alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: alex/nixos-configs:0c0c27361ce55eecc1c36b35dff620fdfb69f529
Branches Tags
alex/nixos-configs:main
..
compare: alex/nixos-configs:ededfaa6753999973844070be5503b720dcadc7d
Branches Tags
alex/nixos-configs:main

21 Commits
0c0c27361c .. ededfaa675

Author SHA1 Message Date
Alexander Heldt ededfaa675 tadpole: Add match block for git.ppp.pm in ssh 2024-09-05 18:32:06 +02:00
Alexander Heldt 1e6f0fa4e3 backwards: Add match block for git.ppp.pm in ssh 2024-09-05 18:29:52 +02:00
Alexander Heldt 03cc3a616b tadpole: Add secrets for git.ppp.pm 2024-09-05 18:27:07 +02:00
Alexander Heldt 320f164b11 backwards: Add secrets for git.ppp.pm 2024-09-05 18:26:47 +02:00
Alexander Heldt 899b450f8c pinwheel: Don't format files named "secrets.nix" in emacs 2024-09-05 18:20:46 +02:00
Alexander Heldt d2743436aa pinwheel: Add grpcurl to work module 2024-09-05 12:40:00 +02:00
Alexander Heldt fb281612e8 pinwheel: Move postman to work module 2024-09-05 12:39:44 +02:00
Alexander Heldt 18bda50a13 Update flake inputs 2024-09-04 21:15:37 +02:00
Alexander Heldt a49c49cc02 pinwheel: Add nixfmt to nix module 2024-09-02 22:36:16 +02:00
Alexander Heldt 15711a903e pinwheel: Format nix files on save in emacs 2024-09-02 21:59:10 +02:00
Alexander Heldt fd4d1d13df pinwheel: Remove nil from nix module 2024-09-02 21:59:10 +02:00
Alexander Heldt 0dfbf16522 pinwheel: Use nixd in emacs 2024-09-02 21:59:10 +02:00
Alexander Heldt f15701f426 Apply nixfmt 2024-09-02 21:55:41 +02:00
Alexander Heldt bda8def5fe Add dev shell with nixfmt 2024-09-02 21:07:34 +02:00
Alexander Heldt dd9be869d2 Remove unused self reference in flake.nix 2024-09-02 20:42:12 +02:00
Alexander Heldt 4afbe23915 pinwheel: Remove pants.nix from work module 2024-09-02 20:41:42 +02:00
Alexander Heldt 04f1bef188 sombrero: remove host sombrero 2024-09-02 20:29:48 +02:00
Alexander Heldt 395e4f8256 backwards: Enable calibre-web module 2024-09-01 17:53:36 +02:00
Alexander Heldt 1c654cc104 backwards: Add calibre-web module 2024-09-01 17:51:44 +02:00
Alexander Heldt 6142c30f4a backwards: Enable audiobookshelf module 2024-09-01 12:20:36 +02:00
Alexander Heldt 81d06fc019 backwards: Add audiobookshelf module 2024-09-01 12:20:36 +02:00
103 changed files with 948 additions and 1395 deletions
Expand all files Collapse all files
.envrc
+1
View File
@@ -0,0 +1 @@
use flake
.gitignore
+1
View File
@@ -1,2 +1,3 @@
.direnv/
*.qcow2
result
config-manager/default.nix
+44 -38
View File
@@ -1,4 +1,10 @@
{ inputs, pkgs, lib, config, ... }:
{
inputs,
pkgs,
lib,
config,
...
}:
let
flakePath = config.config-manager.flakePath;
nixosConfiguration = config.config-manager.nixosConfiguration;
@@ -12,49 +18,49 @@ let
throw "'config-manager.nixosConfiguration' cannot be empty"
else
pkgs.writeShellScriptBin "cm" ''
help() {
cat << EOF
Usage:
cm [flag]
help() {
cat << EOF
Usage:
cm [flag]
Flags:
--update updates the flake
--switch rebuilds + switches configuration (using 'nh')
--build-test-vm, --btvm build test-vm
--run-test-vm, --rtvm run test-vm
EOF
}
Flags:
--update updates the flake
--switch rebuilds + switches configuration (using 'nh')
--build-test-vm, --btvm build test-vm
--run-test-vm, --rtvm run test-vm
EOF
}
update() {
echo -e "\033[0;31mUPDATING FLAKE\033[0m"
nix flake update ${flakePath}
}
update() {
echo -e "\033[0;31mUPDATING FLAKE\033[0m"
nix flake update ${flakePath}
}
switch() {
nixos-rebuild dry-build --flake ${flakePath}#${nixosConfiguration}
${nh}/bin/nh os switch --hostname ${nixosConfiguration} ${flakePath}
}
switch() {
nixos-rebuild dry-build --flake ${flakePath}#${nixosConfiguration}
${nh}/bin/nh os switch --hostname ${nixosConfiguration} ${flakePath}
}
build-test-vm() {
nixos-rebuild build-vm --flake ${flakePath}#test-vm
}
build-test-vm() {
nixos-rebuild build-vm --flake ${flakePath}#test-vm
}
run-test-vm() {
${flakePath}/result/bin/run-test-vm-vm
}
run-test-vm() {
${flakePath}/result/bin/run-test-vm-vm
}
case $1 in
--update)
update ;;
--switch)
switch ;;
--build-test-vm | --btvm)
build-test-vm ;;
--run-test-vm | --rtvm)
run-test-vm ;;
--help | *)
help ;;
esac
case $1 in
--update)
update ;;
--switch)
switch ;;
--build-test-vm | --btvm)
build-test-vm ;;
--run-test-vm | --rtvm)
run-test-vm ;;
--help | *)
help ;;
esac
'';
in
{
flake.lock
Generated
+21 -21
View File
@@ -54,11 +54,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1725037990,
"narHash": "sha256-7ZwhCJQ8/BvP5UDSOe9PUzrDlDePxfyDrkEYuuZZJJ8=",
"lastModified": 1725470024,
"narHash": "sha256-i2iWRFWaTCahFz9B2vKqIqpPimL/yn1zX3lZ2EkBzc0=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "45405f34d10260753298ff244a9b9c36e04b2e11",
"rev": "8a94f9d557f3f8b372f03f18b2e1be3820d7da7f",
"type": "github"
},
"original": {
@@ -113,11 +113,11 @@
]
},
"locked": {
"lastModified": 1724435763,
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
"lastModified": 1725180166,
"narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
"rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
"type": "github"
},
"original": {
@@ -133,11 +133,11 @@
]
},
"locked": {
"lastModified": 1722636442,
"narHash": "sha256-+7IS0n3/F0I5j6ZbrVlLcIIPHY3o+/vLAqg/G48sG+w=",
"lastModified": 1725276753,
"narHash": "sha256-kcV2M7xIoQvLRIrMndysM4E0d2zGSwIDejamT4LKnDg=",
"owner": "hyprwm",
"repo": "contrib",
"rev": "9d67858b437d4a1299be496d371b66fc0d3e01f6",
"rev": "ae618eafa81b596db034c5df1d75d4eddf785824",
"type": "github"
},
"original": {
@@ -153,11 +153,11 @@
]
},
"locked": {
"lastModified": 1724689275,
"narHash": "sha256-wpxC7XiZ9maYZA4BSLKGXc+pn2fwaiq2Ybu5kNjl1ao=",
"lastModified": 1725287741,
"narHash": "sha256-ZxyB7BwxQjoMz5lUnsb+KuTWfRyPtJVqEjnlOoABSUE=",
"owner": "viperML",
"repo": "nh",
"rev": "a922eada049854019c5d1bbc82383f7095773e5c",
"rev": "5dd64eb04fddeac2eb08c018212cc58978934920",
"type": "github"
},
"original": {
@@ -183,11 +183,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1724878143,
"narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=",
"lastModified": 1725470640,
"narHash": "sha256-xaIvCE8ZP65fj2HR7DlDX+iJMBxasfjEv+zc6Cuwf3I=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef",
"rev": "ace1cedf3ecfbac81b29522d71009878951a69eb",
"type": "github"
},
"original": {
@@ -199,11 +199,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1724819573,
"narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=",
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "71e91c409d1e654808b2621f28a327acfdad8dc2",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github"
},
"original": {
@@ -215,11 +215,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1724855419,
"narHash": "sha256-WXHSyOF4nBX0cvHN3DfmEMcLOVdKH6tnMk9FQ8wTNRc=",
"lastModified": 1725001927,
"narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae2fc9e0e42caaf3f068c1bfdc11c71734125e06",
"rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
"type": "github"
},
"original": {
flake.nix
+56 -44
View File
@@ -11,7 +11,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
nix-gc-env.url= "github:Julow/nix-gc-env";
nix-gc-env.url = "github:Julow/nix-gc-env";
home-manager = {
url = "github:nix-community/home-manager";
@@ -39,50 +39,62 @@
};
};
outputs = { self, ... }@inputs: {
nixosConfigurations = {
pinwheel = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./hosts/pinwheel/configuration.nix
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-10th-gen
./hosts/pinwheel/home.nix
];
outputs =
{ ... }@inputs:
{
nixosConfigurations = {
pinwheel = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [
./hosts/pinwheel/configuration.nix
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-10th-gen
./hosts/pinwheel/home.nix
];
};
backwards = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [
./hosts/backwards/configuration.nix
./hosts/backwards/home.nix
];
};
tadpole = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [
./hosts/tadpole/configuration.nix
./hosts/tadpole/home.nix
];
};
test-vm = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [ ./hosts/test-vm/configuration.nix ];
};
};
backwards = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./hosts/backwards/configuration.nix
./hosts/backwards/home.nix
];
};
sombrero = inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { inherit inputs; };
modules = [
./hosts/sombrero/configuration.nix
./hosts/sombrero/home.nix
];
};
tadpole = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./hosts/tadpole/configuration.nix
./hosts/tadpole/home.nix
];
};
test-vm = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ ./hosts/test-vm/configuration.nix ];
};
devShells =
let
system = "x86_64-linux";
pkgs = inputs.nixpkgs.legacyPackages.${system};
in
{
${system}.default = pkgs.mkShell {
packages = [ pkgs.nixfmt-rfc-style ];
};
};
};
};
}
hosts/backwards/configuration.nix
+15 -10
View File
@@ -1,14 +1,16 @@
{ pkgs, ... }:
{
imports =
[
../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
imports = [
../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
console.keyMap = "sv-latin1";
@@ -25,8 +27,11 @@
users.users.alex = {
isNormalUser = true;
description = "alex";
extraGroups = [ "networkmanager" "wheel" ];
packages = [];
extraGroups = [
"networkmanager"
"wheel"
];
packages = [ ];
};
environment.variables.EDITOR = "vim";
hosts/backwards/hardware-configuration.nix
+32 -17
View File
@@ -1,32 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/bad3d82a-7bb8-490f-bd01-a4b16fe6f33d";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/bad3d82a-7bb8-490f-bd01-a4b16fe6f33d";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D049-60DD";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/ff4de0e5-2c60-4ee7-a55c-450727efb921"; }
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D049-60DD";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [
{ device = "/dev/disk/by-uuid/ff4de0e5-2c60-4ee7-a55c-450727efb921"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
hosts/backwards/modules/audiobookshelf/default.nix
+29
View File
@@ -0,0 +1,29 @@
{ lib, config, ... }:
let
enabled = config.mod.audiobookshelf.enable;
in
{
options = {
mod.audiobookshelf = {
enable = lib.mkEnableOption "Enable audiobookshelf module";
};
};
config = lib.mkIf enabled {
fileSystems."/home/alex/media" = {
device = "/dev/disk/by-uuid/ad4acc0f-172c-40f8-8473-777c957e8764";
fsType = "ext4";
options = [ "nofail" ];
};
services.audiobookshelf = {
enable = true;
user = "alex";
group = "users";
host = "0.0.0.0";
port = 8000;
};
};
}
hosts/backwards/modules/boot/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ inputs, lib, config, ... }:
{
inputs,
lib,
config,
...
