gebner/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: gebner:master
Branches Tags
gebner:master
gebner:mesa172test
..
compare: gebner:3fdda46bdd1e84dce0066cfbf4822aed9e24773e
Branches Tags
gebner:master
gebner:mesa172test

No commits in common. "master" and "3fdda46bdd1e84dce0066cfbf4822aed9e24773e" have entirely different histories.
master ... 3fdda46bdd

29 changed files with 350 additions and 462 deletions
Show Stats Expand all files Collapse all files

6
aplysia.nix
View File

@ -8,7 +8,6 @@ in
[
/etc/nixos/hardware-configuration.nix
./common-headless.nix
./tailscale.nix
];
boot.supportedFilesystems = ["zfs"];
@ -40,7 +39,6 @@ in
nilotica = {
group = "nilotica";
isNormalUser = true;
};
transmission = {
@ -135,7 +133,7 @@ in
ipv6.routes = [ { address = "::"; prefixLength = 0; } ];
};
environment.systemPackages = with pkgs; [ wireguard-tools ];
environment.systemPackages = with pkgs; [ wireguard ];
};
privateNetwork = true;
@ -212,7 +210,7 @@ in
services.rsyncd = {
enable = true;
settings = {
modules = {
lr_mobile = {
path = "/mnt/aplysia/fotos/lr_mobile";
"read only" = "yes";

7
archachatina.nix
View File

@ -37,7 +37,12 @@
hardware.cpu.intel.updateMicrocode = true;
networking.interfaces."enp3s0".wakeOnLan.enable = true;
services.wakeonlan.interfaces = [
{
interface = "enp3s0";
method = "magicpacket";
}
];
# services.xserver.displayManager.defaultSession = pkgs.lib.mkForce "sway";
#

5
basic-tools.nix
View File

@ -26,7 +26,7 @@
lua
perl
gdb
bind nmap tcpdump (pkgs.inetutils or telnet)
bind nmap tcpdump telnet
usbutils
dstat
which
@ -37,12 +37,11 @@
links2
ctags
nix-prefetch-scripts
(pkgs.wireguard-tools or pkgs.wireguard or pkgs.hello)
(pkgs.wireguard or pkgs.hello)
jq
#b2sum
strace
ncdu
hyperfine
];
environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";

36
common-gui.nix
View File

@ -2,12 +2,12 @@
{
imports = [
./pipewire.nix
./pulseaudio.nix
];
i18n.inputMethod = {
enabled = "fcitx5";
fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-table-other fcitx5-m17n fcitx5-rime rime-data ];
enabled = "fcitx";
fcitx.engines = with pkgs.fcitx-engines; [ mozc anthy table-other m17n ];
};
fonts = {
@ -18,17 +18,17 @@
fonts = with pkgs; [
# xorg.fontbhlucidatypewriter100dpi
# xorg.fontbhlucidatypewriter75dpi
# freefont_ttf
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
# xorg.fontbh100dpi
# xorg.fontmiscmisc
# xorg.fontcursormisc
xorg.fontmiscmisc
xorg.fontcursormisc
unifont
noto-fonts-emoji
noto-fonts-cjk
cantarell-fonts # from gnome3 module
cantarell_fonts # from gnome3 module
merriweather
merriweather-sans
@ -46,10 +46,9 @@
source-han-sans
inconsolata
# iosevka
iosevka
fira fira-mono fira-code
source-code-pro
stix-two
font-awesome_5
];
@ -64,17 +63,15 @@
libinput
libnotify
gsettings-desktop-schemas
];
# prevent satanic torture
qt.platformTheme = "qt5ct";
programs.qt5ct.enable = true;
hardware.uinput.enable = true;
users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
services.dbus.packages = with pkgs; [ gcr ];
services.dbus.packages = with pkgs; [ gnome3.gcr ];
services.udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
# copied from gnome3 module
@ -82,17 +79,16 @@
services.udisks2.enable = true;
services.accounts-daemon.enable = true;
services.geoclue2.enable = true;
services.gnome.at-spi2-core.enable = true;
services.gnome.gnome-keyring.enable = true;
services.gnome3.at-spi2-core.enable = true;
services.gnome3.gnome-keyring.enable = true;
services.gvfs.enable = true;
programs.seahorse.enable = true;
services.gnome.sushi.enable = true;
services.gnome.gnome-settings-daemon.enable = true;
services.gnome3.sushi.enable = true;
services.gnome3.gnome-settings-daemon.enable = true;
services.telepathy.enable = true;
networking.networkmanager.enable = true;
services.upower.enable = config.powerManagement.enable;
programs.dconf.enable = true;
services.gnome.glib-networking.enable = true;
services.flatpak.enable = true;
xdg.portal = {
enable = true;
@ -100,6 +96,10 @@
};
# Needed for themes and backgrounds
environment.pathsToLink = [ "/share" ];
environment.variables.GIO_EXTRA_MODULES = with pkgs.gnome3; [
"${pkgs.lib.getLib dconf}/lib/gio/modules"
"${glib_networking.out}/lib/gio/modules"
"${gvfs}/lib/gio/modules" ];
hardware.bluetooth = {
enable = true;

