418 Commits

Author SHA1 Message Date
materus 431fc8f7ae valkyrie: add new materusVM key 2026-01-10 12:23:05 +01:00
materus 2921f8d9cc Updates 2025-10-08 08:42:32 +02:00
materus dba31836a5 Updates 2025-08-19 12:28:58 +02:00
materus a556bc0e8a Updates 2025-08-19 11:59:56 +02:00
materus d99f184f31 valkyrie: add alexa ip 2025-07-27 01:19:38 +02:00
materus 81cd54faa8 valkyrie: remove test ips 2025-07-27 01:10:41 +02:00
materus a3d6fbeb40 flake: update lock; Network updates 2025-07-27 00:57:10 +02:00
materus 65492a133e Old-materusPC: VM 2025-07-27 00:09:09 +02:00
materus 15babc1afd Network update 2025-07-27 00:08:21 +02:00
materus 1091489449 update 2025-07-20 23:49:26 +02:00
materus 834ead36d7 Old-materusPC: vscode update 2025-07-20 15:18:15 +02:00
materus fce385129f Old-materusPC: flake update, minecraft update 2025-07-20 12:49:35 +02:00
materus 9c1b52829b flamaster: update 2025-07-17 07:30:36 +02:00
materus ed47b3a9d3 codium: update JS/TS settings 2025-07-13 13:46:59 +02:00
materus 9884d1a8a3 Merge branch 'master' of github.com:materusPL/nixos-config 2025-07-10 19:40:51 +02:00
materus 1e83c8adf7 update 2025-07-10 19:39:04 +02:00
materus 4f2a9a71a6 update 2025-06-13 20:12:28 +02:00
materus c9eeaca475 update 2025-06-13 16:55:29 +02:00
materus e85eda8035 Merge branch 'master' of github.com:materusPL/nixos-config 2025-06-08 19:24:24 +02:00
materus cf1895a14e 25.05 updates 2025-06-08 19:24:01 +02:00
materus 18012450c0 update to 25.05 2025-06-07 01:03:14 +02:00
materus 81f6d6f06d update 2025-05-23 20:38:05 +02:00
materus 371b1b1432 update 2025-05-23 18:07:26 +02:00
materus fd229ecd76 Update Emacs Config 2025-05-02 19:12:00 +02:00
materus f5d0d4065f emacs changes 2025-04-20 14:07:31 +02:00
materus c53025cdc4 update old pc 2025-04-18 20:59:07 +02:00
materus c8a9b3cf43 update 2025-04-18 11:50:53 +02:00
materus 730482c98b Update 2024-12-05 16:00:58 +01:00
materus a69bbcbf6a update 2024-11-27 13:46:39 +01:00
materus 434aae4ac5 done test 2024-11-22 00:13:27 +01:00
materus 1ac33dd3a4 test 2024-11-22 00:12:27 +01:00
materus 7ddede1bb4 test 2024-11-22 00:11:35 +01:00
materus 1e929fedae test 2024-11-22 00:10:14 +01:00
materus 3a1f46d4e6 test 2024-11-22 00:09:03 +01:00
materus 8b25020998 test 2024-11-22 00:07:31 +01:00
materus 99627a1343 test 2024-11-22 00:06:28 +01:00
materus f7bfded848 test 2024-11-22 00:05:22 +01:00
materus 41b70d8fa4 done test 2024-11-21 23:52:25 +01:00
materus 3146038d53 test 2024-11-21 23:48:51 +01:00
materus 7dc2a4befa test 2024-11-21 22:45:05 +01:00
materus 9a1d03dd96 test 2024-11-21 22:41:34 +01:00
materus 2076d2c16b test 2024-11-21 22:36:35 +01:00
materus 011ae1606b test 2024-11-21 22:34:26 +01:00
materus b81698d1e0 test 2024-11-21 22:33:13 +01:00
materus 1c84c80bfc test 2024-11-21 22:30:12 +01:00
materus 9733c9fee4 test 2024-11-21 22:21:57 +01:00
materus e374cc2f6f test 2024-11-21 22:04:08 +01:00
materus 241d269789 test 2024-11-21 21:57:55 +01:00
materus 30ca0d4dcf test 2024-11-21 21:56:29 +01:00
materus 35380d2465 test 2024-11-21 21:52:35 +01:00
materus 44228e35c9 test 2024-11-21 21:51:37 +01:00
materus 3c1f23b5d4 Change tangle rules 2024-11-21 21:33:57 +01:00
materus 3ee90d9e60 Updates 2024-11-21 20:55:04 +01:00
materus 1d99fb630f Emacs update, fix corfu-mouse 2024-11-20 22:41:58 +01:00
materus 443da9482a update 2024-11-20 00:57:28 +01:00
materus 1e436f0842 update 2024-11-20 00:49:27 +01:00
materus fec28354bd Updates 2024-11-18 00:28:37 +01:00
materus 9e97dc6f65 Lot of changes, ignoring previous commits format 2024-11-15 18:01:13 +01:00
materus 3d1cc80150 configurations: emacs 2024-11-11 01:22:14 +01:00
materus d3d3397c23 configurations: emacs default encoding 2024-11-10 13:48:00 +01:00
materus 20ace25096 configurations: emacs org config, fix new lines 2024-11-10 13:19:45 +01:00
materus 9652b3877f configurations: emacs tests 2024-11-10 13:12:20 +01:00
materus cecc49700e configurations: emacs tests 2024-11-10 13:07:35 +01:00
materus 9a31ce388f configurations: emacs tests 2024-11-10 13:02:42 +01:00
materus 0a20666db2 configurations: emacs tests 2024-11-10 13:00:18 +01:00
materus ff3cd527f6 configurations: emacs tests 2024-11-10 12:48:01 +01:00
materus 3a6e84cb9c configurations: emacs tests 2024-11-10 12:47:16 +01:00
materus c0b1e1fe57 configurations: emacs tests 2024-11-10 12:46:02 +01:00
materus 8affc46e78 configurations: emacs tests 2024-11-10 12:45:20 +01:00
materus 41f8d29038 configurations: emacs tests 2024-11-10 12:41:54 +01:00
materus 2a09e184df configurations: emacs test org rendering 2024-11-10 12:29:28 +01:00
materus 828f5df566 configurations: emacs org test 2024-11-10 11:58:50 +01:00
materus b2c7c75790 materusPC: plasma defaults update 2024-11-10 11:51:15 +01:00
materus ae24e92771 configurations: vscode changes 2024-11-10 11:50:48 +01:00
materus c390ed0977 configurations: emacs, move config to org file 2024-11-10 11:50:21 +01:00
materus 8dbe62606b configurations: update vscode config 2024-11-04 20:15:41 +01:00
materus ec15512b0e configurations: emacs 2024-11-03 14:03:17 +01:00
materus 729dce48c5 Old-materusPC: vscode settings csharp 2024-11-02 09:25:12 +01:00
materus 9761f22f0c Old-materusPC: vscode settings 4 2024-11-01 22:51:06 +01:00
materus b6dbd01553 Old-materusPC: vscode settings 3 2024-11-01 22:26:09 +01:00
materus 8643263568 Old-materusPC: vscode settings 2 2024-11-01 18:25:36 +01:00
materus 5550ce20e7 Old-materusPC: vscode settings 2024-11-01 15:15:20 +01:00
materus 6590f99c8d configurations & Old-materusPC: vscode settings 2024-11-01 00:10:11 +01:00
materus aaf9221f44 configurations: add nix vscode-extensions to registry 2024-10-31 21:19:28 +01:00
materus fde5aa4bda flake: update lock 2024-10-31 21:19:04 +01:00
materus a2cfe918f4 .gitignore 2024-10-31 21:09:53 +01:00
materus 08870222f3 .gitignore 2024-10-31 21:05:37 +01:00
materus 2971dd2dc7 configurations: emacs changes 2 2024-10-30 22:06:16 +01:00
materus eb746b0e7c configurations: emacs changes 2024-10-30 16:37:59 +01:00
materus 868a49fb74 configurations: emacs and plasma-manger changes, crypt.sh formatting 2024-10-30 14:09:43 +01:00
materus 4912a5bc99 configurations: replace nil with nixd 2024-10-29 14:28:17 +01:00
materus cf452a09ed configurations: add micro to terminalApps 2024-10-29 13:32:14 +01:00
materus d9995faa9a materusPC: disable emacs 2024-10-29 13:27:33 +01:00
materus 11987e1f3b configurations: update emacs config 2024-10-29 13:15:12 +01:00
materus 1154c45291 materusPC: plasma-manager and emacs updates 2024-10-28 16:31:39 +01:00
materus a69b24ac89 materusPC: plasma-manager update spectacle 2024-10-28 08:08:27 +01:00
materus 58f86d3b84 materusPC: plasma-manager reset spectacle 2024-10-28 00:27:29 +01:00
materus 4dfcc37c3c materusPC: updates 2024-10-27 22:00:57 +01:00
materus 319f3899ab materusPC: plasma-manager customButtonImage 2024-10-25 23:37:21 +02:00
materus b7c314c6cc materusPC: disable ozone for brave 2024-10-25 23:34:45 +02:00
materus 8425f3547c materusPC: samba follow links for VM 2024-10-25 23:29:33 +02:00
materus d3a1c9260a configurations: add qalculate-qt to desktopPackages 2024-10-24 12:14:16 +02:00
materus a5199290d4 materusPC: mount windows disk to non vfio vm 2024-10-24 11:11:32 +02:00
materus 0113129093 materusPC: plasma-manager video filename 2024-10-23 21:05:47 +02:00
materus 1056568b6c materusPC: plasma-manager disable kwallet 2024-10-23 15:28:13 +02:00
materus c2f4b59d90 homes: move shared modules to hosts 2024-10-23 11:35:54 +02:00
materus 1ab225b553 homes: add plasma-manager as shared home modules for nixos hosts 2024-10-23 11:10:28 +02:00
materus 4737695b57 homes: add plasma-manager as shared home module, remove from hosts 2024-10-23 11:07:05 +02:00
materus 0a163b6dc0 hosts: add plasma-manager as shared home module 2024-10-23 11:06:09 +02:00
materus badbe9c8d2 configurations: fix plasma-manager in registry 2024-10-23 10:59:28 +02:00
materus bb86604348 configurations: add plasma-manager to registry 2024-10-22 09:49:51 +02:00
materus 0ecfadd82c flake: update lock 2024-10-21 23:13:08 +02:00
materus 5b908cb519 flake: update lock 2024-10-21 23:07:28 +02:00
materus 9a209160a9 configurations: disable wezterm 2024-10-21 17:09:26 +02:00
materus 935de5f352 materusPC: remove test user 2024-10-21 16:49:19 +02:00
materus c4fccc6f11 flake: update lock 2024-10-21 16:39:29 +02:00
materus a14063f51d materusPC: move user config 2024-10-21 16:37:27 +02:00
materus a1cf15a3ad materusPC: add test user 2024-10-21 16:36:20 +02:00
materus 6d16c995e2 materusPC: desktop env changes 2024-10-18 17:32:47 +02:00
materus 6ac8524294 materusPC: add nix ld 2024-10-18 17:00:45 +02:00
materus 533691247d materusPC: init archlinux nspawn container 2024-10-15 23:45:46 +02:00
materus a075a51ed4 flake: update lock 2024-10-15 22:48:55 +02:00
materus 55264c7d5e waffentrager: fix spaces count in samba cfg 2024-10-15 21:24:25 +02:00
materus 006250b806 configurations: add vk basalt, add hp drivers, vim changes 2024-10-15 21:22:16 +02:00
materus 8327d4cfd3 materusPC: java settings 2024-09-26 00:04:39 +02:00
materus 710108fd6f profile: mpv 2024-09-25 23:54:01 +02:00
materus 59aaa7f319 waffentrager: updates 2024-09-25 23:53:39 +02:00
materus cba573ed94 flake: update lock 2024-09-25 23:53:21 +02:00
materus fecfdec551 Old-materusPC: use unstable kernel and nvidia, rename fonts.fonts; 2024-09-21 11:08:41 +02:00
materus 6bb1330d70 Old-materusPC & materusPC: wireguard keep-alive 2024-09-21 11:07:57 +02:00
materus 5b84ce4c5d valkyrie: ipv6 config 2024-09-20 11:02:08 +02:00
materus 2e8ee98b26 common: mpv changes 2024-09-18 10:19:30 +02:00
materus 1f822e8211 waffentrager: valkyrie: jellyfin and wireguard related changes 2024-09-15 21:44:06 +02:00
materus f8acddeb2c waffentrager: change nginx to tengine, add default location 2024-09-15 21:43:20 +02:00
materus d4b7c80be6 materusPC: remove lxd group 2024-09-15 21:42:17 +02:00
materus 7135b53f7d materusPC: change rpfilter for wireguard 2024-09-15 21:41:55 +02:00
materus 879c876721 materusPC: change max VTs to 4 2024-09-15 21:41:28 +02:00
materus 79bc6c72df common: add syncplay to home apps 2024-09-15 21:40:59 +02:00
materus c5602cebbf scripts: convert: add nix build to ensure path 2024-09-15 21:40:25 +02:00
materus ed1b629386 flake: update lock 2024-09-15 21:39:51 +02:00
materus 448e1c58ae waffentrager: add maloja and multi-scrobbler, file restructure. valkyrie: reverse proxy (correct commit) 2024-09-12 11:56:18 +02:00
materus e233dc9efa waffentrager: add maloja and multi-scrobbler, file restructure. valkyrie: reverse proxy 2024-09-12 11:55:35 +02:00
materus dd0283e65a configurations: updates to script, moniotoring and dcbot 2024-09-09 11:04:15 +02:00
materus 3406af1780 waffentrager: move prometheus stateDir 2024-09-03 10:43:00 +02:00
materus f892292aa0 waffentrager: monitoring 2024-09-03 10:12:23 +02:00
materus b9f78639c8 flake: update lock 2024-09-02 23:20:21 +02:00
materus f0e03b7e01 waffentrager: samba updates 2024-09-02 23:20:13 +02:00
materus fde2617ea8 waffentrager: add disabled grafana 2024-09-02 23:19:58 +02:00
materus fd5e096b37 waffentrager: upnp ports 2024-08-31 17:41:26 +02:00
materus 4452704de0 valkyrie: wireguard changes 2024-08-30 17:10:33 +02:00
materus 5c9fb14d41 waffentrager: commented out service 2024-08-30 16:57:34 +02:00
materus 7ef15e5f5a materusPC: add jackett 2024-08-30 16:57:16 +02:00
materus 8f2f6b2c37 flake: update lock 2024-08-30 16:56:52 +02:00
materus e7bff66b1e waffentrager: changes to services 2024-08-23 18:48:38 +02:00
materus 04808eb9da flake: update lock 2024-08-23 18:47:57 +02:00
materus b5fa9e6f4c scripts: convert: another change quality 2024-08-23 18:47:47 +02:00
materus 1381df6297 Merge branch 'master' of github.com:materusPL/nixos-config 2024-08-19 20:14:44 +02:00
materus ab0f13a542 materusPC: add some apps 2024-08-19 20:14:01 +02:00
materus 25fffb3879 flake: update lock 2024-08-19 20:13:31 +02:00
materus 9c9d53b976 valkyrie: dcbot disable update alerts 2024-08-19 20:13:13 +02:00
materus bb4b85013c Old-materusPC: syncthing settings 2024-08-19 08:27:50 +02:00
materus c5aeae2cff valkyrie: jellyfin nginx changes 2024-08-11 20:05:30 +02:00
materus 5e96a9fcca materusPC: add kde connect 2024-08-08 20:45:54 +02:00
materus 4fdee87636 waffentrager: add jellyfin 2024-08-08 20:45:42 +02:00
materus 87bdc15245 materusPC: rename windows virtual machine 2024-08-05 00:27:55 +02:00
materus b9ce475a3e Old-materusPC: nvidia settings, renames to new 2024-07-26 21:23:58 +02:00
materus 3dc734957e waffentrager: updates to use ldap and postgres, fix samba characters 2024-07-22 15:31:57 +02:00
materus f833382298 materusPC: use qcow2 again 2024-07-13 23:53:37 +02:00
materus 94db4c8851 waffentrager: lldap changes 2024-07-13 20:11:06 +02:00
materus ffa133d894 waffentrager: lldap use postgresql 2024-07-13 19:02:17 +02:00
materus 7abe845c5a waffentrager: config lldap 2024-07-13 15:44:07 +02:00
materus 6a1700f0b7 waffentrager: samba and syncthing 2024-07-12 15:53:54 +02:00
materus c8cbb1f2f9 scripts: convert: another change of command 2024-07-12 11:51:46 +02:00
materus afbe226504 valkyrie: dcbot changes 2024-07-12 01:54:56 +02:00
materus 3403a4cb3b materusPC: ffmpegthumbs 2024-07-12 01:28:51 +02:00
materus 672349895d waffentrager: nextcloud add formats for thumbnail 2024-07-12 01:28:33 +02:00
materus 30ca179cb2 valkyrie: dcbot change 2024-07-12 01:28:06 +02:00
materus 2c27517ab1 waffentrager: disable samba ad 2024-07-09 23:45:39 +02:00
materus 5de90edd9c flake: update lock 2024-07-09 23:45:21 +02:00
materus e0394f866c scripts: convert: change convert command 2024-07-09 20:49:32 +02:00
materus 3ec62e702a materusPC: move container config, add vulkan headers, add image convert script 2024-07-09 14:10:48 +02:00
materus 026b04add6 materusPC: vscodium env update llvm and add xmake 2024-07-03 15:48:36 +02:00
materus 711b0a7860 configurations: disable default gamescope setcap for steam 2024-07-03 14:43:54 +02:00
materus a3b69adbdd flake: update lock 2024-07-03 14:43:24 +02:00
materus 0040f1d23e materusPC: add vlc, change ffmpeg and obs 2024-06-25 16:28:50 +02:00
materus 33d7f92b92 flake: update lock 2024-06-25 16:28:24 +02:00
materus f122625e71 materusPC: fix tmp.nix 2024-06-17 13:50:07 +02:00
materus d9c5af566b waffentrager: update nextcloud 2024-06-17 13:41:18 +02:00
materus 7d90f5f210 flake: updates to 24.05 2024-06-17 13:09:58 +02:00
materus 636eb2a8e6 flake: update lock, Old-materusPC: brave settings 2024-06-16 13:23:48 +02:00
materus b4cafcfe3a configurations: updates 2024-05-20 15:40:24 +02:00
materus a8fc766902 flake: update lock 2024-05-20 15:40:00 +02:00
materus c04f1f41fd materusPC: fix for reattach performance issue 2024-05-20 15:39:47 +02:00
materus ab43f858ea materusPC: ssh changes, vm changes, steam changes 2024-05-10 18:12:05 +02:00
materus f4dd3ab0ac materusPC: brave desktop file 2024-05-06 13:12:12 +02:00
materus c4beb9542b Old-materusPC: portal settings 2024-05-02 20:20:37 +02:00
materus 143a8ef419 flake: update lock, Old-materusPC: wayland changes 2024-05-02 18:33:26 +02:00
materus 3abec20d7f waffentrager, valkyrie: change wg port 2024-05-02 12:16:55 +02:00
materus 7d42994f21 Old-materusPC: use nvidia gpu for steam and browser 2024-05-02 10:15:29 +02:00
materus cff5051f75 Old-materusPC: network and audio update 2024-05-02 08:50:39 +02:00
materus e901f042fb flake: update lock, update things to new lock 2024-05-01 12:38:15 +02:00
materus 400dadba7f materusPC: more vm tuning 2024-04-22 15:33:31 +02:00
materus c6cdd9d8af materusPC: Window VM changes 2024-04-22 11:33:57 +02:00
materus fd3599f7f3 materusPC & Old-materusPC: set "/materus" as needed for boot to fix sops 2024-04-19 19:54:06 +02:00
materus d90b32d282 home-profile: add desktop packages 2024-04-19 18:30:42 +02:00
materus d6a451b6c5 materusPC: add wireguard config to networkmanager 2024-04-19 18:28:40 +02:00
materus f19a1bd613 materusPC: import apps.nix 2024-04-19 18:28:22 +02:00
materus be955fe3ca materusPC: fix kde after flake update 2024-04-19 18:27:59 +02:00
materus 7fabda1305 os-config: change steam tbb pkg 2024-04-19 18:27:36 +02:00
materus 15d193b2eb flake: update lock 2024-04-19 18:27:17 +02:00
materus 3fd49d452b materusPC: add apps.nix 2024-04-19 18:27:05 +02:00
materus 2959e10532 waffentrager: remove cert 2024-04-19 17:21:22 +02:00
materus 5d9c165df4 waffentrager: samba change dirs 2024-04-12 11:49:25 +02:00
materus afac05dad3 waffentrager: samba changes 2024-04-12 09:56:47 +02:00
materus d4125a7370 waffentrager: prepare samba DC 2024-04-12 01:38:50 +02:00
materus 98c975c430 os-config: wireguard settings 2024-04-11 22:12:03 +02:00
materus 6050896298 materusPC: change x11 options 2024-04-11 18:44:03 +02:00
materus 80e17cc9f4 waffentrager: add restart to nginx 2024-04-11 18:43:38 +02:00
materus b2d466a450 valkyrie: add links 2024-04-11 18:42:30 +02:00
materus a49963bb5c materusPC: disable emacs 2024-04-09 11:12:09 +02:00
materus c022070323 materusPC: change boot settings 2024-04-06 18:51:08 +02:00
materus 353bc71e19 os-config: remove setfont from zsh 2024-04-06 18:50:52 +02:00
materus b014b62c60 os-config: make default console config 2024-04-06 18:28:17 +02:00
materus 778fcb1b9d os-config: add zsh to "environment.shells" 2024-04-06 15:20:44 +02:00
materus 4cd531103a os-config: set zsh as default shell for users 2024-04-06 15:10:57 +02:00
materus f374e1a698 materusPC: console change font to full path 2024-04-06 14:23:59 +02:00
materus a0a81309cb materusPC: change console settings 2024-04-06 14:10:24 +02:00
materus 5fc7a32788 valkyrie: reorder links 2024-04-06 09:24:02 +02:00
materus 214c293128 valkyrie: slice archive timer to 3 units 2024-04-06 09:21:05 +02:00
materus cb5feba4a0 valkyrie: change links order 2024-04-06 03:17:29 +02:00
materus 7a2306bbd8 valkyrie: fix name 2024-04-06 03:14:41 +02:00
materus b28248d90f valkyrie: add links for webarchive 2024-04-06 02:39:27 +02:00
materus b28f17bc1c valkyrie: add links for webarchive 2024-04-06 02:17:06 +02:00
materus 563278d09a valkyrie: add links for webarchive 2024-04-06 01:43:21 +02:00
materus ebd32b675e valkyrie: add links for webarchive 2024-04-06 01:42:56 +02:00
materus 5da0de61a1 valkyrie: add web archive and steamladder curl request timer 2024-04-06 01:32:24 +02:00
materus f4107f214a home-profile: init tmux config 2024-04-05 23:02:26 +02:00
materus 575c698aa1 hosts: use zsh for materus user 2024-04-05 22:41:31 +02:00
materus 860c28efad waffentrager: fix auth 2024-04-05 22:41:05 +02:00
materus b4e3c7cea3 home-profile: change emacs package and font. materusPC: enable emacs 2024-04-05 21:57:37 +02:00
materus 38eafec797 valkyrie: increase dc bot playlist limit 2024-04-05 21:57:02 +02:00
materus 6870263c6a flake: update lock 2024-04-05 21:56:31 +02:00
materus 2cfdcf34bb valkyrie: change muse bot to evobot 2024-04-03 18:02:23 +02:00
materus b6ce980d0d valkyrie: change muse bot to evobot 2024-04-03 17:54:07 +02:00
materus 91c694193c valkyrie: add 404 error page 2024-04-03 14:28:48 +02:00
materus 75906dd151 flake: update lock 2024-04-03 11:08:59 +02:00
materus aff6076875 os-config: use brave as default browser 2024-04-03 11:08:02 +02:00
materus 6b5b53956b waffentrager: make auth emtpy 2024-04-03 10:52:20 +02:00
materus 12cba54eee materusPC: remove some comments 2024-04-03 10:45:17 +02:00
materus fe49e00096 materusPC: change materus shell to zsh, group formatting 2024-04-02 19:45:43 +02:00
materus b485f8a228 waffentrager: prepare auth service 2024-04-02 19:43:49 +02:00
materus 47c8d1c4ea home-profile & os-profile: zsh compinit changes 2024-04-01 22:52:49 +02:00
materus 0c31caf113 home-profile: updates 2024-04-01 22:14:27 +02:00
materus e4a320cbc8 home-profile: updates 2024-04-01 22:10:17 +02:00
materus fd039ff7cd home-profile: zsh remove starship option 2024-04-01 22:06:42 +02:00
materus e69a55340e home-profile: zsh and wezterm change 2024-04-01 21:57:25 +02:00
materus a19b5b9a3f home-profile: zsh ignore all hist dups 2024-04-01 21:15:32 +02:00
materus f0ae63d1b6 home-profile: change zsh keybind 2024-04-01 21:10:56 +02:00
materus 48e82bb70f os-profile: use hack instead firacode 2024-04-01 19:13:49 +02:00
materus 61ca7ef3bb home-profile: fix zsh propt if no env var 2024-03-31 23:52:36 +02:00
materus 62c24e24b8 home-profile: fix completion for zsh extract 2024-03-31 23:44:10 +02:00
