[meta] Start transition to snowfall-lib

-4

data/default.nix

··· 1 - { 2 - hosts = builtins.fromTOML (builtins.readFile ./hosts.toml); 3 - services = builtins.fromTOML (builtins.readFile ./services.toml); 4 - }

data/hosts.toml lib/data/hosts.toml

-3

data/packages.nix

··· 1 - {inputs, pkgs, ...}: { 2 - nvim = inputs.nvim.packages.${pkgs.system}.neovim; 3 - }

data/services.toml lib/data/services.toml

+92 -1

flake.lock

··· 331 331 "type": "github" 332 332 } 333 333 }, 334 + "flake-compat_3": { 335 + "flake": false, 336 + "locked": { 337 + "lastModified": 1650374568, 338 + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", 339 + "owner": "edolstra", 340 + "repo": "flake-compat", 341 + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", 342 + "type": "github" 343 + }, 344 + "original": { 345 + "owner": "edolstra", 346 + "repo": "flake-compat", 347 + "type": "github" 348 + } 349 + }, 334 350 "flake-parts": { 335 351 "inputs": { 336 352 "nixpkgs-lib": [ ··· 399 415 "owner": "numtide", 400 416 "repo": "flake-utils", 401 417 "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", 418 + "type": "github" 419 + }, 420 + "original": { 421 + "owner": "numtide", 422 + "repo": "flake-utils", 423 + "type": "github" 424 + } 425 + }, 426 + "flake-utils-plus": { 427 + "inputs": { 428 + "flake-utils": "flake-utils_2" 429 + }, 430 + "locked": { 431 + "lastModified": 1715533576, 432 + "narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=", 433 + "owner": "gytis-ivaskevicius", 434 + "repo": "flake-utils-plus", 435 + "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", 436 + "type": "github" 437 + }, 438 + "original": { 439 + "owner": "gytis-ivaskevicius", 440 + "repo": "flake-utils-plus", 441 + "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", 442 + "type": "github" 443 + } 444 + }, 445 + "flake-utils_2": { 446 + "inputs": { 447 + "systems": "systems" 448 + }, 449 + "locked": { 450 + "lastModified": 1694529238, 451 + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", 452 + "owner": "numtide", 453 + "repo": "flake-utils", 454 + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", 402 455 "type": "github" 403 456 }, 404 457 "original": { ··· 1123 1176 "nur": "nur", 1124 1177 "nvim": "nvim", 1125 1178 "prismlauncher": "prismlauncher", 1126 - "systems": "systems", 1179 + "snowfall": "snowfall", 1180 + "systems": "systems_2", 1127 1181 "wayland": "wayland" 1128 1182 } 1129 1183 }, ··· 1161 1215 "type": "github" 1162 1216 } 1163 1217 }, 1218 + "snowfall": { 1219 + "inputs": { 1220 + "flake-compat": "flake-compat_3", 1221 + "flake-utils-plus": "flake-utils-plus", 1222 + "nixpkgs": [ 1223 + "nixpkgs" 1224 + ] 1225 + }, 1226 + "locked": { 1227 + "lastModified": 1716675292, 1228 + "narHash": "sha256-7TFvVE4HR/b65/0AAhewYHEJzUXxIEJn82ow5bCkrDo=", 1229 + "owner": "snowfallorg", 1230 + "repo": "lib", 1231 + "rev": "5d6e9f235735393c28e1145bec919610b172a20f", 1232 + "type": "github" 1233 + }, 1234 + "original": { 1235 + "owner": "snowfallorg", 1236 + "repo": "lib", 1237 + "type": "github" 1238 + } 1239 + }, 1164 1240 "systems": { 1241 + "locked": { 1242 + "lastModified": 1681028828, 1243 + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 1244 + "owner": "nix-systems", 1245 + "repo": "default", 1246 + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 1247 + "type": "github" 1248 + }, 1249 + "original": { 1250 + "owner": "nix-systems", 1251 + "repo": "default", 1252 + "type": "github" 1253 + } 1254 + }, 1255 + "systems_2": { 1165 1256 "locked": { 1166 1257 "lastModified": 1681028828, 1167 1258 "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

+125 -116

flake.nix

··· 35 35 netrc-file = "/home/thehedgehog/.netrc"; 36 36 }; 37 37 description = "PyroNet machines and services"; 38 + 38 39 inputs = { 40 + snowfall = { 41 + url = "github:snowfallorg/lib"; 42 + inputs.nixpkgs.follows = "nixpkgs"; 43 + }; 44 + 39 45 nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; 40 46 nixpkgs-mesa.url = "github:K900/nixpkgs/mesa-24.1"; 41 47 nixpkgs-nvim.url = "github:nixos/nixpkgs?rev=d5786c1b5dd2d560724b78f3ce51f1f4ef52d053"; ··· 180 186 }; 181 187 }; 182 188 183 - outputs = inputs @ { 184 - self, 185 - nixpkgs, 186 - nixpkgs-mesa, 187 - alejandra, 188 - buildbot-nix, 189 - ctp, 190 - golink, 191 - hardware, 192 - iceshrimp, 193 - # lanzaboote, 194 - lix-module, 195 - mailserver, 196 - mkshell-minimal, 197 - neovim, 198 - nix-index, 199 - nix-index-database, 200 - nixd, 201 - nur, 202 - my-pkgs, 203 - prismlauncher, 204 - wayland, 205 - ... 206 - }: let 189 + outputs = inputs @ {self, ...}: let 190 + # Overlay alejandra 207 191 alejandra-overlay = final: prev: { 208 - alejandra = alejandra.defaultPackage.${prev.system}; 192 + alejandra = inputs.alejandra.defaultPackage.${prev.system}; 193 + }; 194 + # Overlay custom mesa version 195 + mesa-overlay = final: prev: { 196 + inherit (inputs.nixpkgs-mesa.legacyPackages.${prev.system}) mesa directx-headers; 209 197 }; 198 + # Overlay my custom packages as pkgs.my-pkgs 210 199 my-pkgs2 = final: prev: {my-pkgs = self.packages."${prev.system}";}; 200 + # Overlay nix-index package 211 201 nix-index-overlay = final: prev: { 212 - inherit (nix-index.packages.${prev.system}) nix-index; 202 + inherit (inputs.nix-index.packages.${prev.system}) nix-index; 213 203 }; 214 - mesa-overlay = final: prev: { 215 - inherit (nixpkgs-mesa.legacyPackages.${prev.system}) mesa directx-headers; 216 - }; 217 - overlays = [ 218 - mesa-overlay 219 - (import ./overlays/sway.nix) 220 - my-pkgs.overlays.cinny 221 - my-pkgs2 222 - alejandra-overlay 223 - golink.overlay 224 - # lanzaboote.overlays.default 225 - lix-module.overlays.default 226 - neovim.overlay 227 - nixd.overlays.default 228 - nix-index-overlay 229 - nur.overlay 230 - prismlauncher.overlays.default 231 - wayland.overlays.default 232 - ]; 233 204 234 - pkgs = import nixpkgs { 235 - inherit overlays; 236 - localSystem = "x86_64-linux"; 237 - config = { 205 + in inputs.snowfall.mkFlake { 206 + inherit inputs; 207 + src = ./.; 208 + namespace = "py"; 209 + 210 + # Nixpkgs configuration 211 + channels-config = { 238 212 allowUnfree = true; 239 - joypixels.acceptLicense = true; 240 - permittedInsecurePackages = ["electron-19.0.7" "openssl-1.1.1t" "nodejs-16.20.0"]; 241 213 }; 242 - }; 243 214 244 - mkShell = mkshell-minimal pkgs; 215 + # Overlays for Nixpkgs. 216 + overlays = [ 217 + alejandra-overlay 218 + mesa-overlay 219 + my-pkgs2 220 + nix-index-overlay 221 + (import ./overlays/sway.nix) 222 + inputs.my-pkgs.overlays.cinny 223 + inputs.golink.overlay 224 + # inputs.lanzaboote.overlays.default 225 + inputs.lix-module.overlays.default 226 + inputs.neovim.overlay 227 + inputs.nixd.overlays.default 228 + inputs.nur.overlay 229 + inputs.prismlauncher.overlays.default 230 + inputs.wayland.overlays.default 231 + ]; 245 232 246 - lib = nixpkgs.lib; 247 - data = { 248 - inherit (import ./data) hosts services; 249 - packages = import ./data/packages.nix {inherit pkgs inputs;}; 250 - }; 251 - inherit (import ./lib { inherit self lib pkgs inputs data; }) myLib; 233 + # Home-manager configurations 234 + homes = { 235 + # Default modules for all homes 236 + modules = with inputs; [ 237 + nix-index-database.hmModules.nix-index 238 + ctp.homeManagerModules.catppuccin 239 + ]; 240 + }; 252 241 253 - in rec { 254 - packages.${pkgs.system} = { 255 - caddy = pkgs.callPackage ./pkgs/caddyBin.nix {}; 256 - go-jamming = pkgs.callPackage ./pkgs/go-jamming.nix {}; 257 - nerdfont-symbols = pkgs.callPackage ./pkgs/nerdfont-symbols.nix {}; 258 - olympus = pkgs.callPackage ./pkgs/olympus.nix {}; 259 - customGit = pkgs.git.override { withLibsecret = true; withSsh = true; }; 260 - }; 242 + # NixOS Configurations 243 + systems = { 244 + modules.nixos = with inputs; [ 245 + self.nixosModules.default 246 + ctp.nixosModules.catppuccin 247 + lix-module.nixosModules.default 248 + agenix.nixosModules.default 249 + ]; 261 250 262 - nixosModules = { 263 - default = import ./modules/pyrox.nix; 264 - dn42-pingfinder = import ./modules/dn42-pingfinder.nix; 265 - }; 251 + systems.hosts.prefect.modules = with inputs; [ 252 + self.nixosModules.dn42-pingfinder 253 + ]; 266 254 267 - nixosConfigurations.marvin = myLib.hosts.mkHost { 268 - hostname = "marvin"; 269 - coreCount = 12; 270 - extraModules = [ 271 - iceshrimp.nixosModules.default 272 - golink.nixosModules.default 273 - buildbot-nix.nixosModules.buildbot-master 274 - buildbot-nix.nixosModules.buildbot-worker 275 - nixosModules.default 276 - ]; 277 - }; 255 + systems.hosts.marvin.modules = with inputs; [ 256 + self.nixosModules.forgejo-runner 257 + iceshrimp.nixosModules.default 258 + golink.nixosModules.default 259 + buildbot-nix.nixosModules.buildbot-master 260 + buildbot-nix.nixosModules.buildbot-worker 261 + ]; 262 + }; 278 263 279 - nixosConfigurations.prefect = myLib.hosts.mkHost { 280 - hostname = "prefect"; 281 - coreCount = 4; 282 - extraModules = [ 283 - mailserver.nixosModule 284 - self.nixosModules.dn42-pingfinder 285 - ]; 264 + outputs-builder = channels: let 265 + pkgs = channels.nixpkgs; 266 + in { 267 + # Define default packages to use everywhere 268 + packages = { 269 + nvim = inputs.nvim.packages.${pkgs.system}.neovim; 270 + customGit = pkgs.git.override { withLibsecret = true; withSsh = true; }; 271 + }; 272 + formatter = pkgs.nixfmt-rfc-style; 273 + }; 286 274 }; 287 - 288 - nixosConfigurations.thought = myLib.hosts.mkHost { 289 - hostname = "thought"; 290 - coreCount = 3; 291 - extraModules = [ 292 - self.nixosModules.dn42-pingfinder 293 - ]; 294 - users = ["pyrox"]; 295 - }; 296 - 297 - nixosConfigurations.zaphod = myLib.hosts.mkHost { 298 - hostname = "zaphod"; 299 - profile = "desktop"; 300 - coreCount = 8; 301 - extraModules = [ 302 - hardware.nixosModules.framework-16-7040-amd 303 - ]; 304 - users = ["thehedgehog"]; 305 - }; 306 - 307 - devShells.${pkgs.system}.default = mkShell { 308 - buildInputs = [ 309 - # deploy-rs.packages.${system}.default 310 - # colmena.packages.${system}.colmena 311 - ]; 312 - }; 313 - }; 275 + # in rec { 276 + # nixosConfigurations.marvin = myLib.hosts.mkHost { 277 + # hostname = "marvin"; 278 + # coreCount = 12; 279 + # extraModules = [ 280 + # inputs.iceshrimp.nixosModules.default 281 + # inputs.golink.nixosModules.default 282 + # inputs.buildbot-nix.nixosModules.buildbot-master 283 + # inputs.buildbot-nix.nixosModules.buildbot-worker 284 + # nixosModules.default 285 + # ]; 286 + # }; 287 + # 288 + # nixosConfigurations.prefect = myLib.hosts.mkHost { 289 + # hostname = "prefect"; 290 + # coreCount = 4; 291 + # extraModules = [ 292 + # inputs.mailserver.nixosModule 293 + # self.nixosModules.dn42-pingfinder 294 + # ]; 295 + # }; 296 + # 297 + # nixosConfigurations.thought = myLib.hosts.mkHost { 298 + # hostname = "thought"; 299 + # coreCount = 3; 300 + # extraModules = [ 301 + # self.nixosModules.dn42-pingfinder 302 + # ]; 303 + # users = ["pyrox"]; 304 + # }; 305 + # 306 + # nixosConfigurations.zaphod = myLib.hosts.mkHost { 307 + # hostname = "zaphod"; 308 + # profile = "desktop"; 309 + # coreCount = 8; 310 + # extraModules = [ 311 + # inputs.hardware.nixosModules.framework-16-7040-amd 312 + # ]; 313 + # users = ["thehedgehog"]; 314 + # }; 315 + # 316 + # devShells.${pkgs.system}.default = mkShell { 317 + # buildInputs = [ 318 + # # inputs.deploy-rs.packages.${pkgs.system}.default 319 + # # inputs.colmena.packages.${pkgs.system}.colmena 320 + # ]; 321 + # }; 322 + # }; 314 323 }

+7

homes/x86_64-linux/pyrox/files/distrobox-config.nix

··· 1 + { 2 + xdg.configFile."distrobox/distrobox.conf" = { 3 + text = '' 4 + distrobox_sudo_program="doas" 5 + ''; 6 + }; 7 + }

+5

homes/x86_64-linux/pyrox/files/pamKeys.nix

··· 1 + { 2 + xdg.configFile."Yubico/u2f_keys".text = '' 3 + thehedgehog:iC1dk7d+DYFX60wpkDlWdwNpkRLXmML7iDjxh4TRXe8OhsAb2pgKiY6tVLHeZIK3WOVA1DuWU8rWlHdma3eqJg==,NdBJTVCvOamU35ad3fJRv6A6YZQIYrojcVk9a8WYMVvTtKO+xyIeBvunlidHv4Zb0rYrOvK6u7Gb4N5x6T6FIQ==,es256,+presence:juWx2IphhNuHZHiv8nG3i2WWTyR5A+CWp5iHz2AmE7aj3b3rgj85Gl1PMpmZlvlwDgbCP+dlcP5PPzTFloB3Ow==,FEXBkP0PzZSURoIbLuGiRRHFIcSiqEz/ieNPRqRY/hqLJ4AsvGwJ1xdIX7F8qAQuMSp8m7usuBLS4u+4FGg3Ng==,es256,+presence 4 + ''; 5 + }

+42

homes/x86_64-linux/pyrox/files/rbw-gc.nix

··· 1 + {pkgs, ...}: { 2 + home.file."bin/git-credential-rbw".text = '' 3 + #${pkgs.bash}/bin/bash 4 + 5 + declare -A params 6 + 7 + if [ "x$1" == "xget" ]; then 8 + read line 9 + while [ -n "$line" ]; do 10 + key=''${line%%=*} 11 + value=''${line#*=} 12 + params[$key]=$value 13 + read line 14 + done 15 + 16 + if [ "''${params['protocol']}" != "xhttps" ]; then 17 + exit 18 + fi 19 + 20 + if [ -z "''${params["host"]}" ]; then 21 + exit 22 + fi 23 + 24 + rbw ls > /dev/null 2>&1 25 + if [ $? -ne 0 ]; then 26 + echo "Please login to rbw to use git credential helper" > /dev/stderr 27 + exit 28 + fi 29 + 30 + user=`rbw get --full ''${params["host"]} | grep "Username:" | cut -d' ' -f2-` 31 + pass=`rbw get ''${params["host"]}` 32 + 33 + if [ "x$user" == "x" ] || [ "x$pass" == "x" ]; then 34 + echo "Couldn't find host in rbw DB." > /dev/stderr 35 + exit 36 + fi 37 + 38 + echo username=$user 39 + echo password=$pass 40 + fi 41 + ''; 42 + }

+9

homes/x86_64-linux/pyrox/files/ssh-auth-signers.nix

··· 1 + { 2 + home.file.".ssh/authorized_signatures".text = '' 3 + hedgehog@mrhedgehog.xyz ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTVGi3PItsbUhFgnFZlqo1iUggL4npMg94+9FsyhEPfShcQwJK2/jJzjv5S9KPuk3cY7aoqyVFLbnasSBZPXmscJmOiVNvtWvHoC3QPXvf3IAcVZ5KOLpY2NJlPx/pAb31C6ewtg8v3VlyhL4zEp6M+AGwXX51tFDh2GnYD+7SNF+aMhKCrX63syAhgPy3F8mZ2RIDLAu+lsYlwdpWRkSEv9kcjX/6+3QgUWjfPBaKEeYID22ihSuj7+AiuAt0gM4q0TY/Hpcx+qDLonrIuBnm1hMZDgbv//D0sHIUxJQkGTKTEbkZxoh0Qri7UV/V6l3mETaG40deuemMU7RFY7Khl8RajNZ+9z0FdquS/HCt8+fYQk6eLneJrMIQ1bI4awrtblG3P2Yf2QUu+H3kfCQe44R3WjUugTbNtumVgyQBzl2dzlIVn1pZBeyZy70XCgbaFKkDR8Y/qZiUoZ0afP3vTOXhkn5UBfutTKwUiSGh3S8Ge5YhNgKHWE2eQp1ckEm0IMJV/q5Nsw/yBBXj/kfD8ekz96LQ+gP5JFLq4EaipXI7FM4aZNOBUZU1l/sCEuq7m997nrBucTKqGm7Ho3rq7bgdj4f6GyUJXSMOM1cN61LLrRumZGGTH8WghVL7ligxZyNFcQoudR8jfpf4mrgRxipQOe1A2umvuufMr+l/bw== 4 + hedgehog@mrhedgehog.xyz ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM= 5 + me@thehedgehog.me ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTVGi3PItsbUhFgnFZlqo1iUggL4npMg94+9FsyhEPfShcQwJK2/jJzjv5S9KPuk3cY7aoqyVFLbnasSBZPXmscJmOiVNvtWvHoC3QPXvf3IAcVZ5KOLpY2NJlPx/pAb31C6ewtg8v3VlyhL4zEp6M+AGwXX51tFDh2GnYD+7SNF+aMhKCrX63syAhgPy3F8mZ2RIDLAu+lsYlwdpWRkSEv9kcjX/6+3QgUWjfPBaKEeYID22ihSuj7+AiuAt0gM4q0TY/Hpcx+qDLonrIuBnm1hMZDgbv//D0sHIUxJQkGTKTEbkZxoh0Qri7UV/V6l3mETaG40deuemMU7RFY7Khl8RajNZ+9z0FdquS/HCt8+fYQk6eLneJrMIQ1bI4awrtblG3P2Yf2QUu+H3kfCQe44R3WjUugTbNtumVgyQBzl2dzlIVn1pZBeyZy70XCgbaFKkDR8Y/qZiUoZ0afP3vTOXhkn5UBfutTKwUiSGh3S8Ge5YhNgKHWE2eQp1ckEm0IMJV/q5Nsw/yBBXj/kfD8ekz96LQ+gP5JFLq4EaipXI7FM4aZNOBUZU1l/sCEuq7m997nrBucTKqGm7Ho3rq7bgdj4f6GyUJXSMOM1cN61LLrRumZGGTH8WghVL7ligxZyNFcQoudR8jfpf4mrgRxipQOe1A2umvuufMr+l/bw== 6 + me@thehedgehog.me ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM= 7 + me@thehedgehog.me ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK97n2SgV/U1mLzxcaEDl85iF5D3jm7xboZ+S01+CbM/8zxVoWyjVHCqTwDcrLwP0c5Z51BNj7U0UkGIgR4zTSM= 8 + ''; 9 + }

