diff --git a/flake.lock b/flake.lock index 039e6a4..fba7c86 100644 --- a/flake.lock +++ b/flake.lock @@ -25,11 +25,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1758270360, - "narHash": "sha256-yqh6EEhlpVWRoKl85o1s+QZ72UHWTvornnc3C0Ls484=", + "lastModified": 1762198582, + "narHash": "sha256-P9giW/1Crn7ekQt4YIbONJ/hKFaHkTwyhz82FCjh+OM=", "owner": "catppuccin", "repo": "nix", - "rev": "2e0aacdd6abbecd1b1c0511a2fcd1460a6bc6645", + "rev": "08716214674ca27914daa52e6fa809cc022b581e", "type": "github" }, "original": { @@ -49,11 +49,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1755272288, - "narHash": "sha256-ypTPb2eKcOBbOoyvPV0j4ZOXs4kayo73/2KI456QnE0=", + "lastModified": 1762034856, + "narHash": "sha256-QVey3iP3UEoiFVXgypyjTvCrsIlA4ecx6Acaz5C8/PQ=", "owner": "zhaofengli", "repo": "colmena", - "rev": "5bf4ce6a24adba74a5184f4a9bef01d545a09473", + "rev": "349b035a5027f23d88eeb3bc41085d7ee29f18ed", "type": "github" }, "original": { @@ -139,11 +139,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1760948891, + "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", "type": "github" }, "original": { @@ -241,11 +241,11 @@ ] }, "locked": { - "lastModified": 1758719930, - "narHash": "sha256-DgHe1026Ob49CPegPMiWj1HNtlMTGQzfSZQQVlHC950=", + "lastModified": 1762296971, + "narHash": "sha256-Jyv3L5rrUYpecON+9zyFz2VqgTSTsIG35fXuCyuCQv0=", "owner": "nix-community", "repo": "home-manager", - "rev": "142acd7a7d9eb7f0bb647f053b4ddfd01fdfbf1d", + "rev": "34fe48801d2a5301b814eaa1efb496499d06cebc", "type": "github" }, "original": { @@ -256,11 +256,11 @@ }, "mnw": { "locked": { - "lastModified": 1756659871, - "narHash": "sha256-v6Rh4aQ6RKjM2N02kK9Usn0Ix7+OY66vNpeklc1MnGE=", + "lastModified": 1758834834, + "narHash": "sha256-Y7IvY4F8vajZyp3WGf+KaiIVwondEkMFkt92Cr9NZmg=", "owner": "Gerg-L", "repo": "mnw", - "rev": "ed6cc3e48557ba18266e598a5ebb6602499ada16", + "rev": "cfbc7d1cc832e318d0863a5fc91d940a96034001", "type": "github" }, "original": { @@ -298,11 +298,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1758713362, - "narHash": "sha256-QXqpZiCoWBBlRVqgyXRf/icAEL8yCpNG59MY0VSuxBU=", + "lastModified": 1762286227, + "narHash": "sha256-foAa58OTMJVFpH2dGuV8zL85EVDc8zcSLyAuUTDhTf8=", "owner": "NixOS", "repo": "nix", - "rev": "0175f7e8365074356497d132451870c9eae9240f", + "rev": "3ed42cd3543b2bf1bdd0bafa06052906c2749d87", "type": "github" }, "original": { @@ -333,11 +333,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1758663926, - "narHash": "sha256-6CFdj7Xs616t1W4jLDH7IohAAvl5Dyib3qEv/Uqw1rk=", + "lastModified": 1762267440, + "narHash": "sha256-WHjEJ80oYbWyNu0dxysBs5oMlBc5w7YYzL1/UPj4iGo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "170ff93c860b2a9868ed1e1102d4e52cb3d934e1", + "rev": "2e85ae1b7030df39269d29118b1f74944d0c8f15", "type": "github" }, "original": { @@ -397,11 +397,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1758589230, - "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=", + "lastModified": 1761999846, + "narHash": "sha256-IYlYnp4O4dzEpL77BD/lj5NnJy2J8qbHkNSFiPBCbqo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0", + "rev": "3de8f8d73e35724bf9abef41f1bdbedda1e14a31", "type": "github" }, "original": { @@ -429,11 +429,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1758035966, - "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=", + "lastModified": 1761672384, + "narHash": "sha256-o9KF3DJL7g7iYMZq9SWgfS1BFlNbsm6xplRjVlOCkXI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b", + "rev": "08dacfca559e1d7da38f3cf05f1f45ee9bfd213c", "type": "github" }, "original": { @@ -461,27 +461,27 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1756178832, - "narHash": "sha256-O2CIn7HjZwEGqBrwu9EU76zlmA5dbmna7jL1XUmAId8=", + "lastModified": 