32
common-headless.nix
View File

@ -9,11 +9,9 @@
boot.kernelPackages = pkgs.linuxPackages_latest;
nix.settings = {
sandbox = true;
substituters = [ "https://cache.nixos.org" ];
trusted-substituters = [ "https://cache.nixos.org" ];
};
nix.useSandbox = true;
nix.binaryCaches = [ https://cache.nixos.org ];
nix.trustedBinaryCaches = [ https://cache.nixos.org ];
nix.extraOptions = ''
auto-optimise-store = true
binary-caches-parallel-connections = 10
@ -27,8 +25,8 @@
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
settings.PasswordAuthentication = false;
permitRootLogin = "no";
passwordAuthentication = false;
};
programs.ssh.startAgent = false;
@ -45,23 +43,10 @@
dockerCompat = true;
};
virtualisation.containers.containersConf.settings = {
engine = {
cgroup_manager = "cgroupfs";
};
};
virtualisation.containers = {
registries.search = [ "docker.io" ];
};
virtualisation.lxd.enable = true;
virtualisation.lxd.recommendedSysctlSettings = true;
virtualisation.lxd.package = pkgs.lxd;
virtualisation.lxc.lxcfs.enable = true;
systemd.enableUnifiedCgroupHierarchy = pkgs.lib.mkForce true;
boot.kernel.sysctl = {
"kernel.perf_event_paranoid" = "0";
"kernel.kptr_restrict" = pkgs.lib.mkForce "0";
@ -85,7 +70,7 @@
};
fileSystems."/mnt/aplysia" = {
device = "//aplysia.htdf.gebner.org/export";
device = "//aplysia.ams.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aplysia" "vers=1.0" ];
};
@ -125,14 +110,13 @@
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
# LC_TIME = "en_GB.UTF-8";
# LC_PAPER = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8";
};
supportedLocales = [ "all" ]; # https://github.com/NixOS/nixpkgs/pull/177318
};
system.fsPackages = with pkgs; [
ntfs3g
exfatprogs
exfat
];
}

15
common-sw.nix
View File

@ -2,18 +2,17 @@
{
imports = [
./fix-firefox.nix
# ./fix-firefox.nix
];
environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
gmpc
mpdevil
m4
(pkgs.openjdk or pkgs.openjdk14 or pkgs.openjdk12 or pkgs.openjdk11 or pkgs.openjdk10 or openjdk8)
sbt scala
ungoogled-chromium
# chromium
firefox
# firefox
qalculate-gtk
libqalculate
viewnior
@ -34,7 +33,7 @@
ripgrep
imagemagick
mercurial
(pkgs.man-pages or manpages)
manpages
dfeet
@ -54,7 +53,6 @@
lsof
pdfpc
poppler_utils
# emacs
emacs
@ -71,7 +69,6 @@
rclone
duplicity
restic
magic-wormhole
linuxPackages.perf
@ -84,7 +81,6 @@
glucose
prover9
eprover
vampire
metis-prover
spass
z3
@ -98,14 +94,9 @@
nixpkgs.config.allowTexliveBuilds = true;
nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowUnfreePredicate = (pkg: true);
nixpkgs.config.android_sdk.accept_license = true;
programs.adb.enable = true;
users.extraUsers.gebner.extraGroups = [ "adbusers" ];
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
khal = pkgs.khal.overridePythonAttrs (_: { doCheck = false; });
};
}

9
decoysnail.nix
View File

@ -4,7 +4,6 @@
imports =
[
./common-headless.nix
# ./i3.nix
./sway.nix
./large-sw.nix
./uefi.nix
@ -35,7 +34,7 @@
# { device = "/dev/disk/by-uuid/b7274abd-58a5-4acc-8481-30e105e94eec"; }
#];
nix.settings.max-jobs = pkgs.lib.mkDefault 6;
nix.maxJobs = pkgs.lib.mkDefault 6;
powerManagement.cpuFreqGovernor = pkgs.lib.mkDefault "powersave";
environment.etc."lvm/lvm.conf".text = ''
@ -106,9 +105,9 @@
enable = true;
};
# services.xserver = {
# videoDrivers = [ "intel" ];
# };
services.xserver = {
videoDrivers = [ "intel" ];
};
fonts.fontconfig = {
subpixel.rgba = "none";