materus 2a65700253 home-profile: changes to wezterm 2024-03-31 23:15:38 +02:00
materus eceae11a41 home-profile: changes to zsh and wezterm 2024-03-31 23:07:50 +02:00
materus b925022a9e home-profile: fix zsh config, fix type of wezterm option 2024-03-31 22:49:39 +02:00
materus ee7bcb1c0d home-profile: add extract plugin to zsh 2024-03-31 22:42:18 +02:00
materus a1eccd4d77 home-profile: move wezterm config to own file 2024-03-31 22:28:57 +02:00
materus 369ed384a4 home-profile: add "run" to emacs command 2024-03-31 22:09:15 +02:00
materus 8b1d9ff963 home-profile: init wezterm 2024-03-31 21:11:40 +02:00
materus e046b8878e home-profile: prepare for wezterm 2024-03-31 20:01:34 +02:00
materus 305c891d7d home-profile: zsh move colors check from zshenv 2024-03-31 19:03:36 +02:00
materus 6da0978779 home-profile: zsh add speedtest, use lib.getExe 2024-03-31 00:35:26 +01:00
materus e442af49ba home-profile: zsh add sudo plugin 2024-03-31 00:28:17 +01:00
materus cb65f9b455 Old-materusPC,materusPC: kde set XCURSOR_THEME 2024-03-30 23:21:37 +01:00
materus b299e40e3a home-profile: zsh change private mode 2024-03-30 21:23:50 +01:00
materus 8691fcd211 home-profile: zsh change colors detect 2024-03-30 21:10:34 +01:00
materus b91142f643 home-profile: zsh style changes 2 2024-03-30 20:58:11 +01:00
materus 8870c0e7e7 home-profile: zsh style changes 2024-03-30 20:44:41 +01:00
materus 9a18e2a37e Old-materusPC: ssh changes 2024-03-30 19:55:07 +01:00
materus 5f363c0709 Old-materusPC: add import of secrets 2024-03-30 19:52:14 +01:00
materus 9c09161f7b Old-materusPC: add import of secrets 2024-03-30 19:27:11 +01:00
materus 22bc3e753a Old-materusPC: init secrets 2024-03-30 19:22:46 +01:00
materus 6b9b5c42eb Old-materusPC: changes after reinstall 2024-03-30 18:58:33 +01:00
materus c8d584f8a4 configuration: prepare for browser changes 2024-03-30 15:41:52 +01:00
materus 1ccceb3415 configuration: clean, fix genHomes 2024-03-30 15:34:52 +01:00
materus 8f8ca90bba configuration: changes to browsers 2024-03-30 15:26:48 +01:00
materus 01c2d9809a home-profile: zsh change substring search 2024-03-30 00:32:38 +01:00
materus 9d791cf738 home-profile: zsh updates 2024-03-30 00:01:34 +01:00
materus 96c76e1578 Old-materusPC: update 2024-03-29 23:25:54 +01:00
materus 170cc0fc10 materusPC: xdg changes 2024-03-29 15:01:25 +01:00
materus 20683564ce materusPC: use wayland sddm 2024-03-29 14:51:39 +01:00
materus 8fda1956a1 home-config: add xdg.userDirs options 2024-03-28 22:49:38 +01:00
materus b20da0c854 waffentrager: postgres auth 2024-03-28 19:41:57 +01:00
materus 2deb047c86 materusPC: add hosts 2024-03-28 17:18:59 +01:00
materus 53566aa9e4 waffentrager: nextcloud php settings 2024-03-28 17:13:49 +01:00
materus 2c3ac41ee3 flake: update lock 2024-03-28 17:13:31 +01:00
materus 8ce0c144e5 configuration: changes 2024-03-27 11:23:52 +01:00
materus d1b0530596 waffentrager: nextcloud - edit preview formats 2024-03-26 20:14:37 +01:00
materus b08931075a materusPC: add webp support 2024-03-26 20:01:48 +01:00
materus 9dc390d1a4 waffentrager: nextcloud - add preview config 2024-03-26 15:29:45 +01:00
materus c2cac01772 waffentrager: nextcloud - enable profiles 2024-03-26 13:34:43 +01:00
materus 9329921cfb waffentrager: nextcloud - add config 2024-03-26 13:30:07 +01:00
materus 4d4157e63a waffentrager: nextcloud - add php extensions 2024-03-26 10:53:37 +01:00
materus f4e0d49672 waffentrager: postgresql - enable jit 2024-03-26 10:21:50 +01:00
materus f141ffaf89 waffentrager: nextcloud php settings 2024-03-26 10:21:34 +01:00
materus 382504ee53 waffentrager: add archivizers 2024-03-26 09:22:50 +01:00
materus 9242bc2a04 valkyrie: redirect change 2024-03-26 01:42:38 +01:00
materus e60d1a81f9 waffentrager: add nextcloud deps 2024-03-26 00:52:23 +01:00
materus 45d7f70792 waffentrager: allow iframe of gitea from nextcloud 2024-03-25 21:56:28 +01:00
materus f242dd700d waffentrager: add samba for nextcloud 2024-03-25 21:56:01 +01:00
materus f8b7da96a7 valkyrie: reverse proxy for nextcloud 2024-03-25 21:55:35 +01:00
materus f9d19b1d66 waffentrager: update gitea option 2024-03-25 20:13:18 +01:00
materus a9146bb628 waffentrager: add nextcloud, config: remove private inputs 2024-03-25 19:46:18 +01:00
materus cd78aabf19 Update README.md 2024-03-24 01:38:21 +01:00
materus 31cb2f4e65 valkyrie: nginx changes 2024-03-23 21:42:56 +01:00
materus d1cf546ac6 waffentrager: add gitea 2024-03-23 20:58:26 +01:00
materus 68e64038ff waffentrager: disable ssh root login 2024-03-23 17:56:09 +01:00
materus 4e0b7b6dd0 waffentrager: use nginx gid instead of uid 2024-03-23 16:36:22 +01:00
materus 3b285229d7 waffentrager: add acme mount from valkyrie 2024-03-23 16:18:53 +01:00
materus 597131aba4 waffentrager: add elements service description 2024-03-23 15:48:51 +01:00
materus 7c52e76348 valkyrie: add acme access for waffentrager 2024-03-23 15:39:15 +01:00
materus bc4d4750c0 valkyrie: move certs to sops file 2024-03-23 15:21:13 +01:00
materus b9397c8fd4 home-profile: restore old zsh settings name to work on stable 2024-03-23 15:21:05 +01:00
materus 78ee10572a configuration: update options to get rid of deprecation warnings 2024-03-23 14:02:51 +01:00
materus 0e985b318f waffentrager: postresql dir creation 2024-03-23 12:42:02 +01:00
materus d5ef421ebb waffentrager: postresql version 2024-03-23 12:39:23 +01:00
materus b700364ac1 waffentrager: changes to postgresql dir 2024-03-23 12:33:10 +01:00
materus d204976cce waffentrager: add postgresql 2024-03-23 11:45:10 +01:00
materus c47555fec7 waffentrager: add elements drive service 2024-03-23 02:30:39 +01:00
materus e9998e42c3 valkyrie: fix muse description 2024-03-23 01:49:03 +01:00
materus a66570226c Add muse bot to valkyrie 2024-03-22 20:12:00 +01:00
materus a76b42c3da valkyrie: move secrets 2024-03-22 00:00:20 +01:00
materus e17d19dcfd commond: change warning to assertion 2024-03-21 23:43:36 +01:00
materus 1c58fc1a2f crypt.sh: check git only before encrypt/decrypt 2024-03-21 23:36:48 +01:00
materus cdc41c3934 configurations: use home-manager module by default 2024-03-21 23:01:42 +01:00
materus bc40af000f waffentrager: import secrets 2024-03-21 19:36:19 +01:00
materus 8217fb3c80 flake: update lock 2024-03-21 19:33:18 +01:00
materus 15cf859638 waffentrager: add secrets 2024-03-21 19:30:54 +01:00
materus 114c2e93be Fix zsh prompt 2024-03-21 18:55:50 +01:00
materus fe55b38bf9 Change usage of mkForce 2024-03-17 10:25:09 +01:00
materus 14349441ac materusPC: updates to work on unstable 2024-03-16 19:24:04 +01:00
materus bec5c7e764 flake: update lock 2024-03-16 19:23:25 +01:00
materus 4e9a593443 materusPC: fixes for plasma 6 2024-03-11 16:46:48 +01:00
materus 04ad6ac1cd code: nixpkgs-fmt to format code 2024-03-11 16:19:31 +01:00
materus 8ecb892244 common: change remove rnix-lsp, add nil and nixpkgs-fmt, move nix default package to common 2024-03-11 16:15:04 +01:00
materus c88c7c029a flake: update lock 2024-03-11 15:36:12 +01:00
materus 990e23c0af Merge branch 'master' of github.com:materusPL/nixos-config 2024-03-11 15:34:41 +01:00
materus c48c02593f materusPC: add rustup again 2024-03-11 15:33:14 +01:00
materus b76733543c Old-materusPC: home, disable emacs 2024-03-09 19:33:08 +01:00
materus 59b65b3dd6 Old-materusPC: add git-crypt 2024-03-09 19:32:51 +01:00
materus 205ab654f3 flake: update lock 2024-03-09 19:17:31 +01:00
materus 130fbaddb4 Revert "materusPC: add rustup to vscodium"
This reverts commit 60542cf0c9.
2024-03-07 12:15:23 +01:00
materus 60542cf0c9 materusPC: add rustup to vscodium 2024-03-07 11:43:15 +01:00
materus dee6533fd1 materusPC: add audio plugins 2024-03-05 13:36:20 +01:00
materus 53ef892a5b materusPC: change audio settings 2024-03-05 13:25:01 +01:00
materus 2cd1ceb0b9 materusPC: kde changes 2024-03-05 12:46:35 +01:00
materus 98129881a1 config: add flake registry option 2024-03-05 12:46:21 +01:00
materus c9e496d80c flake: update lock 2024-03-05 12:45:46 +01:00
materus f9182a61b8 materusPC: change to plasma6 2024-03-04 12:33:48 +01:00
materus 81d7fdfec1 crypt.sh: add delete and create file func 2024-03-03 13:20:02 +01:00
materus 24885efdb4 materusPC: use gnome3 pinentry 2024-03-03 13:19:40 +01:00
materus 8293c9ff44 hosts: add hostPath; home: add homePath 2024-03-03 02:50:46 +01:00
materus 41114f4960 fix typo 2024-03-03 01:24:55 +01:00
materus e702504dee git-crypt: more tests 2024-03-03 01:23:53 +01:00
materus deaa785e1f git-crypt: add simple script to unlock repo 2024-03-03 00:55:45 +01:00
materus 3e93bbfd82 materusPC: add git-crypt to all users 2024-03-03 00:31:40 +01:00
materus e449ce8c56 git-cryp: test 2024-03-03 00:26:24 +01:00
materus cf78dd369e materusPC: secrets test 2024-03-03 00:03:02 +01:00
materus 36e1db6cb1 materusPC: secrets 2024-03-02 23:34:32 +01:00
materus 2af5e3f2a3 materusPC: add git-crypt to home 2024-03-02 22:50:52 +01:00
materus 960ee6fee6 git-crypt: test 2024-03-02 22:41:06 +01:00
materus ad67342e5d Add 1 git-crypt collaborator
New collaborators:

	B75B790D Mateusz "materus" Słodkowicz (materus.pl) <materus@podkos.pl>
2024-03-02 22:39:35 +01:00
materus e8a91e22b6 git-crypt: attributes 2024-03-02 22:38:39 +01:00
materus 8218e3e8cb materusPC: prepare sops 2024-03-02 22:36:43 +01:00
materus c5a5265557 flake: update lock; change all configInputs.inputs to configInputs 2024-03-02 19:51:38 +01:00
materus a7ad639465 flake: update lock; materusPC: remove useless caps config, change sddm to x11 2024-03-02 19:43:32 +01:00
materus 547fd5165c zsh: update 2024-02-26 01:23:15 +01:00
materus 88bdef3961 config: add check if home-manager 2024-02-25 22:30:13 +01:00
materus 64e8520dbd Revert "config: add check if home-manager"
This reverts commit 1b6e1b5d58.
2024-02-25 22:21:11 +01:00
materus 1b6e1b5d58 config: add check if home-manager 2024-02-25 22:07:53 +01:00
materus c1f9da7b40 config: add materusArg module 2024-02-25 18:51:56 +01:00
materus f0d5df9cca flake: update, config: code cleaning 2024-02-25 18:25:39 +01:00
materus 011ceddcb5 flake: update lock 2024-02-23 01:26:47 +01:00
materus 0ea4fac018 remove args, disable emacs, change jdk 2024-02-23 01:19:54 +01:00
materus 59e69924bb update 2024-02-10 12:29:42 +01:00
materus 44dc207b5b config update 2023-12-22 11:53:49 +01:00
materus 4198f3d2d9 configurations: update 2023-11-20 14:14:23 +01:00
materus 32c47479b1 emacs: create one config file 2023-11-15 00:07:16 +01:00
materus cf3a2d98c7 update lock and emacs 2023-11-14 23:25:05 +01:00
materus cf0c1a685e configuration: changes to emacs and others 2023-11-13 00:44:03 +01:00
materus c0cd2a0f19 configurations: update 2023-11-08 10:46:45 +01:00
materus a6c581ee04 emacs: update 2023-11-05 11:59:54 +01:00
materus 4dde3a0e00 .gitignore 2023-11-05 00:16:44 +01:00
materus cc175120b5 emacs: remove evil, add .gitignore 2023-11-04 16:44:02 +01:00
materus dd8779a2e4 emacs: changes to config 2023-11-04 10:50:50 +01:00
materus 1bd2fc3ae1 flake: update lock, change to home-manager stable flake 2023-11-03 16:07:18 +01:00
materus c999f5581d Old-materusPC: Move config of old PC here 2023-11-03 16:06:37 +01:00
materus da1a963d51 configurations: update 2023-10-31 14:40:57 +01:00
materus 54fde216c1 valkyrie: resolved adguard problems, go back to adguard instead of pihole 2023-10-29 01:17:48 +02:00
materus 12926bd6a1 flake: update lock 2023-10-29 01:16:55 +02:00
materus 8896ae977e configurations: add waffentrager host 2023-10-27 19:04:55 +02:00
materus f2c82ea93f configurations: formatting and some cleaning 2023-10-27 17:00:26 +02:00
materus 0ac720823c Create README.md 2023-10-27 14:52:21 +02:00
materus 203a6d868a remove pointless flake 2023-10-27 14:03:09 +02:00
materus 2f0a613381 configurations: Add stable nixpkgs for other hosts, use one Arg 2023-10-27 14:01:54 +02:00
materus 154d850e49 configurations: formatting 2023-10-27 12:30:38 +02:00
materus 1bbf628ea9 configurations: update emacs conf 2023-10-25 19:28:25 +02:00
materus 614dea0e57 configurations: update 2023-10-25 15:34:43 +02:00
materus fbcd102ea1 configurations: update 2023-10-25 00:06:20 +02:00
materus 6e78af6852 flake: update lock 2023-10-25 00:06:05 +02:00
materus 1b234d065d configurations: update 2023-10-20 23:29:09 +02:00
materus 1c7efbba8d valkyrie: change adguard to pihole 2023-10-20 23:28:59 +02:00
materus e7e17d4e39 flake: update lock 2023-10-20 23:28:10 +02:00
materus 736d751962 configurations: update 2023-10-14 15:01:22 +02:00
materus 609f9252dc configurations: update 2023-10-14 14:40:37 +02:00
materus 08819b8107 flake: update configInputs 2023-10-08 16:38:42 +02:00
materus ef9fa061e6 update flake 2023-10-08 16:32:38 +02:00
materus f25e201e50 inputs 2023-10-08 16:12:00 +02:00
materus bf276c349f Init commit 2023-10-08 11:42:08 +02:00
173 changed files with 7612 additions and 3234 deletions
-1
View File
@@ -1,3 +1,2 @@
\#*\#
.vscode
.theia
+21
View File
@@ -0,0 +1,21 @@
#+TITLE: nixos-config
#+AUTHOR: materus
#+DESCRIPTION: NixOS config and dotfiles
#+OPTIONS: \n:t
My NixOS and home-manager configs.
Dotfiles and helper scripts.
Part of it is encrypted by git-crypt, mostly just ips and names. Secrets are managed by sops.
* Hosts
[[./configurations/host/materusPC/][materusPC]] - my main PC
[[./configurations/host/Old-materusPC/][Old-materusPC]] - my old PC, barely used
[[./configurations/host/flamaster/][flamaster]] - my laptop, used mostly as server for games.
[[./configurations/host/valkyrie/][valkyrie]] - VPS, my website and pleroma instance
[[./configurations/host/waffentrager/][waffentrager]] - raspberry pi4, home server
-2
View File
@@ -1,2 +0,0 @@
MATERUS = {}
require("materus")
-32
View File
@@ -1,32 +0,0 @@
vim.opt.number = true
vim.opt.expandtab = true
vim.opt.cursorline = true
vim.opt.shiftwidth = 2
vim.opt.softtabstop = 2
vim.opt.tabstop = 2
vim.opt.clipboard:append { 'unnamed', 'unnamedplus' }
--vim.g.cord_defer_startup = true
vim.pack.add({
"https://github.com/nvim-lua/plenary.nvim",
"https://github.com/muniftanjim/nui.nvim",
"https://github.com/nvim-tree/nvim-web-devicons",
"https://github.com/lewis6991/gitsigns.nvim",
"https://github.com/mofiqul/dracula.nvim",
"https://github.com/hrsh7th/nvim-cmp",
"https://github.com/neovim/nvim-lspconfig",
"https://github.com/stevearc/oil.nvim",
"https://github.com/nvim-mini/mini.icons",
"https://github.com/nvim-neo-tree/neo-tree.nvim",
"https://github.com/romgrk/barbar.nvim",
"https://github.com/nvim-telescope/telescope.nvim",
"https://github.com/lambdalisue/vim-suda",
"https://github.com/dstein64/nvim-scrollview",
"https://github.com/vyfor/cord.nvim"
})
vim.cmd.colorscheme("dracula")
if vim.fn.executable("tree-sitter") == 1 and MATERUS.NIXOS ~= 1 then
end
-6
View File
@@ -1,6 +0,0 @@
__HOME_ZPROFILE_SOURCED=1
[[ -f "$ZSH_DATA_DIR/nix_profile.sh" ]] && source "$ZSH_DATA_DIR/nix_profile.sh"
[[ -f "/etc/profile" ]] && emulate sh -c "source /etc/profile"
[[ -f "~/.profile" ]] && emulate sh -c "source ~/.profile"
-141
View File
@@ -1,141 +0,0 @@
__HOME_ZSHRC_SOURCED=1
if [[ -r "${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-${(%):-%n}.zsh" ]]; then
source "${XDG_CACHE_HOME:-$HOME/.cache}/p10k-instant-prompt-${(%):-%n}.zsh"
fi
bindkey -e
if [ -n "$EAT_SHELL_INTEGRATION_DIR" ]; then
source "$EAT_SHELL_INTEGRATION_DIR/zsh";
fi
#Check if terminal is fullcolor
if zmodload zsh/terminfo && (( "$terminfo[colors]" >= "256" )); then
__MATERUS_ZSH_256COLORS="${__MATERUS_ZSH_256COLORS:-1}"; else
__MATERUS_ZSH_256COLORS="${__MATERUS_ZSH_256COLORS:-0}";
fi
#MSYS
if [[ "$(uname -s)" =~ ^MSYS_NT.* ]]; then
#Use windows symlink instead copy
MSYS=winsymlinks:nativestrict
fi
#region Plugins
# Clone plugins if not exists
[ -d $ZSH_DATA_DIR/plugins/powerlevel10k ] || git clone https://github.com/romkatv/powerlevel10k $ZSH_DATA_DIR/plugins/powerlevel10k
[ -d $ZSH_DATA_DIR/plugins/zsh-syntax-highlighting ] || git clone https://github.com/zsh-users/zsh-syntax-highlighting.git $ZSH_DATA_DIR/plugins/zsh-syntax-highlighting
[ -d $ZSH_DATA_DIR/plugins/zsh-history-substring-search ] || git clone https://github.com/zsh-users/zsh-history-substring-search.git $ZSH_DATA_DIR/plugins/zsh-history-substring-search
[ -d $ZSH_DATA_DIR/plugins/zsh-autosuggestions ] || git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_DATA_DIR/plugins/zsh-autosuggestions
source ${ZSH_DATA_DIR}/plugins/powerlevel10k/powerlevel10k.zsh-theme
source ${ZSH_DATA_DIR}/plugins/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh
source ${ZSH_DATA_DIR}/plugins/zsh-history-substring-search/zsh-history-substring-search.zsh
source ${ZSH_DATA_DIR}/plugins/zsh-autosuggestions/zsh-autosuggestions.zsh
#endregion
#region SUBSTRING SEARCH
history-substring-search-up-prefixed(){
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-up
}
history-substring-search-down-prefixed(){
HISTORY_SUBSTRING_SEARCH_PREFIXED=1 history-substring-search-down
}
zle -N history-substring-search-up-prefixed
zle -N history-substring-search-down-prefixed
#endregion
#region Init Variables
export SAVEHIST=100000
export HISTSIZE=$SAVEHIST
export ZSH_PRIVATE=${ZSH_PRIVATE:-0}
mkdir -p $ZSH_DATA_DIR
mkdir -p $ZSH_DATA_DIR/plugins
# Load config generated by nix
[[ -f "$ZSH_DATA_DIR/nix.sh" ]] && source "$ZSH_DATA_DIR/nix.sh"
setopt HIST_SAVE_NO_DUPS
setopt HIST_IGNORE_SPACE
setopt HIST_IGNORE_DUPS
setopt HIST_IGNORE_ALL_DUPS
setopt EXTENDED_HISTORY
# Private history mode
if [[ $ZSH_PRIVATE == 1 ]] then
export HISTFILE="/dev/null";
unsetopt SHARE_HISTORY;
else
export HISTFILE="$ZSH_DATA_DIR/zsh_history";
setopt SHARE_HISTORY;
fi
#endregion
#region Bindings
source ${ZSH_CONFIG_DIR}/extra/zinputrc
bindkey -r "^["
bindkey "^[[1;5C" forward-word
bindkey "^[[1;5D" backward-word
bindkey "^[[1;5A" history-substring-search-up-prefixed
bindkey "^[[1;5B" history-substring-search-down-prefixed
bindkey "$key[Up]" history-substring-search-up
bindkey "$key[Down]" history-substring-search-down
bindkey '^[[3~' delete-char
bindkey '^[[3;2~' delete-word
#endregion
#region Completions
ZSH_COMPDIR="${ZSH_COMPDIR:-${XDG_CACHE_HOME:-${HOME}/.cache}/zsh}"
ZSH_COMPDUMP="${ZSH_COMPDUMP:-${ZSH_COMPDIR}/.zcompdump-${HOST}-${ZSH_VERSION}}"
if [[ ! -d ${ZSH_COMPDIR} ]]; then
command mkdir -p "${ZSH_COMPDIR}"
fi
autoload -U compinit && compinit -d $ZSH_COMPDUMP
source ${ZSH_CONFIG_DIR}/extra/zshcompletion.zsh
#endregion
#region Functions
zsh-private() {
ZSH_PRIVATE=1 zsh
}
myip() {
wget -qO- https://wtfismyip.com/text
}
speedtest() {
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python3
}
#endregion
#region Aliases
if [[ "$TERM" = "xterm-kitty" ]]; then
alias ssh="kitty +kitten ssh"
fi
if [[ $(whence -p "nvim") ]]; then
EDITOR="${EDITOR:-nvim}"
alias vim="nvim"
alias vi="nvim"
alias vimdiff="nvim -d"
fi
if [[ $(whence -p "eza") ]]; then
alias l="eza -lahg --color=auto --hyperlink"
alias ll="eza -alF --color=auto --hyperlink"
alias ls="eza --color=auto"
else
alias l="ls -lah --color=auto"
alias ll="ls -alF --color=auto"
alias ls="ls --color=auto"
fi
#endregion
if [[ "$__MATERUS_ZSH_256COLORS" = "1" ]] ; then [[ ! -f ${ZSH_CONFIG_DIR}/p10kcfg/fullcolor.zsh ]] || source ${ZSH_CONFIG_DIR}/p10kcfg/fullcolor.zsh;
else [[ ! -f ${ZSH_CONFIG_DIR}/p10kcfg/compatibility.zsh ]] || source ${ZSH_CONFIG_DIR}/p10kcfg/compatibility.zsh;
fi
-6
View File
@@ -1,6 +0,0 @@
#TODO: Set ZDOTDIR based on MKK_CONFIG_PATH
__HOME_ZSHENV_SOURCED=1
ZDOTDIR=${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/cfg
ZSH_DATA_DIR="${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/data"
ZSH_CONFIG_DIR="${XDG_CONFIG_HOME:-"$HOME/.config"}/zsh/cfg"
setopt no_global_rcs
-9
View File
@@ -1,9 +0,0 @@
local wezterm = require 'wezterm'
local config = wezterm.config_builder()
-- config.color_scheme = 'Duotone Dark'
config.enable_scroll_bar = true
config.scrollback_lines = 50000
return config
-12
View File
@@ -1,12 +0,0 @@
set -g history-limit 50000
set -g display-time 4000
set -g status-interval 5
set -g default-terminal "screen-256color"
set -g status-keys emacs
set -g focus-events on
setw -g aggressive-resize on
setw -g mouse on
setw -g clock-mode-style 24
set -ga terminal-overrides ',xterm*:smcup@:rmcup@'
set -g allow-passthrough on
+363
View File
@@ -0,0 +1,363 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
materusCfg,
materusArg,
...