}:
let
configurationLimit = config.mod.gc.configurationLimit;
in
hosts/backwards/modules/calibre-web/default.nix
+32
View File
@@ -0,0 +1,32 @@
{ lib, config, ... }:
let
enabled = config.mod.calibre-web.enable;
in
{
options = {
mod.calibre-web = {
enable = lib.mkEnableOption "add calibre-web module";
};
};
config = lib.mkIf enabled {
services = {
calibre-web = {
enable = true;
user = "alex";
group = "users";
listen = {
ip = "0.0.0.0";
port = 8083;
};
options = {
calibreLibrary = "/home/alex/sync/books";
enableBookUploading = true;
};
};
};
};
}
hosts/backwards/modules/default.nix
+2
View File
@@ -15,6 +15,8 @@ in
syncthing.enable = true;
restic.enable = true;
transmission.enable = true;
audiobookshelf.enable = true;
calibre-web.enable = true;
};
};
}
hosts/backwards/modules/git/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.git.enable;
in
hosts/backwards/modules/network/default.nix
+6 -4
View File
@@ -12,10 +12,12 @@
wlp1s0 = {
useDHCP = false;
ipv4 = {
addresses = [{
address = "192.168.50.202";
prefixLength = 24;
}];
addresses = [
{
address = "192.168.50.202";
prefixLength = 24;
}
];
};
};
};
hosts/backwards/modules/restic/default.nix
+1 -2
View File
@@ -45,7 +45,7 @@ in
environmentFile = config.age.secrets.restic-cloud-sync-key.path;
repositoryFile = config.age.secrets.restic-cloud-sync-repository.path;
paths = ["/home/alex/sync"];
paths = [ "/home/alex/sync" ];
timerConfig = {
OnCalendar = "*-*-* 0/12:00:00"; # Every 12th hour, i.e. twice a day
@@ -70,4 +70,3 @@ in
};
};
}
hosts/backwards/modules/ssh/default.nix
+30 -5
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.ssh.enable;
@@ -18,6 +23,11 @@ in
enable = true;
matchBlocks = {
"git.ppp.pm" = {
hostname = "git.ppp.pm";
identityFile = "/home/alex/.ssh/alex.backwards-git.ppp.pm";
};
"codeberg.org" = {
hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.backwards-codeberg.org";
@@ -41,10 +51,12 @@ in
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "${rootSSHKeyPath}/root.backwards";
type = "ed25519";
}];
hostKeys = [
{
path = "${rootSSHKeyPath}/root.backwards";
type = "ed25519";
}
];
settings = {
PasswordAuthentication = false;
@@ -77,6 +89,19 @@ in
path = "${authorizedKeysPath}/alex.pinwheel-backwards.pub";
};
"alex.backwards-git.ppp.pm" = {
file = ../../../../secrets/backwards/alex.backwards-git.ppp.pm.age;
path = "/home/alex/.ssh/alex.backwards-git.ppp.pm";
owner = "alex";
group = "users";
};
"alex.backwards-git.ppp.pm.pub" = {
file = ../../../../secrets/backwards/alex.backwards-git.ppp.pm.pub.age;
path = "/home/alex/.ssh/alex.backwards-git.ppp.pm.pub";
owner = "alex";
group = "users";
};
"alex.backwards-codeberg.org" = {
file = ../../../../secrets/backwards/alex.backwards-codeberg.org.age;
path = "/home/alex/.ssh/alex.backwards-codeberg.org";
hosts/backwards/modules/syncthing/default.nix
+4 -1
View File
@@ -39,7 +39,10 @@ in
folders = {
org = {
path = "/home/alex/sync/org";
devices = [ "phone" "pinwheel" ];
devices = [
"phone"
"pinwheel"
];
versioning = {
type = "staggered";
params = {
hosts/backwards/modules/transmission/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.transmission.enable;
in
hosts/pinwheel/configuration.nix
+11 -9
View File
@@ -1,15 +1,17 @@
{ pkgs, ... }:
{
imports =
[
../../config-manager/default.nix
../../nix-wrapper/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
imports = [
../../config-manager/default.nix
../../nix-wrapper/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
users.users.alex = {
hosts/pinwheel/hardware-configuration.nix
+24 -13
View File
@@ -1,29 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
{
config,
lib,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/9c3ef2ad-0244-4310-9984-2e548ced3e22";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/9c3ef2ad-0244-4310-9984-2e548ced3e22";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-f569d036-e500-4839-bc78-ce4b032840d8".device = "/dev/disk/by-uuid/f569d036-e500-4839-bc78-ce4b032840d8";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/FCAE-6849";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/FCAE-6849";
fsType = "vfat";
};
swapDevices = [ ];
hosts/pinwheel/home.nix
-1
View File
@@ -22,7 +22,6 @@
pkgs.htop
pkgs.onlyoffice-bin
pkgs.wdisplays
pkgs.postman
];
home.stateVersion = "23.05";
hosts/pinwheel/modules/bemenu/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
hosts/pinwheel/modules/bluetooth/default.nix
+73 -58
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.bluetooth.enable;
in
@@ -37,77 +42,87 @@ in
threshold = "30";
};
in
{
timers =
let
mkTimer = device: {
name = "notify-low-battery-for-${device.name}";
{
timers =
let
mkTimer = device: {
name = "notify-low-battery-for-${device.name}";
value = {
unitConfig = {
Description = "notify-battery-low timer for '${device.name}'";
};
value = {
unitConfig = {
Description = "notify-battery-low timer for '${device.name}'";
};
wantedBy = [ "timers.target" ];
wantedBy = [ "timers.target" ];
timerConfig = {
Unit = "notify-low-battery-for-${device.name}.service";
OnCalendar = "*-*-* *:00:00"; # Every hour
Persistent = true;
};
timerConfig = {
Unit = "notify-low-battery-for-${device.name}.service";
OnCalendar = "*-*-* *:00:00"; # Every hour
Persistent = true;
};
};
in
builtins.listToAttrs (builtins.map mkTimer [ trackpad headphones ]);
};
in
builtins.listToAttrs (
builtins.map mkTimer [
trackpad
headphones
]
);
services =
let
mkService = device: {
name = "notify-low-battery-for-${device.name}";
services =
let
mkService = device: {
name = "notify-low-battery-for-${device.name}";
value = {
unitConfig = {
Description = "check battery level of '${device.name}'";
};
value = {
unitConfig = {
Description = "check battery level of '${device.name}'";
};
wantedBy = [ "default.target" ];
serviceConfig = {
Type = "exec";
};
wantedBy = [ "default.target" ];
serviceConfig = {
Type = "exec";
};
path = [
pkgs.upower
pkgs.gawk
pkgs.bc
pkgs.libnotify
];
path = [
pkgs.upower
pkgs.gawk
pkgs.bc
pkgs.libnotify
];
script = ''
CONNECTED=$(upower --show-info /org/freedesktop/UPower/devices/${device.id} | grep native-path | awk '{print $2}')
[ "$CONNECTED" == "(null)" ] && exit 0
script = ''
CONNECTED=$(upower --show-info /org/freedesktop/UPower/devices/${device.id} | grep native-path | awk '{print $2}')
[ "$CONNECTED" == "(null)" ] && exit 0
CHECKING="/tmp/checking-dismiss-low-battery-${device.id}"
[ ! -f "$CHECKING" ] && touch $CHECKING || exit 0
CHECKING="/tmp/checking-dismiss-low-battery-${device.id}"
[ ! -f "$CHECKING" ] && touch $CHECKING || exit 0
DISMISSED="/tmp/dismiss-low-battery-${device.id}"
PERCENT=$(upower --show-info /org/freedesktop/UPower/devices/${device.id} | grep percentage | grep -o '[0-9]*')
if (( $(echo "$PERCENT < ${device.threshold}" | bc) )); then
echo "'${device.name}' is under threshold. battery = $PERCENT% - threshold = ${device.threshold}%"
if [ ! -f "$DISMISSED" ]; then
DISMISS=$(notify-send --expire-time 0 "Low battery" "${device.name} has $PERCENT% battery" --action=dismiss=Dismiss)
[ "$DISMISS" == "dismiss" ] && touch $DISMISSED && echo "'${device.name}' dismissed"
fi
else
echo "'${device.name}' is over threshold. battery = $PERCENT% - threshold = ${device.threshold}%"
[ -f "$DISMISSED" ] && rm $DISMISSED && echo "'${device.name}' undismissed"
DISMISSED="/tmp/dismiss-low-battery-${device.id}"
PERCENT=$(upower --show-info /org/freedesktop/UPower/devices/${device.id} | grep percentage | grep -o '[0-9]*')
if (( $(echo "$PERCENT < ${device.threshold}" | bc) )); then
echo "'${device.name}' is under threshold. battery = $PERCENT% - threshold = ${device.threshold}%"
if [ ! -f "$DISMISSED" ]; then
DISMISS=$(notify-send --expire-time 0 "Low battery" "${device.name} has $PERCENT% battery" --action=dismiss=Dismiss)
[ "$DISMISS" == "dismiss" ] && touch $DISMISSED && echo "'${device.name}' dismissed"
fi
else
echo "'${device.name}' is over threshold. battery = $PERCENT% - threshold = ${device.threshold}%"
[ -f "$DISMISSED" ] && rm $DISMISSED && echo "'${device.name}' undismissed"
fi
rm $CHECKING
'';
};
rm $CHECKING
'';
};
in
builtins.listToAttrs (builtins.map mkService [ trackpad headphones ]);
};
};
in
builtins.listToAttrs (
builtins.map mkService [
trackpad
headphones
]
);
};
};
}
hosts/pinwheel/modules/boot/default.nix
+7 -1
View File
@@ -1,4 +1,10 @@
{ inputs, pkgs, lib, config, ... }:
{
inputs,
pkgs,
lib,
config,
...