1761597516, + "narHash": "sha256-wxX7u6D2rpkJLWkZ2E932SIvDJW8+ON/0Yy8+a5vsDU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d98ce345cdab58477ca61855540999c86577d19d", + "rev": "daf6dc47aa4b44791372d6139ab7b25269184d55", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05-small", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_6": { "locked": { - "lastModified": 1758427187, - "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=", + "lastModified": 1762111121, + "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46", + "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", "type": "github" }, "original": { @@ -502,11 +502,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1758271661, - "narHash": "sha256-ENqd2/33uP5vB44ClDjjAV+J78oF8q1er4QUZuT8Z7g=", + "lastModified": 1762093557, + "narHash": "sha256-esmyNNa8TvduITLfqYPSMroyZ9vxJr2nsvjYmHmO+Ag=", "owner": "notashelf", "repo": "nvf", - "rev": "b7571df4d6e9ac08506a738ddceeec0b141751b0", + "rev": "20d8fca94dceaf943686598da7fba31b37100e50", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 5176d9a..d0d007a 100644 --- a/flake.nix +++ b/flake.nix @@ -55,7 +55,7 @@ fred = import ./hosts/fred/colmena.nix; # acer server loki = import ./hosts/loki/colmena.nix; # Dell XPS 13 # pi1 = import ./hosts/pi1/colmena.nix; - # pocket2 = import ./hosts/pocket2/colmena.nix; + pocket2 = import ./hosts/pocket2/colmena.nix; smaug = import ./hosts/smaug/colmena.nix; # Thinkpad x260 w1 = import ./hosts/w1/colmena.nix; # Hetzner VPS # w2 = import ./hosts/w2/colmena.nix; diff --git a/home/common/default.nix b/home/common/default.nix index 64625a4..cfb3721 100644 --- a/home/common/default.nix +++ b/home/common/default.nix @@ -77,7 +77,7 @@ nmap notmuch pandoc - pinentry + pinentry-curses pipx ps_mem psmisc diff --git a/home/common/files/bash/bashrc b/home/common/files/bash/bashrc index 6d43264..73de785 100755 --- a/home/common/files/bash/bashrc +++ b/home/common/files/bash/bashrc @@ -18,32 +18,24 @@ # set some global stuff first -# colors -GREEN='' -YELLOW='' -RED='' NONE='' PATH="${HOME}/bin:/run/wrappers/bin:${HOME}/.nix-profile/bin:/etc/profiles/per-user/${USER}/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:${HOME}/go/bin:${HOME}/.local/bin:${HOME}/.cargo/bin:${HOME}/.local/share/gem/ruby/latest/bin" GOPATH="${HOME}/go" -export NONE GREEN YELLOW RED export PATH export GOPATH +NIXPKGS_ALLOW_UNFREE=1 +NIXPKGS_ALLOW_INSECURE=1 +MOZ_USE_WAYLAND=1 +GDK_BACKEND=wayland +export NIXPKGS_ALLOW_INSECURE NIXPKGS_ALLOW_UNFREE MOZ_USE_WAYLAND GDK_BACKEND -if [ -f ${HOME}/.nix-profile/etc/profile.d/hm-session-vars.sh ] -then +if [ -f ${HOME}/.nix-profile/etc/profile.d/hm-session-vars.sh ]; then . ${HOME}/.nix-profile/etc/profile.d/hm-session-vars.sh fi HOSTNAME_SHORT=$(hostnamectl | awk -F: '$1=/Static hostname/{print $2}' | sed 's/^ //') -while [ "${HOSTNAME_SHORT}" == "localhost" ] -do - echo "${RED}@${GREEN}-,---${NONE}" - sleep 1 - HOSTNAME_SHORT=$(hostnamectl | awk -F: '$1=/Static hostname/{print $2}' | sed 's/^ //') -done export HOSTNAME_SHORT - # set coredump size to 0 ulimit -c 0 @@ -65,8 +57,7 @@ test -d "${HOME}/bin/${HOSTNAME_SHORT}" && PATH="${PATH}:${HOME}/bin/${HOSTNAME_ ######### ######### ##################################### -if [ "${PS1}" ]; -then +if [ "${PS1}" ]; then unset i set -o noclobber set -o notify @@ -85,10 +76,10 @@ then USER=$LOGNAME fi HISTNAME=$LOGNAME - if [ $EUID == 0 ];then HISTNAME=root;fi - HISTFILE="${HOME}/.bash_history.${HISTNAME}.${HOSTNAME_SHORT}.$(tty|cut -c10-)" + if [ $EUID == 0 ]; then HISTNAME=root; fi + HISTFILE="${HOME}/.bash_history.${HISTNAME}.${HOSTNAME_SHORT}.