}:
let
unstable = import materusCfg.materusFlake.inputs.nixpkgs {
system = "x86_64-linux";
config = {
allowUnfree = true;
nvidia.acceptLicense = true;
};
};
in
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./network.nix
];
boot.supportedFilesystems = [ "ntfs" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.auto-optimise-store = true;
nix.settings.substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
nix.settings.trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
nixpkgs.config.allowUnfree = true;
# Use the systemd-boot EFI boot loader.
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
gfxmodeEfi = "1920x1080";
gfxmodeBios = "1920x1080";
useOSProber = true;
};
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.kernelPackages = unstable.linuxPackages_zen;
boot.tmp.useTmpfs = true;
services.flatpak.enable = true;
services.gvfs.enable = true;
programs.kdeconnect.enable = true;
# Set your time zone.
time.timeZone = "Europe/Warsaw";
services.syncthing = {
enable = true;
user = "materus";
dataDir = "/home/materus";
};
services.fstrim = {
enable = true;
interval = "weekly";
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "pl_PL.UTF-8";
console = {
font = "lat2-16";
# keyMap = "pl";
useXkbConfig = true; # use xkbOptions in tty.
};
hardware.bluetooth.enable = true;
# Enable the X11 windowing system.
services.xserver.enable = true;
hardware.opengl.enable = true;
hardware.opengl.driSupport32Bit = true;
materus.profile.steam.enable = false;
# Configure keymap in X11
services.xserver.xkb.layout = "pl";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
#sound.enable = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
systemWide = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
};
hardware.pulseaudio.enable = false;
services.udev = {
extraRules = ''
KERNEL=="rtc0", GROUP="audio"
KERNEL=="hpet", GROUP="audio"
DEVPATH=="/devices/virtual/misc/cpu_dma_latency", OWNER="root", GROUP="audio", MODE="0660"
'';
};
virtualisation.podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
};
users.users.materus = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"kvm"
"input"
"libvirt"
"libvirtd"
"podman"
"audio"
"pipewire"
];
shell = pkgs.zsh;
description = "Mateusz Słodkowicz";
};
virtualisation.libvirtd = {
enable = true;
onBoot = "ignore";
onShutdown = "shutdown";
qemu.ovmf.enable = true;
qemu.ovmf.packages = [ pkgs.OVMFFull.fd ];
qemu.runAsRoot = true;
qemu.swtpm.enable = true;
qemu.package = pkgs.qemu_full;
};
environment.sessionVariables = rec {
XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_DATA_HOME = "\${HOME}/.local/share";
#SSH_ASKPASS_REQUIRE = "prefer";
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";
MOZ_USE_XINPUT2 = "1";
PATH = [ "\${XDG_BIN_HOME}" ];
};
environment.shellInit = ''
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:root &> /dev/null; fi;
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:$USER &> /dev/null; fi;
'';
# List packages installed in system profile. To search, run:
# $ nix search wget
i18n.inputMethod.enabled = "fcitx5";
i18n.inputMethod.fcitx5.addons = [
pkgs.fcitx5-configtool
pkgs.fcitx5-lua
pkgs.fcitx5-mozc
pkgs.libsForQt5.fcitx5-qt
];
environment.systemPackages = with pkgs; [
(vivaldi.overrideAttrs
(oldAttrs: {
dontWrapQtApps = false;
dontPatchELF = true;
nativeBuildInputs = oldAttrs.nativeBuildInputs ++ [pkgs.kdePackages.wrapQtAppsHook];
}))
brave
glibc
patchelf
vim
wget
killall
xorg.xkill
xorg.xhost
nix-top
gitFull
curl
jdk
nss_latest
(aspellWithDicts (
ds: with ds; [
en
en-computers
en-science
pl
]
))
distrobox
p7zip
unrar
bzip2
rar
unzip
zstd
xz
zip
gzip
sops
tree
mc
lf
htop
nmon
iftop
iptraf-ng
mprocs
nix-du
git-crypt
wineWowPackages.stagingFull
winetricks
protontricks
openal
gnupg
ncurses
monkeysphere
gparted
inkscape
gimp
virt-manager
libguestfs
bubblewrap
bindfs
pulseaudio
binutils
];
fonts.fontDir.enable = true;
fonts.enableDefaultPackages = true;
fonts.packages = with pkgs; [
dejavu_fonts
hack-font
noto-fonts
noto-fonts-extra
noto-fonts-emoji
noto-fonts-cjk-sans
noto-fonts-cjk-serif
ubuntu_font_family
wqy_zenhei
monocraft
nerd-fonts.fira-code
nerd-fonts.droid-sans-mono
nerd-fonts.meslo-lg
nerd-fonts.profont
];
fonts.fontconfig.enable = true;
fonts.fontconfig.cache32Bit = true;
fonts.fontconfig.defaultFonts.sansSerif = [
"Noto Sans"
"DejaVu Sans"
"WenQuanYi Zen Hei"
"Noto Color Emoji"
];
fonts.fontconfig.defaultFonts.serif = [
"Noto Serif"
"DejaVu Serif"
"WenQuanYi Zen Hei"
"Noto Color Emoji"
];
fonts.fontconfig.defaultFonts.emoji = [
"Noto Color Emoji"
"OpenMoji Color"
];
fonts.fontconfig.defaultFonts.monospace = [
"Hack Nerd Font"
"Noto Sans Mono"
"WenQuanYi Zen Hei Mono"
];
environment.enableAllTerminfo = true;
environment.pathsToLink = [ "/share/zsh" ];
environment.shells = with pkgs; [ zsh ];
programs = {
steam = {
enable = false;
dedicatedServer.openFirewall = true;
remotePlay.openFirewall = true;
};
fish.enable = true;
java.enable = true;
java.package = pkgs.graalvmPackages.graalvm-oracle;
command-not-found.enable = false;
dconf.enable = true;
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
services.pcscd.enable = true;
/*
systemd.user.services.gpg-agent.serviceConfig.ExecStart = [
""
''
${pkgs.gnupg}/bin/gpg-agent --supervised \
--pinentry-program ${pkgs.kwalletcli}/bin/pinentry-kwallet
''
];
*/
programs.gnupg.agent = {
enable = true;
enableSSHSupport = false;
enableBrowserSocket = true;
};
programs.ssh.startAgent = true;
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
system.copySystemConfiguration = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}
@@ -0,0 +1,13 @@
{ config, pkgs, lib, ... }:
{
imports =
[
./secrets
./configuration.nix
./nvidia.nix
./plasma.nix
];
}
@@ -0,0 +1,152 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [
"kvm-intel"
"vfio-pci"
];
boot.extraModulePackages = [ ];
boot.kernel.sysctl = {
"vm.swappiness" = 10;
};
boot.kernelParams = [
"ibt=off"
"intel_iommu=on"
"iommu=pt"
"pcie_acs_override=downstream,multifunction"
];
fileSystems."/" = {
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [
"subvol=@"
"noatime"
"ssd"
"space_cache=v2"
];
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [
"subvol=@boot"
"ssd"
];
};
fileSystems."/materus" = {
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [
"subvol=@materus"
"noatime"
"compress=zstd"
"ssd"
"space_cache=v2"
];
neededForBoot = true;
};
fileSystems."/nix" = {
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [
"subvol=@nix"
"noatime"
"compress=zstd"
"ssd"
"space_cache=v2"
];
};
fileSystems."/home" = {
device = "/dev/disk/by-label/NixOS_Home";
fsType = "btrfs";
options = [
"subvol=@home"
"nossd"
"noatime"
"compress=zstd"
"space_cache=v2"
"autodefrag"
];
};
fileSystems."/materus/data" = {
device = "/dev/disk/by-label/NixOS_Home";
fsType = "btrfs";
options = [
"subvol=@data"
"nossd"
"noatime"
"compress=zstd"
"space_cache=v2"
"autodefrag"
];
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/A5C2-31D1";
fsType = "vfat";
};
zramSwap = {
enable = true;
memoryPercent = 50;
priority = 10;
};
swapDevices = [
{
device = "/var/lib/swapfile";
size = 32 * 1024;
priority = 5;
}
{
device = "/dev/disk/by-label/NixOS_Swap";
priority = 0;
}
];
fileSystems."/etc/nixos" = {
device = "/materus/config/nixos-config";
fsType = "none";
options = [ "bind" ];
depends = [ "/materus" ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkForce true;
}
@@ -0,0 +1,161 @@
{ config, pkgs, materusArg, materusCfg, lib, ... }:
{
home.stateVersion = "22.11";
home.homeDirectory = "/home/materus";
programs.wezterm.enable = true;
programs.git = {
userEmail = "materus@podkos.pl";
userName = "materus";
signing.signByDefault = true;
signing.key = "${materusArg.cfg.path}/extraFiles/keys/ssh/materus.pub";
extraConfig = {
commit.gpgsign = true;
gpg.format = "ssh";
};
};
programs.vscode.userSettings = {
"vscord.app.name" = "VSCodium";
"window.dialogStyle" = "custom";
"window.titleBarStyle" = "custom";
"editor.fontFamily" = "'Hack Nerd Font', 'monospace', monospace";
"workbench.colorTheme" = "Dracula Theme";
"workbench.productIconTheme" = "material-product-icons";
"workbench.iconTheme" = "material-icon-theme";
"d.aggressiveUpdate" = false;
"d.servedPath" = "${pkgs.serve-d}/bin/serve-d";
"direnv.path.executable" = "${pkgs.direnv}/bin/direnv";
"nix.enableLanguageServer" = true;
"nix.serverPath" = "${pkgs.nixd}/bin/nixd";
"nix.formatterPath" = "${pkgs.nixfmt-rfc-style}/bin/nixfmt";
"C_Cpp.clang_format_path" = "${pkgs.clang-tools}/bin/clang-format";
"C_Cpp.clang_format_fallbackStyle" = "Microsoft";
"clang-tidy.executable" = "${pkgs.clang-tools}/bin/clang-tidy";
"typescript.tsserver.maxTsServerMemory" = 1024 * 8;
"typescript.tsserver.nodePath"= lib.mkDefault "${pkgs.nodejs}/bin/node";
"python.defaultInterpreterPath" = "${pkgs.python3Full}/bin/python";
"[cpp]" = {
"editor.defaultFormatter" = "xaver.clang-format";
};
};
materus.profile = {
fonts.enable = lib.mkDefault true;
nixpkgs.enable = lib.mkDefault false;
enableDesktop = lib.mkDefault true;
enableTerminal = lib.mkDefault true;
enableTerminalExtra = lib.mkDefault true;
enableNixDevel = lib.mkDefault true;
editor.code.fhs.enable = false;
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in [
llvmpkgs.clang
llvmpkgs.llvm
llvmpkgs.bintools
llvmpkgs.lld
llvmpkgs.lldb
llvmpkgs.libllvm
llvmpkgs.libllvm.dev
gcc
gdb
cmake
gnumake
ninja
binutils
coreutils
util-linux
dotnet-sdk_8
mono
mold
python3
lua
gtk4.dev
gtk4
miniaudio
SDL2.dev
SDL2
freeglut.dev
freeglut
boost.dev
boost
glew.dev
libGL.dev
libGLU.dev
vulkan-loader.dev
jdk
ldc
dmd
dub
]);
editor.emacs.enable = true;
};
xdg.desktopEntries.brave-browser =
let
env = lib.concatStringsSep " " [
''__NV_PRIME_RENDER_OFFLOAD="1"''
''__NV_PRIME_RENDER_OFFLOAD_PROVIDER="NVIDIA-G0"''
''__GLX_VENDOR_LIBRARY_NAME="nvidia"''
''__VK_LAYER_NV_optimus="NVIDIA_only"''
''NIXOS_OZONE_WL="1"''
];
script = pkgs.writeShellScript "brave" ''
${env} brave "$@"
'';
in
{
name = "Brave Web Browser";
genericName = "Przeglądarka WWW";
comment = "Skorzystaj z internetu";
exec = "${script} %U";
icon = "brave-browser";
terminal = false;
categories = [ "Application" "Network" "WebBrowser" ];
mimeType = [
"application/pdf"
"application/rdf+xml"
"application/rss+xml"
"application/xhtml+xml"
"application/xhtml_xml"
"application/xml"
"image/gif"
"image/jpeg"
"image/png"
"image/webp"
"text/html"
"text/xml"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/ipfs"
"x-scheme-handler/ipns"
];
actions.new-windows = {
exec = "${script}";
name = "Nowe okno";
};
actions.new-private-windows = {
exec = "${script} --incognito";
name = "Nowe okno incognito";
};
};
home.packages = [
pkgs.papirus-icon-theme
(materusArg.pkgs.polymc.wrap { extraJDKs = [ pkgs.graalvmPackages.graalvm-oracle pkgs.graalvmPackages.graalvm-oracle_17]; })
];
}
@@ -0,0 +1,57 @@
{ config, pkgs, lib, materusArg, ... }:
{
sops.templates."networkmanager.env".content = ''
WIREGUARD_PRIVATEKEY="${config.sops.placeholder.wg-key}"
'';
networking.useDHCP = lib.mkDefault true;
networking.hostName = "Old-materusPC";
networking.wireless.iwd.enable = true;
networking.networkmanager.enable = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656
22000 config.services.syncthing.relay.statusPort config.services.syncthing.relay.port # Syncthing
];
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656
22000 21027 # Syncthing
];
# Or disable the firewall altogether.
networking.firewall.enable = true;
networking.networkmanager.settings = {
connectivity = {
uri = "http://nmcheck.gnome.org/check_network_status.txt";
};
};
networking.networkmanager.ensureProfiles.environmentFiles = [
config.sops.templates."networkmanager.env".path
];
networking.networkmanager.ensureProfiles.profiles = {
wg0 = {
connection = {
id = "wg0";
type = "wireguard";
interface-name = "wg0";
};
wireguard = {
private-key = "$WIREGUARD_PRIVATEKEY";
};
"wireguard-peer.${materusArg.wireguard.pubKeys.valkyrie}" = {
endpoint = "${materusArg.ips.valkyrie}:${materusArg.wireguard.port}";
allowed-ips = "${materusArg.ip-masks.wireguard.main};${materusArg.ip-masks.wireguard.guest};${materusArg.ip-masks.wireguard.asia};${materusArg.ips.wireguard.valkyrie}/32;";
persistent-keepalive = "20";
};
ipv4 = {
address1 = "${materusArg.ips.wireguard.Old-materusPC}/32";
dns = "${materusArg.ips.wireguard.valkyrie};";
method = "manual";
never-default = "true";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "disabled";
};
proxy = { };
};
};
}
@@ -0,0 +1,29 @@
{ config, pkgs, ... }:
{
services.xserver.videoDrivers = [ "nvidia" ];
hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.latest;
modesetting.enable = true;
nvidiaSettings = true;
open = true;
};
hardware.opengl.extraPackages = with pkgs; [
vaapiVdpau
nvidia-vaapi-driver
libvdpau-va-gl
];
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
vaapiVdpau
nvidia-vaapi-driver
libvdpau-va-gl
];
materus.profile.steam.extraEnv = {
VK_ICD_FILENAMES=''''$VK_ICD_FILENAMES:/run/opengl-driver/share/vulkan/icd.d/nvidia_icd.x86_64.json:/run/opengl-driver-32/share/vulkan/icd.d/nvidia_icd.i686.json'';
__NV_PRIME_RENDER_OFFLOAD="1";
__NV_PRIME_RENDER_OFFLOAD_PROVIDER="NVIDIA-G0";
__GLX_VENDOR_LIBRARY_NAME="nvidia";
__VK_LAYER_NV_optimus="NVIDIA_only";
};
}
@@ -0,0 +1,31 @@
{ pkgs, ... }:
{
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
services.displayManager.sddm.settings = {
General = {
InputMethod = "";
};
Theme = {
CursorTheme = "breeze_cursors";
CursorSize = "24";
};
};
environment.variables = {
QT_PLUGIN_PATH = [ "${pkgs.qt6.qtimageformats}/${pkgs.qt6.qtbase.qtPluginPrefix}" ];
XCURSOR_THEME = "breeze_cursors";
};
xdg.portal.enable = true;
xdg.portal.wlr.enable = true;
xdg.portal.xdgOpenUsePortal = true;
xdg.portal.extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde ];
services.desktopManager.plasma6.enable = true;
services.desktopManager.plasma6.enableQt5Integration = true;
environment.plasma6.excludePackages = with pkgs.kdePackages; [ kwallet kwalletmanager kwallet-pam ];
environment.systemPackages = with pkgs.kdePackages; [
ark
kate
];
materus.profile.steam.extraPkgs = [ pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin ];
}
@@ -0,0 +1,25 @@
{ config, pkgs, lib, materusCfg, ... }:
{
imports =
[
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
sops.age.generateKey = false;
sops.gnupg.home = null;
sops.gnupg.sshKeyPaths = [ ];
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
sops.secrets."wg-key" = { };
services.openssh.hostKeys = [
{
bits = 4096;
path = "/materus/root/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/materus/root/ssh_host_ed25519_key";
type = "ed25519";
}
];
}
@@ -0,0 +1,33 @@
wg-key: ENC[AES256_GCM,data:+z+Xxq6A1h5ceCOZry9PSz871zVZpd9Y6vtqpfoAulHCN03DjzZ/PLmRvYQ=,iv:7hdjnUuaRk30hFJ8rv4zXxI8v42RWC1iQb64LMNgBnQ=,tag:eUSTVygR+u9ERPU9gfhYIw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1el7zhjxkrlravpt7hw36fuac0xfgd42qkjjkvxzqmyl28u8csasqkd4a40
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsT2w4SCt2ZGdLYktHckMw
QVhza2tqU2M1Q3lsYnhld1dKcTdYUHcvSzFrCjMxT05yU01nUmFQK0FCUThUNDNN
V2EyTUhoVUNjNlNwTU9FeTlGRkxvVDgKLS0tIDBFYys1TmI0T0x0RnE2N3JCWWpq
VFVjMGUvRVBaY0JsR2lVcUFsdk4rYjQKEiiqEcTaQSVXSAm5c9uylaf2Tt/KJtPl
GDp+2YSBHHnVYjtYf7k9WqsIEe5/0AifDp3YA8jNhOXuZwZdvk+fLw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-03-30T18:21:12Z"
mac: ENC[AES256_GCM,data:0DMB+ukujc6PMU45n1QJGryGie25Bj2hXmia69QgYZNk2vgfO+nYmWSpmqK4Z00xXNtbsgejfDto5mrzU/OJ4FF3eOfwWfdIwxQLEQKoPF5U3niON3YO8FEA+JIn+/fNGF3fY1AgBfhberST5ikKnmff1Nwe5GOwQHSB3LU+CZE=,iv:V89EFUby3bwsoZKpoJRmJS9E/UheMBkKDq7j40IzBTA=,tag:aOJnFFGIuzQ3T7YrIFiWtw==,type:str]
pgp:
- created_at: "2024-03-30T18:20:23Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4D5fSX77p80GYSAQdAnUVLGsgIKd3EtSAGTPyXqSlsz1T8RnDvAtBz/XaH0y0w
pkp84zTe85FRZDnTO8a44WkpNIrUih0CYQSPPCZqSi/qnIxPWgx67HTC1bPAO9Iw
1GgBCQIQNcrKr4YNKSP5XxJqMXOyZD7rZ4g02Xdw5XplZ/y34m9c83S44XRgHwg4
0obXI1UlsqyHf/ZnTM1pbXO/kdTdFomWvWbfbuKDgDvyiJJ18mJ48GOsv/SBBJjJ
3877O+Ia5I8Chg==
=q58P
-----END PGP MESSAGE-----
fp: 28D140BCA60B4FD1
unencrypted_suffix: _unencrypted
version: 3.8.1
Binary file not shown.
