules/default.nix
View File

@ -3,34 +3,26 @@
# Obsolete modules are kept in "1_deprecated" for reference. # Obsolete modules are kept in "1_deprecated" for reference.
# My own HM modules # My own HM modules
./bat
./beets ./beets
./btop ./btop
./cava
./chromium ./chromium
./color ./color
./docs ./docs
./fastfetch
./fcitx ./fcitx
./firefox ./firefox
./fish ./fish
./git ./git
./jellyfin-tui
./kitty ./kitty
./lazygit ./lazygit
./mpd ./mpd
./neovim ./neovim
./niri ./niri
./nnn ./nnn
./packages
./paths ./paths
./qutebrowser ./qutebrowser
./rmpc ./rmpc
./rofi ./rofi
./waybar ./waybar
./ssh
./terminal
./tmux
./yazi ./yazi
./zathura ./zathura

163
home/homemodules/fastfetch/default.nix
View File

@ -1,163 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) fastfetch color;
in {
options.homemodules.fastfetch = import ./options.nix {inherit lib mylib;};
config = lib.mkIf fastfetch.enable {
programs.fastfetch = {
enable = true;
settings = {
logo = {
padding = {
top = 4;
left = 1;
right = 2;
};
};
display = {
separator = "";
key.width = 17;
};
# Box Drawing: ╭ ─ ╮ ╰ ╯ │
modules = [
# Title
{
type = "title";
format = "{#1} {#}{user-name-colored}";
}
# System Information
{
type = "custom";
format = "{#1} {#}System Information";
}
{
type = "os";
key = "{#separator} {#keys}󰍹 OS";
}
{
type = "kernel";
key = "{#separator} {#keys}󰒋 Kernel";
}
{
type = "bootmgr";
key = "{#separator} {#keys}󰒋 BootMGR";
}
{
type = "uptime";
key = "{#separator} {#keys}󰅐 Uptime";
}
{
type = "packages";
key = "{#separator} {#keys}󰏖 Packages";
# format = "{all}";
}
{
type = "custom";
format = "{#1}";
}
# Desktop Environment
{
type = "custom";
format = "{#1} {#}Desktop Environment";
}
{
type = "de";
key = "{#separator} {#keys}󰧨 DE";
}
{
type = "wm";
key = "{#separator} {#keys}󱂬 WM";
}
{
type = "wmtheme";
key = "{#separator} {#keys}󰉼 Theme";
}
{
type = "display";
key = "{#separator} {#keys}󰹑 Resolution";
}
{
type = "shell";
key = "{#separator} {#keys}󰞷 Shell";
}
{
type = "terminalfont";
key = "{#separator} {#keys}󰛖 Font";
}
{
type = "icons";
key = "{#separator} {#keys} Icons";
}
{
type = "cursor";
key = "{#separator} {#keys}󰆽 Cursor";
}
{
type = "custom";
format = "{#1}";
}
# Hardware Information
{
type = "custom";
format = "{#1} {#}Hardware Information";
}
{
type = "board";
key = "{#separator} {#keys} Board";
}
{
type = "cpu";
key = "{#separator} {#keys}󰻠 CPU";
}
{
type = "gpu";
key = "{#separator} {#keys}󰢮 GPU";
}
{
type = "memory";
key = "{#separator} {#keys}󰍛 Memory";
}
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (/)";
# folders = "/";
# }
# {
# type = "disk";
# key = "{#separator}│ {#keys}󰋊 Disk (~/Games)";
# folders = "/home/christoph/Games";
# }
{
type = "btrfs";
key = "{#separator} {#keys}󰋊 BTRFS";
}
{
type = "custom";
format = "{#1}";
}
# Colors Footer
{
type = "colors";
key = "{#separator} {#1}";
keyWidth = 6;
symbol = "circle";
}
];
};
};
};
}

7
home/homemodules/fastfetch/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable fastfetch";
}

190
home/homemodules/fish/default.nix
View File

@ -42,100 +42,99 @@ in {
fish_pager_color_description ${color.hex.overlay0} fish_pager_color_description ${color.hex.overlay0}
''; '';
programs.fish = let programs.fish = lib.mkMerge [
# Only add " | bat" if bat is installed # Darwin exclusive config
batify = command: command + (lib.optionalString config.programs.bat.enable " | bat"); (lib.mkIf pkgs.stdenv.isDarwin {
shellAbbrs = let
# These can be used for my config.homemodules and for HM config.programs,
# as both of these add the package to home.packages
hasHomePackage = package: (mylib.modules.contains config.home.packages package);
# Same as above but with args for bat # Only add fish abbr if package is installed
batifyWithArgs = command: args: command + (lib.optionalString config.programs.bat.enable (" | bat " + args)); abbrify = package: abbr: (lib.optionalAttrs (hasHomePackage package) abbr);
in
# These can be used for my config.homemodules and for HM config.programs, lib.mkMerge [
# as both of these add the package to home.packages
hasHomePackage = package: (mylib.modules.contains config.home.packages package);
# Only add fish abbr if package is installed
abbrify = package: abbr: (lib.optionalAttrs (hasHomePackage package) abbr);
in
lib.mkMerge [
# Darwin exclusive config
(lib.mkIf pkgs.stdenv.isDarwin {
shellInit = ''
set fish_greeting
yes | fish_config theme save "system-theme"
set --global --export HOMEBREW_PREFIX "/opt/homebrew"
set --global --export HOMEBREW_CELLAR "/opt/homebrew/Cellar"
set --global --export HOMEBREW_REPOSITORY "/opt/homebrew"
fish_add_path --global --move --path "/opt/homebrew/bin" "/opt/homebrew/sbin"
if test -n "$MANPATH[1]"; set --global --export MANPATH ''' $MANPATH; end;
if not contains "/opt/homebrew/share/info" $INFOPATH; set --global --export INFOPATH "/opt/homebrew/share/info" $INFOPATH; end;
'';
shellAbbrs = lib.mkMerge [
{ {
rebuild = "sudo darwin-rebuild switch --flake .#darwinix"; rebuild = "sudo darwin-rebuild switch --flake .#darwinix";
} }
(abbrify pkgs.nix-search-tv {search = "nix-search-tv print --indexes 'darwin,home-manager,nixpkgs,nur' | fzf --preview 'nix-search-tv preview {}' --scheme history";}) (abbrify pkgs.nix-search-tv {search = "nix-search-tv print --indexes 'darwin,home-manager,nixpkgs,nur' | fzf --preview 'nix-search-tv preview {}' --scheme history";})
]; ];
}) })
# Linux exclusive config # Linux exclusive config
(lib.mkIf pkgs.stdenv.isLinux { (lib.mkIf pkgs.stdenv.isLinux {
generateCompletions = nixosConfig.programs.fish.generateCompletions; generateCompletions = nixosConfig.programs.fish.generateCompletions;
shellInit = '' functions = lib.mergeAttrsList [
set fish_greeting (lib.optionalAttrs config.homemodules.nnn.enable {
yes | fish_config theme save "system-theme" nnncd = {
''; wraps = "nnn";
description = "support nnn quit and change directory";
body = ''
# Block nesting of nnn in subshells
if test -n "$NNNLVL" -a "$NNNLVL" -ge 1
echo "nnn is already running"
return
end
functions = lib.mergeAttrsList [ # The behaviour is set to cd on quit (nnn checks if NNN_TMPFILE is set)
(lib.optionalAttrs config.homemodules.nnn.enable { # If NNN_TMPFILE is set to a custom path, it must be exported for nnn to
nnncd = { # see. To cd on quit only on ^G, remove the "-x" from both lines below,
wraps = "nnn"; # without changing the paths.
description = "support nnn quit and change directory"; if test -n "$XDG_CONFIG_HOME"
body = '' set -x NNN_TMPFILE "$XDG_CONFIG_HOME/nnn/.lastd"
# Block nesting of nnn in subshells else
if test -n "$NNNLVL" -a "$NNNLVL" -ge 1 set -x NNN_TMPFILE "$HOME/.config/nnn/.lastd"
echo "nnn is already running" end
return
end
# The behaviour is set to cd on quit (nnn checks if NNN_TMPFILE is set) # Unmask ^Q (, ^V etc.) (if required, see `stty -a`) to Quit nnn
# If NNN_TMPFILE is set to a custom path, it must be exported for nnn to # stty start undef
# see. To cd on quit only on ^G, remove the "-x" from both lines below, # stty stop undef
# without changing the paths. # stty lwrap undef
if test -n "$XDG_CONFIG_HOME" # stty lnext undef
set -x NNN_TMPFILE "$XDG_CONFIG_HOME/nnn/.lastd"
else
set -x NNN_TMPFILE "$HOME/.config/nnn/.lastd"
end
# Unmask ^Q (, ^V etc.) (if required, see `stty -a`) to Quit nnn # The command function allows one to alias this function to `nnn` without
# stty start undef # making an infinitely recursive alias
# stty stop undef command nnn $argv
# stty lwrap undef
# stty lnext undef
# The command function allows one to alias this function to `nnn` without if test -e $NNN_TMPFILE
# making an infinitely recursive alias source $NNN_TMPFILE
command nnn $argv rm $NNN_TMPFILE
end
'';
};
})
];
if test -e $NNN_TMPFILE shellAbbrs = let
source $NNN_TMPFILE # Only add " | bat" if bat is installed
rm $NNN_TMPFILE batify = command: command + (lib.optionalString config.programs.bat.enable " | bat");
end
'';
};
})
];
shellAbbrs = lib.mkMerge [ # Same as above but with args for bat
batifyWithArgs = command: args: command + (lib.optionalString config.programs.bat.enable (" | bat " + args));
# These can be used for my config.homemodules and for HM config.programs,
# as both of these add the package to home.packages
hasHomePackage = package: (mylib.modules.contains config.home.packages package);
# Only add fish abbr if package is installed
abbrify = package: abbr: (lib.optionalAttrs (hasHomePackage package) abbr);
in
lib.mkMerge [
# Abbrs that are always available are defined here. # Abbrs that are always available are defined here.
{ {
# Fish
h = batifyWithArgs "history" "-l fish"; # -l fish sets syntax highlighting to fish
abbrs = batifyWithArgs "abbr" "-l fish";
# Tools # Tools
blk = batify "lsblk -o NAME,LABEL,PARTLABEL,FSTYPE,SIZE,FSUSE%,MOUNTPOINT"; blk = batify "lsblk -o NAME,LABEL,PARTLABEL,FSTYPE,SIZE,FSUSE%,MOUNTPOINT";
blkids = batify "lsblk -o NAME,LABEL,FSTYPE,SIZE,PARTLABEL,MODEL,ID,UUID"; blkids = batify "lsblk -o NAME,LABEL,FSTYPE,SIZE,PARTLABEL,MODEL,ID,UUID";
nd = "nix develop";
nb = "nix build -L";
ns = "nix shell nixpkgs#";
nr = "nix run";
ghidra = "_JAVA_AWT_WM_NONREPARENTING=1 ghidra"; # env var for wayland ghidra = "_JAVA_AWT_WM_NONREPARENTING=1 ghidra"; # env var for wayland
} }
@ -152,33 +151,31 @@ in {
# (abbrify pkgs.sd {sed = "sd";}) # (abbrify pkgs.sd {sed = "sd";})
]; ];
}) })
# Common config # Common config
{ {
enable = true; enable = true;
shellAbbrs = lib.mkMerge [ shellAbbrs = let
# These can be used for my config.homemodules and for HM config.programs,
# as both of these add the package to home.packages
hasHomePackage = package: (mylib.modules.contains config.home.packages package);
# Only add fish abbr if package is installed
abbrify = package: abbr: (lib.optionalAttrs (hasHomePackage package) abbr);
in
lib.mkMerge [
{ {
# Shell # Shell basics
c = "clear"; c = "clear";
q = "exit"; q = "exit";
mkdir = "mkdir -p"; # also create parents (-p) mkdir = "mkdir -p"; # also create parents (-p)
watch = "watch -d -c -n 0.5"; watch = "watch -d -c -n 0.5";
sy = "sudo yazi"; sy = "sudo -u ${username} yazi";
cd = "z"; # zoxide for quickjump to previously visited locations cd = "z"; # zoxide for quickjump to previously visited locations
cdd = "zi"; cdd = "zi";
b = "z -"; # jump to previous dir b = "z -"; # jump to previous dir
# Fish
h = batifyWithArgs "history" "-l fish"; # -l fish sets syntax highlighting to fish
abbrs = batifyWithArgs "abbr" "-l fish";
# Nix
nd = "nix develop";
nb = "nix build -L";
ns = "nix shell nixpkgs#";
nr = "nix run";
nps = "nps -e"; nps = "nps -e";
} }
@ -230,9 +227,14 @@ in {
(abbrify pkgs.lazygit {lg = "lazygit";}) (abbrify pkgs.lazygit {lg = "lazygit";})
]; ];
plugins = []; plugins = [];
}
]; shellInit = ''
set fish_greeting
yes | fish_config theme save "system-theme"
'';
}
];
programs.starship = { programs.starship = {
enable = true; enable = true;