77
euhadra.nix
View File

@ -6,11 +6,9 @@ let mpdStreamingPort = 8080; in
[
/etc/nixos/hardware-configuration.nix
./common-headless.nix
./sway.nix
./i3.nix
./uefi.nix
./fstrim.nix
# ./nebula.nix
./tailscale.nix
];
environment.etc."lvm/lvm.conf".text = ''
@ -18,13 +16,14 @@ let mpdStreamingPort = 8080; in
issue_discards = 1
}
'';
boot.initrd.luks.devices = {
euhadra_crypt = {
boot.initrd.luks.devices = [
{
name = "euhadra_crypt";
device = "/dev/disk/by-uuid/328a9ede-0958-490b-8e82-62b06b839e21";
preLVM = true;
allowDiscards = true;
};
};
}
];
networking.hostName = "euhadra";
networking.hostId = "ddb5f0fd";
@ -33,12 +32,9 @@ let mpdStreamingPort = 8080; in
services.mpd = {
enable = true;
# network.listenAddress = "127.0.0.1";
network.listenAddress = "any";
musicDirectory = "/mnt/aplysia/music";
extraConfig = ''
bind_to_address "10.59.0.6"
bind_to_address "100.97.134.100"
# audio_output {
# type "alsa"
# name "dac"
@ -48,7 +44,6 @@ let mpdStreamingPort = 8080; in
audio_output {
type "pulse"
name "pulse"
server "127.0.0.1"
}
audio_output {
@ -63,39 +58,6 @@ let mpdStreamingPort = 8080; in
'';
};
services.pipewire = {
config.pipewire-pulse = {
"pulse.properties"."server.address" = [
"unix:native"
"tcp:127.0.0.1:4713"
"tcp:100.97.134.100:4713"
];
};
};
networking.wireguard.interfaces.wg0 = {
ips = ["10.59.0.6/16"];
privateKeyFile = "/etc/wgkeys/euhadra";
allowedIPsAsRoutes = true;
postSetup = ''
${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
${pkgs.systemd}/bin/resolvectl dns wg0 10.58.0.1
'';
peers = [{
publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
endpoint = "htdf-gw.gebner.org:35869";
# endpoint = "80.109.29.104:35869";
# endpoint = "127.0.0.1:35869";
}];
};
# systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
services.resolved = {
domains = [];
enable = true;
};
networking.firewall.allowedTCPPorts = [
config.services.mpd.network.port
4713 # pulseaudio
@ -108,19 +70,16 @@ let mpdStreamingPort = 8080; in
nixpkgs.config.mpv.vaapiSupport = true;
# hardware.pulseaudio = {
# systemWide = true;
# zeroconf.publish.enable = true;
# tcp = {
# enable = true;
# anonymousClients.allowedIpRanges = [
# "127.0.0.1"
# "10.57.0.0/16"
# ];
# };
# };
hardware.pulseaudio = {
systemWide = true;
zeroconf.publish.enable = true;
tcp = {
enable = true;
anonymousClients.allowedIpRanges = [
"127.0.0.1"
"10.57.0.0/16"
];
};
};
system.stateVersion = "22.05";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
}

5
fix-firefox.nix
View File

@ -19,8 +19,7 @@
f=localization/en-US/browser/browserSets.ftl
mkdir browser
cd browser
# corrupt zip files??
unzip $j || true
unzip $j
patch $f <${./fix-firefox.patch}
rm $j
zip -0DXqr $j *
@ -29,7 +28,7 @@
inherit (firefox-unwrapped) meta;
passthru = {
inherit (firefox-unwrapped.passthru) version isFirefox3Like gtk
nspr gssSupport browserName ffmpegSupport gtk3 binaryName;
nspr gssSupport browserName ffmpegSupport gtk3;
};
};
};

98
flake.lock
View File

@ -1,12 +1,28 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1638122382,
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
"lastModified": 1610051610,
"narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
"rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
"type": "github"
},
"original": {
@ -15,13 +31,73 @@
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1618217525,
"narHash": "sha256-WGrhVczjXTiswQaoxQ+0PTfbLNeOQM6M36zvLn78AYg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c6169a2772643c4a93a0b5ac1c61e296cba68544",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"neovim-flake": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "contrib",
"lastModified": 1624433763,
"narHash": "sha256-jIAOMqzIYS1a+CpMFg05wAWV3gRbFRQBUnuuqf5PqMQ=",
"owner": "neovim",
"repo": "neovim",
"rev": "0d7e33bc1307117127e519fb12ec491a1a1ebd82",
"type": "github"
},
"original": {
"dir": "contrib",
"owner": "neovim",
"repo": "neovim",
"type": "github"
}
},
"neovim-overlay": {
"inputs": {
"flake-compat": "flake-compat",
"neovim-flake": "neovim-flake",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1624435902,
"narHash": "sha256-w8F7tlqosL4aCpFUdx1MZMZcVNgpo0QlQ6O22grSuzI=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "e2fb9369e1fd4d85676564d970ff0dc0983113fb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1693158576,
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
"lastModified": 1624271441,
"narHash": "sha256-26QNDCdRE5mPOWYJrPGpVzgrJ3ZxqvWOONfeMsjryz4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780",
"rev": "7e567a3d092b7de69cdf5deaeb8d9526de230916",
"type": "github"
},
"original": {
@ -33,25 +109,25 @@
},
"root": {
"inputs": {
"neovim-overlay": "neovim-overlay",
"nixpkgs": "nixpkgs",
"utils": "utils"
}
},
"utils": {
"inputs": {
"flake-utils": "flake-utils"
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1638172912,
"narHash": "sha256-jxhQGNEsZTdop/Br3JPS+xmBf6t9cIWRzVZFxbT76Rw=",
"lastModified": 1619358717,
"narHash": "sha256-FkEOIW82ClvUBtD8aqPediM8FERldsOyjPIyapVa65I=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "166d6ebd9f0de03afc98060ac92cba9c71cfe550",
"rev": "e7ae270a23695b50fbb6b72759a7fb1e3340ca86",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"ref": "v1.3.1",
"repo": "flake-utils-plus",
"type": "github"
}