+66
View File
@@ -0,0 +1,66 @@
{ inputs, materusFlake }:
let
profiles = import ../profile;
makeSystem = { host, arch ? "x86_64-linux", extraModules ? [ ], stable ? true, hmAsModule ? true, hmUsers ? [ "materus" ] }:
let
nixosSystem = if stable then inputs.nixpkgs-stable.lib.nixosSystem else inputs.nixpkgs.lib.nixosSystem;
hm = if stable then inputs.configInputs-stable.home-manager else inputs.configInputs.home-manager;
materusCfg = {
inherit stable;
inherit materusFlake;
inherit host;
inherit hm;
inherit hmAsModule;
inherit arch;
nixerus = if stable then inputs.configInputs-stable.nixerus else inputs.configInputs.nixerus;
configInputs = if stable then inputs.configInputs-stable else inputs.configInputs;
path = materusFlake.selfPath;
hostPath = materusFlake.selfPath + "/configurations/host/${host}";
isHm = false;
};
in
(nixosSystem {
specialArgs = { inherit materusCfg; };
system = arch;
modules = [
./${host}
profiles.osProfile
materusCfg.configInputs.sops-nix.nixosModules.sops
(if hmAsModule then hm.nixosModules.home-manager else { })
(if hmAsModule then
{
home-manager.backupFileExtension = "hm-backup";
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.sharedModules = [
materusCfg.configInputs.plasma-manager.homeManagerModules.plasma-manager
materusCfg.configInputs.sops-nix.homeManagerModules.sops
];
home-manager.users = (builtins.foldl' (a: b: a // b) { } (builtins.map
(user: {
${user} = ({ ... }:
{
imports = [
(materusFlake.selfPath + "/configurations/shared/home/${user}")
(materusFlake.selfPath + "/configurations/host/${host}/home/${user}")
profiles.homeProfile
];
});
})
hmUsers));
home-manager.extraSpecialArgs = { materusCfg = materusCfg // { isHm = true; }; };
} else { })
] ++ extraModules;
}) // { inherit materusCfg; };
in
{
materusPC = makeSystem { host = "materusPC"; stable = true; };
flamaster = makeSystem { host = "flamaster"; stable = true; };
valkyrie = makeSystem { host = "valkyrie"; stable = true; };
waffentrager = makeSystem { host = "waffentrager"; stable = true; arch = "aarch64-linux"; };
Old-materusPC = makeSystem { host = "Old-materusPC"; stable = true; };
}
@@ -0,0 +1,196 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, materusArg, ... }:
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
networking.wireless.iwd.enable = true;
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchExternalPower = "ignore";
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
programs.tmux = {
enable = true;
clock24 = true;
};
programs.java = {
enable = true;
package = pkgs.graalvm-ce;
binfmt = true;
};
# Bootloader.
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
useOSProber = true;
gfxmodeEfi = pkgs.lib.mkDefault "1920x1080";
gfxmodeBios = pkgs.lib.mkDefault "1920x1080";
#efiInstallAsRemovable = true;
};
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
networking.hostName = "flamaster"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
networking.networkmanager.wifi.backend = "iwd";
# Set your time zone.
time.timeZone = "Europe/Warsaw";
# Select internationalisation properties.
i18n.defaultLocale = "pl_PL.UTF-8";
# Enable the X11 windowing system.
services.xserver.enable = true;
hardware.nvidia.open = false;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
hardware.nvidia.prime = {
offload.enable = true;
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
intelBusId = "PCI:0:2:0";
# Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA
nvidiaBusId = "PCI:1:0:0";
};
# Enable the KDE Plasma Desktop Environment.
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma6.enable = true;
# Configure keymap in X11
services.xserver = {
layout = "pl";
xkbVariant = "";
};
# Configure console keymap
console.keyMap = "pl2";
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound with pipewire.
#sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.materus = {
isNormalUser = true;
description = "Mateusz Słodkowicz";
extraGroups = [ "networkmanager" "wheel" ];
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
packages = with pkgs; [
kdePackages.kate
];
shell = pkgs.zsh;
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
util-linux
killall
pciutils
lshw
steamcmd
distrobox
firefox
config.programs.java.package
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "no";
services.openssh.settings.PasswordAuthentication = false;
services.openssh.openFirewall = true;
programs.ssh.startAgent = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 27015 25565 25570 8123 8100 24800 ];
networking.firewall.allowedTCPPortRanges = [{ from = 16262; to = 16272; }];
networking.firewall.allowedUDPPorts = [ 22 16261 16262 8766 8767 25565 24454 8123 24800 ];
# Or disable the firewall altogether.
networking.firewall.enable = true;
networking.networkmanager.settings = {
connectivity = { uri = lib.mkDefault "http://nmcheck.gnome.org/check_network_status.txt"; };
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
programs.neovim.enable = true;
programs.neovim.vimAlias = true;
programs.neovim.viAlias = true;
services.flatpak.enable = true;
xdg.portal.enable = true;
virtualisation.podman.enable = true;
virtualisation.podman.dockerCompat = true;
virtualisation.podman.enableNvidia = true;
virtualisation.podman.dockerSocket.enable = true;
}
+12
View File
@@ -0,0 +1,12 @@
{ config, lib, pkgs, ... }:
{
imports =
[
# Include the results of the hardware scan.
./configuration.nix
];
materus.profile.nix.enable = true;
#materus.profile.steam.enable = true;
}
@@ -0,0 +1,78 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-label/NixOS_Root_Laptop";
fsType = "btrfs";
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" "compress=zstd" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-label/NixOS_Root_Laptop";
fsType = "btrfs";
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
};
fileSystems."/data" =
{
device = "/dev/disk/by-label/HDD_DATA";
fsType = "btrfs";
options = [ "noatime" "compress=zstd" "nossd" "autodefrag" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-label/NixOS_Root_Laptop";
fsType = "btrfs";
options = [ "subvol=@boot" "ssd" ];
};
fileSystems."/boot/efi" =
{
device = "/dev/disk/by-label/NixOS_EFI_L";
fsType = "vfat";
};
fileSystems."/etc/nixos" =
{
device = "/materus/config/nixos-config";
fsType = "none";
options = [ "bind" ];
};
swapDevices = [{
device = "/data/.swapfile";
size = 32 * 1024;
}];
zramSwap = {
enable = true;
memoryPercent = 50;
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
@@ -0,0 +1,87 @@
{ config, pkgs, materusArg, lib, ... }:
{
home.stateVersion = "23.05";
home.homeDirectory = "/home/materus";
xdg.dataFile."java-runtimes/graalvm-oracle-17".source = pkgs.graalvmPackages.graalvm-oracle_17;
xdg.dataFile."java-runtimes/graalvm-oracle-latest".source = pkgs.graalvmPackages.graalvm-oracle;
xdg.dataFile."java-runtimes/openjdk21".source = pkgs.jdk21;
materus.profile = {
fonts.enable = lib.mkDefault true;
nixpkgs.enable = lib.mkDefault false;
enableDesktop = lib.mkDefault true;
enableTerminal = lib.mkDefault true;
enableTerminalExtra = lib.mkDefault true;
enableNixDevel = lib.mkDefault true;
bash.enable = true;
zsh.enable = true;
editor.code.fhs.enable = true;
editor.code.fhs.packages = (ps: with ps; let llvmpkgs = llvmPackages_16; in [
llvmpkgs.clang
llvmpkgs.llvm
llvmpkgs.bintools
llvmpkgs.lld
llvmpkgs.lldb
llvmpkgs.libllvm
llvmpkgs.libllvm.dev
raylib
gcc
gdb
materusArg.unstable.nixd
nixfmt-rfc-style
nixpkgs-fmt
cmake
gnumake
ninja
binutils
coreutils
util-linux
openssl
openssl.dev
pkg-config
dotnet-sdk_8
mono
mold
python3
lua
gtk4.dev
gtk4
miniaudio
SDL2.dev
SDL2
freeglut.dev
freeglut
boost.dev
boost
glew.dev
libGL.dev
libGLU.dev
vulkan-loader.dev
xorg.xorgproto
xorg.libX11.dev
xorg.libXrandr.dev
xorg.libXrender.dev
rustup
freetype.dev
fpc
openjdk21
bison
flex
ldc
dmd
dub
]);
};
home.packages = [
pkgs.papirus-icon-theme
(materusArg.pkgs.polymc.wrap { extraJDKs = [ pkgs.graalvm-ce ]; })
];
}
+90
View File
@@ -0,0 +1,90 @@
{ pkgs, lib, ... }:
{
#REGION test
#sound.enable = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
audio.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
systemWide = true;
jack.enable = true;
};
hardware.pulseaudio.enable = false;
environment.sessionVariables =
let
makePluginPath =
format:
"$HOME/.${format}:"
+ (lib.makeSearchPath format [
"$HOME/.nix-profile/lib"
"/run/current-system/sw/lib"
"/etc/profiles/per-user/$USER/lib"
]);
in
{
ALSOFT_DRIVERS = "pulse";
DSSI_PATH = makePluginPath "dssi";
LADSPA_PATH = makePluginPath "ladspa";
LV2_PATH = makePluginPath "lv2";
LXVST_PATH = makePluginPath "lxvst";
VST_PATH = makePluginPath "vst";
VST3_PATH = makePluginPath "vst3";
};
services.udev = let
script = pkgs.writeShellScript "arch-mknod" ''
ACTION=$1
KERNEL=$(basename $2)
MAJOR=$3
MINOR=$4
if (systemctl is-active --quiet systemd-nspawn@archlinux); then
if [[ $ACTION == "add" || "$ACTION" == "change" ]]; then
machinectl shell root@archlinux /bin/bash -c "
if ! [ -f /dev/$KERNEL ]; then
mknod /dev/$KERNEL c $MAJOR $MINOR
chmod 660 /dev/$KERNEL
chown root:input /dev/$KERNEL
fi
"
elif [[ $ACTION == "remove" ]]; then
machinectl shell root@archlinux /bin/rm /dev/$KERNEL
fi
fi
'';
in {
extraRules = ''
KERNEL=="rtc0", GROUP="audio"
KERNEL=="hpet", GROUP="audio"
DEVPATH=="/devices/virtual/misc/cpu_dma_latency", OWNER="root", GROUP="audio", MODE="0660"
SUBSYSTEM=="hidraw", KERNEL=="hidraw*", RUN+="${script} ''$env{ACTION} ''$env{DEVNAME} ''$env{MAJOR} ''$env{MINOR}"
'';
};
environment.systemPackages = with pkgs; [
openal
pulseaudio
reaper
yabridge
yabridgectl
vital
odin2
surge
fire
decent-sampler
lsp-plugins
];
}
@@ -8,12 +8,13 @@ let
mainMirror = "https://ftp.icm.edu.pl/pub/Linux/dist/archlinux";
extraMirrors = [ ];
getty = [
8
9
6
7
];
ttys = [
6
7
8
9
] ++ getty;
startPkgs = lib.strings.concatStringsSep " " [
@@ -122,12 +123,12 @@ in
"/tmp/.X11-unix"
/mkk
/materus
] ++ lib.lists.forEach ttys (x: "/dev/tty${builtins.toString x}");
};
networkConfig = {
Bridge = "br0";
Private = false;
};
};
systemd.services."systemd-nspawn@archlinux" = {
@@ -1,11 +1,12 @@
{ ... }:
{...}:
{
imports = [
./nspawn/arch.nix
./arch.nix
./fedora.nix
];
virtualisation.lxc.enable = true;
virtualisation.lxc.lxcfs.enable = true;
virtualisation.lxd.enable = false;
virtualisation.waydroid.enable = true;
virtualisation.podman = {
@@ -0,0 +1,75 @@
{
config,
pkgs,
lib,
...
}:
let
ttys = [
9
10
];
in
{
systemd.nspawn."fedora" = {
enable = true;
execConfig = {
Boot = true;
SystemCallFilter = [ "@known" ];
Timezone = "symlink";
Capability = "all";
PrivateUsers = "no";
ResolvConf = "off";
};
filesConfig = {
BindReadOnly = [
"/nix"
"/run/current-system"
"/run/booted-system"
"/run/opengl-driver"
"/run/opengl-driver-32"
];
Bind = [
"/:/run/host-root"
"/run/udev"
"/dev/fuse"
"/dev/snd"
"/dev/input"
"/dev/shm"
"/dev/kfd"
"/dev/dri"
"/dev/tty"
"/dev/tty0"
"/var/lib/flatpak"
"/tmp/.X11-unix"
/materus
] ++ lib.lists.forEach ttys (x: "/dev/tty${builtins.toString x}");
};
networkConfig = {
Bridge="br0";
};
};
systemd.services."systemd-nspawn@fedora" = {
enable = true;
overrideStrategy = "asDropin";
serviceConfig = {
ConditionPathExists="/var/lib/machines/fedora";
DeviceAllow = [
"char-tty rwm"
"char-input rwm"
"char-drm rwm"
];
};
};
}
+35
View File
@@ -0,0 +1,35 @@
{ config, pkgs, lib, ... }:
{
imports =
[
./hardware
./vm
./secrets
./containers
./other
./scripts.nix
./tmp.nix
./network.nix
./audio.nix
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
system.copySystemConfiguration = false;
system.stateVersion = "23.05";
materus.profile.nix.enable = true;
materus.profile.nixpkgs.enable = true;
materus.profile.fonts.enable = true;
materus.profile.steam.enable = false;
services.logind.extraConfig = ''
NAutoVTs=4
ReserveVT=4
'';
}
@@ -0,0 +1,82 @@
{ config, pkgs, lib, materusArg, ... }:
let
video = [
"video=HDMI-A-3:1920x1080@144"
"video=DP-3:1920x1080@240"
#"video=DP-1:1920x1080@240"
#"video=DP-2:1920x1080@240"
#"video=HDMI-A-1:1920x1080@240"
#"video=HDMI-A-2:1920x1080@240"
];
in
{
#Kernel
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_zen;
boot.kernelParams = [
"rcu_nocbs=${materusArg.materusPC.vmCores}"
"nohz_full=${materusArg.materusPC.vmCores}"
"vfio_iommu_type1.allow_unsafe_interrupts=1"
"pcie_acs_override=downstream,multifunction"
#''vfio-pci.ids="1002:744c"''
"nox2apic"
"nvme_core.default_ps_max_latency_us=0"
"nvme_core.io_timeout=255"
"nvme_core.max_retries=10"
"nvme_core.shutdown_timeout=10"
"amd_iommu=on"
"amdgpu.ppfeaturemask=0xffffffff"
#"amdgpu.runpm=0"
"iommu=pt"
"psi=1"
"i915.force_probe=!56a6"
"xe.force_probe=56a6"
] ++ video;
boot.kernelModules = [ "pci-stub" "amdgpu" "i2c_dev" "kvm_amd" "vfio" "vfio_iommu_type1" "vfio-pci" "kvmfr" "xe" ];
boot.extraModprobeConfig = ''
options kvm_amd nested=1 avic=1 npt=1 sev=0
options vfio_iommu_type1 allow_unsafe_interrupts=1
options kvmfr static_size_mb=64
'';
boot.kernel.sysctl = {
"vm.max_map_count" = 1000000;
"vm.swappiness" = 10;
"net.ipv4.ip_forward"=1;
};
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "vfio-pci" "amdgpu" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback kvmfr ];
boot.supportedFilesystems = [ "ntfs" "btrfs" "vfat" "exfat" "ext4" ];
boot.tmp.useTmpfs = true;
#bootloader
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
gfxmodeEfi = pkgs.lib.mkDefault "1920x1080@240";
gfxmodeBios = pkgs.lib.mkDefault "1920x1080@240";
useOSProber = true;
memtest86.enable = true;
};
boot.plymouth.enable = true;
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
}
@@ -0,0 +1,65 @@
{ config, pkgs, lib, materusArg, ... }:
{
imports =
[
./filesystem.nix
./boot.nix
];
hardware.firmware = with pkgs; [
materusArg.pkgs.amdgpu-pro-libs.firmware.vcn
materusArg.pkgs.amdgpu-pro-libs.firmware
linux-firmware
alsa-firmware
sof-firmware
];
environment.variables = {
DISABLE_LAYER_AMD_SWITCHABLE_GRAPHICS_1 = "1";
#VK_ICD_FILENAMES = "${pkgs.mesa.drivers}/share/vulkan/icd.d/radeon_icd.x86_64.json:${pkgs.driversi686Linux.mesa.drivers}/share/vulkan/icd.d/radeon_icd.i686.json";
AMD_VULKAN_ICD = "RADV";
RADV_PERFTEST = "gpl,rt,sam";
#OCL_ICD_VENDORS = "${pkgs.rocmPackages.clr.icd}/etc/OpenCL/vendors/";
};
hardware.cpu.amd.updateMicrocode = lib.mkForce true;
#extra
hardware.wooting.enable = true;
hardware.bluetooth.enable = true;
#Graphics
hardware.opengl.enable = true;
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [
vaapiVdpau
vpl-gpu-rt
intel-media-driver
libvdpau-va-gl
amdvlk
vkbasalt
rocmPackages.clr.icd
rocmPackages.clr
materusArg.pkgs.amdgpu-pro-libs.vulkan
materusArg.pkgs.amdgpu-pro-libs.amf
];
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
vaapiVdpau
vkbasalt
pkgs.driversi686Linux.amdvlk
materusArg.pkgs.i686Linux.amdgpu-pro-libs.vulkan
libvdpau-va-gl
];
/*services.udev.extraRules = ''
#GPU bar size
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x1002", ATTR{device}=="0x744c", ATTR{resource0_resize}="15"
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x1002", ATTR{device}=="0x744c", ATTR{resource2_resize}="8"
'';*/
#Trim
services.fstrim = {
enable = true;
interval = "weekly";
};
}
@@ -0,0 +1,68 @@
{ config, pkgs, lib, ... }:
{
zramSwap = {
enable = true;
memoryPercent = 50;
};
swapDevices = [
{
label = "NixOS_Swap";
}
];
fileSystems."/etc/nixos" =
{
device = "/materus/config/nixos-config";
fsType = "none";
options = [ "bind" ];
depends = [ "/materus" ];
};
fileSystems."/materus" =
{
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [ "subvol=@materus" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
neededForBoot = true;
};
fileSystems."/" =
{
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [ "subvol=@" "noatime" "ssd" "space_cache=v2" "compress=zstd" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [ "subvol=@nix" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
};
fileSystems."/home" =
{
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [ "subvol=@home" "noatime" "compress=zstd" "ssd" "space_cache=v2" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-label/NixOS_Root";
fsType = "btrfs";
options = [ "subvol=@boot" "ssd" ];
};
fileSystems."/boot/efi" =
{
device = "/dev/disk/by-label/NixOS_EFI";
fsType = "vfat";
};
}
@@ -0,0 +1,188 @@
{
pkgs,
materusArg,
lib,
config,
...
