commit ec1513fbf365ea9873f3e6c770dc81c15ef1165a Author: fuckwit Date: Sun Jun 30 23:27:40 2024 +0200 new beginning diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..0967869 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,18 @@ +keys: + - &user_patrick 5FA64909521A5C85992F26E0F819AEFF941BB849 + - &host_celestia age1vadwmwh8ckfal7j83gwrwn9324gqufwgkxskznhp9v867amndcwqgp2w6t + - &host_primordial age12u7ayy2q5dps2pcpc6z7962pz07jxv3tt03hna6jyumlu4fdjvtqdg2n3e + - &host_laptop age1fhnujflp29sekvwjgw0ue2hnmjum3fpcj80vly0rkt07u9xwlf7ql25mkk +creation_rules: + - path_regex: nixos/celestia/secrets\.yaml$ + key_groups: + - pgp: + - *user_patrick + age: + - *host_celestia + - path_regex: nixos/primordial/secrets\.yaml$ + key_groups: + - pgp: + - *user_patrick + age: + - *host_primordial diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..b40efb1 --- /dev/null +++ b/flake.lock @@ -0,0 +1,1224 @@ +{ + "nodes": { + "blobs": { + "flake": false, + "locked": { + "lastModified": 1604995301, + "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "repo": "blobs", + "type": "gitlab" + } + }, + "cachix": { + "inputs": { + "devenv": "devenv_2", + "flake-compat": [ + "devenv", + "flake-compat" + ], + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "pre-commit-hooks": [ + "devenv", + "pre-commit-hooks" + ] + }, + "locked": { + "lastModified": 1712055811, + "narHash": "sha256-7FcfMm5A/f02yyzuavJe06zLa9hcMHsagE28ADcmQvk=", + "owner": "cachix", + "repo": "cachix", + "rev": "02e38da89851ec7fec3356a5c04bc8349cae0e30", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "cachix", + "type": "github" + } + }, + "crane": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1718474113, + "narHash": "sha256-UKrfy/46YF2TRnxTtKCYzqf2f5ZPRRWwKCCJb7O5X8U=", + "owner": "ipetkov", + "repo": "crane", + "rev": "0095fd8ea00ae0a9e6014f39c375e40c2fbd3386", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "deploy": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1718194053, + "narHash": "sha256-FaGrf7qwZ99ehPJCAwgvNY5sLCqQ3GDiE/6uLhxxwSY=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "3867348fa92bc892eba5d9ddb2d7a97b9e127a8a", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "devenv": { + "inputs": { + "cachix": "cachix", + "flake-compat": "flake-compat_3", + "nix": "nix_2", + "nixpkgs": [ + "nixpkgs" + ], + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1718265154, + "narHash": "sha256-eTbBvYwGlKExMSTyHQya6+6kdx1rtva/aVfyAZu2NUU=", + "owner": "cachix", + "repo": "devenv", + "rev": "1983f635c29dc68bb0d29b3a7e227579a1d98788", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "latest", + "repo": "devenv", + "type": "github" + } + }, + "devenv_2": { + "inputs": { + "flake-compat": [ + "devenv", + "cachix", + "flake-compat" + ], + "nix": "nix", + "nixpkgs": "nixpkgs_2", + "poetry2nix": "poetry2nix", + "pre-commit-hooks": [ + "devenv", + "cachix", + "pre-commit-hooks" + ] + }, + "locked": { + "lastModified": 1708704632, + "narHash": "sha256-w+dOIW60FKMaHI1q5714CSibk99JfYxm0CzTinYWr+Q=", + "owner": "cachix", + "repo": "devenv", + "rev": "2ee4450b0f4b95a1b90f2eb5ffea98b90e48c196", + "type": "github" + }, + "original": { + "owner": "cachix", + "ref": "python-rewrite", + "repo": "devenv", + "type": "github" + } + }, + "emacs": { + "inputs": { + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_6", + "nixpkgs-stable": "nixpkgs-stable_3" + }, + "locked": { + "lastModified": 1714614481, + "narHash": "sha256-vykQwGwiu178RHmmRRTzId3qpc9YQtY29Jie7E2GFMg=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "cccda8508481ea8c8ff4e50a297900ed54b26dc3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs-f2k", + "nixpkgs-fmt", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1637475807, + "narHash": "sha256-E3nzOvlzZXwyo8Stp5upKsTCDcqUTYAFj4EC060A31c=", + "owner": "nix-community", + "repo": "fenix", + "rev": "960e7fef45692a4fffc6df6d6b613b0399bbdfd5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "locked": { + "lastModified": 1637014545, + "narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_7": { + "locked": { + "lastModified": 1629284811, + "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "devenv", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1719677234, + "narHash": "sha256-qO9WZsj/0E6zcK4Ht1y/iJ8XfwbBzq7xdqhBh44OP/M=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "36317d4d38887f7629876b0e43c8d9593c5cc48d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_4", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_4", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1718782018, + "narHash": "sha256-8SBmf7Sx5xMLzL4VGEU0fe8cuq0yMumdkXgOPXXD3Bo=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "6fa7bc0522f71d3906a3788bbd80c344cd9c4523", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, + "nix": { + "inputs": { + "flake-compat": "flake-compat_2", + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1712911606, + "narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=", + "owner": "domenkozar", + "repo": "nix", + "rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "devenv-2.21", + "repo": "nix", + "type": "github" + } + }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688870561, + "narHash": "sha256-4UYkifnPEw1nAzqqPOTL2MvWtm3sNGw1UTYTalkTcGY=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "165b1650b753316aa7f1787f3005a8d2da0f5301", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nix_2": { + "inputs": { + "flake-compat": [ + "devenv", + "flake-compat" + ], + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression_2" + }, + "locked": { + "lastModified": 1712911606, + "narHash": "sha256-BGvBhepCufsjcUkXnEEXhEVjwdJAwPglCC2+bInc794=", + "owner": "domenkozar", + "repo": "nix", + "rev": "b24a9318ea3f3600c1e24b4a00691ee912d4de12", + "type": "github" + }, + "original": { + "owner": "domenkozar", + "ref": "devenv-2.21", + "repo": "nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1702272962, + "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-24_05": { + "locked": { + "lastModified": 1717144377, + "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "805a384895c696f802a9bf5bf4720f37385df547", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-24.05", + "type": "indirect" + } + }, + "nixpkgs-f2k": { + "inputs": { + "emacs": "emacs", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-fmt": "nixpkgs-fmt", + "parts": "parts" + }, + "locked": { + "lastModified": 1714616867, + "narHash": "sha256-GHvEVdWFSP5Ci7J3ZmcrBs/vag+NJ0ub8j9V0tZjAVM=", + "owner": "fortuneteller2k", + "repo": "nixpkgs-f2k", + "rev": "07f53aa9b3f4ce64fd39903ba09a3d8e26e4ecee", + "type": "github" + }, + "original": { + "owner": "fortuneteller2k", + "repo": "nixpkgs-f2k", + "type": "github" + } + }, + "nixpkgs-fmt": { + "inputs": { + "fenix": "fenix", + "flake-utils": "flake-utils_6", + "nixpkgs": [ + "nixpkgs-f2k", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1710146057, + "narHash": "sha256-GLZNcoQT3AWGg1ZINKOgHcD1/LgDStI6hZbfsisjOgM=", + "owner": "nix-community", + "repo": "nixpkgs-fmt", + "rev": "f048515c9a98d7e2e4b034ec77641acc8a58098d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs-fmt", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1714253743, + "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-regression_2": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_3": { + "locked": { + "lastModified": 1714531828, + "narHash": "sha256-ILsf3bdY/hNNI/Hu5bSt2/KbmHaAVhBbNUOdGztTHEg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0638fe2715d998fa81d173aad264eb671ce2ebc1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_4": { + "locked": { + "lastModified": 1719663039, + "narHash": "sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4a1e673523344f6ccc84b37f4413ad74ea19a119", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_5": { + "locked": { + "lastModified": 1719663039, + "narHash": "sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4a1e673523344f6ccc84b37f4413ad74ea19a119", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1692808169, + "narHash": "sha256-x9Opq06rIiwdwGeK2Ykj69dNc2IvUH1fY55Wm7atwrE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9201b5ff357e781bf014d0330d18555695df7ba8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1719254875, + "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1718541509, + "narHash": "sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ba06293cdba1c94af9710024abf3b94cf8d76349", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1719506693, + "narHash": "sha256-C8e9S7RzshSdHB7L+v9I51af1gDM5unhJ2xO1ywxNH8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b2852eb9365c6de48ffb0dc2c9562591f652242a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1714253743, + "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1719468428, + "narHash": "sha256-vN5xJAZ4UGREEglh3lfbbkIj+MPEYMuqewMn4atZFaQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1e3deb3d8a86a870d925760db1a5adecc64d329d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nurpkgs": { + "locked": { + "lastModified": 1719762299, + "narHash": "sha256-hD+5hNGqPBipDTuZZImSCU36RqacSJadHjQtK/gbaxU=", + "owner": "nix-community", + "repo": "NUR", + "rev": "80b917d886c6554264f71e1fc68e6b17cd5fdfa1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1714606777, + "narHash": "sha256-bMkNmAXLj8iyTvxaaD/StcLSadbj1chPcJOjtuVnLmA=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "4d34ce6412bc450b1d4208c953dc97c7fc764f1a", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "poetry2nix": { + "inputs": { + "flake-utils": "flake-utils", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "devenv", + "cachix", + "devenv", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1692876271, + "narHash": "sha256-IXfZEkI0Mal5y1jr6IRWMqK8GW2/f28xJenZIPQqkY0=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "d5006be9c2c2417dafb2e2e5034d83fabd207ee3", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": [ + "devenv", + "flake-compat" + ], + "flake-utils": "flake-utils_2", + "gitignore": "gitignore", + "nixpkgs": [ + "devenv", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1713775815, + "narHash": "sha256-Wu9cdYTnGQQwtT20QQMg7jzkANKQjwBD9iccfGKkfls=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "2ac4dcbf55ed43f3be0bae15e181f08a57af24a4", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore_2", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1717664902, + "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "deploy": "deploy", + "devenv": "devenv", + "flake-utils": "flake-utils_3", + "home-manager": "home-manager", + "lanzaboote": "lanzaboote", + "nixpkgs": "nixpkgs_5", + "nixpkgs-f2k": "nixpkgs-f2k", + "nixpkgs-stable": "nixpkgs-stable_4", + "nurpkgs": "nurpkgs", + "rycee-nurpkgs": "rycee-nurpkgs", + "simple-nixos-mailserver": "simple-nixos-mailserver", + "sops-nix": "sops-nix" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1637439871, + "narHash": "sha256-2awQ/obzl7zqYgLwbQL0zT58gN8Xq7n+81GcMiS595I=", + "owner": "rust-analyzer", + "repo": "rust-analyzer", + "rev": "4566414789310acb2617543f4b50beab4bb48e06", + "type": "github" + }, + "original": { + "owner": "rust-analyzer", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1718504420, + "narHash": "sha256-F2HT/abCfr0CDpkvXwYCscJyD66XDTLMVfdrIMRp2ck=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "0043c3f92304823cc2c0a4354b0feaa61dfb4cd9", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rycee-nurpkgs": { + "inputs": { + "flake-utils": "flake-utils_7", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "dir": "pkgs/firefox-addons", + "lastModified": 1719644951, + "narHash": "sha256-MTF+/uUIdFNeyzEFirWyza43AFfr3Syld7aPw2CSCkI=", + "owner": "rycee", + "repo": "nur-expressions", + "rev": "590551ba0bb0f960c7fcd37d6ff3a429f7cc9dd1", + "type": "gitlab" + }, + "original": { + "dir": "pkgs/firefox-addons", + "owner": "rycee", + "repo": "nur-expressions", + "type": "gitlab" + } + }, + "simple-nixos-mailserver": { + "inputs": { + "blobs": "blobs", + "flake-compat": "flake-compat_5", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-24_05": "nixpkgs-24_05" + }, + "locked": { + "lastModified": 1718697807, + "narHash": "sha256-Enla61WFisytTYbWygPynEbu8vozjeGc6Obkj2GRj7o=", + "owner": "simple-nixos-mailserver", + "repo": "nixos-mailserver", + "rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b", + "type": "gitlab" + }, + "original": { + "owner": "simple-nixos-mailserver", + "ref": "master", + "repo": "nixos-mailserver", + "type": "gitlab" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_7", + "nixpkgs-stable": "nixpkgs-stable_5" + }, + "locked": { + "lastModified": 1719716556, + "narHash": "sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8+awNMyqs=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "b5974d4331fb6c893e808977a2e1a6d34b3162d6", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..b99a80a --- /dev/null +++ b/flake.nix @@ -0,0 +1,36 @@ +{ + description = "Deployment for my server cluster"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11"; + flake-utils.url = "github:numtide/flake-utils"; + deploy.url = "github:serokell/deploy-rs"; + nurpkgs.url = "github:nix-community/NUR"; + sops-nix.url = "github:Mic92/sops-nix"; + lanzaboote.url = "github:nix-community/lanzaboote"; + home-manager.url = "github:nix-community/home-manager"; + + simple-nixos-mailserver = { + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + rycee-nurpkgs = { + url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + nixpkgs-f2k = { + url = "github:fortuneteller2k/nixpkgs-f2k"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + devenv = { + url = "github:cachix/devenv/latest"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = {...} @ args: import ./outputs.nix args; +} diff --git a/home-modules/firefox-webapp.nix b/home-modules/firefox-webapp.nix new file mode 100644 index 0000000..1fbbfe4 --- /dev/null +++ b/home-modules/firefox-webapp.nix @@ -0,0 +1,206 @@ +{ + pkgs, + config, + lib, + ... +}: let + inherit (builtins) getAttr stringLength substring; + inherit (lib) mkOption; + inherit (lib.attrsets) mapAttrs mapAttrs' nameValuePair; + inherit (lib.strings) concatStringsSep toUpper; + + make-app-profiles = cfg: + mapAttrs' (name: cfg: + nameValuePair "home-manager-webapp-${name}" { + id = cfg.id; + + userChrome = '' + @namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); + + browser { + margin-right: 0px; margin-bottom: 0px; + } + + #TabsToolbar { + visibility: collapse !important; + } + + #nav-bar { + margin-top: 0; + margin-bottom: -42px; + z-index: -100; + } + + #main-window[windowtype="navigator:browser"] { + background-color: transparent !important; + } + + .tab-background[selected="true"] { + background: ${cfg.backgroundColor} !important; + } + ''; + + settings = + cfg.extraSettings + // { + "browser.sessionstore.resume_session_once" = false; + "browser.sessionstore.resume_from_crash" = false; + "browser.cache.disk.enable" = false; + "browser.cache.disk.capacity" = 0; + "browser.cache.disk.filesystem_reported" = 1; + "browser.cache.disk.smart_size.enabled" = false; + "browser.cache.disk.smart_size.first_run" = false; + "browser.cache.disk.smart_size.use_old_max" = false; + "browser.ctrlTab.previews" = true; + "browser.tabs.warnOnClose" = false; + "plugin.state.flash" = 2; + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "browser.tabs.drawInTitlebar" = false; + "browser.tabs.inTitlebar" = 0; + "browser.contentblocking.category" = "strict"; + "browser.link.open_newwindow" = 2; + "browser.link.open_newwindow.restriction" = 1; + "network.cookie.lifetimePolicy" = 0; + "layout.css.prefers-color-scheme.content-override" = getAttr cfg.theme { + dark = 0; + light = 1; + system = 2; + }; + }; + }) + cfg; +in { + options.programs.firefox.webapps = mkOption { + default = {}; + + type = with lib.types; + attrsOf (submodule { + options = { + #################### + # Firefox settings # + #################### + url = mkOption { + type = str; + description = "The URL of the webapp to launch."; + }; + + id = mkOption { + type = int; + description = "The Firefox profile ID to set."; + }; + + extraArgs = mkOption { + type = listOf string; + default = []; + description = "Extra args to launch Firefox with."; + }; + + extraSettings = mkOption { + type = attrsOf (either bool (either int str)); + default = {}; + description = "Additional Firefox profile settings."; + }; + + backgroundColor = mkOption { + type = str; + default = "rgba(0, 0, 0, 0)"; + description = "The background color to use for loading pages."; + }; + + theme = mkOption { + type = enum ["dark" "light" "system"]; + default = "system"; + description = "The application CSS theme to use, if supported."; + }; + + ######################### + # Desktop file settings # + ######################### + + # Copied from xdg.desktopEntries, with slight modification for default settings + name = mkOption { + type = nullOr str; + default = null; + description = "Specific name of the application. Defaults to the capitalized attribute name."; + }; + + mimeType = mkOption { + description = "The MIME type(s) supported by this application."; + type = nullOr (listOf str); + default = ["text/html" "text/xml" "application/xhtml_xml"]; + }; + + # Copied verbatim from xdg.desktopEntries. + genericName = mkOption { + type = nullOr str; + default = null; + description = "Generic name of the application."; + }; + + comment = mkOption { + type = nullOr str; + default = null; + description = "Tooltip for the entry."; + }; + + categories = mkOption { + type = nullOr (listOf str); + default = null; + description = "Categories in which the entry should be shown in a menu."; + }; + + icon = mkOption { + type = nullOr (either str path); + default = null; + description = "Icon to display in file manager, menus, etc."; + }; + + prefersNonDefaultGPU = mkOption { + type = nullOr bool; + default = null; + description = '' + If true, the application prefers to be run on a more + powerful discrete GPU if available. + ''; + }; + }; + }); + + description = "Websites to create special site-specific Firefox instances for."; + }; + + config = { + programs.firefox.profiles = make-app-profiles config.programs.firefox.webapps; + + xdg.desktopEntries = + mapAttrs (name: cfg: { + inherit (cfg) genericName comment categories icon mimeType prefersNonDefaultGPU; + + name = + if cfg.name == null + then (toUpper (substring 0 1 name)) + (substring 1 (stringLength name) name) + else cfg.name; + + startupNotify = true; + terminal = false; + type = "Application"; + + exec = concatStringsSep " " ([ + "${config.programs.firefox.package}/bin/firefox" + "--class" + "WebApp-${name}" + "-P" + "${config.programs.firefox.profiles."home-manager-webapp-${name}".path}" + "--no-remote" + ] + ++ cfg.extraArgs + ++ ["${cfg.url}"]); + + settings = { + X-MultipleArgs = "false"; # Consider enabling, don't know what this does + StartupWMClass = "WebApp-${name}"; + }; + }) + config.programs.firefox.webapps; + }; +} diff --git a/home-modules/modules-list.nix b/home-modules/modules-list.nix new file mode 100644 index 0000000..a9cf77d --- /dev/null +++ b/home-modules/modules-list.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./firefox-webapp.nix + ]; +} diff --git a/home/configurations.nix b/home/configurations.nix new file mode 100644 index 0000000..4bc3c32 --- /dev/null +++ b/home/configurations.nix @@ -0,0 +1,43 @@ +{ + nixpkgs, + nurpkgs, + home-manager, + devenv, + ... +}: let + pkgs = import nixpkgs { + system = "x86_64-linux"; + }; + + nur = import nurpkgs { + inherit pkgs; + nurpkgs = pkgs; + }; +in { + work = home-manager.lib.homeManagerConfiguration { + inherit pkgs; + + extraSpecialArgs = { + inherit devenv; # TODO: Remove dependency on devenv + ff-addons = nur.repos.rycee.firefox-addons; + }; + + modules = [ + ../home-modules/modules-list.nix + ./work + ]; + }; + + framework = home-manager.lib.homeManagerConfiguration { + inherit pkgs; + + extraSpecialArgs = { + ff-addons = nur.repos.rycee.firefox-addons; + }; + + modules = [ + # ../home-modules/modules-list.nix + ./framework + ]; + }; +} diff --git a/home/framework/default.nix b/home/framework/default.nix new file mode 100644 index 0000000..312c1fc --- /dev/null +++ b/home/framework/default.nix @@ -0,0 +1,64 @@ +{ + config, + pkgs, + ... +}: { + home = { + stateVersion = "23.11"; + username = "patrick"; + homeDirectory = "/home/${config.home.username}"; + packages = with pkgs; [ + git # TODO: use programs.git + pinentry + acpi + moonlight-qt + vesktop + telegram-desktop + ]; + sessionPath = ["~/.local/bin"]; + sessionVariables = { + SSH_AUTH_SOCK = "/run/user/1000/ssh-agent"; + }; + }; + + xdg.enable = true; + + imports = builtins.concatMap import [ + ./programs + ]; + + accounts.email.accounts = { + patrick = { + primary = true; + realName = "Patrick Michl"; + address = "me@fuckwit.dev"; + userName = "me@fuckwit.dev"; + + gpg = { + key = "5FA64909521A5C85992F26E0F819AEFF941BB849"; + signByDefault = true; + }; + + imap = { + host = "mail.fuckwit.dev"; + port = 143; + tls = { + useStartTls = true; + }; + }; + + smtp = { + host = "mail.fuckwit.dev"; + port = 587; + tls = { + useStartTls = true; + }; + }; + + thunderbird = { + enable = true; + profiles = ["main"]; + }; + }; + }; +} diff --git a/home/framework/programs/default.nix b/home/framework/programs/default.nix new file mode 100644 index 0000000..fe984d6 --- /dev/null +++ b/home/framework/programs/default.nix @@ -0,0 +1,103 @@ +[ + ./firefox + ./hyprland + { + programs = { + swaylock.enable = true; + zoxide.enable = true; + + bash = { + enable = true; + enableVteIntegration = true; + enableCompletion = true; + }; + + starship = { + enable = true; + + settings = { + add_newline = false; + }; + }; + + eza = { + enable = true; + + icons = true; + git = true; + }; + + atuin = { + enable = true; + flags = ["--disable-up-arrow"]; + settings = { + enter_accept = false; + }; + }; + + waybar = { + enable = true; + + settings.mainbar = { + layer = "top"; + position = "top"; + height = 30; + + modules-left = ["hyprland/workspaces"]; + modules-right = ["pulseaudio" "network" "cpu" "memory" "temperature" "battery" "clock" "tray"]; + }; + }; + + helix = { + enable = true; + defaultEditor = true; + + settings = { + theme = "onedark"; + + editor = { + line-number = "relative"; + true-color = true; + gutters = ["diagnostics" "spacer" "line-numbers" "spacer" "diff"]; + cursorline = true; + completion-trigger-len = 2; + + cursor-shape = { + insert = "bar"; + normal = "block"; + select = "underline"; + }; + + lsp = { + display-messages = true; + display-inlay-hints = true; + }; + + statusline = { + left = ["mode" "spinner"]; + center = ["file-name"]; + right = ["diagnostics" "selections" "position" "file-encoding" "file-line-ending" "file-type" "version-control"]; + + mode = { + normal = "NORMAL"; + insert = "INSERT"; + select = "SELECT"; + }; + }; + }; + }; + }; + + thunderbird = { + enable = true; + + profiles = { + main = { + isDefault = true; + withExternalGnupg = true; + }; + }; + }; + }; + } +] diff --git a/home/framework/programs/firefox/default.nix b/home/framework/programs/firefox/default.nix new file mode 100644 index 0000000..677a768 --- /dev/null +++ b/home/framework/programs/firefox/default.nix @@ -0,0 +1,129 @@ +{ + pkgs, + lib, + stdenv, + specialArgs, + ... +}: let + extensions = with specialArgs.ff-addons; [ + bitwarden + darkreader + i-dont-care-about-cookies + privacy-badger + ublock-origin + tree-style-tab + tridactyl + ]; + + customChrome = '' + @-moz-document url(chrome://browser/content/browser.xhtml) { + /* tabs on bottom of window */ + /* requires that you set + * toolkit.legacyUserProfileCustomizations.stylesheets = true + * in about:config + */ + #main-window body { flex-direction: column-reverse !important; } + #navigator-toolbox { flex-direction: column-reverse !important; } + #urlbar { + top: unset !important; + bottom: calc((var(--urlbar-toolbar-height) - var(--urlbar-height)) / 2) !important; + box-shadow: none !important; + display: flex !important; + flex-direction: column !important; + } + #urlbar-input-container { + order: 2; + } + #urlbar > .urlbarView { + order: 1; + border-bottom: 1px solid #666; + } + #urlbar-results { + display: flex; + flex-direction: column-reverse; + } + .search-one-offs { display: none !important; } + .tab-background { border-top: none !important; } + #navigator-toolbox::after { border: none; } + #TabsToolbar .tabbrowser-arrowscrollbox, + #tabbrowser-tabs, .tab-stack { min-height: 28px !important; } + .tabbrowser-tab { font-size: 80%; } + .tab-content { padding: 0 5px; } + .tab-close-button .toolbarbutton-icon { width: 12px !important; height: 12px !important; } + toolbox[inFullscreen=true] { display: none; } + } + ''; + + userChrome = customChrome; + + # ~/.mozilla/firefox/PROFILE_NAME/prefs.js | user.js + settings = { + "app.normandy.first_run" = false; + "app.shield.optoutstudies.enabled" = false; + + # disable updates (pretty pointless with nix) + "app.update.channel" = "default"; + + "browser.contentblocking.category" = "standard"; # "strict" + "browser.ctrlTab.recentlyUsedOrder" = false; + + "browser.download.viewableInternally.typeWasRegistered.svg" = true; + "browser.download.viewableInternally.typeWasRegistered.webp" = true; + "browser.download.viewableInternally.typeWasRegistered.xml" = true; + + "browser.search.region" = "DE"; + + "browser.shell.checkDefaultBrowser" = false; + "browser.tabs.loadInBackground" = true; + "browser.urlbar.placeholderName" = "EnteEnteLauf"; + "browser.urlbar.showSearchSuggestionsFirst" = false; + + # disable all the annoying quick actions + "browser.urlbar.quickactions.enabled" = false; + "browser.urlbar.quickactions.showPrefs" = false; + "browser.urlbar.shortcuts.quickactions" = false; + "browser.urlbar.suggest.quickactions" = false; + + "distribution.searchplugins.defaultLocale" = "en-US"; + + "doh-rollout.balrog-migration-done" = true; + "doh-rollout.doneFirstRun" = true; + + "general.useragent.locale" = "en-US"; + + "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + + "extensions.extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + "extensions.update.enabled" = false; + "extensions.webcompat.enable_picture_in_picture_overrides" = true; + "extensions.webcompat.enable_shims" = true; + "extensions.webcompat.perform_injections" = true; + "extensions.webcompat.perform_ua_overrides" = true; + + "privacy.donottrackheader.enabled" = true; + "browser.translations.enable" = false; + + # Yubikey + "security.webauth.u2f" = true; + "security.webauth.webauthn" = true; + "security.webauth.webauthn_enable_softtoken" = false; + "security.webauth.webauthn_enable_usbtoken" = true; + + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "layout.word_select.stop_at_punctuation" = false; + }; +in { + programs.firefox = { + enable = true; + + package = pkgs.firefox-bin; + + profiles = { + default = { + isDefault = true; + id = 0; + inherit extensions settings userChrome; + }; + }; + }; +} diff --git a/home/framework/programs/hyprland/default.nix b/home/framework/programs/hyprland/default.nix new file mode 100644 index 0000000..4f06c71 --- /dev/null +++ b/home/framework/programs/hyprland/default.nix @@ -0,0 +1,122 @@ +{pkgs, ...}: { + wayland.windowManager.hyprland = let + locker = "${pkgs.swaylock}/bin/swaylock"; + set-dpms = "${pkgs.hyprland}/bin/hyprctl dispatcher dpms"; + locked-dpms = pkgs.writeShellScript "locked-dpms.sh" '' + ${pkgs.swayidle}/bin/swayidle -w \ + timeout 10 'if pgrep -x swaylock; then ${set-dpms} off; fi' \ + resume '${set-dpms} on' + ''; + idle-script = pkgs.writeShellScript "idle-lock.sh" '' + ${pkgs.swayidle}/bin/swayidle -w \ + timeout 300 '${locker} -f' \ + timeout 330 '${set-dpms} off' \ + resume '${set-dpms} on' + ''; + in { + enable = true; + settings = { + "$mod" = "SUPER"; + + monitor = [ + "eDP-1,2256x1504,0x0,1.566667" + "desc:LG Electronics LG ULTRAWIDE 0x000219F2,2560x1080,1440x0,1" + "desc:Fujitsu Siemens Computers GmbH B22W-6 LED YV3U164923,1680x1050,4000x0,1" + ",preferred,auto,1" + ]; + + exec-once = [ + "${pkgs.waybar}/bin/waybar" + "${pkgs.mako}/bin/mako" + idle-script + locked-dpms + ]; + + input = { + kb_layout = "us,de"; + follow_mouse = 1; + }; + + general = { + gaps_in = 5; + gaps_out = 5; + border_size = 1; + layout = "dwindle"; + allow_tearing = false; + "col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg"; + "col.inactive_border" = "rgba(595959aa)"; + }; + + decoration = { + rounding = 5; + drop_shadow = true; + shadow_range = 4; + shadow_render_power = 3; + "col.shadow" = "rgba(1a1a1aee)"; + + blur = { + enabled = true; + size = 3; + passes = 1; + }; + }; + + animations = { + enabled = true; + bezier = "myBezier, 0.05, 0.9, 0.1, 1.05"; + + animation = [ + "windows, 1, 3, myBezier" + "windowsOut, 1, 3, default, popin 80%" + "border, 1, 3, default" + "borderangle, 1, 3, default" + "fade, 1, 3, default" + "workspaces, 1, 3, default" + ]; + }; + + bind = + [ + ", PRINT, exec, ${pkgs.hyprshot}/bin/hyprshot -m region --clipboard-only" + "$mod, return, exec, ${pkgs.alacritty}/bin/alacritty" + "$mod, D, exec, ${pkgs.rofi-wayland}/bin/rofi -show drun" + "$mod SHIFT, Q, killactive, " + "$mod, L, exec, ${locker}" + "$mod, V, togglefloating, " + "$mod, F, fullscreen, 1" + "$mod, P, pseudo, # dwindle" + "$mod, J, togglesplit, # dwindle" + "$mod, left, movefocus, l" + "$mod, right, movefocus, r" + "$mod, up, movefocus, u" + "$mod, down, movefocus, d" + "$mod, S, togglespecialworkspace, magic" + "$mod SHIFT, S, movetoworkspace, special:magic" + ] + ++ builtins.concatLists (builtins.genList ( + x: let + num = builtins.toString (x + 1); + in [ + "$mod, ${num}, workspace, ${num}" + "$mod SHIFT, ${num}, movetoworkspace, ${num}" + ] + ) + 9); + + bindm = [ + "$mod, mouse:272, movewindow" + "$mod, mouse:273, resizewindow" + ]; + + device = { + name = "razer-razer-blackwidow-chroma"; + kb_layout = "de"; + }; + + misc = { + mouse_move_enables_dpms = true; + key_press_enables_dpms = true; + }; + }; + }; +} diff --git a/home/work/default.nix b/home/work/default.nix new file mode 100644 index 0000000..59b13a0 --- /dev/null +++ b/home/work/default.nix @@ -0,0 +1,24 @@ +{ + config, + pkgs, + devenv, + ... +}: { + home = { + stateVersion = "22.11"; + username = "patrick"; + homeDirectory = "/home/${config.home.username}"; + packages = (pkgs.callPackage ./pkgs.nix {}) ++ [devenv.packages.${pkgs.system}.devenv]; + sessionPath = ["~/.local/bin"]; + sessionVariables = { + SSH_AUTH_SOCK = "/run/user/1000/ssh-agent"; + }; + }; + + xdg.enable = true; + + imports = builtins.concatMap import [ + ./programs + ./services + ]; +} diff --git a/home/work/pkgs.nix b/home/work/pkgs.nix new file mode 100644 index 0000000..f5275d1 --- /dev/null +++ b/home/work/pkgs.nix @@ -0,0 +1,42 @@ +{pkgs, ...}: +with pkgs; [ + age # Modern encryption tool with small explicit keys + arandr # simple GUI for xrandr + atuin + dig # dns command-line tool + fd # "find" for files + geckodriver # remote controll firefox + helix # modal editor + htop # process monitor + hyperfine # command-line benchmarking tool + i3lock # screen locker + imagemagick # selection screenshot stuff + just # just a command runner + keepassxc # password manager + lazygit # git client + libnotify # notify-send command + libsecret + libreoffice + linphone + logseq # note taking utility + mtr # traceroute + mumble # voice call client + ncdu # disk space info (a better du) + neovim-unwrapped # best code editor on the planet + networkmanagerapplet # systray applet for NetworkManager + nitrogen # wallpapger manager + nushellFull # A modern shell written in Rust + ouch # painless compression and decompression for your terminal + pavucontrol # pulseaudio volume control + playerctl # music player controller + podman-compose # podman manager + restic # incremental backup tool + ripgrep # fast grep + rocketchat-desktop # company chat + sops # Mozilla sops (Secrets OPerationS) is an editor of encrypted files + thunderbird # email client + xclip # clipboard support + xsel # clipboard support (also for neovim) + zeal # offline documentation browser + zellij # A terminal workspace with batteries included +] diff --git a/home/work/programs/alacritty/default.nix b/home/work/programs/alacritty/default.nix new file mode 100644 index 0000000..2f6ce0e --- /dev/null +++ b/home/work/programs/alacritty/default.nix @@ -0,0 +1,100 @@ +{...