91
home/homemodules/jellyfin-tui/default.nix
View File

@ -1,91 +0,0 @@
{
config,
nixosConfig,
darwinConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) jellyfin-tui color;
systemConfig =
if pkgs.stdenv.isLinux
then nixosConfig
else darwinConfig;
in {
options.homemodules.jellyfin-tui = import ./options.nix {inherit lib mylib;};
config = lib.mkIf jellyfin-tui.enable {
home = {
packages = [
pkgs.jellyfin-tui
];
file = let
jellyfinUrl =
if pkgs.stdenv.isLinux
then "https://jellyfin.local.chriphost.de"
else "https://jellyfin.vps.chriphost.de";
configFile = ''
servers:
- name: Mafia Dortmund
url: ${jellyfinUrl}
username: root
password_file: ${systemConfig.sops.secrets.jellyfin-password.path}
default: true
# All following settings are OPTIONAL. What you see here are the defaults.
# Show album cover image
art: true
# Save and restore the state of the player (queue, volume, etc.)
persist: true
# Grab the primary color from the cover image (false => uses the current theme's `accent` instead)
auto_color: false
# Time in milliseconds to fade between colors when the track changes
auto_color_fade_ms: 400
# Always show the lyrics pane, even if no lyrics are available
lyrics: 'always' # options: 'always', 'never', 'auto'
rounded_corners: true
transcoding:
bitrate: 320
# container: mp3
# Discord Rich Presence. Shows your listening status on your Discord profile if Discord is running.
# NOTE: I think we're allowed to leak this to the public (hopefully)?
discord: 1466134677537685546 # https://discord.com/developers/applications
# Displays album art on your Discord profile if enabled
# !!CAUTION!! - Enabling this will expose the URL of your Jellyfin instance to all Discord users!
discord_art: false
# Customize the title of the terminal window
window_title: true # default -> {title} {artist} ({year})
# window_title: false # disable
# Custom title: choose from current track's {title} {artist} {album} {year}
# window_title: "\"{title}\" by {artist} ({year}) jellyfin-tui"
# Options specified here will be passed to mpv - https://mpv.io/manual/master/#options
mpv:
log-file: /tmp/mpv.log
no-config: true
# af: lavfi=[loudnorm=I=-23:TP=-1]
gapless-audio: weak
prefetch-playlist: yes
replaygain: no
'';
in
lib.mkMerge [
(lib.optionalAttrs pkgs.stdenv.isLinux {
".config/jellyfin-tui/config.yaml".text = configFile;
})
(lib.optionalAttrs pkgs.stdenv.isDarwin {
"Library/Application Support/jellyfin-tui/config.yaml".text = configFile;
})
];
};
};
}

7
home/homemodules/jellyfin-tui/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable jellyfin-tui";
}

16
home/homemodules/neovim/default.nix
View File

@ -552,21 +552,6 @@ in {
}; };
}; };
devdocs = rec {
name = "devdocs";
pkg = pkgs.vimPlugins.devdocs-nvim;
lazy = true;
cmd = ["DevDocs"];
dependencies = [snacks];
config = mkDefaultConfig name;
# opts = {
# ensure_installed = [
# "c"
# "cpp"
# ];
# };
};
direnv = { direnv = {
name = "direnv"; name = "direnv";
pkg = pkgs.vimPlugins.direnv-vim; pkg = pkgs.vimPlugins.direnv-vim;
@ -2175,7 +2160,6 @@ in {
# dap # Debug adapter protocol # TODO: # dap # Debug adapter protocol # TODO:
# dap-ui # Debugger UI # TODO: # dap-ui # Debugger UI # TODO:
devdocs
diffview # Git diff # TODO: Check the keybindings diffview # Git diff # TODO: Check the keybindings
direnv # Automatically load local environments direnv # Automatically load local environments

42
home/homemodules/neovim/mappings.nix
View File

@ -505,48 +505,6 @@ _: let
action = "<cmd>lua Snacks.picker.help()<cr>"; action = "<cmd>lua Snacks.picker.help()<cr>";
options.desc = "Helptags Picker"; options.desc = "Helptags Picker";
} }
{
mode = "n";
key = "<leader>hd";
action = "+devdocs";
}
# {
# mode = "n";
# key = "<leader>hdd";
# action.__raw = ''
# function()
# local devdocs = require("devdocs")
# local installedDocs = devdocs.GetInstalledDocs()
# vim.ui.select(installedDocs, {}, function(selected)
# if not selected then
# return
# end
# local docDir = devdocs.GetDocDir(selected)
# -- prettify the filename as you wish
# Snacks.picker.files({ cwd = docDir })
# end)
# end
# '';
# options.desc = "Open Devdocs";
# }
{
mode = "n";
key = "<leader>hdd";
action = "<cmd>DevDocs get<cr>";
options.desc = "Open Devdocs in Split";
}
{
mode = "n";
key = "<leader>hdi";
action = "<cmd>DevDocs install<cr>";
options.desc = "Install Devdocs";
}
{
mode = "n";
key = "<leader>hdD";
action = "<cmd>DevDocs delete<cr>";
options.desc = "Delete Devdocs";
}
]; ];
leader-quit = [ leader-quit = [

