update nixos

This reverts commit c3d9242e2e335ea6095cb474d3bcd8afad5c856d.

aplysia.nix

@@ -8,6 +8,7 @@ in
     [
       /etc/nixos/hardware-configuration.nix
       ./common-headless.nix
+      ./tailscale.nix
     ];
 
   boot.supportedFilesystems = ["zfs"];
@@ -39,6 +40,7 @@ in
 
       nilotica = {
         group = "nilotica";
+        isNormalUser = true;
       };
 
       transmission = {
@@ -133,7 +135,7 @@ in
         ipv6.routes = [ { address = "::"; prefixLength = 0; } ];
       };
 
-      environment.systemPackages = with pkgs; [ wireguard ];
+      environment.systemPackages = with pkgs; [ wireguard-tools ];
     };
 
     privateNetwork = true;
@@ -210,7 +212,7 @@ in
 
   services.rsyncd = {
     enable = true;
-    modules = {
+    settings = {
       lr_mobile = {
         path = "/mnt/aplysia/fotos/lr_mobile";
         "read only" = "yes";

archachatina.nix

@@ -37,12 +37,7 @@
 
   hardware.cpu.intel.updateMicrocode = true;
 
-  services.wakeonlan.interfaces = [
-    {
-      interface = "enp3s0";
-      method = "magicpacket";
-    }
-  ];
+  networking.interfaces."enp3s0".wakeOnLan.enable = true;
 
   # services.xserver.displayManager.defaultSession = pkgs.lib.mkForce "sway";
   #

basic-tools.nix

@@ -26,7 +26,7 @@
     lua
     perl
     gdb
-    bind nmap tcpdump telnet
+    bind nmap tcpdump (pkgs.inetutils or telnet)
     usbutils
     dstat
     which
@@ -37,11 +37,12 @@
     links2
     ctags
     nix-prefetch-scripts
-    (pkgs.wireguard or pkgs.hello)
+    (pkgs.wireguard-tools or pkgs.wireguard or pkgs.hello)
     jq
     #b2sum
     strace
     ncdu
+    hyperfine
   ];
 
   environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";

common-gui.nix

@@ -2,12 +2,12 @@
 
 {
   imports = [
-    ./pulseaudio.nix
+    ./pipewire.nix
   ];
 
   i18n.inputMethod = {
-    enabled = "fcitx";
-    fcitx.engines = with pkgs.fcitx-engines; [ mozc anthy table-other m17n ];
+    enabled = "fcitx5";
+    fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-table-other fcitx5-m17n fcitx5-rime rime-data ];
   };
 
   fonts = {
@@ -18,17 +18,17 @@
     fonts = with pkgs; [
       # xorg.fontbhlucidatypewriter100dpi
       # xorg.fontbhlucidatypewriter75dpi
-      freefont_ttf
+      # freefont_ttf
       gyre-fonts # TrueType substitutes for standard PostScript fonts
       # xorg.fontbh100dpi
-      xorg.fontmiscmisc
-      xorg.fontcursormisc
+      # xorg.fontmiscmisc
+      # xorg.fontcursormisc
       unifont
 
       noto-fonts-emoji
       noto-fonts-cjk
 
-      cantarell_fonts # from gnome3 module
+      cantarell-fonts # from gnome3 module
 
       merriweather
       merriweather-sans
@@ -46,9 +46,10 @@
       source-han-sans
 
       inconsolata
-      iosevka
+      # iosevka
       fira fira-mono fira-code
       source-code-pro
+      stix-two
 
       font-awesome_5
     ];
@@ -63,15 +64,17 @@
 
     libinput
     libnotify
+
+    gsettings-desktop-schemas
   ];
 
   # prevent satanic torture
-  programs.qt5ct.enable = true;
+  qt.platformTheme = "qt5ct";
 
   hardware.uinput.enable = true;
   users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
 
-  services.dbus.packages = with pkgs; [ gnome3.gcr ];
+  services.dbus.packages = with pkgs; [ gcr ];
   services.udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
 
   # copied from gnome3 module
@@ -79,16 +82,17 @@
   services.udisks2.enable = true;
   services.accounts-daemon.enable = true;
   services.geoclue2.enable = true;
-  services.gnome3.at-spi2-core.enable = true;
-  services.gnome3.gnome-keyring.enable = true;
+  services.gnome.at-spi2-core.enable = true;
+  services.gnome.gnome-keyring.enable = true;
   services.gvfs.enable = true;
   programs.seahorse.enable = true;
-  services.gnome3.sushi.enable = true;
-  services.gnome3.gnome-settings-daemon.enable = true;
+  services.gnome.sushi.enable = true;
+  services.gnome.gnome-settings-daemon.enable = true;
   services.telepathy.enable = true;
   networking.networkmanager.enable = true;
   services.upower.enable = config.powerManagement.enable;
   programs.dconf.enable = true;
+  services.gnome.glib-networking.enable = true;
   services.flatpak.enable = true;
   xdg.portal = {
     enable = true;
@@ -96,10 +100,6 @@
   };
   # Needed for themes and backgrounds
   environment.pathsToLink = [ "/share" ];
-  environment.variables.GIO_EXTRA_MODULES = with pkgs.gnome3; [
-    "${pkgs.lib.getLib dconf}/lib/gio/modules"
-    "${glib_networking.out}/lib/gio/modules"
-    "${gvfs}/lib/gio/modules" ];
 
   hardware.bluetooth = {
     enable = true;

common-headless.nix

@@ -9,9 +9,11 @@
 
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
-  nix.useSandbox = true;
-  nix.binaryCaches = [ https://cache.nixos.org ];
-  nix.trustedBinaryCaches = [ https://cache.nixos.org ];
+  nix.settings = {
+    sandbox = true;
+    substituters = [ "https://cache.nixos.org" ];
+    trusted-substituters = [ "https://cache.nixos.org" ];
+  };
   nix.extraOptions = ''
     auto-optimise-store = true
     binary-caches-parallel-connections = 10
@@ -25,8 +27,8 @@
   # Enable the OpenSSH daemon.
   services.openssh = {
     enable = true;
-    permitRootLogin = "no";
-    passwordAuthentication = false;
+    settings.PermitRootLogin = "no";
+    settings.PasswordAuthentication = false;
   };
   programs.ssh.startAgent = false;
 