}:
let
configurationLimit = config.mod.gc.configurationLimit;
in
hosts/pinwheel/modules/c/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.c.enable;
in
hosts/pinwheel/modules/chromium/default.nix
+1 -1
View File
@@ -1,6 +1,6 @@
{ pkgs, ... }:
{
home-manager.users.alex= {
home-manager.users.alex = {
home.packages = [ pkgs.ungoogled-chromium ];
};
hosts/pinwheel/modules/containers/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
dockerEnabled = config.mod.containers.docker.enable;
podmanEnabled = config.mod.containers.podman.enable;
hosts/pinwheel/modules/direnv/default.nix
-1
View File
@@ -9,7 +9,6 @@ in
nix-direnv.enable = true;
};
programs.direnv.enableZshIntegration = lib.mkIf zshEnabled true;
};
}
hosts/pinwheel/modules/emacs/config.nix
+3 -3
View File
@@ -1,5 +1,5 @@
{ emacs, runCommand, ... }:
runCommand "default.el" {} ''
{ emacs, runCommand, ... }:
runCommand "default.el" { } ''
cp ${./config.org} $TMPDIR/config.org
cd $TMPDIR
${emacs}/bin/emacs --batch -Q \
@@ -7,4 +7,4 @@ runCommand "default.el" {} ''
-f org-babel-tangle
mv config.el $out
''
''
hosts/pinwheel/modules/emacs/config.org
+9 -2
View File
@@ -498,8 +498,9 @@ Setup prefix for keybindings.
)
(defun alex/format-on-save ()
(add-hook 'before-save-hook #'eglot-format-buffer -10 t)
)
(let ((excluded-files '("secrets.nix")))
(unless (member (file-name-nondirectory buffer-file-name) excluded-files)
(add-hook 'before-save-hook #'eglot-format-buffer -10 t))))
(use-package eglot
:config
@@ -507,6 +508,9 @@ Setup prefix for keybindings.
'(scala-mode .
("metals" :initializationOptions (:isHttpEnabled t))))
(add-to-list 'eglot-server-programs
'(nix-mode . ("nixd")))
(setq-default eglot-workspace-configuration
'(
:metals (
@@ -521,7 +525,10 @@ Setup prefix for keybindings.
(go-mode . alex/format-on-save)
(c-mode . eglot-ensure)
(nix-mode . eglot-ensure)
(nix-mode . alex/format-on-save)
(javascript-mode . eglot-ensure)
(js-mode . eglot-ensure)
(js-jsx-mode . eglot-ensure)
hosts/pinwheel/modules/emacs/default.nix
+5 -4
View File
@@ -3,7 +3,7 @@ let
emacs = pkgs.emacsWithPackagesFromUsePackage {
package = pkgs.emacs-unstable;
config = ./config.org;
defaultInitFile = pkgs.callPackage ./config.nix {};
defaultInitFile = pkgs.callPackage ./config.nix { };
alwaysEnsure = true;
alwaysTangle = true;
@@ -40,9 +40,9 @@ in
home-manager.users.alex = {
home.sessionVariables = {
EDITOR = "${e}/bin/e $@";
VISUAL = "${e}/bin/e $@";
TIG_EDITOR = "${e}/bin/e $@";
EDITOR = "${e}/bin/e $@";
VISUAL = "${e}/bin/e $@";
TIG_EDITOR = "${e}/bin/e $@";
};
home.packages = [
@@ -51,6 +51,7 @@ in
emacs
pkgs.wl-clipboard
pkgs.emacs-lsp-booster
pkgs.nixd
];
};
hosts/pinwheel/modules/firefox/default.nix
+6 -4
View File
@@ -59,7 +59,7 @@ in
name = "alex";
isDefault = true;
settings = sharedSettings // {};
settings = sharedSettings // { };
};
work = {
@@ -109,12 +109,14 @@ in
configFile."mimeapps.list".force = true;
};
home.packages = [ ff ff-alex ];
home.packages = [
ff
ff-alex
];
};
environment.variables = {
MOZ_ENABLE_WAYLAND=1;
MOZ_ENABLE_WAYLAND = 1;
BROWSER = "${ff-alex}/bin/ff-alex $@";
};
}
hosts/pinwheel/modules/foot/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.foot.enable;
hosts/pinwheel/modules/git/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.git.enable;
in
hosts/pinwheel/modules/go/default.nix
+19 -14
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.go.enable;
in
@@ -10,19 +15,19 @@ in
};
config = lib.mkIf enabled {
nixpkgs.overlays = let
buildGo122 = pkgs: pkg:
pkg.override { buildGoModule = pkgs.buildGo122Module; };
in
[
(final: prev: {
go = prev.go_1_22;
gopls = buildGo122 prev prev.gopls;
go-tools = buildGo122 prev prev.go-tools;
govulncheck = buildGo122 prev prev.govulncheck;
gotestsum = buildGo122 prev prev.gotestsum;
})
];
nixpkgs.overlays =
let
buildGo122 = pkgs: pkg: pkg.override { buildGoModule = pkgs.buildGo122Module; };
in
[
(final: prev: {
go = prev.go_1_22;
gopls = buildGo122 prev prev.gopls;
go-tools = buildGo122 prev prev.go-tools;
govulncheck = buildGo122 prev prev.govulncheck;
gotestsum = buildGo122 prev prev.gotestsum;
})
];
home-manager.users.alex = {
programs.go = {
hosts/pinwheel/modules/greetd/default.nix
+14 -8
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.greetd.enable;
in
@@ -13,16 +18,17 @@ in
services.greetd = {
enable = true;
settings = let
session = {
user = "alex";
command = "${pkgs.hyprland}/bin/Hyprland";
};
in
settings =
let
session = {
user = "alex";
command = "${pkgs.hyprland}/bin/Hyprland";
};
in
{
initial_session = session;
default_session = session;
};
};
};
};
}
hosts/pinwheel/modules/hyprland/default.nix
+98 -84
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.hyprland.enable;