210
home/homemodules/niri/default.nix
View File

@ -19,43 +19,30 @@ in {
} }
]; ];
gtk = let gtk = {
gtkConfig = { enable = true;
enable = true; iconTheme.package = color.iconPackage;
iconTheme.name = color.iconTheme;
colorScheme = "dark"; colorScheme = "dark";
gtk3.colorScheme = "dark";
gtk4.colorScheme = "dark";
iconTheme = { theme = {
package = color.iconPackage; # name = "adw-gtk3-dark";
name = color.iconTheme; # package = pkgs.adw-gtk3;
}; name = "catppuccin-mocha-mauve-standard";
package = pkgs.catppuccin-gtk.override {
cursorTheme = { variant = "mocha";
name = color.cursor; accents = ["mauve"];
package = color.cursorPackage; size = "standard";
};
theme = {
# name = "adw-gtk3-dark";
# package = pkgs.adw-gtk3;
name = "catppuccin-mocha-mauve-standard";
package = pkgs.catppuccin-gtk.override {
variant = "mocha";
accents = ["mauve"];
size = "standard";
};
}; };
}; };
gtkExtraConfig = { gtk3.extraConfig = {
gtk-application-prefer-dark-theme = 1; gtk-application-prefer-dark-theme = 1;
}; };
in };
gtkConfig
// {
gtk3 = gtkConfig // {extraConfig = gtkExtraConfig;};
gtk4 = gtkConfig // {extraConfig = gtkExtraConfig;};
};
dconf = { dconf = {
enable = true; enable = true;
@ -145,7 +132,6 @@ in {
wiremix # Audio control wiremix # Audio control
swww swww
waypaper waypaper
wtype # For elephant
# GTK apps (look good and work well with xdg portals) # GTK apps (look good and work well with xdg portals)
nautilus # Fallback file chooser used by xdg-desktop-portal-gnome nautilus # Fallback file chooser used by xdg-desktop-portal-gnome
@ -209,10 +195,6 @@ in {
default = ["desktopapplications"]; default = ["desktopapplications"];
}; };
empty = ["desktopapplications"]; empty = ["desktopapplications"];
selection_wrap = true;
hide_quick_activation = true;
actions_as_menu = true;
}; };
themes."cattpuccin-mocha" = let themes."cattpuccin-mocha" = let
@ -662,112 +644,8 @@ in {
}; };
# TODO: Move values to config option and set in home/christoph/niri.nix # TODO: Move values to config option and set in home/christoph/niri.nix
binds = with config.lib.niri.actions; let binds = with config.lib.niri.actions; {
sessionMenu = mylib.rofi.mkMenu {
prompt = "Session";
layers = [
{
"󰤂 Poweroff" = "poweroff";
"󰜉 Reboot" = "reboot";
"󰌾 Lock" = "loginctl lock-session";
# " Reload Hyprpanel" = "systemctl --user restart hyprpanel.service";
# " Reload Hyprland" = "hyprctl reload";
# " Exit Hyprland" = "hyprctl dispatch exit";
" Exit Niri" = "niri msg action quit";
}
];
prompts = ["Select Session Action"];
rofiCmd = "walker -d";
};
wallpaperMenu = mylib.rofi.mkMenu {
prompt = "Wallpaper";
layers = [
"eza -1 ${config.paths.nixflake}/wallpapers"
];
prompts = ["Select Wallpaper"];
# Use waypaper instead of swww directly, so the chosen wallpaper will be restored after reboot
command = "waypaper --wallpaper ${config.paths.nixflake}/wallpapers/$OPTION0";
rofiCmd = "walker -d";
};
# No lectures anymore :) - Kept as example
lecturesMenu = mylib.rofi.mkMenu {
prompt = "Lecture";
layers = [
"eza -1 -D ~/Notes/TU"
"eza -1 -D ~/Notes/TU/$OPTION0"
"eza -1 ~/Notes/TU/$OPTION0/$OPTION1 | grep '.pdf'"
];
prompts = [
"Select Lecture"
"Select Subfolder"
"Select Deck"
];
command = "xdg-open ~/Notes/TU/$OPTION0/$OPTION1/$OPTION2";
rofiCmd = "walker -d";
};
# niriMenu = mylib.rofi.mkMenu {
# prompt = "Niri";
# layers = [
# {
# "󰹑 Take Region Screenshot" = "niri msg action screenshot -p false";
# "󰹑 Take Window Screenshot" = "niri msg action screenshot-window -p false -d true";
# "󰹑 Take Full-Screen Screenshot" = "niri msg action screenshot-screen -p false -d true";
# }
# ];
# prompts = ["Execute Niri Action"];
# rofiCmd = "walker -d";
# };
globalMenu = mylib.rofi.mkMenu {
prompt = "Global";
layers = [
{
" Control Session" = "${sessionMenu}/bin/rofi-menu-Session";
"󰸉 Change Wallpaper" = "${wallpaperMenu}/bin/rofi-menu-Wallpaper";
"󰋗 View Keybindings" = "niri msg action show-hotkey-overlay";
" Open Lecture Material" = "${lecturesMenu}/bin/rofi-menu-Lecture";
# " Niri Actions" = "${niriMenu}/bin/rofi-menu-Niri";
# TODO: What else? SSH menu?
}
];
prompts = ["Select Action"];
rofiCmd = "walker -d";
};
in {
# DMenu
"Mod+Shift+A" = {
action = spawn "walker" "-m" "providerlist";
hotkey-overlay = {title = "Toggle the launcher.";};
};
"Mod+A" = {
action = spawn "walker" "-m" "desktopapplications";
hotkey-overlay = {title = "Toggle the application launcher.";};
};
"Mod+C" = {
action = spawn "walker" "-m" "clipboard";
hotkey-overlay = {title = "Show clipboard history.";};
};
"Mod+Escape" = {
action = spawn "${sessionMenu}/bin/rofi-menu-Session";
hotkey-overlay = {title = "Toggle the session menu.";};
};
"Mod+W" = {
action = spawn "${wallpaperMenu}/bin/rofi-menu-Wallpaper";
hotkey-overlay = {title = "Open wallpaper menu.";};
};
"Mod+D" = {
action = spawn "${globalMenu}/bin/rofi-menu-Global";
hotkey-overlay = {title = "Open global menu.";};
};
# Applications # Applications
"Mod+Ctrl+W" = {
action = spawn "waypaper";
hotkey-overlay = {title = "Open waypaper.";};
};
"Mod+Shift+W" = {
action = spawn "waypaper" "--random";
hotkey-overlay = {title = "Select random wallpaper.";};
};
"Mod+T" = { "Mod+T" = {
action = spawn "kitty"; action = spawn "kitty";
hotkey-overlay = {title = "Spawn Kitty.";}; hotkey-overlay = {title = "Spawn Kitty.";};
@ -800,24 +678,52 @@ in {
action = spawn "neovide" "${config.paths.dotfiles}/flake.nix"; action = spawn "neovide" "${config.paths.dotfiles}/flake.nix";
hotkey-overlay = {title = "Edit the NixFlake.";}; hotkey-overlay = {title = "Edit the NixFlake.";};
}; };
"Mod+W" = {
action = spawn "waypaper";
hotkey-overlay = {title = "Open wallpaper chooser.";};
};
"Mod+Shift+W" = {
action = spawn "waypaper" "--random";
hotkey-overlay = {title = "Select random wallpaper.";};
};
"Mod+A" = {
action = spawn "walker" "-m" "desktopapplications";
hotkey-overlay = {title = "Toggle the application launcher.";};
};
"Mod+Shift+A" = {
action = spawn "walker" "-m" "providerlist";
hotkey-overlay = {title = "Toggle the launcher.";};
};
"Mod+Escape" = let
powerMenu = mylib.rofi.mkSimpleMenu rec {
prompt = "Session";
attrs = {
"󰤂 Poweroff" = "poweroff";
"󰜉 Reboot" = "reboot";
"󰌾 Lock" = "loginctl lock-session";
# " Reload Hyprpanel" = "systemctl --user restart hyprpanel.service";
# " Reload Hyprland" = "hyprctl reload";
# " Exit Hyprland" = "hyprctl dispatch exit";
};
command = "walker -d -p ${prompt}";
};
in {
action = spawn "${powerMenu}/bin/rofi-menu-Session";
hotkey-overlay = {title = "Toggle the session menu.";};
};
"Mod+C" = {
action = spawn "walker" "-m" "clipboard";
hotkey-overlay = {title = "Show clipboard history.";};
};
# Screenshots # Screenshots
"Mod+S" = { "Mod+S" = {
action.screenshot-window = { action.screenshot-window = {write-to-disk = true;};
write-to-disk = true;
show-pointer = false;
};
hotkey-overlay = {title = "Take a screenshot of the current window.";}; hotkey-overlay = {title = "Take a screenshot of the current window.";};
}; };
"Mod+Ctrl+S" = {
action.screenshot-screen = {
write-to-disk = true;
show-pointer = false;
};
hotkey-overlay = {title = "Take a screenshot of the current screen.";};
};
"Mod+Shift+S" = { "Mod+Shift+S" = {
action.screenshot = {show-pointer = false;}; action.screenshot = {show-pointer = true;};
hotkey-overlay = {title = "Take a screenshot of a region.";}; hotkey-overlay = {title = "Take a screenshot of a region.";};
}; };

