From 455e7f84c0fc9bc7a636b6e9627887fd9c1b8c74 Mon Sep 17 00:00:00 2001 From: fuckwit Date: Wed, 31 Jan 2024 23:50:43 +0100 Subject: [PATCH] initial commit after reorganisation --- .sops.yaml | 17 + flake.lock | 1037 +++++++++++++++++ flake.nix | 36 + misc/sudo_lecture | 11 + modules/modules-list.nix | 3 + modules/remote.nix | 25 + nixos/celestia/configuration.nix | 304 +++++ nixos/celestia/hardware-configuration.nix | 58 + nixos/celestia/secrets.yaml | 33 + nixos/configurations.nix | 107 ++ ...A64909521A5C85992F26E0F819AEFF941BB849.asc | 19 + nixos/framework/configuration.nix | 139 +++ nixos/framework/hardware-configuration.nix | 51 + nixos/framework/home.nix | 112 ++ nixos/framework/key.gpg | Bin 0 -> 4273 bytes nixos/laptop/configuration.nix | 183 +++ nixos/laptop/hardware-configuration.nix | 46 + nixos/primordial/configuration.nix | 259 ++++ nixos/primordial/hardware-configuration.nix | 53 + nixos/primordial/mail.nix | 20 + nixos/primordial/secrets.yaml | 33 + outputs.nix | 62 + overrides/awesome.nix | 25 + pkgs/comic-mono/default.nix | 43 + pkgs/comic-mono/weight.conf | 14 + .../Kyocera_FS-1370DN.ppd | 786 +++++++++++++ pkgs/cups-kyocera-fs1370dn/default.nix | 23 + pkgs/default.nix | 4 + pkgs/git-cliff/default.nix | 26 + pkgs/nu_plugin_dns/default.nix | 26 + shell.nix | 19 + 31 files changed, 3574 insertions(+) create mode 100644 .sops.yaml create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 misc/sudo_lecture create mode 100644 modules/modules-list.nix create mode 100644 modules/remote.nix create mode 100644 nixos/celestia/configuration.nix create mode 100644 nixos/celestia/hardware-configuration.nix create mode 100644 nixos/celestia/secrets.yaml create mode 100644 nixos/configurations.nix create mode 100644 nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc create mode 100644 nixos/framework/configuration.nix create mode 100644 nixos/framework/hardware-configuration.nix create mode 100644 nixos/framework/home.nix create mode 100644 nixos/framework/key.gpg create mode 100644 nixos/laptop/configuration.nix create mode 100644 nixos/laptop/hardware-configuration.nix create mode 100644 nixos/primordial/configuration.nix create mode 100644 nixos/primordial/hardware-configuration.nix create mode 100644 nixos/primordial/mail.nix create mode 100644 nixos/primordial/secrets.yaml create mode 100644 outputs.nix create mode 100644 overrides/awesome.nix create mode 100644 pkgs/comic-mono/default.nix create mode 100644 pkgs/comic-mono/weight.conf create mode 100644 pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd create mode 100644 pkgs/cups-kyocera-fs1370dn/default.nix create mode 100644 pkgs/default.nix create mode 100644 pkgs/git-cliff/default.nix create mode 100644 pkgs/nu_plugin_dns/default.nix create mode 100644 shell.nix diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..3afccb7 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,17 @@ +keys: + - &user_patrick 5FA64909521A5C85992F26E0F819AEFF941BB849 + - &host_celestia age1vadwmwh8ckfal7j83gwrwn9324gqufwgkxskznhp9v867amndcwqgp2w6t + - &host_primordial age12u7ayy2q5dps2pcpc6z7962pz07jxv3tt03hna6jyumlu4fdjvtqdg2n3e +creation_rules: + - path_regex: nixos/celestia/secrets\.yaml$ + key_groups: + - pgp: + - *user_patrick + age: + - *host_celestia + - path_regex: nixos/primordial/secrets\.yaml$ + key_groups: + - pgp: + - *user_patrick + age: + - *host_primordial diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..d0d27d7 --- /dev/null +++ b/flake.lock @@ -0,0 +1,1037 @@ +{ + "nodes": { + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "crane": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706473964, + "narHash": "sha256-Fq6xleee/TsX6NbtoRuI96bBuDHMU57PrcK9z1QEKbk=", + "owner": "ipetkov", + "repo": "crane", + "rev": "c798790eabec3e3da48190ae3698ac227aab770c", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "deploy": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1704875591, + "narHash": "sha256-eWRLbqRcrILgztU/m/k7CYLzETKNbv0OsT2GjkaNm8A=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "1776009f1f3fb2b5d236b84d9815f2edee463a9b", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "devenv": { + "inputs": { + "flake-compat": "flake-compat_2", + "nix": "nix", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1688058187, + "narHash": "sha256-ipDcc7qrucpJ0+0eYNlwnE+ISTcq4m03qW+CWUshRXI=", + "owner": "cachix", + "repo": "devenv", + "rev": "c8778e3dc30eb9043e218aaa3861d42d4992de77", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "latest", + "repo": "devenv", + "type": "github" + } + }, + "emacs": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_5", + "nixpkgs-stable": "nixpkgs-stable_3" + }, + "locked": { + "lastModified": 1706665628, + "narHash": "sha256-I/VEC6k+4l4paKYqCgzkjrP6a1moxxWJQ8V26xS/Doo=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "6ed1948db6bf8b21ba2d25b3e2d9a45c0176b166", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs-f2k", + "nixpkgs-fmt", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1637475807, + "narHash": "sha256-E3nzOvlzZXwyo8Stp5upKsTCDcqUTYAFj4EC060A31c=", + "owner": "nix-community", + "repo": "fenix", + "rev": "960e7fef45692a4fffc6df6d6b613b0399bbdfd5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1704982712, + "narHash": "sha256-2Ptt+9h8dczgle2Oo6z5ni5rt/uLMG47UFTR1ry/wgg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "07f6395285469419cf9d078f59b5b49993198c00", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "locked": { + "lastModified": 1637014545, + "narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "locked": { + "lastModified": 1629284811, + "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "devenv", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1706473109, + "narHash": "sha256-iyuAvpKTsq2u23Cr07RcV5XlfKExrG8gRpF75hf1uVc=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "d634c3abafa454551f2083b054cd95c3f287be61", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_3", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1706522979, + "narHash": "sha256-2wP2qEFVoZ9q8C9MZdAwXPKDkIIQiEwUzuzCxVKafDc=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "c42edac7eb881315bb2a8dfd5190c8c87b91e084", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1676545802, + "narHash": "sha256-EK4rZ+Hd5hsvXnzSzk2ikhStJnD63odF7SzsQ8CuSPU=", + "owner": "domenkozar", + "repo": "nix", + "rev": "7c91803598ffbcfe4a55c44ac6d49b2cf07a527f", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "relaxed-flakes", + "repo": "nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1702272962, + "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1704290814, + "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "nixpkgs-23_11": { + "locked": { + "lastModified": 1706098335, + "narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a77ab169a83a4175169d78684ddd2e54486ac651", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.11", + "type": "indirect" + } + }, + "nixpkgs-f2k": { + "inputs": { + "emacs": "emacs", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-fmt": "nixpkgs-fmt", + "parts": "parts" + }, + "locked": { + "lastModified": 1706667828, + "narHash": "sha256-fevDymcngsNuphl1ImDkuyt4uYNv2r9e6uZQBK1pehE=", + "owner": "fortuneteller2k", + "repo": "nixpkgs-f2k", + "rev": "7dfe02c1d678826d64e8a3f67b908634456f784a", + "type": "github" + }, + "original": { + "owner": "fortuneteller2k", + "repo": "nixpkgs-f2k", + "type": "github" + } + }, + "nixpkgs-fmt": { + "inputs": { + "fenix": "fenix", + "flake-utils": "flake-utils_5", + "nixpkgs": [ + "nixpkgs-f2k", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1705307188, + "narHash": "sha256-2UDso6ALCoqVH0Q0boIYRT9NJtto8CECAc+gUIHi1/o=", + "owner": "nix-community", + "repo": "nixpkgs-fmt", + "rev": "7301bc9f2ba29fe693c04cbcaa12110eb9685c71", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs-fmt", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1703961334, + "narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_3": { + "locked": { + "lastModified": 1706515015, + "narHash": "sha256-eFfY5A7wlYy3jD/75lx6IJRueg4noE+jowl0a8lIlVo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f4a8d6d5324c327dcc2d863eb7f3cc06ad630df4", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_4": { + "locked": { + "lastModified": 1706515015, + "narHash": "sha256-eFfY5A7wlYy3jD/75lx6IJRueg4noE+jowl0a8lIlVo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f4a8d6d5324c327dcc2d863eb7f3cc06ad630df4", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_5": { + "locked": { + "lastModified": 1705957679, + "narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9a333eaa80901efe01df07eade2c16d183761fa3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1706191920, + "narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ae5c332cbb5827f6b1f02572496b141021de335f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1706370590, + "narHash": "sha256-vq8hTMHsmPkBDaLR2i3m2nSmFObWmo7YwK51KQdI6RY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3fb3707af869e32b0ad0676f589b16cc7711a376", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1706371002, + "narHash": "sha256-dwuorKimqSYgyu8Cw6ncKhyQjUDOyuXoxDTVmAXq88s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c002c6aa977ad22c60398daaa9be52f2203d0006", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1706173671, + "narHash": "sha256-lciR7kQUK2FCAYuszyd7zyRRmTaXVeoZsCyK6QFpGdk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4fddc9be4eaf195d631333908f2a454b03628ee5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nurpkgs": { + "locked": { + "lastModified": 1706737483, + "narHash": "sha256-5Zth6Dtl/7S6dt2nBbPPlHh0PSlFJZQg8Ljqy0FUpIM=", + "owner": "nix-community", + "repo": "NUR", + "rev": "ae03b5f3fe8cb99cfa26b31c61a3a96fb8e4ad33", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1706569497, + "narHash": "sha256-oixb0IDb5eZYw6BaVr/R/1pSoMh4rfJHkVnlgeRIeZs=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "60c614008eed1d0383d21daac177a3e036192ed8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": [ + "devenv", + "flake-compat" + ], + "flake-utils": "flake-utils", + "gitignore": "gitignore", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1686050334, + "narHash": "sha256-R0mczWjDzBpIvM3XXhO908X5e2CQqjyh/gFbwZk/7/Q=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "6881eb2ae5d8a3516e34714e7a90d9d95914c4dc", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "gitignore": "gitignore_2", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1706424699, + "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "deploy": "deploy", + "devenv": "devenv", + "flake-utils": "flake-utils_2", + "home-manager": "home-manager", + "lanzaboote": "lanzaboote", + "nixpkgs": "nixpkgs_4", + "nixpkgs-f2k": "nixpkgs-f2k", + "nixpkgs-stable": "nixpkgs-stable_4", + "nurpkgs": "nurpkgs", + "rycee-nurpkgs": "rycee-nurpkgs", + "simple-nixos-mailserver": "simple-nixos-mailserver", + "sops-nix": "sops-nix" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1637439871, + "narHash": "sha256-2awQ/obzl7zqYgLwbQL0zT58gN8Xq7n+81GcMiS595I=", + "owner": "rust-analyzer", + "repo": "rust-analyzer", + "rev": "4566414789310acb2617543f4b50beab4bb48e06", + "type": "github" + }, + "original": { + "owner": "rust-analyzer", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706494265, + "narHash": "sha256-4ilEUJEwNaY9r/8BpL3VmZiaGber0j09lvvx0e/bosA=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "246ba7102553851af60e0382f558f6bc5f63fa13", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rycee-nurpkgs": { + "inputs": { + "flake-utils": "flake-utils_6", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "dir": "pkgs/firefox-addons", + "lastModified": 1706647585, + "narHash": "sha256-HwAWgXIUn0a2FIS5Mye0sAZj1BZ4++YKWzIPM7coFjs=", + "owner": "rycee", + "repo": "nur-expressions", + "rev": "9343a32ef3fc2d3be2f3c5266a09c63cc5019438", + "type": "gitlab" + }, + "original": { + "dir": "pkgs/firefox-addons", + "owner": "rycee", + "repo": "nur-expressions", + "type": "gitlab" + } + }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_4", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-23_05": "nixpkgs-23_05", + "nixpkgs-23_11": "nixpkgs-23_11", + "utils": "utils_2" + }, + "locked": { + "lastModified": 1706219574, + "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "ref": "master", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_6", + "nixpkgs-stable": "nixpkgs-stable_5" + }, + "locked": { + "lastModified": 1706410821, + "narHash": "sha256-iCfXspqUOPLwRobqQNAQeKzprEyVowLMn17QaRPQc+M=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "73bf36912e31a6b21af6e0f39218e067283c67ef", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..b99a80a --- /dev/null +++ b/flake.nix @@ -0,0 +1,36 @@ +{ + description = "Deployment for my server cluster"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11"; + flake-utils.url = "github:numtide/flake-utils"; + deploy.url = "github:serokell/deploy-rs"; + nurpkgs.url = "github:nix-community/NUR"; + sops-nix.url = "github:Mic92/sops-nix"; + lanzaboote.url = "github:nix-community/lanzaboote"; + home-manager.url = "github:nix-community/home-manager"; + + simple-nixos-mailserver = { + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + rycee-nurpkgs = { + url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + nixpkgs-f2k = { + url = "github:fortuneteller2k/nixpkgs-f2k"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + devenv = { + url = "github:cachix/devenv/latest"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = {...} @ args: import ./outputs.nix args; +} diff --git a/misc/sudo_lecture b/misc/sudo_lecture new file mode 100644 index 0000000..3c48e09 --- /dev/null +++ b/misc/sudo_lecture @@ -0,0 +1,11 @@ + +  \^V// +  |. .|  I AM (G)ROOT! + - \ - / _ +  \_| |_/ +  \ \ +  __/_/__ + |_______|  With great power comes great responsibility. +  \ /  Use sudo wisely. +  \___/ + diff --git a/modules/modules-list.nix b/modules/modules-list.nix new file mode 100644 index 0000000..bbc991d --- /dev/null +++ b/modules/modules-list.nix @@ -0,0 +1,3 @@ +[ + ./remote.nix +] diff --git a/modules/remote.nix b/modules/remote.nix new file mode 100644 index 0000000..510996f --- /dev/null +++ b/modules/remote.nix @@ -0,0 +1,25 @@ +{lib, ...}: let + inherit (lib) mkOption types; +in { + options.remote = { + ip = mkOption { + type = types.str; + }; + sshUser = mkOption { + type = types.str; + default = "root"; + }; + sshPort = mkOption { + type = types.port; + default = 22; + }; + allowLocalDeployment = mkOption { + type = types.bool; + default = false; + }; + remoteBuild = mkOption { + type = types.bool; + default = true; + }; + }; +} diff --git a/nixos/celestia/configuration.nix b/nixos/celestia/configuration.nix new file mode 100644 index 0000000..672204d --- /dev/null +++ b/nixos/celestia/configuration.nix @@ -0,0 +1,304 @@ +{ + config, + lib, + pkgs, + ... +}: let + makeVirtualHost = { + subdomain, + port, + }: { + name = "${subdomain}.fuckwit.dev"; + value = { + forceSSL = true; + enableACME = true; + acmeRoot = null; + locations."/" = { + proxyPass = "http://127.0.0.1:${builtins.toString port}"; + proxyWebsockets = true; + }; + }; + }; + + makeVirtualHosts = sites: builtins.listToAttrs (builtins.map makeVirtualHost sites); + + disks = [ + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL232MW7" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22L00W" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL23J3P2" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22LCB4" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22PG6W" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL20KVKP" + ]; +in { + sops.defaultSopsFile = ./secrets.yaml; + sops.secrets."acme.env" = {}; + + imports = [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelParams = [ + "initcall_blacklist=acpi_cpufreq_init" + "amd_pstate=passive" + "libata.force=noncq" + ]; + boot.kernelModules = ["amd-pstate"]; + + system.stateVersion = "23.11"; # Did you read the comment? + networking = { + hostName = "celestia"; + + interfaces.enp5s0f0 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "10.1.1.11"; + prefixLength = 24; + } + ]; + }; + + firewall = { + enable = true; + allowedTCPPorts = [22 111 443 2049 4000 4001 4002 20048]; + allowedUDPPorts = [53 111 2049 4000 4001 4002 20048]; + }; + }; + time.timeZone = "Europe/Berlin"; + + i18n.defaultLocale = "en_US.UTF-8"; + + environment.systemPackages = with pkgs; [ + vim + wget + htop + bash + zfs + lm_sensors + ffmpeg + ]; + + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDl3vLxNpinilTJp1rGsSYlVi+hIa+oECtge1i8bwz33AAAACHNzaDptYWlu" + ]; + + users.groups.nas.gid = 2000; + + environment = { + etc = { + "sysconfig/lm_sensors".text = '' + HWMON_MODULES="nct6775" + ''; + }; + }; + + systemd.services.dnscrypt-proxy2.serviceConfig = { + StateDirectory = "dnscrypt-proxy"; + }; + + security.acme = { + acceptTerms = true; + defaults = { + email = "acme@fuckwit.dev"; + dnsProvider = "cloudflare"; + environmentFile = config.sops.secrets."acme.env".path; + dnsPropagationCheck = true; + }; + }; + + services = { + dnscrypt-proxy2 = { + enable = true; + settings = { + listen_addresses = ["0.0.0.0:53"]; + ipv6_servers = false; + dnscrypt_servers = true; + cloaking_rules = "/var/lib/dnscrypt-proxy/cloaking"; + + sources.dnscry-pt-resolvers = { + urls = ["https://www.dnscry.pt/resolvers.md"]; + minisign_key = "RWQM31Nwkqh01x88SvrBL8djp1NH56Rb4mKLHz16K7qsXgEomnDv6ziQ"; + cache_file = "/var/lib/dnscrypt-proxy/dnscry.pt-resolvers.md"; + refresh_delay = 72; + prefix = "dnscry.pt-"; + }; + }; + }; + + openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + }; + }; + + nfs.server = { + enable = true; + lockdPort = 4001; + mountdPort = 4002; + statdPort = 4000; + extraNfsdConfig = ''''; + }; + + samba = { + enable = true; + openFirewall = true; + extraConfig = "map to guest = bad user"; + shares = { + dump = { + path = "/tank/dump"; + browsable = "yes"; + public = "yes"; + "guest only" = "yes"; + writable = "yes"; + "force create mode" = "0666"; + "force directory mode" = "0777"; + }; + video = { + path = "/tank/video"; + browsable = "yes"; + public = "yes"; + "guest only" = "yes"; + writable = "yes"; + "force create mode" = "0666"; + "force directory mode" = "0777"; + }; + }; + }; + + zfs = { + autoScrub.enable = true; + }; + + nginx = { + enable = true; + virtualHosts = makeVirtualHosts [ + { + subdomain = "jdownloader"; + port = 8000; + } + { + subdomain = "jellyfin"; + port = 8096; + } + { + subdomain = "sonarr"; + port = 8989; + } + { + subdomain = "radarr"; + port = 7878; + } + { + subdomain = "lidarr"; + port = 8686; + } + { + subdomain = "paperless"; + port = 28981; + } + ]; + }; + + paperless = { + enable = true; + mediaDir = "/tank/documents"; + consumptionDir = "/tank/dump/paperless_consume"; + consumptionDirIsPublic = true; + + extraConfig = { + PAPERLESS_URL = "https://paperless.fuckwit.dev"; + PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [ + ".DS_STORE/*" + "desktop.ini" + ]; + + PAPERLESS_OCR_LANGUAGE = "deu+eng"; + PAPERLESS_OCR_USER_ARGS = builtins.toJSON { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + }; + }; + + lidarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/lidarr"; + }; + + radarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/radarr"; + }; + + sonarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/sonarr"; + # package = pkgs.sonarr.override { + # version = "4.0.0.748"; + # src = lib.fetchurl { + # url = "https://download.sonarr.tv/v4/main/${version}/Sonarr.main.