}:
{
imports = [
./plasma.nix
];
home.stateVersion = "23.05";
home.homeDirectory = "/home/materus";
materus.profile.wezterm.enable = true;
programs.git.signing.signByDefault = true;
xdg.userDirs.enable = true;
materus.profile = {
fonts.enable = lib.mkDefault true;
nixpkgs.enable = lib.mkDefault false;
enableDesktop = lib.mkDefault true;
enableTerminal = lib.mkDefault true;
enableTerminalExtra = lib.mkDefault true;
enableNixDevel = lib.mkDefault true;
editor.emacs.enable = true;
editor.code.fhs.enable = true;
editor.code.fhs.packages = (
ps:
with ps;
let
llvmpkgs = llvmPackages_18;
in
[
llvmpkgs.clang
llvmpkgs.llvm
llvmpkgs.bintools
llvmpkgs.lld
llvmpkgs.lldb
llvmpkgs.libllvm
llvmpkgs.mlir
llvmpkgs.libllvm.dev
fpc
xmake
raylib
gcc
gdb
materusArg.unstable.nixd
nixfmt-rfc-style
nixpkgs-fmt
cmake
gnumake
ninja
binutils
coreutils
util-linux
openssl
openssl.dev
pkg-config
dotnet-sdk_8
mono
mold
python3
lua
gtk4.dev
gtk4
glib
glib.dev
miniaudio
SDL2.dev
SDL2
freeglut.dev
freeglut
boost.dev
boost
glew.dev
libGL.dev
libGLU.dev
vulkan-loader.dev
vulkan-headers
xorg.xorgproto
xorg.libX11.dev
xorg.libXrandr.dev
xorg.libXrender.dev
rustup
freetype.dev
fpc
gradle
bison
flex
ldc
dmd
dub
]
);
};
home.packages = [
(pkgs.ffmpeg-full)
(materusArg.pkgs.polymc.wrap {
extraJDKs = [ pkgs.graalvm-ce ];
extraLibs = [ ];
})
pkgs.git-crypt
pkgs.obsidian
];
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
wlrobs
input-overlay
obs-source-switcher
obs-tuna
obs-vaapi
obs-vkcapture
obs-gstreamer
obs-backgroundremoval
obs-multi-rtmp
obs-pipewire-audio-capture
];
};
home.file.".gradle/gradle.properties".text = ''
org.gradle.java.installations.fromEnv=JAVA_8_HOME,JAVA_17_HOME,JAVA_21_HOME
org.gradle.home=${pkgs.jdk21}
'';
xdg.dataFile."java-runtimes/graalvm-oracle-17".source = pkgs.graalvmPackages.graalvm-oracle_17;
xdg.dataFile."java-runtimes/graalvm-oracle-latest".source = pkgs.graalvmPackages.graalvm-oracle;
xdg.dataFile."java-runtimes/openjdk21".source = pkgs.jdk21;
xdg.desktopEntries.brave-browser =
let
env = lib.concatStringsSep " " [
];
script = pkgs.writeShellScript "brave" ''
${env} brave "$@"
'';
in
{
name = "Brave Web Browser";
genericName = "Przeglądarka WWW";
comment = "Skorzystaj z internetu";
exec = "${script} %U";
icon = "brave-browser";
terminal = false;
categories = [
"Application"
"Network"
"WebBrowser"
];
mimeType = [
"application/pdf"
"application/rdf+xml"
"application/rss+xml"
"application/xhtml+xml"
"application/xhtml_xml"
"application/xml"
"image/gif"
"image/jpeg"
"image/png"
"image/webp"
"text/html"
"text/xml"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/ipfs"
"x-scheme-handler/ipns"
];
actions.new-windows = {
exec = "${script}";
name = "Nowe okno";
};
actions.new-private-windows = {
exec = "${script} --incognito";
name = "Nowe okno incognito";
};
};
}
@@ -0,0 +1,139 @@
{ pkgs, materusArg, ... }:
{
home.packages = [
pkgs.papirus-icon-theme
pkgs.nerd-fonts.hack
];
xdg.dataFile."konsole/materus-linux.keytab".source = ("${materusArg.cfg.path}" + "/extraFiles/config/plasma/materus-linux.keytab");
programs.konsole = {
enable = true;
profiles = {
materus = {
colorScheme = "Breeze";
font.name = "Hack Nerd Font";
extraConfig = {
Keyboard = {
KeyBindings="materus-linux";
};
Scrolling = {
HistoryMode = 2;
};
};
};
};
extraConfig = {
KonsoleWindow = {
RememberWindowSize = "false";
};
MainWindow = {
MenuBar = "Enabled";
};
"Desktop Entry" = {
DefaultProfile = "materus.profile";
};
};
};
programs.plasma = {
enable = true;
overrideConfig = false;
workspace = {
lookAndFeel = "org.kde.breezedark.desktop";
iconTheme = "Papirus-Dark";
};
shortcuts = {
"kwin"."Grid View" = "Meta+Alt+Tab";
"kwin"."Overview" = "Meta+Tab";
"services/org.kde.kcalc.desktop"."_launch" = [ ];
};
spectacle.shortcuts = {
captureActiveWindow = "Meta+Print";
captureCurrentMonitor = "Print";
captureEntireDesktop = "Shift+Print";
captureRectangularRegion = "Meta+S";
launchWithoutCapturing = "Meta+Shift+S";
launch = "Meta+Alt+S";
};
kwin = {
effects = {
wobblyWindows.enable = true;
};
};
input = {
keyboard = {
options = [ "caps:none" ];
};
};
kscreenlocker = {
autoLock = false;
};
panels = [
{
location = "left";
screen = 0;
widgets = [
{
name = "org.kde.plasma.kickerdash";
config = {
General = {
icon = "nix-snowflake-white";
customButtonImage="nix-snowflake-white";
alphaSort = true;
};
};
}
"org.kde.plasma.icontasks"
"org.kde.plasma.marginsseparator"
"org.kde.plasma.systemtray"
{
name = "org.kde.plasma.digitalclock";
config = {
Appearance = {
showDate = "false";
};
};
}
];
}
];
configFile = {
"kwinrc"."Effect-overview"."BorderActivate" = 9;
"klaunchrc"."BusyCursorSettings"."Timeout" = 1;
"klaunchrc"."FeedbackStyle"."TaskbarButton" = false;
"kcminputrc"."Libinput/9610/46/SINOWEALTH Wired Gaming Mouse"."PointerAccelerationProfile" = 1;
"kcminputrc"."Libinput/9610/47/SINOWEALTH 2.4G Wireless Receiver"."PointerAccelerationProfile" = 1;
"spectaclerc"."ImageSave"."imageFilenameTemplate" = "<yyyy>-<MM>-<dd>.<hh>_<mm>_<ss>-<t>.materusPC";
"spectaclerc"."VideoSave"."videoFilenameTemplate" = "<yyyy>-<MM>-<dd>.<hh>_<mm>_<ss>-<t>.materusPC";
"spectaclerc"."ImageSave"."preferredImageFormat" = "WEBP";
"spectaclerc"."ImageSave"."translatedScreenshotsFolder" = "Zrzuty ekranu";
"spectaclerc"."VideoSave"."translatedScreencastsFolder" = "Nagranie ekranu";
"dolphinrc"."General"."RememberOpenedTabs" = false;
"kwalletrc"."Wallet"."Enabled" = true;
};
dataFile = {
"dolphin/view_properties/global/.directory"."Settings"."HiddenFilesShown" = true;
};
resetFiles = [
"spectaclerc"
];
};
}
+82
View File
@@ -0,0 +1,82 @@
{ config, pkgs, lib, materusArg, ... }:
{
sops.templates."networkmanager.env".content = ''
WIREGUARD_PRIVATEKEY="${config.sops.placeholder.wireguard}"
'';
networking.firewall = {
logReversePathDrops = false;
# wireguard trips rpfilter up
extraCommands = ''
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport ${materusArg.wireguard.port} -j RETURN
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport ${materusArg.wireguard.port} -j RETURN
'';
extraStopCommands = ''
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport ${materusArg.wireguard.port} -j RETURN || true
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${materusArg.wireguard.port} -j RETURN || true
'';
};
networking.useDHCP = lib.mkDefault true;
networking.hostName = "materusPC";
networking.wireless.iwd.enable = true;
networking.networkmanager.enable = true;
#networking.networkmanager.wifi.backend = "iwd";
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [
24800 5900 5357 4656 8080 9943 9944
22000 config.services.syncthing.relay.statusPort config.services.syncthing.relay.port # Syncthing
25565 25570 8100 # Minecraft + BlueMap + Velocity
];
networking.firewall.allowedUDPPorts = [ (lib.strings.toInt materusArg.wireguard.port)
24800 5900 3702 4656 6000 9943 9944
22000 21027 # Syncthing
17000 17001 # zomboid
24454 # Minecraft Voice Chat
];
networking.networkmanager.settings = {
connectivity = {
uri = "http://nmcheck.gnome.org/check_network_status.txt";
};
};
networking.networkmanager.ensureProfiles.environmentFiles = [
config.sops.templates."networkmanager.env".path
];
networking.networkmanager.ensureProfiles.profiles = {
wg0 = {
connection = {
id = "wg0";
type = "wireguard";
interface-name = "wg0";
};
wireguard = {
private-key = "$WIREGUARD_PRIVATEKEY";
};
"wireguard-peer.${materusArg.wireguard.pubKeys.valkyrie}" = {
endpoint = "${materusArg.ips.valkyrie}:${materusArg.wireguard.port}";
allowed-ips = "${materusArg.ip-masks.wireguard.main};${materusArg.ip-masks.wireguard.guest};${materusArg.ip-masks.wireguard.asia};${materusArg.ips.wireguard.valkyrie}/32;";
persistent-keepalive = "20";
};
ipv4 = {
address1 = "${materusArg.ips.wireguard.materusPC}/32";
dns = "${materusArg.ips.wireguard.valkyrie};";
method = "manual";
never-default = "true";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "disabled";
};
proxy = { };
};
};
services = {
syncthing = {
enable = true;
user = "materus";
dataDir = "/home/materus";
};
};
}
@@ -0,0 +1,147 @@
{
config,
pkgs,
materusArg,
...
}:
{
#services.jackett.enable = true;
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
];
programs.chromium.enable = true;
programs.chromium.enablePlasmaBrowserIntegration = true;
services.guix.enable = true;
environment.systemPackages = with pkgs; [
vivaldi
#(pkgs.lutris.override { extraLibraries = pkgs: with pkgs; [ pkgs.samba pkgs.jansson pkgs.tdb pkgs.libunwind pkgs.libusb1 pkgs.gnutls pkgs.gtk3 pkgs.pango ]; })
materusArg.pkgs.amdgpu-pro-libs.prefixes
(pkgs.bottles.override {
extraPkgs = pkgs: [
pkgs.libsForQt5.breeze-qt5
pkgs.kdePackages.breeze-gtk
pkgs.nss_latest
];
extraLibraries = pkgs: [
pkgs.samba
pkgs.jansson
pkgs.tdb
pkgs.libunwind
pkgs.libusb1
pkgs.gnutls
pkgs.gtk3
pkgs.pango
];
})
glibc
glib
gtk3
gtk4
gsettings-desktop-schemas
kdePackages.dolphin
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
vlc
vkbasalt-cli
patchelf
killall
util-linux
xorg.xhost
nix-top
gitFull
curl
wget
config.programs.java.package
nss_latest
pciutils
(aspellWithDicts (
ds: with ds; [
en
en-computers
en-science
pl
]
))
steamtinkerlaunch
distrobox
# WebP support
libwebp
webp-pixbuf-loader
# Compression
p7zip
unrar
bzip2
rar
unzip
zstd
xz
zip
gzip
tree
mc
lf
htop
nmon
iftop
iptraf-ng
mprocs
tldr
bat
##config.materus.profile.packages.home-manager
gcr
# pgcli
# litecli
materusArg.pkgs.alvr
#zenmonitor
nix-du
kdePackages.kate
krusader
wineWowPackages.stagingFull
winetricks
protontricks
gnupg
pinentry
pinentry-gnome3
pinentry-curses
ncurses
monkeysphere
gparted
virt-viewer
inkscape
gimp
git-crypt
bubblewrap
bindfs
binutils
materusArg.unstable.qbittorrent
mkvtoolnix
nicotine-plus
picard
opusTools
aegisub
audacity
];
}
@@ -0,0 +1,10 @@
{ ... }:
{
imports = [
./apps.nix
./java.nix
./users.nix
./desktop
];
}
@@ -0,0 +1,9 @@
{ ... }:
{
imports = [
./kde.nix
./sddm.nix
];
}
@@ -0,0 +1,38 @@
{ config, pkgs, lib, ... }:
{
services.displayManager.defaultSession = "gnome";
services.xserver.desktopManager.gnome.enable = true;
services.xserver.desktopManager.gnome.sessionPath = [ pkgs.gnome.gpaste ];
services.gnome.gnome-online-accounts.enable = true;
services.gnome.gnome-browser-connector.enable = true;
services.gnome.core-utilities.enable = true;
services.gnome.core-shell.enable = true;
services.gnome.core-os-services.enable = true;
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-gnome3;
programs.gnome-terminal.enable = true;
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
services.dbus.packages = with pkgs; [ gnome2.GConf ];
environment.systemPackages = with pkgs; [
gnome3.adwaita-icon-theme
gnome3.gnome-tweaks
gnome3.gnome-color-manager
gnome3.gnome-shell-extensions
gnomeExtensions.appindicator
gnomeExtensions.desktop-clock
gnomeExtensions.gtk4-desktop-icons-ng-ding
gnomeExtensions.compiz-windows-effect
gnomeExtensions.burn-my-windows
gnomeExtensions.user-themes
gnomeExtensions.gsconnect
];
}
@@ -0,0 +1,40 @@
{ config, pkgs, lib, ... }:
{
xdg.portal.enable = true;
xdg.portal.wlr.enable = true;
xdg.portal.xdgOpenUsePortal = true;
xdg.portal.extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde ];
services.desktopManager.plasma6.enable = true;
services.desktopManager.plasma6.enableQt5Integration = true;
#programs.gnupg.agent.pinentryPackage = lib.mkForce (pkgs.kwalletcli.overrideAttrs {meta.mainProgram = "pinentry-kwallet";});
#environment.plasma6.excludePackages = with pkgs.kdePackages; [ kwallet kwalletmanager kwallet-pam ];
environment.variables = {
# Old fix for black cursor on amdgpu, seems to work fine now
#KWIN_DRM_NO_AMS = "1";
#Fix for amdgpu crashes
KWIN_DRM_USE_MODIFIERS = "0";
KWIN_DRM_NO_DIRECT_SCANOUT = "1";
QT_PLUGIN_PATH = [
"${pkgs.qt6.qtimageformats}/${pkgs.qt6.qtbase.qtPluginPrefix}"
"${pkgs.kdePackages.ffmpegthumbs}/${pkgs.qt6.qtbase.qtPluginPrefix}"
];
XCURSOR_THEME = "breeze_cursors";
};
environment.systemPackages = with pkgs; [
kdePackages.ark
kdePackages.kcalc
];
programs.kdeconnect.enable = true;
materus.profile.steam.extraPkgs = [ pkgs.kdePackages.breeze pkgs.kdePackages.breeze-gtk pkgs.kdePackages.dolphin pkgs.vlc pkgs.vkbasalt-cli ];
programs.firefox = {
enable = true;
autoConfig = builtins.readFile(builtins.fetchurl {
url = "https://raw.githubusercontent.com/MrOtherGuy/fx-autoconfig/master/program/config.js";
sha256 = "1mx679fbc4d9x4bnqajqx5a95y1lfasvf90pbqkh9sm3ch945p40";
});
};
}
@@ -0,0 +1,81 @@
{
config,
pkgs,
lib,
...
}:
let
plasma-materus = pkgs.writeScript "plasma-materus" ''
export KWIN_DRM_DEVICES="/dev/dri/by-path/pci-0000\:53\:00.0-card"
${pkgs.kdePackages.plasma-workspace}/libexec/plasma-dbus-run-session-if-needed ${pkgs.kdePackages.plasma-workspace}/bin/startplasma-wayland
'';
westonSddm =
let
xcfg = config.services.xserver;
in
pkgs.writeText "weston.ini" ''
[core]
xwayland=false
shell=fullscreen-shell.so
[keyboard]
keymap_model = ${builtins.toString xcfg.xkb.model};
keymap_layout = ${builtins.toString xcfg.xkb.layout};
keymap_variant = ${builtins.toString xcfg.xkb.variant};
keymap_options = ${builtins.toString xcfg.xkb.options};
[libinput]
enable-tap = ${builtins.toString xcfg.libinput.mouse.tapping};
left-handed = ${builtins.toString xcfg.libinput.mouse.leftHanded};
[output]
name=DP-3
mode=1920x1080@240
[output]
name=DP-4
mode=off
[output]
name=HDMI-A-3
mode=off
'';
in
{
services.displayManager.defaultSession = "plasma-materus";
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
services.displayManager.sddm.wayland.compositor = lib.mkForce "weston";
services.displayManager.sddm.wayland.compositorCommand = lib.concatStringsSep " " [
"${lib.getExe pkgs.weston}"
"--shell=kiosk"
"-c ${westonSddm}"
];
services.displayManager.sessionPackages = [
(
(pkgs.writeTextDir "share/wayland-sessions/plasma-materus.desktop" ''
[Desktop Entry]
Name=Plasma (Wayland Materus)
Comment=Plasma Desktop with KWIN_DRM_DEVICES env
Exec=${plasma-materus}
DesktopNames=KDE
Type=Application
'').overrideAttrs
(_: {
passthru.providedSessions = [ "plasma-materus" ];
})
)
];
services.displayManager.sddm.settings = {
General = {
InputMethod = "";
};
Theme = {
CursorTheme = "breeze_cursors";
CursorSize = "24";
};
};
}
@@ -0,0 +1,14 @@
{ pkgs, ... }:
{
programs = {
java.enable = true;
java.package = pkgs.jdk;
java.binfmt = true;
};
environment.variables = {
JAVA_8_HOME = "${pkgs.jdk8}/lib/openjdk/";
JAVA_17_HOME = "${pkgs.jdk17}/lib/openjdk/";
JAVA_21_HOME = "${pkgs.jdk21}/lib/openjdk/";
};
}
@@ -0,0 +1,27 @@
{ pkgs, materusArg, config, ... }:
{
users.users.materus = {
isNormalUser = true;
extraGroups = [
"audio"
"video"
"render"
"pipewire"
"wheel"
"networkmanager"
"input"
"kvm"
"libvirt-qemu"
"libvirt"
"libvirtd"
"podman"
"scanner"
"lp"
];
shell = pkgs.zsh;
description = "Mateusz Słodkowicz";
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
#hashedPasswordFile = config.sops.secrets."users/materus".path;
};
}
+59
View File
@@ -0,0 +1,59 @@
{ config, pkgs, lib, ... }:
let
valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" ''
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@valkyrie:/materus/config/ && \
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/valkyrie materus@valkyrie:/materus/config/private
'';
valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" ''
${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
--override-input home-manager github:nix-community/home-manager/release-23.05 \
--override-input private /materus/config/private/valkyrie/flake"
'';
valkyrie-rebuild-boot = pkgs.writeShellScriptBin "valkyrie-rebuild-boot" ''
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild boot --flake /materus/config/nixos-config#valkyrie \
--override-input private /materus/config/private/valkyrie/flake"
'';
valkyrie-rebuild-switch = pkgs.writeShellScriptBin "valkyrie-rebuild-switch" ''
${pkgs.openssh}/bin/ssh -t materus@valkyrie "sudo nixos-rebuild switch --flake /materus/config/nixos-config#valkyrie \
--override-input private /materus/config/private/valkyrie/flake"
'';
flamaster-sync = pkgs.writeShellScriptBin "flamaster-sync" ''
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/nixos-config materus@flamaster:/materus/config/ && \
${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/private/flamaster materus@flamaster:/materus/config/private
'';
flamaster-flakelock = pkgs.writeShellScriptBin "flamaster-flakelock" ''
${pkgs.openssh}/bin/ssh materus@flamaster "nix flake update /materus/config/nixos-config --override-input nixpkgs github:NixOS/nixpkgs/23.05 \
--override-input home-manager github:nix-community/home-manager/release-23.05 \
--override-input private /materus/config/private/flamaster/flake"
'';
flamaster-rebuild-boot = pkgs.writeShellScriptBin "flamaster-rebuild-boot" ''
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild boot --flake /materus/config/nixos-config#flamaster \
--override-input private /materus/config/private/flamaster/flake"
'';
flamaster-rebuild-switch = pkgs.writeShellScriptBin "flamaster-rebuild-switch" ''
${pkgs.openssh}/bin/ssh -t materus@flamaster "sudo nixos-rebuild switch --flake /materus/config/nixos-config#flamaster \
--override-input private /materus/config/private/flamaster/flake"
'';
in
{
environment.systemPackages = [
valkyrie-rebuild-boot
valkyrie-rebuild-switch
valkyrie-sync
valkyrie-flakelock
flamaster-rebuild-boot
flamaster-rebuild-switch
flamaster-sync
flamaster-flakelock
];
}
@@ -0,0 +1,27 @@
{ config, pkgs, lib, materusCfg, ... }:
{
imports =
[
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
sops.age.generateKey = false;
sops.gnupg.home = null;
sops.gnupg.sshKeyPaths = [ ];
sops.age.sshKeyPaths = [ "/materus/root/ssh_host_ed25519_key" ];
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
#sops.secrets."users/materus" = { neededForUsers = true; };
sops.secrets.wireguard = { };
services.openssh.hostKeys = [
{
bits = 4096;
path = "/materus/root/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/materus/root/ssh_host_ed25519_key";
type = "ed25519";
}
];
}
@@ -0,0 +1,36 @@
users:
materus: ENC[AES256_GCM,data:okqSgMvdFq1BMAg+Gs725zaNbeAQIpJKSPB2Sa83i3EYimphZNBtrJLen+gQEGNq4yeTyAc9Ih/hcnr+3z+Tea/g9ffh/UC4YA==,iv:OhKoWLREAqCbtmS3Rw9nE9+PtcBLwEHimJXcj4oejRA=,tag:Ht/SQSwumnQR6E45Pl47AQ==,type:str]
root: ENC[AES256_GCM,data:vnPjK+xayk/Zk895rERYAeCzpjv5NJ7EAyK4MRDUzDbW++4Dy+UEI81v1v7w9dfpDeL+x5kOqUFO5zVVDUGfZ3yf/l8M8N8KcA==,iv:gGFGcy3K27nQxn0+7I/t0kg3nZyXeGWqysOl2auZJXo=,tag:N+LYhKpPCbI1EjEBwxuh1g==,type:str]
wireguard: ENC[AES256_GCM,data:rBkftzBcdamhP0xZB3qxfLptL8bX1qc7SdcfPNpYV67TeQs6i79+5KB/da4=,iv:22J5SZbFtYco7iSHvD2GD1bcazfGWlyEJ2isa3Ab4bI=,tag:BeUn9Srl2vyoDgK5Xv0UCg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1fq9ckkwtgvm69w045rf9pgurnhch6ukdxejr8yxgrthn7j8vp48qvd9rkx
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEbHZZUVF1dVJSU1NvNXVk
N3VtTm00ZHRWb082T0FkNXJncUxCU3haVmpVCk9FQkJBZnVJVFNLOThjZzlxNVF1
b0phQ2daejRrdVhEZ2YvRHVRRU5BQlEKLS0tIGdQeDlOSzl4VDhGNURQditCWUFG
dWVzbzUyakxXUGpTQjNsYzcyVG1aRDgKXVa8tIAbmggw1vSt3NJYRLgXhbagpNrX
RNXyndPaeQXVPVXuJWmHgRCYbwPTcfAFpGwFlX2IxVLlmC914Zklhw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-19T15:58:46Z"
mac: ENC[AES256_GCM,data:BLa0G3ci8EWH43UkLI2OoFJp2F9YeuKDrg6+2I/bq/lLi/YUitkJvBkA9VSIbvCyYWs/5SlEL5MayX8iiVdJ7r9bCiw+LVsWNAdaYDCafbZRW5F7KiHS5WXV3v4c201kFok7rmnRhEfKfdDxLlQ/mFHqOhupHU/qCNMTuUzJBiA=,iv:EPRoXHVMB6I16lTFJdFVAuSnMD/B55fPYtSBOQddutE=,tag:gohg+BdRlMPAQmNpRdk8sg==,type:str]
pgp:
- created_at: "2024-03-02T22:10:50Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4D5fSX77p80GYSAQdAvGVUu56Pd2+DMHqgIcJokyh11952nQK2eVtQNj42CAUw
NQfulNRUHX5BonsLyvXPx74bVku6Wxr80loIWoz049/xbFj4S7FyftkakY8rOUGu
1GgBCQIQOoEFvTQB8qGbea/85fktuljXPou/WgUY6Mxd4n0dBz54f69B/NttnBGc
7eUDKfe79Omr0o/0CVC/6SGKoiS38suV903QHeF1MXFPeOG72k4TvfF9lVlBgK8H
k4DXtzC7wm3WWg==
=eh7Z
-----END PGP MESSAGE-----
fp: 28D140BCA60B4FD1
unencrypted_suffix: _unencrypted
version: 3.8.1
+168
View File
@@ -0,0 +1,168 @@
{
config,
pkgs,
materusArg,
...