220
home/homemodules/packages/default.nix
View File

@ -1,220 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
headless,
inputs,
...
}: let
inherit (config.homemodules) packages color;
in {
options.homemodules.packages = import ./options.nix {inherit lib mylib;};
config = lib.mkIf packages.enable {
home.packages = with pkgs;
lib.mkMerge [
# Common packages
[
# Shell utils
(ripgrep.override {withPCRE2 = true;}) # fast as fuck
gdu # Alternative to du-dust (I like it better)
duf # Disk usage analyzer (for all disk overview)
sd # Sed alternative
fclones # Duplicate file finder
tealdeer # Very fast tldr (so readable man)
killall
atool # Archive preview
exiftool
ouch # Unified compression/decompression
ffmpegthumbnailer # Video thumbnails
mediainfo # Media meta information
file # File meta information
unrar # Cooler WinRar
p7zip # Zip stuff
unzip # Unzip stuff
progress # Find coreutils processes and show their progress
tokei # Text file statistics in a project
ttyper
wiki-tui
# Nix
nix-search-tv # Search nixpkgs, nur, nixos options and homemanager options
nix-tree # Browse the nix store sorted by size (gdu for closures)
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default # Search nixpkgs
# Video/Image/Audio utils
ffmpeg-full # I love ffmpeg (including ffplay)
ffmpeg-normalize # Normalize audio
# Document utils
poppler-utils # pdfunite
pdf2svg # extract vector graphics from pdf
pandoc # document converting madness
# Networking
dig # Make DNS requests
tcpdump # Listen in on TCP traffic
gping # ping with graph
curlie # curl a'la httpie
wget # download that shit
doggo # dns client
rsync # cp on steroids
rclone # Rsync for cloud
httpie # Cool http client
speedtest-cli
bandwhich
snitch
# Use NixCommunity binary cache
cachix
]
# Common !headless packages
(lib.optionals (!headless) [
ripdrag # drag & drop from terminal
# jellyfin-tui # Use module
])
# Linux exclusive packages
(lib.optionals (pkgs.stdenv.isLinux) [
pastel # Color tools
nvd # Nix rebuild diff
nurl # Generate nix fetcher sections based on URLs
python313 # Nicer scripting than bash
lazyjournal # Journalctl viewer
systemctl-tui
restic # Backups
gnumake
just # make alternative
binsider # .elf analyzer
jujutsu # git-like vcs
lurk # strace analysis
radare2
# Hardware/Software info
pciutils # lspci
mesa-demos # OpenGL info
wayland-utils # wayland-info
clinfo # OpenCL info
vulkan-tools # vulkaninfo
libva-utils # vainfo
vdpauinfo # Video-Decode and Presentation API for Unix info
hwloc # Generate CPU topology diagram
lm_sensors # Readout hardware sensors
acpica-tools # Dump ACPI tables etc.
smartmontools # Disk health
nvme-cli # NVME disk health
# Video/Image/Audio utils
imagemagick # Convert image (magic)
mp3val # Validate mp3 files
flac # Validate flac files
# Document utils
graphviz # generate graphs from code
d2 # generate diagrams from code
plantuml # generate diagrams
gnuplot # generate function plots
# Networking
traceroute # "Follow" a packet
cifs-utils # Mount samba shares
nfs-utils # Mount NFS shares
sshfs # Mount remote directories via SSH
# Run unpatched binaries on NixOS
# Sets NIX_LD_LIBRARY_PATH and NIX_LD variables for nix-ld.
# Usage: "nix-alien-ld -- <Executable>".
inputs.nix-alien.packages.${pkgs.stdenv.hostPlatform.system}.nix-alien
])
# Linux exclusive packages (!headless)
(lib.optionals (pkgs.stdenv.isLinux && (!headless)) [
veracrypt
wl-clipboard
# Proton
proton-vpn
protonmail-bridge-gui
# GUI stuff
nautilus # Just in case
signal-desktop
anki
font-manager # Previews fonts, but doesn't set them
nextcloud-client
keepassxc
thunderbird # TODO: Email module
obsidian
zotero
zeal # docs browser
# helvum # unmaintained
crosspipe
vlc
audacity
ferdium
gparted
# feishin # electron :(
playerctl # Media player control
czkawka-full # file deduplicator
# Office
kdePackages.wacomtablet # For xournalpp/krita
xournalpp # Write with a pen, like old people
hunspell # I cna't type
hunspellDicts.en_US
hunspellDicts.de_DE
inputs.masssprings.packages.${stdenv.hostPlatform.system}.default
])
# Darwin exclusive packages
(lib.optionals pkgs.stdenv.isDarwin [
# Use homebrew instead
# alt-tab-macos
# discord
# obsidian
# nextcloud-client
# proton-vpn
# iina
])
];
programs = {
# The home-manager management tool.
# Will only be enabled if HM is installed standalone.
home-manager.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
};
};
}

7
home/homemodules/packages/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable common packages";
}

73
home/homemodules/ssh/default.nix
View File

@ -1,73 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) ssh color;
in {
options.homemodules.ssh = import ./options.nix {inherit lib mylib;};
config = lib.mkIf ssh.enable {
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"*" = {
forwardAgent = false;
addKeysToAgent =
if pkgs.stdenv.isLinux
then "no"
else "yes"; # Don't have keychain on darwin
compression = true;
serverAliveInterval = 0;
serverAliveCountMax = 3;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
};
"nixinator" = {
port = 5432;
user = "christoph";
hostname = "vps.chriphost.de";
};
"servenix" = {
user = "christoph";
hostname = "local.chriphost.de";
};
"thinknix" = {
user = "christoph";
hostname = "think.chriphost.de";
};
"vps" = {
user = "root";
hostname = "vps.chriphost.de";
};
"mars" = {
user = "smchurla";
hostname = "mars.cs.tu-dortmund.de";
serverAliveInterval = 60;
localForwards = [
{
# Resultbrowser
bind.port = 22941;
host.address = "127.0.0.1";
host.port = 22941;
}
{
# Mysql
bind.port = 3306;
host.address = "127.0.0.1";
host.port = 3306;
}
];
};
};
};
};
}

7
home/homemodules/ssh/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable ssh";
}

44
home/homemodules/terminal/default.nix
View File

@ -1,44 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
headless,
...
}: let
inherit (config.homemodules) terminal color;
in {
options.homemodules.terminal = import ./options.nix {inherit lib mylib;};
config = lib.mkIf terminal.enable {
homemodules = {
bat.enable = true;
btop.enable = true;
fastfetch.enable = true;
fish.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
jellyfin-tui.enable = true;
kitty.enable = true;
lazygit.enable = true;
neovim = {
enable = true;
alias = true;
neovide = !headless;
};
ssh.enable = true;
tmux.enable = true;
yazi.enable = true;
};
};
}

7
home/homemodules/terminal/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable terminal tools";
}

38
home/homemodules/tmux/default.nix
View File

@ -1,38 +0,0 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}: let
inherit (config.homemodules) tmux color;
in {
options.homemodules.tmux = import ./options.nix {inherit lib mylib;};
config = lib.mkIf tmux.enable {
programs.tmux = {
enable = true;
clock24 = true;
escapeTime = 0; # Delay after pressing escape
# keyMode = "vi";
terminal = "xterm-256color";
plugins = with pkgs; [
{
plugin = tmuxPlugins.catppuccin;
extraConfig = ''
set -g @plugin 'catppuccin/tmux'
set -g @catppuccin_flavour 'latte' # or frappe, macchiato, mocha
'';
}
];
extraConfig = ''
set -g default-terminal "xterm-256color"
set-option -ga terminal-overrides ",xterm-256color:Tc"
'';
};
};
}

7
home/homemodules/tmux/options.nix
View File

@ -1,7 +0,0 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable tmux";
}

73
home/homemodules/waybar/default.nix
View File

@ -24,7 +24,7 @@ in {
output = waybar.monitors; output = waybar.monitors;
modules-left = ["custom/launcher" "niri/workspaces" "niri/window"]; # "user" modules-left = ["custom/launcher" "niri/workspaces" "niri/window"]; # "user"
modules-center = ["mpris"]; # "systemd-failed-units" modules-center = ["systemd-failed-units" "mpris"];
modules-right = ["privacy" "pulseaudio" "network" "disk" "cpu" "memory" "clock" "tray"]; modules-right = ["privacy" "pulseaudio" "network" "disk" "cpu" "memory" "clock" "tray"];
"custom/launcher" = { "custom/launcher" = {
@ -77,11 +77,11 @@ in {
tooltip = true; tooltip = true;
tooltip-icon-size = 24; tooltip-icon-size = 24;
} }
# { {
# type = "audio-out"; type = "audio-out";
# tooltip = true; tooltip = true;
# tooltip-icon-size = 24; tooltip-icon-size = 24;
# } }
{ {
type = "audio-in"; type = "audio-in";
tooltip = true; tooltip = true;
@ -105,29 +105,30 @@ in {
}; };
disk = { disk = {
interval = 5;
format = "<span>󰋊</span> {percentage_used}%"; format = "<span>󰋊</span> {percentage_used}%";
on-click = "kitty --hold --title=Duf duf --hide-mp '/var/*,/etc/*,/usr/*,/home/christoph/.*' -width 120"; on-click = "kitty --hold --title=Duf duf --hide-mp '/var/*,/etc/*,/usr/*,/home/christoph/.*' -width 120";
}; };
cpu = { cpu = {
interval = 1; states = {
# states = { "warning" = 65;
# "critical" = 85; "critical" = 85;
# }; };
format = "<span></span> {load}%"; format = "<span></span> {load}%";
# format-critical = "<span color='#${color.hex.red}'><span></span> {load}%</span>"; format-warning = "<span color='#${color.hex.yellow}'><span></span> {load}%</span>";
format-critical = "<span color='#${color.hex.red}'><span></span> {load}%</span>";
on-click = "kitty --title=Btop btop"; on-click = "kitty --title=Btop btop";
tooltip = false; tooltip = false;
}; };
memory = { memory = {
interval = 1; states = {
# states = { "warning" = 65;
# "critical" = 85; "critical" = 85;
# }; };
format = "<span></span> {percentage}%"; format = "<span></span> {percentage}%";
# format-critical = "<span color='#${color.hex.red}'><span></span> {percentage}%</span>"; format-warning = "<span color='#${color.hex.yellow}'><span></span> {percentage}%</span>";
format-critical = "<span color='#${color.hex.red}'><span></span> {percentage}%</span>";
on-click = "kitty --title=Btop btop"; on-click = "kitty --title=Btop btop";
tooltip = true; tooltip = true;
tooltip-format = "RAM: {used}GiB / {total}GiB\nSwap: {swapUsed}GiB / {swapTotal}GiB"; tooltip-format = "RAM: {used}GiB / {total}GiB\nSwap: {swapUsed}GiB / {swapTotal}GiB";
@ -143,7 +144,7 @@ in {
mode-mon-col = 3; mode-mon-col = 3;
on-scroll = -1; on-scroll = -1;
format = { format = {
months = "<span color='#${color.hex.peach}'><b>{}</b></span>"; months = "<span color='#${color.hex.yellow}'><b>{}</b></span>";
days = "<span color='#${color.hex.flamingo}'><b>{}</b></span>"; days = "<span color='#${color.hex.flamingo}'><b>{}</b></span>";
weeks = "<span color='#${color.hex.teal}'><b>W{}</b></span>"; weeks = "<span color='#${color.hex.teal}'><b>W{}</b></span>";
weekdays = "<span color='#${color.hex.lavender}'><b>{}</b></span>"; weekdays = "<span color='#${color.hex.lavender}'><b>{}</b></span>";
@ -193,26 +194,24 @@ in {
} }
/* Background colors */ /* Background colors */
#custom-launcher {background-color: #${color.hex.accent};} #custom-launcher {background-color: #${color.hex.accent};}
#workspaces button {background-color: #${color.hex.blue};} #workspaces button {background-color: #${color.hex.lavender};}
#workspaces button.empty {background-color: #${color.hex.lavender};} #workspaces button.active {background-color: #${color.hex.pink};}
#workspaces button.active {background-color: #${color.hex.green};} #window {background-color: #${color.hex.maroon};}
#workspaces button.urgent {background-color: #${color.hex.red};} #systemd-failed-units {background-color: #${color.hex.red};}
#window {background-color: #${color.hex.maroon};} #mpris {background-color: #${color.hex.accent};}
#privacy {background-color: #${color.hex.red};}
#mpris {background-color: #${color.hex.accent};} #pulseaudio {background-color: #${color.hex.maroon};}
#network {background-color: #${color.hex.peach};}
#privacy {background-color: #${color.hex.red};} #disk {background-color: #${color.hex.yellow};}
#pulseaudio {background-color: #${color.hex.maroon};} #cpu {background-color: #${color.hex.green};}
#network {background-color: #${color.hex.peach};} #memory {background-color: #${color.hex.teal};}
#disk {background-color: #${color.hex.yellow};} #clock {background-color: #${color.hex.sky};}
#cpu {background-color: #${color.hex.green};} #tray {background-color: #${color.hex.accent};}
#memory {background-color: #${color.hex.teal};}
#clock {background-color: #${color.hex.sky};}
#tray {background-color: #${color.hex.accent};}
/* Square Widgets */ /* Square Widgets */
#custom-launcher, #custom-launcher,
#systemd-failed-units,
#mpris, #mpris,
#tray { #tray {
color: #${color.hex.mantle}; color: #${color.hex.mantle};
@ -261,6 +260,10 @@ in {
margin: 0px 5px 0px 0px; margin: 0px 5px 0px 0px;
} }
#systemd-failed-units {
margin: 0px 5px 0px 0px;
}
#tray { #tray {
margin: 0px 0px 0px 5px; margin: 0px 0px 0px 5px;
} }