in
@@ -55,7 +60,7 @@ in
# 2 - Cursor focus will be detached from keyboard focus. Clicking on a window will move keyboard focus to that window.
follow_mouse = 2;
sensitivity = 0.30;
sensitivity = 0.3;
touchpad = {
natural_scroll = false;
tap-and-drag = false;
@@ -70,7 +75,7 @@ in
general = {
layout = "dwindle";
gaps_in = 0; # gaps between windows
gaps_in = 0; # gaps between windows
gaps_out = 0; # gaps between windows and monitor edges
"col.active_border" = "rgba(${config.lib.colors.foreground}ff)";
@@ -82,54 +87,59 @@ in
no_gaps_when_only = 1;
};
bind = let
ws = x:
let n = if (x + 1) < 10
then (x + 1)
else 0;
in
bind =
let
ws =
x:
let
n = if (x + 1) < 10 then (x + 1) else 0;
in
builtins.toString n;
select = builtins.genList (x: "$mod, ${ws x}, workspace, ${builtins.toString (x + 1)}") 10;
move = builtins.genList (x: "$mod SHIFT, ${ws x}, movetoworkspacesilent, ${builtins.toString (x + 1)}") 10;
select = builtins.genList (x: "$mod, ${ws x}, workspace, ${builtins.toString (x + 1)}") 10;
move = builtins.genList (
x: "$mod SHIFT, ${ws x}, movetoworkspacesilent, ${builtins.toString (x + 1)}"
) 10;
magnifier = pkgs.writeShellScript "magnifier" ''
CURRENT=$(${pkgs.hyprland}/bin/hyprctl getoption cursor:zoom_factor -j | ${pkgs.jq}/bin/jq .float)
DELTA=0.1
magnifier = pkgs.writeShellScript "magnifier" ''
CURRENT=$(${pkgs.hyprland}/bin/hyprctl getoption cursor:zoom_factor -j | ${pkgs.jq}/bin/jq .float)
DELTA=0.1
UPDATED=1
case $1 in
--increase)
UPDATED=$(echo $CURRENT + $DELTA | ${pkgs.bc}/bin/bc) ;;
--decrease)
UPDATED=$(echo $CURRENT - $DELTA | ${pkgs.bc}/bin/bc) ;;
--reset)
UPDATED=1
esac
UPDATED=1
case $1 in
--increase)
UPDATED=$(echo $CURRENT + $DELTA | ${pkgs.bc}/bin/bc) ;;
--decrease)
UPDATED=$(echo $CURRENT - $DELTA | ${pkgs.bc}/bin/bc) ;;
--reset)
UPDATED=1
esac
if (( $(echo "$UPDATED < 1" | bc) )); then UPDATED=1; fi
${pkgs.hyprland}/bin/hyprctl keyword cursor:zoom_factor $UPDATED
'';
in
select ++ move ++ [
"$mod, ESCAPE, killactive"
if (( $(echo "$UPDATED < 1" | bc) )); then UPDATED=1; fi
${pkgs.hyprland}/bin/hyprctl keyword cursor:zoom_factor $UPDATED
'';
in
select
++ move
++ [
"$mod, ESCAPE, killactive"
"$mod, f, fullscreen, 1"
"$mod SHIFT, f, togglefloating, active"
"$mod, f, fullscreen, 1"
"$mod SHIFT, f, togglefloating, active"
"$mod, h, movefocus, l"
"$mod, j, movefocus, d"
"$mod, k, movefocus, u"
"$mod, l, movefocus, r"
"$mod, h, movefocus, l"
"$mod, j, movefocus, d"
"$mod, k, movefocus, u"
"$mod, l, movefocus, r"
"$mod CONTROL, 1, exec, ${magnifier} --increase"
"$mod CONTROL, 2, exec, ${magnifier} --decrease"
"$mod CONTROL, 3, exec, ${magnifier} --reset"
];
"$mod CONTROL, 1, exec, ${magnifier} --increase"
"$mod CONTROL, 2, exec, ${magnifier} --decrease"
"$mod CONTROL, 3, exec, ${magnifier} --reset"
];
bindm = [
# mouse movements
"$mod, mouse:272, movewindow" # left click
"$mod, mouse:272, movewindow" # left click
"$mod, mouse:273, resizewindow" # right click
];
@@ -183,62 +193,66 @@ in
pkgs.libnotify
];
script = let
moveWSToMonitor = monitor: first: last:
if last < first
then throw "'first' has to be less than or equal to 'last'"
else
builtins.genList (n: "dispatch moveworkspacetomonitor ${builtins.toString (first + n)} ${monitor}") (last - first + 1);
script =
let
moveWSToMonitor =
monitor: first: last:
if last < first then
throw "'first' has to be less than or equal to 'last'"
else
builtins.genList (
n: "dispatch moveworkspacetomonitor ${builtins.toString (first + n)} ${monitor}"
) (last - first + 1);
external = moveWSToMonitor "HDMI-A-1" 1 5;
internal = moveWSToMonitor "eDPI-1" 6 10;
onlyInternal = moveWSToMonitor "eDPI-1" 1 10;
in
''
update() {
HDMI_STATUS=$(cat /sys/class/drm/card1-HDMI-A-1/status)
external = moveWSToMonitor "HDMI-A-1" 1 5;
internal = moveWSToMonitor "eDPI-1" 6 10;
onlyInternal = moveWSToMonitor "eDPI-1" 1 10;
in
''
update() {
HDMI_STATUS=$(cat /sys/class/drm/card1-HDMI-A-1/status)
INTERNAL_WIDTH=1920
INTERNAL_HEIGHT=1200
INTERNAL_WIDTH=1920
INTERNAL_HEIGHT=1200
if [ $HDMI_STATUS = "connected" ]; then
notify-send "Using external and laptop monitor"
if [ $HDMI_STATUS = "connected" ]; then
notify-send "Using external and laptop monitor"
hyprctl keyword monitor HDMI-A-1,preferred,0x0,1
hyprctl keyword monitor HDMI-A-1,preferred,0x0,1
HDMI=$(hyprctl monitors -j | jq '.[] | select(.name=="HDMI-A-1")')
HDMI_WIDTH=$(echo $HDMI | jq .width)
HDMI_HEIGHT=$(echo $HDMI | jq .height)
HDMI=$(hyprctl monitors -j | jq '.[] | select(.name=="HDMI-A-1")')
HDMI_WIDTH=$(echo $HDMI | jq .width)
HDMI_HEIGHT=$(echo $HDMI | jq .height)
INTERNAL_POS_X=$(echo "($HDMI_WIDTH - $INTERNAL_WIDTH) / 2" | bc)
if (( $(echo "$INTERNAL_POS_X < 0" | bc) )); then INTERNAL_POS_X=0; fi
INTERNAL_POS_Y=$HDMI_HEIGHT
INTERNAL_POS_X=$(echo "($HDMI_WIDTH - $INTERNAL_WIDTH) / 2" | bc)
if (( $(echo "$INTERNAL_POS_X < 0" | bc) )); then INTERNAL_POS_X=0; fi
INTERNAL_POS_Y=$HDMI_HEIGHT
hyprctl keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,$INTERNAL_POS_X"x"$INTERNAL_POS_Y,1
hyprctl --batch "${lib.strings.concatStringsSep ";" (external ++ internal)}"
else
notify-send "Using only laptop monitor"
hyprctl keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,$INTERNAL_POS_X"x"$INTERNAL_POS_Y,1
hyprctl --batch "${lib.strings.concatStringsSep ";" (external ++ internal)}"
else
notify-send "Using only laptop monitor"
hyprctl --batch "keyword monitor HDMI-A,disable; keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,0x0,1"
hyprctl --batch "${lib.strings.concatStringsSep ";" onlyInternal}"
fi
}
hyprctl --batch "keyword monitor HDMI-A,disable; keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,0x0,1"
hyprctl --batch "${lib.strings.concatStringsSep ";" onlyInternal}"
fi
}
handle() {
case $1 in
monitoradded\>\>*|monitorremoved\>\>*)
echo "handling event: \"$1\""
update ;;
esac
}
handle() {
case $1 in
monitoradded\>\>*|monitorremoved\>\>*)
echo "handling event: \"$1\""
update ;;
esac
}
echo "Starting service with instance \"$HYPRLAND_INSTANCE_SIGNATURE\""
echo "Starting service with instance \"$HYPRLAND_INSTANCE_SIGNATURE\""
# Do initial configuration
update
# Do initial configuration
update
socat -U - UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock | while read -r line; do handle "$line"; done
'';
socat -U - UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock | while read -r line; do handle "$line"; done
'';
};
};
}
hosts/pinwheel/modules/javascript/default.nix
+1 -1
View File
@@ -1,4 +1,4 @@
{ pkgs, ...}:
{ pkgs, ... }:
{
home-manager.users.alex = {
home.packages = [ pkgs.nodePackages.typescript-language-server ];
hosts/pinwheel/modules/keyboard/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.keyboard.enable;
in
hosts/pinwheel/modules/light/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
in
hosts/pinwheel/modules/mullvad/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.mullvad.enable;
in
hosts/pinwheel/modules/nix/default.nix
+1 -1
View File
@@ -2,7 +2,7 @@
{
home-manager.users.alex = {
home.packages = [
pkgs.nil
pkgs.nixfmt-rfc-style
pkgs.nix-tree
];
};
hosts/pinwheel/modules/openvpn/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.openvpn.enable;
in
hosts/pinwheel/modules/physlock/default.nix
+11 -6
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.physlock.enable;
hyprlandEnabled = config.mod.hyprland.enable;
@@ -31,11 +36,11 @@ in
let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
in
[
# will lock the screen with `physlock`, see `lockOn.suspend
"$mod SHIFT, x, exec, ${pause-music}; systemctl suspend"
"$mod, x, exec, ${pause-music}; ${config.security.wrapperDir}/physlock -d -s -m"
];
[
# will lock the screen with `physlock`, see `lockOn.suspend
"$mod SHIFT, x, exec, ${pause-music}; systemctl suspend"
"$mod, x, exec, ${pause-music}; ${config.security.wrapperDir}/physlock -d -s -m"
];
};
};
};
hosts/pinwheel/modules/power/default.nix
+31 -24
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.power.enable;
lowbat = config.mod.lowbat;
@@ -39,8 +44,8 @@ in
enable = true;
settings = {
START_CHARGE_THRESH_BAT0=75;
STOP_CHARGE_THRESH_BAT0=80;
START_CHARGE_THRESH_BAT0 = 75;
STOP_CHARGE_THRESH_BAT0 = 80;
};
};
};
@@ -58,7 +63,7 @@ in
Persistent = true;
};
wantedBy = ["timers.target"];
wantedBy = [ "timers.target" ];
};
};
@@ -78,28 +83,30 @@ in
pkgs.swaylock
];
script = let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
in ''
BATTERY_CAPACITY=$(cat /sys/class/power_supply/${lowbat.battery}/capacity)
BATTERY_STATUS=$(cat /sys/class/power_supply/${lowbat.battery}/status)
echo "Battery capacity: $BATTERY_CAPACITY"