}:
{
programs.gamemode.enable = true;
programs.corectrl.enable = true;
services.teamviewer.enable = true;
systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" ];
# Gamepad
services.udev = {
packages = with pkgs; [
game-devices-udev-rules
];
};
hardware.uinput.enable = true;
hardware.steam-hardware.enable = true;
nix.package = pkgs.nixVersions.nix_2_28;
programs.steam = {
enable = false;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
services.flatpak.enable = true;
services.gvfs.enable = true;
services.xserver.xkb.layout = "pl";
services.xserver.enable = true;
#services.xserver.videoDrivers = [ "amdgpu" "intel" ];
services.dbus.enable = true;
services.dbus.packages = [ pkgs.gcr ];
services.xserver.displayManager.startx.enable = false;
services.xserver.exportConfiguration = true;
services.xserver.extraConfig = pkgs.lib.mkDefault ''
Section "OutputClass"
Identifier "amd-options"
Option "TearFree" "True"
Option "SWCursor" "True"
Option "VariableRefresh" "true"
Option "AsyncFlipSecondaries" "true"
Option "DRI3" "1"
MatchDriver "amdgpu"
EndSection
'';
services.printing.enable = true;
services.libinput.enable = true;
environment.sessionVariables = {
XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_DATA_HOME = "\${HOME}/.local/share";
QT_XKB_CONFIG_ROOT = "\${XKB_CONFIG_ROOT}";
GTK_IM_MODULE = "fcitx";
QT_IM_MODULE = "fcitx";
XMODIFIERS = "@im=fcitx";
SDL_IM_MODULE = "fcitx";
MOZ_USE_XINPUT2 = "1";
PATH = [ "\${XDG_BIN_HOME}" ];
};
environment.shellInit = ''
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:root &> /dev/null; fi;
if ! [ -z "$DISPLAY" ]; then xhost +si:localuser:$USER &> /dev/null; fi;
'';
i18n.inputMethod.enabled = "fcitx5";
i18n.inputMethod.fcitx5.addons = [
pkgs.kdePackages.fcitx5-configtool
pkgs.fcitx5-lua
pkgs.fcitx5-mozc
pkgs.fcitx5-gtk
pkgs.kdePackages.fcitx5-qt
];
services.pcscd.enable = true;
services.samba-wsdd.enable = true;
services.samba-wsdd.openFirewall = true;
services.samba = {
enable = true;
package = pkgs.sambaFull;
securityType = "user";
openFirewall = true;
settings = {
global = {
"workgroup" = "WORKGROUP";
"server string" = "smbmaterus";
"netbios name " = "smbmaterus";
"security" = "user";
"hosts allow" = "192.168.122. 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
"allow insecure wide links" = "yes";
};
windows = {
"path" = "/materus/data/VM/windows_shared";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "materus";
"force group" = "users";
"follow symlinks" = "yes";
"wide links" = "yes";
};
};
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = false;
enableBrowserSocket = true;
};
programs.ssh.startAgent = true;
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "no";
services.openssh.settings.PasswordAuthentication = false;
services.openssh.openFirewall = true;
services.sunshine = {
enable = true;
capSysAdmin = true;
openFirewall = true;
autoStart = false;
};
environment.enableAllTerminfo = true;
environment.pathsToLink = [
"/share/zsh"
"/share/bash-completion"
"/share/fish"
];
environment.shells = with pkgs; [
zsh
bashInteractive
fish
];
programs = {
fish.enable = true;
command-not-found.enable = false;
dconf.enable = true;
};
materus.profile.browser.enable = true;
services.davfs2.enable = true;
}
@@ -1,10 +1,45 @@
{ pkgs, config, ... }:
{ config, pkgs, ... }:
{
imports = [
./win-vfio
];
materus.materusArg.materusPC = {
allCores = "0-31";
allCoresMask = "ffffffff";
hostCores = "0-7,16-23";
hostCoresMask = "00ff00ff";
vmCores = "8-15,24-31";
vmCoresMask = "ff00ff00";
};
systemd.mounts = [
{
where = "/dev/hugepages";
enable = false;
}
{
where = "/dev/hugepages/hugepages-2048kB";
enable = true;
what = "hugetlbfs";
type = "hugetlbfs";
options = "pagesize=2M";
requiredBy = [ "basic.target" ];
}
{
where = "/dev/hugepages/hugepages-1048576kB";
enable = true;
what = "hugetlbfs";
type = "hugetlbfs";
options = "pagesize=1G";
requiredBy = [ "basic.target" ];
}
];
virtualisation.libvirtd = {
enable = true;
onBoot = "ignore";
onShutdown = "shutdown";
qemu.ovmf.enable = true;
qemu.ovmf.packages = [ pkgs.OVMFFull.fd ];
qemu.runAsRoot = true;
qemu.swtpm.enable = true;
qemu.package = pkgs.qemu_full;
@@ -20,7 +55,6 @@
libguestfs-with-appliance
];
# Packages for QEMU hooks
systemd.services.libvirtd = {
path =
let
@@ -48,64 +82,4 @@
in
[ env ];
};
# Shared qcow drive
systemd.services.windows-share-mount = {
wantedBy = [ "multi-user.target" ];
path = [
config.virtualisation.libvirtd.qemu.package
pkgs.util-linux
pkgs.kmod
pkgs.coreutils
];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
unitConfig.ConditionPathExists = "/mkk/data/vm/data.qcow2";
script = ''
modprobe nbd max_part=10
sleep 1
qemu-nbd -c /dev/nbd10 /mkk/data/vm/data.qcow2 --discard=unmap
sleep 1
mount /dev/nbd10p1 /mkk/data/mounts/windows -o uid=1000,gid=100
'';
preStop = ''
umount -r /dev/nbd10p1
qemu-nbd -d /dev/nbd10
'';
};
#Hugepages
systemd.mounts = [
{
where = "/dev/hugepages";
enable = false;
}
{
where = "/dev/hugepages/hugepages-2048kB";
enable = true;
what = "hugetlbfs";
type = "hugetlbfs";
options = "pagesize=2M";
requiredBy = [ "basic.target" ];
}
{
where = "/dev/hugepages/hugepages-1048576kB";
enable = true;
what = "hugetlbfs";
type = "hugetlbfs";
options = "pagesize=1G";
requiredBy = [ "basic.target" ];
}
];
virtualisation.libvirtd.qemu.verbatimConfig = ''
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
"/dev/kvmfr0"
]
'';
}
@@ -1,16 +1,9 @@
{ config, pkgs, ... }:
{ config, pkgs, materusArg, ... }:
let
bar0_guest = "15";
bar2_guest = "8";
bar0_host = "15";
bar2_host = "8";
allCores = "0-31";
allCoresMask = "ffffffff";
hostCores = "0-7,16-23";
hostCoresMask = "00ff00ff";
vmCores = "8-15,24-31";
vmCoresMask = "ff00ff00";
bar0_guest="15";
bar2_guest="8";
bar0_host="15";
bar2_host="8";
VM_UUID = "ad2632db-0da0-4204-98b3-0592a185ebd0";
@@ -23,9 +16,8 @@ let
done
renice -n "-10" -p "$QEMU_PID";
'';
startHook =
/*
''
startHook = /*''
# Debugging
exec 19>/home/materus/startlogfile
@@ -36,18 +28,11 @@ let
trap 'exec 2>&4 1>&3' 0 1 2 3
exec 1>/home/materus/startlogfile.out 2>&1
''
+
*/
+*/
''
# Service for my shared qcow2 drive, it's mounted to host when VM not running
systemctl stop windows-share-mount.service
# Stop arch container, script doesnt kill things in container so gpu will be in broken state without it
if [ $(systemctl is-active systemd-nspawn@archlinux) = "active" ]; then
systemctl stop systemd-nspawn@archlinux;
sleep 5s;
while [ $(systemctl is-active systemd-nspawn@archlinux) = "active" ];do sleep 2s; done;
fi
systemctl stop systemd-nspawn@archlinux
# Remember non symlink path to card and render, symlink might get deleted
DRI_RENDER=$(readlink -f /dev/dri/by-path/pci-$VIRSH_GPU_VIDEO-render)
@@ -83,10 +68,10 @@ let
# Set host cgroups and workqueue to use defined cpu cores (I'm using first half of cpu on host, second half on guest)
systemctl set-property --runtime -- user.slice AllowedCPUs=${hostCores}
systemctl set-property --runtime -- system.slice AllowedCPUs=${hostCores}
systemctl set-property --runtime -- init.scope AllowedCPUs=${hostCores}
echo "${hostCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
systemctl set-property --runtime -- user.slice AllowedCPUs=${materusArg.materusPC.hostCores}
systemctl set-property --runtime -- system.slice AllowedCPUs=${materusArg.materusPC.hostCores}
systemctl set-property --runtime -- init.scope AllowedCPUs=${materusArg.materusPC.hostCores}
echo "${materusArg.materusPC.hostCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
# Set performance governor if not set
echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
@@ -113,13 +98,6 @@ let
# echo performance | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor
# Stop arch container, sometimes gpu doesnt return properly if it's active
if [ $(systemctl is-active systemd-nspawn@archlinux) = "active" ]; then
systemctl stop systemd-nspawn@archlinux;
sleep 5s;
while [ $(systemctl is-active systemd-nspawn@archlinux) = "active" ]; do sleep 2s; done;
fi
sysctl vm.stat_interval=1
@@ -142,16 +120,29 @@ let
systemctl start windows-share-mount.service
systemctl set-property --runtime -- user.slice AllowedCPUs=${allCores}
systemctl set-property --runtime -- system.slice AllowedCPUs=${allCores}
systemctl set-property --runtime -- init.scope AllowedCPUs=${allCores}
echo "${allCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
systemctl set-property --runtime -- user.slice AllowedCPUs=${materusArg.materusPC.allCores}
systemctl set-property --runtime -- system.slice AllowedCPUs=${materusArg.materusPC.allCores}
systemctl set-property --runtime -- init.scope AllowedCPUs=${materusArg.materusPC.allCores}
echo "${materusArg.materusPC.allCoresMask}" > /sys/bus/workqueue/devices/writeback/cpumask
'';
in
{
services.udev.extraRules = ''
SUBSYSTEM=="kvmfr", OWNER="root", GROUP="kvm", MODE="0660"
virtualisation.libvirtd.qemu.verbatimConfig = ''
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
"/dev/kvmfr0"
]
'';
virtualisation.libvirtd.hooks.qemu = {
"windows-vfio" = pkgs.writeShellScript "windows.sh" ''
@@ -175,4 +166,22 @@ in
fi
'';
};
systemd.services.windows-share-mount = {
wantedBy = [ "multi-user.target" ];
path = [ config.virtualisation.libvirtd.qemu.package pkgs.util-linux pkgs.kmod pkgs.coreutils ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
script = ''
modprobe nbd max_part=16
sleep 1
qemu-nbd -c /dev/nbd10 /materus/data/VM/data.qcow2 --discard=unmap
sleep 1
mount /dev/nbd10p1 /materus/data/Windows -o uid=1000,gid=100
'';
preStop = ''
umount -r /dev/nbd10p1
qemu-nbd -d /dev/nbd10
'';
};
}
@@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ lib, pkgs, mkk, materusArgs, config, ... }:
{ pkgs, materusArg, config, ... }:
{
imports =
@@ -10,11 +10,13 @@
# Include the results of the hardware scan.
./hardware-configuration.nix
./services
./private
./secrets
];
programs.zsh.enable = true;
environment.etc."current-flake".source = materusArgs.self;
materus.profile.nix.enable = true;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
@@ -70,10 +72,10 @@
extraGroups = [ "wheel" ]; # Enable sudo for the user.
packages = [
];
openssh.authorizedKeys.keyFiles = [ "${mkk.files.ssh-keys.materus}" ];
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
shell = pkgs.zsh;
};
users.users.acme.openssh.authorizedKeys.keyFiles = [ "${mkk.files.ssh-keys.waffentrager}" ];
users.users.acme.openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/waffentrager.pub") ];
users.users.acme.shell = pkgs.scponly;
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -130,37 +132,24 @@
recommendedGzipSettings = true;
};
services.postgresql = {
enable = true;
package = pkgs.postgresql_15;
enableTCPIP = true;
authentication = pkgs.lib.mkOverride 10 ''
local all all trust
'';
};
virtualisation.podman.autoPrune.enable = true;
virtualisation.podman.autoPrune.dates = "daily";
virtualisation.oci-containers.backend = "podman";
nix.settings = {
experimental-features = lib.mkMerge [
[
"nix-command"
"flakes"
]
];
auto-optimise-store = true;
trusted-users = [
"root"
"@wheel"
];
substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
"https://nixerus.cachix.org/"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE="
];
};
security.acme.acceptTerms = true;
security.acme.defaults.email = "materus+acme@podkos.pl";
security.acme.defaults.credentialFiles.OVH_FILE = config.sops.secrets.certs.path;
security.acme.defaults.credentialsFile = config.sops.secrets.certs.path;
security.acme.defaults.dnsResolver = "9.9.9.9:53";
security.acme.certs."materus.pl" = {
domain = "materus.pl";
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ lib, modulesPath, ... }:
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
@@ -22,6 +22,13 @@
fsType = "ext4";
};
fileSystems."/etc/nixos" =
{
device = "/materus/config/nixos-config";
fsType = "none";
options = [ "bind" ];
};
swapDevices = [
{
device = "/swapfile";
@@ -0,0 +1,17 @@
{ ... }:
{
home.stateVersion = "23.05";
home.homeDirectory = "/home/materus";
materus.profile = {
fonts.enable = false;
nixpkgs.enable = false;
enableDesktop = false;
enableTerminal = false;
enableTerminalExtra = false;
enableNixDevel = false;
fish.enable = false;
bash.enable = true;
zsh.enable = true;
};
}
@@ -0,0 +1,35 @@
{ materusCfg, ... }:
{
imports =
[
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
sops.age.generateKey = false;
sops.gnupg.home = null;
sops.gnupg.sshKeyPaths = [ ];
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
sops.secrets.wireguard = { };
sops.secrets.discord-token = {};
sops.secrets.spotify-client-id = {};
sops.secrets.spotify-client-secret = {};
sops.secrets.youtube-api = {};
sops.secrets.certs = {};
sops.secrets.steamladder-api = {};
sops.secrets.webarchive-accesskey = {};
sops.secrets.webarchive-secretkey = {};
services.openssh.hostKeys = [
{
bits = 4096;
path = "/materus/root/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/materus/root/ssh_host_ed25519_key";
type = "ed25519";
}
];
}
@@ -0,0 +1,41 @@
wireguard: ENC[AES256_GCM,data:i98U0ugxbNqWNuKR8u+mdWoSMLViHXfsWRBS1lvjb+hgGxveyzjBcagBIeY=,iv:/hF9oH2R6NSeHT/UQTlbmtx+gPX/3CJOLPNnxrzsY/g=,tag:2ub5w8uH2O1B2hoku8Kowg==,type:str]
discord-token: ENC[AES256_GCM,data:JQ/6MJvBlJpKzs/L0hFB1LPpQSfJvDdEB6YerVZyDqGo7plA0S5wORACgA88Dei1x1NGsXhYtiwT4vE9jjeCOlWXZdl1mA==,iv:BsDu1De0qLX/8VDiZ5co1q1LXxkz/Som9+hvm/67/xU=,tag:YO0wQNF3/AXbifpeAa935Q==,type:str]
spotify-client-id: ENC[AES256_GCM,data:WK7CJGw6mtIG3Jfp59cWx3ool4z1P09TvHcpbOQ2JV0=,iv:EaJ5ecXdmx0Ky+43xZITM811IOo4EisvPSyogXrJXng=,tag:NYTI4vLsWGa695CJ+TIgbw==,type:str]
spotify-client-secret: ENC[AES256_GCM,data:TnR+zLLklTfzMdR4woaZWuMVJQ9VIYsFM588GRO6WCY=,iv:cYiqw8ZdMgLeug4ptwPV3L+MeY6xIldfUBfiYg1mFD8=,tag:YDLh6BXFcBHnpdgM7e87wg==,type:str]
youtube-api: ENC[AES256_GCM,data:qmpFlFvudS9rXQfN+Th/UrPWCW0mg5GkpMucS/01AmOnlChqtojC,iv:q3bKwI2I6BNa3L9ezKCE1fWT/vZLiJ8uzug1z2z+TWA=,tag:gKG3HTz8jp2LAFh8e8O6sg==,type:str]
steamladder-api: ENC[AES256_GCM,data:m30o5atqugwqn/WbXGkUq5GvqiIKQT0kSRQCtHc1Gxk/dC3YcbDvMw==,iv:duLKl1NvysD0XMaUOkl/6nclMQB6seXcQYkGMrm7K7Y=,tag:9dw+UH10uAdca5fVdlw1Mg==,type:str]
webarchive-accesskey: ENC[AES256_GCM,data:jdKlHsZq2Dkk1BcBfUVv5g==,iv:BXCgPb/2W57PYXxRktInz1LxSEwlw6m3xnQU4TOPMeY=,tag:kK4+InaH7K4D4n1hyGaR+w==,type:str]
webarchive-secretkey: ENC[AES256_GCM,data:t7lZ1aA72BrBxaE+jXmE3w==,iv:A8PF/MyRTIluqEzzt4uCw7eNCYDXAt4iB29PSrwlVyY=,tag:6HbtcrFeFcpagjzPXOANzA==,type:str]
certs: ENC[AES256_GCM,data:ttmSNTTx51a3L2HTC8RnSphDLHO2OSyIgXQ0YpZGySTdu69mgEyhaiSi+IAXg/1AHKRjpFJgE4fhsLAiW78pNYb+Zg7aDL47YtABO99sTZrZnBxZo6k6itpZ3oClDch2ZALzoXChLroc0tUbZKwsfOwGe3pw9lOJZJT34AhV+BVoXDDLQcpQoxz23Baa8oxklecT6wpJ1u1nW+aAHw33gm41Vw==,iv:b0aNZwaRKBg+ipe5+19BowyFbCjZt52S738om6emYGo=,tag:lUqtcc4vVWKx/fnc19vj7A==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1wscr6kv8393wv0fjaux8juplaxq55znlzrp62qyteq0fauu3yg0s7d7k98
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSRXNLdUZaVU13alNhVGgz
aXdMb3IzNjNQcHJFV2JLNVM2SUVBa3VNZlRFCkxxd21CTWVDUkVXbzR6ZEkxbm5J
VGorSkp6a2xSdHRHcFk5T3VYVlJJa0UKLS0tIE1WdHo5eTlpNEEyN25oSjk1KzdS
d2dMUUh1RDB3UnpEdFJsNHpQRXFWemMKc41dlOapTsvH91QLNhdPbrzerPFakOiX
J/uoZDMIhsmQxgQM7Fqxr05NywhI/ZjOtJS2bayp73O57xjjMYcyNQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-18T09:01:39Z"
mac: ENC[AES256_GCM,data:CVsqff1qCcxyQ0e78ewottYKgqA2rG3j1m8X0Sb8If3qibAiBMMblc8T0doB+Fg4dVhPpbJSZdCx4JiV7sHopv2wNdguXd6Xe0L8iJqWtBeHTGTxSLvJ8UIHknak9c+JeQzZz8jAkbHYUXsc7VyeJaXoQptosz1BbE74D48Xjrg=,iv:0e+etjwabJx7PXgDUoh41Ha3aziQxBlH6QJZGG02ME0=,tag:oQIf503tmFlPoLE5d8Y24w==,type:str]
pgp:
- created_at: "2024-03-21T22:55:36Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4D5fSX77p80GYSAQdA667A9P/3ktuS2iEjxkv3aYMAGSu0oPGIX7dsC23VVgkw
OmcwhXxBnipcG+izbtNylXz5VonyyKHwdR2QIgkt9FEuC8lI17GHVyogTCFiP7Dj
1GgBCQIQN4EqFdiXqzJUeeE+PdOzVPs+1kStz+S1H22NjrJAFv67cbyIgwpItuXD
Sfao+MU1HWDY4iKZrcfWArUgpQj/pvsmUeJ72iXD3bkTTrK61g3GZA+g9lFewl/B
SORJMu9btS4GAw==
=aBMP
-----END PGP MESSAGE-----
fp: 28D140BCA60B4FD1
unencrypted_suffix: _unencrypted
version: 3.8.1
@@ -1,11 +1,12 @@
{
config,
pkgs,
lib,
mkk,
materusArg,
...
}:
{
options.valkyrieService.dcbot.enable = mkk.lib.mkBoolOpt false "Enable muse bot";
options.valkyrieService.dcbot.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable muse bot";
config =
let
@@ -27,7 +28,7 @@
"d /var/lib/muse 0776 root root -"
];
virtualisation.oci-containers.containers.dcbot = {
image = "sl33ping/muse:pr-1195";
image = "ghcr.io/museofficial/muse:latest";
volumes = [ "/var/lib/muse:/data" ];
environmentFiles = [ config.sops.templates."muse.env".path ];
};
@@ -1,6 +1,6 @@
{ config, pkgs, lib, mkk, ... }:
{ config, pkgs, lib, materusArg, ... }:
{
options.valkyrieService.pihole.enable = mkk.lib.mkBoolOpt false "Enable pihole";
options.valkyrieService.pihole.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable pihole";
options.valkyrieService.pihole.dnsIP = lib.mkOption { default = "127.0.0.1"; };
options.valkyrieService.pihole.webIP = lib.mkOption { default = "127.0.0.1"; };
@@ -1,4 +1,4 @@
{ config, pkgs, lib, mkk, ... }:
{ config, pkgs, lib, materusArg, ... }:
let
socketPath = "/run/pleroma/http.sock";
@@ -41,7 +41,7 @@ let
in
{
options.valkyrieService.pleroma.enable = mkk.lib.mkBoolOpt false "Enable pleroma";
options.valkyrieService.pleroma.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable pleroma";
config = lib.mkIf config.valkyrieService.pleroma.enable {
systemd.tmpfiles.rules = [
"d /var/lib/pleroma 0766 pleroma pleroma -"
@@ -1,6 +1,6 @@
{ config, pkgs, lib, mkk, ... }:
{ config, pkgs, lib, materusArg, ... }:
{
options.valkyrieService.secureyoursoul.enable = mkk.lib.mkBoolOpt false "Enable secureyoursoul, web archive";
options.valkyrieService.secureyoursoul.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable secureyoursoul, web archive";
@@ -41,8 +41,8 @@
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = false;
script = ''
STEAM_IDS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" mkk.to_save.steamids })
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" mkk.to_save.extraLinks-steam })
STEAM_IDS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" materusArg.to_save.steamids })
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" materusArg.to_save.extraLinks-steam })
steamladder() {
for id in ''${STEAM_IDS[@]}; do
@@ -92,7 +92,7 @@
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = false;
script = ''
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" mkk.to_save.extraLinks1 })
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" materusArg.to_save.extraLinks1 })
webarchive(){
for link in ''${EXTRA_LINKS[@]}; do
curl -X POST -H "Accept: application/json" \
@@ -116,7 +116,7 @@
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = false;
script = ''
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" mkk.to_save.extraLinks2 })
EXTRA_LINKS=( ${ builtins.foldl' (x: y: x +"\""+ y + "\" ") "" materusArg.to_save.extraLinks2 })
webarchive(){
for link in ''${EXTRA_LINKS[@]}; do
curl -X POST -H "Accept: application/json" \
@@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, mkk, lib, materusArgs, ... }:
{ config, pkgs, materusArg, ... }:
{
imports =
@@ -12,32 +12,7 @@
];
networking.firewall.allowedTCPPorts = [ 1900 ];
networking.firewall.allowedUDPPorts = [ 1900 7359];
environment.etc."current-flake".source = materusArgs.self;
nix.settings = {
experimental-features = lib.mkMerge [
[
"nix-command"
"flakes"
]
];
auto-optimise-store = true;
trusted-users = [
"root"
"@wheel"
];
substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
"https://nixerus.cachix.org/"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE="
];
};
materus.profile.nixpkgs.enable = true;
environment.systemPackages = with pkgs; [
libraspberrypi
raspberrypi-eeprom
@@ -64,11 +39,24 @@
users.users.materus = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keyFiles = [ mkk.files.ssh-keys.materus ];
openssh.authorizedKeys.keyFiles = [ ("${materusArg.cfg.path}" + "/extraFiles/keys/ssh/materus.pub") ];
hashedPasswordFile = config.sops.secrets."users/materus".path;
shell = pkgs.zsh;
};
nix = {
settings = {
auto-optimise-store = true;
experimental-features = [ "nix-command" "flakes" "no-url-literals" ];
trusted-users = [ "root" "@wheel" ];
substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
"https://nixerus.cachix.org/"
];
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixerus.cachix.org-1:2x7sIG7y1vAoxc8BNRJwsfapZsiX4hIl4aTi9V5ZDdE=" ];
};
};
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
@@ -160,8 +148,6 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
nixpkgs.config.allowUnfree = true;
programs.zsh.enable = true;
system.stateVersion = "23.11"; # Did you read the comment?