13
lib/containers.nix
View File

@ -1,13 +0,0 @@
{
inputs,
pkgs,
lib,
...
}: {
# Standard DockerHub login used by all oci-container services.
# Usage: login = mylib.containers.mkDockerLogin config;
mkDockerLogin = config: {
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
}

1
lib/default.nix
View File

@ -13,5 +13,4 @@
rofi = import ./rofi.nix {inherit inputs pkgs lib;}; rofi = import ./rofi.nix {inherit inputs pkgs lib;};
generators = import ./generators.nix {inherit inputs pkgs lib;}; generators = import ./generators.nix {inherit inputs pkgs lib;};
color = import ./color.nix {inherit inputs pkgs lib;}; color = import ./color.nix {inherit inputs pkgs lib;};
containers = import ./containers.nix {inherit inputs pkgs lib;};
} }

5
lib/networking.nix
View File

@ -43,8 +43,6 @@
routers, routers,
nameservers, nameservers,
routable, routable,
# Extra addresses declared without creating routes (e.g. IPv6 ULA).
extraAddresses ? [],
}: { }: {
enable = true; enable = true;
@ -58,8 +56,7 @@
address = ips; address = ips;
gateway = routers; gateway = routers;
dns = nameservers; dns = nameservers;
routes = builtins.map (r: {Gateway = r;}) routers; routes = builtins.map (r: {Gateway = r;}) routers; # TODO: We need to add a way to specify addresses without routes (IPv6 ULA)
addresses = builtins.map (a: {Address = a;}) extraAddresses;
# See man systemd.network # See man systemd.network
networkConfig = { networkConfig = {

22
lib/nixos.nix
View File

@ -4,26 +4,6 @@
lib, lib,
... ...
}: { }: {
# Common nix daemon settings shared between NixOS and nix-darwin.
# Darwin additionally needs nix.enable = true.
mkCommonNixSettings = username: {
enable = true;
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes pipe-operators
'';
settings.trusted-users = ["root" username];
gc.automatic = false;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
];
};
mkNixosConfigWithHomeManagerModule = { mkNixosConfigWithHomeManagerModule = {
system, system,
mylib, mylib,
@ -130,7 +110,7 @@
../system/${hostname} ../system/${hostname}
# Import all of my custom system modules # Import all of my custom system modules
../system/systemmodules/darwin.nix # ../system/systemmodules # TODO:
] ]
extraModules extraModules

197
lib/rofi.nix
View File

@ -3,164 +3,79 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }: rec {
# Receives attrs like: # Receives attrs like:
# { # {
# "Poweroff" = "poweroff"; # "Poweroff" = "poweroff";
# "Reload Hyprland" = "hyprctl reload"; # "Reload Hyprland" = "hyprctl reload";
# } # }
# mkSimpleMenu = let mkSimpleMenu = let
# # Makes a string like ''"Poweroff" "Reload Hyprland"'' # Makes a string like ''"Poweroff" "Reload Hyprland"''
# unpack-options = attrs: "\"${lib.concatStringsSep "\" \"" (builtins.attrNames attrs)}\""; unpack-options = attrs: "\"${lib.concatStringsSep "\" \"" (builtins.attrNames attrs)}\"";
#
# mkCase = option: action: "else if test \"${option}\" = $OPTION\n set ACTION \"${action}\"";
#
# cases = attrs:
# attrs
# |> builtins.mapAttrs mkCase
# |> builtins.attrValues
# |> builtins.concatStringsSep "\n";
# in
# {
# prompt,
# attrs,
# command ? ''rofi -dmenu -i'',
# }:
# pkgs.writeScriptBin "rofi-menu-${prompt}" ''
# #! ${pkgs.fish}/bin/fish
#
# # OPTIONS contains all possible values Rofi will display
# set OPTIONS ${unpack-options attrs}
#
# # We choose a single OPTION using Rofi
# set OPTION (echo -e (string join "\n" $OPTIONS) | ${command} -p "${prompt}")
#
# # Check if the chosen OPTION is a valid choice from OPTIONS
# if not contains $OPTION $OPTIONS
# exit
# end
#
# # Set a command to execute based on the chosen OPTION
# if false
# exit # Easier to generate with this
# ${cases attrs}
# else
# exit
# end
#
# # Execute the command
# eval $ACTION
# '';
# Rofi/Dmenu menu generator. mkCase = option: action: "else if test \"${option}\" = $OPTION\n set ACTION \"${action}\"";
#
# Each element in `layers` is one of:
# - attrset { "Label" = "value"; } # static options: selected value → $OPTIONn
# - string "shell-cmd" # dynamic options from command: selected text → $OPTIONn
# # may reference $OPTION0, $OPTION1, ... from earlier layers
#
# The "command" is the last action, it can reference $OPTION0, $OPTION1, ...
# If no "command" is given and the last layer is a static attrset, its selected value is evaluated directly.
#
# The "prompts" list are optional per-layer prompt strings (falls back to "prompt" if not provided).
#
# vpn.fish equivalent:
# mkMenu {
# prompt = "vpn";
# layers = [
# "cat /etc/rofi-vpns"
# { "start" = "start"; "stop" = "stop"; "status" = "status"; }
# ];
# command = "systemctl $OPTION1 $OPTION0.service";
# }
#
# lectures.fish equivalent:
# mkMenu {
# prompt = "lecture";
# layers = [
# "eza -1 -D ~/Notes/TU"
# "eza -1 ~/Notes/TU/$OPTION0/Lecture | grep '.pdf'"
# ];
# command = "xdg-open ~/Notes/TU/$OPTION0/Lecture/$OPTION1";
# }
mkMenu = {
prompt,
layers,
prompts ? [],
command ? null,
rofiCmd ? "rofi -dmenu -i",
}: let
isStaticLayer = layer: builtins.isAttrs layer && !(layer ? options);
isDynamicLayer = layer: builtins.isString layer;
escStr = s: builtins.replaceStrings [''"'' "\\"] [''\"'' "\\\\"] s; cases = attrs:
attrs
|> builtins.mapAttrs mkCase
|> builtins.attrValues
|> builtins.concatStringsSep "\n";
in
{
prompt,
attrs,
command ? ''rofi -dmenu -p " ${prompt} " -i'',
}:
pkgs.writeScriptBin "rofi-menu-${prompt}" ''
#! ${pkgs.fish}/bin/fish
layerPrompt = i: # OPTIONS contains all possible values Rofi will display
if i < builtins.length prompts set OPTIONS ${unpack-options attrs}
then lib.elemAt prompts i
else prompt;
# Static layer: attrset of label -> value # We choose a single OPTION using Rofi
# Displays labels in rofi; maps selected label to its value -> $OPTIONi set OPTION (echo -e (string join "\n" $OPTIONS) | ${command})
mkStaticLayer = i: attrs: let
lp = layerPrompt i; # Check if the chosen OPTION is a valid choice from OPTIONS
labels = builtins.attrNames attrs; if not contains $OPTION $OPTIONS
optsStr = "\"${lib.concatStringsSep "\" \"" (map escStr labels)}\"";
mkCase = label: value: "else if test \"${escStr label}\" = $_LABEL${toString i}\n set OPTION${toString i} \"${escStr value}\"";
casesStr =
builtins.concatStringsSep "\n"
(builtins.attrValues (builtins.mapAttrs mkCase attrs));
in {
script = ''
set _OPTS${toString i} ${optsStr}
set _LABEL${toString i} (echo -e (string join "\n" $_OPTS${toString i}) | ${rofiCmd} -p "${lp}")
if not contains $_LABEL${toString i} $_OPTS${toString i}
exit exit
end end
# Set a command to execute based on the chosen OPTION
if false if false
exit exit # Easier to generate with this
${casesStr} ${cases attrs}
else else
exit exit
end end
# Execute the command
eval $ACTION
''; '';
};
# Dynamic layer: shell command string whose output is piped to rofi # TODO: I want to generate the containers menu using the actionsA and actionsB attrs:
# Selected text -> $OPTIONi; may reference earlier $OPTIONn variables # - actionsA will be generated from the stuff in oci-containers.containers
mkDynamicLayer = i: cmd: let # - actionsB will be set statically for start, stop, status
lp = layerPrompt i;
in {
script = ''
set OPTION${toString i} (${cmd} | ${rofiCmd} -p "${lp}")
if test -z $OPTION${toString i}
exit
end
'';
};
mkLayer = i: layer: # Receives attrs like:
if isStaticLayer layer # {
then mkStaticLayer i layer # optionA = "exa -1 -D ~/Notes/TU";
else if isDynamicLayer layer # optionB = "exa -1 -D ~/Notes/TU/$OPTIONA/Lecture | grep \".pdf\"";
then mkDynamicLayer i layer # commandB = "xdg-open ~/Notes/TU/$OPTIONA/Lecture/$OPTIONB";
else throw "mkMenu: layer ${toString i} has invalid type"; # }
#
layerResults = lib.imap0 mkLayer layers; # Map with 0-based index # Keys:
layerScripts = map (r: r.script) layerResults; # - optionA, optionB # Command that generates Rofi options:
lastLayer = lib.last layers; # exa -1 -D ~/Notes/TU
# cat /etc/rofi-vpns
finalCmd = # - commandA, commandB # Action to execute after sth. was chosen (mutually excl. with command)
if command != null # - actionsA, actionsB # Configure actions by lookup (mutually excl. with command):
then command # actionsB = {"status" = "systemctl status..."}
else if isStaticLayer lastLayer # - colorA, colorB # Configure highlighting conditions:
then "$OPTION${toString (builtins.length layers - 1)}" # colorA = {"red" = "systemctl ... | grep ..."};
else throw "mkMenu: 'command' must be set when the last layer is not a static attrset"; #
# Use $OPTIONA and $OPTIONB to use the options chosen by option<A/B>-command and rofi
# Use $EVALA and $EVALB to use the outputs generated by command<A/B>
mkMenu = let
in in
pkgs.writeScriptBin "rofi-menu-${prompt}" '' prompt: attrs: "";
#! ${pkgs.fish}/bin/fish
${lib.concatStringsSep "\n" layerScripts}
eval "${finalCmd}"
'';
} }