+28

homes/x86_64-linux/pyrox/files/tokyo-night.json

··· 1 + { 2 + "wallpaper": "~/.config/wpg/wallpapers/nix-snowflake.png", 3 + "alpha": "100", 4 + 5 + "special": { 6 + "background": "#1A1B26", 7 + "foreground": "#A9B1D6", 8 + "cursor": "#A9B1D6" 9 + }, 10 + "colors": { 11 + "color0": "#1A1B26", 12 + "color1": "#F7768E", 13 + "color2": "#73DACA", 14 + "color3": "#E0AF68", 15 + "color4": "#7AA2F7", 16 + "color5": "#BB9AF7", 17 + "color6": "#7DCFFF", 18 + "color7": "#A9B1D6", 19 + "color8": "#414868", 20 + "color9": "#F7768E", 21 + "color10": "#73DACA", 22 + "color11": "#E0AF68", 23 + "color12": "#7AA2F7", 24 + "color13": "#BB9AF7", 25 + "color14": "#7DCFFF", 26 + "color15": "#A9B1D6" 27 + } 28 + }

+6

homes/x86_64-linux/pyrox/programs/bat.nix

··· 1 + { 2 + programs.bat = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + }; 6 + }

+6

homes/x86_64-linux/pyrox/programs/chromium.nix

··· 1 + {pkgs, ...}: { 2 + programs.chromium = { 3 + enable = true; 4 + package = pkgs.ungoogled-chromium; 5 + }; 6 + }

+34

homes/x86_64-linux/pyrox/programs/direnv.nix

··· 1 + { 2 + programs.direnv = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableNushellIntegration = true; 6 + enableZshIntegration = true; 7 + nix-direnv.enable = true; 8 + stdlib = '' 9 + layout_poetry() { 10 + PYPROJECT_TOML="\$\{PYPROJECT_TOML:-pyproject.toml}" 11 + if [[ ! -f "$PYPROJECT_TOML" ]]; then 12 + log_status "No pyproject.toml found. Executing \`poetry init\` to create a \`$PYPROJECT_TOML\` first." 13 + poetry init 14 + fi 15 + 16 + if [[ -d ".venv" ]]; then 17 + VIRTUAL_ENV="$(pwd)/.venv" 18 + else 19 + VIRTUAL_ENV=$(poetry env info --path 2>/dev/null ; true) 20 + fi 21 + 22 + if [[ -z $VIRTUAL_ENV || ! -d $VIRTUAL_ENV ]]; then 23 + log_status "No virtual environment exists. Executing \`poetry install\` to create one." 24 + poetry install 25 + VIRTUAL_ENV=$(poetry env info --path) 26 + fi 27 + 28 + PATH_add "$VIRTUAL_ENV/bin" 29 + export POETRY_ACTIVE=1 30 + export VIRTUAL_ENV 31 + } 32 + ''; 33 + }; 34 + }

+14

homes/x86_64-linux/pyrox/programs/emacs/default.nix

··· 1 + {pkgs, ...}: { 2 + programs.emacs = { 3 + enable = true; 4 + package = 5 + (pkgs.emacsPackagesFor pkgs.emacs-pgtk).emacsWithPackages 6 + (epkgs: [epkgs.vterm]); 7 + }; 8 + services.emacs = { 9 + enable = true; 10 + package = 11 + (pkgs.emacsPackagesFor pkgs.emacs-pgtk).emacsWithPackages 12 + (epkgs: [epkgs.vterm]); 13 + }; 14 + }

+9

homes/x86_64-linux/pyrox/programs/email.nix

··· 1 + { 2 + pkgs, 3 + lib, 4 + ... 5 + }: { 6 + programs.msmtp.enable = true; 7 + programs.mbsync.enable = true; 8 + programs.mu.enable = true; 9 + }

+46

homes/x86_64-linux/pyrox/programs/firefox/default.nix

··· 1 + {pkgs, ...}: { 2 + imports = [./extraPrefs.nix ./policies.nix]; 3 + programs.firefox = { 4 + enable = true; 5 + package = pkgs.firefox.override { 6 + cfg = { 7 + smartcardSupport = true; 8 + pipewireSupport = true; 9 + ffmpegSupport = true; 10 + }; 11 + }; 12 + profiles = { 13 + default = { 14 + id = 0; 15 + isDefault = true; 16 + name = "Default"; 17 + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ 18 + augmented-steam 19 + bitwarden 20 + clearurls 21 + consent-o-matic 22 + cookie-autodelete 23 + darkreader 24 + don-t-fuck-with-paste 25 + enhanced-github 26 + facebook-container 27 + header-editor 28 + istilldontcareaboutcookies 29 + kagi-search 30 + libredirect 31 + lovely-forks 32 + multi-account-containers 33 + privacy-pass 34 + protondb-for-steam 35 + pywalfox 36 + reddit-moderator-toolbox 37 + refined-github 38 + sourcegraph 39 + steam-database 40 + stylus 41 + ublock-origin 42 + ]; 43 + }; 44 + }; 45 + }; 46 + }

+171

homes/x86_64-linux/pyrox/programs/firefox/extraPrefs.nix

··· 1 + { 2 + programs.firefox.profiles.default.extraConfig = '' 3 + user_pref("accessibility.typeaheadfind.flashBar", 0); 4 + user_pref("app.normandy.api_url", ""); 5 + user_pref("app.normandy.enabled", false); 6 + user_pref("app.normandy.first_run", false); 7 + user_pref("app.shield.optoutstudies.enabled", false); 8 + user_pref("app.update.auto", false); 9 + user_pref("app.update.backgroundErrors", 1); 10 + user_pref("app.update.disable_button.showUpdateHistory", false); 11 + user_pref("beacon.enabled", false); 12 + user_pref("browser.aboutConfig.showWarning", false); 13 + user_pref("browser.bookmarks.addedImportButton", true); 14 + user_pref("browser.contentblocking.report.hide_vpn_banner", true); 15 + user_pref("browser.contentblocking.report.lockwise.enabled", false); 16 + user_pref("browser.contentblocking.report.show_mobile_app", false); 17 + user_pref("browser.contentblocking.report.social.url", ""); 18 + user_pref("browser.formfill.enable", false); 19 + user_pref("browser.laterrun.bookkeeping.profileCreationTime", 0); 20 + user_pref("browser.laterrun.bookkeeping.sessionCount", 0); 21 + user_pref("browser.newtabpage.activity-stream.discoverystream.enabled", false); 22 + user_pref("browser.newtabpage.activity-stream.discoverystream.endpointSpocsClear", ""); 23 + user_pref("browser.newtabpage.activity-stream.discoverystream.endpoints", ""); 24 + user_pref("browser.newtabpage.activity-stream.discoverystream.personalization.enabled", false); 25 + user_pref("browser.newtabpage.activity-stream.discoverystream.readTime.enabled", false); 26 + user_pref("browser.newtabpage.activity-stream.discoverystream.rec.impressions", "{}"); 27 + user_pref("browser.newtabpage.activity-stream.discoverystream.recentSaves.enabled", false); 28 + user_pref("browser.newtabpage.activity-stream.discoverystream.saveToPocketCard.enabled", false); 29 + user_pref("browser.newtabpage.activity-stream.discoverystream.sendToPocket.enabled", false); 30 + user_pref("browser.newtabpage.activity-stream.discoverystream.spoc.impressions", "{}"); 31 + user_pref("browser.newtabpage.activity-stream.feeds.recommendationprovider", false); 32 + user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); 33 + user_pref("browser.newtabpage.activity-stream.impressionId", "{}"); 34 + user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); 35 + user_pref("browser.newtabpage.activity-stream.telemetry", false); 36 + user_pref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", ""); 37 + user_pref("browser.newtabpage.activity-stream.telemetry.ut.events", false); 38 + user_pref("browser.partnerlink.attributionURL", ""); 39 + user_pref("browser.partnerlink.campaign.topsites", ""); 40 + user_pref("browser.ping-centre.telemetry", false); 41 + user_pref("browser.places.importBookmarksHTML", false); 42 + user_pref("browser.pocket.enabled", false); 43 + user_pref("browser.safebrowsing.downloads.enabled", false); 44 + user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false); 45 + user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); 46 + user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); 47 + user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); 48 + user_pref("browser.safebrowsing.downloads.remote.enabled", false); 49 + user_pref("browser.safebrowsing.downloads.remote.url", ""); 50 + user_pref("browser.safebrowsing.malware.enabled", false); 51 + user_pref("browser.safebrowsing.phishing.enabled", false); 52 + user_pref("browser.safebrowsing.provider.google.advisoryURL", ""); 53 + user_pref("browser.safebrowsing.provider.google.gethashURL", ""); 54 + user_pref("browser.safebrowsing.provider.google.gethashURL", ""); 55 + user_pref("browser.safebrowsing.provider.google.reportURL", ""); 56 + user_pref("browser.safebrowsing.provider.google.updateURL", ""); 57 + user_pref("browser.safebrowsing.provider.google4.advisoryURL", ""); 58 + user_pref("browser.safebrowsing.provider.google4.dataSharingURL", ""); 59 + user_pref("browser.safebrowsing.provider.google4.gethashURL", ""); 60 + user_pref("browser.safebrowsing.provider.google4.lists", ""); 61 + user_pref("browser.safebrowsing.provider.google4.reportURL", ""); 62 + user_pref("browser.safebrowsing.provider.google4.updateURL", ""); 63 + user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); 64 + user_pref("browser.safebrowsing.provider.mozilla.lastupdatetime", ""); 65 + user_pref("browser.safebrowsing.provider.mozilla.lists", ""); 66 + user_pref("browser.safebrowsing.provider.mozilla.lists.base", ""); 67 + user_pref("browser.safebrowsing.provider.mozilla.lists.content", ""); 68 + user_pref("browser.safebrowsing.provider.mozilla.nextupdatetime", ""); 69 + user_pref("browser.safebrowsing.provider.mozilla.updateURL", ""); 70 + user_pref("browser.search.serpEventTelemetry.enabled", false); 71 + user_pref("browser.send_pings", false); 72 + user_pref("browser.tabs.warnOnClose", true); 73 + user_pref("browser.urlbar.eventTelemetry.enabled", false); 74 + user_pref("browser.urlbar.quicksuggest.dataCollection.enabled", false); 75 + user_pref("browser.urlbar.suggest.addons", false); 76 + user_pref("browser.urlbar.suggest.bookmark", true); 77 + user_pref("browser.urlbar.suggest.calculator", true); 78 + user_pref("browser.urlbar.suggest.clipboard", false); 79 + user_pref("browser.urlbar.suggest.engines", false); 80 + user_pref("browser.urlbar.suggest.history", true); 81 + user_pref("browser.urlbar.suggest.mdn", false); 82 + user_pref("browser.urlbar.suggest.openpage", true); 83 + user_pref("browser.urlbar.suggest.pocket", false); 84 + user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); 85 + user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); 86 + user_pref("browser.urlbar.suggest.topsites", false); 87 + user_pref("browser.urlbar.suggest.trending", false); 88 + user_pref("browser.urlbar.suggest.weather", false); 89 + user_pref("datareporting.healthreport.infoURL", ""); 90 + user_pref("datareporting.policy.firstRunURL", ""); 91 + user_pref("device.sensors.ambientLight.enabled", false); 92 + user_pref("device.sensors.enabled", false); 93 + user_pref("device.sensors.motion.enabled", false); 94 + user_pref("device.sensors.orientation.enabled", false); 95 + user_pref("device.sensors.proximity.enabled", false); 96 + user_pref("device.sensors.test.events", false); 97 + user_pref("devtools.chrome.enabled", true); 98 + user_pref("doh-rollout.uri", ""); 99 + user_pref("dom.battery.enabled", false); 100 + user_pref("dom.event.clipboardevents.enabled", false); 101 + user_pref("dom.security.unexpected_system_load_telemetry_enabled", false); 102 + user_pref("dom.webgpu.enabled", true); 103 + user_pref("extensions.formautofill.addresses.enabled", false); 104 + user_pref("extensions.formautofill.creditCards.enabled", false); 105 + user_pref("extensions.htmlaboutaddons.recommendations.enabled", false); 106 + user_pref("extensions.pocket.enabled", false); 107 + user_pref("extensions.pocket.showHome", false); 108 + user_pref("extensions.pocket.site", ""); 109 + user_pref("extensions.recommendations.privacyPolicyUrl", ""); 110 + user_pref("extensions.recommendations.themeRecommendationUrl", ""); 111 + user_pref("extensions.ui.dictionary.hidden", true); 112 + user_pref("extensions.update.autoUpdateDefault", false); 113 + user_pref("extensions.webextensions.restrictedDomains", ""); 114 + user_pref("layers.acceleration.disabled", false); 115 + user_pref("network.predictor.enabled", false); 116 + user_pref("network.prefetch-next", false); 117 + user_pref("network.trr.confirmation_telemetry_enabled", false); 118 + user_pref("privacy.clearOnShutdown.downloads", true); 119 + user_pref("privacy.donottrackheader.enabled", false); 120 + user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); 121 + user_pref("privacy.trackingprotection.origin_telemetry.enabled", false); 122 + user_pref("remote.prefs.recommended", false); 123 + user_pref("security.app_menu.recordEventTelemetry", false); 124 + user_pref("security.certerrors.recordEventTelemetry", false); 125 + user_pref("security.identitypopup.recordEventTelemetry", false); 126 + user_pref("security.protectionspopup.recordEventTelemetry", false); 127 + user_pref("services.settings.server", ""); 128 + user_pref("signon.autofillForms", false); 129 + user_pref("signon.generation.enabled", false); 130 + user_pref("signon.management.page.breach-alerts.enabled", false); 131 + user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); 132 + user_pref("toolkit.telemetry.bhrPing.enabled", false); 133 + user_pref("toolkit.telemetry.cachedClientID", ""); 134 + user_pref("toolkit.telemetry.dap_enabled", false); 135 + user_pref("toolkit.telemetry.dap_helper", ""); 136 + user_pref("toolkit.telemetry.dap_leader", ""); 137 + user_pref("toolkit.telemetry.dap_task1_enabled", false); 138 + user_pref("toolkit.telemetry.debugSlowSql", false); 139 + user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); 140 + user_pref("toolkit.telemetry.geckoview.streaming", false); 141 + user_pref("toolkit.telemetry.newProfilePing.enabled", false); 142 + user_pref("toolkit.telemetry.pioneer-new-studies-available", false); 143 + user_pref("toolkit.telemetry.previousBuildID", ""); 144 + user_pref("toolkit.telemetry.reportingpolicy.firstRun", ""); 145 + user_pref("toolkit.telemetry.server", ""); 146 + user_pref("toolkit.telemetry.server_owner", ""); 147 + user_pref("toolkit.telemetry.shutdownPingSender.backgroundtask.enabled", false); 148 + user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); 149 + user_pref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); 150 + user_pref("toolkit.telemetry.testing.overrideProductsCheck", false); 151 + user_pref("toolkit.telemetry.unified", false); 152 + user_pref("toolkit.telemetry.updatePing.enabled", ""); 153 + user_pref("ui.systemUsesDarkTheme", 1); 154 + user_pref("webgl.force-enabled", true); 155 + user_pref("xpinstall.signatures.required", false); 156 + '' + 157 + # Fastfox tweaks 158 + '' 159 + user_pref("media.memory_cache_max_size", 65536); 160 + user_pref("browser.cache.jsbc_compression_level", 3); 161 + user_pref("image.mem.decode_bytes_at_a_time", 32768); 162 + user_pref("network.http.max-connections", 1800); 163 + user_pref("network.http.max-persistent-connections-per-server", 10); 164 + user_pref("network.http.max-urgent-start-excessive-connections-per-host", 5); 165 + user_pref("network.dns.max_high_priority_threads", 8); 166 + user_pref("network.ssl_tokens_cache_capacity", 10240); 167 + user_pref("network.dns.disablePrefetch", true); 168 + user_pref("browser.places.speculativeConnect.enabled", false); 169 + user_pref("browser.urlbar.speculativeConnect.enabled", false); 170 + ''; 171 + }

+47

homes/x86_64-linux/pyrox/programs/firefox/policies.nix

··· 1 + { 2 + programs.firefox.policies = { 3 + AppAutoUpdate = false; 4 + DisableAppUpdate = true; 5 + DisableFirefoxAccounts = true; 6 + DisableFirefoxStudies = true; 7 + DisableMasterPasswordCreation = true; 8 + DisablePocket = true; 9 + DisableTelemetry = true; 10 + DNSOverHTTPS = { 11 + Enabled = false; 12 + ProviderURL = "https://dns.nextdns.io/36e7f7"; 13 + Locked = true; 14 + }; 15 + ExtensionUpdate = false; 16 + FirefoxHome = { 17 + Search = true; 18 + TopSites = false; 19 + SponsoredTopSites = false; 20 + Highlights = false; 21 + Pocket = false; 22 + SponsoredPocket = false; 23 + Snippets = false; 24 + Locked = true; 25 + }; 26 + Homepage = { 27 + URL = "https://dash.pyrox.dev"; 28 + Locked = true; 29 + StartPage = "homepage-locked"; 30 + }; 31 + ManualAppUpdateOnly = true; 32 + OfferToSaveLogins = false; 33 + OfferToSaveLoginsDefault = false; 34 + OverrideFirstRunPage = ""; 35 + OverridePostUpdatePage = ""; 36 + PasswordManagerEnabled = false; 37 + SearchBar = "unified"; 38 + ShowHomeButton = false; 39 + UserMessaging = { 40 + WhatsNew = false; 41 + ExtensionRecommendations = false; 42 + FeatureRecommendations = false; 43 + UrlbarInterventions = false; 44 + SkipOnboarding = false; 45 + }; 46 + }; 47 + }

+45

homes/x86_64-linux/pyrox/programs/fish.nix

··· 1 + {pkgs, lib, ...}: let 2 + inherit (lib) getExe; 3 + in { 4 + programs.fish = { 5 + enable = true; 6 + catppuccin.enable = true; 7 + shellAliases = { 8 + "lg" = getExe pkgs.lazygit; 9 + "cat" = getExe pkgs.bat; 10 + "gls" = "${getExe pkgs.eza} -lah@ --icons --git --git-ignore --no-user"; 11 + "ls" = "${getExe pkgs.eza} --icons -a"; 12 + "ll" = "${getExe pkgs.eza} --icons -lah@"; 13 + "lt" = "${getExe pkgs.eza} --icons --tree -a"; 14 + "tt" = getExe pkgs.taskwarrior-tui; 15 + "dig" = getExe pkgs.doggo; 16 + }; 17 + shellInit = '' 18 + set -x GPG_TTY (tty) 19 + set -x SSH_AUTH_SOCK (gpgconf --list-dirs agent-ssh-socket) 20 + gpgconf --launch gpg-agent 21 + ''; 22 + 23 + interactiveShellInit = '' 24 + fzf_configure_bindings --directory=\cf --git_log=\cl --git_status=\cg \ 25 + --history=\cr --variables=\cv --processes=\cp 26 + any-nix-shell fish --info-right | source 27 + ''; 28 + 29 + plugins = [ 30 + { 31 + name = "nix-env"; 32 + src = pkgs.fetchFromGitHub { 33 + owner = "lilyball"; 34 + repo = "nix-env.fish"; 35 + rev = "7b65bd228429e852c8fdfa07601159130a818cfa"; 36 + sha256 = "sha256-RG/0rfhgq6aEKNZ0XwIqOaZ6K5S4+/Y5EEMnIdtfPhk="; 37 + }; 38 + } 39 + { 40 + inherit (pkgs.fishPlugins.fzf-fish) src; 41 + name = "fzf-fish"; 42 + } 43 + ]; 44 + }; 45 + }