}: { + programs.alacritty = { + enable = true; + + settings = { + live_config_reload = true; + + env.TERM = "xterm-256color"; + bell.duration = 0; + cursor.style = "Block"; + + scrolling = { + history = 10000; + multiplier = 3; + }; + + window = { + decorations = "full"; + dynamic_title = false; + opacity = 0.9; + + dimensions = { + columns = 0; + lines = 0; + }; + + padding = { + x = 2; + y = 2; + }; + }; + + font = { + size = 11.0; + + normal = { + family = "Comic Mono Nerd Font"; + style = "Regular"; + }; + + bold = { + family = "Comic Mono Nerd Font"; + style = "Bold"; + }; + + italic = { + family = "Comic Mono Nerd Font"; + style = "Italic"; + }; + }; + + mouse.bindings = [ + { + mouse = "Middle"; + action = "PasteSelection"; + } + ]; + + colors = { + primary = { + background = "0x000000"; + foreground = "0xeaeaea"; + }; + + normal = { + black = "0x000000"; + red = "0xd54e53"; + green = "0xb9ca4a"; + yellow = "0xe6c547"; + blue = "0x7aa6da"; + magenta = "0xc397d8"; + cyan = "0x70c0ba"; + white = "0xffffff"; + }; + + bright = { + black = "0x666666"; + red = "0xff3334"; + green = "0x9ec400"; + yellow = "0xe7c547"; + blue = "0x7aa6da"; + magenta = "0xb77ee0"; + cyan = "0x54ced6"; + white = "0xffffff"; + }; + + dim = { + black = "0x333333"; + red = "0xf2777a"; + green = "0x99cc99"; + yellow = "0xffcc66"; + blue = "0x6699cc"; + magenta = "0xcc99cc"; + cyan = "0x66cccc"; + white = "0xdddddd"; + }; + }; + }; + }; +} diff --git a/home/work/programs/autorandr/default.nix b/home/work/programs/autorandr/default.nix new file mode 100644 index 0000000..d23475b --- /dev/null +++ b/home/work/programs/autorandr/default.nix @@ -0,0 +1,132 @@ +{...}: let + eDPId = "00ffffffffffff0006af3d5700000000001c0104a51f1178022285a5544d9a270e505400000001010101010101010101010101010101b43780a070383e401010350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343048414e30352e37200a0070"; + homeLGId = "00ffffffffffff001e6df976f2190200071b010380502278eaca95a6554ea1260f5054256b807140818081c0a9c0b300d1c08100d1cfcd4600a0a0381f4030203a001e4e3100001a295900a0a038274030203a001e4e3100001a000000fd00284b5a5a18000a202020202020000000fc004c4720554c545241574944450a0154020323f12309070747100403011f13128301000065030c001000681a00000101284b008c0ad08a20e02d10103e96001e4e31000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000045"; + homeFujitsuId = "00ffffffffffff001ab3f4070101010130150103802f1e782ac665a059589d270e5054a54b008180950001010101010101010101010121399030621a274068b03600da281100001c000000fc00423232572d36204c45440a2020000000fd00384c1e5210000a202020202020000000ff00595633553136343932330a20200065"; + officeFirstId = "00ffffffffffff0022640565000000002d15010380341d78eaeed5a555489b26125054bfef80d1c0b300a9409500904081808140714f023a801871382d40582c450009252100001e000000ff0031323334353637383930313233000000fd00384b1e5312000a202020202020000000fc00484c3234394450420a2020202000c1"; + officeFirstAltId = "00ffffffffffff0022640565000000002d15010380341d78eaeed5a555489b26125054bfef80d1c0b300a9409500904081808140714f023a801871382d40582c450009252100001e000000ff0031323334353637383930313233000000fd00384b1e5310000a202020202020000000fc00484c3234394450420a2020202000c3"; + officeSecondId = "00ffffffffffff0022640565000000002d15010380341d78eaeed5a555489b26125054bfef80d1c0b300a9409500904081808140714f023a801871382d40582c450009252100001e000000ff0031323334353637383930313233000000fd00384b1e5312000a202020202020000000fc00484c3234394450420a2020202000c1"; + officeSecondAltId = "00ffffffffffff0022640565000000002d15010380341d78eaeed5a555489b26125054bfef80d1c0b300a9409500904081808140714f023a801871382d40582c450009252100001e000000ff0031323334353637383930313233000000fd00384b1e5310000a202020202020000000fc00484c3234394450420a2020202000c3"; +in { + programs.autorandr = { + enable = true; + + hooks = { + predetect = {}; + preswitch = {}; + postswitch = {}; + }; + + profiles = { + "laptop" = { + fingerprint = { + eDP-1 = eDPId; + }; + + config = { + eDP-1 = { + crtc = 1; + mode = "1920x1080"; + position = "0x0"; + rate = "60.03"; + }; + }; + }; + + "home" = { + fingerprint = { + eDP-1 = eDPId; + DP-3 = homeLGId; + DP-5 = homeFujitsuId; + }; + + config = { + eDP-1 = { + crtc = 1; + mode = "1920x1080"; + position = "0x0"; + rate = "60.03"; + }; + + DP-3 = { + primary = true; + crtc = 0; + mode = "2560x1080"; + position = "1920x0"; + rate = "59.98"; + }; + + DP-5 = { + crtc = 2; + mode = "1680x1050"; + position = "4480x30"; + rate = "59.95"; + }; + }; + }; + + "office" = { + fingerprint = { + eDP-1 = eDPId; + DP-3 = officeFirstId; + DP-5 = officeSecondId; + }; + + config = { + eDP-1 = { + crtc = 1; + mode = "1920x1080"; + position = "0x0"; + rate = "60.03"; + }; + + DP-3 = { + crtc = 2; + mode = "1920x1080"; + position = "3840x0"; + rate = "60.00"; + }; + + DP-5 = { + primary = true; + crtc = 0; + mode = "1920x1080"; + position = "1920x0"; + rate = "60.00"; + }; + }; + }; + + "office-alt" = { + fingerprint = { + eDP-1 = eDPId; + DP-4 = officeFirstAltId; + DP-7 = officeSecondAltId; + }; + + config = { + eDP-1 = { + crtc = 1; + mode = "1920x1080"; + position = "0x0"; + rate = "60.03"; + }; + + DP-4 = { + crtc = 2; + mode = "1920x1080"; + position = "3840x0"; + rate = "60.00"; + }; + + DP-7 = { + primary = true; + crtc = 0; + mode = "1920x1080"; + position = "1920x0"; + rate = "60.00"; + }; + }; + }; + }; + }; +} diff --git a/home/work/programs/bash/default.nix b/home/work/programs/bash/default.nix new file mode 100644 index 0000000..f3d6755 --- /dev/null +++ b/home/work/programs/bash/default.nix @@ -0,0 +1,18 @@ +{pkgs, ...}: { + programs.bash = { + enable = true; + + shellAliases = { + ls = "eza"; + jssh = "ssh-wrapper jssh"; + jrescue = "ssh-wrapper jrescue"; + rescue = "ssh-wrapper rescue"; + }; + + initExtra = '' + source ${pkgs.blesh}/share/blesh/ble.sh + export PATH=$PATH:~/.local/bin + export SSH_AUTH_SOCK=/run/user/1000/ssh-agent + ''; + }; +} diff --git a/home/work/programs/default.nix b/home/work/programs/default.nix new file mode 100644 index 0000000..7d78415 --- /dev/null +++ b/home/work/programs/default.nix @@ -0,0 +1,97 @@ +[ + ./alacritty + ./autorandr + ./bash + ./firefox + ./rofi + ./tmate + ./xresources + ./hyprland + { + programs = { + home-manager.enable = true; + bat.enable = true; + jq.enable = true; + gpg.enable = true; + swaylock.enable = true; + + eza = { + enable = true; + icons = true; + git = true; + }; + + waybar = { + enable = true; + + settings.mainbar = { + layer = "top"; + position = "top"; + height = 30; + + modules-left = ["hyprland/workspaces"]; + modules-right = ["pulseaudio" "network" "cpu" "memory" "temperature" "battery" "clock" "tray"]; + }; + }; + + atuin = { + enable = true; + flags = ["--disable-up-arrow"]; + settings = { + enter_accept = false; + }; + }; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + fzf = { + enable = true; + defaultCommand = "fd --type file --follow"; # FZF_DEFAULT_COMMAND + defaultOptions = ["--height 20%"]; # FZF_DEFAULT_OPTS + fileWidgetCommand = "fd --type file --follow"; # FZF_CTRL_T_COMMAND + }; + + zoxide = { + enable = true; + # nushell moves faster than zoxide updates + enableNushellIntegration = false; + options = ["--cmd" "cd"]; + }; + + starship = { + enable = true; + # nushell moves faster than starship updates + enableNushellIntegration = false; + settings = { + add_newline = false; + }; + }; + + git = { + enable = true; + userName = "Patrick Michl"; + userEmail = "patrick.michl@hetzner.com"; + + signing = { + key = "BFE0ACEE21CD5EB0"; + signByDefault = true; + }; + + extraConfig = { + pull = { + rebase = true; + }; + merge = { + tool = "nvim"; + }; + mergetool = { + prompt = false; + }; + }; + }; + }; + } +] diff --git a/home/work/programs/firefox/default.nix b/home/work/programs/firefox/default.nix new file mode 100644 index 0000000..fa92488 --- /dev/null +++ b/home/work/programs/firefox/default.nix @@ -0,0 +1,140 @@ +{ + pkgs, + lib, + stdenv, + specialArgs, + ... +}: let + extensions = with specialArgs.ff-addons; [ + bitwarden + darkreader + i-dont-care-about-cookies + privacy-badger + ublock-origin + tree-style-tab + tridactyl + ]; + + customChrome = '' + @-moz-document url(chrome://browser/content/browser.xhtml) { + /* tabs on bottom of window */ + /* requires that you set + * toolkit.legacyUserProfileCustomizations.stylesheets = true + * in about:config + */ + #main-window body { flex-direction: column-reverse !important; } + #navigator-toolbox { flex-direction: column-reverse !important; } + #urlbar { + top: unset !important; + bottom: calc((var(--urlbar-toolbar-height) - var(--urlbar-height)) / 2) !important; + box-shadow: none !important; + display: flex !important; + flex-direction: column !important; + } + #urlbar-input-container { + order: 2; + } + #urlbar > .urlbarView { + order: 1; + border-bottom: 1px solid #666; + } + #urlbar-results { + display: flex; + flex-direction: column-reverse; + } + .search-one-offs { display: none !important; } + .tab-background { border-top: none !important; } + #navigator-toolbox::after { border: none; } + #TabsToolbar .tabbrowser-arrowscrollbox, + #tabbrowser-tabs, .tab-stack { min-height: 28px !important; } + .tabbrowser-tab { font-size: 80%; } + .tab-content { padding: 0 5px; } + .tab-close-button .toolbarbutton-icon { width: 12px !important; height: 12px !important; } + toolbox[inFullscreen=true] { display: none; } + } + ''; + + userChrome = customChrome; + + # ~/.mozilla/firefox/PROFILE_NAME/prefs.js | user.js + settings = { + "app.normandy.first_run" = false; + "app.shield.optoutstudies.enabled" = false; + + # disable updates (pretty pointless with nix) + "app.update.channel" = "default"; + + "browser.contentblocking.category" = "standard"; # "strict" + "browser.ctrlTab.recentlyUsedOrder" = false; + + "browser.download.viewableInternally.typeWasRegistered.svg" = true; + "browser.download.viewableInternally.typeWasRegistered.webp" = true; + "browser.download.viewableInternally.typeWasRegistered.xml" = true; + + "browser.search.region" = "DE"; + + "browser.shell.checkDefaultBrowser" = false; + "browser.tabs.loadInBackground" = true; + "browser.urlbar.placeholderName" = "EnteEnteLauf"; + "browser.urlbar.showSearchSuggestionsFirst" = false; + + # disable all the annoying quick actions + "browser.urlbar.quickactions.enabled" = false; + "browser.urlbar.quickactions.showPrefs" = false; + "browser.urlbar.shortcuts.quickactions" = false; + "browser.urlbar.suggest.quickactions" = false; + + "distribution.searchplugins.defaultLocale" = "en-US"; + + "doh-rollout.balrog-migration-done" = true; + "doh-rollout.doneFirstRun" = true; + + "general.useragent.locale" = "en-US"; + + "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + + "extensions.extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + "extensions.update.enabled" = false; + "extensions.webcompat.enable_picture_in_picture_overrides" = true; + "extensions.webcompat.enable_shims" = true; + "extensions.webcompat.perform_injections" = true; + "extensions.webcompat.perform_ua_overrides" = true; + + "privacy.donottrackheader.enabled" = true; + + # Yubikey + "security.webauth.u2f" = true; + "security.webauth.webauthn" = true; + "security.webauth.webauthn_enable_softtoken" = false; + "security.webauth.webauthn_enable_usbtoken" = true; + + "network.dns.ipv4OnlyDomains" = "google.com"; + + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "layout.word_select.stop_at_punctuation" = false; + }; +in { + programs.firefox = { + enable = true; + + package = pkgs.firefox-bin; + + profiles = { + default = { + isDefault = true; + id = 0; + inherit extensions settings userChrome; + }; + }; + + webapps = { + rocket-chat = { + url = "https://chat.hetzner.company"; + id = 1; + + genericName = "Internet Messenger"; + categories = ["Network" "InstantMessaging"]; + }; + }; + }; +} diff --git a/home/work/programs/hyprland/default.nix b/home/work/programs/hyprland/default.nix new file mode 100644 index 0000000..6375dd6 --- /dev/null +++ b/home/work/programs/hyprland/default.nix @@ -0,0 +1,145 @@ +{pkgs, ...}: { + wayland.windowManager.hyprland = let + locker = "${pkgs.swaylock}/bin/swaylock"; + set-dpms = "${pkgs.hyprland}/bin/hyprctl dispatcher dpms"; + locked-dpms = pkgs.writeShellScript "locked-dpms.sh" '' + ${pkgs.swayidle}/bin/swayidle -w \ + timeout 10 'if pgrep -x swaylock; then ${set-dpms} off; fi' \ + resume '${set-dpms} on' + ''; + idle-script = pkgs.writeShellScript "idle-lock.sh" '' + ${pkgs.swayidle}/bin/swayidle -w \ + timeout 300 '${locker} -f' \ + timeout 330 '${set-dpms} off' \ + resume '${set-dpms} on' + ''; + in { + enable = true; + + settings = { + "$mod" = "SUPER"; + + exec-once = [ + "${pkgs.waybar}/bin/waybar" + "${pkgs.mako}/bin/mako" + idle-script + locked-dpms + ]; + + monitor = [ + "eDP-1,1920x1080,0x0,1.333333" # Laptop screen + "desc:LG Electronics LG ULTRAWIDE 0x000219F2,2560x1080,1440x0,1" # Primary @home + # "desc:Fujitsu Siemens Computers GmbH B22W-6 LED YV3U164923,1680x1050,4000x0,1" # Secondary @home + ",preferred,auto,1" # Automatically configure everything else + ]; + + device = [ + { + name = "razer-razer-blackwidow-chroma"; + kb_layout = "de"; + } + { + name = "at-translated-set-2-keyboard"; + kb_layout = "de"; + } + ]; + + input = { + kb_layout = "us,de"; + follow_mouse = 1; + }; + + general = { + gaps_in = 5; + gaps_out = 5; + border_size = 1; + layout = "dwindle"; + allow_tearing = false; + "col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg"; + "col.inactive_border" = "rgba(595959aa)"; + }; + + decoration = { + rounding = 5; + drop_shadow = true; + shadow_range = 4; + shadow_render_power = 3; + "col.shadow" = "rgba(1a1a1aee)"; + + blur = { + enabled = true; + size = 3; + passes = 1; + }; + }; + + animations = { + enabled = true; + bezier = "myBezier, 0.05, 0.9, 0.1, 1.05"; + + animation = [ + "windows, 1, 3, myBezier" + "windowsOut, 1, 3, default, popin 80%" + "border, 1, 3, default" + "borderangle, 1, 3, default" + "fade, 1, 3, default" + "workspaces, 1, 3, default" + ]; + }; + + bind = + [ + ", PRINT, exec, ${pkgs.hyprshot}/bin/hyprshot -m region --clipboard-only" + "$mod, return, exec, ${pkgs.alacritty}/bin/alacritty" + "$mod, D, exec, ${pkgs.rofi-wayland}/bin/rofi -show drun" + "$mod SHIFT, Q, killactive, " + "$mod, L, exec, ${locker}" + "$mod, V, togglefloating, " + "$mod, F, fullscreen, 1" + "$mod, P, pseudo, # dwindle" + "$mod, J, togglesplit, # dwindle" + "$mod, left, movefocus, l" + "$mod, right, movefocus, r" + "$mod, up, movefocus, u" + "$mod, down, movefocus, d" + "$mod, S, togglespecialworkspace, magic" + "$mod SHIFT, S, movetoworkspace, special:magic" + ] + ++ builtins.concatLists (builtins.genList ( + x: let + num = builtins.toString (x + 1); + in [ + "$mod, ${num}, workspace, ${num}" + "$mod SHIFT, ${num}, movetoworkspace, ${num}" + ] + ) + 9); + + bindm = [ + "$mod, mouse:272, movewindow" + "$mod, mouse:273, resizewindow" + ]; + + bindl = [ + "$mod SHIFT, L, exec, ${locker}" + ]; + + windowrulev2 = [ + # KeePassXC + "float,class:(org.keepassxc.KeePassXC)" + "size 800 600,class:(org.keepassxc.KeePassXC)" + # Thunderbird + "float,class:thunderbird" # Float all thunderbird windows + "tile,class:thunderbird,title:^(Write)" # Don't float the new mail window + "tile,class:thunderbird,title:(Mozilla Thunderbird)$" # Also dont float the main window + "move 100%-606 30,class:thunderbird" # The rest is the notification window. Float it in the top right corner + "noinitialfocus,class:thunderbird,title:^()$" # Make it not pull focus + ]; + + misc = { + mouse_move_enables_dpms = true; + key_press_enables_dpms = true; + }; + }; + }; +} diff --git a/home/work/programs/rofi/default.nix b/home/work/programs/rofi/default.nix new file mode 100644 index 0000000..5c4e783 --- /dev/null +++ b/home/work/programs/rofi/default.nix @@ -0,0 +1,7 @@ +{pkgs, ...