15
flake.nix
View File

@ -2,25 +2,24 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
# neovim-overlay = {
# url = "github:nix-community/neovim-nightly-overlay";
# inputs.nixpkgs.follows = "nixpkgs";
# };
neovim-overlay = {
url = "github:nix-community/neovim-nightly-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ self, nixpkgs, utils, ... }: utils.lib.mkFlake {
outputs = inputs@{ self, nixpkgs, neovim-overlay, utils, ... }: utils.lib.systemFlake {
inherit self inputs;
channels.nixpkgs.input = nixpkgs;
channels.nixpkgs.patches = [ ];
nix.generateRegistryFromInputs = true;
hostDefaults = {
modules = [
utils.nixosModules.saneFlakeDefaults
({ ... }: { nix.extraOptions = "warn-dirty = false"; })
];
};

85
flammea.nix
View File

@ -1,13 +1,11 @@
{ config, pkgs, ... }:
let mpdStreamingPort = 8080; in
{
imports =
[
./common-headless.nix
# ./sway.nix
# ./i3.nix
./gnome3.nix
./i3.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
@ -18,7 +16,6 @@ let mpdStreamingPort = 8080; in
./spacenav.nix
./nvim05.nix
./nm-restart.nix
./tailscale.nix
];
hardware.enableRedistributableFirmware = true;
@ -29,7 +26,6 @@ let mpdStreamingPort = 8080; in
"zenpower"
];
boot.extraModulePackages = [ ];
boot.supportedFilesystems = [ "zfs" ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3b8c5c8a-fff2-49ba-98bd-ceb01d6d57c3";
@ -61,7 +57,12 @@ let mpdStreamingPort = 8080; in
hardware.cpu.amd.updateMicrocode = true;
networking.interfaces."enp42s0".wakeOnLan.enable = true;
services.wakeonlan.interfaces = [
{
interface = "enp42s0";
method = "magicpacket";
}
];
# users.extraUsers.presentation = {
# isNormalUser = true;
@ -83,7 +84,7 @@ let mpdStreamingPort = 8080; in
virtualisation.virtualbox.host = {
enable = true;
enableExtensionPack = true;
# enableExtensionPack = true;
};
# nixpkgs.config.allowUnfree = true;
@ -100,7 +101,7 @@ let mpdStreamingPort = 8080; in
hardware.opengl.extraPackages = with pkgs; [
rocm-opencl-icd
rocm-runtime
# rocm-runtime-ext
];
# services.nix-serve = {
@ -109,13 +110,7 @@ let mpdStreamingPort = 8080; in
# };
# networking.firewall.allowedTCPPorts = [ config.services.nix-serve.port ];
networking.firewall.trustedInterfaces = [ "tailscale0" ];
services.openssh.settings.X11Forwarding = true;
fileSystems."/mnt/aplysia".device = pkgs.lib.mkOverride 10 "//aplysia.auroch-boa.ts.net/export";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
services.openssh.forwardX11 = true;
# nixpkgs.config.packageOverrides = super: let self = super.pkgs; in {
# mesa_drivers = self.mesaDarwinOr (
@ -128,14 +123,16 @@ let mpdStreamingPort = 8080; in
# );
# };
boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_6_1;
#boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_latest;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_8;
# services.xserver = {
# videoDrivers = [ "amdgpu" ];
# deviceSection = ''
# Option "TearFree" "on"
# '';
# };
services.xserver = {
videoDrivers = [ "amdgpu" ];
deviceSection = ''
Option "TearFree" "on"
'';
};
services.ratbagd.enable = true;
@ -148,48 +145,6 @@ let mpdStreamingPort = 8080; in
ACTION=="add", KERNEL=="i2c-[0-9]*", GROUP="wheel", MODE="666"
'';
system.stateVersion = "22.11";
system.stateVersion = "21.05";
# services.mpd = {
# enable = true;
# # network.listenAddress = "127.0.0.1";
# # musicDirectory = "/mnt/aplysia/music";
# musicDirectory = "/home/gebner/Music";
# user = "gebner";
# extraConfig = ''
# bind_to_address "100.125.210.32"
#
# # audio_output {
# # type "alsa"
# # name "dac"
# # device "sysdefault:CARD=QAMP"
# # }
#
# audio_output {
# type "pulse"
# name "pulse"
# server "127.0.0.1"
# }
#
# audio_output {
# type "httpd"
# name "http"
# encoder "flac"
# port "${toString mpdStreamingPort}"
# }
#
# replaygain "auto"
# restore_paused "yes"
# '';
# };
#
# environment.etc."pipewire/pipewire-pulse.conf.d/listen.conf".text = ''
# pulse.properties = {
# server.address = [
# "unix:native"
# "tcp:127.0.0.1:4713"
# # "tcp:100.97.134.100:4713"
# ]
# }
# '';
}