+8

homes/x86_64-linux/pyrox/programs/fzf.nix

··· 1 + { 2 + programs.fzf = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableZshIntegration = true; 6 + catppuccin.enable = true; 7 + }; 8 + }

+12

homes/x86_64-linux/pyrox/programs/gh.nix

··· 1 + {pkgs, data, lib, ...}: { 2 + programs.gh = { 3 + enable = true; 4 + gitCredentialHelper.enable = true; 5 + settings = { 6 + editor = lib.getExe data.packages.nvim; 7 + git_protocol = "https"; 8 + browser = "${pkgs.firefox-wayland}/bin/firefox"; 9 + prompt = "enabled"; 10 + }; 11 + }; 12 + }

+73

homes/x86_64-linux/pyrox/programs/git.nix

··· 1 + {pkgs, lib, data, ...}: 2 + { 3 + programs.git = { 4 + enable = true; 5 + package = pkgs.my-pkgs.customGit; 6 + aliases = { 7 + a = "add -p"; 8 + co = "checkout"; 9 + cob = "checkout -b"; 10 + f = "fetch -p"; 11 + c = "commit"; 12 + p = "push"; 13 + ba = "branch -a"; 14 + bd = "branch -d"; 15 + bD = "branch -D"; 16 + d = "diff"; 17 + dc = "diff --cached"; 18 + ds = "diff --staged"; 19 + r = "restore"; 20 + rs = "restore --staged"; 21 + st = "status -sb"; 22 + # reset 23 + soft = "reset --soft"; 24 + hard = "reset --hard"; 25 + s1ft = "soft HEAD~1"; 26 + h1rd = "hard HEAD~1"; 27 + # logging 28 + lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; 29 + plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'"; 30 + tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative"; 31 + rank = "shortlog -sn --no-merges"; 32 + # delete merged branches 33 + bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d"; 34 + wt = "worktree"; 35 + }; 36 + delta = { 37 + enable = true; 38 + options.line-numbers = true; 39 + }; 40 + extraConfig = { 41 + core.editor = lib.getExe data.packages.nvim; 42 + init.defaultBranch = "main"; 43 + pull.rebase = false; 44 + # gpg.format = "ssh"; 45 + gpg."ssh".allowedSignersFile = "~/.ssh/authorized_signatures"; 46 + "credential \"https://git.pyrox.dev\"".username = "pyrox"; 47 + credential.helper = "rbw"; 48 + }; 49 + lfs = { 50 + enable = true; 51 + skipSmudge = false; 52 + }; 53 + signing = { 54 + key = "0xFE1D8A7D620C611F"; 55 + signByDefault = true; 56 + }; 57 + userEmail = "pyrox@pyrox.dev"; 58 + userName = "Pyrox"; 59 + }; 60 + programs.lazygit = { 61 + enable = true; 62 + catppuccin.enable = true; 63 + settings = { 64 + gui.nerdFontsVersion = "3"; 65 + gui.showRandomTip = false; 66 + gui.theme.selectedLineBgColor = ["default"]; 67 + git.paging = { 68 + pager = "${lib.getExe pkgs.delta} --dark --paging=never"; 69 + colorArg = "always"; 70 + }; 71 + }; 72 + }; 73 + }

+39

homes/x86_64-linux/pyrox/programs/gpg.nix

··· 1 + {pkgs, ...}: { 2 + programs.gpg = { 3 + enable = true; 4 + settings = { 5 + personal-cipher-preferences = "AES256 AES192 AES"; 6 + personal-digest-preferences = "SHA512 SHA384 SHA256"; 7 + personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed"; 8 + default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; 9 + cert-digest-algo = "SHA512"; 10 + s2k-digest-algo = "SHA512"; 11 + s2k-cipher-algo = "AES256"; 12 + charset = "utf-8"; 13 + fixed-list-mode = true; 14 + no-comments = true; 15 + no-emit-version = true; 16 + no-greeting = true; 17 + keyid-format = "0xlong"; 18 + list-options = "show-uid-validity"; 19 + verify-options = "show-uid-validity"; 20 + with-fingerprint = true; 21 + with-key-origin = true; 22 + require-cross-certification = true; 23 + no-symkey-cache = true; 24 + use-agent = true; 25 + throw-keyids = true; 26 + default-key = "0x7D5107866B1C6752"; 27 + trusted-key = "0x7D5107866B1C6752"; 28 + keyserver = "hkps://keys.openpgp.org"; 29 + }; 30 + scdaemonSettings = { 31 + card-timeout = "60"; 32 + pcsc-shared = true; 33 + # shared-access = true; 34 + disable-ccid = true; 35 + pcsc-driver = "${pkgs.pcsclite.out}/lib/libpcsclite.so"; 36 + reader-port = "Yubico Yubi"; 37 + }; 38 + }; 39 + }

+32

homes/x86_64-linux/pyrox/programs/helix.nix

··· 1 + { 2 + programs.helix = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + catppuccin.useItalics = true; 6 + settings = { 7 + editor = { 8 + line-number = "absolute"; 9 + mouse = false; 10 + auto-save = true; 11 + true-color = true; 12 + bufferline = "multiple"; 13 + cursor-shape = { 14 + normal = "block"; 15 + insert = "bar"; 16 + select = "underline"; 17 + }; 18 + lsp = { 19 + display-messages = true; 20 + auto-signature-help = true; 21 + display-signature-help-docs = true; 22 + }; 23 + whitespace.render = { 24 + space = "none"; 25 + tab = "all"; 26 + newline = "all"; 27 + }; 28 + indent-guides.render = true; 29 + }; 30 + }; 31 + }; 32 + }

+49

homes/x86_64-linux/pyrox/programs/kitty.nix

··· 1 + {pkgs, lib, data, ...}: { 2 + programs.kitty = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + font.name = "BlexMono Nerd Font"; 6 + font.size = 14; 7 + settings = { 8 + # Font settings 9 + bold_font = "BlexMono Nerd Font Bold"; 10 + italic_font = "BlexMono Nerd Font Italic"; 11 + bold_italic_font = "BlexMono Nerd Font Bold Italic"; 12 + # Cursor Settings 13 + scrollback_lines = 10000; 14 + wheel_scroll_multiplier = 3; 15 + touch_scroll_multiplier = 2; 16 + scrollback_pager = "${lib.getExe pkgs.page}"; 17 + cursor_shape = "block"; 18 + # Mouse settings 19 + mouse_hide_wait = "0.5"; 20 + open_url_with = "default"; 21 + strip_trailing_spaces = "smart"; 22 + focus_follows_mouse = true; 23 + # Perf settings 24 + repaint_delay = 16; 25 + sync_to_monitor = true; 26 + # Terminal Bell settings 27 + enable_audio_bell = false; 28 + # Window settings 29 + hide_window_decorations = true; 30 + # Tab Bar settings 31 + tab_bar_edge = "bottom"; 32 + tab_bar_margin_width = 0; 33 + tab_bar_margin_height = "0 0"; 34 + tab_bar_style = "powerline"; 35 + tab_bar_min_tabs = 2; 36 + 37 + shell = "fish"; 38 + editor = "${lib.getExe data.packages.nvim}"; 39 + allow_remote_control = "socket-only"; 40 + listen_on = "unix:/tmp/mykitty"; 41 + update_check_interval = 0; 42 + allow_hyperlinks = true; 43 + shell_integration = "no-cursor"; 44 + term = "xterm-kitty"; 45 + remember_window_size = "no"; 46 + linux_display_server = "wayland"; 47 + }; 48 + }; 49 + }

+9

homes/x86_64-linux/pyrox/programs/navi.nix

··· 1 + { 2 + programs.navi = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableFishIntegration = true; 6 + enableZshIntegration = true; 7 + settings = {finder = {command = "fzf";};}; 8 + }; 9 + }

+12

homes/x86_64-linux/pyrox/programs/ncmpcpp.nix

··· 1 + { 2 + programs.ncmpcpp = { 3 + enable = true; 4 + settings = { 5 + visualizer_data_source = "/tmp/mpd.fifo"; 6 + visualizer_output_name = "viz"; 7 + visualizer_in_stereo = "yes"; 8 + visualizer_type = "ellipse"; 9 + visualizer_look = "+."; 10 + }; 11 + }; 12 + }

+25

homes/x86_64-linux/pyrox/programs/neovim.nix

··· 1 + { 2 + pkgs, 3 + lib, 4 + data, 5 + ... 6 + }: { 7 + programs.neovim = { 8 + enable = true; 9 + package = data.packages.nvim; 10 + viAlias = true; 11 + vimAlias = true; 12 + vimdiffAlias = true; 13 + withNodeJs = false; 14 + withPython3 = false; 15 + withRuby = false; 16 + extraPackages = [ 17 + pkgs.fd 18 + pkgs.ffmpegthumbnailer 19 + pkgs.fontpreview 20 + pkgs.gcc 21 + pkgs.poppler 22 + pkgs.ueberzug 23 + ]; 24 + }; 25 + }

+8

homes/x86_64-linux/pyrox/programs/nix-index.nix

··· 1 + { 2 + programs.nix-index = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableFishIntegration = true; 6 + enableZshIntegration = true; 7 + }; 8 + }

+369

homes/x86_64-linux/pyrox/programs/nushell/config.nu

··· 1 + source ~/.zoxide.nu 2 + source ~/.cache/starship/init.nu 3 + 4 + source /home/thehedgehog/.cache/starship/init.nu 5 + 6 + let-env config = ($env | default {} config).config 7 + let-env config = ($env.config | default {} hooks) 8 + let-env config = ($env.config | update hooks ($env.config.hooks | default [] pre_prompt)) 9 + let-env config = ($env.config | update hooks.pre_prompt ($env.config.hooks.pre_prompt | append { 10 + code: " 11 + let direnv = (direnv export json | from json) 12 + let direnv = if ($direnv | length) == 1 { $direnv } else { {} } 13 + $direnv | load-env 14 + " 15 + })) 16 + 17 + let-env config = { 18 + ls: { 19 + use_ls_colors: true # use the LS_COLORS environment variable to colorize output 20 + clickable_links: true # enable or disable clickable links. Your terminal has to support links. 21 + } 22 + rm: { 23 + always_trash: false # always act as if -t was given. Can be overridden with -p 24 + } 25 + cd: { 26 + abbreviations: false # allows `cd s/o/f` to expand to `cd some/other/folder` 27 + } 28 + table: { 29 + mode: rounded # basic, compact, compact_double, light, thin, with_love, rounded, reinforced, heavy, none, other 30 + index_mode: always # "always" show indexes, "never" show indexes, "auto" = show indexes when a table has "index" column 31 + trim: { 32 + methodology: wrapping # wrapping or truncating 33 + wrapping_try_keep_words: true # A strategy used by the 'wrapping' methodology 34 + truncating_suffix: "..." # A suffix used by the 'truncating' methodology 35 + } 36 + } 37 + 38 + explore: { 39 + help_banner: true 40 + exit_esc: true 41 + 42 + command_bar_text: '#C4C9C6' 43 + # command_bar: {fg: '#C4C9C6' bg: '#223311' } 44 + 45 + status_bar_background: {fg: '#1D1F21' bg: '#C4C9C6' } 46 + # status_bar_text: {fg: '#C4C9C6' bg: '#223311' } 47 + 48 + highlight: {bg: 'yellow' fg: 'black' } 49 + 50 + status: { 51 + # warn: {bg: 'yellow', fg: 'blue'} 52 + # error: {bg: 'yellow', fg: 'blue'} 53 + # info: {bg: 'yellow', fg: 'blue'} 54 + } 55 + 56 + try: { 57 + # border_color: 'red' 58 + # highlighted_color: 'blue' 59 + 60 + # reactive: false 61 + } 62 + 63 + table: { 64 + split_line: '#404040' 65 + 66 + cursor: true 67 + 68 + line_index: true 69 + line_shift: true 70 + line_head_top: true 71 + line_head_bottom: true 72 + 73 + show_head: true 74 + show_index: true 75 + 76 + # selected_cell: {fg: 'white', bg: '#777777'} 77 + # selected_row: {fg: 'yellow', bg: '#C1C2A3'} 78 + # selected_column: blue 79 + 80 + # padding_column_right: 2 81 + # padding_column_left: 2 82 + 83 + # padding_index_left: 2 84 + # padding_index_right: 1 85 + } 86 + 87 + config: { 88 + cursor_color: {bg: 'yellow' fg: 'black' } 89 + 90 + # border_color: white 91 + # list_color: green 92 + } 93 + } 94 + 95 + history: { 96 + max_size: 10000 # Session has to be reloaded for this to take effect 97 + sync_on_enter: true # Enable to share history between multiple sessions, else you have to close the session to write history to file 98 + file_format: "plaintext" # "sqlite" or "plaintext" 99 + } 100 + completions: { 101 + case_sensitive: false # set to true to enable case-sensitive completions 102 + quick: true # set this to false to prevent auto-selecting completions when only one remains 103 + partial: true # set this to false to prevent partial filling of the prompt 104 + algorithm: "prefix" # prefix or fuzzy 105 + external: { 106 + enable: true # set to false to prevent nushell looking into $env.PATH to find more suggestions, `false` recommended for WSL users as this look up my be very slow 107 + max_results: 100 # setting it lower can improve completion performance at the cost of omitting some options 108 + completer: null # check 'carapace_completer' above as an example 109 + } 110 + } 111 + filesize: { 112 + metric: true # true => KB, MB, GB (ISO standard), false => KiB, MiB, GiB (Windows standard) 113 + format: "auto" # b, kb, kib, mb, mib, gb, gib, tb, tib, pb, pib, eb, eib, zb, zib, auto 114 + } 115 + cursor_shape: { 116 + emacs: line # block, underscore, line (line is the default) 117 + vi_insert: block # block, underscore, line (block is the default) 118 + vi_normal: underscore # block, underscore, line (underscore is the default) 119 + } 120 + color_config: $dark_theme # if you want a light theme, replace `$dark_theme` to `$light_theme` 121 + use_grid_icons: true 122 + footer_mode: "25" # always, never, number_of_rows, auto 123 + float_precision: 2 # the precision for displaying floats in tables 124 + # buffer_editor: "emacs" # command that will be used to edit the current line buffer with ctrl+o, if unset fallback to $env.EDITOR and $env.VISUAL 125 + use_ansi_coloring: true 126 + edit_mode: emacs # emacs, vi 127 + shell_integration: true # enables terminal markers and a workaround to arrow keys stop working issue 128 + # true or false to enable or disable the welcome banner at startup 129 + show_banner: true 130 + render_right_prompt_on_last_line: false # true or false to enable or disable right prompt to be rendered on last line of the prompt. 131 + 132 + hooks: { 133 + pre_prompt: [{ 134 + null # replace with source code to run before the prompt is shown 135 + }] 136 + pre_execution: [{ 137 + null # replace with source code to run before the repl input is run 138 + }] 139 + env_change: { 140 + PWD: [{|before, after| 141 + null # replace with source code to run if the PWD environment is different since the last repl input 142 + }] 143 + } 144 + display_output: { 145 + if (term size).columns >= 100 { table -e } else { table } 146 + } 147 + } 148 + menus: [ 149 + # Configuration for default nushell menus 150 + # Note the lack of source parameter 151 + { 152 + name: completion_menu 153 + only_buffer_difference: false 154 + marker: "| " 155 + type: { 156 + layout: columnar 157 + columns: 4 158 + col_width: 20 # Optional value. If missing all the screen width is used to calculate column width 159 + col_padding: 2 160 + } 161 + style: { 162 + text: green 163 + selected_text: green_reverse 164 + description_text: yellow 165 + } 166 + } 167 + { 168 + name: history_menu 169 + only_buffer_difference: true 170 + marker: "? " 171 + type: { 172 + layout: list 173 + page_size: 10 174 + } 175 + style: { 176 + text: green 177 + selected_text: green_reverse 178 + description_text: yellow 179 + } 180 + } 181 + { 182 + name: help_menu 183 + only_buffer_difference: true 184 + marker: "? " 185 + type: { 186 + layout: description 187 + columns: 4 188 + col_width: 20 # Optional value. If missing all the screen width is used to calculate column width 189 + col_padding: 2 190 + selection_rows: 4 191 + description_rows: 10 192 + } 193 + style: { 194 + text: green 195 + selected_text: green_reverse 196 + description_text: yellow 197 + } 198 + } 199 + # Example of extra menus created using a nushell source 200 + # Use the source field to create a list of records that populates 201 + # the menu 202 + { 203 + name: commands_menu 204 + only_buffer_difference: false 205 + marker: "# " 206 + type: { 207 + layout: columnar 208 + columns: 4 209 + col_width: 20 210 + col_padding: 2 211 + } 212 + style: { 213 + text: green 214 + selected_text: green_reverse 215 + description_text: yellow 216 + } 217 + source: { |buffer, position| 218 + $nu.scope.commands 219 + | where name =~ $buffer 220 + | each { |it| {value: $it.name description: $it.usage} } 221 + } 222 + } 223 + { 224 + name: vars_menu 225 + only_buffer_difference: true 226 + marker: "# " 227 + type: { 228 + layout: list 229 + page_size: 10 230 + } 231 + style: { 232 + text: green 233 + selected_text: green_reverse 234 + description_text: yellow 235 + } 236 + source: { |buffer, position| 237 + $nu.scope.vars 238 + | where name =~ $buffer 239 + | sort-by name 240 + | each { |it| {value: $it.name description: $it.type} } 241 + } 242 + } 243 + { 244 + name: commands_with_description 245 + only_buffer_difference: true 246 + marker: "# " 247 + type: { 248 + layout: description 249 + columns: 4 250 + col_width: 20 251 + col_padding: 2 252 + selection_rows: 4 253 + description_rows: 10 254 + } 255 + style: { 256 + text: green 257 + selected_text: green_reverse 258 + description_text: yellow 259 + } 260 + source: { |buffer, position| 261 + $nu.scope.commands 262 + | where name =~ $buffer 263 + | each { |it| {value: $it.name description: $it.usage} } 264 + } 265 + } 266 + ] 267 + keybindings: [ 268 + { 269 + name: completion_menu 270 + modifier: none 271 + keycode: tab 272 + mode: [emacs vi_normal vi_insert] 273 + event: { 274 + until: [ 275 + { send: menu name: completion_menu } 276 + { send: menunext } 277 + ] 278 + } 279 + } 280 + { 281 + name: completion_previous 282 + modifier: shift 283 + keycode: backtab 284 + mode: [emacs, vi_normal, vi_insert] # Note: You can add the same keybinding to all modes by using a list 285 + event: { send: menuprevious } 286 + } 287 + { 288 + name: history_menu 289 + modifier: control 290 + keycode: char_r 291 + mode: emacs 292 + event: { send: menu name: history_menu } 293 + } 294 + { 295 + name: next_page 296 + modifier: control 297 + keycode: char_x 298 + mode: emacs 299 + event: { send: menupagenext } 300 + } 301 + { 302 + name: undo_or_previous_page 303 + modifier: control 304 + keycode: char_z 305 + mode: emacs 306 + event: { 307 + until: [ 308 + { send: menupageprevious } 309 + { edit: undo } 310 + ] 311 + } 312 + } 313 + { 314 + name: yank 315 + modifier: control 316 + keycode: char_y 317 + mode: emacs 318 + event: { 319 + until: [ 320 + {edit: pastecutbufferafter} 321 + ] 322 + } 323 + } 324 + { 325 + name: unix-line-discard 326 + modifier: control 327 + keycode: char_u 328 + mode: [emacs, vi_normal, vi_insert] 329 + event: { 330 + until: [ 331 + {edit: cutfromlinestart} 332 + ] 333 + } 334 + } 335 + { 336 + name: kill-line 337 + modifier: control 338 + keycode: char_k 339 + mode: [emacs, vi_normal, vi_insert] 340 + event: { 341 + until: [ 342 + {edit: cuttolineend} 343 + ] 344 + } 345 + } 346 + # Keybindings used to trigger the user defined menus 347 + { 348 + name: commands_menu 349 + modifier: control 350 + keycode: char_t 351 + mode: [emacs, vi_normal, vi_insert] 352 + event: { send: menu name: commands_menu } 353 + } 354 + { 355 + name: vars_menu 356 + modifier: alt 357 + keycode: char_o 358 + mode: [emacs, vi_normal, vi_insert] 359 + event: { send: menu name: vars_menu } 360 + } 361 + { 362 + name: commands_with_description 363 + modifier: control 364 + keycode: char_s 365 + mode: [emacs, vi_normal, vi_insert] 366 + event: { send: menu name: commands_with_description } 367 + } 368 + ] 369 + }