$(tty | cut -c10-)" export HISTFILE - test -f "${HOME}/.bash_ssh" && source "${HOME}/.bash_ssh" + test -f "${HOME}/.bash_ssh" && source "${HOME}/.bash_ssh" PAGER=less LESS="-Rs" @@ -101,14 +92,12 @@ then unset COMPHOSTS export COMPHOSTS=() - unset pathmunge # set up man path MANPATH="${MANPATH}:${HOME}/man:${HOME}/share/man" export MANPATH - - test -f $(ls -1 /nix/store/*bash-completion-*/etc/profile.d/bash_completion.sh | tail -n1) && \ + test -f $(ls -1 /nix/store/*bash-completion-*/etc/profile.d/bash_completion.sh | tail -n1) && source $(ls -1 /nix/store/*bash-completion-*/etc/profile.d/bash_completion.sh | tail -n1) export LOCKPRG=${HOME}/bin/myLock @@ -116,13 +105,13 @@ then export HISTIGNORE='pwd:exit:clear:history' [ ! -v ${BASH_COMPLETION_VERSINFO} -a -d ${HOME}/.bash_completion.d ] && for i in $(\ls -1 ${HOME}/.bash_completion.d/*.sh); do source $i; done - export PROMPT_COMMAND='history -a' # Always append history files + export PROMPT_COMMAND='history -a' # Always append history files PS1='\u@\h:\w> ' - test -f "${HOME}/.bash_aliases" && . ${HOME}/.bash_aliases - test -f "${HOME}/.bash_local" && . ${HOME}/.bash_local + test -f "${HOME}/.bash_aliases" && . ${HOME}/.bash_aliases + test -f "${HOME}/.bash_local" && . ${HOME}/.bash_local file=$(\ls -1d /nix/store/*-$(\ls -1d /nix/store/*-liquidprompt-* | grep -v drv | awk -F- '{printf("%s-%s\n",$2,$3)}' | tail -n1) | tail -n1) - test -f ${file}/bin/liquidprompt && . ${file}/bin/liquidprompt + test -f ${file}/bin/liquidprompt && . ${file}/bin/liquidprompt # BEGIN_KITTY_SHELL_INTEGRATION if test -n "$KITTY_INSTALLATION_DIR" -a -e "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash"; then source "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash"; fi diff --git a/home/common/pi-server.nix b/home/common/pi-server.nix new file mode 100644 index 0000000..023dd6a --- /dev/null +++ b/home/common/pi-server.nix @@ -0,0 +1,60 @@ +{ + pkgs, + inputs, + osConfig, + ... +}: { + imports = [ + ./bash.nix + ./btop.nix + ./catppuccin.nix + ./git.nix + ./gnupg.nix + ./liquidprompt.nix + ./ssh.nix + ./topgrade.nix + ]; + home.packages = with pkgs; [ + figlet + file + fzf + gnupg + gping + htop + iftop + iw + jq + keychain + keyutils + links2 + liquidprompt + moreutils + ncdu + nmap + pinentry-curses + pipx + ps_mem + psmisc + sqlite + trippy + unzip + wget + zip + ]; + services = { + gpg-agent = { + enable = true; + defaultCacheTtl = 1800; + enableSshSupport = true; + }; + }; + programs.keychain = { + enable = true; + enableBashIntegration = true; + keys = "id_aur id_dsa id_ed25519 git C7E41C9F79C846984163693FCCD8E76F07EA701B"; + }; + home.file.".links/links.cfg".source = files/links.cfg; + xdg.configFile."nix/nix.conf".text = '' + extra-experimental-features = flakes nix-command + ''; +} diff --git a/home/gui/default.nix b/home/gui/default.nix index 100d62d..88f2fa7 100644 --- a/home/gui/default.nix +++ b/home/gui/default.nix @@ -67,7 +67,7 @@ in { shikane # signal-desktop simple-scan - syncthingtray + # syncthingtray systemd-lock-handler # telegram-desktop texlive.combined.scheme-medium diff --git a/home/gui/mpv.nix b/home/gui/mpv.nix index bbbb46b..a988f58 100644 --- a/home/gui/mpv.nix +++ b/home/gui/mpv.nix @@ -35,8 +35,8 @@ ytdl = "yes"; ytdl-format = "bestvideo+bestaudio"; # Only needed when/if youtube blocks annon access again - ytdl-raw-options = "no-playlist=,cookies-from-browser=firefox,force-ipv4="; - # ytdl-raw-options = "no-playlist="; + # ytdl-raw-options = "no-playlist=,cookies-from-browser=firefox,force-ipv4="; + ytdl-raw-options = "no-playlist=,force-ipv4="; }; profiles = { utube = { diff --git a/home/gui/sway.nix b/home/gui/sway.nix index 1f0ba3b..ae69258 100644 --- a/home/gui/sway.nix +++ b/home/gui/sway.nix @@ -14,8 +14,7 @@ set $snd_sink alsa_output.usb-Corsair_CORSAIR_VOID_ELITE_Wireless_Gaming_Dongle-00.iec958-stereo set $lock /home/don/bin/lock.sh - exec_always sway-audio-idle-inhibit - exec swayidle -w \ + exec ${pkgs.swayidle}/bin/swayidle -w \ timeout 300 $lock \ timeout 360 'swaymsg "output * dpms off"' \ resume 'swaymsg "output * dpms on"' \ @@ -67,16 +66,16 @@ bindsym $mod+Shift+q kill # start dmenu (a program launcher) - set $menu_command fuzzel + set $menu_command ${pkgs.fuzzel}/bin/fuzzel set $bemenu_options -i --nb "#3f3f3f" --nf "#dcdccc" -fn "pango:JetBrains Mono 8" - set $menu dmenu-wl_path | bemenu $bemenu_options| xargs swaymsg exec -- + set $menu ${pkgs.dmenu-wayland}/bin/dmenu-wl_path | ${pkgs.bemenu}/bin/bemenu $bemenu_options| xargs swaymsg exec -- bindsym $mod+Shift+d exec $menu # Screenshots: - bindsym Mod4+p exec grimshot --notify save active # Current window - bindsym Mod4+Shift+p exec grimshot --notify save area # Select area - bindsym Mod4+Mod1+p exec grimshot --notify save output # Current output - bindsym Mod4+Ctrl+p exec grimshot --notify save window # Select a window + bindsym Mod4+p exec ${pkgs.sway-contrib.grimshot}/bin/grimshot --notify save active # Current window + bindsym Mod4+Shift+p exec ${pkgs.sway-contrib.grimshot}/bin/grimshot --notify save area # Select area + bindsym Mod4+Mod1+p exec ${pkgs.sway-contrib.grimshot}/bin/grimshot --notify save output # Current output + bindsym Mod4+Ctrl+p exec ${pkgs.sway-contrib.grimshot}/bin/grimshot --notify save window # Select a window # rofi app and window launchers bindsym $mod+p exec --no-startup-id $menu @@ -305,24 +304,24 @@ client.background #F8F8F2 exec ${pkgs.pasystray}/bin/pasystray - exec_always keyctl link @u @s + exec_always ${pkgs.keyutils}/bin/keyctl link @u @s exec ${pkgs.shikane}/bin/shikane exec ${pkgs.wayland-pipewire-idle-inhibit}/bin/wayland-pipewire-idle-inhibit - exec_always shikanectl reload - exec kitty -o initial_window_width=40c -o initial_window_height=30c --title ttmenu -e ttmenu-loop + exec_always ${pkgs.shikane}/bin/shikanectl reload + exec ${pkgs.foot}/bin/foot -W 36x22 -T ttmenu -f "Courier New:size=12" -e ttmenu-loop seat * hide_cursor 8000 - exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK - exec dbus-update-activation-environment --all 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK - exec --no-startup-id udiskie - exec wl-paste -t text --watch clipman store - exec configure-gtk - exec dovideo.sh - exec auto-start - exec swaync - exec nm-applet + exec ${pkgs.systemd}/bin/systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK + exec ${pkgs.dbus}/bin/dbus-update-activation-environment --all 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK + exec ${pkgs.udiskie}/bin/udiskie + exec ${pkgs.wl-clipboard}/bin/wl-paste -t text --watch clipman store + exec ~/bin/configure-gtk + exec ~/bin/dovideo.sh + exec ~/bin/auto-start + exec ${pkgs.swaynotificationcenter}/bin/swaync + exec ${pkgs.networkmanagerapplet}/bin/nm-applet exec ${pkgs.kdePackages.kdeconnect-kde}/bin/kdeconnect-indicator - exec myweb - exec myterm + exec ~/bin/myweb + exec ~/bin/myterm exec ${pkgs.headset-charge-indicator}/bin/headset-charge-indicator.py exec ${pkgs.wlsunset}/bin/wlsunset -l 29.7 -L -95.8 exec ${pkgs.blueberry}/bin/blueberry-tray diff --git a/home/pi-server.nix b/home/pi-server.nix new file mode 100644 index 0000000..7fc1e53 --- /dev/null +++ b/home/pi-server.nix @@ -0,0 +1,33 @@ +{ + inputs, + outputs, + pkgs, + pkgs-stable, + ... +}: { + imports = [inputs.home-manager.nixosModules.home-manager]; + home-manager.extraSpecialArgs = { + pkgs-stable = import pkgs-stable {config.allowUnfree = true;}; + inherit inputs outputs; + }; + home-manager = { + useUserPackages = true; + backupFileExtension = "home-manager-backup"; + users = { + don = { + imports = [ + inputs.catppuccin.homeModules.catppuccin + ./common/pi-server.nix + ]; + home = { + username = "don"; + homeDirectory = "/home/don"; + stateVersion = "23.05"; + }; + programs = { + home-manager = {enable = true;}; + }; + }; + }; + }; +} diff --git a/home/work/citrix.nix b/home/work/citrix.nix index c141b24..1ac3f73 100644 --- a/home/work/citrix.nix +++ b/home/work/citrix.nix @@ -1,11 +1,42 @@ -{ lib, config, pkgs, inputs, outputs, home-manager, ... }: -with lib; -let cfg = config.roles.citrix; +{ + lib, + config, + pkgs, + inputs, + outputs, + home-manager, + ... +}: +with lib; let + cfg = config.roles.citrix; + # FIXME : remove when new version of Citrix is released + pkgs = + # DELME + import (builtins.fetchTarball { + # DELME + url = "https://github.com/NixOS/nixpkgs/archive/29b6e7097f50955f49a81d2665fb21c94c43df19.tar.gz"; # DELME + sha256 = "0zrkfxj130gbgixgk8yaxk5d9s5ppj667x38n4vys4zxw5r60bjz"; # DELME + }) { + # DELME + config = { + # DELME + allowUnfree = true; # DELME + allowInsecure = true; # DELME + permittedInsecurePackages = [ + # DELME + "libsoup-2.74.3" # DELME + ]; # DELME + }; # DELME + }; # DELME + + citrix_workspace_overlay = pkgs.citrix_workspace; # DELME in { - options.roles.citrix = { enable = lib.mkEnableOption "citrix tools"; }; + options.roles.citrix = {enable = lib.mkEnableOption "citrix tools";}; config = mkIf cfg.enable { - home-manager.users.don.home.packages = with pkgs; [ citrix_workspace ]; - nixpkgs.config.permittedInsecurePackages = [ "libsoup-2.74.3" ]; + # FIXME : remove when new version of Citrix is released + # home-manager.users.don.home.packages = with pkgs; [citrix_workspace]; + home-manager.users.don.home.packages = with pkgs; [citrix_workspace_overlay]; # DELME + nixpkgs.config.permittedInsecurePackages = ["libsoup-2.74.3"]; # home-manager.users.don.home.packages = with pkgs; # [ citrix_workspace_24_11_0 ]; home-manager.users.don.home.file."ICAClient" = { diff --git a/hosts/book/default.nix b/hosts/book/default.nix index 1152e8a..3d24dd2 100644 --- a/hosts/book/default.nix +++ b/hosts/book/default.nix @@ -1,4 +1,11 @@ -{ inputs, outputs, lib, config, pkgs, ... }: { +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { imports = [ inputs.nixos-hardware.nixosModules.google-pixelbook ./hardware-configuration.nix @@ -10,12 +17,12 @@ variables.swayScale = "1.5"; roles = { - citrix.enable = true; - zoom.enable = true; + citrix.enable = false; + zoom.enable = false; gui.enable = true; kmscon.enable = true; auto-cpufreq.enable = true; gnome-calendar.enable = true; }; - wm = { sway.enable = true; }; + wm = {sway.enable = true;}; } diff --git a/hosts/display/colmena.nix b/hosts/display/colmena.nix index f95ed01..8017ac7 100644 --- a/hosts/display/colmena.nix +++ b/hosts/display/colmena.nix @@ -11,6 +11,7 @@ tags = ["arm"]; targetUser = "don"; privilegeEscalationCommand = ["/run/wrappers/bin/doas"]; - targetHost = "display.home.duckland.org"; + # targetHost = "display.home.duckland.org"; + targetHost = "192.168.1.142"; }; } diff --git a/hosts/display/kiosk.nix b/hosts/display/kiosk.nix index d304653..d6a4571 100644 --- a/hosts/display/kiosk.nix +++ b/hosts/display/kiosk.nix @@ -1,13 +1,26 @@ -{ inputs, outputs, lib, config, pkgs, ... }: { - # environment.systemPackages = with pkgs; [ cog ]; - environment.systemPackages = with pkgs; [ firefox ]; +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + environment.systemPackages = with pkgs; [kdePackages.falkon cage wlsunset]; - services.cage = { - enable = true; - user = "don"; - extraArguments = [ "-d" ]; - program = - # "${pkgs.cog}/bin/cog --scale=1.4 http://homeassistant.home.duckland.org:8123/dashboard-pi/0"; - "${pkgs.firefox}/bin/firefox --kiosk http://homeassistant.home.duckland.org:8123/dashboard-pi/0"; + services = { + cage = { + enable = true; + user = "don"; + extraArguments = ["-d"]; + program = "${pkgs.kdePackages.falkon}/bin/falkon --fullscreen