echo "Battery status: $BATTERY_STATUS"
if [[ $BATTERY_CAPACITY -le ${builtins.toString lowbat.notifyCapacity} && $BATTERY_STATUS = "Discharging" ]]; then
notify-send --expire-time=0 --urgency=critical "Battery Low"
fi
if [[ $BATTERY_CAPACITY -le ${builtins.toString lowbat.suspendCapacity} && $BATTERY_STATUS = "Discharging" ]]; then
notify-send --expire-time=0 --urgency=critical "Battery Critically Low" "Suspending in 60 seconds if power is not plugged in"
sleep 60s
script =
let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
in
''
BATTERY_CAPACITY=$(cat /sys/class/power_supply/${lowbat.battery}/capacity)
BATTERY_STATUS=$(cat /sys/class/power_supply/${lowbat.battery}/status)
if [[ $BATTERY_STATUS = "Discharging" ]]; then
${pause-music}; ${pkgs.swaylock}/bin/swaylock -f; systemctl suspend
echo "Battery capacity: $BATTERY_CAPACITY"
echo "Battery status: $BATTERY_STATUS"
if [[ $BATTERY_CAPACITY -le ${builtins.toString lowbat.notifyCapacity} && $BATTERY_STATUS = "Discharging" ]]; then
notify-send --expire-time=0 --urgency=critical "Battery Low"
fi
fi
'';
if [[ $BATTERY_CAPACITY -le ${builtins.toString lowbat.suspendCapacity} && $BATTERY_STATUS = "Discharging" ]]; then
notify-send --expire-time=0 --urgency=critical "Battery Critically Low" "Suspending in 60 seconds if power is not plugged in"
sleep 60s
BATTERY_STATUS=$(cat /sys/class/power_supply/${lowbat.battery}/status)
if [[ $BATTERY_STATUS = "Discharging" ]]; then
${pause-music}; ${pkgs.swaylock}/bin/swaylock -f; systemctl suspend
fi
fi
'';
};
};
};
hosts/pinwheel/modules/python/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.python.enable;
in
hosts/pinwheel/modules/rust/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.rust.enable;
in
hosts/pinwheel/modules/scala/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.scala.enable;
hosts/pinwheel/modules/screenshot/default.nix
+7 -1
View File
@@ -1,4 +1,10 @@
{ inputs, pkgs, lib, config, ...}:
{
inputs,
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
hosts/pinwheel/modules/scripts/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.scripts.enable;
hosts/pinwheel/modules/sound/default.nix
+25 -18
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
in
@@ -20,24 +25,26 @@ in
home-manager.users.alex = {
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = {
bind = let
toggle-output-mute = pkgs.writeShellScript "toggle-output-mute" ''
${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SINK@ | grep MUTED | wc -l)
echo $MUTED > /sys/class/leds/platform::mute/brightness
'';
bind =
let
toggle-output-mute = pkgs.writeShellScript "toggle-output-mute" ''
${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SINK@ | grep MUTED | wc -l)
echo $MUTED > /sys/class/leds/platform::mute/brightness
'';
toggle-input-mute = pkgs.writeShellScript "toggle-input-mute" ''
${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SOURCE@ | grep MUTED | wc -l)
echo $MUTED > /sys/class/leds/platform::micmute/brightness
'';
in [
", XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 2%+"
", XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
", XF86AudioMute, exec, ${toggle-output-mute}"
", XF86AudioMicMute, exec, ${toggle-input-mute}"
];
toggle-input-mute = pkgs.writeShellScript "toggle-input-mute" ''
${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SOURCE@ | grep MUTED | wc -l)
echo $MUTED > /sys/class/leds/platform::micmute/brightness
'';
in
[
", XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 2%+"
", XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
", XF86AudioMute, exec, ${toggle-output-mute}"
", XF86AudioMicMute, exec, ${toggle-input-mute}"
];
};
};
hosts/pinwheel/modules/spotify/default.nix
+20 -13
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
in
@@ -6,19 +11,21 @@ in
home-manager.users.alex = {
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = {
bind = let
prev = "${pkgs.playerctl}/bin/playerctl -p spotify previous";
next = "${pkgs.playerctl}/bin/playerctl -p spotify next";
in [
", XF86AudioPrev, exec, ${prev}"
", XF86AudioNext, exec, ${next}"
", XF86AudioPlay, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
", XF86AudioPause, exec, ${pkgs.playerctl}/bin/playerctl -p spoitfy play-pause"
bind =
let
prev = "${pkgs.playerctl}/bin/playerctl -p spotify previous";
next = "${pkgs.playerctl}/bin/playerctl -p spotify next";
in
[
", XF86AudioPrev, exec, ${prev}"
", XF86AudioNext, exec, ${next}"
", XF86AudioPlay, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
", XF86AudioPause, exec, ${pkgs.playerctl}/bin/playerctl -p spoitfy play-pause"
"$mod ALT, LEFT, exec, ${prev}"
"$mod ALT, RIGHT, exec, ${next}"
"$mod ALT, DOWN, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
];
"$mod ALT, LEFT, exec, ${prev}"
"$mod ALT, RIGHT, exec, ${next}"
"$mod ALT, DOWN, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
];
};
};
hosts/pinwheel/modules/ssh/default.nix
+6 -30
View File
@@ -12,20 +12,6 @@
port = 1122;
};
"sombrero.local" = {
hostname = "192.168.50.200";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-sombrero";
port = 1122;
};
"sombrero" = {
hostname = "sombrero.a2x.se";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-sombrero";
port = 1122;
};
"andromeda" = {
hostname = "andromeda.a2x.se";
user = "alex";
@@ -72,18 +58,6 @@
owner = "alex";
group = "users";
};
"alex.pinwheel-sombrero" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-sombrero.age;
path = "/home/alex/.ssh/alex.pinwheel-sombrero";
owner = "alex";
group = "users";
};
"alex.pinwheel-sombrero.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-sombrero.pub.age;
path = "/home/alex/.ssh/alex.pinwheel-sombrero.pub";
owner = "alex";
group = "users";
};
"alex.pinwheel-github.com" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-github.com.age;
@@ -155,9 +129,11 @@
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "/etc/ssh/pinwheel";
type = "ed25519";
}];
hostKeys = [
{
path = "/etc/ssh/pinwheel";
type = "ed25519";
}
];
};
}
hosts/pinwheel/modules/swaylock/default.nix
+17 -11
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.swaylock.enable;
hyprlandEnabled = config.mod.hyprland.enable;
@@ -30,18 +35,19 @@ in
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = {
bind = let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
bind =
let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
dpmsTimeout = config.mod.swaylock.dpmsTimeout;
dpms-lock = pkgs.writeShellScript "dpms-lock" ''
${pkgs.swayidle}/bin/swayidle \
timeout ${dpmsTimeout} "${pkgs.hyprland}/bin/hyprctl dispatch dpms off" \
resume "${pkgs.hyprland}/bin/hyprctl dispatch dpms on" &
dpmsTimeout = config.mod.swaylock.dpmsTimeout;
dpms-lock = pkgs.writeShellScript "dpms-lock" ''
${pkgs.swayidle}/bin/swayidle \
timeout ${dpmsTimeout} "${pkgs.hyprland}/bin/hyprctl dispatch dpms off" \
resume "${pkgs.hyprland}/bin/hyprctl dispatch dpms on" &
${pkgs.swaylock}/bin/swaylock && ${pkgs.procps}/bin/pkill swayidle
'';
in
${pkgs.swaylock}/bin/swaylock && ${pkgs.procps}/bin/pkill swayidle
'';
in
[
"$mod, x, exec, ${pause-music}; ${dpms-lock}"
"$mod SHIFT, x, exec, ${pause-music}; ${pkgs.swaylock}/bin/swaylock -f; systemctl suspend"
hosts/pinwheel/modules/syncthing/default.nix
+7 -5
View File
@@ -16,13 +16,15 @@
devices = {
phone.id = config.lib.syncthing.phone;
backwards.id = config.lib.syncthing.backwards;
sombrero.id = config.lib.syncthing.sombrero;
};
folders = {
org = {
path = "/home/alex/sync/org";
devices = [ "sombrero" "phone" "backwards" ];
devices = [
"phone"
"backwards"
];
versioning = {
type = "staggered";
params = {
@@ -33,7 +35,7 @@
personal = {
path = "/home/alex/sync/personal";
devices = [ "sombrero" "backwards" ];
devices = [ "backwards" ];
versioning = {
type = "staggered";
params = {
@@ -44,7 +46,7 @@
work = {
path = "/home/alex/sync/work";
devices = [ "sombrero" "backwards" ];
devices = [ "backwards" ];
versioning = {
type = "staggered";
params = {
@@ -55,7 +57,7 @@
books = {
path = "/home/alex/sync/books";
devices = [ "sombrero" "backwards" ];
devices = [ "backwards" ];
versioning = {
type = "staggered";
params = {
hosts/pinwheel/modules/terraform/default.nix
+1 -1
View File
@@ -1,4 +1,4 @@
{ pkgs, ...}:
{ pkgs, ... }:
{
home-manager.users.alex = {
home.packages = [
hosts/pinwheel/modules/vm/default.nix
+8 -3
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.vm.enable;
in
@@ -26,8 +31,8 @@ in
home-manager.users.alex = {
dconf.settings = {
"org/virt-manager/virt-manager/connections" = {
autoconnect = ["qemu:///system"];
uris = ["qemu:///system"];