+7

homes/x86_64-linux/pyrox/programs/nushell/default.nix

··· 1 + {pkgs, ...}: { 2 + programs.nushell = { 3 + enable = true; 4 + configFile.source = ./config.nu; 5 + envFile.source = ./env.nu; 6 + }; 7 + }

+9

homes/x86_64-linux/pyrox/programs/nushell/env.nu

··· 1 + zoxide init nushell --hook prompt | save ~/.zoxide.nu 2 + mkdir ~/.cache/starship 3 + starship init nu | save ~/.cache/starship/init.nu 4 + 5 + let starship_cache = "/home/thehedgehog/.cache/starship" 6 + if not ($starship_cache | path exists) { 7 + mkdir $starship_cache 8 + } 9 + /etc/profiles/per-user/thehedgehog/bin/starship init nu | save --force /home/thehedgehog/.cache/starship/init.nu

+14

homes/x86_64-linux/pyrox/programs/obs.nix

··· 1 + { 2 + config, 3 + pkgs, 4 + ... 5 + }: { 6 + programs.obs-studio = { 7 + enable = true; 8 + plugins = with pkgs.obs-studio-plugins; [ 9 + obs-pipewire-audio-capture 10 + obs-vkcapture 11 + wlrobs 12 + ]; 13 + }; 14 + }

+5

homes/x86_64-linux/pyrox/programs/pandoc.nix

··· 1 + { 2 + lib, 3 + pkgs, 4 + ... 5 + }: {programs.pandoc.enable = true;}

+90

homes/x86_64-linux/pyrox/programs/rofi.nix

··· 1 + { 2 + pkgs, 3 + config, 4 + ... 5 + }: { 6 + programs.rofi = { 7 + enable = true; 8 + package = pkgs.rofi-wayland; 9 + cycle = true; 10 + font = "IBM Plex Sans 13"; 11 + location = "center"; 12 + extraConfig = {modi = "run,ssh,drun,filebrowser";}; 13 + terminal = "${pkgs.kitty}/bin/kitty"; 14 + theme = let 15 + inherit (config.lib.formats.rasi) mkLiteral; 16 + in { 17 + "*" = { 18 + accent-color = mkLiteral "#bb9af7ff"; 19 + background-color = mkLiteral "#1a1b26ff"; 20 + blue = mkLiteral "#7aa2f7ff"; 21 + border-color = mkLiteral "#cfc9c2ff"; 22 + font = "IBM Plex Sans 13"; 23 + foreground-color = mkLiteral "#a9b1d6ff"; 24 + green = mkLiteral "#73dacaff"; 25 + height = 752; 26 + lightfg = mkLiteral "#414868ff"; 27 + red = mkLiteral "#f7768eff"; 28 + show-icons = true; 29 + width = 500; 30 + display-drun = ""; 31 + }; 32 + "#button selected" = { 33 + background-color = mkLiteral "@background-color"; 34 + text-color = mkLiteral "@accent-color"; 35 + }; 36 + "#entry" = { 37 + text-color = mkLiteral "@foreground-color"; 38 + spacing = mkLiteral "2"; 39 + border-radius = mkLiteral "8"; 40 + }; 41 + "#entry selected" = { 42 + text-color = mkLiteral "@blue"; 43 + spacing = mkLiteral "1"; 44 + border-radius = mkLiteral "8"; 45 + }; 46 + "#element-icon" = { 47 + background-color = mkLiteral "@background-color"; 48 + text-color = mkLiteral "@foreground-color"; 49 + }; 50 + "#element-text" = { 51 + background-color = mkLiteral "@background-color"; 52 + text-color = mkLiteral "@foreground-color"; 53 + }; 54 + "#element-text selected" = { 55 + background-color = mkLiteral "@blue"; 56 + text-color = mkLiteral "@background-color"; 57 + border-radius = mkLiteral "8px"; 58 + }; 59 + "#element alternate" = { 60 + background-color = mkLiteral "@background-color"; 61 + text-color = mkLiteral "@accent-color"; 62 + }; 63 + "#element normal" = { 64 + background-color = mkLiteral "@blue"; 65 + text-color = mkLiteral "@accent-color"; 66 + }; 67 + "#element selected" = { 68 + background-color = mkLiteral "@blue"; 69 + text-color = mkLiteral "@accent-color"; 70 + border-radius = mkLiteral "8"; 71 + }; 72 + "#inputbar" = {children = map mkLiteral ["prompt" "entry"];}; 73 + "#prompt" = {text-color = mkLiteral "@accent-color";}; 74 + "#textbox" = {text-color = mkLiteral "@foreground-color";}; 75 + "#textbox-prompt-colon" = { 76 + expand = true; 77 + str = ":"; 78 + margin = mkLiteral "0px 0.3em 0em 0em"; 79 + text-color = mkLiteral "@lightfg"; 80 + }; 81 + "#window" = { 82 + border = mkLiteral "2px"; 83 + border-color = mkLiteral "@border-color"; 84 + padding = 25; 85 + width = 500; 86 + height = 752; 87 + }; 88 + }; 89 + }; 90 + }

+11

homes/x86_64-linux/pyrox/programs/senpai.nix

··· 1 + { 2 + programs.senpai = { 3 + enable = true; 4 + config = { 5 + addr = "chat.sr.ht"; 6 + nick = "thehedgeh0g"; 7 + password-cmd = "bw get password 'Bouncer API Token'"; 8 + # pane-widths 9 + }; 10 + }; 11 + }

+8

homes/x86_64-linux/pyrox/programs/skim.nix

··· 1 + { 2 + programs.skim = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableZshIntegration = true; 6 + enableFishIntegration = true; 7 + }; 8 + }

+1

homes/x86_64-linux/pyrox/programs/ssh/backup.pub

··· 1 + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM= 993390@993390-student-FVFD26HVJ1WK

+34

homes/x86_64-linux/pyrox/programs/ssh/default.nix

··· 1 + { 2 + programs.ssh = { 3 + enable = true; 4 + compression = true; 5 + matchBlocks = { 6 + "marvin" = { 7 + hostname = "100.123.15.72"; 8 + user = "thehedgehog"; 9 + port = 22; 10 + extraOptions = { 11 + "IdentitiesOnly" = "no"; 12 + "PreferredAuthentications" = "publickey"; 13 + }; 14 + }; 15 + "prefect" = { 16 + hostname = "100.93.63.54"; 17 + user = "thehedgehog"; 18 + port = 22; 19 + extraOptions = { 20 + "IdentitiesOnly" = "no"; 21 + "PreferredAuthentications" = "publickey"; 22 + }; 23 + }; 24 + "botw" = { 25 + hostname = "bandit.labs.overthewire.org"; 26 + port = 2220; 27 + sendEnv = ["WECHALLUSER" "WECHALLTOKEN"]; 28 + }; 29 + }; 30 + extraOptionOverrides = { 31 + "Match" = ''host * exec "gpg-connect-agent UPDATESTARTUPTTY /bye"''; 32 + }; 33 + }; 34 + }

+1

homes/x86_64-linux/pyrox/programs/ssh/yubikey-back.pub

··· 1 + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTVGi3PItsbUhFgnFZlqo1iUggL4npMg94+9FsyhEPfShcQwJK2/jJzjv5S9KPuk3cY7aoqyVFLbnasSBZPXmscJmOiVNvtWvHoC3QPXvf3IAcVZ5KOLpY2NJlPx/pAb31C6ewtg8v3VlyhL4zEp6M+AGwXX51tFDh2GnYD+7SNF+aMhKCrX63syAhgPy3F8mZ2RIDLAu+lsYlwdpWRkSEv9kcjX/6+3QgUWjfPBaKEeYID22ihSuj7+AiuAt0gM4q0TY/Hpcx+qDLonrIuBnm1hMZDgbv//D0sHIUxJQkGTKTEbkZxoh0Qri7UV/V6l3mETaG40deuemMU7RFY7Khl8RajNZ+9z0FdquS/HCt8+fYQk6eLneJrMIQ1bI4awrtblG3P2Yf2QUu+H3kfCQe44R3WjUugTbNtumVgyQBzl2dzlIVn1pZBeyZy70XCgbaFKkDR8Y/qZiUoZ0afP3vTOXhkn5UBfutTKwUiSGh3S8Ge5YhNgKHWE2eQp1ckEm0IMJV/q5Nsw/yBBXj/kfD8ekz96LQ+gP5JFLq4EaipXI7FM4aZNOBUZU1l/sCEuq7m997nrBucTKqGm7Ho3rq7bgdj4f6GyUJXSMOM1cN61LLrRumZGGTH8WghVL7ligxZyNFcQoudR8jfpf4mrgRxipQOe1A2umvuufMr+l/bw== cardno:15 567 372

+1

homes/x86_64-linux/pyrox/programs/ssh/yubikey-main.pub

··· 1 + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBsOIMMZVmleClXfqUMrnmyh8PFuyiJqHKEZ51Xy746

+1

homes/x86_64-linux/pyrox/programs/ssh/yubikey-new.pub

··· 1 + ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK97n2SgV/U1mLzxcaEDl85iF5D3jm7xboZ+S01+CbM/8zxVoWyjVHCqTwDcrLwP0c5Z51BNj7U0UkGIgR4zTSM=

+100

homes/x86_64-linux/pyrox/programs/starship.nix

··· 1 + {lib, ...}: { 2 + programs.starship = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + enableFishIntegration = true; 6 + enableBashIntegration = true; 7 + enableZshIntegration = true; 8 + settings = { 9 + format = lib.concatStrings [ 10 + "$hostname" 11 + "$directory" 12 + "$rust" 13 + "$python" 14 + "$golang" 15 + "$nodejs" 16 + "$lua" 17 + "$git_branch" 18 + "$git_status" 19 + "$battery" 20 + "$shlvl" 21 + " " 22 + "$character" 23 + ]; 24 + right_format = lib.concatStrings ["$nix_shell"]; 25 + 26 + directory = {read_only = " ";}; 27 + git_branch = { 28 + symbol = " "; 29 + format = "\\[[$symbol$branch]($style)\\]"; 30 + }; 31 + git_status = {format = "([\\[$all_status$ahead_behind\\]]($style))";}; 32 + golang = { 33 + symbol = " "; 34 + format = "\\[[$symbol($version)]($style)\\]"; 35 + }; 36 + nodejs = {format = "\\[[$symbol($version)]($style)\\]";}; 37 + lua = { 38 + symbol = " "; 39 + format = "\\[[\${symbol}\${version}]($style)\\]"; 40 + }; 41 + package = { 42 + symbol = " "; 43 + format = "\\[[$symbol$version]($style)\\]"; 44 + }; 45 + python = { 46 + symbol = " "; 47 + format = "\\[[\${symbol}\${pyenv_prefix}(\${version})(\$$virtualenv\$)]($style)\\]"; 48 + }; 49 + rust = { 50 + symbol = " "; 51 + format = "\\[[$symbol($version)]($style)\\]"; 52 + }; 53 + shlvl = {symbol = " ";}; 54 + nix_shell = { 55 + symbol = " "; 56 + format = "\\[[$symbol($name)]($style)\\]"; 57 + }; 58 + aws.disabled = true; 59 + conda.disabled = true; 60 + crystal.disabled = true; 61 + dart.disabled = true; 62 + deno.disabled = true; 63 + docker_context.disabled = true; 64 + dotnet.disabled = true; 65 + elixir.disabled = true; 66 + elm.disabled = true; 67 + env_var.disabled = true; 68 + erlang.disabled = true; 69 + gcloud.disabled = true; 70 + helm.disabled = true; 71 + hostname.disabled = true; 72 + java.disabled = true; 73 + jobs.disabled = true; 74 + julia.disabled = true; 75 + kotlin.disabled = true; 76 + kubernetes.disabled = true; 77 + memory_usage.disabled = true; 78 + hg_branch.disabled = true; 79 + nim.disabled = true; 80 + ocaml.disabled = true; 81 + openstack.disabled = true; 82 + perl.disabled = true; 83 + php.disabled = true; 84 + purescript.disabled = true; 85 + rlang.disabled = true; 86 + red.disabled = true; 87 + ruby.disabled = true; 88 + scala.disabled = true; 89 + singularity.disabled = true; 90 + swift.disabled = true; 91 + terraform.disabled = true; 92 + time.disabled = true; 93 + username.disabled = true; 94 + vagrant.disabled = true; 95 + vlang.disabled = true; 96 + vcsh.disabled = true; 97 + zig.disabled = true; 98 + }; 99 + }; 100 + }

+1

homes/x86_64-linux/pyrox/programs/taskwarrior.nix

··· 1 + {programs.taskwarrior = {enable = true;};}

+37

homes/x86_64-linux/pyrox/programs/vscodium.nix

··· 1 + { 2 + pkgs, 3 + data, 4 + lib, 5 + ... 6 + }: { 7 + programs.vscode = { 8 + enable = false; 9 + package = pkgs.vscodium; 10 + userSettings = { 11 + "breadcrumbs.enabled" = false; 12 + "editor.formatOnPaste" = true; 13 + "editor.formatOnSave" = true; 14 + "editor.formatOnSaveMode" = "file"; 15 + "editor.formatOnType" = true; 16 + "editor.minimap.enabled" = false; 17 + "explorer.confirmDelete" = false; 18 + "extensions.autoCheckUpdates" = false; 19 + "extensions.autoUpdate" = false; 20 + "extensions.closeExtensionDetailsOnViewChange" = true; 21 + "extensions.ignoreRecommendations" = true; 22 + "python.analysis.autoImportCompletions" = true; 23 + "python.analysis.autoSearchPaths" = true; 24 + "python.analysis.completeFunctionParens" = true; 25 + "python.experiments.enabled" = false; 26 + "python.languageServer" = "Pylance"; 27 + "telemetry.telemetryLevel" = "off"; 28 + "terminal.external.linuxExec" = "kitty"; 29 + "update.mode" = "none"; 30 + "update.showReleaseNotes" = false; 31 + "workbench.colorTheme" = "Catppuccin Mocha"; 32 + "workbench.iconTheme" = "catppuccin-mocha"; 33 + "vscode-neovim.neovimExecutablePaths.linux" = lib.getExe data.packages.neovim; 34 + "python.formatting.provider" = "black"; 35 + }; 36 + }; 37 + }

+44

homes/x86_64-linux/pyrox/programs/wlogout/default.nix

··· 1 + { pkgs, config, ...}: { 2 + imports = [./style.nix]; 3 + programs.wlogout = { 4 + enable = true; 5 + layout = [ 6 + { 7 + label = "hibernate"; 8 + action = "systemctl hibernate"; 9 + text = "Hibernate"; 10 + keybind = "h"; 11 + } 12 + { 13 + label = "reboot"; 14 + action = "systemctl reboot"; 15 + text = "Reboot"; 16 + keybind = "r"; 17 + } 18 + { 19 + label = "suspend"; 20 + action = "systemctl suspend"; 21 + text = "Suspend"; 22 + keybind = "u"; 23 + } 24 + { 25 + label = "suspend-then-hibernate"; 26 + action = "systemctl suspend-then-hibernate"; 27 + text = "Supend then Hibernate"; 28 + keybind = "p"; 29 + } 30 + { 31 + label = "lock"; 32 + action = "${pkgs.swaylock-effects}/bin/swaylock"; 33 + text = "Lock"; 34 + keybind = "l"; 35 + } 36 + { 37 + label = "shutdown"; 38 + action = "systemctl poweroff"; 39 + text = "Shutdown"; 40 + keybind = "s"; 41 + } 42 + ]; 43 + }; 44 + }

+53

homes/x86_64-linux/pyrox/programs/wlogout/style.nix

··· 1 + {pkgs, config, ...}: let 2 + pkg = config.programs.wlogout.package; 3 + icon-path = "${pkg}/share/wlogout/icons"; 4 + in { 5 + programs.wlogout.style = '' 6 + * { 7 + background-image: none; 8 + } 9 + window { 10 + background-image: image(url("/home/thehedgehog/bgs/ctp-waves.png"), url("/home/thehedgehog/bgs/ctp-waves.png")); 11 + background-size: cover; 12 + } 13 + button { 14 + color: #cdd6f4; 15 + background-color: #11111b; 16 + border: none; 17 + border-color: #6c7086; 18 + background-repeat: no-repeat; 19 + background-position: center; 20 + background-size: 25%; 21 + } 22 + 23 + button:focus, button:active, button:hover { 24 + background-color: #1e1e2e; 25 + outline-style: none; 26 + border:none; 27 + } 28 + 29 + #lock { 30 + background-image: image(url("${icon-path}/lock.png"), url("${icon-path}/lock.png")); 31 + } 32 + 33 + #suspend-then-hibernate { 34 + background-image: image(url("${icon-path}/suspend.png"), url("${icon-path}/suspend.png")); 35 + } 36 + 37 + #suspend { 38 + background-image: image(url("${icon-path}/suspend.png"), url("${icon-path}/suspend.png")); 39 + } 40 + 41 + #hibernate { 42 + background-image: image(url("${icon-path}/hibernate.png"), url("${icon-path}/hibernate.png")); 43 + } 44 + 45 + #shutdown { 46 + background-image: image(url("${icon-path}/shutdown.png"), url("${icon-path}/shutdown.png")); 47 + } 48 + 49 + #reboot { 50 + background-image: image(url("${icon-path}/reboot.png"), url("${icon-path}/reboot.png")); 51 + } 52 + ''; 53 + }

+8

homes/x86_64-linux/pyrox/programs/zoxide.nix

··· 1 + { 2 + programs.zoxide = { 3 + enable = true; 4 + enableBashIntegration = true; 5 + enableFishIntegration = true; 6 + enableZshIntegration = true; 7 + }; 8 + }

+16

homes/x86_64-linux/pyrox/programs/zsh.nix

··· 1 + {pkgs, ...}: { 2 + programs.zsh = { 3 + enable = true; 4 + autosuggestion.enable = true; 5 + enableCompletion = true; 6 + enableVteIntegration = true; 7 + syntaxHighlighting = {enable = true;}; 8 + history = { 9 + extended = true; 10 + ignoreDups = false; 11 + share = true; 12 + save = 50000; 13 + size = 10000; 14 + }; 15 + }; 16 + }