@@ -43,10 +45,23 @@
     dockerCompat = true;
   };
 
+  virtualisation.containers.containersConf.settings = {
+    engine = {
+      cgroup_manager = "cgroupfs";
+    };
+  };
+
+  virtualisation.containers = {
+    registries.search = [ "docker.io" ];
+  };
+
   virtualisation.lxd.enable = true;
   virtualisation.lxd.recommendedSysctlSettings = true;
+  virtualisation.lxd.package = pkgs.lxd;
   virtualisation.lxc.lxcfs.enable = true;
 
+  systemd.enableUnifiedCgroupHierarchy = pkgs.lib.mkForce true;
+
   boot.kernel.sysctl = {
     "kernel.perf_event_paranoid" = "0";
     "kernel.kptr_restrict" = pkgs.lib.mkForce "0";
@@ -70,7 +85,7 @@
   };
 
   fileSystems."/mnt/aplysia" = {
-    device = "//aplysia.ams.gebner.org/export";
+    device = "//aplysia.htdf.gebner.org/export";
     fsType = "cifs";
     options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aplysia" "vers=1.0"  ];
   };
@@ -110,13 +125,14 @@
     defaultLocale = "en_US.UTF-8";
     extraLocaleSettings = {
       # LC_TIME = "en_GB.UTF-8";
-      LC_PAPER = "de_AT.UTF-8";
+      # LC_PAPER = "de_AT.UTF-8";
     };
+    supportedLocales = [ "all" ]; # https://github.com/NixOS/nixpkgs/pull/177318
   };
 
   system.fsPackages = with pkgs; [
     ntfs3g
-    exfat
+    exfatprogs
   ];
 
 }

common-sw.nix

@@ -2,17 +2,18 @@
 
 {
   imports = [
-    # ./fix-firefox.nix
+    ./fix-firefox.nix
   ];
 
   environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
     gmpc
+    mpdevil
     m4
     (pkgs.openjdk or pkgs.openjdk14 or pkgs.openjdk12 or pkgs.openjdk11 or pkgs.openjdk10 or openjdk8)
     sbt scala
     ungoogled-chromium
     # chromium
-    # firefox
+    firefox
     qalculate-gtk
     libqalculate
     viewnior
@@ -33,7 +34,7 @@
     ripgrep
     imagemagick
     mercurial
-    manpages
+    (pkgs.man-pages or manpages)
 
     dfeet
 
@@ -53,6 +54,7 @@
     lsof
 
     pdfpc
+    poppler_utils
 
     # emacs
     emacs
@@ -69,6 +71,7 @@
 
     rclone
     duplicity
+    restic
     magic-wormhole
 
     linuxPackages.perf
@@ -81,6 +84,7 @@
     glucose
     prover9
     eprover
+    vampire
     metis-prover
     spass
     z3
@@ -94,9 +98,14 @@
 
   nixpkgs.config.allowTexliveBuilds = true;
   nixpkgs.config.allowUnfree = true;
+  nixpkgs.config.allowUnfreePredicate = (pkg: true);
   nixpkgs.config.android_sdk.accept_license = true;
 
   programs.adb.enable = true;
   users.extraUsers.gebner.extraGroups = [ "adbusers" ];
 
+  nixpkgs.config.packageOverrides = pkgs: with pkgs; {
+    khal = pkgs.khal.overridePythonAttrs (_: { doCheck = false; });
+  };
+
 }

decoysnail.nix

@@ -4,6 +4,7 @@
   imports =
     [
       ./common-headless.nix
+      # ./i3.nix
       ./sway.nix
       ./large-sw.nix
       ./uefi.nix
@@ -34,7 +35,7 @@
   #  { device = "/dev/disk/by-uuid/b7274abd-58a5-4acc-8481-30e105e94eec"; }
   #];
 
-  nix.maxJobs = pkgs.lib.mkDefault 6;
+  nix.settings.max-jobs = pkgs.lib.mkDefault 6;
   powerManagement.cpuFreqGovernor = pkgs.lib.mkDefault "powersave";
 
   environment.etc."lvm/lvm.conf".text = ''
@@ -105,9 +106,9 @@
     enable = true;
   };
 
-  services.xserver = {
-    videoDrivers = [ "intel" ];
-  };
+  # services.xserver = {
+  #   videoDrivers = [ "intel" ];
+  # };
 
   fonts.fontconfig = {
     subpixel.rgba = "none";

euhadra.nix

@@ -6,9 +6,11 @@ let mpdStreamingPort = 8080; in
     [
       /etc/nixos/hardware-configuration.nix
       ./common-headless.nix
-      ./i3.nix
+      ./sway.nix
       ./uefi.nix
       ./fstrim.nix
+      # ./nebula.nix
+      ./tailscale.nix
     ];
 
   environment.etc."lvm/lvm.conf".text = ''
@@ -16,14 +18,13 @@ let mpdStreamingPort = 8080; in
       issue_discards = 1
     }
   '';
-  boot.initrd.luks.devices = [
-    {
-      name = "euhadra_crypt";
+  boot.initrd.luks.devices = {
+    euhadra_crypt = {
       device = "/dev/disk/by-uuid/328a9ede-0958-490b-8e82-62b06b839e21";
       preLVM = true;
       allowDiscards = true;
-    }
-  ];
+    };
+  };
 
   networking.hostName = "euhadra";
   networking.hostId = "ddb5f0fd";
@@ -32,9 +33,12 @@ let mpdStreamingPort = 8080; in
 
   services.mpd = {
     enable = true;
-    network.listenAddress = "any";
+    # network.listenAddress = "127.0.0.1";
     musicDirectory = "/mnt/aplysia/music";
     extraConfig = ''
+      bind_to_address "10.59.0.6"
+      bind_to_address "100.97.134.100"
+
       # audio_output {
       #   type "alsa"
       #   name "dac"
@@ -44,6 +48,7 @@ let mpdStreamingPort = 8080; in
       audio_output {
         type "pulse"
         name "pulse"
+        server "127.0.0.1"
       }
 
       audio_output {
@@ -58,6 +63,39 @@ let mpdStreamingPort = 8080; in
     '';
   };
 