autoconnect = [ "qemu:///system" ];
uris = [ "qemu:///system" ];
};
};
};
hosts/pinwheel/modules/waybar/default.nix
+15 -3
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
@@ -194,8 +199,15 @@ in
"interval" = 60;
"format" = "<span font='10' rise='1000'>{icon}</span> {capacity}%";
"format-time" = "{H}h {M}min";
"format-charging" ="󰂄 {capacity}%";
"format-icons" = ["󰁺" "󰁻" "󰁽" "󰁿" "󰂁" "󰁹" ];
"format-charging" = "󰂄 {capacity}%";
"format-icons" = [
"󰁺"
"󰁻"
"󰁽"
"󰁿"
"󰂁"
"󰁹"
];
};
"clock" = {
hosts/pinwheel/modules/wezterm/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.wezterm.enable;
hosts/pinwheel/modules/work/default.nix
+16 -7
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
gitEnabled = config.mod.git.enable;
goEnabled = config.mod.go.enable;
@@ -7,21 +12,25 @@ in
{
home-manager.users.alex = {
home.sessionVariables = {
GITHUB_ACTOR="Alexander Heldt";
GITHUB_TOKEN="$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})";
GITHUB_ACTOR = "Alexander Heldt";
GITHUB_TOKEN = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})";
};
home.packages = [
(pkgs.callPackage ./syb-cli.nix {})
(pkgs.callPackage ./pants.nix {})
(pkgs.callPackage ./syb-cli.nix { })
(pkgs.jetbrains.plugins.addPlugins pkgs.jetbrains.idea-ultimate [ "ideavim" ])
(pkgs.google-cloud-sdk.withExtraComponents [ pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin ])
(pkgs.graphite-cli.overrideAttrs(_: {
(pkgs.google-cloud-sdk.withExtraComponents [
pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin
])
(pkgs.graphite-cli.overrideAttrs (_: {
version = "1.4.3";
}))
pkgs.xdg-utils # needed by graphite-cli
pkgs.postman
pkgs.grpcurl
# for `radio`
pkgs.go-mockery
pkgs.golangci-lint
hosts/pinwheel/modules/work/pants.nix
-47
View File
@@ -1,47 +0,0 @@
{
fetchurl,
pkgs,
lib,
}:
let
pname = "pants";
version = "0.12.0";
scie-pants = pkgs.stdenv.mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://github.com/pantsbuild/scie-pants/releases/download/v${version}/scie-${pname}-linux-x86_64";
hash = "sha256-9PjgobndxVqDTYGtw1HESrtzwzH2qE9zFwR26xtwZrM=";
};
phases = ["installPhase" "patchPhase"];
installPhase = ''
mkdir -p $out/bin
cp $src $out/bin/pants
chmod +x $out/bin/pants
'';
};
in
pkgs.buildFHSUserEnv {
name = "pants";
targetPackages = with pkgs; [
python39
];
runScript = "${scie-pants}/bin/pants";
profile = ''
export NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"
export SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt"
'';
meta = with lib; {
description = "Protects your Pants from the elements";
homepage = "https://github.com/pantsbuild/scie-pants";
license = licenses.asl20;
maintainers = [];
platforms = [ "x86_64-linux" ];
mainProgram = "pants";
};
}
hosts/pinwheel/modules/zsh/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.zsh.enable;
in
hosts/sombrero/configuration.nix
-79
View File
@@ -1,79 +0,0 @@
{ pkgs, ... }:
{
imports =
[
../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config.allowUnfree = true;
environment.variables.EDITOR = "vim";
hardware.enableRedistributableFirmware = true;
# Set your time zone.
time.timeZone = "Europe/Stockholm";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
users = {
mutableUsers = false;
users.root = {
hashedPassword = "$6$3mkwaUWd8NA6XuEb$x80tETKGz6FEG.kej3v5Vh6hRNoC6bikhXogTP.zZwYtISA46JaN3RMK3ckbqt8Aj52d3krSLOfBaAR1qzuJ2/";
};
users."alex" = {
isNormalUser = true;
hashedPassword = "$6$3mkwaUWd8NA6XuEb$x80tETKGz6FEG.kej3v5Vh6hRNoC6bikhXogTP.zZwYtISA46JaN3RMK3ckbqt8Aj52d3krSLOfBaAR1qzuJ2/";
extraGroups = [ "wheel" ];
};
};
environment.systemPackages = with pkgs; [
gnumake
mkpasswd
vim
];
config-manager = {
flakePath = "/home/alex/config";
};
mod = {
git.enable = true;
ssh.enable = true;
docker.enable = true;
nginx.enable = true;
syncthing.enable = true;
plex.enable = true;
calibre-web.enable = true;
transmission.enable = true;
restic.enable = true;
pppdotpm-site.enable = false;
};
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}
hosts/sombrero/hardware-configuration.nix
-52
View File
@@ -1,52 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ lib, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/15329cb1-655e-475d-96f0-bfb8ccd05167";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AD29-0697";
fsType = "vfat";
};
fileSystems."/home/alex/media" =
{ device = "/dev/disk/by-uuid/ad4acc0f-172c-40f8-8473-777c957e8764";
fsType = "ext4";
options = [ "nofail" ];
};
fileSystems."/home/alex/backup" =
{ device = "/dev/disk/by-uuid/34601701-65e6-4b2c-ac4d-8bef3dfd743f";
fsType = "ext4";
options = [ "nofail" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/98c46b15-7efe-43fd-8812-7e2c01f5a40a"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}
hosts/sombrero/home.nix
-25
View File
@@ -1,25 +0,0 @@
{ inputs, pkgs, ... }:
{
imports = [ inputs.home-manager.nixosModules.home-manager ];
config = {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.alex = {
programs.home-manager.enable = true;
home.username = "alex";
home.homeDirectory = "/home/alex";
home.packages = [
pkgs.unar
];
home.stateVersion = "22.11";
};
};
};
}
hosts/sombrero/modules/age/default.nix
-14
View File
@@ -1,14 +0,0 @@
{ inputs, pkgs, ... }:
{
imports = [ inputs.agenix.nixosModules.default ];
config = {
age = {
identityPaths = [ "/etc/ssh/sombrero" ];
};
environment.systemPackages = [
inputs.agenix.packages."${pkgs.system}".default
];
};
}
hosts/sombrero/modules/boot/default.nix
-25
View File
@@ -1,25 +0,0 @@
{ pkgs, ... }: {
boot = {
loader = {
grub.enable = false;
efi.canTouchEfiVariables = true;
raspberryPi = {
enable = true;
version = 4;
};
};
tmp = {
useTmpfs = true;
};
kernelPackages = pkgs.linuxPackages_rpi4;
kernelParams = [
"8250.nr_uarts=1"
"console=ttyAMA0,115200"
"console=tty1"
"cma=128M"
];
};
}
hosts/sombrero/modules/calibre-web/default.nix
-52
View File
@@ -1,52 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.calibre-web.enable;
nginxEnabled = config.mod.nginx.enable;
in
{
options = {
mod.calibre-web = {
enable = lib.mkEnableOption "add calibre-web module";
};
};
config = lib.mkIf (enabled && nginxEnabled) {
services = {
calibre-web = {
enable = true;
user = "alex";
group = "users";
listen = {
ip = "127.0.0.1";
port = 8083;
};
options = {
calibreLibrary = "/home/alex/backup/books";
enableBookUploading = true;
};
};
};
networking = {
firewall = {
allowedTCPPorts = [ 8083 ];
};
};
services = {
nginx = {
virtualHosts."books.sombrero.a2x.se" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8083";
};
};
};
};
};
}
hosts/sombrero/modules/default.nix
-8
View File
@@ -1,8 +0,0 @@
{ lib, ... }:
let
toModulePath = dir: _: ./. + "/${dir}";
filterDirs = dirs: lib.attrsets.filterAttrs (_: type: type == "directory") dirs;
in
{
imports = lib.mapAttrsToList toModulePath (filterDirs (builtins.readDir ./.));
}
hosts/sombrero/modules/docker/default.nix
-29
View File
@@ -1,29 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.docker.enable;
in
{
options = {
mod.docker = {
enable = lib.mkEnableOption "enable docker module";
};
};
config = lib.mkIf enabled {
virtualisation = {
docker = {
enable = true;
};
oci-containers = {
backend = "docker";
};
};
users.users.alex.extraGroups = [ "docker" ];
home-manager.users.alex = {
home.packages = [ pkgs.docker-compose ];
};
};
}
hosts/sombrero/modules/git/default.nix
-30
View File
@@ -1,30 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.git.enable;
in
{
options = {
mod.git = {
enable = lib.mkEnableOption "enable git module";
};
};
config = lib.mkIf enabled {
home-manager.users.alex = {
programs.git = {
enable = true;
includes = [
{ path = ./gitconfig; }
];
};
home.packages = [ pkgs.tig ];
home.file.".tigrc".text = ''
set main-view-line-number = yes
set main-view-line-number-interval = 1
'';
};
};
}
hosts/sombrero/modules/git/gitconfig
-10
View File
@@ -1,10 +0,0 @@
[user]
name = Alexander Heldt
email = me@alexanderheldt.se
[url "git@github.com:"]
insteadOf = https://github.com/
[url "git@codeberg.org:"]
insteadOf = https://codeberg.org/
hosts/sombrero/modules/mullvad/default.nix
-6
View File
@@ -1,6 +0,0 @@
{ ... }:
{
services.mullvad-vpn = {
enable = true;
};
}
hosts/sombrero/modules/network/default.nix
-18
View File
@@ -1,18 +0,0 @@
{
networking = {
hostName = "sombrero";
defaultGateway = "192.168.50.1";
nameservers = [ "8.8.8.8" ];
interfaces = {
eth0 = {
ipv4 = {
addresses = [{
address = "192.168.50.200";
prefixLength = 24;
}];
};
};
};
};
}
hosts/sombrero/modules/nginx/default.nix
-38
View File
@@ -1,38 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.nginx.enable;