+18

homes/x86_64-linux/pyrox/scripts.nix

··· 1 + { 2 + lib, 3 + pkgs, 4 + config, 5 + ... 6 + }: { 7 + home.activation = { 8 + cloneDoom = lib.hm.dag.entryAfter ["writeBoundary"] '' 9 + if [ ! -d "${config.home.homeDirectory}/.config/emacs" ]; then 10 + $DRY_RUN_CMD ${pkgs.git}/bin/git clone --depth=1 --single-branch "https://github.com/doomemacs/doomemacs" "${config.home.homeDirectory}/.config/emacs" 11 + $DRY_RUN_CMD ${config.home.homeDirectory}/.config/emacs/bin/doom sync -u 12 + fi 13 + ''; 14 + removeLocalFonts = lib.hm.dag.entryAfter ["writeBoundary"] '' 15 + unlink ${config.home.homeDirectory}/.local/share/fonts 16 + ''; 17 + }; 18 + }

+8

homes/x86_64-linux/pyrox/services/emacs.nix

··· 1 + {programs, ...}: { 2 + services.emacs = { 3 + inherit (programs.emacs) package; 4 + enable = true; 5 + # package = programs.emacs.package; 6 + socketActivation.enable = true; 7 + }; 8 + }

+19

homes/x86_64-linux/pyrox/services/gpg-agent.nix

··· 1 + {pkgs, ...}: { 2 + services.gpg-agent = { 3 + enable = true; 4 + enableExtraSocket = true; 5 + enableScDaemon = true; 6 + enableSshSupport = true; 7 + defaultCacheTtl = 600; 8 + maxCacheTtl = 600; 9 + sshKeys = [ 10 + # My Normal GPG Key(Authentication Subkey) 11 + "485329FEF73C42C6C42879F66C8B971F3FD4A132" 12 + "CFEFCD08CFE6F0849F32ABC9C5CF3158A2FE1392" 13 + ]; 14 + extraConfig = '' 15 + ttyname $GPG_TTY 16 + max-cache-ttl-ssh 600 17 + ''; 18 + }; 19 + }

+40

homes/x86_64-linux/pyrox/services/kanshi.nix

··· 1 + {pkgs, ...}: { 2 + services.kanshi = { 3 + enable = true; 4 + settings = [ 5 + { 6 + profile = { 7 + name = "default"; 8 + outputs = [ 9 + { 10 + criteria = "eDP-1"; 11 + status = "enable"; 12 + scale = 1.2; 13 + position = "0,0"; 14 + } 15 + ]; 16 + }; 17 + } 18 + { 19 + profile = { 20 + name = "home"; 21 + outputs = [ 22 + { 23 + criteria = "DP-4"; 24 + status = "enable"; 25 + scale = 1.0; 26 + position = "0,0"; 27 + } 28 + { 29 + criteria = "eDP-1"; 30 + # status = "enable"; 31 + status = "disable"; 32 + # scale = 1.0; 33 + # position = "1920,0"; 34 + } 35 + ]; 36 + }; 37 + } 38 + ]; 39 + }; 40 + }

+6

homes/x86_64-linux/pyrox/services/kdeconnect.nix

··· 1 + {pkgs, ...}: { 2 + services.kdeconnect = { 3 + enable = false; 4 + indicator = true; 5 + }; 6 + }

+11

homes/x86_64-linux/pyrox/services/mako.nix

··· 1 + { 2 + services.mako = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + actions = true; 6 + defaultTimeout = 10000; 7 + font = "IBM Plex Sans 14pt"; 8 + icons = true; 9 + layer = "overlay"; 10 + }; 11 + }

+19

homes/x86_64-linux/pyrox/services/mpd.nix

··· 1 + {config, ...}: { 2 + services.mpd = { 3 + enable = true; 4 + musicDirectory = "${config.home.homeDirectory}/Music"; 5 + extraConfig = '' 6 + audio_output { 7 + type "fifo" 8 + name "viz" 9 + path "/tmp/mpd.fifo" 10 + format "44100:16:2" 11 + buffer_time "100000" 12 + } 13 + audio_output { 14 + type "pipewire" 15 + name "PipeWire Sound Server" 16 + } 17 + ''; 18 + }; 19 + }

+16

homes/x86_64-linux/pyrox/services/pantalaimon.nix

··· 1 + { 2 + services.pantalaimon = { 3 + enable = true; 4 + settings = { 5 + Default = { 6 + LogLevel = "Debug"; 7 + SSL = true; 8 + }; 9 + thehedgeh0g = { 10 + Homeserver = "https://colony.jupiterbroadcasting.com"; 11 + ListenAddress = "127.0.0.1"; 12 + ListenPort = 8008; 13 + }; 14 + }; 15 + }; 16 + }

+21

homes/x86_64-linux/pyrox/services/swayidle.nix

··· 1 + {pkgs, ...}: { 2 + services.swayidle = { 3 + enable = true; 4 + events = [ 5 + { 6 + event = "lock"; 7 + command = "${pkgs.swaylock}/bin/swaylock -C ~/.config/swaylock/config"; 8 + } 9 + { 10 + event = "after-resume"; 11 + command = ''swaymsg "output * dpms on"''; 12 + } 13 + ]; 14 + timeouts = [ 15 + { 16 + timeout = 180; 17 + command = "${pkgs.swaylock}/bin/swaylock -C ~/.config/swaylock/config"; 18 + } 19 + ]; 20 + }; 21 + }

+6

homes/x86_64-linux/pyrox/services/syncthing.nix

··· 1 + { 2 + services.syncthing = { 3 + enable = true; 4 + tray.enable = true; 5 + }; 6 + }

+6

homes/x86_64-linux/pyrox/services/taskwarrior-sync.nix

··· 1 + { 2 + services.taskwarrior-sync = { 3 + enable = false; 4 + frequency = "*:00:00"; 5 + }; 6 + }

+28

homes/x86_64-linux/pyrox/theming.nix

··· 1 + { 2 + pkgs, 3 + config, 4 + ... 5 + }: { 6 + catppuccin = { 7 + flavor = "mocha"; 8 + accent = "blue"; 9 + }; 10 + gtk = { 11 + enable = true; 12 + catppuccin = { 13 + enable = true; 14 + size = "compact"; 15 + tweaks = ["rimless"]; 16 + cursor.enable = true; 17 + }; 18 + font = { 19 + name = "IBM Plex Mono"; 20 + size = 14; 21 + }; 22 + gtk3.bookmarks = ["file:///${config.home.homeDirectory}/Downloads"]; 23 + iconTheme = { 24 + package = pkgs.papirus-icon-theme; 25 + name = "Papirus-Dark"; 26 + }; 27 + }; 28 + }

+79

homes/x86_64-linux/pyrox/xdg.nix

··· 1 + {config, lib, pkgs, ...}: let 2 + homeDir = config.home.homeDirectory; 3 + in { 4 + xdg = { 5 + enable = true; 6 + mime.enable = true; 7 + configHome = lib.mkForce "${homeDir}/.config"; 8 + dataHome = lib.mkForce "${homeDir}/.local/share"; 9 + portal = { 10 + enable = true; 11 + xdgOpenUsePortal = true; 12 + extraPortals = [ 13 + pkgs.xdg-desktop-portal-gtk 14 + pkgs.xdg-desktop-portal-wlr 15 + ]; 16 + config = { 17 + common = { 18 + default = [ 19 + "gtk" 20 + ]; 21 + "org.freedesktop.impl.portal.Screenshot" = ["wlr"]; 22 + "org.freedesktop.impl.portal.ScreenCast" = ["wlr"]; 23 + }; 24 + }; 25 + }; 26 + mimeApps = { 27 + enable = true; 28 + associations.added = { 29 + "application/pdf" = ["firefox.desktop"]; 30 + "application/rdf+xml" = ["firefox.desktop"]; 31 + "application/rss+xml" = ["firefox.desktop"]; 32 + "application/xhtml+xml" = ["firefox.desktop"]; 33 + "application/xhtml_xml" = ["firefox.desktop"]; 34 + "application/xml" = ["firefox.desktop"]; 35 + "image/gif" = ["viewnior.desktop" "firefox.desktop"]; 36 + "image/jpeg" = ["viewnior.desktop" "firefox.desktop"]; 37 + "image/png" = ["viewnior.desktop" "firefox.desktop"]; 38 + "image/webp" = ["viewnior.desktop" "firefox.desktop"]; 39 + "text/html" = ["firefox.desktop"]; 40 + "text/xml" = ["firefox.desktop"]; 41 + "x-scheme-handler/http" = ["firefox.desktop"]; 42 + "x-scheme-handler/https" = ["firefox.desktop"]; 43 + "x-scheme-handler/about" = ["firefox.desktop"]; 44 + "x-scheme-handler/unknown" = ["firefox.desktop"]; 45 + "x-scheme-handler/mailto" = ["thunderbird.desktop" "firefox.desktop"]; 46 + "x-scheme-handler/webcal" = ["firefox.desktop" "thunderbird.desktop"]; 47 + }; 48 + defaultApplications = { 49 + "application/pdf" = ["firefox.desktop"]; 50 + "application/rdf+xml" = ["firefox.desktop"]; 51 + "application/rss+xml" = ["firefox.desktop"]; 52 + "application/xhtml+xml" = ["firefox.desktop"]; 53 + "application/xhtml_xml" = ["firefox.desktop"]; 54 + "application/xml" = ["firefox.desktop"]; 55 + "image/gif" = ["viewnior.desktop" "firefox.desktop"]; 56 + "image/jpeg" = ["viewnior.desktop" "firefox.desktop"]; 57 + "image/png" = ["viewnior.desktop" "firefox.desktop"]; 58 + "image/webp" = ["viewnior.desktop" "firefox.desktop"]; 59 + "text/html" = ["firefox.desktop"]; 60 + "text/xml" = ["firefox.desktop"]; 61 + "x-scheme-handler/http" = ["firefox.desktop"]; 62 + "x-scheme-handler/https" = ["firefox.desktop"]; 63 + "x-scheme-handler/about" = ["firefox.desktop"]; 64 + "x-scheme-handler/unknown" = ["firefox.desktop"]; 65 + "x-scheme-handler/mailto" = ["thunderbird.desktop" "firefox.desktop"]; 66 + "x-scheme-handler/webcal" = ["firefox.desktop" "thunderbird.desktop"]; 67 + "x-scheme-handler/steam" = ["steam-native.desktop" "steam.desktop"]; 68 + "x-scheme-handler/steamlink" = ["steam-native.desktop" "steam.desktop"]; 69 + }; 70 + }; 71 + userDirs = { 72 + enable = true; 73 + createDirectories = true; 74 + music = "$HOME/music"; 75 + publicShare = "$HOME/.xdg/share"; 76 + templates = "$HOME/.xdg/templates"; 77 + }; 78 + }; 79 + }

+1

homes/x86_64-linux/thehedgehog

··· 1 + ./pyrox

-1

hosts/common/nixpkgsConfig.nix

··· 2 2 nixpkgs = { 3 3 config = { 4 4 allowUnfree = true; 5 - joypixels.acceptLicense = true; 6 5 }; 7 6 }; 8 7 }

hosts/marvin/bootloader.nix systems/x86_64-linux/marvin/bootloader.nix

+3

hosts/marvin/configuration.nix systems/x86_64-linux/marvin/configuration.nix

··· 11 11 ./networking.nix 12 12 ./hardware.nix 13 13 14 + # Common service configs 15 + ../modules/services/buildbot-worker.nix 16 + 14 17 # Running Services 15 18 ./services/authentik.nix 16 19 ./services/avahi.nix

hosts/marvin/firewall.nix systems/x86_64-linux/marvin/firewall.nix

hosts/marvin/hardware.nix systems/x86_64-linux/marvin/hardware.nix

hosts/marvin/networking.nix systems/x86_64-linux/marvin/networking.nix

hosts/marvin/secrets/authentik-env.age systems/x86_64-linux/marvin/secrets/authentik-env.age

hosts/marvin/secrets/forgejo-db-pw.age systems/x86_64-linux/marvin/secrets/forgejo-db-pw.age

hosts/marvin/secrets/forgejo-default-runner-token.age systems/x86_64-linux/marvin/secrets/forgejo-default-runner-token.age

hosts/marvin/secrets/forgejo-internal-token.age systems/x86_64-linux/marvin/secrets/forgejo-internal-token.age

hosts/marvin/secrets/forgejo-lfs-jwt-secret.age systems/x86_64-linux/marvin/secrets/forgejo-lfs-jwt-secret.age

hosts/marvin/secrets/forgejo-mail-pw.age systems/x86_64-linux/marvin/secrets/forgejo-mail-pw.age

hosts/marvin/secrets/forgejo-oauth2-jwt-secret.age systems/x86_64-linux/marvin/secrets/forgejo-oauth2-jwt-secret.age

hosts/marvin/secrets/forgejo-secret-key.age systems/x86_64-linux/marvin/secrets/forgejo-secret-key.age

hosts/marvin/secrets/golink-authkey.age systems/x86_64-linux/marvin/secrets/golink-authkey.age

hosts/marvin/secrets/grafana-admin-password.age systems/x86_64-linux/marvin/secrets/grafana-admin-password.age

hosts/marvin/secrets/grafana-smtp-password.age systems/x86_64-linux/marvin/secrets/grafana-smtp-password.age

hosts/marvin/secrets/iceshrimp-db-password.age systems/x86_64-linux/marvin/secrets/iceshrimp-db-password.age

hosts/marvin/secrets/iceshrimp-secret-config.age systems/x86_64-linux/marvin/secrets/iceshrimp-secret-config.age

hosts/marvin/secrets/minio-root.age systems/x86_64-linux/marvin/secrets/minio-root.age

hosts/marvin/secrets/nextcloud-admin-pw.age systems/x86_64-linux/marvin/secrets/nextcloud-admin-pw.age

hosts/marvin/secrets/nix-serve-priv.age systems/x86_64-linux/marvin/secrets/nix-serve-priv.age

hosts/marvin/secrets/planka-env.age systems/x86_64-linux/marvin/secrets/planka-env.age

hosts/marvin/secrets/radicale-htpasswd.age systems/x86_64-linux/marvin/secrets/radicale-htpasswd.age

+4

hosts/marvin/secrets/secrets.nix systems/x86_64-linux/marvin/secrets/secrets.nix

··· 8 8 default = [marvin yubi-back ssh-new]; 9 9 in { 10 10 "authentik-env.age".publicKeys = default; 11 + "buildbot-worker-password.age".publicKeys = default; 12 + "buildbot-gitea-token.age".publicKeys = default; 13 + "buildbot-oauth-secret.age".publicKeys = default; 14 + "buildbot-workers.age".publicKeys = default; 11 15 "forgejo-db-pw.age".publicKeys = default; 12 16 "forgejo-mail-pw.age".publicKeys = default; 13 17 "forgejo-default-runner-token.age".publicKeys = default;

hosts/marvin/secrets/thehedgehog-key.age systems/x86_64-linux/marvin/secrets/thehedgehog-key.age

hosts/marvin/secrets/thehedgehog-pem.age systems/x86_64-linux/marvin/secrets/thehedgehog-pem.age

hosts/marvin/secrets/vaultwarden-pgpass.age systems/x86_64-linux/marvin/secrets/vaultwarden-pgpass.age

hosts/marvin/secrets/vaultwarden-vars.age systems/x86_64-linux/marvin/secrets/vaultwarden-vars.age

hosts/marvin/secrets/webmentiond-env.age systems/x86_64-linux/marvin/secrets/webmentiond-env.age

hosts/marvin/services/authentik.nix systems/x86_64-linux/marvin/services/authentik.nix

hosts/marvin/services/avahi.nix systems/x86_64-linux/marvin/services/avahi.nix

hosts/marvin/services/bookstack.nix systems/x86_64-linux/marvin/services/bookstack.nix

hosts/marvin/services/bots.nix systems/x86_64-linux/marvin/services/bots.nix

hosts/marvin/services/deemix.nix systems/x86_64-linux/marvin/services/deemix.nix

hosts/marvin/services/git.nix systems/x86_64-linux/marvin/services/git.nix

hosts/marvin/services/golink.nix systems/x86_64-linux/marvin/services/golink.nix

hosts/marvin/services/grafana.nix systems/x86_64-linux/marvin/services/grafana.nix

hosts/marvin/services/iceshrimp.nix systems/x86_64-linux/marvin/services/iceshrimp.nix

hosts/marvin/services/jellyfin.nix systems/x86_64-linux/marvin/services/jellyfin.nix

hosts/marvin/services/matrix.nix systems/x86_64-linux/marvin/services/matrix.nix

hosts/marvin/services/minio.nix systems/x86_64-linux/marvin/services/minio.nix

hosts/marvin/services/nextcloud/default.nix systems/x86_64-linux/marvin/services/nextcloud/default.nix

hosts/marvin/services/nextcloud/imaginary.nix systems/x86_64-linux/marvin/services/nextcloud/imaginary.nix

hosts/marvin/services/nextcloud/office.nix systems/x86_64-linux/marvin/services/nextcloud/office.nix

hosts/marvin/services/nginx.nix systems/x86_64-linux/marvin/services/nginx.nix

hosts/marvin/services/planka.nix systems/x86_64-linux/marvin/services/planka.nix

hosts/marvin/services/podman.nix systems/x86_64-linux/marvin/services/podman.nix

hosts/marvin/services/postgres.nix systems/x86_64-linux/marvin/services/postgres.nix

hosts/marvin/services/prometheus.nix systems/x86_64-linux/marvin/services/prometheus.nix

hosts/marvin/services/prosody.nix systems/x86_64-linux/marvin/services/prosody.nix

hosts/marvin/services/radicale.nix systems/x86_64-linux/marvin/services/radicale.nix

hosts/marvin/services/redlib.nix systems/x86_64-linux/marvin/services/redlib.nix

hosts/marvin/services/syncthing.nix systems/x86_64-linux/marvin/services/syncthing.nix

hosts/marvin/services/tailscale.nix systems/x86_64-linux/marvin/services/tailscale.nix

hosts/marvin/services/vaultwarden.nix systems/x86_64-linux/marvin/services/vaultwarden.nix

hosts/marvin/services/webmentiond.nix systems/x86_64-linux/marvin/services/webmentiond.nix

hosts/marvin/services/zfs.nix systems/x86_64-linux/marvin/services/zfs.nix

+8

hosts/modules/services/buildbot-worker.nix

··· 1 + {config, ...}: { 2 + services.buildbot-nix.worker = { 3 + enable = true; 4 + name = config.networking.hostName; 5 + masterUrl = "tcp:host=marvin:port=6915"; 6 + workerPasswordFile = config.age.secrets.buildbot-worker-password.path; 7 + }; 8 + }

hosts/prefect/bootloader.nix systems/x86_64-linux/prefect/bootloader.nix

hosts/prefect/configuration.nix systems/x86_64-linux/prefect/configuration.nix

hosts/prefect/dn42/bgp.nix systems/x86_64-linux/prefect/dn42/bgp.nix

hosts/prefect/dn42/bird.conf systems/x86_64-linux/prefect/dn42/bird.conf

hosts/prefect/dn42/default.nix systems/x86_64-linux/prefect/dn42/default.nix

hosts/prefect/dn42/services.nix systems/x86_64-linux/prefect/dn42/services.nix

hosts/prefect/dn42/tunnels.nix systems/x86_64-linux/prefect/dn42/tunnels.nix

hosts/prefect/dn42/wireguard.nix systems/x86_64-linux/prefect/dn42/wireguard.nix

hosts/prefect/firewall.nix systems/x86_64-linux/prefect/firewall.nix

hosts/prefect/hardware.nix systems/x86_64-linux/prefect/hardware.nix

hosts/prefect/networking.nix systems/x86_64-linux/prefect/networking.nix

hosts/prefect/packages.nix systems/x86_64-linux/prefect/packages.nix

hosts/prefect/secrets/acme-creds.age systems/x86_64-linux/prefect/secrets/acme-creds.age

hosts/prefect/secrets/dn42-peerfinder-uuid.age systems/x86_64-linux/prefect/secrets/dn42-peerfinder-uuid.age

hosts/prefect/secrets/dn42-privkey.age systems/x86_64-linux/prefect/secrets/dn42-privkey.age