+  services.pipewire = {
+    config.pipewire-pulse = {
+      "pulse.properties"."server.address" = [
+        "unix:native"
+        "tcp:127.0.0.1:4713"
+        "tcp:100.97.134.100:4713"
+      ];
+    };
+  };
+
+  networking.wireguard.interfaces.wg0 = {
+    ips = ["10.59.0.6/16"];
+    privateKeyFile = "/etc/wgkeys/euhadra";
+    allowedIPsAsRoutes = true;
+    postSetup = ''
+      ${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
+      ${pkgs.systemd}/bin/resolvectl dns wg0 10.58.0.1
+    '';
+    peers = [{
+      publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
+      allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
+      endpoint = "htdf-gw.gebner.org:35869";
+      # endpoint = "80.109.29.104:35869";
+      # endpoint = "127.0.0.1:35869";
+    }];
+  };
+  # systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
+
+  services.resolved = {
+    domains = [];
+    enable = true;
+  };
+
   networking.firewall.allowedTCPPorts = [
     config.services.mpd.network.port
     4713 # pulseaudio
@@ -70,16 +108,19 @@ let mpdStreamingPort = 8080; in
 
   nixpkgs.config.mpv.vaapiSupport = true;
 
-  hardware.pulseaudio = {
-    systemWide = true;
-    zeroconf.publish.enable = true;
-    tcp = {
-      enable = true;
-      anonymousClients.allowedIpRanges = [
-        "127.0.0.1"
-        "10.57.0.0/16"
-      ];
-    };
-  };
+  # hardware.pulseaudio = {
+  #   systemWide = true;
+  #   zeroconf.publish.enable = true;
+  #   tcp = {
+  #     enable = true;
+  #     anonymousClients.allowedIpRanges = [
+  #       "127.0.0.1"
+  #       "10.57.0.0/16"
+  #     ];
+  #   };
+  # };
 
+  system.stateVersion = "22.05";
+
+  time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
 }

fix-firefox.nix

@@ -19,7 +19,8 @@
         f=localization/en-US/browser/browserSets.ftl
         mkdir browser
         cd browser
-        unzip $j
+        # corrupt zip files??
+        unzip $j || true
         patch $f <${./fix-firefox.patch}
         rm $j
         zip -0DXqr $j *
@@ -28,7 +29,7 @@
       inherit (firefox-unwrapped) meta;
       passthru = {
         inherit (firefox-unwrapped.passthru) version isFirefox3Like gtk
-          nspr gssSupport browserName ffmpegSupport gtk3;
+          nspr gssSupport browserName ffmpegSupport gtk3 binaryName;
       };
     };
   };

flake.lock

@@ -1,28 +1,12 @@
 {
   "nodes": {
-    "flake-compat": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1606424373,
-        "narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
     "flake-utils": {
       "locked": {
-        "lastModified": 1610051610,
-        "narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
+        "lastModified": 1638122382,
+        "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
+        "rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
         "type": "github"
       },
       "original": {
@@ -31,73 +15,13 @@
         "type": "github"
       }
     },
-    "flake-utils_2": {
-      "locked": {
-        "lastModified": 1618217525,
-        "narHash": "sha256-WGrhVczjXTiswQaoxQ+0PTfbLNeOQM6M36zvLn78AYg=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "c6169a2772643c4a93a0b5ac1c61e296cba68544",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "neovim-flake": {
-      "inputs": {
-        "flake-utils": "flake-utils",
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "dir": "contrib",
-        "lastModified": 1624433763,
-        "narHash": "sha256-jIAOMqzIYS1a+CpMFg05wAWV3gRbFRQBUnuuqf5PqMQ=",
-        "owner": "neovim",
-        "repo": "neovim",
-        "rev": "0d7e33bc1307117127e519fb12ec491a1a1ebd82",
-        "type": "github"
-      },
-      "original": {
-        "dir": "contrib",
-        "owner": "neovim",
-        "repo": "neovim",
-        "type": "github"
-      }
-    },
-    "neovim-overlay": {
-      "inputs": {
-        "flake-compat": "flake-compat",
-        "neovim-flake": "neovim-flake",
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1624435902,
-        "narHash": "sha256-w8F7tlqosL4aCpFUdx1MZMZcVNgpo0QlQ6O22grSuzI=",
-        "owner": "nix-community",
-        "repo": "neovim-nightly-overlay",
-        "rev": "e2fb9369e1fd4d85676564d970ff0dc0983113fb",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "neovim-nightly-overlay",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1624271441,
-        "narHash": "sha256-26QNDCdRE5mPOWYJrPGpVzgrJ3ZxqvWOONfeMsjryz4=",
+        "lastModified": 1693158576,
+        "narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "7e567a3d092b7de69cdf5deaeb8d9526de230916",
+        "rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780",
         "type": "github"
       },
       "original": {
@@ -109,25 +33,25 @@
     },
     "root": {
       "inputs": {
-        "neovim-overlay": "neovim-overlay",
         "nixpkgs": "nixpkgs",
         "utils": "utils"
       }
     },
     "utils": {
       "inputs": {
-        "flake-utils": "flake-utils_2"
+        "flake-utils": "flake-utils"
       },
       "locked": {
-        "lastModified": 1619358717,
-        "narHash": "sha256-FkEOIW82ClvUBtD8aqPediM8FERldsOyjPIyapVa65I=",
+        "lastModified": 1638172912,
+        "narHash": "sha256-jxhQGNEsZTdop/Br3JPS+xmBf6t9cIWRzVZFxbT76Rw=",
         "owner": "gytis-ivaskevicius",
         "repo": "flake-utils-plus",
-        "rev": "e7ae270a23695b50fbb6b72759a7fb1e3340ca86",
+        "rev": "166d6ebd9f0de03afc98060ac92cba9c71cfe550",
         "type": "github"
       },
       "original": {
         "owner": "gytis-ivaskevicius",
+        "ref": "v1.3.1",
         "repo": "flake-utils-plus",
         "type": "github"
       }