${version}.linux-x64.tar.gz"; + # hash = ""; + # }; + # }; + }; + + jellyfin.enable = true; + }; + + hardware = { + fancontrol = { + enable = true; + config = '' + # Configuration file generated by pwmconfig, changes will be lost + INTERVAL=10 + DEVPATH=hwmon0=devices/platform/nct6775.656 + DEVNAME=hwmon0=nct6779 + FCTEMPS=hwmon0/pwm5=hwmon0/temp2_input hwmon0/pwm3=hwmon0/temp2_input + FCFANS=hwmon0/pwm5=hwmon0/fan5_input hwmon0/pwm3=hwmon0/fan3_input + MINTEMP=hwmon0/pwm5=40 hwmon0/pwm3=40 + MAXTEMP=hwmon0/pwm5=80 hwmon0/pwm3=80 + MINSTART=hwmon0/pwm5=150 hwmon0/pwm3=150 + MINSTOP=hwmon0/pwm5=0 hwmon0/pwm3=0 + MAXPWM=hwmon0/pwm5=150 hwmon0/pwm3=150 + ''; + }; + }; + + virtualisation = { + podman = { + enable = true; + }; + + oci-containers = { + backend = "podman"; + + containers = { + jdownloader = { + image = "docker.io/jlesage/jdownloader-2:latest"; + autoStart = true; + ports = ["0.0.0.0:8000:5800"]; + volumes = [ + "jdownloader_config:/config" + "/tank/dump:/output" + ]; + }; + }; + }; + }; + + powerManagement = { + enable = true; + powerUpCommands = lib.strings.concatMapStringsSep "\n" (disk: "${pkgs.hdparm}/sbin/hdparm -S 241 " + disk) disks; + }; +} diff --git a/nixos/celestia/hardware-configuration.nix b/nixos/celestia/hardware-configuration.nix new file mode 100644 index 0000000..dc5010a --- /dev/null +++ b/nixos/celestia/hardware-configuration.nix @@ -0,0 +1,58 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; + + boot.initrd = { + availableKernelModules = ["xhci_pci" "ahci" "usbhid" "uas"]; + kernelModules = []; + }; + boot.kernelModules = ["kvm-amd" "nct6775" "coretemp"]; + boot.extraModulePackages = []; + boot.supportedFilesystems = ["zfs"]; + boot.zfs = { + forceImportRoot = false; + extraPools = ["tank"]; + }; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/3652c231-d679-42dd-80f1-e9afccb4ca13"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices = { + cryptroot = { + device = "/dev/disk/by-uuid/6eafb3a6-a7b0-442f-b88c-a3f7021cf0e7"; + allowDiscards = true; + keyFileSize = 4096; + keyFile = "/dev/disk/by-id/usb-Generic_Flash_Disk_D5A325A0-0:0"; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7F60-62AA"; + fsType = "vfat"; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + networking.hostId = "c1309b62"; + # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/celestia/secrets.yaml b/nixos/celestia/secrets.yaml new file mode 100644 index 0000000..dac6d1a --- /dev/null +++ b/nixos/celestia/secrets.yaml @@ -0,0 +1,33 @@ +acme.env: ENC[AES256_GCM,data:VgSJO2Q32csfN0DEH6kTsaN0z/hRa0fRHLUleju+gqBPjoQmZGIQjlLKHzj1Ys3zS591iVRkeYExBGyCPakPIJo=,iv:sOIPofteCvO4Na+z8qw7EjfJ6CEr83kYaonhUCgFwA4=,tag:RhHGyTrmdY4f8QkQ0DhhJw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vadwmwh8ckfal7j83gwrwn9324gqufwgkxskznhp9v867amndcwqgp2w6t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNWVpTlR4VXFGTDBzVmVx + RVdUaGE4T2ZrY2x6K1d5aXlPTGFsLzBUYkJFCjB2MDJPU3Fzd1I3Q0lOdmJ6UEYr + SHkyYlBCREVkRDgyVWV2WU1GMnBXTmMKLS0tICt1VTJkYU1wZDltSHJ0ZHN3L2sr + K0RaVVNSczZBcDNtaXhGem5iQnlVTDAK+XogkPQD2xYQ7sW8DwAXaaLA/ftw6vZM + wsNs0uun9dgGjZIXcU6AIsrJeUiWBl5zgc6CCd/ad/3QxpmKj1p9Mg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-01-25T08:01:53Z" + mac: ENC[AES256_GCM,data:XZ4KGGJjleVpmIn780mHLCnEy24ZZHOwJz2xtZLUgHX7HN1OVYSOui18yS2TUQ8A0/aaoudjc6o/5h1emeWryFPn/Hx3E/8TaQgs1kBBbn+yIDxDeyZt8+iI1DrzFpI376u1lLUFA1TeMfPC0J4WORKJeh7NhKN0DlhZetpKVN0=,iv:XDddEP3/+eeoDK9/DRlg0Wu8bZVg86X8ncC/HO8qYeA=,tag:39lnmz58x+zkbvMvPVh0Fw==,type:str] + pgp: + - created_at: "2024-01-25T08:00:56Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DMGJRmcuHhnsSAQdASY7ZScb03Yf6R2hOwAhAiIhQIFuplUnWKePZ/x9tpSEw + fkoLDAvuFVVcZnYZ6wqoyhdpNI0XBcH7MIVkcTggVQ/qN2YhkkTpHlXtAmG2c0ML + 1GYBCQIQso1f3sQcwGH9HwjhaZsj+mBO8U81kKZHFlfLXB7C52KPkqekzM9xvkhM + eB7+STUrQExBai7k1Um/RB4DcgE6L6127S5zIGDCxiK/9wKbZ5JOMv9K+J/G89ZD + q8Y7oXwCRl8= + =pbvo + -----END PGP MESSAGE----- + fp: 5FA64909521A5C85992F26E0F819AEFF941BB849 + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/nixos/configurations.nix b/nixos/configurations.nix new file mode 100644 index 0000000..d56b4ba --- /dev/null +++ b/nixos/configurations.nix @@ -0,0 +1,107 @@ +{ + self, + nixpkgs, + nixpkgs-stable, + sops-nix, + home-manager, + lanzaboote, + simple-nixos-mailserver, + inputs, + ... +}: let + customModules = import ../modules/modules-list.nix; + customPkgs = self.packages; + baseModules = [ + {_module.args.inputs = inputs;} + { + imports = [ + ({pkgs, ...}: { + nix = { + nixPath = ["nixpkgs=${pkgs.path}"]; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + + package = pkgs.nixVersions.stable; + + settings = { + auto-optimise-store = true; + experimental-features = ["nix-command" "flakes"]; + keep-outputs = true; + keep-derivations = true; + }; + }; + }) + ]; + } + sops-nix.nixosModules.sops + ]; + defaultModules = baseModules ++ customModules; + myNixosSystem = { + np, + ip, + system, + file, + remoteBuild ? true, + sshPort ? 22, + sshUser ? "root", + allowLocalDeployment ? false, + additionalModules ? [], + }: + np.lib.nixosSystem { + inherit system; + specialArgs = {mypkgs = customPkgs."${system}";}; + modules = + defaultModules + ++ [ + { + remote = { + inherit ip sshUser sshPort allowLocalDeployment remoteBuild; + }; + } + {nixpkgs.system = "${system}";} + ] + ++ additionalModules + ++ [file]; + }; +in { + laptop = myNixosSystem { + np = nixpkgs; + system = "x86_64-linux"; + ip = "127.0.0.1"; + allowLocalDeployment = true; + file = ./laptop/configuration.nix; + }; + + framework = myNixosSystem { + np = nixpkgs; + system = "x86_64-linux"; + ip = "127.0.0.1"; + allowLocalDeployment = true; + file = ./framework/configuration.nix; + additionalModules = [ + lanzaboote.nixosModules.lanzaboote + home-manager.nixosModules.home-manager + ]; + }; + + celestia = myNixosSystem { + np = nixpkgs-stable; + system = "x86_64-linux"; + ip = "192.168.1.11"; + remoteBuild = false; + file = ./celestia/configuration.nix; + }; + + primordial = myNixosSystem { + np = nixpkgs; + system = "aarch64-linux"; + ip = "159.69.53.14"; + file = ./primordial/configuration.nix; + additionalModules = [ + simple-nixos-mailserver.nixosModules.mailserver + ]; + }; +} diff --git a/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc b/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc new file mode 100644 index 0000000..4c85e4c --- /dev/null +++ b/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: 5FA6 4909 521A 5C85 992F 26E0 F819 AEFF 941B B849 +Comment: Patrick Michl + +xjMEZVznURYJKwYBBAHaRw8BAQdAY6kEvvqAX6UfHbBiOJu0GHbToHcC2zXWpV7G +u86g+5TNHlBhdHJpY2sgTWljaGwgPG1lQGZ1Y2t3aXQuZGV2PsKTBBMWCgA7FiEE +X6ZJCVIaXIWZLybg+Bmu/5QbuEkFAmVc51ECGwMFCwkIBwICIgIGFQoJCAsCBBYC +AwECHgcCF4AACgkQ+Bmu/5QbuElnEQD/SoMuzgedYlqAdbHTRh1ckGK62tJIXISo +hXC4tAVkAEkA/28Sc/eMdVHlQcMlBqDlmmIK8MbYQ5qD+5xh6Qf9+94EzjMEZVzn +URYJKwYBBAHaRw8BAQdAX8YZ1V9Yd0W15YkjxMaKYS0ZWmLXWcuUu4g/nOufxyDC +eAQYFgoAIBYhBF+mSQlSGlyFmS8m4PgZrv+UG7hJBQJlXOdRAhsgAAoJEPgZrv+U +G7hJVocA/1nNMexPp/+zvAO7vaAusdiZ+9gbFSuvNRRIj5+o53YaAP0Qa9UalO0X +qjhXRY27M7eS9lN9ZR+Bj2YOv0aZkNz9B844BGVc51ESCisGAQQBl1UBBQEBB0AW +CcU49wTZxSOZ3SvxcqZ6yQfwiu+MjfbHPkVlXv1qJQMBCAfCdwQYFgoAIBYhBF+m +SQlSGlyFmS8m4PgZrv+UG7hJBQJlXOdRAhsMAAoJEPgZrv+UG7hJd6MBAI20ZORk +PfJmDRcMaxKpfbqnfe/f2rFF9jtxc4200gE/APjH9sJAnaz6La70XDf0FpqjEavs +dPn9K5o/FCiNKroN +=u7c7 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/nixos/framework/configuration.nix b/nixos/framework/configuration.nix new file mode 100644 index 0000000..165ae82 --- /dev/null +++ b/nixos/framework/configuration.nix @@ -0,0 +1,139 @@ +{ + config, + pkgs, + lib, + ... +}: { + imports = [./hardware-configuration.nix]; + + boot.bootspec.enable = true; + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_6_6; + + system.stateVersion = "23.11"; # Did you read the comment? + networking = { + hostName = "framework"; + search = ["1.1.1.1" "1.0.0.1" "8.8.8.8"]; + networkmanager.enable = true; + }; + + time.timeZone = "Europe/Berlin"; + i18n.defaultLocale = "en_US.UTF-8"; + + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + }; + + security.pam.services.swaylock = {}; + + services = { + illum.enable = true; + fwupd.enable = true; + fprintd.enable = true; + pcscd.enable = true; + tlp = { + enable = true; + settings = { + # AC + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_MIN_PERF_ON_AC = 0; + CPU_MAX_PERF_ON_AC = 100; + + # BAT + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + CPU_MIN_PERF_ON_BAT = 0; + CPU_MAX_PERF_ON_BAT = 50; + }; + }; + + openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + }; + }; + + xserver = { + enable = true; + layout = "us"; + + libinput.enable = true; + + desktopManager = { + xterm.enable = false; + gnome.enable = false; + plasma5.enable = false; + }; + + displayManager = { + gdm = { + enable = true; + wayland = true; + }; + }; + }; + + logind = { + lidSwitch = "suspend"; + lidSwitchDocked = "ignore"; + lidSwitchExternalPower = "ignore"; + extraConfig = "HoldoffTimeoutSec=300s"; + }; + }; + + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.users.patrick = { + isNormalUser = true; + extraGroups = ["wheel"]; + }; + home-manager.useGlobalPkgs = true; + home-manager.users.patrick = ./home.nix; + + environment.systemPackages = with pkgs; [ + vim + wget + curl + htop + podman + pinentry + qemu + OVMF + ]; + + programs = { + hyprland.enable = true; + gnupg.agent.enable = true; + }; + + # nix = { + # gc = { + # automatic = true; + # dates = "weekly"; + # options = "--delete-older-than 7d"; + # }; + + # package = pkgs.nixVersions.stable; + # # registry.nixpkgs.flake = inputs.nixpkgs; + + # settings = { + # auto-optimise-store = true; + + # experimental-features = ["nix-command" "flakes"]; + + # # Avoid unwanted garbage collection when using nix-direnv + # # keep-outputs = true; + # # keep-derivations = true; + # }; + # }; +} diff --git a/nixos/framework/hardware-configuration.nix b/nixos/framework/hardware-configuration.nix new file mode 100644 index 0000000..c813658 --- /dev/null +++ b/nixos/framework/hardware-configuration.nix @@ -0,0 +1,51 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "uas" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/87481706-b924-4987-b8c5-ab6a70b2c3c6"; + fsType = "ext4"; + }; + + boot.initrd.luks.gpgSupport = true; + boot.initrd.luks.devices.cryptroot = { + device = "/dev/disk/by-uuid/4b2ec3e2-2e6b-4a5a-923c-08ac3bf2d24e"; + gpgCard = { + publicKey = ./5FA64909521A5C85992F26E0F819AEFF941BB849.asc; + gracePeriod = 15; + encryptedPass = ./key.gpg; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/63B5-8D33"; + fsType = "vfat"; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp193s0f3u1c2.