}
@@ -1,10 +1,10 @@
{ config, pkgs, ... }:
{ config, pkgs, materusCfg, ... }:
{
imports = [
materusCfg.configInputs.nixos-hardware.nixosModules.raspberry-pi-4
./configuration.nix
./private
./secrets
./services
];
@@ -1,27 +1,14 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, materusArgs, ... }:
let
crossPkgs = import pkgs.path {
localSystem = "x86_64-linux";
crossSystem = pkgs.stdenv.hostPlatform.system;
};
rpi4-kernel =
crossPkgs.callPackage (materusArgs.inputs.nixos-hardware.outPath + "/raspberry-pi/common/kernel.nix")
{
rpiVersion = 4;
};
in
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
materusArgs.inputs.nixos-hardware.nixosModules.raspberry-pi-4
];
#boot.kernelPackages = pkgs.linuxPackagesFor materusArgs.inputs.nixos-hardware.packages.aarch64-linux.rpi4-kernel;
boot.kernelPackages = crossPkgs.linuxPackagesFor rpi4-kernel;
boot.kernelPackages = pkgs.linuxPackages_rpi4;
boot.initrd.availableKernelModules = [ "xhci_pci" "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
@@ -34,6 +21,13 @@ in
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
fileSystems."/etc/nixos" =
{
device = "/materus/config/nixos-config";
fsType = "none";
options = [ "bind" ];
};
swapDevices = [{
device = "/var/.swapfile";
size = 8 * 1024;
@@ -0,0 +1,17 @@
{ config, pkgs, lib, ... }:
{
home.stateVersion = "23.11";
home.homeDirectory = "/home/materus";
materus.profile = {
fonts.enable = false;
nixpkgs.enable = false;
enableDesktop = false;
enableTerminal = false;
enableTerminalExtra = false;
enableNixDevel = false;
fish.enable = false;
bash.enable = true;
zsh.enable = true;
};
}
@@ -0,0 +1,38 @@
{ materusCfg, ... }:
{
imports =
[
] ++ (if (materusCfg.materusFlake.decrypted) then [ ./private ] else [ ]);
sops.age.generateKey = false;
sops.gnupg.home = null;
sops.gnupg.sshKeyPaths = [ ];
sops.defaultSopsFile = materusCfg.hostPath + "/secrets/secrets.yaml";
services.openssh.hostKeys = [
{
bits = 4096;
path = "/materus/root/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/materus/root/ssh_host_ed25519_key";
type = "ed25519";
}
];
sops.secrets.wireguard = { };
sops.secrets."users/materus" = { neededForUsers = true; };
sops.secrets.elements = { };
sops.secrets.nextcloud-adminpass = { };
sops.secrets.maloja = { };
sops.secrets.maloja-api = { };
sops.secrets.spotify-client-id = {};
sops.secrets.spotify-client-secret = {};
sops.secrets.lastfm-user= {};
sops.secrets.lastfm-pass = {};
sops.secrets.lastfm-api = {};
sops.secrets.lastfm-secret = {};
sops.secrets.lastfm-token = {};
sops.secrets.listenbrainz-api = {};
}
@@ -0,0 +1,52 @@
wireguard: ENC[AES256_GCM,data:fFQKj78HGLDmslDST+usAZxWDanHkUORBgIeOb7lQN4EPXdz6mQODHhn1ek=,iv:/BbbiFlfk8fMX4yFgVXuYkxitbRJqai5PHku2wZUFw4=,tag:cutoXkApljbB3bgSvaS1LQ==,type:str]
nextcloud-adminpass: ENC[AES256_GCM,data:5vohRPEcJJ8gIRro38O73ufSYYEp1DXpBgjCPdPnMcg=,iv:STh3k5wUwx3AfSDTPCXhuXbPb3d+Vi1cAaQN2a9eW1w=,tag:Ef/Z2Idvl6575Jvs2GDJ8A==,type:str]
jwt: ENC[AES256_GCM,data:1Qn7DaBZr8vEa8VZiv2BpwePPOBYRTdHEiDv0asUbvhCtfHvhG4mX5/plyRPlQok6FLEjEzKZTEdnvyyOtFEgA==,iv:kqfHkEr0jkKAro9gQup6CeopQnjfMGhEqbVL81wnDgc=,tag:gP/WACy5cOzzmQOh1v8wsQ==,type:str]
lldap-database: ENC[AES256_GCM,data:rNLS4WwvqRd3TFWDXaf8UmDTRsHZNPPS,iv:URV4Oz4ik2vHb03+Zh7ND+AbozSmoXpxENpvad4yvRI=,tag:6TbuMCnHwtTaG5mMWVN/mQ==,type:str]
authelia-storagekey: ENC[AES256_GCM,data:T5b5QWf6vlGHniuUic0tEFSJNNWaFbvi3emZOWEQz0AhNqDpxJZqO57KdjZ02NVMoxHN54c0ChWlHRCoAj234A==,iv:Rch5RQ0oblTTWXz0it7zZuYQNYhYMa0MsorAx9N4GV0=,tag:+GlwGnPXLukzDnW6BUf6Hg==,type:str]
authelia-database: ENC[AES256_GCM,data:XZYk4clzLaMb3/plELOnEoy4bwu/YSQg,iv:TGDKjLdcdmwEI12XDDNGHTgYnJxB+vV6RaomKU+jwpY=,tag:c/p7X4tzPWWiLvAL7DJmYg==,type:str]
ldap-master: ENC[AES256_GCM,data:jiinK8xzuKiTwB9k44okgj+sWWEgbeay,iv:Slvci3EBylIbP/I6NFIJTd3eitxVApXrORtnXY48eGg=,tag:OwaVYBNxNbQyIHrqOcUGhg==,type:str]
elements: ENC[AES256_GCM,data:Kh6ueReXpj9h5yQ3P0qY8X1ow4RRZD9zyXZLS6DUIIVuthgqgu9dPzBc7ojnz6nXoYTHt1I2LJJKLOGQYZC+iVxXOk+QADJMPwY4NCyeZ3prgvYMghlD,iv:WFA/UQ0XDFjpbgaDEacrBxkteLitXv3CJP54ANVSJHM=,tag:M+tTpTR0alvQxvUiP2MWlA==,type:str]
users:
materus: ENC[AES256_GCM,data:MhPrMJ4/0oxEsFZDUKcYb3WMUWLI2ZbRTgnh1fQZG1Ly2J781jcUWtA8vVAdMBedNfWky0mDq5+KEQ/2fJNGU4IkTBvLdAqnWw==,iv:Dpl+M+x1weNIVkEsf3I/uXpG0SM6bDz+d9w7AYwn/MY=,tag:yGc1D2ODp6Te/QAztOj7yA==,type:str]
maloja: ENC[AES256_GCM,data:V/WV0181zupKLiDtf5pinwYFFzL1hg+j,iv:KmGHapsD7thnmgkHwnTYFP/fvBS6dft9ZmmFN4AZEXs=,tag:uEmZaFkvBIQfu+3+0gQFlg==,type:str]
maloja-api: ENC[AES256_GCM,data:8vLC1a5pL8ldS7LWXqA/HOqtnyYFQk7/oisGgOOYH7TtnpBL93I2O3mWQIGCZUwWqMWFLvbOxIAnpoS0Qmg=,iv:swziHFypoh1YZkyEpDhqH2BhqUrWi0J63CqzORyY4s4=,tag:B9kkYHqyWP0KGPMD4S1I1A==,type:str]
spotify-client-id: ENC[AES256_GCM,data:2vC2E7rHBrZ2VHTGqYRJp1fWNWprDaYq4J6gJ7tTfF0=,iv:KQJgzUiD70N2vQeTO9r8ucC96xc9mSW9VlU2IGmKT7Y=,tag:kWR+1Hhb4yGK/AAqxMCd3A==,type:str]
spotify-client-secret: ENC[AES256_GCM,data:MKHo36AF1hHiXERltKdeMiuMhiGyyH8E3TqQfTf1tqc=,iv:/dPWUqjDtxZUOLZRx2lrHuU5Sf2fch2Fvnl+20KZ5dk=,tag:ZgsbCFBNHXSUuHbdSlrm4w==,type:str]
lastfm-user: ENC[AES256_GCM,data:o/FUjIiB9PcFTQ==,iv:UtovNmHISz9jUj+HFZPIduZj6h3ayjA5RyVlh11k8LM=,tag:bS3ReGR2BRcs3lcutt95UQ==,type:str]
lastfm-pass: ENC[AES256_GCM,data:g90kxN+HkSqN+B9XFH6AvbD376bHFPVI,iv:ZRxKxdKXIgKOm7TKKPLR1yLzTBjuCWQk4tTJN5d/0N4=,tag:soIJI75WAhoiXwVYlxkmQA==,type:str]
lastfm-api: ENC[AES256_GCM,data:UxGOqFEsjDb5zBXjm6G+66zlr5M0pk/NdTad3a5MBVE=,iv:3v9Lg0bjmlAhcSOjCW44CN7FezSdNG3KVVLrk1G9Ies=,tag:amgDr25PYiB+E7+D/fVEOw==,type:str]
lastfm-secret: ENC[AES256_GCM,data:z+XqodyRm9qnZwYwdON/KwAQ3E6hSI+mA0Nby0PQVT4=,iv:sY3Eqr7ZCx5lwjZaRFSghx/3OjuWlDQHQywgt7LpoIo=,tag:f7j1PFanHfLdDK+ASusCMA==,type:str]
lastfm-token: ENC[AES256_GCM,data:X877lDOXtou5OF0KbkvuJ4rhJ+3IY5XnyXlqq4LuSb8=,iv:f8t36ut6zlHvBuKGmJabyc9nHViQvUcqNvCVy0YIeB8=,tag:0h9Jm1h2cxegUXXk6UTz9Q==,type:str]
listenbrainz-api: ENC[AES256_GCM,data:eh03MPc5kn7CUDXXnEJTx4DXv9BpyabyRL+ENDFJw+kS66tV,iv:gerOaZ3gqM7ccLursFuCJrW1HcSjlTGk0wOLM8x4/2A=,tag:ZqxYNlgdqV0zRUUHm7VK3Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1j34lqh0z6ak2c94n564wgyjeykn9srma34f5e5e7xvf498fwk3rqxvwx0l
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvejRrcGVwZHNkTVB5dkYr
RnhVVjNEblFVd0xXSStqdjFhWVVNS3ljUTNZCnBFVmRRVVVENGhJUVg2L1lSM1NO
dkQydVhOaFVxd0p0aFhVcmp6eXdGeVEKLS0tIFIvRDlvZDdsbm1USEZUZ3FYMmla
eFN4VVdUMkVjcTVWNFdLM0xtbExLdncK6LYUufWzIcd2jFyEeZDypo0xkJQ4z91F
ULyGxJLLWl6/inYXtxHNdxIIPfwW+5yppBAbXaOgvABi1E7tf1JZcA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-13T18:29:55Z"
mac: ENC[AES256_GCM,data:djOmSpNrZoFgUK4JlueCUpZtvHldVEsH90ASO+strLJ7wd1MEFdQaYyNonvTaUUzJQkUncyX3cXdO9Aoj9B6CPSKAuSKE7LRScCCXn+OezwUB5d5m/jLy4KmRhtADO0QHap4+/3fXzOupsHyZpVMIjwUw4tJ9MZMT8iMtbaHv2A=,iv:x4RaxRelUOyyTWpTLFRik92TibE+2mFctz/OYHvBoZA=,tag:S9dIzTc7rVBSFXUISuEDAQ==,type:str]
pgp:
- created_at: "2024-03-21T18:15:00Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4D5fSX77p80GYSAQdAWetrf0jhs/b9qcQc4b21+PJUPdSjk372BjokfwJ2oXQw
4LaIaNB3LRmY4FF3UOqk28NwkwBw6n0AzYKC/k1G4ntaNBMI9eDtFJ1c1+KkxSl2
1GYBCQIQMCKcu2aBEMiIGOyG08vcRW2T23DUAfTQqQdRKD/SgSTqAZLSICVJ91xU
TBsdiPBKO2cRDfPc7DlVLbPNe/SUqVUX9N4GTGPUocXc1s6lvgx3NBP5cGoSNx+A
xCmXl373IDc=
=uSyc
-----END PGP MESSAGE-----
fp: 28D140BCA60B4FD1
unencrypted_suffix: _unencrypted
version: 3.8.1
@@ -1,6 +1,6 @@
{ config, pkgs, lib, mkk, ... }:
{ config, pkgs, lib, materusArg, ... }:
{
options.waffentragerService.auth.authelia.enable = mkk.lib.mkBoolOpt false "Enable authelia";
options.waffentragerService.auth.authelia.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable authelia";
config =
let
cfg = config.waffentragerService.auth.authelia;
@@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ config, materusArg, lib, pkgs, ... }:
{
imports =
[
@@ -1,12 +1,6 @@
{ config, pkgs, lib, materusArg, ... }:
{
config,
pkgs,
lib,
mkk,
...
}:
{
options.waffentragerService.auth.lldap.enable = mkk.lib.mkBoolOpt false "Enable lldap";
options.waffentragerService.auth.lldap.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable lldap";
config =
let
cfg = config.waffentragerService.auth.lldap;
@@ -30,7 +24,7 @@
proxy_set_header X-Forwarded-Proto $scheme;
allow ${mkk.wireguard.ip-masks.main};
allow ${materusArg.ip-masks.wireguard.main};
allow 192.168.100.0/24;
deny all;
'';
@@ -50,28 +44,19 @@
group = "lldap";
isSystemUser = true;
};
sops.secrets.jwt = {
owner = "lldap";
group = "lldap";
mode = "0440";
};
sops.secrets."lldap-database" = {
owner = "lldap";
group = "lldap";
};
sops.secrets.jwt = { owner = "lldap"; group = "lldap"; mode = "0440"; };
sops.secrets."lldap-database" = { owner = "lldap"; group = "lldap"; };
services.lldap.enable = true;
services.lldap.environmentFile = config.sops.templates."lldap.env".path;
sops.templates."lldap.env" = {
content = ''
LLDAP_JWT_SECRET_FILE="${config.sops.secrets.jwt.path}"
LLDAP_DATABASE_URL="postgres://lldap:${
config.sops.placeholder."lldap-database"
}@%2Fvar%2Frun%2Fpostgresql/lldap"
LLDAP_DATABASE_URL="postgres://lldap:${config.sops.placeholder."lldap-database"}@%2Fvar%2Frun%2Fpostgresql/lldap"
'';
owner = "lldap";
group = "lldap";
};
services.lldap.silenceForceUserPassResetWarning = true;
services.lldap.settings = {
ldap_base_dn = "dc=podkos,dc=pl";
@@ -80,8 +65,7 @@
ldap_user_dn = "master";
ldap_user_email = "materus@podkos.pl";
ldap_port = 3890;
key_seed = mkk.waffentrager.lldap.seed;
ldap_user_pass_file = config.sops.secrets.LLDAP_LDAP_USER_PASS_FILE.path;
key_seed = materusArg.waffentrager.lldap.seed;
};
};
}
@@ -26,5 +26,5 @@
waffentragerService.scrobbling.enable = true;
waffentragerService.syncthing.enable = true;
waffentragerService.monitoring.enable = false;
waffentragerService.monitoring.enable = true;
}
@@ -1,6 +1,6 @@
{ config, lib, mkk, ... }:
{ materusArg, config, lib, ... }:
{
options.waffentragerService.monitoring.enable = mkk.lib.mkBoolOpt false "Enable monitoring";
options.waffentragerService.monitoring.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable monitoring";
config =
let
cfg = config.waffentragerService.monitoring;
@@ -1,6 +1,6 @@
{ lib, config, mkk, ... }:
{ lib, config, materusArg, ... }:
{
options.waffentragerService.jellyfin.enable = mkk.lib.mkBoolOpt false "Enable jellyfin";
options.waffentragerService.jellyfin.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable jellyfin";
config =
let
@@ -1,6 +1,6 @@
{ config, pkgs, lib, mkk, ... }:
{ config, pkgs, lib, materusArg, ... }:
{
options.waffentragerService.scrobbling.enable = mkk.lib.mkBoolOpt false "Enable scrobbling";
options.waffentragerService.scrobbling.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable scrobbling";
@@ -196,7 +196,7 @@ metadata_providers = ["spotify","deezer","lastfm","audiodb","musicbrainz"]
locations."/" = {
proxyPass = "http://127.0.0.1:42011";
extraConfig = ''
allow ${mkk.wireguard.ip-masks.main};
allow ${materusArg.ip-masks.wireguard.main};
allow 192.168.100.0/24;
deny all;
proxy_http_version 1.1;
@@ -1,6 +1,6 @@
{ config, lib, pkgs, mkk, ... }:
{ materusArg, config, lib, pkgs, ... }:
{
options.waffentragerService.nginx.enable = mkk.lib.mkBoolOpt false "Enable nginx";
options.waffentragerService.nginx.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable nginx";
config =
@@ -1,6 +1,6 @@
{ config, lib, pkgs, mkk, ... }:
{ materusArg, config, lib, pkgs, ... }:
{
options.waffentragerService.postgresql.enable = mkk.lib.mkBoolOpt false "Enable postgresql";
options.waffentragerService.postgresql.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable postgresql";
options.waffentragerService.postgresql.version = lib.mkOption { default = "16"; };
config =
@@ -1,6 +1,6 @@
{ mkk, config, lib, pkgs, ... }:
{ materusArg, config, lib, pkgs, ... }:
{
options.waffentragerService.elements.enable = mkk.lib.mkBoolOpt false "Enable elements drive";
options.waffentragerService.elements.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable elements drive";
options.waffentragerService.elements.path = lib.mkOption { default = "/var/lib/elements"; };
options.waffentragerService.elements.uuid = lib.mkOption { default = "e32039c6-e98d-44b0-8e7d-120994bf7be1"; };
options.waffentragerService.elements.postgresqlDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/postgresql"; };
@@ -1,6 +1,6 @@
{ config, lib, mkk, ... }:
{ materusArg, config, lib, ... }:
{
options.waffentragerService.gitea.enable = mkk.lib.mkBoolOpt false "Enable gitea";
options.waffentragerService.gitea.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable gitea";
config =
@@ -0,0 +1,20 @@
{ materusArg, config, lib, pkgs, ... }:
{
options.waffentragerService.mount-acme.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable mount-acme";
config =
let
cfg = config.waffentragerService.mount-acme;
in
lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ sshfs ];
systemd.mounts = [{
description = "Mount remote acme dir from valkyrie";
what = "acme@valkyrie:/var/lib/acme";
where = "/var/lib/mnt_acme";
type = "fuse.sshfs";
options = "reconnect,gid=${builtins.toString config.ids.gids.nginx},_netdev,rw,nosuid,allow_other,default_permissions,follow_symlinks,idmap=user,compression=yes,identityfile=/materus/root/ssh_host_ed25519_key";
wantedBy = [ "multi-user.target" ];
}];
};
}
@@ -1,12 +1,6 @@
{ materusArg, config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
mkk,
...
}:
{
options.waffentragerService.nextcloud.enable = mkk.lib.mkBoolOpt false "Enable nextcloud";
options.waffentragerService.nextcloud.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable nextcloud";
config =
let
@@ -16,24 +10,19 @@
waffentragerService.elements.enable = true;
waffentragerService.postgresql.enable = true;
waffentragerService.nginx.enable = true;
environment.systemPackages = [
pkgs.samba
pkgs.exiftool
pkgs.ffmpeg-headless
];
environment.systemPackages = [ pkgs.samba pkgs.exiftool pkgs.ffmpeg-headless ];
sops.secrets.nextcloud-adminpass.owner = config.users.users.nextcloud.name;
sops.secrets.nextcloud-adminpass.group = config.users.users.nextcloud.group;
services.postgresql.ensureDatabases = [ "nextcloud" ];
services.postgresql.ensureUsers = [
{
services.postgresql.ensureUsers = [{
name = "nextcloud";
ensureDBOwnership = true;
}
];
}];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud33;
notify_push.enable = true;
package = pkgs.nextcloud31;
hostName = "waffentrager.materus.pl";
home = config.waffentragerService.elements.nextcloudDir;
config.adminuser = "nextcloud-master";
@@ -47,18 +36,15 @@
webfinger = true;
appstoreEnable = true;
database.createLocally = true;
extraApps = with pkgs.nextcloud33Packages.apps; {
nginx.recommendedHttpHeaders = true;
extraApps = with pkgs.nextcloud31Packages.apps; {
inherit notify_push previewgenerator;
};
settings = {
log_type = "file";
"profile.enabled" = true;
default_phone_region = "PL";
trusted_proxies = [
mkk.network.valkyrie.ip
mkk.wireguard.peers.valkyrie.ip
mkk.wireguard.peers.waffentrager.ip
];
trusted_proxies = [ materusArg.ips.valkyrie materusArg.ips.wireguard.valkyrie materusArg.ips.wireguard.waffentrager ];
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
enable_previews = true;
@@ -88,7 +74,7 @@
phpOptions = {
"opcache.memory_consumption" = "512";
"opcache.interned_strings_buffer" = "64";
"opcache.max_accelerated_files" = "50000";
"opcache.max_accelerated_files"="50000";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "128M";
"opcache.validate_timestamps" = "0";
@@ -96,13 +82,7 @@
"opcache.fast_shutdown" = "1";
"opcache.save_comments" = "1";
};
phpExtraExtensions = ex: [
ex.zip
ex.zlib
ex.tidy
ex.smbclient
ex.sodium
];
phpExtraExtensions = ex: [ ex.zip ex.zlib ex.tidy ex.smbclient ex.sodium ];
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
@@ -1,6 +1,6 @@
{ lib, pkgs, config, mkk, ... }:
{ lib, pkgs, materusArg, config, ... }:
{
options.waffentragerService.samba.enable = mkk.lib.mkBoolOpt false "Enable samba";
options.waffentragerService.samba.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable samba";
config =
let
@@ -31,7 +31,7 @@
"server string" = "smbwaffentrager";
"netbios name" = "smbwaffentrager";
"security" = "user";
"hosts allow" = "${mkk.wireguard.sambaIp} 192.168.100. 127.0.0.1 localhost";
"hosts allow" = "${materusArg.wireguard.sambaIp} 192.168.100. 127.0.0.1 localhost";
"hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
@@ -1,6 +1,6 @@
{ lib, config, mkk, ... }:
{ lib, pkgs, materusArg, config, ... }:
{
options.waffentragerService.syncthing.enable = mkk.lib.mkBoolOpt false "Enable syncthing";
options.waffentragerService.syncthing.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable syncthing";
config =
let
+28
View File
@@ -0,0 +1,28 @@
{ config, pkgs, lib, materusCfg, ... }:
let
materusArg = {
pkgs = (import materusCfg.nixerus { inherit pkgs; }) //
(if pkgs.system == "x86_64-linux" then { i686Linux = import materusCfg.nixerus { pkgs = pkgs.pkgsi686Linux; }; } else { });
cfg = materusCfg;
unstable = import materusCfg.materusFlake.inputs.nixpkgs { system = materusCfg.arch; config = { allowUnfree = true; nvidia.acceptLicense = true; }; };
};
in
{
imports = [
./nixpkgs.nix
./packages
./private
];
options.materus.materusArg = lib.mkOption { default = { }; };
config._module.args.materusArg = config.materus.materusArg // materusArg;
config.assertions = [
{
assertion = materusCfg.materusFlake.decrypted;
message = "Repository not decrypted, use crypt.sh to decrypt";
}
];
}
+99
View File
@@ -0,0 +1,99 @@
{ config, pkgs, lib, materusArg, materusCfg, ... }:
let
mkBoolOpt = default: description: lib.mkOption {
inherit default;
inherit description;
type = lib.types.bool;
example = true;
};
cfg = config.materus.profile.nixpkgs;
in
{
options.materus.profile.nixpkgs.enable = mkBoolOpt false "Enable materus nixpkgs config";
options.materus.profile.nixpkgs.enableOverlays = mkBoolOpt (cfg.enable) "Enable materus overlays";
options.materus.profile.nix.enableRegistry = mkBoolOpt (!materusCfg.isHm) "Enable materus nix registry";
config.nixpkgs.config = lib.mkIf cfg.enable {
allowUnfree = lib.mkDefault true;
joypixels.acceptLicense = lib.mkDefault true;
};
config.nixpkgs.overlays = lib.mkIf cfg.enableOverlays [ materusArg.cfg.configInputs.emacs-overlay.overlay ];
config.nix.package = lib.mkDefault pkgs.nixVersions.latest;
config.nix.registry = lib.mkIf config.materus.profile.nix.enableRegistry {
nixpkgs-stable = {
from = { type = "indirect"; id = "nixpkgs-stable"; };
flake = materusCfg.materusFlake.inputs.nixpkgs-stable;
};
nixpkgs-unstable = {
from = { type = "indirect"; id = "nixpkgs-unstable"; };
flake = materusCfg.materusFlake.inputs.nixpkgs;
};
nixpkgs = {
from = { type = "indirect"; id = "nixpkgs"; };
flake = materusCfg.configInputs.nixpkgs;
};
emacs-overlay = {
from = { type = "indirect"; id = "emacs-overlay"; };
flake = materusCfg.configInputs.emacs-overlay;
};
flake-utils = {
from = { type = "indirect"; id = "flake-utils"; };
flake = materusCfg.configInputs.flake-utils;
};
nixos-hardware = {
from = { type = "indirect"; id = "nixos-hardware"; };
flake = materusCfg.configInputs.nixos-hardware;
};
nixerus = {
from = { type = "indirect"; id = "nixerus"; };
flake = materusCfg.configInputs.nixerus;
};
devshell = {
from = { type = "indirect"; id = "devshell"; };
flake = materusCfg.configInputs.devshell;
};
home-manager = {
from = { type = "indirect"; id = "home-manager"; };
flake = materusCfg.configInputs.home-manager;
};
sops-nix = {
from = { type = "indirect"; id = "sops-nix"; };
flake = materusCfg.configInputs.sops-nix;
};
base16 = {
from = { type = "indirect"; id = "base16"; };
flake = materusCfg.configInputs.base16;
};
git-agecrypt = {
from = { type = "indirect"; id = "git-agecrypt"; };
flake = materusCfg.configInputs.git-agecrypt;
};
plasma-manager = {
from = { type = "indirect"; id = "plasma-manager"; };
flake = materusCfg.configInputs.plasma-manager;
};
nur = {
from = { type = "indirect"; id = "nur"; };
flake = materusCfg.configInputs.nur;
};
nix-vscode-extensions = {
from = { type = "indirect"; id = "nix-vscode-extensions"; };
flake = materusCfg.configInputs.nix-vscode-extensions;
};
};
}
@@ -0,0 +1,76 @@
{
config,
pkgs,
lib,
materusArg,
...