flake.nix

@@ -2,24 +2,25 @@
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
 
-    utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
+    utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1";
 
-    neovim-overlay = {
-      url = "github:nix-community/neovim-nightly-overlay";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
+    # neovim-overlay = {
+    #   url = "github:nix-community/neovim-nightly-overlay";
+    #   inputs.nixpkgs.follows = "nixpkgs";
+    # };
   };
 
-  outputs = inputs@{ self, nixpkgs, neovim-overlay, utils, ... }: utils.lib.systemFlake {
+  outputs = inputs@{ self, nixpkgs, utils, ... }: utils.lib.mkFlake {
     inherit self inputs;
 
     channels.nixpkgs.input = nixpkgs;
 
     channels.nixpkgs.patches = [ ];
 
+    nix.generateRegistryFromInputs = true;
+
     hostDefaults = {
       modules = [
-        utils.nixosModules.saneFlakeDefaults
         ({ ... }: { nix.extraOptions = "warn-dirty = false"; })
       ];
     };

flammea.nix

@@ -1,11 +1,13 @@
 { config, pkgs, ... }:
 
+let mpdStreamingPort = 8080; in
 {
   imports =
     [
       ./common-headless.nix
       # ./sway.nix
-      ./i3.nix
+      # ./i3.nix
+      ./gnome3.nix
       ./large-sw.nix
       ./uefi.nix
       ./fstrim.nix
@@ -16,6 +18,7 @@
       ./spacenav.nix
       ./nvim05.nix
       ./nm-restart.nix
+      ./tailscale.nix
     ];
 
   hardware.enableRedistributableFirmware = true;
@@ -26,6 +29,7 @@
     "zenpower"
   ];
   boot.extraModulePackages = [ ];
+  boot.supportedFilesystems = [ "zfs" ];
 
   fileSystems."/" =
     { device = "/dev/disk/by-uuid/3b8c5c8a-fff2-49ba-98bd-ceb01d6d57c3";
@@ -57,12 +61,7 @@
 
   hardware.cpu.amd.updateMicrocode = true;
 
-  services.wakeonlan.interfaces = [
-    {
-      interface = "enp42s0";
-      method = "magicpacket";
-    }
-  ];
+  networking.interfaces."enp42s0".wakeOnLan.enable = true;
 
   # users.extraUsers.presentation = {
   #   isNormalUser = true;
@@ -84,7 +83,7 @@
 
   virtualisation.virtualbox.host = {
     enable = true;
-    # enableExtensionPack = true;
+    enableExtensionPack = true;
   };
   # nixpkgs.config.allowUnfree = true;
 
@@ -101,7 +100,7 @@
 
   hardware.opengl.extraPackages = with pkgs; [
     rocm-opencl-icd
-    # rocm-runtime-ext
+    rocm-runtime
   ];
 
   # services.nix-serve = {
@@ -110,7 +109,13 @@
   # };
   # networking.firewall.allowedTCPPorts = [ config.services.nix-serve.port ];
 
-  services.openssh.forwardX11 = true;
+  networking.firewall.trustedInterfaces = [ "tailscale0" ];
+
+  services.openssh.settings.X11Forwarding = true;
+
+  fileSystems."/mnt/aplysia".device = pkgs.lib.mkOverride 10 "//aplysia.auroch-boa.ts.net/export";
+
+  time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
 
   # nixpkgs.config.packageOverrides = super: let self = super.pkgs; in {
   #     mesa_drivers = self.mesaDarwinOr (
@@ -123,16 +128,14 @@
   #     );
   # };
 
-  #boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_latest;
-  # boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
-  # boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_8;
+  boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_6_1;
 
-  services.xserver = {
-    videoDrivers = [ "amdgpu" ];
-    deviceSection = ''
-      Option "TearFree" "on"
-    '';
-  };
+  # services.xserver = {
+  #   videoDrivers = [ "amdgpu" ];
+  #   deviceSection = ''
+  #     Option "TearFree" "on"
+  #   '';
+  # };
 
   services.ratbagd.enable = true;
 
@@ -145,6 +148,48 @@
     ACTION=="add", KERNEL=="i2c-[0-9]*", GROUP="wheel", MODE="666"
   '';
 
-  system.stateVersion = "21.05";
+  system.stateVersion = "22.11";
 