in
{
options = {
mod.nginx = {
enable = lib.mkEnableOption "add nginx module";
};
};
config = lib.mkIf enabled {
security = {
acme = {
acceptTerms = true;
defaults = {
email = "p@ppp.pm";
};
};
};
services = {
nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
};
networking = {
firewall = {
allowedTCPPorts = [ 80 443 ];
};
};
};
}
hosts/sombrero/modules/plex/default.nix
-42
View File
@@ -1,42 +0,0 @@
{ lib, config, ... }:
let
enable = config.mod.plex.enable;
dockerEnabled = config.mod.docker.enable;
in
{
options = {
mod.plex = {
enable = lib.mkEnableOption "enable plex module";
};
};
config = lib.mkIf (enable && dockerEnabled) {
virtualisation = {
oci-containers.containers = {
plex = {
image = "linuxserver/plex";
autoStart = true;
environment = {
TZ = "Europe/Stockholm";
VERSION = "latest";
};
extraOptions = [ "--network=host" ];
volumes = [
"/home/alex/media/plex/db:/config"
"/home/alex/media/movies:/movies"
"/home/alex/media/tv:/tv"
];
};
};
};
networking = {
firewall = {
allowedTCPPorts = [ 32400 ];
};
};
};
}
hosts/sombrero/modules/ppp.pm-site/default.nix
-33
View File
@@ -1,33 +0,0 @@
{ inputs, lib, config, ... }:
let
enabled = config.mod.pppdotpm-site.enable;
nginxEnabled = config.mod.nginx.enable;
in
{
imports = [ inputs.pppdotpm-site.nixosModules.default ];
options = {
mod.pppdotpm-site = {
enable = lib.mkEnableOption "enable ppp.pm site";
};
};
config = lib.mkIf (enabled && nginxEnabled) {
security.acme = {
certs = {
"ppp.pm" = {
webroot = "/var/lib/acme/acme-challenge/";
email = "p@ppp.pm";
group = "nginx";
};
};
};
services.pppdotpm-site = {
enable = true;
domain = "ppp.pm";
useACMEHost = "ppp.pm";
};
};
}
hosts/sombrero/modules/restic/default.nix
-43
View File
@@ -1,43 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.restic.enable;
in
{
options = {
mod.restic = {
enable = lib.mkEnableOption "enable restic module";
};
};
config = lib.mkIf enabled {
services = {
restic.backups = {
"sync" = {
initialize = true;
user = "alex";
passwordFile = "/home/alex/backup/restic/password.file";
environmentFile = "/home/alex/backup/restic/aws.env";
repository = "s3:https://s3.eu-north-1.amazonaws.com/restic-sync-backup";
paths = ["/home/alex/backup/sync"];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
};
pruneOpts = [
"--keep-daily 2"
"--keep-weekly 7"
"--keep-yearly 12"
];
};
};
};
environment.systemPackages = [ pkgs.restic ];
};
}
hosts/sombrero/modules/ssh/default.nix
-102
View File
@@ -1,102 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.ssh.enable;
authorizedKeysPath = "/home/alex/.ssh/authorized-keys";
in
{
options = {
mod.ssh = {
enable = lib.mkEnableOption "enable ssh module";
};
};
config = lib.mkIf enabled {
home-manager.users.alex = {
programs.ssh = {
enable = true;
matchBlocks = {
"codeberg.org" = {
hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.sombrero-codeberg.org";
};
"github.com" = {
hostname = "github.com";
identityFile = "/home/alex/.ssh/alex.sombrero-github.com";
};
};
};
};
environment.etc."ssh/authorized_keys_command" = {
mode = "0755";
text = ''
#!${pkgs.bash}/bin/bash
for file in ${authorizedKeysPath}/*; do
${pkgs.coreutils}/bin/cat "$file"
done
'';
};
services = {
openssh = {
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "/etc/ssh/sombrero";
type = "ed25519";
}];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
authorizedKeysCommand = "/etc/ssh/authorized_keys_command";
authorizedKeysCommandUser = "root";
};
};
networking = {
firewall = {
allowedTCPPorts = [ 1122 ];
};
};
age.secrets = {
"alex.pinwheel-sombrero.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-sombrero.pub.age;
path = "${authorizedKeysPath}/alex.pinwheel-sombrero.pub";
};
"alex.sombrero-codeberg.org" = {
file = ../../../../secrets/sombrero/alex.sombrero-codeberg.org.age;
path = "/home/alex/.ssh/alex.sombrero-codeberg.org";
owner = "alex";
group = "users";
};
"alex.sombrero-codeberg.org.pub" = {
file = ../../../../secrets/sombrero/alex.sombrero-codeberg.org.pub.age;
path = "/home/alex/.ssh/alex.sombrero-codeberg.org.pub";
owner = "alex";
group = "users";
};
"alex.sombrero-github.com" = {
file = ../../../../secrets/sombrero/alex.sombrero-github.com.age;
path = "/home/alex/.ssh/alex.sombrero-github.com";
owner = "alex";
group = "users";
};
"alex.sombrero-github.com.pub" = {
file = ../../../../secrets/sombrero/alex.sombrero-github.com.pub.age;
path = "/home/alex/.ssh/alex.sombrero-github.com.pub";
owner = "alex";
group = "users";
};
};
};
}
hosts/sombrero/modules/syncthing/default.nix
-130
View File
@@ -1,130 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.syncthing.enable;
nginxEnabled = config.mod.nginx.enable;
in
{
options = {
mod.syncthing = {
enable = lib.mkEnableOption "add syncthing module";
};
};
config = lib.mkIf (enabled && nginxEnabled) {
networking = {
firewall = {
allowedTCPPorts = [ 8384 ];
};
};
services = {
syncthing = {
enable = true;
openDefaultPorts = true;
user = "alex";
group = "users";
dataDir = "/home/alex/backup/sync";
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
guiAddress = "0.0.0.0:8384";
settings = {
gui = {
user = "syncthing";
password = "$2a$12$J/h/JOUiW24ZXsLYLEl2kOZUS1LftxANi0OlZxLy8Dst3/jpBd0v2";
insecureSkipHostcheck = false;
};
devices = {
phone.id = config.lib.syncthing.phone;
pinwheel.id = config.lib.syncthing.pinwheel;
};
folders = {
"org" = {
path = "/home/alex/backup/sync/org";
devices = [ "phone" "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"phone-gps" = {
path = "/home/alex/backup/sync/gps";
devices = [ "phone" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"personal" = {
path = "/home/alex/backup/sync/personal";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"work" = {
path = "/home/alex/backup/sync/work";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"books" = {
path = "/home/alex/backup/books";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"audiobooks" = {
path = "/home/alex/media/sync/audiobooks";
devices = [ "phone" ];
};
};
};
};
nginx = {
virtualHosts."syncthing.sombrero.a2x.se" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://0.0.0.0:8384";
};
};
};
};
age = {
secrets = {
"syncthing-cert".file = ../../../../secrets/sombrero/syncthing-cert.age;
"syncthing-key".file = ../../../../secrets/sombrero/syncthing-key.age;
};
};
};
}
hosts/sombrero/modules/tailscale/default.nix
-9
View File
@@ -1,9 +0,0 @@
{ ... }:
{
services.tailscale.enable = true;
networking.firewall = {
checkReversePath = "loose";
allowedUDPPorts = [ 41641 ];
};
}
hosts/sombrero/modules/transmission/default.nix
-40
View File
@@ -1,40 +0,0 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.transmission.enable;
in
{
options = {
mod.transmission = {
enable = lib.mkEnableOption "enable transmission module";
};
};
config = lib.mkIf enabled {
services = {
transmission = {
enable = true;
package = pkgs.transmission_4;
openFirewall = true;
openRPCPort = true;
settings.rpc-port = 9191;
settings.rpc-bind-address = "0.0.0.0";
user = "alex";
group = "users";
home = "/home/alex/media/ts-home";
downloadDirPermissions = "775";
settings = {
incomplete-dir-enabled = false;
download-dir = "/home/alex/media";
rpc-authentication-required = true;
rpc-whitelist-enabled = false;
rpc-username = "transmission";
rpc-password = "{55d884e4042db67313da49e05d7089a368eb64b3Br.3X.Xi";
};
};
};
};
}
hosts/tadpole/configuration.nix
+10 -8
View File
@@ -1,20 +1,22 @@
{ pkgs, ... }:
{
imports =
[
../../config-manager/default.nix
./hardware-configuration.nix
./modules
];
imports = [
../../config-manager/default.nix
./hardware-configuration.nix
./modules
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
users.users.alex = {
isNormalUser = true;
extraGroups = [ "wheel" ];
packages = [];
packages = [ ];
};
environment.variables.EDITOR = "vim";
hosts/tadpole/hardware-configuration.nix
+25 -12
View File
@@ -1,26 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/7a2b1179-6582-4ef1-b094-0f11449373ed";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/7a2b1179-6582-4ef1-b094-0f11449373ed";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/aa0634e1-a1c2-4461-978a-cf1768f38b0c"; }
];
swapDevices = [
{ device = "/dev/disk/by-uuid/aa0634e1-a1c2-4461-978a-cf1768f38b0c"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
hosts/tadpole/home.nix
+1 -1
View File
@@ -17,7 +17,7 @@
pkgs.git
pkgs.tig
pkgs.vim
];
];
home.stateVersion = "24.05";
};
hosts/tadpole/modules/boot/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ inputs, lib, config, ... }:
{
inputs,
lib,
config,
...