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/framework/home.nix b/nixos/framework/home.nix new file mode 100644 index 0000000..d8eb29d --- /dev/null +++ b/nixos/framework/home.nix @@ -0,0 +1,112 @@ +{pkgs, ...}: { + home.packages = with pkgs; [ + helix + firefox-devedition + git + alacritty + eww-wayland + pinentry + rofi-wayland + acpi + sops + ]; + + programs.bash.enable = true; + programs.swaylock.enable = true; + + programs.waybar = { + enable = true; + + settings.mainbar = { + layer = "top"; + position = "top"; + height = 30; + + modules-left = ["hyprland/workspaces"]; + modules-right = ["pulseaudio" "network" "cpu" "memory" "temperature" "battery" "clock" "tray"]; + }; + }; + + programs.helix = { + enable = true; + defaultEditor = true; + + settings = { + theme = "onedark"; + + editor = { + line-number = "relative"; + true-color = true; + gutters = ["diagnostics" "spacer" "line-numbers" "spacer" "diff"]; + cursorline = true; + completion-trigger-len = 2; + + cursor-shape = { + insert = "bar"; + normal = "block"; + select = "underline"; + }; + + lsp = { + display-messages = true; + display-inlay-hints = true; + }; + + statusline = { + left = ["mode" "spinner"]; + center = ["file-name"]; + right = ["diagnostics" "selections" "position" "file-encoding" "file-line-ending" "file-type" "version-control"]; + + mode = { + normal = "NORMAL"; + insert = "INSERT"; + select = "SELECT"; + }; + }; + }; + }; + }; + + programs.thunderbird = { + enable = true; + profiles = { + main = { + isDefault = true; + withExternalGnupg = true; + }; + }; + }; + + accounts.email.accounts = { + patrick = { + primary = true; + realName = "Patrick Michl"; + address = "me@fuckwit.dev"; + userName = "me@fuckwit.dev"; + gpg = { + key = "5FA64909521A5C85992F26E0F819AEFF941BB849"; + signByDefault = true; + }; + imap = { + host = "mail.fuckwit.dev"; + port = 143; + tls = { + useStartTls = true; + }; + }; + smtp = { + host = "mail.fuckwit.dev"; + port = 587; + tls = { + useStartTls = true; + }; + }; + thunderbird = { + enable = true; + profiles = ["main"]; + }; + }; + }; + + home.stateVersion = "23.11"; +} diff --git a/nixos/framework/key.gpg b/nixos/framework/key.gpg new file mode 100644 index 0000000000000000000000000000000000000000..ba303d54906a0137ae5423bc3d9ee8ef8a461079 GIT binary patch literal 4273 zcmV;i5KixeUIQ>+SA z>H!G?5Y3h!g1?@{9B~Ws(t*Fu3zn5JpDae&Sm{PQ%ocbU|TP-?1OJY*FhxanY^qAwRaA2h0 zsiG2ZF5)-(&TL?BQWkApnoL?)FzF_Kv`HuxDT&D45Ip5M79IhZPp(rkqJm8XS^T$_ zn;>M_CZ2bSdPrh$5cw;tcuM?@pPqw;319yigSE$E2}4Qj^6@Fm4DhF2bXJBa?6 zmEwXdpYF3ERh27r@$&v%Ibps)33r?qMc}=zR<)QSlvX}A-P8E|SAN4{{u^I$v@``N z;JODu(S%q9-9_m8F9DbK^7$DT{Bn(vrjU#=b$anC%|`idoHikv&qLq*SeOQ`@PuG> zs(pHz&)vGLuu>BYgjsU;{MNiJr1gzqJvB5Ifl;2j3ej{J`&4A=QY-IIn_s@uwUmdR zC;=P;Yf^(7{?5jT)C;B``EzRJaehG#LBUafsC4vF!C$}`L5>qv$}@9uSuZVPIX6ewM}z>PE1wGQ zWFT*SYc0;fg(xb=+g*V{q{0`hEoT<>v5V5Nu;V(A z2rsI@8aB$Afp#6azsB9}E>?7OWN-=s{q&^4}MyDR>IE#czI&~y33pC9Y?j^d) z>$+xHHt5#EYDUb-YB*(8)XBHQeeASYBSyHq1$TOgIU)%?ga||tjj77Etb5-F={eX= zJM|Vw65q-~tJFbiluAB47I79Ksa@jOX8=%{Ynt8-&bno$$+`hG zF+i)o`4p4rd4tlM7)B|dN``Hqlh_VjO=n_7X`~#^{?+fd1L~fM@`D({;AdZ+#>NUh z_x|ftMlpl|+rQOx21Mw+mZo{D8I+UW!uX0noUzFzTJEE@%LB4ohVJ=NHjB-p}x<1{-d5n=;YPKf0JnxNZviv=y`Tl8!qiVVX5!~!X>qSW`;?301a zE15Nz0GNb$p6bRsr(=25u6+3TL*Fx_=Vu%Z*iIY|GMuB%R|a<>Q(@~jS#6g5|4DLR z(mGf;>eq6$BcgTjy#D+@=ZVgfhH2B^=S>%w{Sm!$gk0OB4e%r~U>TIcUoIcU5~_s_ zR(i=&H{B*vdujU9M|`WRZ^_e5=p8fC5O@Q8sk01v?l!m@LXtCB`!qVVPjH4Jq(dxk z{3U22JpOf)@e18el9OgL%wcJ!9(d(a=_wD=vR4Zt{biZ@*)hL4HI~G+PVjtwaH(_B ziPC?a8Xzarg8mJdcM7a9l=`xZsU;L`V^I89H88cOoTC_gcZ0(65>k-W_}_>rSs!AK3{ zQZ0DCz5VzcZl(|4KUfwLL8k3TcS~&xTL$^G<|AuId`Uxn(&MQI#WsN8Brj&m;K5A6 zD9CO6ZW#kCiEtvz8yt#`3HQ5&{?DjMzJ#VaFSG|c+(LRu)j@TgZ^2`TaCL}O5K6Uq z&ae;0#5K`?J zV&Y|}xV-$2@)x5g zepSa=sZa44G&Q|n{>ZdRp4!TUNH$+a&)h+5^qs~Q8o~xD$ZV2^paY7PemD?}*z@IC@OB-6N7b4pE@e@%%X9T^UKCTf9xcJ0^6<#$yBh?BNWOH(Zky z9Q3LM&E~3`P`BB%==wM_LdY_acr1|rd^4Khm zsdAn*m{RiY9JE%Yc#l014F-j!7HY2v2-KY_QY#thyBH+ug?SN@nY$ZtTu8&U$M>n&D$gQ-t#&y>R; zpx085N+LvHYyWfzhYXbdp}1Dn%)slCOHoLE9mW8m1N-Sz&I}fPB6e;3%XGpb+ClxI zt%*et8JqX*OQAeQlNm)NE5jG`bvSTdP?$zSh<)wD@#`{pAoi)?5(4x4M2BNiODY5Y z5^qDLZVhDM*{^yl+}(h!C9R9i;4W-!56-m!J2+C6c@{jCBGn6BFN;VMz2JA@v1y&f zMXS!OWzG!}=r7CKt*dXfj#3v|wtR4lNV(FZ09ujYJ7bp^7Oo(a{$P-{$0Q_*I4Hk` zx)`|Ty?Gh;O-VCg&=}oqJNme7bgRX~LusuzX9HL`{$D)eBjnV-h@0#jIHQf*i8ZLV zB&5`!D~#E*VYlYx8o50jf`@Sy(9s-fG@*+E?iDa^i+WjmFcBk6U#oFJw2!5-aY<7u zw!zrT9{Q7fG$C^5(Y7kYE%FR>-^_X10$Yx-M=`IU?-cpiLG^rHV&C|9IkZZ$T=k#>iqUpkhO$t21u7R4CBdea zMh;GzCjnml(v{rWzu6Gb2K*s*!QZUg}o{qW<+C)?SdLuUKDU zArHO%c#nN&gNr_inm zHp4NePqhy#!q2f-XVZk#0s_~cKD+W(^@PMNMQW?n@iFRA2(2Q?lU4BK6Ow3jFG(}i zR3rJIy*4oDxR%v9dy5h^TashmpXB~RxKV^K1)24$)eKKzGMOyBUE`!DE7Ne& zGXijA~%z)3C8_sn)wR6#`a2*X;el!BGSUwcXhIX>L9#Lbjw zMDvinXG0VX`vOEzA-r^jp)PU@BmonRwBfC$qbc^&x#&6aQAL)6z_jnW*AB#}ECcIs zeMT9DfZ6IKeJSs|qFmWrIUXte#jTl>Y= z-TmS3%m3TW*4Cc7jLoHFDrWnAa|orsX8G)n=4l0tR#Z(aQw@P%`zr(qc(L?x5El+u z<85NZwxmJF)t54wD!a~dkD>!|D@ zkzb}Gp5=&${`*egZ$67OS3h<=Qd*PtEC(E6UC;gxv2cmUqgLmX3RDR5l>{2*Mq+&# z#!s^5bU}b%lgZC1ghdqFS`ir5KV5C`1YC^S%*U(s(heC^>rZMbwSz$y@3f3tM_t}< zTZKRi!wL;K5VP`ct$Y?;G1sv#yrC1|vY8^I>=_~XYYTGEl17J@@*^DR$UseK6;3Ed z%cM>S_m)ATtV=J{ZHCpE+ix0B4p^h^13Rc=NYc$r?$HU|)YrGcT#x~X!DAX2TD`+!F+QKS^vhna*w75USwLElRZEfx-- z{9T)*9ykJKv$Vl7;4R=7MLqoUC2x8>|Z%ZQq}t#t%u zo#o~BMx}U?olER4F?wyxUx8HJbJ*|=+p;U46Kq( T&)j-9uR#?9L`08R.useDHCP`. + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/primordial/configuration.nix b/nixos/primordial/configuration.nix new file mode 100644 index 0000000..6a53cad --- /dev/null +++ b/nixos/primordial/configuration.nix @@ -0,0 +1,259 @@ +{ + config, + pkgs, + ... +}: let + mkWellKnown = data: '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; +in { + sops.defaultSopsFile = ./secrets.yaml; + sops.secrets."gitea.env" = {}; + + imports = [ + ./mail.nix + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking = { + hostName = "primordial"; + + interfaces.enp1s0 = { + ipv6.addresses = [ + { + address = "2a01:4f8:c010:b448::"; + prefixLength = 64; + } + ]; + }; + + defaultGateway6 = { + address = "fe80::1"; + interface = "enp1s0"; + }; + + firewall = { + enable = true; + allowedTCPPorts = [80 443]; + }; + }; + + time.timeZone = "Europe/Berlin"; + + i18n.defaultLocale = "en_US.UTF-8"; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "huanzodev@gmail.com"; + + services = { + openssh = { + enable = true; + ports = [22]; + openFirewall = true; + settings = { + PermitRootLogin = "yes"; + PasswordAuthentication = false; + }; + }; + + postgresql = { + enable = true; + ensureDatabases = ["matrix-synapse"]; + ensureUsers = [ + { + name = "matrix-synapse"; + ensureDBOwnership = true; + } + ]; + authentication = pkgs.lib.mkOverride 10 '' + #type database DBuser auth-method + local all all trust + ''; + }; + + matrix-synapse = { + enable = true; + settings.server_name = "fuckwit.dev"; + # The public base URL value must match the `base_url` value set in `clientConfig` above. + # The default value here is based on `server_name`, so if your `server_name` is different + # from the value of `fqdn` above, you will likely run into some mismatched domain names + # in client applications. + settings.public_baseurl = "https://matrix.fuckwit.dev"; + settings.listeners = [ + { + port = 8005; + bind_addresses = ["127.0.0.1"]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = ["client" "federation"]; + compress = true; + } + ]; + } + ]; + }; + + nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts."fuckwit.dev" = let + serverConfig."m.server" = "matrix.fuckwit.dev:443"; + clientConfig."m.homeserver".base_url = "https://matrix.fuckwit.dev:443"; + in { + enableACME = true; + forceSSL = true; + # This section is not needed if the server_name of matrix-synapse is equal to + # the domain (i.e. example.org from @foo:example.org) and the federation port + # is 8448. + # Further reference can be found in the docs about delegation under + # https://element-hq.github.io/synapse/latest/delegate.html + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + # This is usually needed for homeserver discovery (from e.g. other Matrix clients). + # Further reference can be found in the upstream docs at + # https://spec.matrix.org/latest/client-server-api/#getwell-knownmatrixclient + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + }; + + virtualHosts."matrix.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + # It's also possible to do a redirect here or something else, this vhost is not + # needed for Matrix. It's recommended though to *not put* element + # here, see also the section about Element. + locations."/".extraConfig = '' + return 404; + ''; + # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash + # *must not* be used here. + locations."/_matrix".proxyPass = "http://127.0.0.1:8005"; + # Forward requests for e.g. SSO and password-resets. + locations."/_synapse/client".proxyPass = "http://127.0.0.1:8005"; + }; + + virtualHosts."vault.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8000"; + }; + }; + + virtualHosts."git.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8001"; + }; + }; + + virtualHosts."grafana.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8002"; + proxyWebsockets = true; + }; + }; + + virtualHosts."influx.fuckwit.dev" = { + enableACME = true; + addSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8003"; + proxyWebsockets = true; + }; + }; + + # virtualHosts."drone.fuckwit.dev" = { + # enableACME = true; + # addSSL = true; + + # locations."