+  # services.mpd = {
+  #   enable = true;
+  #   # network.listenAddress = "127.0.0.1";
+  #   # musicDirectory = "/mnt/aplysia/music";
+  #   musicDirectory = "/home/gebner/Music";
+  #   user = "gebner";
+  #   extraConfig = ''
+  #     bind_to_address "100.125.210.32"
+  #
+  #     # audio_output {
+  #     #   type "alsa"
+  #     #   name "dac"
+  #     #   device "sysdefault:CARD=QAMP"
+  #     # }
+  #
+  #     audio_output {
+  #       type "pulse"
+  #       name "pulse"
+  #       server "127.0.0.1"
+  #     }
+  #
+  #     audio_output {
+  #       type "httpd"
+  #       name "http"
+  #       encoder "flac"
+  #       port "${toString mpdStreamingPort}"
+  #     }
+  #
+  #     replaygain "auto"
+  #     restore_paused "yes"
+  #   '';
+  # };
+  #
+  # environment.etc."pipewire/pipewire-pulse.conf.d/listen.conf".text = ''
+  #   pulse.properties = {
+  #     server.address = [
+  #       "unix:native"
+  #       "tcp:127.0.0.1:4713"
+  #       # "tcp:100.97.134.100:4713"
+  #     ]
+  #   }
+  # '';
 }

gnome3.nix

@@ -2,40 +2,44 @@
 
 {
   imports = [
-    ./pulseaudio.nix
+    ./pipewire.nix
   ];
 
   i18n.inputMethod = {
     enabled = "ibus";
-    ibus.engines = with pkgs.ibus-engines; [ mozc table-others m17n ];
+    ibus.engines = with pkgs.ibus-engines; [ mozc table-others m17n rime ];
   };
 
   environment.systemPackages = with pkgs; [
-    gnome3.libgweather
-    gnome3.gnome-tweak-tool
+    gnome.gnome-tweaks
     pavucontrol
     paprefs
+    playerctl
+    xorg.xlsclients
+    gthumb
   ];
 
+  hardware.pulseaudio.enable = false;
+
   fonts = {
     enableDefaultFonts = false;
     fontconfig = {
       allowBitmaps = false;
     };
     fonts = with pkgs; [
-      xorg.fontbhlucidatypewriter100dpi
-      xorg.fontbhlucidatypewriter75dpi
-      freefont_ttf
+      # xorg.fontbhlucidatypewriter100dpi
+      # xorg.fontbhlucidatypewriter75dpi
+      # freefont_ttf
       gyre-fonts # TrueType substitutes for standard PostScript fonts
-      xorg.fontbh100dpi
-      xorg.fontmiscmisc
-      xorg.fontcursormisc
+      # xorg.fontbh100dpi
+      # xorg.fontmiscmisc
+      # xorg.fontcursormisc
       unifont
 
       noto-fonts-emoji
       noto-fonts-cjk
 
-      cantarell_fonts # from gnome3 module
+      cantarell-fonts # from gnome3 module
 
       merriweather
       merriweather-sans
@@ -56,13 +60,14 @@
       iosevka
       fira fira-mono fira-code
       source-code-pro
+      stix-two
 
       font-awesome_5
     ];
   };
 
   # prevent satanic torture
-  programs.qt5ct.enable = true;
+  qt.platformTheme = "qt5ct";
 
   hardware.uinput.enable = true;
   users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
@@ -80,11 +85,11 @@
 
   services.xserver = {
     enable = true;
-    libinput.enable = true;
+    # libinput.enable = true;
     displayManager.gdm.enable = true;
-    displayManager.defaultSession = "gnome";
+    # displayManager.defaultSession = "gnome";
 
-    desktopManager.gnome3 = {
+    desktopManager.gnome = {
       enable = true;
     };
   };

i3.nix

@@ -5,15 +5,15 @@
     ./common-gui.nix
   ];
 
-  environment.systemPackages = with pkgs; with gnome3; [
+  environment.systemPackages = with pkgs; [
     i3
     i3status
     rofi
     rofi-pass
     feh
-    gnome_keyring
+    gnome3.gnome-keyring
     networkmanagerapplet
-    nautilus # in closure of gnome-terminal anyhow
+    gnome3.nautilus # in closure of gnome-terminal anyhow
     pcmanfm
     # colord
     evince
@@ -23,19 +23,19 @@
     scrot
     pavucontrol
     pasystray
-    dconf-editor
+    gnome3.dconf-editor
     unclutter-xfixes
     dunst
 
     xorg.xev
 
     # gnome3 core packages
-    desktop_file_utils shared_mime_info
+    desktop-file-utils shared-mime-info
     glib gtk3
-    glib_networking gvfs dconf
-    gnome_settings_daemon
-    gnome_themes_standard defaultIconTheme
-    hicolor_icon_theme
+    glib-networking gvfs dconf
+    gnome3.gnome-settings-daemon
+    gnome-themes-extra gnome3.adwaita-icon-theme
+    hicolor-icon-theme
   ];
 
   services.xserver = {
@@ -60,7 +60,7 @@
         name = "i3wm";
         start = ''
           export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
-          export $(${pkgs.gnome3.gnome_keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
+          export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
           export XDG_CURRENT_DESKTOP=X-Generic
           i3 &
           waitPID=$!
@@ -75,7 +75,7 @@
     xkbOptions = "caps:ctrl_modifier";
   };
 
-  services.dbus.socketActivated = true;
+  # services.dbus.socketActivated = true;
   services.dbus.packages = with pkgs; [ dunst ];
   systemd.packages = [ pkgs.dunst ];
 

large-sw.nix

@@ -2,7 +2,7 @@
 
 {
   environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
-    idea.idea-community
+    jetbrains.idea-community
     # idea.clion
     texlive.combined.scheme-full biber
     gimp
@@ -10,14 +10,10 @@
     # jabref
     libreoffice-fresh
     # calibre
-    goldendict
+    # goldendict
 
     xournal
-    (xournalpp.overrideDerivation (_: {
-      patches = [
-        ./xournalpp-cursor-blink.patch
-      ];
-    }))
+    xournalpp
 
     vscode
 

mastus/configuration.nix

@@ -5,7 +5,7 @@
     [
       /etc/nixos/hardware-configuration.nix
       ../basic-tools.nix
-      # ./backup.nix
+      ./backup.nix
       ./duplicity.nix
 
       ./mail.nix
@@ -17,6 +17,7 @@
       ./radicale.nix
       # ./ttrss.nix
       ./dns.nix
+      ./nebula.nix
     ];
 
   boot.loader.grub.enable = true;

mastus/dns.nix

@@ -9,7 +9,7 @@ let
       IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e
   '';
 