}: { + programs.rofi = { + enable = true; + terminal = "${pkgs.alacritty}/bin/alacritty"; + theme = ./theme.rafi; + }; +} diff --git a/home/work/programs/rofi/theme.rafi b/home/work/programs/rofi/theme.rafi new file mode 100644 index 0000000..7fff988 --- /dev/null +++ b/home/work/programs/rofi/theme.rafi @@ -0,0 +1,168 @@ +/** + * rofi -dump-theme output. + * Rofi version: 1.7.5 + **/ +* { + red: rgba ( 220, 50, 47, 100 % ); + selected-active-foreground: rgba ( 0, 142, 212, 100 % ); + lightfg: rgba ( 88, 104, 117, 100 % ); + separatorcolor: rgba ( 0, 54, 66, 100 % ); + urgent-foreground: rgba ( 218, 66, 129, 100 % ); + alternate-urgent-background: rgba ( 0, 43, 55, 100 % ); + lightbg: rgba ( 238, 232, 213, 100 % ); + background-color: transparent; + border-color: rgba ( 0, 43, 55, 100 % ); + normal-background: rgba ( 0, 43, 55, 100 % ); + selected-urgent-background: rgba ( 0, 54, 66, 100 % ); + alternate-active-background: rgba ( 0, 43, 55, 100 % ); + spacing: 2; + blue: rgba ( 38, 139, 210, 100 % ); + alternate-normal-foreground: var(foreground); + urgent-background: rgba ( 0, 43, 55, 100 % ); + selected-normal-foreground: rgba ( 129, 147, 150, 100 % ); + active-foreground: rgba ( 0, 142, 212, 100 % ); + background: rgba ( 0, 43, 55, 100 % ); + selected-active-background: rgba ( 0, 54, 66, 100 % ); + active-background: rgba ( 0, 43, 55, 100 % ); + selected-normal-background: rgba ( 0, 54, 66, 100 % ); + alternate-normal-background: rgba ( 0, 43, 55, 100 % ); + foreground: rgba ( 129, 147, 150, 100 % ); + selected-urgent-foreground: rgba ( 218, 66, 129, 100 % ); + normal-foreground: var(foreground); + alternate-urgent-foreground: var(urgent-foreground); + alternate-active-foreground: var(active-foreground); +} +element { + padding: 1px ; + spacing: 5px ; + border: 0; +} +element normal.normal { + background-color: var(normal-background); + text-color: var(normal-foreground); +} +element normal.urgent { + background-color: var(urgent-background); + text-color: var(urgent-foreground); +} +element normal.active { + background-color: var(active-background); + text-color: var(active-foreground); +} +element selected.normal { + background-color: var(selected-normal-background); + text-color: var(selected-normal-foreground); +} +element selected.urgent { + background-color: var(selected-urgent-background); + text-color: var(selected-urgent-foreground); +} +element selected.active { + background-color: var(selected-active-background); + text-color: var(selected-active-foreground); +} +element alternate.normal { + background-color: var(alternate-normal-background); + text-color: var(alternate-normal-foreground); +} +element alternate.urgent { + background-color: var(alternate-urgent-background); + text-color: var(alternate-urgent-foreground); +} +element alternate.active { + background-color: var(alternate-active-background); + text-color: var(alternate-active-foreground); +} +element-text { + background-color: transparent; + highlight: inherit; + text-color: inherit; +} +element-icon { + background-color: transparent; + size: 1.0000em ; + text-color: inherit; +} +window { + padding: 10; + background-color: var(background); + border: 1; +} +mainbox { + padding: 0; + border: 0; +} +message { + padding: 1px ; + border-color: var(separatorcolor); + border: 2px dash 0px 0px ; +} +textbox { + text-color: var(foreground); +} +listview { + padding: 2px 0px 0px ; + scrollbar: true; + border-color: var(separatorcolor); + spacing: 2px ; + fixed-height: 0; + border: 2px dash 0px 0px ; +} +scrollbar { + width: 4px ; + padding: 0; + handle-width: 8px ; + border: 0; + handle-color: var(normal-foreground); +} +sidebar { + border-color: var(separatorcolor); + border: 2px dash 0px 0px ; +} +button { + spacing: 0; + text-color: var(normal-foreground); +} +button selected { + background-color: var(selected-normal-background); + text-color: var(selected-normal-foreground); +} +num-filtered-rows { + expand: false; + text-color: Gray; +} +num-rows { + expand: false; + text-color: Gray; +} +textbox-num-sep { + expand: false; + str: "/"; + text-color: Gray; +} +inputbar { + padding: 1px ; + spacing: 0px ; + text-color: var(normal-foreground); + children: [ "prompt","textbox-prompt-colon","entry","num-filtered-rows","textbox-num-sep","num-rows","case-indicator" ]; +} +case-indicator { + spacing: 0; + text-color: var(normal-foreground); +} +entry { + text-color: var(normal-foreground); + spacing: 0; + placeholder-color: Gray; + placeholder: "Type to filter"; +} +prompt { + spacing: 0; + text-color: var(normal-foreground); +} +textbox-prompt-colon { + margin: 0px 0.3000em 0.0000em 0.0000em ; + expand: false; + str: ":"; + text-color: inherit; +} diff --git a/home/work/programs/tmate/.tmate.conf b/home/work/programs/tmate/.tmate.conf new file mode 100644 index 0000000..113073d --- /dev/null +++ b/home/work/programs/tmate/.tmate.conf @@ -0,0 +1,36 @@ +set -g history-limit 50000 +set -g default-terminal "screen-256color" +set -g mouse on +set -sg escape-time 50 + +unbind C-b +set-option -g prefix C-a +bind-key C-a send-prefix +bind h split-window -h +bind v split-window -v +unbind '"' +unbind % +bind r source-file ~/.tmate.conf +bind -n M-Left select-window -p +bind -n M-Right select-window -n +set-option -g allow-rename off +bind -n C-t new-window + +bind -n M-0 select-window -T -t 0 +bind -n M-1 select-window -T -t 1 +bind -n M-2 select-window -T -t 2 +bind -n M-3 select-window -T -t 3 +bind -n M-4 select-window -T -t 4 +bind -n M-5 select-window -T -t 5 +bind -n M-6 select-window -T -t 6 +bind -n M-7 select-window -T -t 7 +bind -n M-8 select-window -T -t 8 +bind -n M-9 select-window -T -t 9 + +set -g status-style bg='#44475a',fg='#bd93f9' +set -g status-interval 1 +set -g message-style bg='#44475a',fg='#8be9fd' +set-window-option -g window-status-style fg='#bd93f9',bg=default +set-window-option -g window-status-current-style fg='#ff79c6',bg='#282a36' +set -g window-status-current-format "#[fg=#44475a]#[bg=#bd93f9]#[fg=#f8f8f2]#[bg=#bd93f9] #I #W #[fg=#bd93f9]#[bg=#44475a]" +set -g window-status-format "#[fg=#f8f8f2]#[bg=#44475a]#I #W #[fg=#44475a]" diff --git a/home/work/programs/tmate/default.nix b/home/work/programs/tmate/default.nix new file mode 100644 index 0000000..124a3a5 --- /dev/null +++ b/home/work/programs/tmate/default.nix @@ -0,0 +1,12 @@ +{pkgs, ...}: { + programs.tmate = { + enable = true; + host = "tmate.hetzner.company"; + port = 10022; + # dsaFingerprint = "SHA256:YspEXM7hBFT+zEcbq9St+V9sj2TCE6lMczdIn+jeZUU"; + # rsaFingerprint = "SHA256:pCOEObNY3ihLZn2k6iIgOUDXS8PX10qz1JPBidrEfgA"; + rsaFingerprint = "SHA256:qILAxjmkvwkqPolJ99qFcnzLg/V5UlfB3q/Z1CDvuWY"; + dsaFingerprint = "SHA256:zGqypd4klAGEGFYPeGlVMy9KJdycFA14rNpk3eD2VZo"; + extraConfig = builtins.readFile ./.tmate.conf; + }; +} diff --git a/home/work/programs/xresources/default.nix b/home/work/programs/xresources/default.nix new file mode 100644 index 0000000..405aa15 --- /dev/null +++ b/home/work/programs/xresources/default.nix @@ -0,0 +1,24 @@ +{...}: { + xresources.properties = { + "XCursor.size" = 16; + "*background" = "#1D1F28"; + "*foreground" = "#FDFDFD"; + "*cursorColor" = "#C574DD"; + "*color0" = "#282A36"; + "*color1" = "#F37F97"; + "*color2" = "#5ADECD"; + "*color3" = "#F2A272"; + "*color4" = "#8897F4"; + "*color5" = "#C574DD"; + "*color6" = "#79E6F3"; + "*color7" = "#FDFDFD"; + "*color8" = "#414458"; + "*color9" = "#FF4971"; + "*color10" = "#18E3C8"; + "*color11" = "#FF8037"; + "*color12" = "#556FFF"; + "*color13" = "#B043D1"; + "*color14" = "#3FDCEE"; + "*color15" = "#BEBEC1"; + }; +} diff --git a/home/work/services/default.nix b/home/work/services/default.nix new file mode 100644 index 0000000..46b5ff2 --- /dev/null +++ b/home/work/services/default.nix @@ -0,0 +1,3 @@ +[ + ./ssh-agent +] diff --git a/home/work/services/ssh-agent/default.nix b/home/work/services/ssh-agent/default.nix new file mode 100644 index 0000000..7b217aa --- /dev/null +++ b/home/work/services/ssh-agent/default.nix @@ -0,0 +1,5 @@ +{...}: { + services.ssh-agent = { + enable = true; + }; +} diff --git a/misc/sudo_lecture b/misc/sudo_lecture new file mode 100644 index 0000000..3c48e09 --- /dev/null +++ b/misc/sudo_lecture @@ -0,0 +1,11 @@ + +  \^V// +  |. .|  I AM (G)ROOT! + - \ - / _ +  \_| |_/ +  \ \ +  __/_/__ + |_______|  With great power comes great responsibility. +  \ /  Use sudo wisely. +  \___/ + diff --git a/modules/modules-list.nix b/modules/modules-list.nix new file mode 100644 index 0000000..bbc991d --- /dev/null +++ b/modules/modules-list.nix @@ -0,0 +1,3 @@ +[ + ./remote.nix +] diff --git a/modules/remote.nix b/modules/remote.nix new file mode 100644 index 0000000..510996f --- /dev/null +++ b/modules/remote.nix @@ -0,0 +1,25 @@ +{lib, ...}: let + inherit (lib) mkOption types; +in { + options.remote = { + ip = mkOption { + type = types.str; + }; + sshUser = mkOption { + type = types.str; + default = "root"; + }; + sshPort = mkOption { + type = types.port; + default = 22; + }; + allowLocalDeployment = mkOption { + type = types.bool; + default = false; + }; + remoteBuild = mkOption { + type = types.bool; + default = true; + }; + }; +} diff --git a/nixos/celestia/configuration.nix b/nixos/celestia/configuration.nix new file mode 100644 index 0000000..658a3e5 --- /dev/null +++ b/nixos/celestia/configuration.nix @@ -0,0 +1,435 @@ +{ + config, + lib, + pkgs, + ... +}: let + makeVirtualHost = { + subdomain, + port, + }: { + name = "${subdomain}.fuckwit.dev"; + value = { + forceSSL = true; + useACMEHost = "fuckwit.dev"; + locations."/" = { + proxyPass = "http://127.0.0.1:${builtins.toString port}"; + proxyWebsockets = true; + }; + }; + }; + + makeVirtualHosts = sites: builtins.listToAttrs (builtins.map makeVirtualHost sites); + + disks = [ + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL232MW7" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22L00W" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL23J3P2" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22LCB4" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL22PG6W" + "/dev/disk/by-id/ata-ST14000NM000G-2KG103_ZL20KVKP" + ]; +in { + sops.defaultSopsFile = ./secrets.yaml; + sops.secrets."acme.env" = {}; + sops.secrets."tailscale-auth-key" = {}; + + imports = [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelParams = [ + "initcall_blacklist=acpi_cpufreq_init" + "amd_pstate=passive" + "libata.force=noncq" + ]; + boot.kernelModules = ["amd-pstate"]; + + system.stateVersion = "23.11"; # Did you read the comment? + networking = { + hostName = "celestia"; + + interfaces.enp5s0f0 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "10.1.1.11"; + prefixLength = 24; + } + ]; + }; + + firewall = { + enable = true; + allowedTCPPorts = [22 111 443 2049 4000 4001 4002 20048]; + allowedUDPPorts = [53 111 2049 4000 4001 4002 20048]; + }; + }; + time.timeZone = "Europe/Berlin"; + + i18n.defaultLocale = "en_US.UTF-8"; + + environment.systemPackages = with pkgs; [ + vim + wget + htop + bash + zfs + lm_sensors + ffmpeg + ]; + + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDl3vLxNpinilTJp1rGsSYlVi+hIa+oECtge1i8bwz33AAAACHNzaDptYWlu" + ]; + + users.groups.nas.gid = 2000; + users.users.nginx.extraGroups = ["acme"]; + + environment = { + etc = { + "sysconfig/lm_sensors".text = '' + HWMON_MODULES="nct6775" + ''; + }; + }; + + security.acme = { + acceptTerms = true; + defaults = { + email = "acme@fuckwit.dev"; + dnsProvider = "cloudflare"; + environmentFile = config.sops.secrets."acme.env".path; + dnsPropagationCheck = true; + }; + + certs."fuckwit.dev" = { + extraDomainNames = ["*.fuckwit.dev"]; + }; + }; + + services = { + tailscale = { + enable = true; + openFirewall = true; + useRoutingFeatures = "both"; + extraUpFlags = ["--advertise-routes=192.168.1.11/32"]; + authKeyFile = config.sops.secrets."tailscale-auth-key".path; + }; + + dnscrypt-proxy2 = { + enable = true; + settings = { + listen_addresses = ["0.0.0.0:53"]; + ipv6_servers = false; + dnscrypt_servers = true; + cloaking_rules = "/var/lib/dnscrypt-proxy/cloaking"; + + sources.dnscry-pt-resolvers = { + urls = ["https://www.dnscry.pt/resolvers.md"]; + minisign_key = "RWQM31Nwkqh01x88SvrBL8djp1NH56Rb4mKLHz16K7qsXgEomnDv6ziQ"; + cache_file = "/var/lib/dnscrypt-proxy/dnscry.pt-resolvers.md"; + refresh_delay = 72; + prefix = "dnscry.pt-"; + }; + }; + }; + + openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + }; + }; + + nfs.server = { + enable = true; + lockdPort = 4001; + mountdPort = 4002; + statdPort = 4000; + extraNfsdConfig = ''''; + }; + + samba = { + enable = true; + openFirewall = true; + extraConfig = "map to guest = bad user"; + shares = { + dump = { + path = "/tank/dump"; + browsable = "yes"; + public = "yes"; + "guest only" = "yes"; + writable = "yes"; + "force create mode" = "0666"; + "force directory mode" = "0777"; + }; + video = { + path = "/tank/video"; + browsable = "yes"; + public = "yes"; + "guest only" = "yes"; + writable = "yes"; + "force create mode" = "0666"; + "force directory mode" = "0777"; + }; + }; + }; + + zfs = { + autoScrub.enable = true; + }; + + nginx = { + enable = true; + virtualHosts = makeVirtualHosts [ + { + subdomain = "jdownloader"; + port = 8000; + } + { + subdomain = "jellyfin"; + port = 8096; + } + { + subdomain = "sonarr"; + port = 8989; + } + { + subdomain = "radarr"; + port = 7878; + } + { + subdomain = "lidarr"; + port = 8686; + } + { + subdomain = "paperless"; + port = 28981; + } + { + subdomain = "homepage"; + port = 8082; + } + ]; + }; + + paperless = { + enable = true; + mediaDir = "/tank/documents"; + consumptionDir = "/tank/dump/paperless_consume"; + consumptionDirIsPublic = true; + + settings = { + PAPERLESS_URL = "https://paperless.fuckwit.dev"; + PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [ + ".DS_STORE/*" + "desktop.ini" + ]; + + PAPERLESS_OCR_LANGUAGE = "deu+eng"; + PAPERLESS_OCR_USER_ARGS = builtins.toJSON { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + }; + }; + + lidarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/lidarr"; + }; + + radarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/radarr"; + }; + + sonarr = { + enable = true; + group = "nas"; + dataDir = "/var/lib/sonarr"; + # package = pkgs.sonarr.override { + # version = "4.0.0.748"; + # src = lib.fetchurl { + # url = "https://download.sonarr.tv/v4/main/${version}/Sonarr.main.