/" = { + # proxyPass = "http://127.0.0.1:8004"; + # proxyWebsockets = true; + # }; + # }; + }; + + vaultwarden = { + enable = true; + + config = { + DOMAIN = "https://vault.fuckwit.dev"; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8000; + SIGNUPS_ALLOWED = false; + }; + }; + + gitea = { + enable = true; + + settings.service.DISABLE_REGISTRATION = true; + settings.actions.ENABLED = true; + settings.server = { + DOMAIN = "git.fuckwit.dev"; + ROOT_URL = "https://git.fuckwit.dev"; + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 8001; + }; + lfs.enable = true; + }; + + grafana = { + enable = true; + + settings.server = { + domain = "grafana.fuckwit.dev"; + http_addr = "127.0.0.1"; + http_port = 8002; + }; + }; + + influxdb2 = { + enable = true; + + settings = { + http-bind-address = "127.0.0.1:8003"; + }; + }; + + # drone-server = { + # enable = true; + # config = { + # giteaServer = "https://git.fuckwit.dev"; + # serverHost = "drone.fuckwit.dev"; + # serverPort = ":8004"; + # serverProto = "https"; + # }; + # environmentFile = config.sops.secrets."gitea.env".path; + # }; + }; + + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDl3vLxNpinilTJp1rGsSYlVi+hIa+oECtge1i8bwz33AAAACHNzaDptYWlu" + ]; + + system.stateVersion = "23.05"; +} diff --git a/nixos/primordial/hardware-configuration.nix b/nixos/primordial/hardware-configuration.nix new file mode 100644 index 0000000..8d1e602 --- /dev/null +++ b/nixos/primordial/hardware-configuration.nix @@ -0,0 +1,53 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = []; + + boot.initrd = { + availableKernelModules = ["virtio_pci" "usbhid" "sd_mod" "sr_mod" "virtio_scsi"]; + kernelModules = ["dm-snapshot"]; + + network.enable = true; + network.ssh = { + enable = true; + port = 222; + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + ]; + hostKeys = ["/etc/secrets/initrd/ssh_host_ed25519_key"]; + }; + + luks.devices = { + cryptroot = { + device = "/dev/disk/by-uuid/9f88803e-558d-4819-a223-df88396071fe"; + preLVM = true; + }; + }; + }; + + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/1837e2be-189b-49be-b518-8b2bbc49e27e"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7E04-4E21"; + fsType = "vfat"; + }; + + swapDevices = []; + + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +} diff --git a/nixos/primordial/mail.nix b/nixos/primordial/mail.nix new file mode 100644 index 0000000..b11b6c6 --- /dev/null +++ b/nixos/primordial/mail.nix @@ -0,0 +1,20 @@ +{ + config, + pkgs, + ... +}: { + mailserver = { + enable = true; + fqdn = "mail.fuckwit.dev"; + domains = ["fuckwit.dev"]; + + loginAccounts = { + "me@fuckwit.dev" = { + hashedPassword = "$2b$05$Wl7pyRXrNBaUSuufqor9ZuJWeXxRaF.6kpbvHoxEp3i65Lnu5Yyg."; + catchAll = ["fuckwit.dev"]; + }; + }; + + certificateScheme = "acme-nginx"; + }; +} diff --git a/nixos/primordial/secrets.yaml b/nixos/primordial/secrets.yaml new file mode 100644 index 0000000..b3aa84c --- /dev/null +++ b/nixos/primordial/secrets.yaml @@ -0,0 +1,33 @@ +gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zrPLu8HdoryneRro58d7D9Cao9x+n5SvYNfGwHPgDJG8saXTeyEffIWIKNC+5+8fjiWwIkAvstckmZjSLitVxcwhifs49jmZgW/xQBPEPiAHzVkjeueV7p/Jm9WgyD2ycPrKUvNEYJ6DWZqQq9r10Y/KsRZsvRzF2cp6YeX7YGjW7E2wuQz9yy8gOFHxmoJxAc4zM7XaKZWKtow1UPCjTtxiY7qRkWK7KQt21Xf3FCsU=,iv:qQv7hbqh3Kl6sE/XW37D9AbYt4gLJw5BnfbbLIkzOd4=,tag:g6Cecvdb67W01HvIULNzsQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age12u7ayy2q5dps2pcpc6z7962pz07jxv3tt03hna6jyumlu4fdjvtqdg2n3e + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzdzZwcllIMEwwVXFlVDVi + WjJOUmlKbVRmWllpWnhtdWZJclBxM2o2bFRNCmo3citJUTFPS2x0ekVZSnIzRkRI + VFgrenZDbTZFbm1wS0pLU2swVnhVNlkKLS0tIGhTWnpEZElSc2RJTWNTaWV0TjhG + V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy + GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-01-25T11:12:39Z" + mac: ENC[AES256_GCM,data:pMO0zLANiwXfcKaZT8lrQ6Wcy+CgmNW755hOdHTM6jREKJOoEC9QmrrsSA3dCAwAXR89TImY5IxrM929d8DD3zbBLnSU42ivuZqkWtgm4/sWjUvW4R9kUKZXiTwe2YhaNlsyLJN7JOMPEU4eaj2a3V6PecQ2IaJJmnww+Et2RNg=,iv:8+Y7k4GUMHZGLctHpWOaNj6ibPy1hyf36ckncnZbIlo=,tag:JUyJrYwXuvT9SncdlKfbBw==,type:str] + pgp: + - created_at: "2024-01-25T11:10:44Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DMGJRmcuHhnsSAQdAzUIeSKtxy9kMAxDPoaY3n6avZ6DgxInoP3PjyrTgERww + 7D6dPyaBVNIVKR54ZNYfMtPDescbDV4W3c3MI+eTsi76BqbFEdLHfShlKcWy9FZ1 + 1GgBCQIQRMPHNYC1ef7LAasDcVtWsSfakMk1RQ8FmOPPXLdRJQUAqBJ6gwJG6f+V + oXE5qUuvVjEvZzIxuhmVBb+mlLRq4UVW6brjH65Gfh8ofXWzHmLLXbEHI31HUc4e + 7GBBHbB8U36bxQ== + =VHqv + -----END PGP MESSAGE----- + fp: 5FA64909521A5C85992F26E0F819AEFF941BB849 + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/outputs.nix b/outputs.nix new file mode 100644 index 0000000..ce1878e --- /dev/null +++ b/outputs.nix @@ -0,0 +1,62 @@ +{ + self, + flake-utils, + nixpkgs, + deploy, + home-manager, + ... +} @ inputs: +(flake-utils.lib.eachDefaultSystem (system: let + pkgs = nixpkgs.legacyPackages.${system}; +in { + packages = import ./pkgs {inherit pkgs;}; + + devShell = pkgs.callPackage ./shell.nix { + inherit (deploy.packages.${pkgs.system}) deploy-rs; + }; + + formatter = pkgs.alejandra; +})) +// { + homeConfigurations.patrick = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { + system = "x86_64-linux"; + # config.allowUnfree = true; + }; + }; + + nixosConfigurations = import ./nixos/configurations.nix (inputs // {inherit inputs;}); + + deploy.nodes = + builtins.mapAttrs (name: value: { + hostname = value.config.remote.ip; + profiles.system = { + sshUser = value.config.remote.sshUser; + sshOpts = ["-p" (builtins.toString value.config.remote.sshPort)]; + remoteBuild = value.config.remote.remoteBuild; + path = deploy.lib.x86_64-linux.activate.nixos value; + }; + }) + self.nixosConfigurations; + + colmena = + { + meta = { + nixpkgs = nixpkgs.legacyPackages.x86_64-linux; + nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) self.nixosConfigurations; + nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) self.nixosConfigurations; + }; + } + // builtins.mapAttrs (name: value: { + deployment = { + targetHost = value.config.remote.ip; + targetPort = value.config.remote.sshPort; + buildOnTarget = value.config.remote.remoteBuild; + inherit (value.config.remote) allowLocalDeployment; + }; + imports = value._module.args.modules; + }) + self.nixosConfigurations; + + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy.lib; +} diff --git a/overrides/awesome.nix b/overrides/awesome.nix new file mode 100644 index 0000000..7428f6e --- /dev/null +++ b/overrides/awesome.nix @@ -0,0 +1,25 @@ +{ + pkgs, + lib, + fetchFromGitHub, + ... +}: let + myAwesome = pkgs.awesome.overrideAttrs (old: { + patches = []; + + cmakeFlags = + old.cmakeFlags + ++ [ + "-DGENERATE_DOC=OFF" + "-DGENERATE_MANPAGES=OFF" + ]; + + src = fetchFromGitHub { + owner = "awesomewm"; + repo = "awesome"; + rev = "b54e50ad6cfdcd864a21970b31378f7c64adf3f4"; + sha256 = "sha256-yDXC1PT5r0V6bbyk/Y6oBxvHE74q96cGKlo3C3OUobE="; + }; + }); +in + myAwesome diff --git a/pkgs/comic-mono/default.nix b/pkgs/comic-mono/default.nix new file mode 100644 index 0000000..8a6137e --- /dev/null +++ b/pkgs/comic-mono/default.nix @@ -0,0 +1,43 @@ +{ + pkgs, + lib, + fetchFromGitHub, + fetchurl, + ... +}: +pkgs.stdenv.mkDerivation rec { + name = "Comic Mono Patched"; + version = "0.0.1"; + + src = fetchFromGitHub { + owner = "dtinth"; + repo = "comic-mono-font"; + rev = "9a96d04cdd2919964169192e7d9de5012ef66de4"; + sha256 = "sha256-q8NxrluWuH23FfRlntIS0MDdl3TkkGE7umcU2plS6eU="; + }; + + fontpatcher = fetchurl { + url = "https://github.com/ryanoasis/nerd-fonts/releases/download/v2.3.3/FontPatcher.zip"; + sha256 = "sha256-mfKA6hwQ158i+cZ41qEUfKBpsGKfONkM8/BNys6PPg0="; + }; + + nativeBuildInputs = with pkgs; [ + python39 + python39Packages.fontforge + pkgs.unzip + ]; + + phases = ["buildPhase"]; + + buildPhase = '' + unzip ${fontpatcher} + mkdir -p $out/share/fonts + + for font in ${src}/*.ttf; do + fontforge -script font-patcher $font --quiet -out $out/share/fonts + done + + mkdir -p $out/etc/fonts/conf.d + ln -s ${./weight.conf} $out/etc/fonts/conf.d/30-comic-mono.conf + ''; +} diff --git a/pkgs/comic-mono/weight.conf b/pkgs/comic-mono/weight.conf new file mode 100644 index 0000000..97cfa3d --- /dev/null +++ b/pkgs/comic-mono/weight.conf @@ -0,0 +1,14 @@ + + + + + + + + Comic Mono + + + book + + + diff --git a/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd b/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd new file mode 100644 index 0000000..0873408 --- /dev/null +++ b/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd @@ -0,0 +1,786 @@ +*PPD-Adobe: "4.3" +*%============================================================================= +*% +*% PPD file for Kyocera FS-1370DN (English) +*% Linux Version +*% +*% Copyright (C) 2009 KYOCERA CORPORATION. +*% Copyright (C) 2007 Revised Edition KYOCERA MITA CORPORATION. +*% +*% Permission is granted for redistribution of this file as long as this +*% copyright notice is intact and the contents of the file are not altered +*% in any way from their original form. +*% +*% Permission is hereby granted, free of charge, to any person obtaining +*% a copy of this software and associated documentation files (the +*% "Software"), to deal in the Software without restriction, including +*% without limitation the rights to use, copy, modify, merge, publish, +*% distribute, sublicense, and/or sell copies of the Software, and to +*% permit persons to whom the Software is furnished to do so, subject to +*% the following conditions: +*% +*% The above copyright notice and this permission notice shall be +*% included in all copies or substantial portions of the Software. +*% +*% THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +*% EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +*% MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +*% NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +*% LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +*% OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +*% WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*% +*% [this is the MIT open source license -- see www.opensource.org] +*% +*%============================================================================= + +*FileVersion: "8.4" +*FormatVersion: "4.3" +*LanguageEncoding: ISOLatin1 +*LanguageVersion: English +*Product: "(FS-1370DN)" +*PSVersion: "(3011.103) 1" +*Manufacturer: "Kyocera" +*ModelName: "Kyocera FS-1370DN KPDL" +*ShortNickName: "Kyocera FS-1370DN (KPDL)" +*NickName: "Kyocera FS-1370DN (KPDL)" +*PCFileName: "KC1370EE.PPD" + +*% Basic Device Capabilities +*LanguageLevel: "3" +*ColorDevice: False +*DefaultColorSpace: Gray +*TTRasterizer: Type42 +*?TTRasterizer: " + save + 42 /FontType resourcestatus + { pop pop (Type42) }{ (None) } ifelse + = flush restore" +*End + +*Throughput: "35" + +*% System Management +*SuggestedJobTimeout: "0" +*SuggestedManualFeedTimeout: "0" +*SuggestedWaitTimeout: "120" +*PrintPSErrors: True + +*Password: "0" + +*ExitServer: " + count 0 eq {true} + {dup statusdict /checkpassword get exec not} ifelse + {(WARNING : Cannot perform the exitserver command.) = + (Password supplied is not valid.) = + (Please contact the author of this software.) = flush quit} if + serverdict /exitserver get exec" +*End + +*Reset: " + count 0 eq { true } + {dup statusdict /checkpassword get exec not} ifelse + {(WARNING : Cannot perform the exitserver command.) = + (Password supplied is not valid.) = + (Please contact the author of this software.) = flush quit} if + serverdict /exitserver get exec + systemdict /quit get exec + (WARNING : Printer Reset Failed.) = flush" +*End + +*% Protocols +*Protocols: PJL TBCP + +*1284Modes Parallel: Compat Nibble ECP +*1284DeviceID: "MFG:Kyocera;MODEL:Kyocera FS-1370DN;COMMAND SET: POSTSCRIPT,PJL,PCL" + +*% JCL Information +*JCLBegin: "<1B>%-12345X@PJL JOB<0A>" +*JCLToPSInterpreter: "@PJL ENTER LANGUAGE=POSTSCRIPT<0A>" +*JCLEnd: "<1B>%-12345X@PJL EOJ<0A><1B>%-12345X" + +*% Installable Options +*OpenGroup: InstallableOptions/Installed Options + +*% Paper Feeders +*OpenUI *Option8/Paper Feeders: PickOne +*DefaultOption8: None +*Option8 None/Not Installed: "" +*Option8 One/One: "" +*Option8 Two/Two: "" +*?Option8: " + save + (None) currentpagedevice dup /InputAttributes known { + /InputAttributes get + dup 1 known {dup 1 get null ne {exch pop (One) exch} if} if + dup 4 known {dup 4 get null ne {exch pop (Two) exch} if} if + } if pop + = flush restore" +*End +*CloseUI: *Option8 + +*% Disk Drive +*OpenUI *Option18/Optional Disk: PickOne +*DefaultOption18: None +*Option18 None/Not Installed: "" +*Option18 RAMDisk/RAM Disk: "" +*?Option18: " + save + false + (%disk?%) + {currentdevparams dup /Writeable known + {dup /Writeable get + {exch pop /LogicalSize get dup 0 gt exch 950000 lt eq true}{pop pop false} ifelse + }{pop pop} ifelse + } 100 string /IODevice resourceforall + {{(RAMDisk)}{(HardDisk)} ifelse}{(None)} ifelse + = flush restore" +*End +*CloseUI: *Option18 + +*% Installed Memory +*% Not supported + +*CloseGroup: InstallableOptions + + +*% Virtual Memory +*FreeVM: "32000000" + +*% Constraints +*UIConstraints: *Option8 None *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *Option8 None +*UIConstraints: *Option8 None *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *Option8 None +*UIConstraints: *Option8 One *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *Option8 One +*NonUIConstraints: *Duplex *CustomPageSize True +*NonUIConstraints: *CustomPageSize True *Duplex +*UIConstraints: *Option18 None *KCCollate On +*UIConstraints: *KCCollate On *Option18 None +*UIConstraints: *PageSize B6 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvDL +*UIConstraints: *PageSize A6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize A6 +*UIConstraints: *PageRegion A6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion A6 +*UIConstraints: *PageSize B6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvDL +*UIConstraints: *PageSize Statement *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Statement +*UIConstraints: *PageRegion Statement *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Statement +*UIConstraints: *PageSize A6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize A6 +*UIConstraints: *PageRegion A6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion A6 +*UIConstraints: *PageSize B6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvDL +*UIConstraints: *PageSize Statement *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Statement +*UIConstraints: *PageRegion Statement *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Statement +*UIConstraints: *Duplex *PageSize A6 +*UIConstraints: *PageSize A6 *Duplex DuplexTumble +*UIConstraints: *PageSize A6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion A6 +*UIConstraints: *PageRegion A6 *Duplex DuplexTumble +*UIConstraints: *PageRegion A6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize B6 +*UIConstraints: *PageSize B6 *Duplex DuplexTumble +*UIConstraints: *PageSize B6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion B6 +*UIConstraints: *PageRegion B6 *Duplex DuplexTumble +*UIConstraints: *PageRegion B6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvPersonal +*UIConstraints: *PageSize EnvPersonal *Duplex DuplexTumble +*UIConstraints: *PageSize EnvPersonal *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvPersonal *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Env9 +*UIConstraints: *PageSize Env9 *Duplex DuplexTumble +*UIConstraints: *PageSize Env9 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Env9 +*UIConstraints: *PageRegion Env9 *Duplex DuplexTumble +*UIConstraints: *PageRegion Env9 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Env10 +*UIConstraints: *PageSize Env10 *Duplex DuplexTumble +*UIConstraints: *PageSize Env10 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Env10 +*UIConstraints: *PageRegion Env10 *Duplex DuplexTumble +*UIConstraints: *PageRegion Env10 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvMonarch +*UIConstraints: *PageSize EnvMonarch *Duplex DuplexTumble +*UIConstraints: *PageSize EnvMonarch *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvMonarch *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvDL +*UIConstraints: *PageSize EnvDL *Duplex DuplexTumble +*UIConstraints: *PageSize EnvDL *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvDL +*UIConstraints: *PageRegion EnvDL *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvDL *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Statement +*UIConstraints: *PageSize Statement *Duplex DuplexTumble +*UIConstraints: *PageSize Statement *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Statement +*UIConstraints: *PageRegion Statement *Duplex DuplexTumble +*UIConstraints: *PageRegion Statement *Duplex DuplexNoTumble +*UIConstraints: *Option18 None *KCSuperWatermark +*UIConstraints: *KCSuperWatermark *Option18 None + +*% Resolution +*OpenUI *Resolution/Resolution: PickOne +*OrderDependency: 10 AnySetup *Resolution +*DefaultResolution: 600dpi +*Resolution 300dpi/300 dpi: "<< /HWResolution [300 300] /PreRenderingEnhance false >> setpagedevice" +*Resolution 600dpi/600 dpi: "<< /HWResolution [600 600] /PreRenderingEnhance false >> setpagedevice" +*Resolution 1200dpi/Fine 1200: "<< /HWResolution [1200 1200] /PreRenderingEnhance false >> setpagedevice" +*?Resolution: "save currentpagedevice /HWResolution get 0 get ( ) cvs print (dpi) = flush restore" +*CloseUI: *Resolution + +*% KCEcoprint +*OpenUI *KCEcoprint/EcoPrint: PickOne +*OrderDependency: 10 AnySetup *KCEcoprint +*DefaultKCEcoprint: Off +*KCEcoprint Off/Off: "<< /EconoMode false >> setpagedevice" +*KCEcoprint On/On: "<< /EconoMode true >> setpagedevice" +*CloseUI: *KCEcoprint + +*% Image Refinement +*OpenUI *Smoothing/KIR: PickOne +*OrderDependency: 50 AnySetup *Smoothing +*DefaultSmoothing: Medium +*Smoothing None/Off: "0 statusdict /setdoret get exec" +*Smoothing Medium/On: "2 statusdict /setdoret get exec" +*?Smoothing: " + save + [(None)(Medium)(Medium)(Medium)] + statusdict /doret get exec {get} stopped + {pop pop (Unknown)} if + = flush restore" +*End +*CloseUI: *Smoothing + +*% CIE +*OpenUI *CIE/CIE Optimization: PickOne +*OrderDependency: 11 AnySetup *CIE +*DefaultCIE: PrnDef +*CIE PrnDef/Printer settings: "" +*CIE False/Disabled: "<< /RejectionCIEcolor false >> setuserparams" +*CIE True/Enabled: "<< /RejectionCIEcolor true >> setuserparams" +*End +*CloseUI: *CIE + +*% Halftone Information +*DefaultHalftoneType: 1 +*ScreenFreq: "75.0" +*ScreenAngle: "45.0" +*ResScreenFreq 1200dpi: "75.0" +*ResScreenAngle 1200dpi: "45.0" +*ResScreenFreq 600dpi: "37.5" +*ResScreenAngle 600dpi: "45.0" +*ResScreenFreq 300dpi: "18.75" +*ResScreenAngle 300dpi: "45.0" + +*DefaultScreenProc: Ellipse +*ScreenProc Dot: " + {abs exch abs 2 copy add 1 gt + {1 sub dup mul exch 1 sub dup mul add 1 sub} + {dup mul exch dup mul add 1 exch sub} ifelse}" +*End +*ScreenProc Line: "{pop}" +*ScreenProc Ellipse: "{dup 5 mul 8 div mul exch dup mul exch add sqrt 1 exch sub}" +*DefaultTransfer: Null +*Transfer Null: "{}" +*Transfer Null.Inverse: "{1 exch sub}" + +*% Page Policy Definitions +*OpenUI *PagePolicy/Page Policy: PickOne +*OrderDependency: 15 AnySetup *PagePolicy +*DefaultPagePolicy: On +*PagePolicy On/AutoSizeSelect: "<< /DeferredMediaSelection true >> setpagedevice" +*CloseUI: *PagePolicy + +*% Paper Handling +*% Page Size Definitions +*OpenUI *PageSize: PickOne +*OrderDependency: 40 AnySetup *PageSize +*DefaultPageSize: A4 +*PageSize A4/A4: "<< /Policies << /PageSize 7 >> /PageSize [595 842] /ImagingBBox null >> setpagedevice" +*PageSize A5/A5: "<< /Policies << /PageSize 7 >> /PageSize [421 595] /ImagingBBox null >> setpagedevice" +*PageSize A6/A6: "<< /Policies << /PageSize 7 >> /PageSize [297 421] /ImagingBBox null >> setpagedevice" +*PageSize B5/B5 (JIS): "<< /Policies << /PageSize 7 >> /PageSize [516 729] /ImagingBBox null >> setpagedevice" +*PageSize ISOB5/B5 (ISO): "<< /Policies << /PageSize 7 >> /PageSize [499 708] /ImagingBBox null >> setpagedevice" +*PageSize B6/B6: "<< /Policies << /PageSize 7 >> /PageSize [364 516] /ImagingBBox null >> setpagedevice" +*PageSize OficioII/Oficio II: "<< /Policies << /PageSize 7 >> /PageSize [612 936] /ImagingBBox null >> setpagedevice" +*PageSize Folio/Folio (210 x 330mm): "<< /Policies << /PageSize 7 >> /PageSize [595 935] /ImagingBBox null >> setpagedevice" +*PageSize Statement/Statement: "<< /Policies << /PageSize 7 >> /PageSize [396 612] /ImagingBBox null >> setpagedevice" +*PageSize P16K/16K: "<< /Policies << /PageSize 7 >> /PageSize [558 774] /ImagingBBox null >> setpagedevice" +*PageSize Letter/Letter: "<< /Policies << /PageSize 7 >> /PageSize [612 792] /ImagingBBox null >> setpagedevice" +*PageSize Legal/Legal: "<< /Policies << /PageSize 7 >> /PageSize [612 1008] /ImagingBBox null >> setpagedevice" +*PageSize Executive/Executive: "<< /Policies << /PageSize 7 >> /PageSize [522 756] /ImagingBBox null >> setpagedevice" +*PageSize EnvPersonal/Envelope #6: "<< /Policies << /PageSize 7 >> /PageSize [261 468] /ImagingBBox null >> setpagedevice" +*PageSize Env9/Envelope #9: "<< /Policies << /PageSize 7 >> /PageSize [279 639] /ImagingBBox null >> setpagedevice" +*PageSize Env10/Envelope #10: "<< /Policies << /PageSize 7 >> /PageSize [297 684] /ImagingBBox null >> setpagedevice" +*PageSize EnvMonarch/Envelope Monarch: "<< /Policies << /PageSize 7 >> /PageSize [279 540] /ImagingBBox null >> setpagedevice" +*PageSize EnvDL/Envelope DL: "<< /Policies << /PageSize 7 >> /PageSize [312 624] /ImagingBBox null >> setpagedevice" +*PageSize EnvC5/Envelope C5: "<< /Policies << /PageSize 7 >> /PageSize [459 649] /ImagingBBox null >> setpagedevice" +*?PageSize: " + save + currentpagedevice /PageSize get aload pop + 2 copy gt {exch} if + (Unknown) + 19 dict + dup [595 842] (A4) put + dup [421 595] (A5) put + dup [297 421] (A6) put + dup [516 729] (B5) put + dup [499 708] (ISOB5) put + dup [364 516] (B6) put + dup [612 936] (OficioII) put + dup [595 935] (Folio) put + dup [396 612] (Statement) put + dup [558 774] (P16K) put + dup [612 792] (Letter) put + dup [612 1008] (Legal) put + dup [522 756] (Executive) put + dup [261 468] (EnvPersonal) put + dup [279 639] (Env9) put + dup [297 684] (Env10) put + dup [279 540] (EnvMonarch) put + dup [312 624] (EnvDL) put + dup [459 649] (EnvC5) put + {exch aload pop 4 index sub abs 5 le exch + 5 index sub abs 5 le and + {exch pop exit}{pop} ifelse + } bind forall + = flush pop pop restore " +*End +*CloseUI: *PageSize + +*% Page Region Definitions for Frame Buffer +*OpenUI *PageRegion: PickOne +*OrderDependency: 40 AnySetup *PageRegion +*DefaultPageRegion: A4 +*PageRegion A4/A4: "<< /Policies << /PageSize 7 >> /PageSize [595 842] /ImagingBBox null >> setpagedevice" +*PageRegion A5/A5: "<< /Policies << /PageSize 7 >> /PageSize [421 595] /ImagingBBox null >> setpagedevice" +*PageRegion A6/A6: "<< /Policies << /PageSize 7 >> /PageSize [297 421] /ImagingBBox null >> setpagedevice" +*PageRegion B5/B5 (JIS): "<< /Policies << /PageSize 7 >> /PageSize [516 729] /ImagingBBox null >> setpagedevice" +*PageRegion ISOB5/B5 (ISO): "<< /Policies << /PageSize 7 >> /PageSize [499 708] /ImagingBBox null >> setpagedevice" +*PageRegion B6/B6: "<< /Policies << /PageSize 7 >> /PageSize [364 516] /ImagingBBox null >> setpagedevice" +*PageRegion Letter/Letter: "<< /Policies << /PageSize 7 >> /PageSize [612 792] /ImagingBBox null >> setpagedevice" +*PageRegion Legal/Legal: "<< /Policies << /PageSize 7 >> /PageSize [612 1008] /ImagingBBox null >> setpagedevice" +*PageRegion Executive/Executive: "<< /Policies << /PageSize 7 >> /PageSize [522 756] /ImagingBBox null >> setpagedevice" +*PageRegion EnvPersonal/Envelope #6: "<< /Policies << /PageSize 7 >> /PageSize [261 468] /ImagingBBox null >> setpagedevice" +*PageRegion Env9/Envelope #9: "<< /Policies << /PageSize 7 >> /PageSize [279 639] /ImagingBBox null >> setpagedevice" +*PageRegion Env10/Envelope #10: "<< /Policies << /PageSize 7 >> /PageSize [297 684] /ImagingBBox null >> setpagedevice" +*PageRegion EnvMonarch/Envelope Monarch: "<< /Policies << /PageSize 7 >> /PageSize [279 540] /ImagingBBox null >> setpagedevice" +*PageRegion EnvDL/Envelope DL: "<< /Policies << /PageSize 7 >> /PageSize [312 624] /ImagingBBox null >> setpagedevice" +*PageRegion EnvC5/Envelope C5: "<< /Policies << /PageSize 7 >> /PageSize [459 649] /ImagingBBox null >> setpagedevice" +*PageRegion OficioII/Oficio II: "<< /Policies << /PageSize 7 >> /PageSize [612 936] /ImagingBBox null >> setpagedevice" +*PageRegion Folio/Folio (210 x 330mm): "<< /Policies << /PageSize 7 >> /PageSize [595 935] /ImagingBBox null >> setpagedevice" +*PageRegion Statement/Statement: "<< /Policies << /PageSize 7 >> /PageSize [396 612] /ImagingBBox null >> setpagedevice" +*PageRegion P16K/16K: "<< /Policies << /PageSize 7 >> /PageSize [558 774] /ImagingBBox null >> setpagedevice" +*CloseUI: *PageRegion + +*% Imageable Area Definitions +*DefaultImageableArea: A4 +*ImageableArea A4/A4: "12 10 583 832" +*ImageableArea A5/A5: "12 10 409 585" +*ImageableArea A6/A6: "12 10 285 411" +*ImageableArea B5/B5 (JIS): "21 10 495 719" +*ImageableArea ISOB5/B5 (ISO): "12 12 487 696" +*ImageableArea B6/B6: "12 10 352 506" +*ImageableArea OficioII/Oficio II: "12 12 600 924" +*ImageableArea Folio/Folio (210 x 330mm): "12 12 583 923" +*ImageableArea Statement/Statement: "12 12 384 600" +*ImageableArea P16K/16K: "12 12 547 763" +*ImageableArea Letter/Letter: "12 08 600 784" +*ImageableArea Legal/Legal: "12 08 600 1000" +*ImageableArea Executive/Executive: "12 08 510 748" +*ImageableArea EnvPersonal/Envelope #6: "12 08 249 460" +*ImageableArea Env9/Envelope #9: "12 08 267 631" +*ImageableArea Env10/Envelope #10: "12 08 285 676" +*ImageableArea EnvMonarch/Envelope Monarch: "12 08 267 532" +*ImageableArea EnvDL/Envelope DL: "12 10 300 614" +*ImageableArea EnvC5/Envelope C5: "12 10 447 639" +*?ImageableArea: " + save + /cvp {cvi ( ) cvs + print ( ) print} bind def + newpath clippath pathbbox + 4 -2 roll exch 2 {ceiling cvp} repeat + exch 2 {floor cvp} repeat ( ) + = flush restore" +*End + +*% Physical Dimensions of Media +*DefaultPaperDimension: A4 +*PaperDimension A4/A4: "595 842" +*PaperDimension A5/A5: "421 595" +*PaperDimension A6/A6: "297 421" +*PaperDimension B5/B5 (JIS): "516 729" +*PaperDimension ISOB5/B5 (ISO): "499 708" +*PaperDimension B6/B6: "364 516" +*PaperDimension OficioII/Oficio II: "612 936" +*PaperDimension Folio/Folio (210 x 330mm): "595 935" +*PaperDimension Statement/Statement: "396 612" +*PaperDimension P16K/16K: "558 774" +*PaperDimension Letter/Letter: "612 792" +*PaperDimension Legal/Legal: "612 1008" +*PaperDimension Executive/Executive: "522 756" +*PaperDimension EnvPersonal/Envelope #6: "261 468" +*PaperDimension Env9/Envelope #9: "279 639" +*PaperDimension Env10/Envelope #10: "297 684" +*PaperDimension EnvMonarch/Envelope Monarch: "279 540" +*PaperDimension EnvDL/Envelope DL: "312 624" +*PaperDimension EnvC5/Envelope C5: "459 649" + +*% Custom Page Size Definitions +*% Smallest = A6, Largest = LEGAL + +*VariablePaperSize: True +*LeadingEdge Short: "" +*DefaultLeadingEdge: Short +*HWMargins: 12 12 12 12 +*MaxMediaWidth: "612" +*MaxMediaHeight: "1008" +*NonUIOrderDependency: 40 AnySetup *CustomPageSize +*CustomPageSize True: " + pop pop pop + << /PageSize [ 5 -2 roll ] /ImagingBBox null + /DeferredMediaSelection true + >> setpagedevice" +*End +*ParamCustomPageSize Width: 1 points 278 612 +*ParamCustomPageSize Height: 2 points 420 1008 +*ParamCustomPageSize WidthOffset: 3 points 0 0 +*ParamCustomPageSize HeightOffset: 4 points 0 0 +*ParamCustomPageSize Orientation: 5 int 1 1 + +*% Input Slot Definitions +*OpenUI *InputSlot: PickOne +*OrderDependency: 30 AnySetup *InputSlot +*DefaultInputSlot: Internal +*InputSlot Internal/Cassette 1: "<< /ManualFeed false >> setpagedevice statusdict begin 0 setpapertray end" +*InputSlot PF100A/Cassette 2: "<< /ManualFeed false >> setpagedevice statusdict begin 1 setpapertray end" +*InputSlot PF100B/Cassette 3: "<< /ManualFeed false >> setpagedevice statusdict begin 4 setpapertray end" +*InputSlot MF1/MP Tray: "<< /ManualFeed false >> setpagedevice statusdict begin 3 setpapertray end" +*?InputSlot: "" +*CloseUI: *InputSlot + +*% MediaType Definitions +*OpenUI *MediaType: PickOne +*OrderDependency: 95 AnySetup *MediaType +*DefaultMediaType: PrnDef +*MediaType PrnDef/Unspecified: "<> setpagedevice" +*MediaType Auto/Auto media selection: "" +*MediaType Plain/Plain: "<> setpagedevice" +*MediaType Transparency/Transparency: "<> setpagedevice" +*MediaType Labels/Labels: "<> setpagedevice" +*MediaType Letterhead/Letterhead: "<> setpagedevice" +*MediaType Bond/Bond: "<> setpagedevice" +*MediaType Color/Color: "<> setpagedevice" +*MediaType Preprinted/Preprinted: "<> setpagedevice" +*MediaType Prepunched/Prepunched: "<> setpagedevice" +*MediaType Recycled/Recycled: "<> setpagedevice" +*MediaType Cardstock/Cardstock: "<> setpagedevice" +*MediaType Vellum/Vellum: "<> setpagedevice" +*MediaType Envelope/Envelope: "<> setpagedevice" +*MediaType Rough/Rough: "<> setpagedevice" +*MediaType Thick/Thick: "<> setpagedevice" +*MediaType Highqlty/High quality: "<> setpagedevice" +*MediaType User1/Custom type 1: "<> setpagedevice" +*MediaType User2/Custom type 2: "<> setpagedevice" +*MediaType User3/Custom type 3: "<> setpagedevice" +*MediaType User4/Custom type 4: "<> setpagedevice" +*MediaType User5/Custom type 5: "<> setpagedevice" +*MediaType User6/Custom type 6: "<> setpagedevice" +*MediaType User7/Custom type 7: "<> setpagedevice" +*MediaType User8/Custom type 8: "<> setpagedevice" +*?MediaType: " + save + currentpagedevice /MediaType {get} stopped + {pop pop (Unknown)} {dup null eq {pop (Unknown)} if} ifelse = flush + restore" +*End +*CloseUI: *MediaType + +*RequiresPageRegion All: True + +*% Duplex Definitions +*OpenUI *Duplex/Duplexing: PickOne +*OrderDependency: 50 AnySetup *Duplex +*DefaultDuplex: None +*Duplex None/None: "statusdict begin false setduplexmode false settumble end" +*Duplex DuplexTumble/Short Edge: "statusdict begin true setduplexmode true settumble end" +*Duplex DuplexNoTumble/Long Edge: "statusdict begin true setduplexmode false settumble end" +*?Duplex: " + save + statusdict begin + duplexmode + {tumble {(DuplexTumble)}{(DuplexNoTumble)} ifelse} + {(None)} ifelse + = flush end restore" +*End +*CloseUI: *Duplex + +*% Job Spooling Definitions +*OpenUI *KCCollate/Job Settings: PickOne +*OrderDependency: 20 AnySetup *KCCollate +*DefaultKCCollate: PrnDef +*KCCollate PrnDef/Printer settings: "" +*KCCollate On/Collate: "<< /Collate true >> setpagedevice" +*KCCollate None/None: "<< /Collate false >> setpagedevice" +*?KCCollate: " + save + currentpagedevice dup /Collate known { + dup /CollateDetails known { + /CollateDetails get + dup /Mode known { + /Mode get + 1 { + dup 0 eq {pop (Temp) exit} if + pop (Unknown) + } repeat + }{pop (Unknown)} ifelse + }{pop (Unknown)} ifelse + }{pop (Unknown)} ifelse + = flush restore" +*End +*CloseUI: *KCCollate + +*% KCSuperWatermark +*OpenUI *KCSuperWatermark/Super Watermark: PickOne +*OrderDependency: 10 AnySetup *KCSuperWatermark +*DefaultKCSuperWatermark: None +*KCSuperWatermark None/None: "" +*KCSuperWatermark UFA/Use Form-A Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFB/Use Form-B Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFC/Use Form-C Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFAFP/Use Form-A Print on first page only: "<> setpagedevice" +*KCSuperWatermark UFBFP/Use Form-B Print on first page only: "<> setpagedevice" +*KCSuperWatermark UFCFP/Use Form-C Print on first page only: "<> setpagedevice" +*KCSuperWatermark SFA/Save Form-A: "<> setpagedevice" +*KCSuperWatermark SFB/Save Form-B: "<> setpagedevice" +*KCSuperWatermark SFC/Save Form-C: "<> setpagedevice" +*CloseUI: *KCSuperWatermark + +*% PPD Version Info +*OpenUI *KCVersion/PPD Version: PickOne +*OrderDependency: 25 AnySetup *KCVersion +*DefaultKCVersion: Default +*KCVersion Default/8.4 [12-28-2009]: " +globaldict /ct_AddStdCIDMap known { +globaldict /ct_AddStdCIDMap get length 7 eq +{globaldict /ct_AddStdCIDMap get 0 get type /stringtype eq +{globaldict /ct_AddStdCIDMap get 1 get 0 eq +{globaldict /ct_AddStdCIDMap get 2 get () eq +{globaldict /ct_AddStdCIDMap get 3 get /SubFileDecode eq +{globaldict /ct_AddStdCIDMap get 4 get systemdict /filter get eq +{currentglobal true setglobal globaldict +/ct_AddStdCIDMap +globaldict /ct_AddStdCIDMap get dup +globaldict /ct_AddStdCIDMap get +0 get length 1 exch +put put setglobal +} if} if} if} if} if} if} if" +*End +*CloseUI: *KCVersion + +*% Font Information +*DefaultFont: Courier +*Font AvantGarde-Book: Standard "(001.006S)" Standard ROM +*Font AvantGarde-BookOblique: Standard "(001.006S)" Standard ROM +*Font AvantGarde-Demi: Standard "(001.007S)" Standard ROM +*Font AvantGarde-DemiOblique: Standard "(001.007S)" Standard ROM +*Font Bookman-Light: Standard "(001.004S)" Standard ROM +*Font Bookman-LightItalic: Standard "(001.004S)" Standard ROM +*Font Bookman-Demi: Standard "(001.004S)" Standard ROM +*Font Bookman-DemiItalic: Standard "(001.004S)" Standard ROM +*Font Courier: Standard "(002.004S)" Standard ROM +*Font Courier-Oblique: Standard "(002.004S)" Standard ROM +*Font Courier-Bold: Standard "(002.004S)" Standard ROM +*Font Courier-BoldOblique: Standard "(002.004S)" Standard ROM +*Font Helvetica: Standard "(001.006S)" Standard ROM +*Font Helvetica-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-BoldOblique: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Roman: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Italic: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Bold: Standard "(001.009S)" Standard ROM +*Font NewCenturySchlbk-BoldItalic: Standard "(001.007S)" Standard ROM +*Font Palatino-Roman: Standard "(001.005S)" Standard ROM +*Font Palatino-Italic: Standard "(001.005S)" Standard ROM +*Font Palatino-Bold: Standard "(001.005S)" Standard ROM +*Font Palatino-BoldItalic: Standard "(001.005S)" Standard ROM +*Font Symbol: Special "(001.007S)" Special ROM +*Font Times-Roman: Standard "(001.007S)" Standard ROM +*Font Times-Italic: Standard "(001.007S)" Standard ROM +*Font Times-Bold: Standard "(001.007S)" Standard ROM +*Font Times-BoldItalic: Standard "(001.009S)" Standard ROM +*Font ZapfChancery-MediumItalic: Standard "(001.007S)" Standard ROM +*Font ZapfDingbats: Special "(001.004S)" Special ROM +*Font Albertus-Medium: Standard "(001.008S)" Standard ROM +*Font Albertus-ExtraBold: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive-Italic: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive-Bold: Standard "(001.008S)" Standard ROM +*Font Arial: Standard "(001.008S)" Standard ROM +*Font Arial-Italic: Standard "(001.008S)" Standard ROM +*Font Arial-Bold: Standard "(001.008S)" Standard ROM +*Font Arial-BoldItalic: Standard "(001.008S)" Standard ROM +*Font CGOmega: Standard "(001.008S)" Standard ROM +*Font CGOmega-Italic: Standard "(001.008S)" Standard ROM +*Font CGOmega-Bold: Standard "(001.008S)" Standard ROM +*Font CGOmega-BoldItalic: Standard "(001.008S)" Standard ROM +*Font CGTimes: Standard "(001.008S)" Standard ROM +*Font CGTimes-Italic: Standard "(001.008S)" Standard ROM +*Font CGTimes-Bold: Standard "(001.008S)" Standard ROM +*Font CGTimes-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Clarendon-Condensed-Bold: Standard "(001.008S)" Standard ROM +*Font Coronet: Standard "(001.008S)" Standard ROM +*Font CourierHP: Standard "(001.008S)" Standard ROM +*Font CourierHP-Italic: Standard "(001.008S)" Standard ROM +*Font CourierHP-Bold: Standard "(001.008S)" Standard ROM +*Font CourierHP-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Garamond-Antiqua: Standard "(001.008S)" Standard ROM +*Font Garamond-Halbfett: Standard "(001.008S)" Standard ROM +*Font Garamond-Kursiv: Standard "(001.008S)" Standard ROM +*Font Garamond-KursivHalbfett: Standard "(001.008S)" Standard ROM +*Font LetterGothic: Standard "(001.008S)" Standard ROM +*Font LetterGothic-Italic: Standard "(001.008S)" Standard ROM +*Font LetterGothic-Bold: Standard "(001.008S)" Standard ROM +*Font Marygold: Standard "(001.008S)" Standard ROM +*Font SymbolMT: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-Italic: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-BoldItalic: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-Medium: Standard "(001.008S)" Standard ROM +*Font Univers-MediumItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-Medium: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-MediumItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Wingdings-Regular: Special "(001.008S)" Special ROM +*?FontQuery: " + save + /str 80 string dup 0 (fonts/) putinterval def + {count 1 gt + { exch dup str 6 94 getinterval cvs + (/) print print (:) print + FontDirectory exch known + {(Yes)}{(No)} ifelse = + }{exit} ifelse + } bind loop (*) + = flush restore" +*End +*?FontList: "save FontDirectory { pop == } bind forall flush (*) = flush restore" +*% Printer Messages +*Message: "%%[ exitserver: permanent state may be changed ]%%" +*Message: "%%[ Flushing: rest of job (to end-of-file) will be ignored ]%%" +*Message: "\FontName\ not found, using Courier" + +*% Status (format: %%[ status: ]%% ) +*Status: "warming up"/warming up +*Status: "idle"/idle +*Status: "busy"/busy +*Status: "waiting"/waiting +*Status: "printing"/printing +*Status: "initializing"/initializing +*Status: "printing test page"/printing test page +*% Printer Error (format: %%[ PrinterError: ]%% ) +*PrinterError: "paper entry misfeed" +*PrinterError: "cover open" +*PrinterError: "no paper tray" +*PrinterError: "out of paper" +*PrinterError: "toner low (halt)" +*PrinterError: "warming up" +*PrinterError: "other reason" +*PrinterError: "video interface mode" +*PrinterError: "offline" +*PrinterError: "toner low (warning)" + +*% Input Sources (format: %%[ status: ;source: ]%% ) +*Source: "Serial" +*Source: "Parallel" +*Source: "LocalTalk" +*Source: "Option" + +*% End of PPD file for Kyocera FS-1370DN (English) diff --git a/pkgs/cups-kyocera-fs1370dn/default.nix b/pkgs/cups-kyocera-fs1370dn/default.nix new file mode 100644 index 0000000..1e38257 --- /dev/null +++ b/pkgs/cups-kyocera-fs1370dn/default.nix @@ -0,0 +1,23 @@ +{ + lib, + stdenv, +}: +stdenv.mkDerivation { + pname = "cups-kyocera-fs1370d"; + version = "1.0.1"; + + dontPatchELF = true; + dontStrip = true; + dontUnpack = true; + + src = ./Kyocera_FS-1370DN.ppd; + + installPhase = '' + runHook preInstall + + mkdir -p $out/share/cups/model/Kyocera + cp $src $out/share/cups/model/Kyocera + + runHook postInstall + ''; +} diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 0000000..24b99f2 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,4 @@ +{pkgs, ...}: { + cups-kyocera-fs1370dn = pkgs.callPackage ./cups-kyocera-fs1370dn {}; + comic-mono = pkgs.callPackage ./comic-mono {}; +} diff --git a/pkgs/git-cliff/default.nix b/pkgs/git-cliff/default.nix new file mode 100644 index 0000000..ca9b610 --- /dev/null +++ b/pkgs/git-cliff/default.nix @@ -0,0 +1,26 @@ +{ + lib, + fetchFromGitHub, + rustPlatform, + ... +}: +rustPlatform.buildRustPackage rec { + pname = "git-cliff"; + version = "1.1.2"; + + src = fetchFromGitHub { + owner = "orhun"; + repo = pname; + rev = "v${version}"; + hash = "sha256-QYldwxQYod5qkNC3soiKoCLDFR4UaLxdGkVufn1JIeE="; + }; + + doCheck = false; + + cargoHash = "sha256-jwDJb9Hl0PegCufmaj1Q3h5itgt26E4dwmcyCxZ+4FM="; + + meta = with lib; { + description = "A highly customizable Changelog Generator that follows Conventional Commit specifications"; + homepage = "https://github.com/orhun/git-cliff"; + }; +} diff --git a/pkgs/nu_plugin_dns/default.nix b/pkgs/nu_plugin_dns/default.nix new file mode 100644 index 0000000..8177735 --- /dev/null +++ b/pkgs/nu_plugin_dns/default.nix @@ -0,0 +1,26 @@ +{ + lib, + fetchFromGitHub, + rustPlatform, + ... +}: +rustPlatform.buildRustPackage rec { + pname = "nu_plugin_dns"; + version = "1.0.3"; + + src = fetchFromGitHub { + owner = "dead10ck"; + repo = pname; + rev = "v${version}"; + hash = "sha256-SPJTaz7kQpeDPRrU0Ab2yDUJiSBUVZBBgP07ciHe02I="; + }; + + doCheck = false; + + cargoHash = "sha256-Zs2BF/NUqiaa3nhUMa0m/3AEYHU96Ki1JBz9j7DUq4k="; + + meta = with lib; { + description = "Nushell plugin that does DNS queries and parses results into meaningful types."; + homepage = "https://github.com/dead10ck/nu_plugin_dns"; + }; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..1aecb62 --- /dev/null +++ b/shell.nix @@ -0,0 +1,19 @@ +{ + mkShell, + sops, + colmena, + deploy-rs, + nixpkgs-fmt, + nil, + alejandra, +}: +mkShell { + nativeBuildInputs = [ + sops + colmena + deploy-rs + nixpkgs-fmt + nil + alejandra + ]; +}