-  timestamp = "1497294847";
+  timestamp = "1664458744";
 
   heNsServers = ''
     @ IN NS ns1.he.net.
@@ -48,8 +48,8 @@ in
           misuji ${misuji}
           mastus ${mastus}
 
-          home-gw IN A 80.109.2.154
-          htdf-gw IN A 80.109.2.154
+          home-gw IN A 80.109.29.104
+          htdf-gw IN A 80.109.29.104
           ams-gw IN A 82.217.167.76
 
           @ ${mastus}

mastus/gitea.nix

@@ -34,7 +34,7 @@
         proxyPass = "http://127.0.0.1:${toString config.services.gitea.httpPort}";
         extraConfig = ''
           proxy_buffering off;
-          client_max_body_size 30M;
+          client_max_body_size 256M;
         '';
       };
     };

mastus/nebula.nix

@@ -0,0 +1,25 @@
+{ config, pkgs, ... }:
+
+let mastus = "37.252.120.145";
+in {
+  services.nebula.networks.gabriel = {
+    enable = true;
+    ca = "/etc/nebula/gabriel/ca.crt";
+    cert = "/etc/nebula/gabriel/mastus.crt";
+    key = "/etc/nebula/gabriel/mastus.key";
+
+    isLighthouse = true;
+    staticHostMap = {
+      "192.168.18.36" = [ "${mastus}:4242" ];
+    };
+
+    firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
+
+    settings = {
+      serve_dns = true;
+      lighthouse.dns = { host = "192.168.18.36"; port = 5353; };
+    };
+  };
+
+  networking.firewall.allowedUDPPorts = [ 4242 ];
+}

mastus/radicale.nix

@@ -5,12 +5,15 @@ in
 {
   services.radicale = {
     enable = true;
-    package = pkgs.radicale2;
+    package = pkgs.radicale3.overrideDerivation (_: {
+      #patches = [ ./radicale1249.patch ];
+      doCheck = false;
+      pytestCheckPhase = "true";
+    });
     settings = {
       server = {
         hosts = "127.0.0.1:${toString radicalePort}";
         ssl = false;
-        dns_lookup = false;
       };
 
       storage = {
@@ -20,6 +23,7 @@ in
       auth = {
         type = "htpasswd";
         htpasswd_filename = "/var/lib/radicale/htpasswd";
+        htpasswd_encryption = "bcrypt";
       };
 
       rights = {
@@ -38,6 +42,16 @@ in
       locations."/" = {
         proxyPass = "http://127.0.0.1:${toString radicalePort}";
       };
+      # Fake nextcloud api:
+      # https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/1#note_857357
+      extraConfig = ''
+        rewrite ^/remote.php/carddav / redirect;
+        rewrite ^/remote.php/caldav / redirect;
+
+        location /remote.php/webdav {
+                return 200;
+        }
+      '';
     };
   };
 

mastus/radicale1249.patch

@@ -0,0 +1,37 @@
+diff --git a/radicale/app/propfind.py b/radicale/app/propfind.py
+index 52d0b00..ee7cf28 100644
+--- a/radicale/app/propfind.py
++++ b/radicale/app/propfind.py
+@@ -350,8 +350,8 @@ class ApplicationPartPropfind(ApplicationBase):
+                 permission = "r"
+                 status = "read"
+             else:
+-                permission = ""
+-                status = "NO"
++                permission = "r"
++                status = "read"
+             logger.debug(
+                 "%s has %s access to %s",
+                 repr(user) if user else "anonymous user", status, target)
+@@ -362,8 +362,8 @@ class ApplicationPartPropfind(ApplicationBase):
+                     path: str, user: str) -> types.WSGIResponse:
+         """Manage PROPFIND request."""
+         access = Access(self._rights, user, path)
+-        if not access.check("r"):
+-            return httputils.NOT_ALLOWED
++        #if not access.check("r"):
++        #    return httputils.NOT_ALLOWED
+         try:
+             xml_content = self._read_xml_request_body(environ)
+         except RuntimeError as e:
+@@ -380,8 +380,8 @@ class ApplicationPartPropfind(ApplicationBase):
+             item = next(items_iter, None)
+             if not item:
+                 return httputils.NOT_FOUND
+-            if not access.check("r", item):
+-                return httputils.NOT_ALLOWED
++            #if not access.check("r", item):
++            #    return httputils.NOT_ALLOWED
+             # put item back
+             items_iter = itertools.chain([item], items_iter)
+             allowed_items = self._collect_allowed_items(items_iter, user)

nebula.nix

@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+let mastus = "37.252.120.145"; hostname = config.networking.hostName;
+in {
+  services.nebula.networks.gabriel = {
+    enable = true;
+    ca = "/etc/nebula/gabriel/ca.crt";
+    cert = "/etc/nebula/gabriel/${hostname}.crt";
+    key = "/etc/nebula/gabriel/${hostname}.key";
+
+    listen.host = "[::]";
+    listen.port = 0; # dynamic ip
+
+    staticHostMap = {
+      "192.168.18.36" = [ "${mastus}:4242" ];
+    };
+    lighthouses = [
+      "192.168.18.36"
+    ];
+
+    firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
+    firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
+  };
+
+  networking.firewall.allowedUDPPorts = [ 4242 ];
+}

nm-restart.nix

@@ -5,4 +5,5 @@
   systemd.services.NetworkManager-dispatcher.restartIfChanged = false;
   systemd.services.NetworkManager-wait-online.restartIfChanged = false;
   systemd.services.wpa_supplicant.restartIfChanged = false;
+  systemd.services.systemd-resolved.restartIfChanged = false;
 }

nvim05.nix

@@ -1,16 +1,21 @@
 { config, inputs, ... }:
 