${version}.linux-x64.tar.gz"; + # hash = ""; + # }; + # }; + }; + + jellyfin.enable = true; + + homepage-dashboard = { + enable = true; + + settings = { + title = "Homelab"; + theme = "dark"; + + layout = [ + { + Media = { + style = "row"; + columns = 4; + }; + } + ]; + }; + + widgets = [ + { + resources = { + cpu = true; + memory = true; + disk = "/tank"; + }; + } + { + search = { + provider = "duckduckgo"; + target = "_blank"; + }; + } + ]; + + services = [ + { + Media = [ + { + Jellyfin = { + icon = "jellyfin.png"; + href = "https://jellyfin.fuckwit.dev"; + siteMonitor = "https://jellyfin.fuckwit.dev"; + description = "Media library"; + widget = { + type = "jellyfin"; + url = "https://jellyfin.fuckwit.dev"; + key = "d6e4766cda6c412cb4a96626c0f0b51a"; + enableBlocks = true; + enableNowPlaying = false; + }; + }; + } + { + Radarr = { + icon = "radarr.png"; + href = "https://radarr.fuckwit.dev"; + siteMonitor = "https://radarr.fuckwit.dev"; + description = "Media library"; + widget = { + type = "radarr"; + url = "https://radarr.fuckwit.dev"; + key = "01d93b03f6c64a0f9786598b611e58f9"; + }; + }; + } + { + Sonarr = { + icon = "sonarr.png"; + href = "https://sonarr.fuckwit.dev"; + siteMonitor = "https://sonarr.fuckwit.dev"; + description = "Media library"; + widget = { + type = "sonarr"; + url = "https://sonarr.fuckwit.dev"; + key = "c6be6b2d78104a97a2c7df560b27bb5c"; + }; + }; + } + { + Lidarr = { + icon = "lidarr.png"; + href = "https://lidarr.fuckwit.dev"; + siteMonitor = "https://lidarr.fuckwit.dev"; + description = "Media library"; + widget = { + type = "lidarr"; + url = "https://lidarr.fuckwit.dev"; + key = "e95e25ccd6f04ffe8e8ad0ff488231a8"; + }; + }; + } + ]; + } + ]; + }; + }; + + hardware = { + fancontrol = { + enable = true; + config = '' + # Configuration file generated by pwmconfig, changes will be lost + INTERVAL=10 + DEVPATH=hwmon0=devices/platform/nct6775.656 + DEVNAME=hwmon0=nct6779 + FCTEMPS=hwmon0/pwm5=hwmon0/temp2_input hwmon0/pwm3=hwmon0/temp2_input + FCFANS=hwmon0/pwm5=hwmon0/fan5_input hwmon0/pwm3=hwmon0/fan3_input + MINTEMP=hwmon0/pwm5=40 hwmon0/pwm3=40 + MAXTEMP=hwmon0/pwm5=80 hwmon0/pwm3=80 + MINSTART=hwmon0/pwm5=150 hwmon0/pwm3=150 + MINSTOP=hwmon0/pwm5=0 hwmon0/pwm3=0 + MAXPWM=hwmon0/pwm5=150 hwmon0/pwm3=150 + ''; + }; + }; + + virtualisation = { + podman = { + enable = true; + }; + + oci-containers = { + backend = "podman"; + + containers = { + jdownloader = { + image = "docker.io/jlesage/jdownloader-2:latest"; + autoStart = true; + ports = ["0.0.0.0:8000:5800"]; + volumes = [ + "jdownloader_config:/config" + "/tank/dump:/output" + ]; + }; + }; + }; + }; + + powerManagement = { + enable = true; + powerUpCommands = lib.strings.concatMapStringsSep "\n" (disk: "${pkgs.hdparm}/sbin/hdparm -S 241 " + disk) disks; + }; + + systemd.services = let + ensure-perms = path: user: group: { + enable = true; + description = "Ensures permissionsions and ownership of files in ${path}"; + wantedBy = ["multi-user.target"]; + + script = '' + while read -r evt file; do + ${pkgs.coreutils}/bin/chown ${user}:${group} "$file" + ${pkgs.coreutils}/bin/chmod 755 "$file" + done < <(${pkgs.inotify-tools}/bin/inotifywait -e create,move -m -r --format '%e %w%f' ${path}) + ''; + }; + in { + dnscrypt-proxy2.serviceConfig = { + StateDirectory = "dnscrypt-proxy"; + }; + + ensure-radarr-perms = ensure-perms "/tank/video/movie" "radarr" "nas"; + ensure-sonarr-perms = ensure-perms "/tank/video/series" "sonarr" "nas"; + ensure-lidarr-perms = ensure-perms "/tank/audio" "lidarr" "nas"; + }; +} diff --git a/nixos/celestia/hardware-configuration.nix b/nixos/celestia/hardware-configuration.nix new file mode 100644 index 0000000..dc5010a --- /dev/null +++ b/nixos/celestia/hardware-configuration.nix @@ -0,0 +1,58 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; + + boot.initrd = { + availableKernelModules = ["xhci_pci" "ahci" "usbhid" "uas"]; + kernelModules = []; + }; + boot.kernelModules = ["kvm-amd" "nct6775" "coretemp"]; + boot.extraModulePackages = []; + boot.supportedFilesystems = ["zfs"]; + boot.zfs = { + forceImportRoot = false; + extraPools = ["tank"]; + }; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/3652c231-d679-42dd-80f1-e9afccb4ca13"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices = { + cryptroot = { + device = "/dev/disk/by-uuid/6eafb3a6-a7b0-442f-b88c-a3f7021cf0e7"; + allowDiscards = true; + keyFileSize = 4096; + keyFile = "/dev/disk/by-id/usb-Generic_Flash_Disk_D5A325A0-0:0"; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7F60-62AA"; + fsType = "vfat"; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + networking.hostId = "c1309b62"; + # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/celestia/secrets.yaml b/nixos/celestia/secrets.yaml new file mode 100644 index 0000000..2f1e609 --- /dev/null +++ b/nixos/celestia/secrets.yaml @@ -0,0 +1,34 @@ +acme.env: ENC[AES256_GCM,data:VgSJO2Q32csfN0DEH6kTsaN0z/hRa0fRHLUleju+gqBPjoQmZGIQjlLKHzj1Ys3zS591iVRkeYExBGyCPakPIJo=,iv:sOIPofteCvO4Na+z8qw7EjfJ6CEr83kYaonhUCgFwA4=,tag:RhHGyTrmdY4f8QkQ0DhhJw==,type:str] +tailscale-auth-key: ENC[AES256_GCM,data:Rvq2wL9civCoH6acKk3lYIXbVAME+kUmeuQYOTl+rvdb5bFoI5i688qI58ceF47PGKi1jeXe46SkJGJe0iY=,iv:b0kavSFEG40Jxa3yAjttarN5N3nOLEbZYqP3LOXvBrU=,tag:cpgYzoX9L6+1IHnmjfZfQg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1vadwmwh8ckfal7j83gwrwn9324gqufwgkxskznhp9v867amndcwqgp2w6t + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkNWVpTlR4VXFGTDBzVmVx + RVdUaGE4T2ZrY2x6K1d5aXlPTGFsLzBUYkJFCjB2MDJPU3Fzd1I3Q0lOdmJ6UEYr + SHkyYlBCREVkRDgyVWV2WU1GMnBXTmMKLS0tICt1VTJkYU1wZDltSHJ0ZHN3L2sr + K0RaVVNSczZBcDNtaXhGem5iQnlVTDAK+XogkPQD2xYQ7sW8DwAXaaLA/ftw6vZM + wsNs0uun9dgGjZIXcU6AIsrJeUiWBl5zgc6CCd/ad/3QxpmKj1p9Mg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-04-21T19:42:27Z" + mac: ENC[AES256_GCM,data:1LZ/jcx2yOW5OgWYmGlu8ySpOLrvLTmyAc8CrK6gKDeoc/VN5RuRapwkGD6XfgDaUvMCccgcRpyL5QDPPdRw6zzwpW4Ce1hreOoC1zV23TNDuAbn1G+gFjlJ2l5IEY6EZeNoWsOC2ID16HRwls1Bau1+hcWKefFYNVjE3+3l16U=,iv:9FFP84Be7UzfuLz/FnFtvOXmudccMq1jFDGXJUN0t48=,tag:U9SOsMUbHm8hzZnS3yK1Lg==,type:str] + pgp: + - created_at: "2024-01-25T08:00:56Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DMGJRmcuHhnsSAQdASY7ZScb03Yf6R2hOwAhAiIhQIFuplUnWKePZ/x9tpSEw + fkoLDAvuFVVcZnYZ6wqoyhdpNI0XBcH7MIVkcTggVQ/qN2YhkkTpHlXtAmG2c0ML + 1GYBCQIQso1f3sQcwGH9HwjhaZsj+mBO8U81kKZHFlfLXB7C52KPkqekzM9xvkhM + eB7+STUrQExBai7k1Um/RB4DcgE6L6127S5zIGDCxiK/9wKbZ5JOMv9K+J/G89ZD + q8Y7oXwCRl8= + =pbvo + -----END PGP MESSAGE----- + fp: 5FA64909521A5C85992F26E0F819AEFF941BB849 + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/nixos/configurations.nix b/nixos/configurations.nix new file mode 100644 index 0000000..9ca9f3e --- /dev/null +++ b/nixos/configurations.nix @@ -0,0 +1,106 @@ +{ + self, + nixpkgs, + nixpkgs-stable, + sops-nix, + home-manager, + lanzaboote, + simple-nixos-mailserver, + inputs, + ... +}: let + customModules = import ../modules/modules-list.nix; + customPkgs = self.packages; + baseModules = [ + {_module.args.inputs = inputs;} + { + imports = [ + ({pkgs, ...}: { + nix = { + nixPath = ["nixpkgs=${pkgs.path}"]; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than +4"; + }; + + package = pkgs.nixVersions.stable; + + settings = { + auto-optimise-store = true; + experimental-features = ["nix-command" "flakes"]; + keep-outputs = true; + keep-derivations = true; + }; + }; + }) + ]; + } + sops-nix.nixosModules.sops + ]; + defaultModules = baseModules ++ customModules; + myNixosSystem = { + np, + ip, + system, + file, + remoteBuild ? true, + sshPort ? 22, + sshUser ? "root", + allowLocalDeployment ? false, + additionalModules ? [], + }: + np.lib.nixosSystem { + inherit system; + specialArgs = {mypkgs = customPkgs."${system}";}; + modules = + defaultModules + ++ [ + { + remote = { + inherit ip sshUser sshPort allowLocalDeployment remoteBuild; + }; + } + {nixpkgs.system = "${system}";} + ] + ++ additionalModules + ++ [file]; + }; +in { + nixos = myNixosSystem { + np = nixpkgs; + system = "x86_64-linux"; + ip = "127.0.0.1"; + allowLocalDeployment = true; + file = ./laptop/configuration.nix; + }; + + framework = myNixosSystem { + np = nixpkgs; + system = "x86_64-linux"; + ip = "127.0.0.1"; + allowLocalDeployment = true; + file = ./framework/configuration.nix; + additionalModules = [ + lanzaboote.nixosModules.lanzaboote + ]; + }; + + celestia = myNixosSystem { + np = nixpkgs; + system = "x86_64-linux"; + ip = "192.168.1.11"; + # remoteBuild = false; + file = ./celestia/configuration.nix; + }; + + primordial = myNixosSystem { + np = nixpkgs; + system = "aarch64-linux"; + ip = "159.69.53.14"; + file = ./primordial/configuration.nix; + additionalModules = [ + simple-nixos-mailserver.nixosModules.mailserver + ]; + }; +} diff --git a/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc b/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc new file mode 100644 index 0000000..4c85e4c --- /dev/null +++ b/nixos/framework/5FA64909521A5C85992F26E0F819AEFF941BB849.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: 5FA6 4909 521A 5C85 992F 26E0 F819 AEFF 941B B849 +Comment: Patrick Michl + +xjMEZVznURYJKwYBBAHaRw8BAQdAY6kEvvqAX6UfHbBiOJu0GHbToHcC2zXWpV7G +u86g+5TNHlBhdHJpY2sgTWljaGwgPG1lQGZ1Y2t3aXQuZGV2PsKTBBMWCgA7FiEE +X6ZJCVIaXIWZLybg+Bmu/5QbuEkFAmVc51ECGwMFCwkIBwICIgIGFQoJCAsCBBYC +AwECHgcCF4AACgkQ+Bmu/5QbuElnEQD/SoMuzgedYlqAdbHTRh1ckGK62tJIXISo +hXC4tAVkAEkA/28Sc/eMdVHlQcMlBqDlmmIK8MbYQ5qD+5xh6Qf9+94EzjMEZVzn +URYJKwYBBAHaRw8BAQdAX8YZ1V9Yd0W15YkjxMaKYS0ZWmLXWcuUu4g/nOufxyDC +eAQYFgoAIBYhBF+mSQlSGlyFmS8m4PgZrv+UG7hJBQJlXOdRAhsgAAoJEPgZrv+U +G7hJVocA/1nNMexPp/+zvAO7vaAusdiZ+9gbFSuvNRRIj5+o53YaAP0Qa9UalO0X +qjhXRY27M7eS9lN9ZR+Bj2YOv0aZkNz9B844BGVc51ESCisGAQQBl1UBBQEBB0AW +CcU49wTZxSOZ3SvxcqZ6yQfwiu+MjfbHPkVlXv1qJQMBCAfCdwQYFgoAIBYhBF+m +SQlSGlyFmS8m4PgZrv+UG7hJBQJlXOdRAhsMAAoJEPgZrv+UG7hJd6MBAI20ZORk +PfJmDRcMaxKpfbqnfe/f2rFF9jtxc4200gE/APjH9sJAnaz6La70XDf0FpqjEavs +dPn9K5o/FCiNKroN +=u7c7 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/nixos/framework/configuration.nix b/nixos/framework/configuration.nix new file mode 100644 index 0000000..3d6044e --- /dev/null +++ b/nixos/framework/configuration.nix @@ -0,0 +1,132 @@ +{ + config, + pkgs, + lib, + mypkgs, + ... +}: { + imports = [./hardware-configuration.nix]; + + boot.bootspec.enable = true; + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_6_9; + + nixpkgs.config.allowUnfree = true; + + system.stateVersion = "23.11"; # Did you read the comment? + networking = { + hostName = "framework"; + search = ["1.1.1.1" "1.0.0.1" "8.8.8.8"]; + networkmanager.enable = true; + }; + + time.timeZone = "Europe/Berlin"; + i18n.defaultLocale = "en_US.UTF-8"; + + hardware.graphics = { + enable = true; + extraPackages = [pkgs.vaapiVdpau]; + }; + + hardware.bluetooth.enable = true; + + security.pam.services.swaylock = {}; + + fonts.packages = with pkgs; [ + font-awesome + (nerdfonts.override {fonts = ["FiraMono"];}) + mypkgs.comic-mono + ]; + + services = { + illum.enable = true; + fwupd.enable = true; + fprintd.enable = false; # currently broken + pcscd.enable = true; + tlp = { + enable = true; + settings = { + # AC + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_MIN_PERF_ON_AC = 0; + CPU_MAX_PERF_ON_AC = 100; + + # BAT + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + CPU_MIN_PERF_ON_BAT = 0; + CPU_MAX_PERF_ON_BAT = 50; + }; + }; + + openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + }; + }; + + xserver = { + enable = true; + xkb.layout = "us"; + videoDrivers = ["amdgpu"]; + + desktopManager = { + xterm.enable = false; + gnome.enable = false; + plasma5.enable = false; + }; + + displayManager = { + gdm = { + enable = true; + wayland = true; + }; + }; + }; + + logind = { + lidSwitch = "suspend"; + lidSwitchDocked = "ignore"; + lidSwitchExternalPower = "ignore"; + extraConfig = "HoldoffTimeoutSec=300s"; + }; + }; + + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services.blueman.enable = true; + services.libinput.enable = true; + + users.users.patrick = { + isNormalUser = true; + extraGroups = ["wheel"]; + }; + + environment.systemPackages = with pkgs; [ + vim + wget + curl + htop + podman + pinentry + qemu + OVMF + ]; + + programs = { + hyprland.enable = true; + gnupg.agent.enable = true; + }; +} diff --git a/nixos/framework/hardware-configuration.nix b/nixos/framework/hardware-configuration.nix new file mode 100644 index 0000000..149cd48 --- /dev/null +++ b/nixos/framework/hardware-configuration.nix @@ -0,0 +1,51 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "uas" "sd_mod"]; + boot.initrd.kernelModules = ["amdgpu"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/87481706-b924-4987-b8c5-ab6a70b2c3c6"; + fsType = "ext4"; + }; + + boot.initrd.luks.gpgSupport = true; + boot.initrd.luks.devices.cryptroot = { + device = "/dev/disk/by-uuid/4b2ec3e2-2e6b-4a5a-923c-08ac3bf2d24e"; + gpgCard = { + publicKey = ./5FA64909521A5C85992F26E0F819AEFF941BB849.asc; + gracePeriod = 15; + encryptedPass = ./key.gpg; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/63B5-8D33"; + fsType = "vfat"; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp193s0f3u1c2.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/framework/key.gpg b/nixos/framework/key.gpg new file mode 100644 index 0000000..ba303d5 Binary files /dev/null and b/nixos/framework/key.gpg differ diff --git a/nixos/laptop/configuration.nix b/nixos/laptop/configuration.nix new file mode 100644 index 0000000..17c9ca2 --- /dev/null +++ b/nixos/laptop/configuration.nix @@ -0,0 +1,211 @@ +{ + config, + lib, + pkgs, + mypkgs, + inputs, + ... +}: { + imports = [./hardware-configuration.nix]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.initrd.luks.devices = { + cryptlvm = { + device = "/dev/disk/by-uuid/1b3b8818-6085-4dd3-ab5e-c97cc49d2773"; + allowDiscards = true; + preLVM = true; + }; + }; + boot.kernelPackages = pkgs.linuxPackages_6_8; + + i18n.defaultLocale = "en_US.UTF-8"; + time.timeZone = "Europe/Berlin"; + + hardware = { + bluetooth.enable = true; + graphics.enable = true; + + printers = { + ensureDefaultPrinter = "Kyocera_FS-1370DN"; + + ensurePrinters = [ + { + name = "Kyocera_FS-1370DN"; + location = "HWLAB_DC3"; + deviceUri = "socket://10.3.32.10"; + model = "Kyocera/Kyocera_FS-1370DN.ppd"; + } + ]; + }; + }; + + networking = { + useDHCP = false; + networkmanager = { + enable = true; + plugins = with pkgs; [ + networkmanager-openvpn + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + vim + wget + ]; + + networking.firewall.enable = false; + + services = { + blueman.enable = true; + fprintd.enable = true; + illum.enable = true; + tlp.enable = true; + libinput.enable = true; + + udev.extraRules = '' + KERNEL=="hidraw*", ATTRS{idVendor}=="3297", MODE="0664", GROUP="plugdev" + # Keymapp Flashing rules for the ZSA Voyager + SUBSYSTEMS=="usb", ATTRS{idVendor}=="3297", MODE:="0666", SYMLINK+="ignition_dfu" + ''; + + printing = { + enable = true; + drivers = [ + mypkgs.cups-kyocera-fs1370dn + ]; + }; + + openssh = { + enable = true; + ports = [222]; + openFirewall = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + KbdInteractiveAuthentication = false; + }; + hostKeys = [ + { + path = "/etc/ssh/ssh_host_ed25519_key"; + type = "ed25519"; + } + ]; + }; + + logind = { + lidSwitch = "suspend"; + lidSwitchDocked = "ignore"; + lidSwitchExternalPower = "ignore"; + extraConfig = '' + HoldoffTimeoutSec=300s + ''; + }; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + xserver = { + enable = true; + + # windowManager.awesome = { + # enable = true; + # package = pkgs.callPackage ../../overrides/awesome.nix {}; + # }; + + displayManager = { + # sddm.enable = true; + # defaultSession = "none+awesome"; + gdm = { + enable = true; + wayland = true; + }; + }; + }; + + clamav = { + daemon.enable = true; + updater.enable = true; + }; + }; + + # services.jupyter = { + # enable = true; + # package = pkgs.jupyter-all; + # command = "jupyter-lab"; + # group = "users"; + # password = "'$argon2i$v=19$m=4096,t=3,p=1$a2pzamhrdjgzaGtzZGZoZGY4NzcydWhkZnM$fuPanvCWOsPNpBjyLaBz3YRRzmSSdpp8kaYJAyEPtWA'"; + # kernels = let + # juliaEnv = pkgs.julia_19-bin.withPackages ["IJulia" "Plots"]; + # ijulia = builtins.readFile ( + # pkgs.runCommand "${juliaEnv.name}-ijulia-pkgdir" + # { + # buildInputs = [juliaEnv]; + # } '' + # ${juliaEnv}/bin/julia -e 'using IJulia; print(pkgdir(IJulia))' >$out + # '' + # ); + # in { + # ijulia = { + # displayName = "Julia ${juliaEnv.julia.version}"; + # argv = [ + # "${juliaEnv}/bin/julia" + # "-i" + # "--color=yes" + # "${ijulia}/src/kernel.jl" + # "{connection_file}" + # ]; + # language = "julia"; + # interruptMode = "signal"; + # logo32 = "${ijulia}/deps/logo-32x32.png"; + # logo64 = "${ijulia}/deps/logo-64x64.png"; + # }; + # }; + # }; + + # # systemd.services.jupyter.environment.JUPYTER_DATA_DIR = builtins.toString (pkgs.jupyter-kernel.create { + # # definitions = config.services.jupyter.kernels; + # # }); + # systemd.services.jupyter.environment.JUPYTER_DATA_DIR = ".jupyter/data"; + # systemd.services.jupyter.environment.JUPYTER_RUNTIME_DIR = "/var/lib/jupyter/.local/share/jupyter/runtime"; + + security.sudo.configFile = '' + Defaults lecture=always + Defaults lecture_file=${../../misc/sudo_lecture} + ''; + security.pam.services.swaylock = {}; + + fonts.packages = with pkgs; [ + font-awesome + (nerdfonts.override {fonts = ["FiraMono"];}) + mypkgs.comic-mono + ]; + + programs.fish.enable = true; + programs.hyprland.enable = true; + + users.groups.plugdev = {}; + users.users.patrick = { + isNormalUser = true; + extraGroups = ["networkmanager" "wheel" "plugdev" "jupyter"]; + shell = pkgs.bashInteractive; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick" + ]; + }; + + virtualisation.podman.