}:
let
configurationLimit = config.mod.gc.configurationLimit;
in
hosts/tadpole/modules/gitea/default.nix
+36 -26
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
conf = config.mod.gitea;
gitDomain = "git.${conf.baseDomain}";
@@ -26,7 +31,7 @@ in
webfingerAccounts = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
default = [ ];
description = "The accounts that should be listed";
};
};
@@ -47,7 +52,7 @@ in
message = "There is no cert configured for ${conf.baseDomain} used by webfinger";
}
{
assertion = conf.webfingerEnable && conf.webfingerAccounts != [];
assertion = conf.webfingerEnable && conf.webfingerAccounts != [ ];
message = "Option 'mod.gitea.webfingerAccounts' cannot be empty";
}
];
@@ -81,38 +86,43 @@ in
services.nginx = {
virtualHosts."${conf.baseDomain}" =
let
mkWebfinger = account:
pkgs.writeTextDir (lib.escapeURL "acct:${account}") (lib.generators.toJSON {} {
subject = "acct:${account}";
links = [{
rel = "http://openid.net/specs/connect/1.0/issuer";
href = "https://${gitDomain}";
}];
});
mkWebfinger =
account:
pkgs.writeTextDir (lib.escapeURL "acct:${account}") (
lib.generators.toJSON { } {
subject = "acct:${account}";
links = [
{
rel = "http://openid.net/specs/connect/1.0/issuer";
href = "https://${gitDomain}";
}
];
}
);
webfingerRoot = pkgs.symlinkJoin {
name = "${gitDomain}-webfinger";
paths = builtins.map mkWebfinger conf.webfingerAccounts;
};
in
lib.mkIf conf.webfingerEnable {
forceSSL = true;
useACMEHost = conf.baseDomain;
lib.mkIf conf.webfingerEnable {
forceSSL = true;
useACMEHost = conf.baseDomain;
locations."/.well-known/webfinger" = {
root = webfingerRoot;
locations."/.well-known/webfinger" = {
root = webfingerRoot;
extraConfig = ''
add_header Access-Control-Allow-Origin "*";
default_type "application/jrd+json";
types { application/jrd+json json; }
if ($arg_resource) {
rewrite ^(.*)$ /$arg_resource break;
}
return 400;
'';
};
extraConfig = ''
add_header Access-Control-Allow-Origin "*";
default_type "application/jrd+json";
types { application/jrd+json json; }
if ($arg_resource) {
rewrite ^(.*)$ /$arg_resource break;
}
return 400;
'';
};
};
virtualHosts."${gitDomain}" = {
forceSSL = true;
hosts/tadpole/modules/nginx/default.nix
+4 -1
View File
@@ -31,7 +31,10 @@ in
networking = {
firewall = {
allowedTCPPorts = [ 80 443 ];
allowedTCPPorts = [
80
443
];
};
};
};
hosts/tadpole/modules/ppp.pm-site/default.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ inputs, lib, config, ... }:
{
inputs,
lib,
config,
...
}:
let
enabled = config.mod.pppdotpm-site.enable;
hosts/tadpole/modules/ssh/default.nix
+30 -5
View File
@@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.ssh.enable;
@@ -18,6 +23,11 @@ in
enable = true;
matchBlocks = {
"git.ppp.pm" = {
hostname = "git.ppp.pm";
identityFile = "/home/alex/.ssh/alex.tadpole-git.ppp.pm";
};
"codeberg.org" = {
hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.tadpole-codeberg.org";
@@ -41,10 +51,12 @@ in
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "${rootSSHKeyPath}/root.tadpole";
type = "ed25519";
}];
hostKeys = [
{
path = "${rootSSHKeyPath}/root.tadpole";
type = "ed25519";
}
];
settings = {
PasswordAuthentication = false;
@@ -77,6 +89,19 @@ in
path = "${authorizedKeysPath}/alex.pinwheel-tadpole.pub";
};
"alex.tadpole-git.ppp.pm" = {
file = ../../../../secrets/tadpole/alex.tadpole-git.ppp.pm.age;
path = "/home/alex/.ssh/alex.tadpole-git.ppp.pm";
owner = "alex";
group = "users";
};
"alex.tadpole-git.ppp.pm.pub" = {
file = ../../../../secrets/tadpole/alex.tadpole-git.ppp.pm.pub.age;
path = "/home/alex/.ssh/alex.tadpole-git.ppp.pm.pub";
owner = "alex";
group = "users";
};
"alex.tadpole-codeberg.org" = {
file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.age;
path = "/home/alex/.ssh/alex.tadpole-codeberg.org";
hosts/test-vm/configuration.nix
+2 -2
View File
@@ -1,4 +1,4 @@
{ pkgs, ... }:
{ pkgs, ... }:
{
imports = [
./ppp.pm-site.nix
@@ -28,7 +28,7 @@
};
};
environment.systemPackages = [];
environment.systemPackages = [ ];
system.stateVersion = "24.05";
};
hosts/test-vm/ppp.pm-site.nix
+6 -1
View File
@@ -1,4 +1,9 @@
{ inputs, lib, config, ... }:
{
inputs,
lib,
config,
...
}:
let
enabled = config.mod.pppdotpm-site.enable;
in
secrets/backwards/alex.backwards-git.ppp.pm.age
BIN
View File
Binary file not shown.
secrets/backwards/alex.backwards-git.ppp.pm.pub.age
BIN
View File
Binary file not shown.
secrets/secrets.nix
+4 -10
View File
@@ -2,7 +2,6 @@ let
# see `modules/age/default.nix` where these are defined
pinwheel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMoI7Q4zT2AGXU+i8fLmzcNLdfMkEnfHYh4PmaEmo2QW root@pinwheel";
backwards = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcTK3CUtTsgavuLlbfOqCbHYLtUrIKqnSqYmtzGCZnv root.backwards";
sombrero = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/NltCo1L+X1OIBfIKzfrbxLpCOerQ4vTIs+QPTXkf/ root@sombrero";
tadpole = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDbyj/vYafqpJH33jFz5HV+gwCiEIJTpxKrEFrBWx73A root@tadpole";
alex = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTgiHYcdhS87pPnduLunZVEgLVj4EtbG9XVSZP1l5s5 alex";
in {
@@ -12,8 +11,6 @@ in {
"pinwheel/mullvad-account-history.age".publicKeys = [ pinwheel alex ];
"pinwheel/alex.pinwheel-backwards.age".publicKeys = [ pinwheel alex ];
"pinwheel/alex.pinwheel-backwards.pub.age".publicKeys = [ pinwheel backwards alex ];
"pinwheel/alex.pinwheel-sombrero.age".publicKeys = [ pinwheel alex ];
"pinwheel/alex.pinwheel-sombrero.pub.age".publicKeys = [ pinwheel sombrero alex ];
"pinwheel/alex.pinwheel-tadpole.age".publicKeys = [ pinwheel alex ];
"pinwheel/alex.pinwheel-tadpole.pub.age".publicKeys = [ pinwheel tadpole alex ];
"pinwheel/alex.pinwheel-github.com.age".publicKeys = [ pinwheel alex ];
@@ -40,18 +37,15 @@ in {
"backwards/restic-cloud-sync-repository.age".publicKeys = [ backwards alex ];
"backwards/alex.backwards-codeberg.org.age".publicKeys = [ backwards alex ];
"backwards/alex.backwards-codeberg.org.pub.age".publicKeys = [ backwards alex ];
"backwards/alex.backwards-git.ppp.pm.age".publicKeys = [ backwards alex ];
"backwards/alex.backwards-git.ppp.pm.pub.age".publicKeys = [ backwards alex ];
"backwards/wpa_supplicant.conf.age".publicKeys = [ backwards alex ];
"sombrero/syncthing-cert.age".publicKeys = [ sombrero alex ];
"sombrero/syncthing-key.age".publicKeys = [ sombrero alex ];
"sombrero/alex.sombrero-github.com.age".publicKeys = [ sombrero alex ];
"sombrero/alex.sombrero-github.com.pub.age".publicKeys = [ sombrero alex ];
"sombrero/alex.sombrero-codeberg.org.age".publicKeys = [ sombrero alex ];
"sombrero/alex.sombrero-codeberg.org.pub.age".publicKeys = [ sombrero alex ];
"tadpole/root.tadpole.age".publicKeys = [ tadpole alex ];
"tadpole/root.tadpole.pub.age".publicKeys = [ tadpole alex ];
"tadpole/alex.tadpole-codeberg.org.age".publicKeys = [ tadpole alex ];
"tadpole/alex.tadpole-codeberg.org.pub.age".publicKeys = [ tadpole alex ];
"tadpole/alex.tadpole-git.ppp.pm.age".publicKeys = [ tadpole alex ];
"tadpole/alex.tadpole-git.ppp.pm.pub.age".publicKeys = [ tadpole alex ];
"tadpole/gitea-dbpassword.age".publicKeys = [ tadpole alex ];
}
secrets/sombrero/alex.sombrero-codeberg.org.age
BIN
View File
Binary file not shown.
secrets/sombrero/alex.sombrero-codeberg.org.pub.age
-7
View File
@@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 MxZlmA NNDIdpcC5ad2zy6SNwiLbowPBahLGKnv/W6LI4rp0Bk
78Alin5dlkRgliZkL7iLSY6MRtdZPjgtz+Z70CA+aQ8
-> ssh-ed25519 +oNaHQ i5i36kNiCMMsePFyaLHOvzMPee5RuE+yHtlh7bHq0no
B4fpYax3fzgOUGYwL4E0V9cqyvDbF5iYo/haUyR34gw
--- jBxmbEHiLGLglJDbeYDbfDrgc2DPsVIoISNj7stw8pc
MJºº|.ðTôj—ª‹©ž w9v˜ÿ§ÇkuY0B櫼D-²Oò›-]üDøy]aàjÑ(Þ(¦G¡y ÑÃåŠð ÀW8Æèä-iƒ·³ã/ž…=i}D=ÈŸ²Äó,U†Šzª’ƒݲ'žPÉYo”‘7ûòse i;
secrets/sombrero/alex.sombrero-github.com.age
BIN
View File
Binary file not shown.
secrets/sombrero/alex.sombrero-github.com.pub.age
BIN
View File
Binary file not shown.
secrets/sombrero/syncthing-cert.age
BIN
View File
Binary file not shown.
secrets/sombrero/syncthing-key.age
BIN
View File
Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More