 {
-  nixpkgs.overlays = [ inputs.neovim-overlay.overlay ];
+  # nixpkgs.overlays = [ inputs.neovim-overlay.overlay ];
 
   nixpkgs.config.packageOverrides = pkgs: with pkgs; {
-    neovim-qt-unwrapped = neovim-qt-unwrapped.overrideDerivation (_: {
-      src = fetchFromGitHub {
-        owner  = "equalsraf";
-        repo   = "neovim-qt";
-        rev    = "54987208b698c84e761cc097550b80641367f0c8";
-        sha256 = "sha256-I3/gPk5ay9Scs+YtVWNyLm2zE1T1cMEjdpVbYclHT1M=";
-      };
-    });
+    # neovim-unwrapped = neovim-unwrapped.overrideDerivation (orig: {
+    #   patches = orig.patches ++ [ ];
+    # });
+
+    # neovim-qt-unwrapped = neovim-qt-unwrapped.overrideDerivation (_: {
+    #   version = "0.2.17.9999";
+    #   src = fetchFromGitHub {
+    #     owner  = "equalsraf";
+    #     repo   = "neovim-qt";
+    #     rev    = "67cc4e414a8e64a475e55230818fab0f78415634";
+    #     sha256 = "sha256-3jYYY7T7L4rMsxIxJwY32izmlJKrrqbmU4DZ2Aow5uE=";
+    #   };
+    # });
   };
 }

petalius.nix

@@ -4,8 +4,8 @@
   imports =
     [
       ./common-headless.nix
-      # ./sway.nix
-      ./i3.nix
+      ./sway.nix
+      # ./i3.nix
       ./large-sw.nix
       ./uefi.nix
       ./fstrim.nix
@@ -14,6 +14,8 @@
       ./huion.nix
       ./nvim05.nix
       ./nm-restart.nix
+      # ./nebula.nix
+      ./tailscale.nix
     ];
 
   hardware.enableRedistributableFirmware = true;
@@ -37,7 +39,7 @@
 
   swapDevices = [ ];
 
-  nix.maxJobs = 4;
+  nix.settings.max-jobs = 4;
 
   environment.etc."lvm/lvm.conf".text = ''
     devices {
@@ -52,22 +54,22 @@
     };
   };
 
-  services.xserver = {
-    dpi = 120;
-
-    libinput.enable = true;
-    config = ''
-      Section "InputClass"
-        Identifier "touchpad"
-        Driver "libinput"
-        MatchDevicePath "/dev/input/event*"
-        MatchIsPointer "true"
-      EndSection
-    '';
-
-    videoDrivers = [ "modesetting" ];
-    useGlamor = true;
-  };
+  # services.xserver = {
+  #   dpi = 120;
+  #
+  #   libinput.enable = true;
+  #   config = ''
+  #     Section "InputClass"
+  #       Identifier "touchpad"
+  #       Driver "libinput"
+  #       MatchDevicePath "/dev/input/event*"
+  #       MatchIsPointer "true"
+  #     EndSection
+  #   '';
+  #
+  #   videoDrivers = [ "modesetting" ];
+  #   useGlamor = true;
+  # };
   programs.light.enable = true;
 
   services.tlp.enable = true;
@@ -94,6 +96,8 @@
   users.extraUsers.gebner.extraGroups = [ "libvirtd" ];
   virtualisation.libvirtd.enable = true;
 
+  virtualisation.waydroid.enable = true;
+
   # virtualisation.virtualbox.host.enable = true;
 
   # boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_4;
@@ -113,10 +117,11 @@
   # time.timeZone = pkgs.lib.mkOverride 10 "Europe/London";
   # time.timeZone = pkgs.lib.mkOverride 10 "Europe/Lisbon";
   # time.timeZone = pkgs.lib.mkOverride 10 "US/Eastern";
+  time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
 
   #services.avahi.nssmdns = true;
 
-  system.stateVersion = "18.03";
+  system.stateVersion = "22.11";
 
   networking.wireguard.interfaces.wg0 = {
     ips = ["10.59.0.2/16"];
@@ -129,9 +134,9 @@
     peers = [{
       publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
       allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
-      # endpoint = "htdf-gw.gebner.org:35869";
-      # endpoint = "80.109.2.154:35869";
-      endpoint = "127.0.0.1:35869";
+      endpoint = "htdf-gw.gebner.org:35869";
+      # endpoint = "80.109.29.104:35869";
+      # endpoint = "127.0.0.1:35869";
     }];
   };
   systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
@@ -156,4 +161,21 @@
 
   services.fwupd.enable = true;
 
+  users.extraUsers.gebner2 = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      # "networkmanager"
+      "audio"
+      # "transmission"
+      # "lxd"
+      # "libvirtd"
+      # "vboxusers"
+      # "wireshark"
+      "input" "tty" "audio" "video" "uinput"
+    ];
+    # shell = "${pkgs.zsh}/bin/zsh";
+    shell = "/run/current-system/sw/bin/fish";
+  };
+
 }

pipewire.nix

@@ -12,18 +12,18 @@
     pulse.enable = true;
     jack.enable = true;
 
-    media-session.config.bluez-monitor.rules = [
-      {
-        # Matches all cards
-        matches = [ { "device.name" = "~bluez_card.*"; } ];
-        actions = {
-          "update-props" = {
-            "bluez5.reconnect-profiles" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
-            "bluez5.msbc-support" = true;
-          };
-        };
-      }
-    ];
+    # media-session.config.bluez-monitor.rules = [
+    #   {
+    #     # Matches all cards
+    #     matches = [ { "device.name" = "~bluez_card.*"; } ];
+    #     actions = {
+    #       "update-props" = {
+    #         "bluez5.reconnect-profiles" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
+    #         "bluez5.msbc-support" = true;
+    #       };
+    #     };
+    #   }
+    # ];
   };
 
   environment.systemPackages = with pkgs; [
@@ -32,6 +32,7 @@
     carla
     qjackctl
     pipewire.lib
+    helvum
   ];
 