http://harper2.home.duckland.org:8123/dashboard-pi/0"; + }; + }; + home-manager.users.don.services = { + wlsunset = { + enable = true; + latitude = 29.7; + longitude = -95.8; + }; }; } diff --git a/hosts/loki/default.nix b/hosts/loki/default.nix index 9947c33..ad0a609 100644 --- a/hosts/loki/default.nix +++ b/hosts/loki/default.nix @@ -1,4 +1,11 @@ -{ inputs, outputs, lib, config, pkgs, ... }: { +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { imports = [ inputs.nixos-hardware.nixosModules.framework-amd-ai-300-series ./hardware-configuration.nix @@ -6,7 +13,6 @@ ../workstation ]; networking.hostName = "loki"; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; variables.address = "100.72.0.1"; variables.swayScale = "1.2"; @@ -20,5 +26,5 @@ gnome-calendar.enable = true; }; primary.enable = true; - wm = { sway.enable = true; }; + wm = {sway.enable = true;}; } diff --git a/hosts/pi-server/default.nix b/hosts/pi-server/default.nix index 25cd052..6486158 100644 --- a/hosts/pi-server/default.nix +++ b/hosts/pi-server/default.nix @@ -5,17 +5,7 @@ config, pkgs, ... -}: let - my-python-packages = python-packages: - with python-packages; [ - pip - pipx - python-dateutil - setuptools - requests - ]; - python-with-my-packages = pkgs.python313.withPackages my-python-packages; -in { +}: { nix = { settings = { experimental-features = ["nix-command" "flakes"]; @@ -30,7 +20,7 @@ in { }; }; imports = [ - ../../home + ../../home/pi-server.nix ./services.nix ./systemd.nix ../vars.nix @@ -62,16 +52,6 @@ in { # Bootloader. boot = { kernelPackages = pkgs.linuxPackages_rpi4; - kernelParams = ["consoleblank=60"]; - #loader = { - #systemd-boot = { - #enable = true; - #}; - #efi = { - #canTouchEfiVariables = true; - #efiSysMountPoint = "/boot"; - #}; - #}; plymouth = {enable = true;}; kernel = {sysctl = {"vm.swappiness" = 10;};}; }; @@ -92,16 +72,8 @@ in { }; services = { - pcscd = {enable = true;}; beszel-agent = {enable = true;}; - avahi = { - enable = true; - nssmdns4 = true; - }; - printing = {enable = true;}; - udisks2 = {enable = true;}; nscd = {enableNsncd = true;}; - tailscale = {enable = true;}; locate = { enable = true; package = pkgs.mlocate; @@ -151,42 +123,22 @@ in { memoryPercent = 25; memoryMax = 2147483648; }; - #nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ - # python-with-my-packages python313 - aspell - aspellDicts.en base16-schemes bash-completion btop - colmena dmidecode - docker-compose - git-crypt - gitFull home-manager - hunspell - hunspellDicts.en_US - isync - just - lazydocker lsb-release lsof nix-bash-completions - nixfmt-classic pkg-config - podman - poppler_utils - ruby sops - udiskie ]; programs = { - dconf = {enable = true;}; - mtr = {enable = true;}; gnupg = { agent = { enable = true; @@ -196,57 +148,12 @@ in { }; }; - nixpkgs.overlays = [ - (final: super: { - khal = super.khal.overridePythonAttrs (_: {doCheck = false;}); - }) - ]; - # Open ports in the firewall. networking.firewall = { enable = true; - # always allow traffic from your Tailscale network - trustedInterfaces = ["tailscale0"]; checkReversePath = "loose"; - - # allow the Tailscale UDP port through the firewall - allowedUDPPorts = [config.services.tailscale.port]; - allowedTCPPortRanges = [ - { - from = 1714; - to = 1764; - } - ]; - allowedUDPPortRanges = [ - { - from = 1714; - to = 1764; - } - ]; - - # allow you to SSH in over the public internet allowedTCPPorts = [22]; }; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It's perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? - programs.msmtp = { - enable = true; - accounts = { - default = { - auth = true; - tls = true; - port = 587; - from = "duck@duckland.org"; - host = "smtp.gmail.com"; - user = "duckunix@gmail.com"; - passwordeval = "cat /home/don/.smtp_password.txt"; - }; - }; - }; } diff --git a/hosts/pi-server/systemd.nix b/hosts/pi-server/systemd.nix index c28077e..30d90c1 100644 --- a/hosts/pi-server/systemd.nix +++ b/hosts/pi-server/systemd.nix @@ -1,45 +1,14 @@ -{ pkgs, ... }: -let - readlink = "${pkgs.coreutils}/bin/readlink"; - notify-send = "${pkgs.libnotify}/bin/notify-send"; -in { +{pkgs, ...