}:
with materusArg.pkgs.lib;
{
imports = [ ./fonts.nix ];
#Single Packages
options.materus.profile.packages.home-manager =
mkPrivateVar
materusArg.cfg.configInputs.home-manager.packages.${pkgs.system}.home-manager;
options.materus.profile.packages.firefox = mkPrivateVar (
pkgs.firefox.override { nativeMessagingHosts = [ pkgs.plasma-browser-integration ]; }
);
#Package Lists
options.materus.profile.packages.list.nixRelated = mkPrivateVar (
with pkgs;
[
nix-prefetch
nix-prefetch-scripts
nix-prefetch-github
nix-prefetch-docker
nixfmt-rfc-style
nix-top
nix-tree
nix-diff
nix-ld
nixpkgs-fmt
nixpkgs-review
]
);
options.materus.profile.packages.list.desktopApps = mkPrivateVar (
with pkgs;
[
(discord.override {
nss = nss_latest;
withOpenASAR = true;
withTTS = true;
})
tdesktop
syncplay
ani-cli
nextcloud-client
spotify
thunderbird
keepassxc
(aspellWithDicts (
ds: with ds; [
en
en-computers
en-science
pl
]
))
onlyoffice-bin
qalculate-qt
]
);
options.materus.profile.packages.list.terminalApps = mkPrivateVar (
with pkgs;
[
neofetch
ripgrep
fd
micro
]
);
}
@@ -0,0 +1,38 @@
{ pkgs, lib, ... }:
let
defaultFonts = [
pkgs.dejavu_fonts
pkgs.freefont_ttf
pkgs.gyre-fonts
pkgs.liberation_ttf
pkgs.unifont
];
fonts = [
pkgs.noto-fonts
pkgs.noto-fonts-extra
pkgs.noto-fonts-emoji
pkgs.noto-fonts-cjk-sans
pkgs.noto-fonts-cjk-serif
pkgs.wqy_zenhei
pkgs.corefonts
pkgs.hack-font
pkgs.nerd-fonts.hack
] ++ defaultFonts;
moreFonts = [
pkgs.ubuntu_font_family
pkgs.monocraft
pkgs.nerd-fonts.droid-sans-mono
pkgs.nerd-fonts.meslo-lg
pkgs.nerd-fonts.profont
pkgs.nerd-fonts.fira-code
];
in
{
options.materus.profile.packages.list.fonts = lib.mkOption { default = fonts; readOnly = true; visible = false; };
options.materus.profile.packages.list.moreFonts = lib.mkOption { default = moreFonts; readOnly = true; visible = false; };
}
Binary file not shown.
+16
View File
@@ -0,0 +1,16 @@
{
osProfile = {
imports = [
./os
./common
];
};
homeProfile = {
imports = [
./common
./home
];
};
}
+25
View File
@@ -0,0 +1,25 @@
{ config, lib, pkgs, materusArg, ... }:
let
cfg = config.materus.profile.browser;
osConfig = (if (builtins.hasAttr "osConfig" config._module.args) then config._module.args.osConfig else null);
in
{
options = let mkBoolOpt = materusArg.pkgs.lib.mkBoolOpt; in {
materus.profile.browser.firefox.enable = mkBoolOpt false "Enable Firefox with materus cfg";
materus.profile.browser.vivaldi.enable = mkBoolOpt false "Enable Vivaldi with materus cfg";
materus.profile.browser.brave.enable = mkBoolOpt false "Enable Brave with materus cfg";
};
#TODO: Make some config
config = lib.mkMerge [{
home.packages = [
(lib.mkIf cfg.firefox.enable config.materus.profile.packages.firefox)
(lib.mkIf cfg.vivaldi.enable pkgs.vivaldi)
(lib.mkIf cfg.brave.enable pkgs.brave)
] ++ [ (lib.mkIf (osConfig != null && osConfig.materus.profile.browser.enable) osConfig.materus.profile.browser.package)];
}
];
}
+85
View File
@@ -0,0 +1,85 @@
{ config, lib, pkgs, materusArg, ... }:
let
packages = cfg.packages;
cfg = config.materus.profile;
in
{
imports = [
./fonts.nix
./browser.nix
./xdg.nix
./shell
./editor
./terminal
];
options.materus.profile.enableDesktop = materusArg.pkgs.lib.mkBoolOpt false "Enable settings for desktop";
options.materus.profile.enableTerminal = materusArg.pkgs.lib.mkBoolOpt true "Enable settings for terminal";
options.materus.profile.enableTerminalExtra = materusArg.pkgs.lib.mkBoolOpt false "Enable extra settings for terminal";
options.materus.profile.enableNixDevel = materusArg.pkgs.lib.mkBoolOpt false "Enable settings for nix devel";
config =
{
home.packages = (if cfg.enableDesktop then packages.list.desktopApps else [ ]) ++
(if cfg.enableNixDevel then packages.list.nixRelated else [ ]) ++
(if cfg.enableTerminal then packages.list.terminalApps else [ ]);
#Desktop
programs.feh.enable = lib.mkDefault cfg.enableDesktop;
programs.mpv = lib.mkIf cfg.enableDesktop {
enable = true;
config = {
ytdl-format = "bestvideo+bestaudio";
slang="pl,pol,Polish,Polski,en,eng,English";
alang="ja,jp,jpn,Japanese,pl,pol,Polski,en,eng,English";
demuxer-max-bytes="500MiB";
demuxer-max-back-bytes="150MiB";
cache="yes";
cache-pause-wait="10";
cache-pause-initial="yes";
keep-open="yes";
};
};
#Terminal
programs.git = {
enable = lib.mkDefault cfg.enableTerminal;
package = lib.mkDefault pkgs.gitFull;
delta.enable = lib.mkDefault cfg.enableTerminal;
lfs.enable = lib.mkDefault cfg.enableTerminal;
};
programs.gitui.enable = cfg.enableTerminalExtra;
programs.nix-index = {
enable = lib.mkDefault cfg.enableTerminal;
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
enableFishIntegration = lib.mkDefault config.programs.fish.enable;
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
};
programs.direnv = {
enable = lib.mkDefault (cfg.enableTerminalExtra || cfg.enableNixDevel);
nix-direnv.enable = lib.mkDefault (cfg.enableNixDevel && (config.programs.direnv.enable == true));
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
#enableFishIntegration = lib.mkDefault config.programs.fish.enable;
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
};
programs.fzf = {
enable = lib.mkDefault cfg.enableTerminalExtra;
enableBashIntegration = lib.mkDefault config.programs.bash.enable;
enableFishIntegration = lib.mkDefault config.programs.fish.enable;
enableZshIntegration = lib.mkDefault config.programs.zsh.enable;
};
programs.eza.enable = lib.mkDefault cfg.enableTerminalExtra;
programs.yt-dlp.enable = lib.mkDefault cfg.enableTerminalExtra;
};
}
+159
View File
@@ -0,0 +1,159 @@
{ config, lib, pkgs, materusArg, materusCfg, ... }:
let
cfg = config.materus.profile.editor.code;
ext = let
market =
(materusCfg.configInputs.nix-vscode-extensions.extensions."${materusCfg.arch}".forVSCodeVersion
config.programs.vscode.package.version);
marketNv =
(materusCfg.configInputs.nix-vscode-extensions.extensions."${materusCfg.arch}");
in with market;
with pkgs; [
#Cpp
open-vsx.twxs.cmake
vscode-extensions.ms-vscode.cpptools
vscode-marketplace.ms-vscode.cmake-tools
vscode-marketplace.cs128.cs128-clang-tidy
#Python
#vscode-marketplace.ms-python.python
#vscode-marketplace.ms-python.vscode-pylance
#vscode-marketplace.ms-python.debugpy
# CSharp
open-vsx.muhammad-sammy.csharp
#Java
vscode-marketplace.redhat.java
vscode-marketplace.vscjava.vscode-java-debug
vscode-marketplace.vscjava.vscode-java-test
vscode-marketplace.vscjava.vscode-gradle
vscode-marketplace.vscjava.vscode-java-dependency
#JS
vscode-marketplace.angular.ng-template
#DLang
open-vsx.webfreak.code-d
#Nix
open-vsx.jnoortheen.nix-ide
#Web
open-vsx.ecmel.vscode-html-css
open-vsx.formulahendry.auto-close-tag
#Lua
open-vsx.sumneko.lua
#YAML, XML
open-vsx.redhat.vscode-yaml
open-vsx.redhat.vscode-xml
#Git
open-vsx.donjayamanne.githistory
#open-vsx.mhutchie.git-graph
open-vsx.eamodio.gitlens
#Other
#open-vsx.asciidoctor.asciidoctor-vscode
open-vsx.ms-azuretools.vscode-docker
open-vsx.webfreak.debug
open-vsx.mkhl.direnv
#vscode-marketplace.ms-vscode-remote.remote-wsl
#vscode-marketplace.ms-vscode-remote.remote-containers
open-vsx.esbenp.prettier-vscode
open-vsx.formulahendry.code-runner
open-vsx.leonardssh.vscord
open-vsx.ms-vscode.hexeditor
open-vsx.alefragnani.project-manager
vscode-marketplace.cantonios.project-templates
vscode-marketplace.betterthantomorrow.joyride
#Icons
open-vsx.pkief.material-icon-theme
open-vsx.pkief.material-product-icons
#Themes
open-vsx.dracula-theme.theme-dracula
open-vsx.ahmadawais.shades-of-purple
#Languages
marketNv.vscode-marketplace.ms-ceintl.vscode-language-pack-pl
];
set = {
"vscord.app.name" = lib.mkDefault "VSCodium";
"window.dialogStyle" = lib.mkDefault "custom";
"window.titleBarStyle" = lib.mkDefault "custom";
"editor.fontFamily" =
lib.mkDefault "'Hack Nerd Font', 'monospace', monospace";
"workbench.colorTheme" = lib.mkDefault "Shades of Purple";
"workbench.productIconTheme" = lib.mkDefault "material-product-icons";
"workbench.iconTheme" = lib.mkDefault "material-icon-theme";
"d.aggressiveUpdate" = lib.mkDefault false;
"d.servedPath" = lib.mkDefault "${pkgs.serve-d}/bin/serve-d";
"direnv.path.executable" = lib.mkDefault "${pkgs.direnv}/bin/direnv";
"nix.enableLanguageServer" = lib.mkDefault true;
"nix.serverPath" = lib.mkDefault "${pkgs.nixd}/bin/nixd";
"nix.formatterPath" = lib.mkDefault "${pkgs.nixfmt-rfc-style}/bin/nixfmt";
"nix.serverSettings" = {
"nixd" = { "formatting" = { "command" = lib.mkDefault [ "nixfmt" ]; }; };
};
"C_Cpp.clang_format_path" =
lib.mkDefault "${pkgs.clang-tools}/bin/clang-format";
"C_Cpp.clang_format_fallbackStyle" = lib.mkDefault "Microsoft";
"clang-tidy.executable" =
lib.mkDefault "${pkgs.clang-tools}/bin/clang-tidy";
"redhat.telemetry.enabled" = lib.mkDefault false;
"python.defaultInterpreterPath" =
lib.mkDefault "${pkgs.python3Full}/bin/python";
"[cpp]" = {
"editor.defaultFormatter" = lib.mkDefault "xaver.clang-format";
};
"[javascript]" = {
"editor.defaultFormatter" = lib.mkDefault "esbenp.prettier-vscode";
};
"typescript.tsserver.maxTsServerMemory" = 1024 * 8;
"typescript.tsserver.nodePath"= lib.mkDefault "${pkgs.nodejs}/bin/node";
"cmake.showOptionsMovedNotification" = false;
"cmake.pinnedCommands" = [
"workbench.action.tasks.configureTaskRunner"
"workbench.action.tasks.runTask"
];
};
in {
options.materus.profile.editor.code.enable =
materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop
"Enable VSCodium with materus cfg";
options.materus.profile.editor.code.fhs.enable =
materusArg.pkgs.lib.mkBoolOpt false "Use fhs vscodium";
options.materus.profile.editor.code.fhs.packages =
lib.mkOption { default = (ps: [ ]); };
options.materus.profile.editor.code.extensions =
lib.mkOption { default = [ ]; };
options.materus.profile.editor.code.settings =
lib.mkOption { default = { }; };
config = lib.mkIf cfg.enable {
materus.profile.editor.code.extensions = ext;
materus.profile.editor.code.settings = set;
programs.vscode = {
enable = lib.mkDefault true;
package = lib.mkDefault (if (cfg.fhs.enable) then
(pkgs.vscodium.fhsWithPackages cfg.fhs.packages)
else
pkgs.vscodium);
mutableExtensionsDir =
lib.mkDefault config.materus.profile.editor.code.fhs.enable;
extensions = lib.mkDefault config.materus.profile.editor.code.extensions;
enableExtensionUpdateCheck =
lib.mkDefault config.materus.profile.editor.code.fhs.enable;
enableUpdateCheck = lib.mkDefault false;
userSettings = lib.mkDefault config.materus.profile.editor.code.settings;
};
materus.profile.fonts.enable = lib.mkDefault true;
};
}
@@ -0,0 +1,8 @@
{ config, lib, pkgs, ... }:
{
imports = [
./code.nix
./neovim.nix
./emacs
];
}
@@ -0,0 +1,296 @@
{
config,
lib,
pkgs,
materusArg,
materusCfg,
...
}: let
emacs-pkg = materusCfg.configInputs.emacs-overlay.packages.x86_64-linux.emacs-git;
materus-nix = e:
e.trivialBuild {
pname = "materus-nix";
src = pkgs.writeText "materus-nix.el" ''
(when (file-exists-p "${config.programs.emacs.package}/opt/emacs/buildtime")
(setq emacs-build-time (decode-time (seconds-to-time (string-to-number (with-temp-buffer
(insert-file-contents "${config.programs.emacs.package}/opt/emacs/buildtime")
(buffer-string)))))))
(defvar lsp-java-configuration-runtimes nil)
(setq dap-lldb-debug-program '("${pkgs.llvmPackages.lldb}/bin/lldb-vscode"))
(setq lsp-java-configuration-runtimes '[(:name "JavaSE-1.8"
:path "${pkgs.jdk8}/lib/openjdk/")
(:name "JavaSE-17"
:path "${pkgs.jdk17}/lib/openjdk/")
(:name "JavaSE-21"
:path "${pkgs.jdk21}/lib/openjdk/"
:default t)])
(setq lsp-nix-nixd-nixos-options-expr (concat "(builtins.getFlake \"/etc/nixos\").nixosConfigurations." (system-name) ".options"))
(setenv "JAVA_HOME" "${pkgs.jdk21}/lib/openjdk")
(setenv "PATH" (concat "${emacsEnv}/bin:" (getenv "PATH")))
(setq exec-path (append '("${emacsEnv}/bin") exec-path))
(call-process-shell-command "${pkgs.xorg.xmodmap}/bin/xmodmap -e \"keycode 148 = Hyper_L\" -e \"remove Mod4 = Hyper_L\" -e \"add Mod3 = Hyper_L\" &" nil 0)
(call-process-shell-command "${pkgs.xorg.xmodmap}/bin/xmodmap -e \"keycode 66 = Hyper_L\" -e \"remove Mod4 = Hyper_L\" -e \"add Mod3 = Hyper_L\" &" nil 0)
(provide 'materus-nix)
'';
version = "1.0.0";
};
packages = epkgs:
with epkgs; [
treesit-grammars.with-all-grammars
use-package
elcord
dashboard
magit
git-timemachine
avy
vterm
direnv
projectile
clipetty
which-key
iedit
hideshowvis
perspective
treemacs
treemacs-perspective
treemacs-nerd-icons
treemacs-icons-dired
treemacs-magit
treemacs-projectile
tree-edit
nerd-icons
nerd-icons-completion
minions
rainbow-delimiters
rainbow-mode
cmake-mode
lsp-mode
lsp-java
lsp-jedi
lsp-haskell
lsp-pascal
lsp-pyright
lsp-ui
lsp-treemacs
dap-mode
flycheck
gradle-mode
groovy-mode
kotlin-mode
d-mode
lua-mode
multiple-cursors
org
org-contrib
org-ql
org-rainbow-tags
org-roam
org-roam-ui
org-review
org-present
org-modern
org-auto-tangle
ox-pandoc
visual-fill-column
csharp-mode
markdown-mode
json-mode
nix-mode
nixfmt
nix-ts-mode
no-littering
right-click-context
dracula-theme
doom-themes
doom-modeline
popper
undo-tree
bash-completion
eldoc-box
yasnippet
yasnippet-capf
async
request
markdown-ts-mode
llvm-ts-mode
treesit-fold
treesit-auto
tree-sitter-langs
eat
vlf
edit-indirect
zones
sudo-edit
toc-org
#empv
volatile-highlights
highlight
elfeed
elfeed-goodies
drag-stuff
dirvish
rg
shfmt
mermaid-mode
ob-mermaid
visual-replace
scroll-restore
highlight-indent-guides
diff-hl
transient
embark
embark-consult
ef-themes
pdf-tools
minimap
geiser-guile
fennel-mode
paredit
# Completions & Minibuffer
corfu
corfu-terminal
kind-icon
cape
orderless
vertico
marginalia
];
emacsEnv = pkgs.buildEnv {
name = "emacs-env";
paths = with pkgs; [
jdk21
luaformatter
pandoc
(luajit.withPackages (p: [
p.fennel
p.lua-lsp
]))
fennel-ls
fnlfmt
sbcl
silver-searcher
guile
plantuml
mermaid-cli
pyright
shfmt
ripgrep
cmake
gnumake
nixfmt-rfc-style
(python3.withPackages (python-pkgs: with python-pkgs; [
matplotlib
pandas
requests
]))
multimarkdown
git
emacs-lsp-booster
llvmPackages.clang-tools
llvmPackages.clang
llvmPackages.lldb
(hiPrio gcc)
gdb
materusArg.unstable.nixd
jdt-language-server
gradle
fpc
nodejs
omnisharp-roslyn
texlive.combined.scheme-full
];
};
cfg = config.materus.profile.editor.emacs;
in {
options.materus.profile.editor.emacs.enable =
materusArg.pkgs.lib.mkBoolOpt false "Enable emacs with materus cfg";
config = lib.mkIf cfg.enable {
home.activation.emacsSetup = lib.hm.dag.entryAfter ["linkGeneration"] '''';
#Emacsclient with COLORTERM env variable, without it display in "-nw" client is broken
xdg.desktopEntries.emacs = {
name = "Emacs";
genericName = "Edytor tekstu";
comment = "Edytuj tekst";
exec = ''env COLORTERM=truecolor emacsclient -a "" -r %F'';
icon = "emacs";
terminal = false;
type = "Application";
categories = [
"Development"
"TextEditor"
];
mimeType = [
"text/english"
"text/plain"
"text/x-makefile"
"text/x-c++hdr"
"text/x-c++src"
"text/x-chdr"
"text/x-csrc"
"text/x-java"
"text/x-moc"
"text/x-pascal"
"text/x-tcl"
"text/x-tex"
"application/x-shellscript"
"text/x-c"
"text/x-c++"
"x-scheme-handler/org-protocol"
];
actions.new-window = {
exec = ''env COLORTERM=truecolor emacsclient -a "" -c %F'';
name = "Nowe okno";
};
actions.no-daemon = {
exec = "env COLORTERM=truecolor emacs %F";
name = "Instancja samodzielna";
};
};
programs.emacs = {
enable = true;
extraPackages = epkgs: [(materus-nix epkgs) epkgs.vterm epkgs.treesit-grammars.with-all-grammars];
package = lib.mkDefault (
(emacs-pkg.override {
withSQLite3 = true;
withWebP = true;
withX = true;
#withXwidgets = true;
withGTK3 = true;
withAlsaLib = true;
#withGconf = true;
withImageMagick = true;
})
.overrideAttrs
(
f: p: {
#Remove .desktop files, will use my own. Add file with buildtime in case of using elpaca
postInstall =
p.postInstall
+ ''
rm -fr $out/share/applications/*
mkdir -p $out/opt/emacs
date +%s | tr -d '\n' > $out/opt/emacs/buildtime
'';
}
)
);
};
};
}
@@ -0,0 +1,22 @@
From 75e41ae5bd1c0879b323ed0ddc4bac29badb29ff Mon Sep 17 00:00:00 2001
From: fanshi1028 <jackychany321@gmail.com>
Date: Fri, 1 Nov 2024 14:41:26 +0000
Subject: [PATCH] fix lsp-org breaks with org 9.7 (#4300)
---
lsp-mode.el | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lsp-mode.el b/lsp-mode.el
index f5c700dbf3..a149d6d2c7 100644
--- a/lsp-mode.el
+++ b/lsp-mode.el
@@ -9668,7 +9668,7 @@ defaults to `progress-bar."
(save-excursion
(funcall goto-buffer)
(funcall f))))))
- ((&plist :begin :end :post-blank :language) (cl-second (org-element-context)))
+ ((begin end post-blank language) (--map (org-element-property it (org-element-context) nil t) '(:begin :end :post-blank :language)))
((&alist :tangle file-name) (cl-third (org-babel-get-src-block-info 'light)))
(file-name (if file-name
@@ -0,0 +1,40 @@
{ config, lib, pkgs, materusArg, ... }:
let
cfg = config.materus.profile.editor.neovim;
in
{
options.materus.profile.editor.neovim.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableTerminalExtra "Enable neovim with materus cfg";
config = lib.mkIf cfg.enable {
programs.neovim = {
enable = true;
package = pkgs.neovim-unwrapped;
coc.enable = true;
coc.package = pkgs.vimPlugins.coc-nvim;
viAlias = true;
vimAlias = true;
vimdiffAlias = true;
defaultEditor = lib.mkDefault false;
extraConfig = ''
set number
'';
extraLuaConfig = ''
'';
extraPackages = with pkgs;[
];
plugins = with pkgs.vimPlugins;[
syntastic
vim-fugitive
vim-airline
vim-nix
nvim-fzf
nvim-treesitter.withAllGrammars
];
};
};
}
+13
View File
@@ -0,0 +1,13 @@
{ config, pkgs, lib, materusArg, ... }:
let
packages = config.materus.profile.packages;
cfg = config.materus.profile.fonts;
in
{
options.materus.profile.fonts.enable = materusArg.pkgs.lib.mkBoolOpt config.materus.profile.enableDesktop "Enable materus font settings";
config = lib.mkIf cfg.enable {
fonts.fontconfig.enable = lib.mkDefault true;
home.packages = packages.list.fonts;
};
}

Some files were not shown because too many files have changed in this diff Show More