 }

sway.nix

@@ -5,14 +5,15 @@
     ./common-gui.nix
   ];
 
-  environment.systemPackages = with pkgs; with gnome3; [
+  environment.systemPackages = with pkgs; [
     i3status
     (waybar.override { pulseSupport = true; })
-    wofi
+    rofi-wayland
     ydotool
+    wtype
     wl-clipboard
     feh
-    gnome_keyring
+    gnome3.gnome-keyring
     networkmanagerapplet
     pcmanfm
     evince
@@ -20,32 +21,34 @@
     mako
     pavucontrol
     paprefs
-    dconf-editor
+    gnome3.dconf-editor
 
     xdg_utils # for xdg-open
 
     # gnome3 core packages
-    desktop_file_utils shared_mime_info
+    desktop-file-utils shared-mime-info
     glib gtk3
-    glib_networking gvfs dconf
-    gnome_themes_standard defaultIconTheme
-    hicolor_icon_theme
+    glib-networking gvfs dconf
+    gnome-themes-extra gnome3.adwaita-icon-theme
+    hicolor-icon-theme
 
     # for QT_QPA_PLATFORM=wayland
     qt5.qtwayland
 
     wdisplays
+
+    playerctl
+
+    xorg.xlsclients
   ];
 
-  nixpkgs.config.packageOverrides = pkgs: with pkgs; {
-    firefox = firefox-wayland;
-  };
-
-  services.dbus.socketActivated = true;
+  # services.dbus.socketActivated = true;
 
   programs.sway = {
     enable = true;
 
+    wrapperFeatures.gtk = true;
+
     extraSessionCommands = ''
       export SDL_VIDEODRIVER=wayland
 
@@ -62,17 +65,17 @@
       export WINIT_UNIX_BACKEND=x11
 
       export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
-      export $(${pkgs.gnome3.gnome_keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
+      export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
       export XDG_CURRENT_DESKTOP=sway
     '';
   };
 
-  services.xserver = {
-    enable = true;
-    libinput.enable = true;
-    displayManager.lightdm.enable = true;
-    displayManager.defaultSession = "sway";
-  };
+  # services.xserver = {
+  #   enable = true;
+  #   libinput.enable = true;
+  #   # displayManager.lightdm.enable = true;
+  #   displayManager.defaultSession = "sway";
+  # };
 
   services.dbus.packages = with pkgs; [ mako ];
 

tailscale.nix

@@ -0,0 +1,9 @@
+{ config, pkgs, ... }: {
+  # make the tailscale command usable to users
+  environment.systemPackages = [ pkgs.tailscale ];
+
+  # enable the tailscale service
+  services.tailscale.enable = true;
+
+  networking.firewall.checkReversePath = "loose";
+}

xournalpp-cursor-blink.patch

@@ -1,69 +0,0 @@
-commit 92e4041efb6165505a8729968648392d7b5ff459
-Author: Gabriel Ebner <gebner@gebner.org>
-Date:   Sun Aug 16 19:47:52 2020 +0200
-
-    Allow the user to disable cursor blinking.
-    
-    This uses the same setting which is also used by the built-in text entry
-    widget.
-
-diff --git a/src/gui/TextEditor.cpp b/src/gui/TextEditor.cpp
-index 0750ad0e..807786cf 100644
---- a/src/gui/TextEditor.cpp
-+++ b/src/gui/TextEditor.cpp
-@@ -37,6 +37,7 @@ TextEditor::TextEditor(XojPageView* gui, GtkWidget* widget, Text* text, bool own
- 	gtk_text_buffer_place_cursor(this->buffer, &first);
- 
- 	GtkSettings* settings = gtk_widget_get_settings(this->widget);
-+        g_object_get(settings, "gtk-cursor-blink", &this->cursorBlink, nullptr);
- 	g_object_get(settings, "gtk-cursor-blink-time", &this->cursorBlinkTime, nullptr);
- 	g_object_get(settings, "gtk-cursor-blink-timeout", &this->cursorBlinkTimeout, nullptr);
- 
-@@ -48,7 +49,12 @@ TextEditor::TextEditor(XojPageView* gui, GtkWidget* widget, Text* text, bool own
- 	g_signal_connect(this->imContext, "retrieve-surrounding", G_CALLBACK(iMRetrieveSurroundingCallback), this);
- 	g_signal_connect(this->imContext, "delete-surrounding", G_CALLBACK(imDeleteSurroundingCallback), this);
- 
--	blinkCallback(this);
-+    if (this->cursorBlink) {
-+        blinkCallback(this);
-+    } else {
-+        this->cursorVisible = true;
-+    }
-+
- }
- 
- TextEditor::~TextEditor()
-@@ -654,12 +660,15 @@ void TextEditor::moveCursor(GtkMovementStep step, int count, bool extendSelectio
- 		gtk_widget_error_bell(this->widget);
- 	}
- 
--	this->cursorVisible = false;
--	if (this->blinkTimeout)
--	{
--		g_source_remove(this->blinkTimeout);
--	}
--	blinkCallback(this);
-+    if (this->cursorBlink) {
-+        this->cursorVisible = false;
-+        if (this->blinkTimeout) {
-+            g_source_remove(this->blinkTimeout);
-+        }
-+        blinkCallback(this);
-+    } else {
-+        repaintCursor();
-+    }
- }
- 
- void TextEditor::findPos(GtkTextIter* iter, double xPos, double yPos)
-diff --git a/src/gui/TextEditor.h b/src/gui/TextEditor.h
-index fdeb8b0f..008807b1 100644
---- a/src/gui/TextEditor.h
-+++ b/src/gui/TextEditor.h
-@@ -108,6 +108,7 @@ private:
- 	double markPosX = 0;
- 	double markPosY = 0;
- 
-+        bool cursorBlink = true;
- 	int cursorBlinkTime = 0;
- 	int cursorBlinkTimeout = 0;
- 	int blinkTimeout = 0;  // handler id