35
gnome3.nix
View File

@ -2,44 +2,40 @@
{
imports = [
./pipewire.nix
./pulseaudio.nix
];
i18n.inputMethod = {
enabled = "ibus";
ibus.engines = with pkgs.ibus-engines; [ mozc table-others m17n rime ];
ibus.engines = with pkgs.ibus-engines; [ mozc table-others m17n ];
};
environment.systemPackages = with pkgs; [
gnome.gnome-tweaks
gnome3.libgweather
gnome3.gnome-tweak-tool
pavucontrol
paprefs
playerctl
xorg.xlsclients
gthumb
];
hardware.pulseaudio.enable = false;
fonts = {
enableDefaultFonts = false;
fontconfig = {
allowBitmaps = false;
};
fonts = with pkgs; [
# xorg.fontbhlucidatypewriter100dpi
# xorg.fontbhlucidatypewriter75dpi
# freefont_ttf
xorg.fontbhlucidatypewriter100dpi
xorg.fontbhlucidatypewriter75dpi
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
# xorg.fontbh100dpi
# xorg.fontmiscmisc
# xorg.fontcursormisc
xorg.fontbh100dpi
xorg.fontmiscmisc
xorg.fontcursormisc
unifont
noto-fonts-emoji
noto-fonts-cjk
cantarell-fonts # from gnome3 module
cantarell_fonts # from gnome3 module
merriweather
merriweather-sans
@ -60,14 +56,13 @@
iosevka
fira fira-mono fira-code
source-code-pro
stix-two
font-awesome_5
];
};
# prevent satanic torture
qt.platformTheme = "qt5ct";
programs.qt5ct.enable = true;
hardware.uinput.enable = true;
users.extraUsers.gebner.extraGroups = [ "input" "tty" "audio" "video" "uinput" ];
@ -85,11 +80,11 @@
services.xserver = {
enable = true;
# libinput.enable = true;
libinput.enable = true;
displayManager.gdm.enable = true;
# displayManager.defaultSession = "gnome";
displayManager.defaultSession = "gnome";
desktopManager.gnome = {
desktopManager.gnome3 = {
enable = true;
};
};

22
i3.nix
View File

@ -5,15 +5,15 @@
./common-gui.nix
];
environment.systemPackages = with pkgs; [
environment.systemPackages = with pkgs; with gnome3; [
i3
i3status
rofi
rofi-pass
feh
gnome3.gnome-keyring
gnome_keyring
networkmanagerapplet
gnome3.nautilus # in closure of gnome-terminal anyhow
nautilus # in closure of gnome-terminal anyhow
pcmanfm
# colord
evince
@ -23,19 +23,19 @@
scrot
pavucontrol
pasystray
gnome3.dconf-editor
dconf-editor
unclutter-xfixes
dunst
xorg.xev
# gnome3 core packages
desktop-file-utils shared-mime-info
desktop_file_utils shared_mime_info
glib gtk3
glib-networking gvfs dconf
gnome3.gnome-settings-daemon
gnome-themes-extra gnome3.adwaita-icon-theme
hicolor-icon-theme
glib_networking gvfs dconf
gnome_settings_daemon
gnome_themes_standard defaultIconTheme
hicolor_icon_theme
];
services.xserver = {
@ -60,7 +60,7 @@
name = "i3wm";
start = ''
export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
export $(${pkgs.gnome3.gnome_keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh)
export XDG_CURRENT_DESKTOP=X-Generic
i3 &
waitPID=$!
@ -75,7 +75,7 @@
xkbOptions = "caps:ctrl_modifier";
};
# services.dbus.socketActivated = true;
services.dbus.socketActivated = true;
services.dbus.packages = with pkgs; [ dunst ];
systemd.packages = [ pkgs.dunst ];

10
large-sw.nix
View File

@ -2,7 +2,7 @@
{
environment.systemPackages = with pkgs.haskellPackages; with pkgs; [
jetbrains.idea-community
idea.idea-community
# idea.clion
texlive.combined.scheme-full biber
gimp
@ -10,10 +10,14 @@
# jabref
libreoffice-fresh
# calibre
# goldendict
goldendict
xournal
xournalpp
(xournalpp.overrideDerivation (_: {
patches = [
./xournalpp-cursor-blink.patch
];
}))
vscode

3
mastus/configuration.nix
View File

@ -5,7 +5,7 @@
[
/etc/nixos/hardware-configuration.nix
../basic-tools.nix
./backup.nix
# ./backup.nix
./duplicity.nix
./mail.nix
@ -17,7 +17,6 @@
./radicale.nix
# ./ttrss.nix
./dns.nix
./nebula.nix
];
boot.loader.grub.enable = true;

6
mastus/dns.nix
View File

@ -9,7 +9,7 @@ let
IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e
'';
timestamp = "1664458744";
timestamp = "1497294847";
heNsServers = ''
@ IN NS ns1.he.net.
@ -48,8 +48,8 @@ in
misuji ${misuji}
mastus ${mastus}
home-gw IN A 80.109.29.104
htdf-gw IN A 80.109.29.104
home-gw IN A 80.109.2.154
htdf-gw IN A 80.109.2.154
ams-gw IN A 82.217.167.76
@ ${mastus}