}: { systemd = { services = { clean-keychain = { description = "Clean up .keychain on boot"; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig = { Type = "oneshot"; ExecStart = "${pkgs.coreutils-full}/bin/rm -rf /home/don/.keychain"; }; }; }; - user = { - services = { - detect-reboot-for-upgrade = { - script = '' - set -eu -o pipefail - booted="$(${readlink} /run/booted-system/{initrd,kernel,kernel-modules})" - built="$(${readlink} /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})" - if [[ "''${booted}" != "''${built}" ]]; - then - echo "Looks like we need a reboot!" - ${notify-send} --urgency=low --icon=system-reboot "Reboot is needed for a NixOS upgrade." - fi - ''; - serviceConfig = { Type = "oneshot"; }; - }; - }; - timers = { - detect-reboot-for-upgrade = { - wantedBy = [ "timers.target" ]; - partOf = [ "detect-reboot-for-upgrade.service" ]; - timerConfig = { - OnCalendar = "hourly"; - Unit = "detect-reboot-for-upgrade.service"; - }; - }; - }; - }; }; } diff --git a/hosts/pocket2/default.nix b/hosts/pocket2/default.nix index dfb2213..03c06c9 100644 --- a/hosts/pocket2/default.nix +++ b/hosts/pocket2/default.nix @@ -1,4 +1,11 @@ -{ inputs, config, pkgs, ... }: { +{ + inputs, + outputs, + libs, + config, + pkgs, + ... +}: { imports = [ ./hardware-configuration.nix inputs.nixos-hardware.nixosModules.common-cpu-intel @@ -8,8 +15,17 @@ ../workstation ]; networking.hostName = "pocket2"; + variables.address = "192.168.1.12"; variables.swayScale = "1.7"; - roles = { gui.enable = true; }; - wm = { sway.enable = true; }; + roles = { + citrix.enable = false; + zoom.enable = false; + gui.enable = true; + kmscon.enable = true; + games.enable = false; + auto-cpufreq.enable = false; + gnome-calendar.enable = true; + }; + wm = {sway.enable = true;}; } diff --git a/hosts/server/default.nix b/hosts/server/default.nix index 4fed04d..6e3f469 100644 --- a/hosts/server/default.nix +++ b/hosts/server/default.nix @@ -1,5 +1,11 @@ -{ inputs, outputs, lib, config, pkgs, ... }: -let +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: let my-python-packages = python-packages: with python-packages; [ pip @@ -12,10 +18,10 @@ let in { nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = ["nix-command" "flakes"]; warn-dirty = false; auto-optimise-store = true; - trusted-users = [ "root" "don" ]; + trusted-users = ["root" "don"]; }; gc = { automatic = true; @@ -49,14 +55,15 @@ in { inputMethod = { enable = true; type = "fcitx5"; - fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-gtk ]; + fcitx5.addons = with pkgs; [fcitx5-mozc fcitx5-gtk]; }; }; # Bootloader. boot = { + binfmt.emulatedSystems = ["aarch64-linux"]; kernelPackages = pkgs.linuxPackages_latest; - kernelParams = [ "consoleblank=60" ]; + kernelParams = ["consoleblank=60"]; #loader = { #systemd-boot = { #enable = true; @@ -66,34 +73,36 @@ in { #efiSysMountPoint = "/boot"; #}; #}; - plymouth = { enable = true; }; - kernel = { sysctl = { "vm.swappiness" = 10; }; }; + plymouth = {enable = true;}; + kernel = {sysctl = {"vm.swappiness" = 10;};}; }; security = { - polkit = { enable = true; }; + polkit = {enable = true;}; sudo.enable = false; doas = { enable = true; - extraRules = [{ - users = [ "don" ]; - keepEnv = true; - noPass = true; - }]; + extraRules = [ + { + users = ["don"]; + keepEnv = true; + noPass = true; + } + ]; }; }; services = { - pcscd = { enable = true; }; - beszel-agent = { enable = true; }; + pcscd = {enable = true;}; + beszel-agent = {enable = true;}; avahi = { enable = true; nssmdns4 = true; }; - printing = { enable = true; }; - udisks2 = { enable = true; }; - nscd = { enableNsncd = true; }; - tailscale = { enable = true; }; + printing = {enable = true;}; + udisks2 = {enable = true;}; + nscd = {enableNsncd = true;}; + tailscale = {enable = true;}; locate = { enable = true; package = pkgs.mlocate; @@ -172,15 +181,15 @@ in { nixfmt-classic pkg-config podman - poppler_utils + poppler-utils ruby sops udiskie ]; programs = { - dconf = { enable = true; }; - mtr = { enable = true; }; + dconf = {enable = true;}; + mtr = {enable = true;}; gnupg = { agent = { enable = true; @@ -192,25 +201,29 @@ in { nixpkgs.overlays = [ (final: super: { - khal = super.khal.overridePythonAttrs (_: { doCheck = false; }); + khal = super.khal.overridePythonAttrs (_: {doCheck = false;}); }) ]; # Open ports in the firewall. networking.firewall = { enable = true; - trustedInterfaces = [ "tailscale0" ]; + trustedInterfaces = ["tailscale0"]; checkReversePath = "loose"; - allowedUDPPorts = [ config.services.tailscale.port ]; - allowedTCPPortRanges = [{ - from = 1714; - to = 1764; - }]; - allowedUDPPortRanges = [{ - from = 1714; - to = 1764; - }]; - allowedTCPPorts = [ 22 ]; + allowedUDPPorts = [config.services.tailscale.port]; + allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + allowedTCPPorts = [22]; }; # This value determines the NixOS release from which the default diff --git a/hosts/workstation/default.nix b/hosts/workstation/default.nix index 3241b8b..d9518f9 100644 --- a/hosts/workstation/default.nix +++ b/hosts/workstation/default.nix @@ -99,6 +99,7 @@ in { # Bootloader. boot = { + binfmt.emulatedSystems = ["aarch64-linux"]; # kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_zen; kernelParams = ["consoleblank=60" "mem_sleep_default=deep"]; @@ -307,7 +308,7 @@ in { isync pkg-config playerctl - poppler_utils + poppler-utils pulseaudio ruby sops diff --git a/justfile b/justfile index 4c7126e..375db94 100644 --- a/justfile +++ b/justfile @@ -105,8 +105,8 @@ pull: @rm -f nixos-switch.log @doas nix-prefetch-url file://`pwd`/`ls -1 src/linuxx64* | tail -n1` &> nixos-switch.log || ( cat nixos-switch.log && false ) @rm -f nixos-switch.log - # @doas nix-prefetch-url file://`pwd`/`ls -1 src/linuxarm64* | tail -n1` &> nixos-switch.log || ( cat nixos-switch.log && false ) - # @rm -f nixos-switch.log + @# @doas nix-prefetch-url file://`pwd`/`ls -1 src/linuxarm64* | tail -n1` &> nixos-switch.log || ( cat nixos-switch.log && false ) + @# @rm -f nixos-switch.log # Add everything to git ci: diff --git a/nixos-anywhere/flake.lock b/nixos-anywhere/flake.lock index 9fa1bc4..5dce419 100644 --- a/nixos-anywhere/flake.lock +++ b/nixos-anywhere/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1741786315, - "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", + "lastModified": 1762276996, + "narHash": "sha256-TtcPgPmp2f0FAnc+DMEw4ardEgv1SGNR3/WFGH0N19M=", "owner": "nix-community", "repo": "disko", - "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", + "rev": "af087d076d3860760b3323f6b583f4d828c1ac17", "type": "github" }, "original": { @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741865919, - "narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=", + "lastModified": 1762361079, + "narHash": "sha256-lz718rr1BDpZBYk7+G8cE6wee3PiBUpn8aomG/vLLiY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "573c650e8a14b2faa0041645ab18aed7e60f0c9a", + "rev": "ffcdcf99d65c61956d882df249a9be53e5902ea5", "type": "github" }, "original": { diff --git a/src/linuxx64-25.08.0.88.tar.gz b/src/linuxx64-25.08.0.88.tar.gz new file mode 100644 index 0000000..67134ef Binary files /dev/null and b/src/linuxx64-25.08.0.88.tar.gz differ