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? +} diff --git a/nixos/laptop/hardware-configuration.nix b/nixos/laptop/hardware-configuration.nix new file mode 100644 index 0000000..4c6d9f4 --- /dev/null +++ b/nixos/laptop/hardware-configuration.nix @@ -0,0 +1,46 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "rtsx_pci_sdmmc"]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/a43c3c5f-5d24-485a-a6a0-ae5c9f984e72"; + fsType = "ext4"; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/9ea5cd0a-2b78-4bf1-a8b2-e00cf495271a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/A060-5378"; + fsType = "vfat"; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/primordial/configuration.nix b/nixos/primordial/configuration.nix new file mode 100644 index 0000000..b85f387 --- /dev/null +++ b/nixos/primordial/configuration.nix @@ -0,0 +1,288 @@ +{ + config, + pkgs, + ... +}: let + mkWellKnown = data: '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; +in { + sops.defaultSopsFile = ./secrets.yaml; + sops.secrets."gitea.env" = {}; + sops.secrets."keycloak_db_pw" = {}; + + imports = [ + ./mail.nix + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking = { + hostName = "primordial"; + + interfaces.enp1s0 = { + ipv6.addresses = [ + { + address = "2a01:4f8:c010:b448::"; + prefixLength = 64; + } + ]; + }; + + defaultGateway6 = { + address = "fe80::1"; + interface = "enp1s0"; + }; + + firewall = { + enable = true; + allowedTCPPorts = [80 443]; + }; + }; + + time.timeZone = "Europe/Berlin"; + + i18n.defaultLocale = "en_US.UTF-8"; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "huanzodev@gmail.com"; + + services = { + openssh = { + enable = true; + ports = [22]; + openFirewall = true; + settings = { + PermitRootLogin = "yes"; + PasswordAuthentication = false; + }; + }; + + postgresql = { + enable = true; + ensureDatabases = ["matrix-synapse"]; + ensureUsers = [ + { + name = "matrix-synapse"; + ensureDBOwnership = true; + } + ]; + authentication = pkgs.lib.mkOverride 10 '' + #type database DBuser auth-method + local all all trust + host all all 127.0.0.1/32 md5 + ''; + }; + + matrix-synapse = { + enable = true; + settings.server_name = "fuckwit.dev"; + # The public base URL value must match the `base_url` value set in `clientConfig` above. + # The default value here is based on `server_name`, so if your `server_name` is different + # from the value of `fqdn` above, you will likely run into some mismatched domain names + # in client applications. + settings.public_baseurl = "https://matrix.fuckwit.dev"; + settings.listeners = [ + { + port = 8005; + bind_addresses = ["127.0.0.1"]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = ["client" "federation"]; + compress = true; + } + ]; + } + ]; + }; + + nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts."fuckwit.dev" = let + serverConfig."m.server" = "matrix.fuckwit.dev:443"; + clientConfig."m.homeserver".base_url = "https://matrix.fuckwit.dev:443"; + in { + enableACME = true; + forceSSL = true; + # This section is not needed if the server_name of matrix-synapse is equal to + # the domain (i.e. example.org from @foo:example.org) and the federation port + # is 8448. + # Further reference can be found in the docs about delegation under + # https://element-hq.github.io/synapse/latest/delegate.html + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + # This is usually needed for homeserver discovery (from e.g. other Matrix clients). + # Further reference can be found in the upstream docs at + # https://spec.matrix.org/latest/client-server-api/#getwell-knownmatrixclient + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + }; + + virtualHosts."matrix.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + # It's also possible to do a redirect here or something else, this vhost is not + # needed for Matrix. It's recommended though to *not put* element + # here, see also the section about Element. + locations."/".extraConfig = '' + return 404; + ''; + # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash + # *must not* be used here. + locations."/_matrix".proxyPass = "http://127.0.0.1:8005"; + # Forward requests for e.g. SSO and password-resets. + locations."/_synapse/client".proxyPass = "http://127.0.0.1:8005"; + }; + + virtualHosts."vault.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8000"; + }; + }; + + virtualHosts."git.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8001"; + }; + }; + + virtualHosts."grafana.fuckwit.dev" = { + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8002"; + proxyWebsockets = true; + }; + }; + + virtualHosts."influx.fuckwit.dev" = { + enableACME = true; + addSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8003"; + proxyWebsockets = true; + }; + }; + + virtualHosts."sso.fuckwit.dev" = { + enableACME = true; + addSSL = true; + + locations."/" = { + proxyPass = "http://127.0.0.1:8004"; + proxyWebsockets = true; + }; + }; + + # virtualHosts."drone.fuckwit.dev" = { + # enableACME = true; + # addSSL = true; + + # locations."/" = { + # proxyPass = "http://127.0.0.1:8004"; + # proxyWebsockets = true; + # }; + # }; + }; + + vaultwarden = { + enable = true; + + config = { + DOMAIN = "https://vault.fuckwit.dev"; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8000; + SIGNUPS_ALLOWED = false; + }; + }; + + gitea = { + enable = true; + + settings.service.DISABLE_REGISTRATION = true; + settings.actions.ENABLED = true; + settings.server = { + DOMAIN = "git.fuckwit.dev"; + ROOT_URL = "https://git.fuckwit.dev"; + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 8001; + }; + lfs.enable = true; + }; + + grafana = { + enable = true; + + settings.server = { + domain = "grafana.fuckwit.dev"; + http_addr = "127.0.0.1"; + http_port = 8002; + }; + }; + + influxdb2 = { + enable = true; + + settings = { + http-bind-address = "127.0.0.1:8003"; + }; + }; + + keycloak = { + enable = true; + + database = { + type = "postgresql"; + createLocally = true; + passwordFile = config.sops.secrets."keycloak_db_pw".path; + }; + + settings = { + hostname = "sso.fuckwit.dev"; + http-host = "127.0.0.1"; + http-port = 8004; + proxy = "edge"; + }; + }; + + # drone-server = { + # enable = true; + # config = { + # giteaServer = "https://git.fuckwit.dev"; + # serverHost = "drone.fuckwit.dev"; + # serverPort = ":8004"; + # serverProto = "https"; + # }; + # environmentFile = config.sops.secrets."gitea.env".path; + # }; + }; + + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDl3vLxNpinilTJp1rGsSYlVi+hIa+oECtge1i8bwz33AAAACHNzaDptYWlu" + ]; + + system.stateVersion = "23.05"; +} diff --git a/nixos/primordial/hardware-configuration.nix b/nixos/primordial/hardware-configuration.nix new file mode 100644 index 0000000..8d1e602 --- /dev/null +++ b/nixos/primordial/hardware-configuration.nix @@ -0,0 +1,53 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = []; + + boot.initrd = { + availableKernelModules = ["virtio_pci" "usbhid" "sd_mod" "sr_mod" "virtio_scsi"]; + kernelModules = ["dm-snapshot"]; + + network.enable = true; + network.ssh = { + enable = true; + port = 222; + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick@NBG1-DC3-PC20-2017-10-24" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPflDQOANGhgtfo2psRwSFtY5ETHX/bsDmqrho3iX9jt root@arschlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6oGHBFD3wo16buPtdYDat911gydOw2oFj80fTXL1xo batzi@DESKTOP-8A2VTHL" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICK3otGMe8umxxJX5BbbBQ/+PQg37Puh0qjH8IILL95T patrick@mi" + ]; + hostKeys = ["/etc/secrets/initrd/ssh_host_ed25519_key"]; + }; + + luks.devices = { + cryptroot = { + device = "/dev/disk/by-uuid/9f88803e-558d-4819-a223-df88396071fe"; + preLVM = true; + }; + }; + }; + + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/1837e2be-189b-49be-b518-8b2bbc49e27e"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7E04-4E21"; + fsType = "vfat"; + }; + + swapDevices = []; + + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +} diff --git a/nixos/primordial/mail.nix b/nixos/primordial/mail.nix new file mode 100644 index 0000000..b11b6c6 --- /dev/null +++ b/nixos/primordial/mail.nix @@ -0,0 +1,20 @@ +{ + config, + pkgs, + ... +}: { + mailserver = { + enable = true; + fqdn = "mail.fuckwit.dev"; + domains = ["fuckwit.dev"]; + + loginAccounts = { + "me@fuckwit.dev" = { + hashedPassword = "$2b$05$Wl7pyRXrNBaUSuufqor9ZuJWeXxRaF.6kpbvHoxEp3i65Lnu5Yyg."; + catchAll = ["fuckwit.dev"]; + }; + }; + + certificateScheme = "acme-nginx"; + }; +} diff --git a/nixos/primordial/secrets.yaml b/nixos/primordial/secrets.yaml new file mode 100644 index 0000000..ae9d9b1 --- /dev/null +++ b/nixos/primordial/secrets.yaml @@ -0,0 +1,34 @@ +gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zrPLu8HdoryneRro58d7D9Cao9x+n5SvYNfGwHPgDJG8saXTeyEffIWIKNC+5+8fjiWwIkAvstckmZjSLitVxcwhifs49jmZgW/xQBPEPiAHzVkjeueV7p/Jm9WgyD2ycPrKUvNEYJ6DWZqQq9r10Y/KsRZsvRzF2cp6YeX7YGjW7E2wuQz9yy8gOFHxmoJxAc4zM7XaKZWKtow1UPCjTtxiY7qRkWK7KQt21Xf3FCsU=,iv:qQv7hbqh3Kl6sE/XW37D9AbYt4gLJw5BnfbbLIkzOd4=,tag:g6Cecvdb67W01HvIULNzsQ==,type:str] +keycloak_db_pw: ENC[AES256_GCM,data:1oBqzpFokAmjkT770YKYwzCllaGTprtDR9W4B/+V6ZUXPhJ1R9DNWZHqpQ==,iv:dK36GBiDj12HVjUkZqTVk/rR6s1sf6dmQTk1ZJQwi+I=,tag:6Ix9QSf+A0U82sG0z8wSmw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age12u7ayy2q5dps2pcpc6z7962pz07jxv3tt03hna6jyumlu4fdjvtqdg2n3e + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzdzZwcllIMEwwVXFlVDVi + WjJOUmlKbVRmWllpWnhtdWZJclBxM2o2bFRNCmo3citJUTFPS2x0ekVZSnIzRkRI + VFgrenZDbTZFbm1wS0pLU2swVnhVNlkKLS0tIGhTWnpEZElSc2RJTWNTaWV0TjhG + V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy + GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-03-25T19:17:29Z" + mac: ENC[AES256_GCM,data:Qnou0/umwMX2XD7gDF6SceFI5tLjOO30OVhFSXhxc2yuFj/gB0R1bPplLm5j/wmxfRQDvvm2zLgGFMqt+8i4Z+6OYgbuwFcv4FR2E001aWVj1zh+F8pRZVTxqnsvegoKWQwoXkhZe5S/fjX9N09SMYhBkjLUh9fboGXajEpDws8=,iv:hTQgeyli/MPaUVxJSzhDK+ssxv78w7hRBtQ1pnZGASg=,tag:HDKQ2duHMYvGa74Vp0fIjw==,type:str] + pgp: + - created_at: "2024-01-25T11:10:44Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4DMGJRmcuHhnsSAQdAzUIeSKtxy9kMAxDPoaY3n6avZ6DgxInoP3PjyrTgERww + 7D6dPyaBVNIVKR54ZNYfMtPDescbDV4W3c3MI+eTsi76BqbFEdLHfShlKcWy9FZ1 + 1GgBCQIQRMPHNYC1ef7LAasDcVtWsSfakMk1RQ8FmOPPXLdRJQUAqBJ6gwJG6f+V + oXE5qUuvVjEvZzIxuhmVBb+mlLRq4UVW6brjH65Gfh8ofXWzHmLLXbEHI31HUc4e + 7GBBHbB8U36bxQ== + =VHqv + -----END PGP MESSAGE----- + fp: 5FA64909521A5C85992F26E0F819AEFF941BB849 + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/outputs.nix b/outputs.nix new file mode 100644 index 0000000..8e71c12 --- /dev/null +++ b/outputs.nix @@ -0,0 +1,62 @@ +{ + self, + flake-utils, + nixpkgs, + nurpkgs, + deploy, + home-manager, + ... +} @ inputs: +(flake-utils.lib.eachDefaultSystem (system: let + pkgs = nixpkgs.legacyPackages.${system}; +in { + packages = import ./pkgs {inherit pkgs;}; + + devShell = pkgs.callPackage ./shell.nix { + # inherit (deploy.packages.${system}) deploy-rs; + inherit (home-manager.packages.${system}) home-manager; + }; + + formatter = pkgs.alejandra; +})) +// { + homeConfigurations = import ./home/configurations.nix (inputs // {inherit inputs;}); + + nixosConfigurations = import ./nixos/configurations.nix (inputs // {inherit inputs;}); + + colmena = + { + meta = { + # Default nixpkgs + nixpkgs = nixpkgs.legacyPackages.x86_64-linux; + # Per Node nixpkgs override + nodeNixpkgs = builtins.mapAttrs (name: value: value.pkgs) self.nixosConfigurations; + # Per Node additional specialArgs + nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) self.nixosConfigurations; + }; + } + // builtins.mapAttrs (name: value: { + deployment = { + targetHost = value.config.remote.ip; + targetPort = value.config.remote.sshPort; + buildOnTarget = value.config.remote.remoteBuild; + inherit (value.config.remote) allowLocalDeployment; + }; + imports = value._module.args.modules; + }) + self.nixosConfigurations; + + # deploy.nodes = + # builtins.mapAttrs (name: value: { + # hostname = value.config.remote.ip; + # profiles.system = { + # sshUser = value.config.remote.sshUser; + # sshOpts = ["-p" (builtins.toString value.config.remote.sshPort)]; + # remoteBuild = value.config.remote.remoteBuild; + # path = deploy.lib.x86_64-linux.activate.nixos value; + # }; + # }) + # self.nixosConfigurations; + + # checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy.lib; +} diff --git a/overrides/awesome.nix b/overrides/awesome.nix new file mode 100644 index 0000000..7428f6e --- /dev/null +++ b/overrides/awesome.nix @@ -0,0 +1,25 @@ +{ + pkgs, + lib, + fetchFromGitHub, + ... +}: let + myAwesome = pkgs.awesome.overrideAttrs (old: { + patches = []; + + cmakeFlags = + old.cmakeFlags + ++ [ + "-DGENERATE_DOC=OFF" + "-DGENERATE_MANPAGES=OFF" + ]; + + src = fetchFromGitHub { + owner = "awesomewm"; + repo = "awesome"; + rev = "b54e50ad6cfdcd864a21970b31378f7c64adf3f4"; + sha256 = "sha256-yDXC1PT5r0V6bbyk/Y6oBxvHE74q96cGKlo3C3OUobE="; + }; + }); +in + myAwesome diff --git a/pkgs/comic-mono/default.nix b/pkgs/comic-mono/default.nix new file mode 100644 index 0000000..8a6137e --- /dev/null +++ b/pkgs/comic-mono/default.nix @@ -0,0 +1,43 @@ +{ + pkgs, + lib, + fetchFromGitHub, + fetchurl, + ... +}: +pkgs.stdenv.mkDerivation rec { + name = "Comic Mono Patched"; + version = "0.0.1"; + + src = fetchFromGitHub { + owner = "dtinth"; + repo = "comic-mono-font"; + rev = "9a96d04cdd2919964169192e7d9de5012ef66de4"; + sha256 = "sha256-q8NxrluWuH23FfRlntIS0MDdl3TkkGE7umcU2plS6eU="; + }; + + fontpatcher = fetchurl { + url = "https://github.com/ryanoasis/nerd-fonts/releases/download/v2.3.3/FontPatcher.zip"; + sha256 = "sha256-mfKA6hwQ158i+cZ41qEUfKBpsGKfONkM8/BNys6PPg0="; + }; + + nativeBuildInputs = with pkgs; [ + python39 + python39Packages.fontforge + pkgs.unzip + ]; + + phases = ["buildPhase"]; + + buildPhase = '' + unzip ${fontpatcher} + mkdir -p $out/share/fonts + + for font in ${src}/*.ttf; do + fontforge -script font-patcher $font --quiet -out $out/share/fonts + done + + mkdir -p $out/etc/fonts/conf.d + ln -s ${./weight.conf} $out/etc/fonts/conf.d/30-comic-mono.conf + ''; +} diff --git a/pkgs/comic-mono/weight.conf b/pkgs/comic-mono/weight.conf new file mode 100644 index 0000000..97cfa3d --- /dev/null +++ b/pkgs/comic-mono/weight.conf @@ -0,0 +1,14 @@ + + + + + + + + Comic Mono + + + book + + + diff --git a/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd b/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd new file mode 100644 index 0000000..0873408 --- /dev/null +++ b/pkgs/cups-kyocera-fs1370dn/Kyocera_FS-1370DN.ppd @@ -0,0 +1,786 @@ +*PPD-Adobe: "4.3" +*%============================================================================= +*% +*% PPD file for Kyocera FS-1370DN (English) +*% Linux Version +*% +*% Copyright (C) 2009 KYOCERA CORPORATION. +*% Copyright (C) 2007 Revised Edition KYOCERA MITA CORPORATION. +*% +*% Permission is granted for redistribution of this file as long as this +*% copyright notice is intact and the contents of the file are not altered +*% in any way from their original form. +*% +*% Permission is hereby granted, free of charge, to any person obtaining +*% a copy of this software and associated documentation files (the +*% "Software"), to deal in the Software without restriction, including +*% without limitation the rights to use, copy, modify, merge, publish, +*% distribute, sublicense, and/or sell copies of the Software, and to +*% permit persons to whom the Software is furnished to do so, subject to +*% the following conditions: +*% +*% The above copyright notice and this permission notice shall be +*% included in all copies or substantial portions of the Software. +*% +*% THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +*% EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +*% MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +*% NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +*% LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +*% OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +*% WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*% +*% [this is the MIT open source license -- see www.opensource.org] +*% +*%============================================================================= + +*FileVersion: "8.4" +*FormatVersion: "4.3" +*LanguageEncoding: ISOLatin1 +*LanguageVersion: English +*Product: "(FS-1370DN)" +*PSVersion: "(3011.103) 1" +*Manufacturer: "Kyocera" +*ModelName: "Kyocera FS-1370DN KPDL" +*ShortNickName: "Kyocera FS-1370DN (KPDL)" +*NickName: "Kyocera FS-1370DN (KPDL)" +*PCFileName: "KC1370EE.PPD" + +*% Basic Device Capabilities +*LanguageLevel: "3" +*ColorDevice: False +*DefaultColorSpace: Gray +*TTRasterizer: Type42 +*?TTRasterizer: " + save + 42 /FontType resourcestatus + { pop pop (Type42) }{ (None) } ifelse + = flush restore" +*End + +*Throughput: "35" + +*% System Management +*SuggestedJobTimeout: "0" +*SuggestedManualFeedTimeout: "0" +*SuggestedWaitTimeout: "120" +*PrintPSErrors: True + +*Password: "0" + +*ExitServer: " + count 0 eq {true} + {dup statusdict /checkpassword get exec not} ifelse + {(WARNING : Cannot perform the exitserver command.) = + (Password supplied is not valid.) = + (Please contact the author of this software.) = flush quit} if + serverdict /exitserver get exec" +*End + +*Reset: " + count 0 eq { true } + {dup statusdict /checkpassword get exec not} ifelse + {(WARNING : Cannot perform the exitserver command.) = + (Password supplied is not valid.) = + (Please contact the author of this software.) = flush quit} if + serverdict /exitserver get exec + systemdict /quit get exec + (WARNING : Printer Reset Failed.) = flush" +*End + +*% Protocols +*Protocols: PJL TBCP + +*1284Modes Parallel: Compat Nibble ECP +*1284DeviceID: "MFG:Kyocera;MODEL:Kyocera FS-1370DN;COMMAND SET: POSTSCRIPT,PJL,PCL" + +*% JCL Information +*JCLBegin: "<1B>%-12345X@PJL JOB<0A>" +*JCLToPSInterpreter: "@PJL ENTER LANGUAGE=POSTSCRIPT<0A>" +*JCLEnd: "<1B>%-12345X@PJL EOJ<0A><1B>%-12345X" + +*% Installable Options +*OpenGroup: InstallableOptions/Installed Options + +*% Paper Feeders +*OpenUI *Option8/Paper Feeders: PickOne +*DefaultOption8: None +*Option8 None/Not Installed: "" +*Option8 One/One: "" +*Option8 Two/Two: "" +*?Option8: " + save + (None) currentpagedevice dup /InputAttributes known { + /InputAttributes get + dup 1 known {dup 1 get null ne {exch pop (One) exch} if} if + dup 4 known {dup 4 get null ne {exch pop (Two) exch} if} if + } if pop + = flush restore" +*End +*CloseUI: *Option8 + +*% Disk Drive +*OpenUI *Option18/Optional Disk: PickOne +*DefaultOption18: None +*Option18 None/Not Installed: "" +*Option18 RAMDisk/RAM Disk: "" +*?Option18: " + save + false + (%disk?%) + {currentdevparams dup /Writeable known + {dup /Writeable get + {exch pop /LogicalSize get dup 0 gt exch 950000 lt eq true}{pop pop false} ifelse + }{pop pop} ifelse + } 100 string /IODevice resourceforall + {{(RAMDisk)}{(HardDisk)} ifelse}{(None)} ifelse + = flush restore" +*End +*CloseUI: *Option18 + +*% Installed Memory +*% Not supported + +*CloseGroup: InstallableOptions + + +*% Virtual Memory +*FreeVM: "32000000" + +*% Constraints +*UIConstraints: *Option8 None *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *Option8 None +*UIConstraints: *Option8 None *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *Option8 None +*UIConstraints: *Option8 One *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *Option8 One +*NonUIConstraints: *Duplex *CustomPageSize True +*NonUIConstraints: *CustomPageSize True *Duplex +*UIConstraints: *Option18 None *KCCollate On +*UIConstraints: *KCCollate On *Option18 None +*UIConstraints: *PageSize B6 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot Internal +*UIConstraints: *InputSlot Internal *PageRegion EnvDL +*UIConstraints: *PageSize A6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize A6 +*UIConstraints: *PageRegion A6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion A6 +*UIConstraints: *PageSize B6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion EnvDL +*UIConstraints: *PageSize Statement *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageSize Statement +*UIConstraints: *PageRegion Statement *InputSlot PF100A +*UIConstraints: *InputSlot PF100A *PageRegion Statement +*UIConstraints: *PageSize A6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize A6 +*UIConstraints: *PageRegion A6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion A6 +*UIConstraints: *PageSize B6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize B6 +*UIConstraints: *PageRegion B6 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion B6 +*UIConstraints: *PageSize EnvPersonal *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvPersonal +*UIConstraints: *PageSize Env9 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Env9 +*UIConstraints: *PageRegion Env9 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Env9 +*UIConstraints: *PageSize Env10 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Env10 +*UIConstraints: *PageRegion Env10 *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Env10 +*UIConstraints: *PageSize EnvMonarch *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvMonarch +*UIConstraints: *PageSize EnvDL *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize EnvDL +*UIConstraints: *PageRegion EnvDL *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion EnvDL +*UIConstraints: *PageSize Statement *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageSize Statement +*UIConstraints: *PageRegion Statement *InputSlot PF100B +*UIConstraints: *InputSlot PF100B *PageRegion Statement +*UIConstraints: *Duplex *PageSize A6 +*UIConstraints: *PageSize A6 *Duplex DuplexTumble +*UIConstraints: *PageSize A6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion A6 +*UIConstraints: *PageRegion A6 *Duplex DuplexTumble +*UIConstraints: *PageRegion A6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize B6 +*UIConstraints: *PageSize B6 *Duplex DuplexTumble +*UIConstraints: *PageSize B6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion B6 +*UIConstraints: *PageRegion B6 *Duplex DuplexTumble +*UIConstraints: *PageRegion B6 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvPersonal +*UIConstraints: *PageSize EnvPersonal *Duplex DuplexTumble +*UIConstraints: *PageSize EnvPersonal *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvPersonal +*UIConstraints: *PageRegion EnvPersonal *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvPersonal *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Env9 +*UIConstraints: *PageSize Env9 *Duplex DuplexTumble +*UIConstraints: *PageSize Env9 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Env9 +*UIConstraints: *PageRegion Env9 *Duplex DuplexTumble +*UIConstraints: *PageRegion Env9 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Env10 +*UIConstraints: *PageSize Env10 *Duplex DuplexTumble +*UIConstraints: *PageSize Env10 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Env10 +*UIConstraints: *PageRegion Env10 *Duplex DuplexTumble +*UIConstraints: *PageRegion Env10 *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvMonarch +*UIConstraints: *PageSize EnvMonarch *Duplex DuplexTumble +*UIConstraints: *PageSize EnvMonarch *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvMonarch +*UIConstraints: *PageRegion EnvMonarch *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvMonarch *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize EnvDL +*UIConstraints: *PageSize EnvDL *Duplex DuplexTumble +*UIConstraints: *PageSize EnvDL *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion EnvDL +*UIConstraints: *PageRegion EnvDL *Duplex DuplexTumble +*UIConstraints: *PageRegion EnvDL *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageSize Statement +*UIConstraints: *PageSize Statement *Duplex DuplexTumble +*UIConstraints: *PageSize Statement *Duplex DuplexNoTumble +*UIConstraints: *Duplex *PageRegion Statement +*UIConstraints: *PageRegion Statement *Duplex DuplexTumble +*UIConstraints: *PageRegion Statement *Duplex DuplexNoTumble +*UIConstraints: *Option18 None *KCSuperWatermark +*UIConstraints: *KCSuperWatermark *Option18 None + +*% Resolution +*OpenUI *Resolution/Resolution: PickOne +*OrderDependency: 10 AnySetup *Resolution +*DefaultResolution: 600dpi +*Resolution 300dpi/300 dpi: "<< /HWResolution [300 300] /PreRenderingEnhance false >> setpagedevice" +*Resolution 600dpi/600 dpi: "<< /HWResolution [600 600] /PreRenderingEnhance false >> setpagedevice" +*Resolution 1200dpi/Fine 1200: "<< /HWResolution [1200 1200] /PreRenderingEnhance false >> setpagedevice" +*?Resolution: "save currentpagedevice /HWResolution get 0 get ( ) cvs print (dpi) = flush restore" +*CloseUI: *Resolution + +*% KCEcoprint +*OpenUI *KCEcoprint/EcoPrint: PickOne +*OrderDependency: 10 AnySetup *KCEcoprint +*DefaultKCEcoprint: Off +*KCEcoprint Off/Off: "<< /EconoMode false >> setpagedevice" +*KCEcoprint On/On: "<< /EconoMode true >> setpagedevice" +*CloseUI: *KCEcoprint + +*% Image Refinement +*OpenUI *Smoothing/KIR: PickOne +*OrderDependency: 50 AnySetup *Smoothing +*DefaultSmoothing: Medium +*Smoothing None/Off: "0 statusdict /setdoret get exec" +*Smoothing Medium/On: "2 statusdict /setdoret get exec" +*?Smoothing: " + save + [(None)(Medium)(Medium)(Medium)] + statusdict /doret get exec {get} stopped + {pop pop (Unknown)} if + = flush restore" +*End +*CloseUI: *Smoothing + +*% CIE +*OpenUI *CIE/CIE Optimization: PickOne +*OrderDependency: 11 AnySetup *CIE +*DefaultCIE: PrnDef +*CIE PrnDef/Printer settings: "" +*CIE False/Disabled: "<< /RejectionCIEcolor false >> setuserparams" +*CIE True/Enabled: "<< /RejectionCIEcolor true >> setuserparams" +*End +*CloseUI: *CIE + +*% Halftone Information +*DefaultHalftoneType: 1 +*ScreenFreq: "75.0" +*ScreenAngle: "45.0" +*ResScreenFreq 1200dpi: "75.0" +*ResScreenAngle 1200dpi: "45.0" +*ResScreenFreq 600dpi: "37.5" +*ResScreenAngle 600dpi: "45.0" +*ResScreenFreq 300dpi: "18.75" +*ResScreenAngle 300dpi: "45.0" + +*DefaultScreenProc: Ellipse +*ScreenProc Dot: " + {abs exch abs 2 copy add 1 gt + {1 sub dup mul exch 1 sub dup mul add 1 sub} + {dup mul exch dup mul add 1 exch sub} ifelse}" +*End +*ScreenProc Line: "{pop}" +*ScreenProc Ellipse: "{dup 5 mul 8 div mul exch dup mul exch add sqrt 1 exch sub}" +*DefaultTransfer: Null +*Transfer Null: "{}" +*Transfer Null.Inverse: "{1 exch sub}" + +*% Page Policy Definitions +*OpenUI *PagePolicy/Page Policy: PickOne +*OrderDependency: 15 AnySetup *PagePolicy +*DefaultPagePolicy: On +*PagePolicy On/AutoSizeSelect: "<< /DeferredMediaSelection true >> setpagedevice" +*CloseUI: *PagePolicy + +*% Paper Handling +*% Page Size Definitions +*OpenUI *PageSize: PickOne +*OrderDependency: 40 AnySetup *PageSize +*DefaultPageSize: A4 +*PageSize A4/A4: "<< /Policies << /PageSize 7 >> /PageSize [595 842] /ImagingBBox null >> setpagedevice" +*PageSize A5/A5: "<< /Policies << /PageSize 7 >> /PageSize [421 595] /ImagingBBox null >> setpagedevice" +*PageSize A6/A6: "<< /Policies << /PageSize 7 >> /PageSize [297 421] /ImagingBBox null >> setpagedevice" +*PageSize B5/B5 (JIS): "<< /Policies << /PageSize 7 >> /PageSize [516 729] /ImagingBBox null >> setpagedevice" +*PageSize ISOB5/B5 (ISO): "<< /Policies << /PageSize 7 >> /PageSize [499 708] /ImagingBBox null >> setpagedevice" +*PageSize B6/B6: "<< /Policies << /PageSize 7 >> /PageSize [364 516] /ImagingBBox null >> setpagedevice" +*PageSize OficioII/Oficio II: "<< /Policies << /PageSize 7 >> /PageSize [612 936] /ImagingBBox null >> setpagedevice" +*PageSize Folio/Folio (210 x 330mm): "<< /Policies << /PageSize 7 >> /PageSize [595 935] /ImagingBBox null >> setpagedevice" +*PageSize Statement/Statement: "<< /Policies << /PageSize 7 >> /PageSize [396 612] /ImagingBBox null >> setpagedevice" +*PageSize P16K/16K: "<< /Policies << /PageSize 7 >> /PageSize [558 774] /ImagingBBox null >> setpagedevice" +*PageSize Letter/Letter: "<< /Policies << /PageSize 7 >> /PageSize [612 792] /ImagingBBox null >> setpagedevice" +*PageSize Legal/Legal: "<< /Policies << /PageSize 7 >> /PageSize [612 1008] /ImagingBBox null >> setpagedevice" +*PageSize Executive/Executive: "<< /Policies << /PageSize 7 >> /PageSize [522 756] /ImagingBBox null >> setpagedevice" +*PageSize EnvPersonal/Envelope #6: "<< /Policies << /PageSize 7 >> /PageSize [261 468] /ImagingBBox null >> setpagedevice" +*PageSize Env9/Envelope #9: "<< /Policies << /PageSize 7 >> /PageSize [279 639] /ImagingBBox null >> setpagedevice" +*PageSize Env10/Envelope #10: "<< /Policies << /PageSize 7 >> /PageSize [297 684] /ImagingBBox null >> setpagedevice" +*PageSize EnvMonarch/Envelope Monarch: "<< /Policies << /PageSize 7 >> /PageSize [279 540] /ImagingBBox null >> setpagedevice" +*PageSize EnvDL/Envelope DL: "<< /Policies << /PageSize 7 >> /PageSize [312 624] /ImagingBBox null >> setpagedevice" +*PageSize EnvC5/Envelope C5: "<< /Policies << /PageSize 7 >> /PageSize [459 649] /ImagingBBox null >> setpagedevice" +*?PageSize: " + save + currentpagedevice /PageSize get aload pop + 2 copy gt {exch} if + (Unknown) + 19 dict + dup [595 842] (A4) put + dup [421 595] (A5) put + dup [297 421] (A6) put + dup [516 729] (B5) put + dup [499 708] (ISOB5) put + dup [364 516] (B6) put + dup [612 936] (OficioII) put + dup [595 935] (Folio) put + dup [396 612] (Statement) put + dup [558 774] (P16K) put + dup [612 792] (Letter) put + dup [612 1008] (Legal) put + dup [522 756] (Executive) put + dup [261 468] (EnvPersonal) put + dup [279 639] (Env9) put + dup [297 684] (Env10) put + dup [279 540] (EnvMonarch) put + dup [312 624] (EnvDL) put + dup [459 649] (EnvC5) put + {exch aload pop 4 index sub abs 5 le exch + 5 index sub abs 5 le and + {exch pop exit}{pop} ifelse + } bind forall + = flush pop pop restore " +*End +*CloseUI: *PageSize + +*% Page Region Definitions for Frame Buffer +*OpenUI *PageRegion: PickOne +*OrderDependency: 40 AnySetup *PageRegion +*DefaultPageRegion: A4 +*PageRegion A4/A4: "<< /Policies << /PageSize 7 >> /PageSize [595 842] /ImagingBBox null >> setpagedevice" +*PageRegion A5/A5: "<< /Policies << /PageSize 7 >> /PageSize [421 595] /ImagingBBox null >> setpagedevice" +*PageRegion A6/A6: "<< /Policies << /PageSize 7 >> /PageSize [297 421] /ImagingBBox null >> setpagedevice" +*PageRegion B5/B5 (JIS): "<< /Policies << /PageSize 7 >> /PageSize [516 729] /ImagingBBox null >> setpagedevice" +*PageRegion ISOB5/B5 (ISO): "<< /Policies << /PageSize 7 >> /PageSize [499 708] /ImagingBBox null >> setpagedevice" +*PageRegion B6/B6: "<< /Policies << /PageSize 7 >> /PageSize [364 516] /ImagingBBox null >> setpagedevice" +*PageRegion Letter/Letter: "<< /Policies << /PageSize 7 >> /PageSize [612 792] /ImagingBBox null >> setpagedevice" +*PageRegion Legal/Legal: "<< /Policies << /PageSize 7 >> /PageSize [612 1008] /ImagingBBox null >> setpagedevice" +*PageRegion Executive/Executive: "<< /Policies << /PageSize 7 >> /PageSize [522 756] /ImagingBBox null >> setpagedevice" +*PageRegion EnvPersonal/Envelope #6: "<< /Policies << /PageSize 7 >> /PageSize [261 468] /ImagingBBox null >> setpagedevice" +*PageRegion Env9/Envelope #9: "<< /Policies << /PageSize 7 >> /PageSize [279 639] /ImagingBBox null >> setpagedevice" +*PageRegion Env10/Envelope #10: "<< /Policies << /PageSize 7 >> /PageSize [297 684] /ImagingBBox null >> setpagedevice" +*PageRegion EnvMonarch/Envelope Monarch: "<< /Policies << /PageSize 7 >> /PageSize [279 540] /ImagingBBox null >> setpagedevice" +*PageRegion EnvDL/Envelope DL: "<< /Policies << /PageSize 7 >> /PageSize [312 624] /ImagingBBox null >> setpagedevice" +*PageRegion EnvC5/Envelope C5: "<< /Policies << /PageSize 7 >> /PageSize [459 649] /ImagingBBox null >> setpagedevice" +*PageRegion OficioII/Oficio II: "<< /Policies << /PageSize 7 >> /PageSize [612 936] /ImagingBBox null >> setpagedevice" +*PageRegion Folio/Folio (210 x 330mm): "<< /Policies << /PageSize 7 >> /PageSize [595 935] /ImagingBBox null >> setpagedevice" +*PageRegion Statement/Statement: "<< /Policies << /PageSize 7 >> /PageSize [396 612] /ImagingBBox null >> setpagedevice" +*PageRegion P16K/16K: "<< /Policies << /PageSize 7 >> /PageSize [558 774] /ImagingBBox null >> setpagedevice" +*CloseUI: *PageRegion + +*% Imageable Area Definitions +*DefaultImageableArea: A4 +*ImageableArea A4/A4: "12 10 583 832" +*ImageableArea A5/A5: "12 10 409 585" +*ImageableArea