hosts/prefect/secrets/headscale-oidc-secret.age systems/x86_64-linux/prefect/secrets/headscale-oidc-secret.age

hosts/prefect/secrets/secrets.nix systems/x86_64-linux/prefect/secrets/secrets.nix

hosts/prefect/secrets/wireguard-priv-key.age systems/x86_64-linux/prefect/secrets/wireguard-priv-key.age

hosts/prefect/services/Caddyfile systems/x86_64-linux/prefect/services/Caddyfile

hosts/prefect/services/acme.nix systems/x86_64-linux/prefect/services/acme.nix

hosts/prefect/services/blog-update.nix systems/x86_64-linux/prefect/services/blog-update.nix

hosts/prefect/services/blog-update.sh systems/x86_64-linux/prefect/services/blog-update.sh

hosts/prefect/services/caddy.nix systems/x86_64-linux/prefect/services/caddy.nix

hosts/prefect/services/dn42-peerfinder.nix systems/x86_64-linux/prefect/services/dn42-peerfinder.nix

hosts/prefect/services/fail2ban.nix systems/x86_64-linux/prefect/services/fail2ban.nix

hosts/prefect/services/headscale.nix systems/x86_64-linux/prefect/services/headscale.nix

hosts/prefect/services/mailserver/default.nix systems/x86_64-linux/prefect/services/mailserver/default.nix

hosts/prefect/services/mailserver/logins.nix systems/x86_64-linux/prefect/services/mailserver/logins.nix

hosts/prefect/services/mailserver/monitoring.nix systems/x86_64-linux/prefect/services/mailserver/monitoring.nix

hosts/prefect/services/mailserver/overrides.nix systems/x86_64-linux/prefect/services/mailserver/overrides.nix

hosts/prefect/services/named.conf systems/x86_64-linux/prefect/services/named.conf

hosts/prefect/services/netdata.nix systems/x86_64-linux/prefect/services/netdata.nix

hosts/prefect/services/nginx/default.nix systems/x86_64-linux/prefect/services/nginx/default.nix

hosts/prefect/services/nginx/pyrox.dev.nix systems/x86_64-linux/prefect/services/nginx/pyrox.dev.nix

hosts/prefect/services/php.nix systems/x86_64-linux/prefect/services/php.nix

hosts/prefect/services/prometheus.nix systems/x86_64-linux/prefect/services/prometheus.nix

hosts/prefect/services/secrets.nix systems/x86_64-linux/prefect/services/secrets.nix

hosts/prefect/services/tailscale.nix systems/x86_64-linux/prefect/services/tailscale.nix

hosts/prefect/services/zerotier.nix systems/x86_64-linux/prefect/services/zerotier.nix

hosts/thought/bootloader.nix systems/x86_64-linux/thought/bootloader.nix

hosts/thought/configuration.nix systems/x86_64-linux/thought/configuration.nix

hosts/thought/disks.nix systems/x86_64-linux/thought/disks.nix

hosts/thought/firewall.nix systems/x86_64-linux/thought/firewall.nix

hosts/thought/hardware.nix systems/x86_64-linux/thought/hardware.nix

hosts/thought/networking.nix systems/x86_64-linux/thought/networking.nix

hosts/thought/packages.nix systems/x86_64-linux/thought/packages.nix

hosts/thought/secrets/secrets.nix systems/x86_64-linux/thought/secrets/secrets.nix

hosts/thought/services/prometheus.nix systems/x86_64-linux/thought/services/prometheus.nix

hosts/thought/services/tailscale.nix systems/x86_64-linux/thought/services/tailscale.nix

hosts/zaphod/bootloader.nix systems/x86_64-linux/zaphod/bootloader.nix

hosts/zaphod/configuration.nix systems/x86_64-linux/zaphod/configuration.nix

hosts/zaphod/console.nix systems/x86_64-linux/zaphod/console.nix

hosts/zaphod/fonts.nix systems/x86_64-linux/zaphod/fonts.nix

+2

hosts/zaphod/hardware.nix systems/x86_64-linux/zaphod/hardware.nix

··· 18 18 driSupport = true; 19 19 driSupport32Bit = true; 20 20 extraPackages = [ 21 + pkgs.amdvlk 21 22 pkgs.gamescope 22 23 pkgs.libva 23 24 pkgs.libvdpau ··· 27 28 pkgs.vaapiVdpau 28 29 ]; 29 30 extraPackages32 = [ 31 + pkgs.amdvlk 30 32 pkgs.gamescope 31 33 pkgs.mangohud 32 34 pkgs.mesa

hosts/zaphod/kde.nix systems/x86_64-linux/zaphod/kde.nix

hosts/zaphod/misc.nix systems/x86_64-linux/zaphod/misc.nix

hosts/zaphod/networking.nix systems/x86_64-linux/zaphod/networking.nix

hosts/zaphod/packages.nix systems/x86_64-linux/zaphod/packages.nix

hosts/zaphod/power.nix systems/x86_64-linux/zaphod/power.nix

hosts/zaphod/programs/chromium.nix systems/x86_64-linux/zaphod/programs/chromium.nix

hosts/zaphod/programs/dconf.nix systems/x86_64-linux/zaphod/programs/dconf.nix

hosts/zaphod/programs/default.nix systems/x86_64-linux/zaphod/programs/default.nix

hosts/zaphod/programs/gnupg.nix systems/x86_64-linux/zaphod/programs/gnupg.nix

hosts/zaphod/programs/less.nix systems/x86_64-linux/zaphod/programs/less.nix

hosts/zaphod/programs/misc.nix systems/x86_64-linux/zaphod/programs/misc.nix

hosts/zaphod/programs/noisetorch.nix systems/x86_64-linux/zaphod/programs/noisetorch.nix

hosts/zaphod/programs/proxychains.nix systems/x86_64-linux/zaphod/programs/proxychains.nix

hosts/zaphod/programs/ssh.nix systems/x86_64-linux/zaphod/programs/ssh.nix

hosts/zaphod/programs/sway.nix systems/x86_64-linux/zaphod/programs/sway.nix

hosts/zaphod/programs/zsh.nix systems/x86_64-linux/zaphod/programs/zsh.nix

hosts/zaphod/secret-files.nix systems/x86_64-linux/zaphod/secret-files.nix

hosts/zaphod/secrets/secrets.nix systems/x86_64-linux/zaphod/secrets/secrets.nix

hosts/zaphod/secrets/wg-privkey.age systems/x86_64-linux/zaphod/secrets/wg-privkey.age

hosts/zaphod/security/modules.nix systems/x86_64-linux/zaphod/security/modules.nix

hosts/zaphod/security/pam.nix systems/x86_64-linux/zaphod/security/pam.nix

hosts/zaphod/services/avahi.nix systems/x86_64-linux/zaphod/services/avahi.nix

hosts/zaphod/services/docker.nix systems/x86_64-linux/zaphod/services/docker.nix

hosts/zaphod/services/flatpak.nix systems/x86_64-linux/zaphod/services/flatpak.nix

hosts/zaphod/services/fprintd.nix systems/x86_64-linux/zaphod/services/fprintd.nix

hosts/zaphod/services/fwupd.nix systems/x86_64-linux/zaphod/services/fwupd.nix

hosts/zaphod/services/greetd.nix systems/x86_64-linux/zaphod/services/greetd.nix

hosts/zaphod/services/kmscon.nix systems/x86_64-linux/zaphod/services/kmscon.nix

hosts/zaphod/services/misc.nix systems/x86_64-linux/zaphod/services/misc.nix

hosts/zaphod/services/modules.nix systems/x86_64-linux/zaphod/services/modules.nix

hosts/zaphod/services/packagekit.nix systems/x86_64-linux/zaphod/services/packagekit.nix

hosts/zaphod/services/pcscd.nix systems/x86_64-linux/zaphod/services/pcscd.nix

hosts/zaphod/services/pipewire.nix systems/x86_64-linux/zaphod/services/pipewire.nix

hosts/zaphod/services/ssh.nix systems/x86_64-linux/zaphod/services/ssh.nix

hosts/zaphod/services/tailscale.nix systems/x86_64-linux/zaphod/services/tailscale.nix

+4

lib/data/default.nix

··· 1 + { 2 + data.hosts = builtins.fromTOML (builtins.readFile ./hosts.toml); 3 + data.services = builtins.fromTOML (builtins.readFile ./services.toml); 4 + }

+9

lib/data/packages/default.nix.bak

··· 1 + { 2 + inputs, 3 + pkgs, 4 + ... 5 + }: { 6 + data.packages = { 7 + nvim = inputs.nvim.packages.${pkgs.system}.neovim; 8 + }; 9 + }

+1 -8

lib/default.nix

··· 1 - {lib, pkgs, inputs, data, ...}: let 2 - inherit (lib) makeExtensible; 3 - in { 4 - myLib = makeExtensible (self: let 5 - callLibs = file: import file { myLib = self; inherit self lib pkgs inputs data; }; 6 - in { 7 - hosts = callLibs ./hosts.nix; 8 - }); 1 + {lib, inputs, namespace, snowfall-inputs, ...}: { 9 2 }

-66

lib/hosts.nix

··· 1 - { self, lib, inputs, pkgs, data, ...}: rec { 2 - # Create a user 3 - mkUser = { 4 - user, 5 - profile, 6 - }: { 7 - home-manager.users.${user} = import ../home/profiles/${profile}.nix; 8 - users.users.${user}.isNormalUser = true; 9 - }; 10 - mkHost = { 11 - hostname, 12 - # System architecture 13 - system ? "x86_64-linux", 14 - # The profile to apply 15 - profile ? "server", 16 - # above, but for Home Manager 17 - hmProfile ? profile, 18 - # The list of users to deploy profiles for 19 - users ? [ 20 - "thehedgehog" 21 - "pyrox" 22 - ], 23 - # The core count, useful for setting some nix settings 24 - coreCount, 25 - # Any extra modules to load aside from the default set 26 - extraModules ? [], 27 - # Above, but for Home Manager 28 - extraHMModules ? [], 29 - }: let 30 - userProfiles = 31 - lib.forEach users (user: mkUser {inherit profile user;}); 32 - in (lib.nixosSystem { 33 - inherit system; 34 - modules = builtins.concatLists [ 35 - [ 36 - inputs.self.nixosModules.default 37 - # This host's config files 38 - ../hosts/${hostname}/configuration.nix 39 - ../hosts/${hostname}/bootloader.nix 40 - # Catppuccin theme 41 - inputs.ctp.nixosModules.catppuccin 42 - # Lix > Nix 43 - inputs.lix-module.nixosModules.default 44 - # Home-manager 45 - inputs.home-manager.nixosModules.home-manager 46 - { 47 - home-manager.useGlobalPkgs = true; 48 - home-manager.useUserPackages = true; 49 - home-manager.extraSpecialArgs = {inherit pkgs system inputs data;}; 50 - home-manager.sharedModules = builtins.concatLists [ 51 - [ 52 - inputs.nix-index-database.hmModules.nix-index 53 - inputs.ctp.homeManagerModules.catppuccin 54 - ] 55 - extraHMModules 56 - ]; 57 - } 58 - # Agenix for secrets 59 - inputs.agenix.nixosModules.default 60 - ] 61 - extraModules 62 - userProfiles 63 - ]; 64 - specialArgs = {inherit self inputs pkgs data;}; 65 - }); 66 - }

+48

lib/hosts/default.nix.bak

··· 1 + { lib, inputs, namespace, snowfall-inputs, ...}: { 2 + hosts = { 3 + # Create a user 4 + mkUser = { 5 + user, 6 + profile, 7 + }: { 8 + home-manager.users.${user} = import ../home/profiles/${profile}.nix; 9 + users.users.${user}.isNormalUser = true; 10 + }; 11 + mkHost = { 12 + hostname, 13 + # System architecture 14 + system ? "x86_64-linux", 15 + # The profile to apply 16 + profile ? "server", 17 + # above, but for Home Manager 18 + hmProfile ? profile, 19 + # The list of users to deploy profiles for 20 + users ? [ 21 + "thehedgehog" 22 + "pyrox" 23 + ], 24 + # The core count, useful for setting some nix settings 25 + coreCount, 26 + # Any extra modules to load aside from the default set 27 + extraModules ? [], 28 + # Above, but for Home Manager 29 + extraHMModules ? [], 30 + }: let 31 + userProfiles = 32 + lib.forEach users (user: mkUser {inherit profile user;}); 33 + in (lib.nixosSystem { 34 + inherit system; 35 + modules = builtins.concatLists [ 36 + [ 37 + inputs.self.nixosModules.default 38 + # This host's config files 39 + ../hosts/${hostname}/configuration.nix 40 + ../hosts/${hostname}/bootloader.nix 41 + ] 42 + extraModules 43 + userProfiles 44 + ]; 45 + specialArgs = {inherit self inputs pkgs data;}; 46 + }); 47 + } 48 + }

modules/dn42-pingfinder.nix modules/nixos/dn42-pingfinder/default.nix

modules/forgejo-runner.nix modules/nixos/forgejo-runner/default.nix

+13

modules/home/profiles/base/default.nix

··· 1 + {inputs, config, ...}: { 2 + imports = [ 3 + ../programs/gpg.nix 4 + ../xdg.nix 5 + ]; 6 + programs.home-manager.enable = true; 7 + home.stateVersion = "24.05"; 8 + home.language = {base = "en_US.utf8";}; 9 + manual.manpages.enable = false; 10 + manual.html.enable = false; 11 + manual.json.enable = false; 12 + programs.man.enable = false; 13 + }

+53

modules/home/profiles/cli/default.nix

··· 1 + {pkgs, ...}: let 2 + customPythonPackages = python-packages: with python-packages; [textual]; 3 + customPython = pkgs.python311.withPackages customPythonPackages; 4 + in { 5 + imports = [ 6 + ../programs/bat.nix 7 + ../programs/direnv.nix 8 + ../programs/fish.nix 9 + ../programs/fzf.nix 10 + ../programs/git.nix 11 + ../programs/gh.nix 12 + ../programs/helix.nix 13 + ../programs/neovim.nix 14 + ../programs/nix-index.nix 15 + ../programs/nushell 16 + ../programs/pandoc.nix 17 + ../programs/ssh 18 + ../programs/starship.nix 19 + ../programs/zoxide.nix 20 + ../programs/zsh.nix 21 + 22 + ../files/distrobox-config.nix 23 + ]; 24 + programs.eza = { 25 + enable = true; 26 + icons = true; 27 + git = true; 28 + enableBashIntegration = false; 29 + enableIonIntegration = false; 30 + }; 31 + programs.btop = { 32 + enable = true; 33 + catppuccin.enable = true; 34 + }; 35 + programs.glamour.catppuccin.enable = true; 36 + xdg.configFile = { 37 + "rbw".source = ../../oldconfig/rbw; 38 + "rbw".recursive = true; 39 + }; 40 + home.packages = with pkgs; [ 41 + btrfs-progs 42 + fd 43 + fzf 44 + glow 45 + gnupg 46 + # neovim 47 + pinentry 48 + rbw 49 + rsync 50 + xdg-utils 51 + yt-dlp 52 + ]; 53 + }

+41

modules/home/profiles/desktop/default.nix

··· 1 + { pkgs 2 + , inputs 3 + , ... 4 + }: { 5 + imports = [ 6 + ./base.nix 7 + ./cli.nix 8 + ./gui.nix 9 + ./development.nix 10 + # ../email.nix 11 + # ../programs/email.nix 12 + ]; 13 + programs.mpv.enable = true; 14 + home.packages = with pkgs; [ 15 + appimage-run 16 + brightnessctl 17 + ciscoPacketTracer8 18 + dex 19 + keepassxc 20 + (mumble.override { pipewireSupport = true; }) 21 + playerctl 22 + pulseaudio-ctl 23 + thunderbird 24 + wlogout 25 + wl-clipboard 26 + zotero 27 + # For nvim config 28 + nodejs 29 + ]; 30 + xdg.configFile = { 31 + "waybar/style.css" = { 32 + source = ../../oldconfig/waybar/style.css; 33 + recursive = false; 34 + }; 35 + "waybar/mocha.css" = { 36 + source = ../../oldconfig/waybar/mocha.css; 37 + recursive = false; 38 + }; 39 + }; 40 + services.easyeffects.enable = true; 41 + }

+20

modules/home/profiles/development/default.nix

··· 1 + { 2 + inputs, 3 + pkgs, 4 + ... 5 + }: let 6 + customPython = pkgs.python311.withPackages (ps: [ps.pip]); 7 + in { 8 + home.packages = with pkgs; [ 9 + alejandra 10 + any-nix-shell 11 + cargo 12 + colmena 13 + customPython 14 + editorconfig-core-c 15 + my-pkgs.customGit 16 + nil 17 + nixd 18 + # python311 19 + ]; 20 + }

+59

modules/home/profiles/gui/default.nix

··· 1 + { 2 + pkgs, 3 + inputs, 4 + lib, # games ? true, 5 + # social ? true, 6 + ... 7 + }: { 8 + imports = [ 9 + ../wayland/sway.nix 10 + 11 + ../programs/chromium.nix 12 + ../programs/firefox 13 + ../programs/kitty.nix 14 + ../programs/obs.nix 15 + ../programs/vscodium.nix 16 + ../programs/wlogout 17 + 18 + ../services/gpg-agent.nix 19 + ../services/kanshi.nix 20 + ../services/mako.nix 21 + ../services/mpd.nix 22 + ../services/syncthing.nix 23 + 24 + ../theming.nix 25 + 26 + ../files/ssh-auth-signers.nix 27 + ../files/rbw-gc.nix 28 + ../files/pamKeys.nix 29 + ]; 30 + home.sessionVariables = { 31 + XDG_CURRENT_DESKTOP = "sway"; 32 + }; 33 + home.packages = with pkgs; [ 34 + jetbrains-toolbox 35 + libappindicator 36 + libappindicator-gtk3 37 + pavucontrol 38 + grim 39 + slurp 40 + satty 41 + sway-launcher-desktop 42 + ueberzug 43 + vscode 44 + # ] ++ lib.optionals games [ 45 + # factorio-experimental 46 + lutris 47 + # my-pkgs.olympus 48 + prismlauncher 49 + protontricks 50 + proton-caller 51 + # ] ++ lib.optionals social [ 52 + gajim 53 + tauon 54 + (vesktop.override {withSystemVencord=false;}) 55 + # pidginWithPlugins 56 + # ] ++ lib.optionals drawing [ 57 + krita 58 + ]; 59 + }

+5

modules/home/profiles/server/default.nix

··· 1 + { 2 + pkgs, 3 + inputs, 4 + ... 5 + }: {imports = [./base.nix ./cli.nix];}

+7

modules/home/wayland/default.nix

··· 1 + {imports = [ 2 + ./sway.nix 3 + ./keybindings.nix 4 + ./misc.nix 5 + ./waybar.nix 6 + ./swaylock.nix 7 + ];}

+47

modules/home/wayland/keybindings.nix

··· 1 + { 2 + pkgs, 3 + lib, 4 + config, 5 + ... 6 + }: let 7 + mod = config.wayland.windowManager.sway.config.modifier; 8 + homeDir = config.home.homeDirectory; 9 + menu = config.wayland.windowManager.sway.config.menu; 10 + term = config.wayland.windowManager.sway.config.terminal; 11 + grim = "grim -g"; 12 + slurp-screen = "\"$(slurp -c -b '#1e1e2e80' -o -r)\" -"; 13 + slurp-box = "\"$(slurp -c '#f38ba8ff' -b '#1e1e2e80' -w 1 -d -F 'IBM Plex Mono')\" -"; 14 + satty = "satty -f -"; 15 + in { 16 + wayland.windowManager.sway.config.keybindings = lib.mkOptionDefault { 17 + "${mod}+d" = "${menu}"; 18 + "${mod}+Shift+F" = "exec MOZ_DISABLE_RDD_SANDBOX=1 firefox"; 19 + "${mod}+Return" = "exec ${term}"; 20 + # "${mod}+Shift+Return" = "exec ${pkgs.wezterm}/bin/wezterm"; 21 + "${mod}+x" = "exec wlogout"; 22 + "${mod}+s" = null; 23 + "${mod}+w" = null; 24 + "XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; 25 + "XF86MonBrightnessUp" = "exec brightnessctl set +5%"; 26 + "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; 27 + "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; 28 + "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; 29 + "XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle"; 30 + "XF86AudioPlay" = "exec playerctl play-pause"; 31 + "XF86AudioNext" = "exec playerctl next"; 32 + "XF86AudioPrev" = "exec playerctl previous"; 33 + "Shift+F3" = "exec ${grim} ${slurp-screen} | ${satty}"; 34 + "Shift+F4" = "exec ${grim} ${slurp-box} | ${satty}"; 35 + "${mod}+Shift+1" = "move container to workspace number 1"; 36 + "${mod}+Shift+2" = "move container to workspace number 2"; 37 + "${mod}+Shift+3" = "move container to workspace number 3"; 38 + "${mod}+Shift+4" = "move container to workspace number 4"; 39 + "${mod}+Shift+5" = "move container to workspace number 5"; 40 + "${mod}+Shift+6" = "move container to workspace number 6"; 41 + "${mod}+Shift+7" = "move container to workspace number 7"; 42 + "${mod}+Shift+8" = "move container to workspace number 8"; 43 + "${mod}+Shift+9" = "move container to workspace number 9"; 44 + "${mod}+Shift+0" = "move container to workspace number 10"; 45 + "${mod}+0" = "workspace number 10"; 46 + }; 47 + }

modules/home/wayland/misc.nix

This is a binary file and will not be displayed.