86
system/darwinix/default.nix
View File

@ -10,23 +10,31 @@
hostname, hostname,
... ...
}: { }: {
systemmodules = { nix = {
sops-nix.bootSecrets.${username} = [ enable = true;
"user-password"
];
sops-nix.secrets.${username} = [ package = pkgs.nixVersions.stable;
"ssh-private-key" extraOptions = ''
"nix-github-token" experimental-features = nix-command flakes pipe-operators
"docker-password" '';
"jellyfin-password"
settings.trusted-users = ["root" "${username}"];
gc.automatic = false;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
]; ];
}; };
nix = mylib.nixos.mkCommonNixSettings username;
networking = { networking = {
hostName = "${hostname}"; hostname = "${hostname}";
localHostName = "${hostname}"; localHostName = "${hostname}";
computerName = "${hostname}"; computerName = "${hostname}";
@ -38,11 +46,6 @@
blockAllIncoming = false; blockAllIncoming = false;
}; };
knownNetworkServices = [
"Wi-Fi"
"Thunderbold Bridge"
];
dns = [ dns = [
"192.168.86.26" "192.168.86.26"
"8.8.8.8" "8.8.8.8"
@ -53,8 +56,8 @@
}; };
power = { power = {
# restartAfterFreeze = false; restartAfterFreeze = false;
# restartAfterPowerFailure = false; restartAfterPowerFailure = false;
sleep = { sleep = {
computer = 10; # 10 minutes until sleep computer = 10; # 10 minutes until sleep
@ -64,37 +67,28 @@
}; };
system = { system = {
primaryUser = "${username}";
# TODO: # TODO:
defaults = { defaults = {
# dock = {}; # dock = {};
trackpad = { trackpad = {
ActuateDetents = true; # Haptic feedback ActuateDetents = true;
ActuationStrength = 1; ActuationStrength = 1;
Clicking = true; # Tap to click
Dragging = true; # Double tap to drag
TrackpadRightClick = true;
TrackpadPinch = true;
}; };
}; };
keyboard = { keyboard = {
enableKeyMapping = true; enableKeyMapping = true;
swapLeftCtrlAndFn = false; swapLeftCtrlAndFn = true;
swapLeftCommandAndLeftAlt = false; swapLeftCommandAndLeftAlt = true;
}; };
}; };
users.users.${username} = { users.users.${username} = {
name = "${username}";
description = "Christoph";
uid = 501;
gid = 20;
createHome = false;
home = "/Users/${username}";
isHidden = false; isHidden = false;
description = "Christoph";
home = "/Users/${username}";
createHome = false;
# NOTE: Not set if the user already exists on darwin, so use chsh for the root user # NOTE: Not set if the user already exists on darwin, so use chsh for the root user
shell = pkgs.fish; shell = pkgs.fish;
@ -124,34 +118,14 @@
}; };
services = { services = {
# For another time maybe # aerospace = {};
# sketchybar = {};
# skhd = {};
# yabai = {};
}; };
# NOTE: Not installed automatically # NOTE: Not installed automatically
homebrew = { homebrew = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
# brews = [];
onActivation = {
autoUpdate = true;
cleanup = "zap"; # Uninstall unlisted casks and associated files on rebuild
upgrade = true;
};
brews = [];
casks = [
"alt-tab"
"discord"
"iina"
"nextcloud"
"obsidian"
"protonvpn"
"signal"
];
}; };
# Set Git commit hash for darwin-version. # Set Git commit hash for darwin-version.

28
system/default.nix
View File

@ -91,7 +91,6 @@ with mylib.networking; {
"ssh-private-key" "ssh-private-key"
"nix-github-token" "nix-github-token"
"docker-password" "docker-password"
"jellyfin-password"
]; ];
}; };
@ -105,7 +104,31 @@ with mylib.networking; {
}; };
# Enable flakes # Enable flakes
nix = mylib.nixos.mkCommonNixSettings username; nix = {
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes pipe-operators
'';
settings.trusted-users = ["root" "${username}"];
# Auto garbage-collect and optimize store
gc.automatic = false; # Done by nh.clean.enable;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
# This will add your inputs as registries, making operations with them (such
# as nix shell nixpkgs#name) consistent with your flake inputs.
# (Registry contains flakes)
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
# Set NIX_PATH to find nixpgks
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
];
};
# Bootloader/Kernel stuff # Bootloader/Kernel stuff
boot = { boot = {
@ -235,7 +258,6 @@ with mylib.networking; {
description = "Christoph"; description = "Christoph";
group = "users"; group = "users";
uid = 1000; uid = 1000;
home = "/home/${username}";
extraGroups = [ extraGroups = [
"networkmanager" "networkmanager"
"wheel" "wheel"

4
system/nixinator/default.nix
View File

@ -124,7 +124,6 @@
# 31431 # Parsec # 31431 # Parsec
5173 # SvelteKit 5173 # SvelteKit
8090 # PocketBase 8090 # PocketBase
8188 # ComfyUI
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
@ -135,7 +134,6 @@
# 31431 # Parsec # 31431 # Parsec
5173 # SvelteKit 5173 # SvelteKit
8090 # PocketBase 8090 # PocketBase
8188 # ComfyUI
]; ];
}; };
@ -158,7 +156,7 @@
}; };
boot = { boot = {
kernelPackages = pkgs.linuxPackages_zen; # kernelPackages = pkgs.linuxPackages_zen;
# kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_latest;
# Why do I need to know if something fails during boot??? # Why do I need to know if something fails during boot???

53
system/servenix/default.nix
View File

@ -65,13 +65,52 @@
useNetworkManager = false; useNetworkManager = false;
networks = { networks = {
"10-ether-1G" = mylib.networking.mkStaticSystemdNetwork { # "10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
interface = "ens18"; # interface = "ens18";
ips = ["192.168.86.25/24"]; # ips = ["192.168.86.25/24" "fd00::19/64"];
routers = ["192.168.86.5"]; # Don't add IPv6 gateway, rely on router advertisement instead # routers = ["192.168.86.5" "fd00::5"];
nameservers = ["8.8.8.8" "8.8.4.4" "2001:4860:4860:8888" "2001:4860:4860:8844"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26 # nameservers = ["8.8.8.8" "2001:4860:4860::8888"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26
routable = true; # routable = true;
extraAddresses = ["fd00::19/64"]; # IPv6 ULA — declared without creating a route # };
# TODO: mylib.networking.mkStaticSystemdNetwork needs improvement to accomodate for this
"10-ether-1G" = rec {
enable = true;
# See man systemd.link, man systemd.netdev, man systemd.network
matchConfig = {
# This corresponds to the [MATCH] section
Name = "ens18"; # Match ethernet interface
};
# Static IP + DNS + Gateway
address = ["192.168.86.25/24"];
gateway = ["192.168.86.5"]; # Don't add IPv6 gateway, rely on router advertisement instead
dns = ["8.8.8.8" "8.8.4.4" "2001:4860:4860:8888" "2001:4860:4860:8844"];
routes = builtins.map (r: {Gateway = r;}) gateway;
# See man systemd.network
networkConfig = {
# This corresponds to the [NETWORK] section
DHCP = "no";
IPv6AcceptRA = "yes"; # Accept Router Advertisements
# MulticastDNS = "no";
# LLMNR = "no";
# LinkLocalAddressing = "ipv6";
};
addresses = [
{
# Don't add this to address, we don't want to create any routes with this
Address = "fd00::19/64";
}
];
linkConfig = {
# This corresponds to the [LINK] section
RequiredForOnline = "routable";
};
}; };
}; };