A6/A6: "12 10 285 411" +*ImageableArea B5/B5 (JIS): "21 10 495 719" +*ImageableArea ISOB5/B5 (ISO): "12 12 487 696" +*ImageableArea B6/B6: "12 10 352 506" +*ImageableArea OficioII/Oficio II: "12 12 600 924" +*ImageableArea Folio/Folio (210 x 330mm): "12 12 583 923" +*ImageableArea Statement/Statement: "12 12 384 600" +*ImageableArea P16K/16K: "12 12 547 763" +*ImageableArea Letter/Letter: "12 08 600 784" +*ImageableArea Legal/Legal: "12 08 600 1000" +*ImageableArea Executive/Executive: "12 08 510 748" +*ImageableArea EnvPersonal/Envelope #6: "12 08 249 460" +*ImageableArea Env9/Envelope #9: "12 08 267 631" +*ImageableArea Env10/Envelope #10: "12 08 285 676" +*ImageableArea EnvMonarch/Envelope Monarch: "12 08 267 532" +*ImageableArea EnvDL/Envelope DL: "12 10 300 614" +*ImageableArea EnvC5/Envelope C5: "12 10 447 639" +*?ImageableArea: " + save + /cvp {cvi ( ) cvs + print ( ) print} bind def + newpath clippath pathbbox + 4 -2 roll exch 2 {ceiling cvp} repeat + exch 2 {floor cvp} repeat ( ) + = flush restore" +*End + +*% Physical Dimensions of Media +*DefaultPaperDimension: A4 +*PaperDimension A4/A4: "595 842" +*PaperDimension A5/A5: "421 595" +*PaperDimension A6/A6: "297 421" +*PaperDimension B5/B5 (JIS): "516 729" +*PaperDimension ISOB5/B5 (ISO): "499 708" +*PaperDimension B6/B6: "364 516" +*PaperDimension OficioII/Oficio II: "612 936" +*PaperDimension Folio/Folio (210 x 330mm): "595 935" +*PaperDimension Statement/Statement: "396 612" +*PaperDimension P16K/16K: "558 774" +*PaperDimension Letter/Letter: "612 792" +*PaperDimension Legal/Legal: "612 1008" +*PaperDimension Executive/Executive: "522 756" +*PaperDimension EnvPersonal/Envelope #6: "261 468" +*PaperDimension Env9/Envelope #9: "279 639" +*PaperDimension Env10/Envelope #10: "297 684" +*PaperDimension EnvMonarch/Envelope Monarch: "279 540" +*PaperDimension EnvDL/Envelope DL: "312 624" +*PaperDimension EnvC5/Envelope C5: "459 649" + +*% Custom Page Size Definitions +*% Smallest = A6, Largest = LEGAL + +*VariablePaperSize: True +*LeadingEdge Short: "" +*DefaultLeadingEdge: Short +*HWMargins: 12 12 12 12 +*MaxMediaWidth: "612" +*MaxMediaHeight: "1008" +*NonUIOrderDependency: 40 AnySetup *CustomPageSize +*CustomPageSize True: " + pop pop pop + << /PageSize [ 5 -2 roll ] /ImagingBBox null + /DeferredMediaSelection true + >> setpagedevice" +*End +*ParamCustomPageSize Width: 1 points 278 612 +*ParamCustomPageSize Height: 2 points 420 1008 +*ParamCustomPageSize WidthOffset: 3 points 0 0 +*ParamCustomPageSize HeightOffset: 4 points 0 0 +*ParamCustomPageSize Orientation: 5 int 1 1 + +*% Input Slot Definitions +*OpenUI *InputSlot: PickOne +*OrderDependency: 30 AnySetup *InputSlot +*DefaultInputSlot: Internal +*InputSlot Internal/Cassette 1: "<< /ManualFeed false >> setpagedevice statusdict begin 0 setpapertray end" +*InputSlot PF100A/Cassette 2: "<< /ManualFeed false >> setpagedevice statusdict begin 1 setpapertray end" +*InputSlot PF100B/Cassette 3: "<< /ManualFeed false >> setpagedevice statusdict begin 4 setpapertray end" +*InputSlot MF1/MP Tray: "<< /ManualFeed false >> setpagedevice statusdict begin 3 setpapertray end" +*?InputSlot: "" +*CloseUI: *InputSlot + +*% MediaType Definitions +*OpenUI *MediaType: PickOne +*OrderDependency: 95 AnySetup *MediaType +*DefaultMediaType: PrnDef +*MediaType PrnDef/Unspecified: "<> setpagedevice" +*MediaType Auto/Auto media selection: "" +*MediaType Plain/Plain: "<> setpagedevice" +*MediaType Transparency/Transparency: "<> setpagedevice" +*MediaType Labels/Labels: "<> setpagedevice" +*MediaType Letterhead/Letterhead: "<> setpagedevice" +*MediaType Bond/Bond: "<> setpagedevice" +*MediaType Color/Color: "<> setpagedevice" +*MediaType Preprinted/Preprinted: "<> setpagedevice" +*MediaType Prepunched/Prepunched: "<> setpagedevice" +*MediaType Recycled/Recycled: "<> setpagedevice" +*MediaType Cardstock/Cardstock: "<> setpagedevice" +*MediaType Vellum/Vellum: "<> setpagedevice" +*MediaType Envelope/Envelope: "<> setpagedevice" +*MediaType Rough/Rough: "<> setpagedevice" +*MediaType Thick/Thick: "<> setpagedevice" +*MediaType Highqlty/High quality: "<> setpagedevice" +*MediaType User1/Custom type 1: "<> setpagedevice" +*MediaType User2/Custom type 2: "<> setpagedevice" +*MediaType User3/Custom type 3: "<> setpagedevice" +*MediaType User4/Custom type 4: "<> setpagedevice" +*MediaType User5/Custom type 5: "<> setpagedevice" +*MediaType User6/Custom type 6: "<> setpagedevice" +*MediaType User7/Custom type 7: "<> setpagedevice" +*MediaType User8/Custom type 8: "<> setpagedevice" +*?MediaType: " + save + currentpagedevice /MediaType {get} stopped + {pop pop (Unknown)} {dup null eq {pop (Unknown)} if} ifelse = flush + restore" +*End +*CloseUI: *MediaType + +*RequiresPageRegion All: True + +*% Duplex Definitions +*OpenUI *Duplex/Duplexing: PickOne +*OrderDependency: 50 AnySetup *Duplex +*DefaultDuplex: None +*Duplex None/None: "statusdict begin false setduplexmode false settumble end" +*Duplex DuplexTumble/Short Edge: "statusdict begin true setduplexmode true settumble end" +*Duplex DuplexNoTumble/Long Edge: "statusdict begin true setduplexmode false settumble end" +*?Duplex: " + save + statusdict begin + duplexmode + {tumble {(DuplexTumble)}{(DuplexNoTumble)} ifelse} + {(None)} ifelse + = flush end restore" +*End +*CloseUI: *Duplex + +*% Job Spooling Definitions +*OpenUI *KCCollate/Job Settings: PickOne +*OrderDependency: 20 AnySetup *KCCollate +*DefaultKCCollate: PrnDef +*KCCollate PrnDef/Printer settings: "" +*KCCollate On/Collate: "<< /Collate true >> setpagedevice" +*KCCollate None/None: "<< /Collate false >> setpagedevice" +*?KCCollate: " + save + currentpagedevice dup /Collate known { + dup /CollateDetails known { + /CollateDetails get + dup /Mode known { + /Mode get + 1 { + dup 0 eq {pop (Temp) exit} if + pop (Unknown) + } repeat + }{pop (Unknown)} ifelse + }{pop (Unknown)} ifelse + }{pop (Unknown)} ifelse + = flush restore" +*End +*CloseUI: *KCCollate + +*% KCSuperWatermark +*OpenUI *KCSuperWatermark/Super Watermark: PickOne +*OrderDependency: 10 AnySetup *KCSuperWatermark +*DefaultKCSuperWatermark: None +*KCSuperWatermark None/None: "" +*KCSuperWatermark UFA/Use Form-A Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFB/Use Form-B Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFC/Use Form-C Print on all pages: "<> setpagedevice" +*KCSuperWatermark UFAFP/Use Form-A Print on first page only: "<> setpagedevice" +*KCSuperWatermark UFBFP/Use Form-B Print on first page only: "<> setpagedevice" +*KCSuperWatermark UFCFP/Use Form-C Print on first page only: "<> setpagedevice" +*KCSuperWatermark SFA/Save Form-A: "<> setpagedevice" +*KCSuperWatermark SFB/Save Form-B: "<> setpagedevice" +*KCSuperWatermark SFC/Save Form-C: "<> setpagedevice" +*CloseUI: *KCSuperWatermark + +*% PPD Version Info +*OpenUI *KCVersion/PPD Version: PickOne +*OrderDependency: 25 AnySetup *KCVersion +*DefaultKCVersion: Default +*KCVersion Default/8.4 [12-28-2009]: " +globaldict /ct_AddStdCIDMap known { +globaldict /ct_AddStdCIDMap get length 7 eq +{globaldict /ct_AddStdCIDMap get 0 get type /stringtype eq +{globaldict /ct_AddStdCIDMap get 1 get 0 eq +{globaldict /ct_AddStdCIDMap get 2 get () eq +{globaldict /ct_AddStdCIDMap get 3 get /SubFileDecode eq +{globaldict /ct_AddStdCIDMap get 4 get systemdict /filter get eq +{currentglobal true setglobal globaldict +/ct_AddStdCIDMap +globaldict /ct_AddStdCIDMap get dup +globaldict /ct_AddStdCIDMap get +0 get length 1 exch +put put setglobal +} if} if} if} if} if} if} if" +*End +*CloseUI: *KCVersion + +*% Font Information +*DefaultFont: Courier +*Font AvantGarde-Book: Standard "(001.006S)" Standard ROM +*Font AvantGarde-BookOblique: Standard "(001.006S)" Standard ROM +*Font AvantGarde-Demi: Standard "(001.007S)" Standard ROM +*Font AvantGarde-DemiOblique: Standard "(001.007S)" Standard ROM +*Font Bookman-Light: Standard "(001.004S)" Standard ROM +*Font Bookman-LightItalic: Standard "(001.004S)" Standard ROM +*Font Bookman-Demi: Standard "(001.004S)" Standard ROM +*Font Bookman-DemiItalic: Standard "(001.004S)" Standard ROM +*Font Courier: Standard "(002.004S)" Standard ROM +*Font Courier-Oblique: Standard "(002.004S)" Standard ROM +*Font Courier-Bold: Standard "(002.004S)" Standard ROM +*Font Courier-BoldOblique: Standard "(002.004S)" Standard ROM +*Font Helvetica: Standard "(001.006S)" Standard ROM +*Font Helvetica-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-BoldOblique: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Oblique: Standard "(001.006S)" Standard ROM +*Font Helvetica-Narrow-Bold: Standard "(001.007S)" Standard ROM +*Font Helvetica-Narrow-BoldOblique: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Roman: Standard "(001.007S)" Standard ROM +*Font NewCenturySchlbk-Italic: Standard "(001.006S)" Standard ROM +*Font NewCenturySchlbk-Bold: Standard "(001.009S)" Standard ROM +*Font NewCenturySchlbk-BoldItalic: Standard "(001.007S)" Standard ROM +*Font Palatino-Roman: Standard "(001.005S)" Standard ROM +*Font Palatino-Italic: Standard "(001.005S)" Standard ROM +*Font Palatino-Bold: Standard "(001.005S)" Standard ROM +*Font Palatino-BoldItalic: Standard "(001.005S)" Standard ROM +*Font Symbol: Special "(001.007S)" Special ROM +*Font Times-Roman: Standard "(001.007S)" Standard ROM +*Font Times-Italic: Standard "(001.007S)" Standard ROM +*Font Times-Bold: Standard "(001.007S)" Standard ROM +*Font Times-BoldItalic: Standard "(001.009S)" Standard ROM +*Font ZapfChancery-MediumItalic: Standard "(001.007S)" Standard ROM +*Font ZapfDingbats: Special "(001.004S)" Special ROM +*Font Albertus-Medium: Standard "(001.008S)" Standard ROM +*Font Albertus-ExtraBold: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive-Italic: Standard "(001.008S)" Standard ROM +*Font AntiqueOlive-Bold: Standard "(001.008S)" Standard ROM +*Font Arial: Standard "(001.008S)" Standard ROM +*Font Arial-Italic: Standard "(001.008S)" Standard ROM +*Font Arial-Bold: Standard "(001.008S)" Standard ROM +*Font Arial-BoldItalic: Standard "(001.008S)" Standard ROM +*Font CGOmega: Standard "(001.008S)" Standard ROM +*Font CGOmega-Italic: Standard "(001.008S)" Standard ROM +*Font CGOmega-Bold: Standard "(001.008S)" Standard ROM +*Font CGOmega-BoldItalic: Standard "(001.008S)" Standard ROM +*Font CGTimes: Standard "(001.008S)" Standard ROM +*Font CGTimes-Italic: Standard "(001.008S)" Standard ROM +*Font CGTimes-Bold: Standard "(001.008S)" Standard ROM +*Font CGTimes-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Clarendon-Condensed-Bold: Standard "(001.008S)" Standard ROM +*Font Coronet: Standard "(001.008S)" Standard ROM +*Font CourierHP: Standard "(001.008S)" Standard ROM +*Font CourierHP-Italic: Standard "(001.008S)" Standard ROM +*Font CourierHP-Bold: Standard "(001.008S)" Standard ROM +*Font CourierHP-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Garamond-Antiqua: Standard "(001.008S)" Standard ROM +*Font Garamond-Halbfett: Standard "(001.008S)" Standard ROM +*Font Garamond-Kursiv: Standard "(001.008S)" Standard ROM +*Font Garamond-KursivHalbfett: Standard "(001.008S)" Standard ROM +*Font LetterGothic: Standard "(001.008S)" Standard ROM +*Font LetterGothic-Italic: Standard "(001.008S)" Standard ROM +*Font LetterGothic-Bold: Standard "(001.008S)" Standard ROM +*Font Marygold: Standard "(001.008S)" Standard ROM +*Font SymbolMT: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-Italic: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-BoldItalic: Standard "(001.008S)" Standard ROM +*Font TimesNewRoman-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-Medium: Standard "(001.008S)" Standard ROM +*Font Univers-MediumItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-Medium: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-MediumItalic: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-Bold: Standard "(001.008S)" Standard ROM +*Font Univers-Condensed-BoldItalic: Standard "(001.008S)" Standard ROM +*Font Wingdings-Regular: Special "(001.008S)" Special ROM +*?FontQuery: " + save + /str 80 string dup 0 (fonts/) putinterval def + {count 1 gt + { exch dup str 6 94 getinterval cvs + (/) print print (:) print + FontDirectory exch known + {(Yes)}{(No)} ifelse = + }{exit} ifelse + } bind loop (*) + = flush restore" +*End +*?FontList: "save FontDirectory { pop == } bind forall flush (*) = flush restore" +*% Printer Messages +*Message: "%%[ exitserver: permanent state may be changed ]%%" +*Message: "%%[ Flushing: rest of job (to end-of-file) will be ignored ]%%" +*Message: "\FontName\ not found, using Courier" + +*% Status (format: %%[ status: ]%% ) +*Status: "warming up"/warming up +*Status: "idle"/idle +*Status: "busy"/busy +*Status: "waiting"/waiting +*Status: "printing"/printing +*Status: "initializing"/initializing +*Status: "printing test page"/printing test page +*% Printer Error (format: %%[ PrinterError: ]%% ) +*PrinterError: "paper entry misfeed" +*PrinterError: "cover open" +*PrinterError: "no paper tray" +*PrinterError: "out of paper" +*PrinterError: "toner low (halt)" +*PrinterError: "warming up" +*PrinterError: "other reason" +*PrinterError: "video interface mode" +*PrinterError: "offline" +*PrinterError: "toner low (warning)" + +*% Input Sources (format: %%[ status: ;source: ]%% ) +*Source: "Serial" +*Source: "Parallel" +*Source: "LocalTalk" +*Source: "Option" + +*% End of PPD file for Kyocera FS-1370DN (English) diff --git a/pkgs/cups-kyocera-fs1370dn/default.nix b/pkgs/cups-kyocera-fs1370dn/default.nix new file mode 100644 index 0000000..1e38257 --- /dev/null +++ b/pkgs/cups-kyocera-fs1370dn/default.nix @@ -0,0 +1,23 @@ +{ + lib, + stdenv, +}: +stdenv.mkDerivation { + pname = "cups-kyocera-fs1370d"; + version = "1.0.1"; + + dontPatchELF = true; + dontStrip = true; + dontUnpack = true; + + src = ./Kyocera_FS-1370DN.ppd; + + installPhase = '' + runHook preInstall + + mkdir -p $out/share/cups/model/Kyocera + cp $src $out/share/cups/model/Kyocera + + runHook postInstall + ''; +} diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 0000000..24b99f2 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,4 @@ +{pkgs, ...}: { + cups-kyocera-fs1370dn = pkgs.callPackage ./cups-kyocera-fs1370dn {}; + comic-mono = pkgs.callPackage ./comic-mono {}; +} diff --git a/pkgs/git-cliff/default.nix b/pkgs/git-cliff/default.nix new file mode 100644 index 0000000..ca9b610 --- /dev/null +++ b/pkgs/git-cliff/default.nix @@ -0,0 +1,26 @@ +{ + lib, + fetchFromGitHub, + rustPlatform, + ... +}: +rustPlatform.buildRustPackage rec { + pname = "git-cliff"; + version = "1.1.2"; + + src = fetchFromGitHub { + owner = "orhun"; + repo = pname; + rev = "v${version}"; + hash = "sha256-QYldwxQYod5qkNC3soiKoCLDFR4UaLxdGkVufn1JIeE="; + }; + + doCheck = false; + + cargoHash = "sha256-jwDJb9Hl0PegCufmaj1Q3h5itgt26E4dwmcyCxZ+4FM="; + + meta = with lib; { + description = "A highly customizable Changelog Generator that follows Conventional Commit specifications"; + homepage = "https://github.com/orhun/git-cliff"; + }; +} diff --git a/pkgs/nu_plugin_dns/default.nix b/pkgs/nu_plugin_dns/default.nix new file mode 100644 index 0000000..8177735 --- /dev/null +++ b/pkgs/nu_plugin_dns/default.nix @@ -0,0 +1,26 @@ +{ + lib, + fetchFromGitHub, + rustPlatform, + ... +}: +rustPlatform.buildRustPackage rec { + pname = "nu_plugin_dns"; + version = "1.0.3"; + + src = fetchFromGitHub { + owner = "dead10ck"; + repo = pname; + rev = "v${version}"; + hash = "sha256-SPJTaz7kQpeDPRrU0Ab2yDUJiSBUVZBBgP07ciHe02I="; + }; + + doCheck = false; + + cargoHash = "sha256-Zs2BF/NUqiaa3nhUMa0m/3AEYHU96Ki1JBz9j7DUq4k="; + + meta = with lib; { + description = "Nushell plugin that does DNS queries and parses results into meaningful types."; + homepage = "https://github.com/dead10ck/nu_plugin_dns"; + }; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..eb5b575 --- /dev/null +++ b/shell.nix @@ -0,0 +1,21 @@ +{ + mkShell, + sops, + colmena, + # deploy-rs, + nixpkgs-fmt, + nil, + alejandra, + home-manager, +}: +mkShell { + nativeBuildInputs = [ + sops + colmena + # deploy-rs + nixpkgs-fmt + nil + alejandra + home-manager + ]; +}