2
mastus/gitea.nix
View File

@ -34,7 +34,7 @@
proxyPass = "http://127.0.0.1:${toString config.services.gitea.httpPort}";
extraConfig = ''
proxy_buffering off;
client_max_body_size 256M;
client_max_body_size 30M;
'';
};
};

25
mastus/nebula.nix
View File

@ -1,25 +0,0 @@
{ config, pkgs, ... }:
let mastus = "37.252.120.145";
in {
services.nebula.networks.gabriel = {
enable = true;
ca = "/etc/nebula/gabriel/ca.crt";
cert = "/etc/nebula/gabriel/mastus.crt";
key = "/etc/nebula/gabriel/mastus.key";
isLighthouse = true;
staticHostMap = {
"192.168.18.36" = [ "${mastus}:4242" ];
};
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
settings = {
serve_dns = true;
lighthouse.dns = { host = "192.168.18.36"; port = 5353; };
};
};
networking.firewall.allowedUDPPorts = [ 4242 ];
}

18
mastus/radicale.nix
View File

@ -5,15 +5,12 @@ in
{
services.radicale = {
enable = true;
package = pkgs.radicale3.overrideDerivation (_: {
#patches = [ ./radicale1249.patch ];
doCheck = false;
pytestCheckPhase = "true";
});
package = pkgs.radicale2;
settings = {
server = {
hosts = "127.0.0.1:${toString radicalePort}";
ssl = false;
dns_lookup = false;
};
storage = {
@ -23,7 +20,6 @@ in
auth = {
type = "htpasswd";
htpasswd_filename = "/var/lib/radicale/htpasswd";
htpasswd_encryption = "bcrypt";
};
rights = {
@ -42,16 +38,6 @@ in
locations."/" = {
proxyPass = "http://127.0.0.1:${toString radicalePort}";
};
# Fake nextcloud api:
# https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/1#note_857357
extraConfig = ''
rewrite ^/remote.php/carddav / redirect;
rewrite ^/remote.php/caldav / redirect;
location /remote.php/webdav {
return 200;
}
'';
};
};

37
mastus/radicale1249.patch
View File

@ -1,37 +0,0 @@
diff --git a/radicale/app/propfind.py b/radicale/app/propfind.py
index 52d0b00..ee7cf28 100644
--- a/radicale/app/propfind.py
+++ b/radicale/app/propfind.py
@@ -350,8 +350,8 @@ class ApplicationPartPropfind(ApplicationBase):
permission = "r"
status = "read"
else:
- permission = ""
- status = "NO"
+ permission = "r"
+ status = "read"
logger.debug(
"%s has %s access to %s",
repr(user) if user else "anonymous user", status, target)
@@ -362,8 +362,8 @@ class ApplicationPartPropfind(ApplicationBase):
path: str, user: str) -> types.WSGIResponse:
"""Manage PROPFIND request."""
access = Access(self._rights, user, path)
- if not access.check("r"):
- return httputils.NOT_ALLOWED
+ #if not access.check("r"):
+ # return httputils.NOT_ALLOWED
try:
xml_content = self._read_xml_request_body(environ)
except RuntimeError as e:
@@ -380,8 +380,8 @@ class ApplicationPartPropfind(ApplicationBase):
item = next(items_iter, None)
if not item:
return httputils.NOT_FOUND
- if not access.check("r", item):
- return httputils.NOT_ALLOWED
+ #if not access.check("r", item):
+ # return httputils.NOT_ALLOWED
# put item back
items_iter = itertools.chain([item], items_iter)
allowed_items = self._collect_allowed_items(items_iter, user)

26
nebula.nix
View File

@ -1,26 +0,0 @@
{ config, pkgs, ... }:
let mastus = "37.252.120.145"; hostname = config.networking.hostName;
in {
services.nebula.networks.gabriel = {
enable = true;
ca = "/etc/nebula/gabriel/ca.crt";
cert = "/etc/nebula/gabriel/${hostname}.crt";
key = "/etc/nebula/gabriel/${hostname}.key";
listen.host = "[::]";
listen.port = 0; # dynamic ip
staticHostMap = {
"192.168.18.36" = [ "${mastus}:4242" ];
};
lighthouses = [
"192.168.18.36"
];
firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
};
networking.firewall.allowedUDPPorts = [ 4242 ];
}

1
nm-restart.nix
View File

@ -5,5 +5,4 @@
systemd.services.NetworkManager-dispatcher.restartIfChanged = false;
systemd.services.NetworkManager-wait-online.restartIfChanged = false;
systemd.services.wpa_supplicant.restartIfChanged = false;
systemd.services.systemd-resolved.restartIfChanged = false;
}