+134

modules/home/wayland/sway.nix

··· 1 + { 2 + pkgs, 3 + config, 4 + ... 5 + }: let 6 + term = config.wayland.windowManager.sway.config.terminal; 7 + homeDir = config.home.homeDirectory; 8 + in { 9 + imports = [./keybindings.nix ./swaylock.nix ./waybar.nix]; 10 + wayland.windowManager.sway = { 11 + enable = true; 12 + package = null; 13 + catppuccin.enable = true; 14 + # nix-community/home-manager/issues/5311 15 + checkConfig = false; 16 + wrapperFeatures.base = true; 17 + wrapperFeatures.gtk = true; 18 + extraConfig = '' 19 + default_border pixel 20 + focus_on_window_activation smart 21 + ''; 22 + systemd = { 23 + enable = true; 24 + xdgAutostart = true; 25 + }; 26 + config = { 27 + terminal = "${pkgs.kitty}/bin/kitty"; 28 + menu = "exec ${term} --detach --class=launcher -o initial_window_height=500 -o initial_window_width=500 -o font_size=16 ${pkgs.sway-launcher-desktop}/bin/sway-launcher-desktop"; 29 + modifier = "Mod4"; 30 + bars = [{command = "true";}]; 31 + focus = { 32 + followMouse = true; 33 + mouseWarping = true; 34 + newWindow = "smart"; 35 + }; 36 + fonts = { 37 + names = ["IBM Plex Sans"]; 38 + style = "Regular"; 39 + size = 12.0; 40 + }; 41 + gaps = { 42 + inner = 4; 43 + outer = 4; 44 + smartBorders = "off"; 45 + smartGaps = false; 46 + }; 47 + input = { 48 + "type:keyboard" = {xkb_options = "caps:escape";}; 49 + "type:mouse" = {accel_profile = "flat";}; 50 + "type:touchpad" = { 51 + accel_profile = "adaptive"; 52 + scroll_factor = "1.5"; 53 + tap = "enabled"; 54 + }; 55 + }; 56 + modes = { 57 + resize = { 58 + Escape = "mode default"; 59 + Return = "mode default"; 60 + Up = "resize shrink height 10 px"; 61 + Down = "resize grow height 10 px"; 62 + Left = "resize shrink width 10 px"; 63 + Right = "resize grow width 10 px"; 64 + h = "resize shrink width 10 px"; 65 + j = "resize grow height 10 px"; 66 + k = "resize shrink height 10 px"; 67 + l = "resize grow width 10 px"; 68 + }; 69 + }; 70 + output = { 71 + eDP-1 = {scale = "1.2";}; 72 + "*" = {bg = "${homeDir}/bgs/xenia-hangout-mocha.png fill";}; 73 + }; 74 + startup = [ 75 + {command = "${pkgs.dex}/bin/dex -a";} 76 + {command = "${homeDir}/scripts/unfuck-xdg-portals.fish";} 77 + ]; 78 + window = { 79 + commands = [ 80 + { 81 + command = "inhibit_idle fullscreen"; 82 + criteria = {class = "Chromium|zoom|Firefox";}; 83 + } 84 + { 85 + command = "floating enable, sticky enable, resize set 30 ppt 50 ppt, border pixel 4"; 86 + criteria = {app_id = "^launcher$";}; 87 + } 88 + { 89 + command = "resize set 20 ppt"; 90 + criteria = {title = "Mumble PTT";}; 91 + } 92 + ]; 93 + }; 94 + colors = { 95 + background = "$base"; 96 + focused = { 97 + border = "$pink"; 98 + background = "$base"; 99 + text = "$text"; 100 + indicator = "$rosewater"; 101 + childBorder = "$pink"; 102 + }; 103 + focusedInactive = { 104 + border = "$mauve"; 105 + background = "$base"; 106 + text = "$text"; 107 + indicator = "$rosewater"; 108 + childBorder = "$mauve"; 109 + }; 110 + unfocused = { 111 + border = "$mauve"; 112 + background = "$base"; 113 + text = "$text"; 114 + indicator = "$rosewater"; 115 + childBorder = "$mauve"; 116 + }; 117 + urgent = { 118 + border = "$peach"; 119 + background = "$base"; 120 + text = "$peach"; 121 + indicator = "$overlay0"; 122 + childBorder = "$peach"; 123 + }; 124 + placeholder = { 125 + border = "$overlay0"; 126 + background = "$base"; 127 + text = "$text"; 128 + indicator = "$overlay0"; 129 + childBorder = "$overlay0"; 130 + }; 131 + }; 132 + }; 133 + }; 134 + }

+24

modules/home/wayland/swaylock.nix

··· 1 + { 2 + programs.swaylock = { 3 + enable = true; 4 + catppuccin.enable = true; 5 + settings = { 6 + daemonize = true; 7 + image = "/home/thehedgehog/bgs/ctp-waves.png"; 8 + scaling = "fill"; 9 + indicator-idle-visible = true; 10 + line-uses-ring = true; 11 + ignore-empty-password = true; 12 + clock = true; 13 + indicator = true; 14 + timestr = "%T"; 15 + effect-blur = "5x5"; 16 + 17 + font = "IBM Plex Sans"; 18 + font-size = 20; 19 + 20 + indicator-radius = 100; 21 + indicator-thickness = 5; 22 + }; 23 + }; 24 + }

+111

modules/home/wayland/waybar.nix

··· 1 + { 2 + pkgs, 3 + lib, 4 + ... 5 + }: { 6 + programs.waybar = { 7 + enable = true; 8 + catppuccin.enable = false; 9 + systemd.enable = true; 10 + systemd.target = "sway-session.target"; 11 + # style = "/home/thehedgehog/.config/waybar/style.css" 12 + settings = { 13 + mainBar = { 14 + layer = "top"; 15 + position = "top"; 16 + height = 32; 17 + modules-left = ["sway/workspaces" "sway/mode"]; 18 + modules-center = ["custom/media"]; 19 + modules-right = [ 20 + "idle_inhibitor" 21 + "wireplumber" 22 + "network" 23 + "temperature" 24 + "backlight" 25 + "battery" 26 + "clock" 27 + "tray" 28 + ]; 29 + "sway/workspaces" = { 30 + disable-scroll = true; 31 + enable-bar-scroll = false; 32 + active-only = false; 33 + all-outputs = false; 34 + format = "{icon}"; 35 + }; 36 + "idle_inhibitor" = { 37 + format = "{icon}"; 38 + format-icons = { 39 + "activated" = ""; 40 + "deactivated" = ""; 41 + }; 42 + }; 43 + "tray" = { 44 + icon-size = 25; 45 + spacing = 12; 46 + }; 47 + "clock" = { 48 + tooltip-format = "<tt><small>{calendar}</small></tt>"; 49 + format = "{:%H:%M:%S}  "; 50 + format-alt = "{%d %b %Y}"; 51 + interval = 1; 52 + }; 53 + "cpu" = { 54 + format = "{usage}% "; 55 + interval = 5; 56 + tooltip = false; 57 + }; 58 + "memory" = {format = "{}% ";}; 59 + "temperature" = { 60 + critical-threshold = 80; 61 + format = "{temperatureC}°C {icon}"; 62 + format-icons = ["" "" "" "" ""]; 63 + }; 64 + "backlight" = { 65 + format = "{percent}% {icon}"; 66 + format-icons = ["󰃚" "󰃛" "󰃜" "󰃝" "󰃞" "󰃟" "󰃠"]; 67 + }; 68 + "battery" = { 69 + states = { 70 + good = 80; 71 + warning = 30; 72 + critical = 15; 73 + }; 74 + format = "{capacity}% {icon}"; 75 + format-charging = "{capacity}% 󰂄"; 76 + format-plugged = "{capacity}% "; 77 + format-alt = "{time} {icon}"; 78 + format-icons = ["󰂎" "󰁺" "󰁻" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"]; 79 + }; 80 + "network" = { 81 + format-wifi = "{essid} <big></big>"; 82 + format-ethernet = "{ifname}: {ipaddr}/{cidr} 󰈀"; 83 + format-linked = "{ifname} (No IP) 󰄡"; 84 + format-disconnected = "Disconnected! ⚠"; 85 + format-alt = "{ifname}: {ipaddr}/{cidr}"; 86 + on-click = lib.getExe pkgs.networkmanagerapplet; 87 + }; 88 + "wireplumber" = { 89 + format = "{volume}% {icon}"; 90 + format-muted = "󰝟"; 91 + format-icons = ["" "" ""]; 92 + on-click = lib.getExe pkgs.helvum; 93 + }; 94 + "custom/media" = { 95 + format = "{icon}{}"; 96 + return-type = "json"; 97 + format-icons = { 98 + Paused = " "; 99 + Playing = " "; 100 + }; 101 + max-length = 70; 102 + exec = '' 103 + ${ 104 + lib.getExe pkgs.playerctl 105 + } -a metadata --format '{"text": "{{playerName}}: {{artist}} - {{markup_escape(title)}}", "tooltip": "{{playerName}} : {{markup_escape(title)}}", "alt": "{{status}}", "class": "{{status}}"}' -F''; 106 + on-click = "${lib.getExe pkgs.playerctl} play-pause"; 107 + }; 108 + }; 109 + }; 110 + }; 111 + }

-382

modules/iceshrimp.nix

··· 1 - { 2 - config, 3 - lib, 4 - pkgs, 5 - ... 6 - }: let 7 - inherit (lib) mkOption types mdDoc; 8 - cfg = config.services.iceshrimp; 9 - iceshrimpSettingsFormat = pkgs.formats.yaml {}; 10 - iceshrimpConfigFile = iceshrimpSettingsFormat.generate "default.yml" cfg.settings; 11 - stateDir = "/var/lib/iceshrimp"; 12 - in { 13 - options.services.iceshrimp = { 14 - enable = lib.mkEnableOption "iceshrimp ActivityPub server"; 15 - image = mkOption { 16 - type = types.nonEmptyStr; 17 - default = "iceshrimp.dev/iceshrimp/iceshrimp:latest"; 18 - description = mdDoc '' 19 - The docker image to use for the iceshrimp server. 20 - ''; 21 - }; 22 - listenPort = mkOption { 23 - type = types.port; 24 - example = 3001; 25 - default = 3000; 26 - description = mdDoc '' 27 - The host port that iceshrimp will listen on. Defaults to 3000. 28 - ''; 29 - }; 30 - settings = mkOption { 31 - description = mdDoc '' 32 - The iceshrimp settings to use, defaults taken from example.yml in the Calckey repo. 33 - Note that you are only required to set the `url` setting, all other settings have defaults. This is to prevent starting an instance with no URL, which doesn't work. 34 - See [The example.yml](https://gitlab.prometheus.systems/iceshrimp/firefish/-/blob/develop/.config/example.yml) for all available keys. 35 - ''; 36 - type = types.submodule { 37 - freeformType = iceshrimpSettingsFormat.type; 38 - options = { 39 - url = mkOption { 40 - type = types.nonEmptyStr; 41 - example = "https://example.com"; 42 - description = mdDoc '' 43 - The publically accessible URL of the iceshrimp instance. 44 - CANNOT BE CHANGED AFTER INSTALLATION!! 45 - ''; 46 - }; 47 - accountDomain = mkOption { 48 - type = types.nullOr types.str; 49 - example = "example.social"; 50 - default = null; 51 - description = 52 - mdDoc 53 - "OPTIONAL - Domain used for account handles, if you want the frontend at a subdomain but for account handles to be on a root domain, i.e. having the frontend at iceshrimp.example.social but the accounts being of the form @account@example.social."; 54 - }; 55 - port = mkOption { 56 - type = types.port; 57 - example = 3001; 58 - default = 3000; 59 - description = mdDoc '' 60 - The listening port for the iceshrimp service INSIDE THE CONTAINER. This is not the external port, which is set in `config.firefish.listenPort` 61 - ''; 62 - }; 63 - cuid = { 64 - length = mkOption { 65 - type = types.ints.between 16 24; 66 - example = 18; 67 - default = 16; 68 - description = mdDoc '' 69 - The length of the cuid to generate. The default should be fine, but if you are running a large or distributed server, consider increasing it. 70 - ''; 71 - }; 72 - fingerprint = mkOption { 73 - type = types.nullOr types.nonEmptyStr; 74 - example = "my-fingerprint"; 75 - default = null; 76 - description = mdDoc '' 77 - Set this to a unique string across workers(such as the machine's hostname) 78 - ONLY if your workers are running in multiple hosts. 79 - ''; 80 - }; 81 - }; 82 - maxNoteLength = mkOption { 83 - type = types.ints.between 1 100000; 84 - example = 5000; 85 - default = 3000; 86 - description = mdDoc '' 87 - The maximum note length to allow users to send. 88 - ''; 89 - }; 90 - maxCaptionLength = mkOption { 91 - type = types.ints.between 1 8192; 92 - example = 2000; 93 - default = 1500; 94 - description = mdDoc '' 95 - The maximum caption length to allow users to add to an image. 96 - ''; 97 - }; 98 - reservedUsernames = mkOption { 99 - type = types.listOf types.nonEmptyStr; 100 - example = ["some" "example" "usernames"]; 101 - default = ["root" "admin" "administrator" "me" "system"]; 102 - description = mdDoc '' 103 - Usernames that only the administrator is allowed to register with. 104 - ''; 105 - }; 106 - disableHsts = mkOption { 107 - type = types.bool; 108 - example = false; 109 - default = true; 110 - description = mdDoc '' 111 - Whether to disable HSTS for the iceshrimp server. 112 - ''; 113 - }; 114 - clusterLimit = mkOption { 115 - type = types.int; 116 - example = 4; 117 - default = 1; 118 - description = mdDoc '' 119 - How many worker processes to run. 120 - ''; 121 - }; 122 - onlyQueueProcessor = mkOption { 123 - type = types.ints.between 0 1; 124 - example = 1; 125 - default = 0; 126 - description = mdDoc '' 127 - Whether to run in worker-only mode. 128 - ''; 129 - }; 130 - deliverJobConcurrency = mkOption { 131 - type = types.int; 132 - example = 64; 133 - default = 128; 134 - description = mdDoc '' 135 - The max deliver jobs to run on a worker. 136 - ''; 137 - }; 138 - inboxJobPerSec = mkOption { 139 - type = types.int; 140 - example = 32; 141 - default = 16; 142 - description = mdDoc '' 143 - The max inbox jobs to run on a worker. 144 - ''; 145 - }; 146 - deliverJobMaxAttempts = mkOption { 147 - type = types.int; 148 - example = 10; 149 - default = 12; 150 - description = mdDoc '' 151 - The maximum number of times to attempt sending a deliver job before aborting. 152 - ''; 153 - }; 154 - inboxJobMaxAttempts = mkOption { 155 - type = types.int; 156 - example = 6; 157 - default = 8; 158 - description = mdDoc '' 159 - The maximum number of times to attempt sending an inbox job before aborting. 160 - ''; 161 - }; 162 - outgoingAddressFamily = mkOption { 163 - type = types.enum ["ipv4" "ipv6" "dual"]; 164 - example = "dual"; 165 - default = "ipv4"; 166 - description = mdDoc '' 167 - The IP address family to use for outgoing requests. 168 - ''; 169 - }; 170 - syslog = { 171 - host = mkOption { 172 - type = types.nullOr types.nonEmptyStr; 173 - example = "localhost"; 174 - default = null; 175 - description = '' 176 - The host that should recieve syslog logs from iceshrimp. 177 - ''; 178 - }; 179 - port = mkOption { 180 - type = types.nullOr types.port; 181 - example = 514; 182 - default = null; 183 - description = mdDoc '' 184 - The port that the syslog server is listening on. 185 - ''; 186 - }; 187 - }; 188 - proxy = mkOption { 189 - type = types.nullOr types.nonEmptyStr; 190 - example = "http://127.0.0.1:3128"; 191 - default = null; 192 - description = mdDoc '' 193 - The HTTP/HTTPS proxy to use. 194 - ''; 195 - }; 196 - proxyBypassHosts = mkOption { 197 - type = types.listOf types.nonEmptyStr; 198 - example = ["web.kaiteki.app" "127.0.0.1"]; 199 - default = []; 200 - description = mdDoc '' 201 - Hosts that should not be connected to with the proxy. 202 - ''; 203 - }; 204 - proxySmtp = mkOption { 205 - type = types.nullOr types.nonEmptyStr; 206 - example = "http://127.0.0.1:3128"; 207 - default = null; 208 - description = mdDoc '' 209 - The proxy to use for SMTP. Can be an http, socks4, or socks5 proxy. 210 - ''; 211 - }; 212 - mediaProxy = mkOption { 213 - type = types.nullOr types.nonEmptyStr; 214 - example = "https://example.com/proxy"; 215 - default = null; 216 - description = mdDoc '' 217 - The proxy to use to send media to the client. 218 - ''; 219 - }; 220 - proxyRemoteFiles = mkOption { 221 - type = types.bool; 222 - example = true; 223 - default = false; 224 - description = mdDoc "Whether to proxy remote files."; 225 - }; 226 - mediaCleanup = { 227 - cron = mkOption { 228 - type = types.bool; 229 - example = true; 230 - default = false; 231 - }; 232 - maxAgeDays = mkOption { 233 - type = types.int; 234 - example = 30; 235 - default = 0; 236 - description = mdDoc "The number of days to keep media for"; 237 - }; 238 - cleanAvatars = mkOption { 239 - type = types.bool; 240 - example = true; 241 - default = false; 242 - description = 243 - mdDoc "Whether to clean avatars on a timer with other media."; 244 - }; 245 - cleanHeaders = mkOption { 246 - type = types.bool; 247 - example = true; 248 - default = false; 249 - description = 250 - mdDoc "Whether to clean headers on a timer with other media."; 251 - }; 252 - }; 253 - images = { 254 - info = mkOption { 255 - type = types.str; 256 - example = "/twemoji/1f440.svg"; 257 - default = "/twemoji/1f440.svg"; 258 - description = mdDoc "Path to the image to use for the info icon."; 259 - }; 260 - notFound = mkOption { 261 - type = types.str; 262 - example = "/twemoji/2049.svg"; 263 - default = "/twemoji/2049.svg"; 264 - description = 265 - mdDoc "Path to the image to use for the notFound icon."; 266 - }; 267 - error = mkOption { 268 - type = types.str; 269 - example = "/twemoji/1f480.svg"; 270 - default = "/twemoji/1f480.svg"; 271 - description = 272 - mdDoc "Path to the image to use for the error icon."; 273 - }; 274 - }; 275 - searchEngine = mkOption { 276 - type = types.str; 277 - example = "https://search.brave.com/search?q="; 278 - default = "https://duckduckgo.com/?q="; 279 - description = 280 - mdDoc 281 - "The search engine base string to use for the MFM search box."; 282 - }; 283 - allowedPrivateNetworks = mkOption { 284 - type = types.listOf types.nonEmptyStr; 285 - example = ["127.0.0.1/32"]; 286 - default = ["127.0.0.1/32"]; 287 - description = 288 - mdDoc 289 - "The networks to classify as private when connecting to the server."; 290 - }; 291 - twa = { 292 - nameSpace = mkOption { 293 - type = types.nullOr types.nonEmptyStr; 294 - example = "android_app"; 295 - default = null; 296 - description = mdDoc "The TWA namespace to allow."; 297 - }; 298 - packageName = mkOption { 299 - type = types.nullOr types.nonEmptyStr; 300 - example = "tld.domain.twa"; 301 - default = null; 302 - description = 303 - mdDoc 304 - "The name of the android app package that can use this TWA."; 305 - }; 306 - sha256CertFingerprints = mkOption { 307 - type = types.nullOr (types.listOf types.nonEmptyStr); 308 - example = ["AB:CD:EF"]; 309 - default = null; 310 - description = 311 - mdDoc 312 - "The SHA256 certificate fingerprint(s) of the app package abouve"; 313 - }; 314 - }; 315 - maxFileSize = mkOption { 316 - type = types.int; 317 - example = 100000; 318 - default = 262144000; 319 - description = mdDoc "The max upload file size. Defaults to 250 MB."; 320 - }; 321 - }; 322 - }; 323 - }; 324 - 325 - envFile = mkOption { 326 - type = types.path; 327 - example = /path/to/secret.env; 328 - default = ""; 329 - description = mdDoc '' 330 - The secret environment file to load into the database and iceshrimp server containers. 331 - The file should contain the variable `POSTGRES_PASSWORD`, set to the password of the Postgres database user. 332 - ''; 333 - }; 334 - }; 335 - config = lib.mkIf cfg.enable { 336 - services.iceshrimp.settings = { 337 - db = { 338 - host = "iceshrimp-db"; 339 - port = 5432; 340 - db = "iceshrimp"; 341 - user = "iceshrimp"; 342 - pass = "iceshrimpDBPassword123!"; 343 - }; 344 - redis = { 345 - host = "iceshrimp-redis"; 346 - port = 6379; 347 - }; 348 - }; 349 - virtualisation.oci-containers.containers = { 350 - iceshrimp-server = { 351 - image = cfg.image; 352 - dependsOn = ["iceshrimp-db" "iceshrimp-redis" ]; 353 - environment = {NODE_ENV = "production";}; 354 - ports = [ 355 - "${builtins.toString cfg.listenPort}:${ 356 - builtins.toString cfg.settings.port 357 - }" 358 - ]; 359 - volumes = [ 360 - "${stateDir}/files:/iceshrimp/files" 361 - "${iceshrimpConfigFile}:/iceshrimp/.config/default.yml:ro" 362 - ]; 363 - extraOptions = ["--network=iceshrimp"]; 364 - }; 365 - iceshrimp-redis = { 366 - image = "docker.io/redis:7.0-alpine"; 367 - volumes = ["${stateDir}/redis:/data"]; 368 - extraOptions = ["--network=iceshrimp"]; 369 - }; 370 - iceshrimp-db = { 371 - image = "docker.io/postgres:12.2-alpine"; 372 - environment = { 373 - POSTGRES_PASSWORD = "iceshrimpDBPassword123!"; 374 - POSTGRES_USER = "iceshrimp"; 375 - POSTGRES_DB = "iceshrimp"; 376 - }; 377 - volumes = ["${stateDir}/db:/var/lib/postgresql/data"]; 378 - extraOptions = ["--network=iceshrimp"]; 379 - }; 380 - }; 381 - }; 382 - }