10
system/services/0_TEMPLATE.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -17,7 +16,14 @@ in {
image = "TEMPLATE:${TEMPLATEVersion}"; image = "TEMPLATE:${TEMPLATEVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/adguard.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "adguard/adguardhome:${adguardVersion}"; image = "adguard/adguardhome:${adguardVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/authelia.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "authelia/authelia:${autheliaVersion}"; image = "authelia/authelia:${autheliaVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/bazarr.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/bazarr:${bazarrVersion}"; image = "linuxserver/bazarr:${bazarrVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/box.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "stashapp/stash:${boxVersion}"; image = "stashapp/stash:${boxVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

20
system/services/comfyui.nix
View File

@ -1,19 +1,24 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
... ...
}: let }: let
# comfyuiVersion = "cu128-slim-20260316"; comfyuiVersion = "cu128-slim-20260316";
comfyuiVersion = "cu128-megapak-20260323";
in { in {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
comfyui = { comfyui = {
image = "yanwk/comfyui-boot:${comfyuiVersion}"; image = "yanwk/comfyui-boot:${comfyuiVersion}";
autoStart = false; autoStart = false;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -37,13 +42,6 @@ in {
PUID = "1000"; PUID = "1000";
PGID = "1000"; PGID = "1000";
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
# https://github.com/Comfy-Org/ComfyUI/blob/master/comfy/cli_args.py
# --use-sage-attention # => OOM
# --lowvram
# --disable-pinned-memory
# --cache-none
# CLI_ARGS = "--use-sage-attention";
}; };
extraOptions = [ extraOptions = [

10
system/services/fileflows-node.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "revenz/fileflows:${fileflowsVersion}"; image = "revenz/fileflows:${fileflowsVersion}";
autoStart = false; autoStart = false;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/fileflows.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "revenz/fileflows:${version}"; image = "revenz/fileflows:${version}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

28
system/services/gitea.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -28,7 +27,14 @@ in {
image = "postgres:14"; image = "postgres:14";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -53,7 +59,14 @@ in {
image = "gitea/gitea:${giteaVersion}"; image = "gitea/gitea:${giteaVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
"gitea-db" "gitea-db"
@ -94,7 +107,14 @@ in {
image = "gitea/act_runner:${runnerVersion}"; # NOTE: vegardit has other runner images image = "gitea/act_runner:${runnerVersion}"; # NOTE: vegardit has other runner images
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
"gitea" "gitea"

10
system/services/immich.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -40,7 +39,14 @@ in {
image = "redis"; image = "redis";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/jellyfin.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/jellyfin:${jellyfinVersion}"; image = "linuxserver/jellyfin:${jellyfinVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
# "pihole" # "pihole"

10
system/services/kopia.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -19,7 +18,14 @@ in {
image = "kopia/kopia:${kopiaVersion}"; image = "kopia/kopia:${kopiaVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

28
system/services/nextcloud.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -34,7 +33,14 @@ in {
image = "postgres:alpine"; image = "postgres:alpine";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -61,7 +67,14 @@ in {
image = "redis:alpine"; image = "redis:alpine";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -84,7 +97,14 @@ in {
image = "nextcloud:${nextcloudVersion}"; image = "nextcloud:${nextcloudVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
"nextcloud-db" "nextcloud-db"

10
system/services/nginx-proxy-manager.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "jc21/nginx-proxy-manager:${nginxVersion}"; image = "jc21/nginx-proxy-manager:${nginxVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

28
system/services/paperless.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -17,7 +16,14 @@ in {
image = "flor1der/paperless-nextcloud-sync:${paperlessNCVersion}"; image = "flor1der/paperless-nextcloud-sync:${paperlessNCVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -53,7 +59,14 @@ in {
image = "redis:7"; image = "redis:7";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];
@ -74,7 +87,14 @@ in {
image = "postgres:15"; image = "postgres:15";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/plex.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "plexinc/pms-docker:${plexVersion}"; image = "plexinc/pms-docker:${plexVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
# "pihole" # "pihole"

10
system/services/portainer-agent.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -14,7 +13,14 @@ in {
image = "portainer/agent:${portainerVersion}"; image = "portainer/agent:${portainerVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/portainer.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -13,7 +12,14 @@ in {
image = "portainer/portainer-ce:${portainerVersion}"; image = "portainer/portainer-ce:${portainerVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/prowlarr.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/prowlarr:${prowlarrVersion}"; image = "linuxserver/prowlarr:${prowlarrVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/pulse.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "rcourtman/pulse:${pulseVersion}"; image = "rcourtman/pulse:${pulseVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/radarr.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/radarr:${radarrVersion}"; image = "linuxserver/radarr:${radarrVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/sabnzbd-movies.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/sabnzbd:${sabnzbdVersion}"; image = "linuxserver/sabnzbd:${sabnzbdVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/sabnzbd-shows.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/sabnzbd:${sabnzbdVersion}"; image = "linuxserver/sabnzbd:${sabnzbdVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/sonarr.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "linuxserver/sonarr:${sonarrVersion}"; image = "linuxserver/sonarr:${sonarrVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/teamspeak.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "teamspeaksystems/teamspeak6-server:${teamspeakVersion}"; image = "teamspeaksystems/teamspeak6-server:${teamspeakVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/tinymediamanager.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "tinymediamanager/tinymediamanager:${version}"; image = "tinymediamanager/tinymediamanager:${version}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = []; dependsOn = [];

10
system/services/whats-up-docker.nix
View File

@ -1,5 +1,4 @@
{ {
mylib,
config, config,
lib, lib,
pkgs, pkgs,
@ -12,7 +11,14 @@ in {
image = "getwud/wud:${wudVersion}"; image = "getwud/wud:${wudVersion}";
autoStart = true; autoStart = true;
login = mylib.containers.mkDockerLogin config; login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [ dependsOn = [
# "pihole" # "pihole"

5
system/systemmodules/darwin.nix
View File

@ -1,5 +0,0 @@
{...}: {
imports = [
./sops-nix
];
}

6
system/systemmodules/impermanence/default.nix
View File

@ -152,13 +152,13 @@ in {
(mkUDir ".config/ghidra" m755) (mkUDir ".config/ghidra" m755)
(mkUDir ".config/impermanence" m755) (mkUDir ".config/impermanence" m755)
(mkUDir ".config/jellyfin-mpv-shim" m755) (mkUDir ".config/jellyfin-mpv-shim" m755)
# (mkUDir ".config/jellyfin-tui" m755) # Configured using nix (mkUDir ".config/jellyfin-tui" m755) # TODO: Generate this config file, have to use sops because it includes the password in cleartext
(mkUDir ".config/JetBrains" m755) (mkUDir ".config/JetBrains" m755)
(mkUDir ".config/kdeconnect" m755) (mkUDir ".config/kdeconnect" m755)
(mkUDir ".config/keepassxc" m755) (mkUDir ".config/keepassxc" m755)
(mkUDir ".config/Msty" m755) (mkUDir ".config/Msty" m755)
(mkUDir ".config/Nextcloud" m755) (mkUDir ".config/Nextcloud" m755)
# (mkUDir ".config/niri/dms" m755) (mkUDir ".config/niri/dms" m755)
(mkUDir ".config/obsidian" m755) (mkUDir ".config/obsidian" m755)
(mkUDir ".config/obs-studio" m755) (mkUDir ".config/obs-studio" m755)
(mkUDir ".config/Signal" m755) (mkUDir ".config/Signal" m755)
@ -182,7 +182,7 @@ in {
(mkUDir ".local/share/hytale-launcher" m755) (mkUDir ".local/share/hytale-launcher" m755)
(mkUDir ".local/share/Hytale" m755) (mkUDir ".local/share/Hytale" m755)
(mkUDir ".local/share/jellyfin-desktop" m755) (mkUDir ".local/share/jellyfin-desktop" m755)
# (mkUDir ".local/share/jellyfin-tui" m755) # Configured using nix (mkUDir ".local/share/jellyfin-tui" m755)
(mkUDir ".local/share/JetBrains" m755) # Unity (mkUDir ".local/share/JetBrains" m755) # Unity
(mkUDir ".local/share/keyrings" m755) # m700 (mkUDir ".local/share/keyrings" m755) # m700
(mkUDir ".local/share/IsolatedStorage" m755) # JetBrains license data (mkUDir ".local/share/IsolatedStorage" m755) # JetBrains license data

16
system/systemmodules/sops-nix/default.nix
View File

@ -26,23 +26,17 @@ in {
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
age = { age = {
keyFile = lib.mkDefault "${config.users.users.${username}.home}/.secrets/age/age.key"; keyFile = lib.mkDefault "/home/${username}/.secrets/age/age.key";
generateKey = false; generateKey = false;
sshKeyPaths = []; sshKeyPaths = [];
}; };
secrets = let secrets = let
mkSecret = name: { mkSecret = name: {
${name} = lib.mkMerge [ ${name} = {
(lib.optionalAttrs pkgs.stdenv.isLinux { owner = config.users.users.${username}.name;
owner = config.users.users.${username}.name; group = config.users.users.${username}.group;
group = config.users.users.${username}.group; };
})
(lib.optionalAttrs pkgs.stdenv.isDarwin {
owner = config.users.users.${username}.name;
group = "staff"; # Apparently there's no way to get the primary group?
})
];
}; };
mkBootSecret = name: { mkBootSecret = name: {