23
nvim05.nix
View File

@ -1,21 +1,16 @@
{ config, inputs, ... }:
{
# nixpkgs.overlays = [ inputs.neovim-overlay.overlay ];
nixpkgs.overlays = [ inputs.neovim-overlay.overlay ];
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
# neovim-unwrapped = neovim-unwrapped.overrideDerivation (orig: {
# patches = orig.patches ++ [ ];
# });
# neovim-qt-unwrapped = neovim-qt-unwrapped.overrideDerivation (_: {
# version = "0.2.17.9999";
# src = fetchFromGitHub {
# owner = "equalsraf";
# repo = "neovim-qt";
# rev = "67cc4e414a8e64a475e55230818fab0f78415634";
# sha256 = "sha256-3jYYY7T7L4rMsxIxJwY32izmlJKrrqbmU4DZ2Aow5uE=";
# };
# });
neovim-qt-unwrapped = neovim-qt-unwrapped.overrideDerivation (_: {
src = fetchFromGitHub {
owner = "equalsraf";
repo = "neovim-qt";
rev = "54987208b698c84e761cc097550b80641367f0c8";
sha256 = "sha256-I3/gPk5ay9Scs+YtVWNyLm2zE1T1cMEjdpVbYclHT1M=";
};
});
};
}

68
petalius.nix
View File

@ -4,8 +4,8 @@
imports =
[
./common-headless.nix
./sway.nix
# ./i3.nix
# ./sway.nix
./i3.nix
./large-sw.nix
./uefi.nix
./fstrim.nix
@ -14,8 +14,6 @@
./huion.nix
./nvim05.nix
./nm-restart.nix
# ./nebula.nix
./tailscale.nix
];
hardware.enableRedistributableFirmware = true;
@ -39,7 +37,7 @@
swapDevices = [ ];
nix.settings.max-jobs = 4;
nix.maxJobs = 4;
environment.etc."lvm/lvm.conf".text = ''
devices {
@ -54,22 +52,22 @@
};
};
# services.xserver = {
# dpi = 120;
#
# libinput.enable = true;
# config = ''
# Section "InputClass"
# Identifier "touchpad"
# Driver "libinput"
# MatchDevicePath "/dev/input/event*"
# MatchIsPointer "true"
# EndSection
# '';
#
# videoDrivers = [ "modesetting" ];
# useGlamor = true;
# };
services.xserver = {
dpi = 120;
libinput.enable = true;
config = ''
Section "InputClass"
Identifier "touchpad"
Driver "libinput"
MatchDevicePath "/dev/input/event*"
MatchIsPointer "true"
EndSection
'';
videoDrivers = [ "modesetting" ];
useGlamor = true;
};
programs.light.enable = true;
services.tlp.enable = true;
@ -96,8 +94,6 @@
users.extraUsers.gebner.extraGroups = [ "libvirtd" ];
virtualisation.libvirtd.enable = true;
virtualisation.waydroid.enable = true;
# virtualisation.virtualbox.host.enable = true;
# boot.kernelPackages = pkgs.lib.mkOverride 10 pkgs.linuxPackages_5_4;
@ -117,11 +113,10 @@
# time.timeZone = pkgs.lib.mkOverride 10 "Europe/London";
# time.timeZone = pkgs.lib.mkOverride 10 "Europe/Lisbon";
# time.timeZone = pkgs.lib.mkOverride 10 "US/Eastern";
time.timeZone = pkgs.lib.mkOverride 10 "US/Pacific";
#services.avahi.nssmdns = true;
system.stateVersion = "22.11";
system.stateVersion = "18.03";
networking.wireguard.interfaces.wg0 = {
ips = ["10.59.0.2/16"];
@ -134,9 +129,9 @@
peers = [{
publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
endpoint = "htdf-gw.gebner.org:35869";
# endpoint = "80.109.29.104:35869";
# endpoint = "127.0.0.1:35869";
# endpoint = "htdf-gw.gebner.org:35869";
# endpoint = "80.109.2.154:35869";
endpoint = "127.0.0.1:35869";
}];
};
systemd.services.wireguard-wg0.wantedBy = pkgs.lib.mkOverride 10 [];
@ -161,21 +156,4 @@
services.fwupd.enable = true;
users.extraUsers.gebner2 = {
isNormalUser = true;
extraGroups = [
"wheel"
# "networkmanager"
"audio"
# "transmission"
# "lxd"
# "libvirtd"
# "vboxusers"
# "wireshark"
"input" "tty" "audio" "video" "uinput"
];
# shell = "${pkgs.zsh}/bin/zsh";
shell = "/run/current-system/sw/bin/fish";
};
}

25
pipewire.nix
View File

@ -12,18 +12,18 @@
pulse.enable = true;
jack.enable = true;
# media-session.config.bluez-monitor.rules = [
# {
# # Matches all cards
# matches = [ { "device.name" = "~bluez_card.*"; } ];
# actions = {
# "update-props" = {
# "bluez5.reconnect-profiles" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
# "bluez5.msbc-support" = true;
# };
# };
# }
# ];
media-session.config.bluez-monitor.rules = [
{
# Matches all cards
matches = [ { "device.name" = "~bluez_card.*"; } ];
actions = {
"update-props" = {
"bluez5.reconnect-profiles" = [ "hfp_hf" "hsp_hs" "a2dp_sink" ];
"bluez5.msbc-support" = true;
};
};
}
];
};
environment.systemPackages = with pkgs; [
@ -32,7 +32,6 @@
carla
qjackctl
pipewire.lib
helvum
];
}