-29

modules/pyrox.nix

··· 1 - { 2 - config, 3 - lib, 4 - pkgs, 5 - myLib, 6 - ... 7 - }: let 8 - inherit (lib) mkOption types; 9 - inherit (myLib) myTypes; 10 - cfg = config.pyrox.services; 11 - in { 12 - # Import all config.pyrox modules 13 - imports = [ 14 - ./forgejo-runner.nix 15 - ]; 16 - 17 - options.pyrox.metadata = { 18 - hosts = mkOption { 19 - description = "Each host that is in the PyroNet Network"; 20 - type = types.attrsOf (myTypes.hostModule); 21 - }; 22 - serviceHosts = mkOption { 23 - description = "The services and what hosts they run on."; 24 - type = types.submodule { 25 - freeformType = types.anything; 26 - }; 27 - }; 28 - }; 29 - }

-13

patches/rga.patch

··· 1 - diff --git a/src/adapters/pandoc.rs b/src/adapters/pandoc.rs 2 - index 0eaf7ed..3f0a4c3 100644 3 - --- a/src/adapters/pandoc.rs 4 - +++ b/src/adapters/pandoc.rs 5 - @@ -80,7 +80,6 @@ impl SpawningFileAdapter for PandocAdapter { 6 - //.arg("--to=commonmark-header_attributes-link_attributes-fenced_divs-markdown_in_html_blocks-raw_html-native_divs-native_spans-bracketed_spans") 7 - .arg("--to=plain") 8 - - .arg("--wrap=none") 9 - - .arg("--atx-headers"); 10 - + .arg("--wrap=none"); 11 - cmd 12 - } 13 - }

pkgs/caddyBin.nix packages/caddy/default.nix

-24

pkgs/caddyBin2.nix

··· 1 - { 2 - fetchFromGitea, 3 - lib, 4 - stdenv, 5 - pkgs, 6 - }: 7 - stdenv.mkDerivation { 8 - pname = "caddy-bin"; 9 - version = "2.5.2"; 10 - phases = ["unpackPhase" "installPhase"]; 11 - 12 - src = fetchFromGitea rec { 13 - domain = "git.exozy.me"; 14 - owner = "thehedgehog"; 15 - repo = "nix"; 16 - rev = "c1db2bc786df5f843b243e7516338c0a487c0571"; 17 - sha256 = "sha256-/hC/H3OvKGRMqylqwK70Y/LjPFKgSsjWOx5tvKYyOvk="; 18 - }; 19 - 20 - installPhase = '' 21 - install -d $out/bin 22 - install -m 755 binaries/caddy $out/bin/caddy 23 - ''; 24 - }

pkgs/go-jamming.nix packages/go-jamming/default.nix

-22

pkgs/nerdfont-symbols.nix

··· 1 - { 2 - lib, 3 - fetchzip, 4 - }: 5 - fetchzip { 6 - name = "nerdfont-symbols-only"; 7 - url = "https://github.com/ryanoasis/nerd-fonts/releases/download/2.2.0-RC/NerdFontsSymbolsOnly.zip"; 8 - 9 - sha256 = "sha256-UQatqcUf41mqki6hy/zFpz8GgiM0sUAe83ghI5we5rA="; 10 - 11 - postFetch = '' 12 - mkdir -p $out/share/fonts/opentype/NerdFontSymbolsOnly 13 - unzip -j $downloadedFile \*.ttf -d $out/share/fonts/opentype/NerdFontSymbolsOnly 14 - ''; 15 - 16 - meta = with lib; { 17 - description = "The Nerd Fonts symbols in 1 font."; 18 - homepage = "https://nerdfonts.com"; 19 - license = licenses.mit; 20 - maintainers = with maintainers; [thehedgeh0g]; 21 - }; 22 - }

+2 -2

pkgs/olympus.nix packages/olympus/default.nix

··· 5 5 }: let 6 6 olympus = pkgs.stdenv.mkDerivation rec { 7 7 pname = "olympus"; 8 - version = "3729"; 8 + version = "4085"; 9 9 10 10 # https://everestapi.github.io/ 11 11 src = pkgs.fetchzip { 12 12 url = "https://dev.azure.com/EverestAPI/Olympus/_apis/build/builds/${version}/artifacts?artifactName=linux.main&$format=zip#linux.main.zip"; 13 - sha256 = "sha256-8ZKOa4jOKtqY+zTpDIfKq1Jy1m39X11/Yvmsxud/SmE="; 13 + hash = "sha256-8qHQ59QQvUfm4/2rbPaweh+q6dbzTUMMJ1n5duJ3XpI="; 14 14 }; 15 15 16 16 buildInputs = [pkgs.unzip];

-30

pkgs/xcaddy.nix

··· 1 - { 2 - lib, 3 - pkgs, 4 - fetchFromGitHub, 5 - buildGoModule, 6 - stdenv, 7 - ... 8 - }: 9 - buildGoModule rec { 10 - pname = "xcaddy"; 11 - version = "0.3.0"; 12 - proxyVendor = true; 13 - subPackages = ["cmd/xcaddy"]; 14 - 15 - src = fetchFromGitHub { 16 - owner = "caddyserver"; 17 - repo = "xcaddy"; 18 - rev = "v${version}"; 19 - sha256 = "sha256-kB2WyHaln/arvISzVjcgPLHIUC/dCzL9Ub8aEl2xL2c="; 20 - }; 21 - 22 - vendorSha256 = "sha256-6ZAMRe9MsCuShXCIKEYtItqLM8bKlIf0m70RsNYPG10="; 23 - 24 - meta = with lib; { 25 - homepage = "https://caddyserver.com"; 26 - description = "Caddy build tool"; 27 - license = licenses.asl20; 28 - maintainers = with maintainers; [thehedgeh0g]; 29 - }; 30 - }

+3

shells/default/default.nix

··· 1 + { inputs, pkgs, ...}: let 2 + mkShell = inputs.mkshell-minimal pkgs; 3 + in mkShell {}

+20

systems/x86_64-linux/marvin/secrets/buildbot-gitea-token.age

··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 iqBxIA sXjW2SR1XZX72GNOub2LDOyPErSL1frz/6h1/PCpYQc 3 + C1S5xYK8e0wjxXUo3Fv1Bly/KexFni/vUVQXvTOaYjM 4 + -> ssh-rsa fFaiTA 5 + hp5tbxse6zTj3F9+cURU7l1wgQ7xPqetn//fPbeAWgOaE6mV5AgKmul7rHEL9IIH 6 + aFTvalTWR/KnFznYtlW/k8NJ8kxsO8xF+E5TzFnJHoJ1kcnxzx470m/erc928n48 7 + XcqN+XT2OS7xxH8i4v+pTqsCniK5oKpUbXujFBDdLQzHr6PfudD7KflSDklIdYEB 8 + Hcd1wPtnOwD7lPPrH4MIVNcAsZdc1gdieWI6WAyYhwyCGkHx+AAtbGBGIRxpM6eA 9 + /iau2CyIL3NoQO5ahuocI3j6JZg/rjf8CrB6BOcjST63xxJOtb/Z1vCDMN8IL7h5 10 + BC/W0jeLSWG6j/HtGXQHcBuuCe9X6ghNxHjJnXTlW5gyy/5fkfg1VwH1GH7LSgr3 11 + tULl2deCUc13COd+c74wPl1tndaCFou3syWQI1+g6cxafdjNeC4toQVVTjiWKArW 12 + 9FxAfmOHRqkren+G68rV3r9HUwiik5yfFj3i0ReiSJOs+PnFdwiia+qEyEU6c+RA 13 + ZKm02DA0xdIKvWRhBcV3LfXa59gM/fqHY7fPOr764UE8G3OxhU41YokRxSF2Amjr 14 + SrrTdd9ifydgm/6QOezR/rGdIPednZGw7AifVDtzStqfeK2N/1UptXmRTqJxNKDl 15 + HqChILGJP+4oQ9C40DBJKqoDoQ4cgdABf+cVvum4Vuo 16 + -> ssh-ed25519 wpmdHA ihAY2EmeXBKtEYivtyxIM4f9DT8l4r+fB1aZq+/bBjI 17 + cTxIJd2UpHpk6+kRC6kYnkWpk5vNOKN3KaTObI2yK60 18 + --- wb5Zy32SMDk6XSAwzGDLz1fHZkTmFQRJu3UdOSO6ALs 19 + �6�3 20 + ��x�p�(SFx��9%�l�`��mNy�i'��?i��@Nw��ϖ�Xh\ơ� �A�X�{�

systems/x86_64-linux/marvin/secrets/buildbot-oauth-secret.age

This is a binary file and will not be displayed.

+19

systems/x86_64-linux/marvin/secrets/buildbot-worker-password.age

··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 iqBxIA gwCfKQU/RuO5wvWJt+BNo9vMIH4cQNKC4YBo4zgeM00 3 + 568cl7NUSUNWPCF3SL8SSqsyV3qqKmM4CoqmQ+yynUs 4 + -> ssh-rsa fFaiTA 5 + xa/L5kqpE+MAOnbQFeOi4u53k9RdTz7di+bFiDwkUMoxPwKKWmT6DejEq2JmqcL6 6 + adkNyc7sS9mfyoCC55WttpC1VBtyCtWCvJIuG8vtO11RsBfA6GvHLG4uuuHRGEqQ 7 + i9IGIVBIUdCT+q4Eu8zV5hVEdbuufDGTbp1Ye2MZszl99XE3FKBgBNMfMyYL4fO4 8 + +GE6kuTMdgwlI1CKFlQH5cZSMwGtm1ElTZcwd0Zl1Zu/5Y4mKwJ78RLtdmoIpYW/ 9 + 8TnvuH1uD6PFZQ6f0RDxNnEnyZuAezTx16tjFfTuoI1/lyvq6t6et/f9TysKTnZZ 10 + W0PSBFvTaxE1IKaO/PRynd9ZrBbLgk8pibCP6HgM8ev1Gbl4vLjq/0t+t0PEVquH 11 + y0MXvO6OvjGs89JS9/AYbBAsFxmD/FcKGm857fKFqE2a+SguX0oTBbjNx/PG0rAm 12 + RTx9CR2wCUhTq5KheRmL+Ik/T/Yv4QuDid6p93PHcwJ2YUqXPyMEuTyv/nhjSEGa 13 + v3GX7sIQh0aC0LSHF0ielfyxjvAXysNKiIZaN+DU0tGTgKW/QvMOnUKB4X3EZCHu 14 + yMGgV1vR+pVTLx7xoAyjPL9DQC9ezMlSs5gcZVEV3NLRndz5Es2SAgg7r0mXy5fg 15 + PZz7XVriGa+2JhcAnDbFWgFjqwI7r5MSTpq8Sl9FZ8E 16 + -> ssh-ed25519 wpmdHA wfideEEHVJwKpYxqET5LDOE859htEZIpg1UxKIGSayM 17 + V5vr78i22cOHPS8+ZFluqMDfH9D3vzkHQ51Oos+MWq0 18 + --- ltXrwcgDWjvOiOkbNmi8MAUtgcevsUKA2ooV7UyB03s 19 + �� U����q��{l��˓��<��=r��Žv�ݸ�H��Z��V��

+21

systems/x86_64-linux/marvin/secrets/buildbot-workers.age

··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 iqBxIA NyjUU036+HYwviv9FB7Onyl3YYScNe/vLXpAYnbbJxU 3 + pecvax2BSVOYEgCHxoQyWTRzBRpq8N2ertX0QAw600Y 4 + -> ssh-rsa fFaiTA 5 + Tdwy6FqSqpMxc7x/Ygwiz8ssPwug7sk1BZ0QghMZkoO8KPJwldUcYfsgQxklzisx 6 + JuMDTBacCxN6/RnIfvcagtYZ2NeKsGkhk6KZ1QtcDt9oWrLD9KQBs/YlBmkJGE3L 7 + SqAcQX9AybGQ+ODS8ZbXR7WTcCy0I85Jiy60QYRfkX5lElL0BAbbuphn6xtm0dt7 8 + YuArYTndGI1KOgcnDCia8Az84vzjIh/Cp4AGthmhAOQP2R1k94LI8p1639RqlrkT 9 + XAdsglg344l7ki2Eib4pPADDmhKttrJ/79DTK0X+1757PaUyxMif55WIrxQLzE2s 10 + QHhwj1pka1HynIGy87cwILAlvqWNFUQ9lTbfMNfTLMBEJ7hH/HB6Adpmr0CVhKKG 11 + B3WfC9l3v/15owcb3qLeP/dkaarjHbTM4FafOLkjrhdEgYCEGK/ls3vx0Deq4x39 12 + G3WO/fclUQyjcO/g17i9yyfmuupL11Juk8xRyaU5fzi5O7gtGnPlLxhBqXE1s9Xa 13 + FzSSBHztAYAT7D7wodoE+LsTAajRoMQnTkFuP0pvO81C8z7dMXVckYvPco8dTbHY 14 + wujBpw+h//2oIfWxgM6lzZGKny+VsbFSVDz3JURCeWUaFpjdDHzkk7fd+fXAdhcx 15 + Wh25XuYYKvr1SOjo1ux9hAgbH/KAGKy9hoXzpbs6q6I 16 + -> ssh-ed25519 wpmdHA iO+7sYjfsEVkwxtiRMgi/5liBd5I56Cl3nIo5fFe6gc 17 + Rhez8a+eG9D4kV6I3R7eRdEty3dVyYybBCsDoD3gy8Q 18 + --- W7rtaU3i9bkD3+2PKJbOeDK8AlFhpW0t3Lp6MeJ7RiQ 19 + �� 20 + .I�s��q^hA��Ch�D��s��|��8[�%xX�n+�Qb�#f�gUL�C�c9p��RgBd9e%'Y8�F��gկ~�15�D��d�K��C�c>��w 21 + tP(�cr��p7

+47

systems/x86_64-linux/marvin/services/buildbot.nix

··· 1 + {config, data, ...}: let 2 + as = config.age.secrets; 3 + d = data.services.buildbot; 4 + g = data.services.git; 5 + bbSecret = { 6 + owner = "buildbot"; 7 + group = "buildbot"; 8 + }; 9 + in { 10 + services.buildbot-nix.master = { 11 + enable = true; 12 + dbUrl = "postgresql://buildbot@localhost/buildbot"; 13 + workersFile = as.buildbot-workers.path; 14 + authBackend = "gitea"; 15 + gitea = { 16 + enable = true; 17 + tokenFile = as.buildbot-gitea-token.path; 18 + oauthSecretFile = as.buildbot-oauth-secret.path; 19 + instanceUrl = g.extUrl; 20 + oauthId = "2bfd5c46-43a7-4d98-b443-9176dc0a9452"; 21 + topic = "buildbot-enable"; 22 + }; 23 + admins = [ 24 + "pyrox" 25 + ]; 26 + domain = d.extUrl; 27 + useHttps = true; 28 + }; 29 + services.postgresql.ensureUsers = [{ 30 + name = "buildbot"; 31 + ensureDBOwnership = true; 32 + ensureClauses.login = true; 33 + }]; 34 + services.postgresql.ensureDatabases = [ "buildbot" ]; 35 + services.buildbot-master.port = 6915; 36 + age.secrets = { 37 + buildbot-gitea-token = bbSecret // { 38 + file = ../secrets/buildbot-gitea-token.age; 39 + }; 40 + buildbot-oauth-secret = bbSecret // { 41 + file = ../secrets/buildbot-oauth-secret.age; 42 + }; 43 + buildbot-workers = bbSecret // { 44 + file = ../secrets/buildbot-workers.age; 45 + }; 46 + }; 47 + }

Configure Feed

Configure Feed