7
system/systemmodules/sops-nix/secrets.yaml
View File

@ -5,7 +5,6 @@ user-password: ENC[AES256_GCM,data:okgvaTTesCDwriI8PxhNdHZF8XgzB4yxapuFl2/CK8x4W
ssh-private-key: ENC[AES256_GCM,data:JrRarfeS3y6b9gxg4Za5GIc5Ci3aGR+OyZxQybj4dcv2mzxXmT/bm7KOwM1zkz1PFl1xW5X82T5jte+XQOKx0+6m4ovjUgUmQUMP4E/yosp8XSdi0+YlUKBEHEJx6HqCZy+v6qx5kfp9JC6fZqCbL1J6FIqWqAoKTFXoiou1YnhmBa2fM17Q++i6TflDWiVrUS7X9xjuZFq1hz1aQXS303uvJEUOEpXdqPyJvUKJWzVsFrAwpa9FG+reO70SSc+1hBbqdw1QjrzNWh3eNnztwZURauJtVFBYUZ5ozHmWBr4aVFjYvqz+t6G1SAunmBRbVqbH4bjBv9jXXjHAB4U0wanvkJN2C+EY1zxwjyx2fWckMdhoLr9gtC1FJKMbV49UFHJ3iXWNczKj1t7LrctehEKXJa0Eb3UogYuaRxbVYbC++kD8LvL4AY8ertgc9/pxQQZmogdINJmIxKN4HTlGbX8kSDLbohZLheOfzZ5ycTlrbOjfJ1EBMLo+mJcMUW0qhFySl1aamPqTeII7lvgTOE3xV/d/9VAQTFKsftWPNkfhAJIym51bYrrMPV8AVeFQnLhSid3d3zK4w20zIQKSYnq9A8zcNhM0keddiv4XC+M=,iv:7HP7VCFpMRZXRD6GD/zFzDSBO02V/DyxKLmuDCLXTLU=,tag:Ugx81JwCP8HmhtflYoevLg==,type:str] ssh-private-key: ENC[AES256_GCM,data:JrRarfeS3y6b9gxg4Za5GIc5Ci3aGR+OyZxQybj4dcv2mzxXmT/bm7KOwM1zkz1PFl1xW5X82T5jte+XQOKx0+6m4ovjUgUmQUMP4E/yosp8XSdi0+YlUKBEHEJx6HqCZy+v6qx5kfp9JC6fZqCbL1J6FIqWqAoKTFXoiou1YnhmBa2fM17Q++i6TflDWiVrUS7X9xjuZFq1hz1aQXS303uvJEUOEpXdqPyJvUKJWzVsFrAwpa9FG+reO70SSc+1hBbqdw1QjrzNWh3eNnztwZURauJtVFBYUZ5ozHmWBr4aVFjYvqz+t6G1SAunmBRbVqbH4bjBv9jXXjHAB4U0wanvkJN2C+EY1zxwjyx2fWckMdhoLr9gtC1FJKMbV49UFHJ3iXWNczKj1t7LrctehEKXJa0Eb3UogYuaRxbVYbC++kD8LvL4AY8ertgc9/pxQQZmogdINJmIxKN4HTlGbX8kSDLbohZLheOfzZ5ycTlrbOjfJ1EBMLo+mJcMUW0qhFySl1aamPqTeII7lvgTOE3xV/d/9VAQTFKsftWPNkfhAJIym51bYrrMPV8AVeFQnLhSid3d3zK4w20zIQKSYnq9A8zcNhM0keddiv4XC+M=,iv:7HP7VCFpMRZXRD6GD/zFzDSBO02V/DyxKLmuDCLXTLU=,tag:Ugx81JwCP8HmhtflYoevLg==,type:str]
nix-github-token: ENC[AES256_GCM,data:AXV0ODLhfa4M6+7clulfIKm0qCOeo3lQ+66iYgoDeR12RxZOV19UtA==,iv:1XECVKyzH3NumKwRSPKNlUwJMLFwptcG8DQ09U4LrGk=,tag:QdtvJNV8BttWjhH4v0RtRQ==,type:str] nix-github-token: ENC[AES256_GCM,data:AXV0ODLhfa4M6+7clulfIKm0qCOeo3lQ+66iYgoDeR12RxZOV19UtA==,iv:1XECVKyzH3NumKwRSPKNlUwJMLFwptcG8DQ09U4LrGk=,tag:QdtvJNV8BttWjhH4v0RtRQ==,type:str]
docker-password: ENC[AES256_GCM,data:mK5YWEQPKWBtVCgRBZvwWTdVAi8MEGbLnLeP7hfDkcc=,iv:Az8+eAK6R6xssmmbhuEsDbLU+ks8lS+qzc4L33WfefA=,tag:NSXvRhbIuRZZqRR28Tu0PQ==,type:str] docker-password: ENC[AES256_GCM,data:mK5YWEQPKWBtVCgRBZvwWTdVAi8MEGbLnLeP7hfDkcc=,iv:Az8+eAK6R6xssmmbhuEsDbLU+ks8lS+qzc4L33WfefA=,tag:NSXvRhbIuRZZqRR28Tu0PQ==,type:str]
jellyfin-password: ENC[AES256_GCM,data:ugfwgpkIiLY0O+m/UGnBB5AFPBkCcai+RQOkxiCSohE=,iv:VP+Jyv2lUIBz1dFow038uN0KT+tQKK9uGr7/T5crlgk=,tag:rPGPpaqZApfHkecLBSs4Yw==,type:str]
# #
#ENC[AES256_GCM,data:y5dlZFhK38dR+Q==,iv:1JYizUeyWeMR4KUblkj7kVSHPCL5l8mFpaQdo774BcM=,tag:kUTnBZb46KYQyi8bgIYSOQ==,type:comment] #ENC[AES256_GCM,data:y5dlZFhK38dR+Q==,iv:1JYizUeyWeMR4KUblkj7kVSHPCL5l8mFpaQdo774BcM=,tag:kUTnBZb46KYQyi8bgIYSOQ==,type:comment]
# #
@ -34,7 +33,7 @@ sops:
SURMTmh1TGIrRmtENzc0Sk4rNFJNUE0KOpjN6jkEHO+lvdWdp4P++r9SNSPWaT0h SURMTmh1TGIrRmtENzc0Sk4rNFJNUE0KOpjN6jkEHO+lvdWdp4P++r9SNSPWaT0h
FAbbvZZ/EdIk/njLEcayFN7B4ftTcD/f4XJZiyosilZnIkk76bMOHA== FAbbvZZ/EdIk/njLEcayFN7B4ftTcD/f4XJZiyosilZnIkk76bMOHA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2026-03-26T19:30:04Z" lastmodified: "2025-07-19T01:29:00Z"
mac: ENC[AES256_GCM,data:DGsz+TNyYXuX45Go4fkFDoWePhx1KUzq94awp+1bQtmq2MC+bPJrTNqvhBDx/I2OWFUNSh/0lXJVvaz4gfeYT9z8YCniJeb3z53ui7ldFL0BNnA6ua1iIViWbJvYARgWlSiuU7wTsb8om57Kainkpm9C9pp2U+vQqQ4suxLmrko=,iv:sUibX01AHDrscPqz+gIPyJhLRJYkyW4DPcQ3QtUGha0=,tag:8yuSGHMg1Z7kDMo2Bx4QlA==,type:str] mac: ENC[AES256_GCM,data:IzLYRuOlkUpry37sw7OB5MglntVflMjCcNiWpi7rvT2suOivLX9IT36qZFfYIbVIFXDmfsi1hsTvsPyekD7vVWQ1vkajAlGQYYTVpnO2cFrK3+TfWCyYjiD01rQBiRikybrR11zWRq6atieurDIxMUMEI7ypiqFOwpYaqSePAFc=,iv:9bc6rc4gjuiJWNjg1g0KfySqxnPjpzmlzDi/R+Iv2g4=,tag:tEwthVZAmdXbwRtoNykGrQ==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.12.2 version: 3.10.2

53
system/thinknix/default.nix
View File

@ -46,13 +46,52 @@
useNetworkManager = false; useNetworkManager = false;
networks = { networks = {
"10-ether-1G" = mylib.networking.mkStaticSystemdNetwork { # "10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
interface = "ens18"; # interface = "ens18";
ips = ["192.168.86.26/24"]; # ips = ["192.168.86.26/24" "fd00::1a/64"];
routers = ["192.168.86.5"]; # Don't add "fd00::5", rely on router advertisement instead # routers = ["192.168.86.5" "fd00::5"];
nameservers = ["8.8.8.8" "8.8.4.4" "2001:4860:4860::8888" "2001:4860:4860::8844"]; # NOTE: Use reliable DNS for servers instead of 127.0.0.1 # nameservers = ["8.8.8.8" "2001:4860:4860::8888"]; # NOTE: Use reliable DNS for servers instead of 127.0.0.1
routable = true; # routable = true;
extraAddresses = ["fd00::1a/64"]; # IPv6 ULA — declared without creating a route # };
# TODO: mylib.networking.mkStaticSystemdNetwork needs improvement to accomodate for this
"10-ether-1G" = rec {
enable = true;
# See man systemd.link, man systemd.netdev, man systemd.network
matchConfig = {
# This corresponds to the [MATCH] section
Name = "ens18"; # Match ethernet interface
};
# Static IP + DNS + Gateway
address = ["192.168.86.26/24"];
gateway = ["192.168.86.5"]; # Don't add "fd00::5", rely on router advertisement instead
dns = ["8.8.8.8" "8.8.4.4" "2001:4860:4860::8888" "2001:4860:4860::8844"];
routes = builtins.map (r: {Gateway = r;}) gateway;
# See man systemd.network
networkConfig = {
# This corresponds to the [NETWORK] section
DHCP = "no";
IPv6AcceptRA = "yes"; # Accept Router Advertisements
# MulticastDNS = "no";
# LLMNR = "no";
# LinkLocalAddressing = "ipv6";
};
addresses = [
{
# Don't add this to address, we don't want to create any routes with this
Address = "fd00::1a/64"; # IPv6 Unique-Local Address (ULA)
}
];
linkConfig = {
# This corresponds to the [LINK] section
RequiredForOnline = "routable";
};
}; };
}; };