43
sway.nix
View File

@ -5,15 +5,14 @@
./common-gui.nix
];
environment.systemPackages = with pkgs; [
environment.systemPackages = with pkgs; with gnome3; [
i3status
(waybar.override { pulseSupport = true; })
rofi-wayland
wofi
ydotool
wtype
wl-clipboard
feh
gnome3.gnome-keyring
gnome_keyring
networkmanagerapplet
pcmanfm
evince
@ -21,34 +20,32 @@
mako
pavucontrol
paprefs
gnome3.dconf-editor
dconf-editor
xdg_utils # for xdg-open
# gnome3 core packages
desktop-file-utils shared-mime-info
desktop_file_utils shared_mime_info
glib gtk3
glib-networking gvfs dconf
gnome-themes-extra gnome3.adwaita-icon-theme
hicolor-icon-theme
glib_networking gvfs dconf
gnome_themes_standard defaultIconTheme
hicolor_icon_theme
# for QT_QPA_PLATFORM=wayland
qt5.qtwayland
wdisplays
playerctl
xorg.xlsclients
];
# services.dbus.socketActivated = true;
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
firefox = firefox-wayland;
};
services.dbus.socketActivated = true;
programs.sway = {
enable = true;
wrapperFeatures.gtk = true;
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
@ -65,17 +62,17 @@
export WINIT_UNIX_BACKEND=x11
export XDG_DATA_DIRS=/run/current-system/sw/share/''${XDG_DATA_DIRS:+:}$XDG_DATA_DIRS
export $(${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
export $(${pkgs.gnome3.gnome_keyring}/bin/gnome-keyring-daemon --start --components=pkcs11,secrets,ssh,gpg)
export XDG_CURRENT_DESKTOP=sway
'';
};
# services.xserver = {
# enable = true;
# libinput.enable = true;
# # displayManager.lightdm.enable = true;
# displayManager.defaultSession = "sway";
# };
services.xserver = {
enable = true;
libinput.enable = true;
displayManager.lightdm.enable = true;
displayManager.defaultSession = "sway";
};
services.dbus.packages = with pkgs; [ mako ];

9
tailscale.nix
View File

@ -1,9 +0,0 @@
{ config, pkgs, ... }: {
# make the tailscale command usable to users
environment.systemPackages = [ pkgs.tailscale ];
# enable the tailscale service
services.tailscale.enable = true;
networking.firewall.checkReversePath = "loose";
}

69
xournalpp-cursor-blink.patch Normal file
View File

@ -0,0 +1,69 @@
commit 92e4041efb6165505a8729968648392d7b5ff459
Author: Gabriel Ebner <gebner@gebner.org>
Date: Sun Aug 16 19:47:52 2020 +0200
Allow the user to disable cursor blinking.
This uses the same setting which is also used by the built-in text entry
widget.
diff --git a/src/gui/TextEditor.cpp b/src/gui/TextEditor.cpp
index 0750ad0e..807786cf 100644
--- a/src/gui/TextEditor.cpp
+++ b/src/gui/TextEditor.cpp
@@ -37,6 +37,7 @@ TextEditor::TextEditor(XojPageView* gui, GtkWidget* widget, Text* text, bool own
gtk_text_buffer_place_cursor(this->buffer, &first);
GtkSettings* settings = gtk_widget_get_settings(this->widget);
+ g_object_get(settings, "gtk-cursor-blink", &this->cursorBlink, nullptr);
g_object_get(settings, "gtk-cursor-blink-time", &this->cursorBlinkTime, nullptr);
g_object_get(settings, "gtk-cursor-blink-timeout", &this->cursorBlinkTimeout, nullptr);
@@ -48,7 +49,12 @@ TextEditor::TextEditor(XojPageView* gui, GtkWidget* widget, Text* text, bool own
g_signal_connect(this->imContext, "retrieve-surrounding", G_CALLBACK(iMRetrieveSurroundingCallback), this);
g_signal_connect(this->imContext, "delete-surrounding", G_CALLBACK(imDeleteSurroundingCallback), this);
- blinkCallback(this);
+ if (this->cursorBlink) {
+ blinkCallback(this);
+ } else {
+ this->cursorVisible = true;
+ }
+
}
TextEditor::~TextEditor()
@@ -654,12 +660,15 @@ void TextEditor::moveCursor(GtkMovementStep step, int count, bool extendSelectio
gtk_widget_error_bell(this->widget);
}
- this->cursorVisible = false;
- if (this->blinkTimeout)
- {
- g_source_remove(this->blinkTimeout);
- }
- blinkCallback(this);
+ if (this->cursorBlink) {
+ this->cursorVisible = false;
+ if (this->blinkTimeout) {
+ g_source_remove(this->blinkTimeout);
+ }
+ blinkCallback(this);
+ } else {
+ repaintCursor();
+ }
}
void TextEditor::findPos(GtkTextIter* iter, double xPos, double yPos)
diff --git a/src/gui/TextEditor.h b/src/gui/TextEditor.h
index fdeb8b0f..008807b1 100644
--- a/src/gui/TextEditor.h
+++ b/src/gui/TextEditor.h
@@ -108,6 +108,7 @@ private:
double markPosX = 0;
double markPosY = 0;
+ bool cursorBlink = true;
int cursorBlinkTime = 0;
int cursorBlinkTimeout = 0;
int blinkTimeout = 0; // handler id