ivandimitrov8080/configuration.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

alejandra format

Browse Source
This commit is contained in:
Ivan Kirilov Dimitrov 2024-08-07 17:41:33 +02:00
parent 1a4be3cb75
commit 06dea9ce71
No known key found for this signature in database
GPG Key ID: 0BDAD4B211C49294
10 changed files with 715 additions and 418 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
default.nix
View File

@ -1,8 +1,8 @@
top@{ inputs, ... }: { top @ {inputs, ...}: {
imports = [ ./nixos ./home ./packages ./overlays ./hardware-configurations ]; imports = [./nixos ./home ./packages ./overlays ./hardware-configurations];
systems = [ "x86_64-linux" ]; systems = ["x86_64-linux"];
flake.stateVersion = "24.05"; flake.stateVersion = "24.05";
perSystem = perSystem@{ system, ... }: { perSystem = perSystem @ {system, ...}: {
config._module.args = { config._module.args = {
pkgs = import inputs.nixpkgs { pkgs = import inputs.nixpkgs {
inherit system; inherit system;

7
flake.nix
View File

@ -20,7 +20,10 @@
}; };
sal = { sal = {
url = "github:ivandimitrov8080/sal"; url = "github:ivandimitrov8080/sal";
inputs = { nixpkgs.follows = "nixpkgs"; ide.follows = "ide"; }; inputs = {
nixpkgs.follows = "nixpkgs";
ide.follows = "ide";
};
}; };
musnix = { musnix = {
url = "github:musnix/musnix"; url = "github:musnix/musnix";
@ -35,5 +38,5 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = inputs: inputs.parts.lib.mkFlake { inherit inputs; } { imports = [ ./. ]; }; outputs = inputs: inputs.parts.lib.mkFlake {inherit inputs;} {imports = [./.];};
} }

30
hardware-configurations/default.nix
View File

@ -1,21 +1,31 @@
top@{ ... }: { top @ {...}: {
flake.hardwareConfigurations = { flake.hardwareConfigurations = {
nova = { lib, modulesPath, ... }: { nova = {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = { boot = {
initrd = { initrd = {
availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ]; availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci"];
kernelModules = [ ]; kernelModules = [];
luks.devices."nixos".device = "/dev/disk/by-uuid/712dd8ba-d5b4-438a-9a77-663b8c935cfe"; luks.devices."nixos".device = "/dev/disk/by-uuid/712dd8ba-d5b4-438a-9a77-663b8c935cfe";
}; };
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
extraModulePackages = [ ]; extraModulePackages = [];
}; };
fileSystems = { fileSystems = {
"/" = { device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af"; fsType = "btrfs"; }; "/" = {
"/boot" = { device = "/dev/disk/by-uuid/4C3C-993A"; fsType = "vfat"; }; device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/4C3C-993A";
fsType = "vfat";
};
}; };
swapDevices = [ ]; swapDevices = [];
networking.useDHCP = lib.mkForce true; networking.useDHCP = lib.mkForce true;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux"; nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkForce false; hardware.cpu.intel.updateMicrocode = lib.mkForce false;

2
home/default.nix
View File

@ -1,3 +1,3 @@
{ {
imports = [ ./modules ]; imports = [./modules];
} }

569
home/modules/default.nix
View File

@ -1,8 +1,7 @@
toplevel@{ moduleWithSystem, ... }: { toplevel @ {moduleWithSystem, ...}: {
flake.homeManagerModules = { flake.homeManagerModules = {
base = moduleWithSystem ( base = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {config, ...}: {
perSystem@{ config, ... }: {
programs.home-manager.enable = true; programs.home-manager.enable = true;
home.stateVersion = toplevel.config.flake.stateVersion; home.stateVersion = toplevel.config.flake.stateVersion;
xdg = { xdg = {
@ -24,163 +23,256 @@ toplevel@{ moduleWithSystem, ... }: {
} }
); );
ivand = moduleWithSystem ( ivand = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {pkgs, ...}: {
perSystem@{ pkgs, ... }: {
home = { home = {
username = "ivand"; username = "ivand";
homeDirectory = "/home/ivand"; homeDirectory = "/home/ivand";
sessionVariables = { EDITOR = "nvim"; }; sessionVariables = {EDITOR = "nvim";};
packages = with pkgs; [ nvim ]; packages = with pkgs; [nvim];
}; };
programs = { programs = {
git = with pkgs.lib; { git = with pkgs.lib; {
userName = mkForce "Ivan Kirilov Dimitrov"; userName = mkForce "Ivan Kirilov Dimitrov";
userEmail = mkForce "ivan@idimitrov.dev"; userEmail = mkForce "ivan@idimitrov.dev";
signing = mkForce { signByDefault = true; key = "ivan@idimitrov.dev"; }; signing = mkForce {
signByDefault = true;
key = "ivan@idimitrov.dev";
};
}; };
ssh = { ssh = {
matchBlocks = { matchBlocks = {
vpsfree-ivand = { hostname = "10.0.0.1"; user = "ivand"; }; vpsfree-ivand = {
vpsfree-root = { hostname = "10.0.0.1"; user = "root"; }; hostname = "10.0.0.1";
user = "ivand";
};
vpsfree-root = {
hostname = "10.0.0.1";
user = "root";
};
}; };
}; };
}; };
} }
); );
util = moduleWithSystem ( util = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {
perSystem@{ pkgs, config, ... }: { pkgs,
config,
...
}: {
home = { home = {
packages = with pkgs; [ openssl mlocate uutils-coreutils-noprefix speedtest-cli ]; packages = with pkgs; [openssl mlocate uutils-coreutils-noprefix speedtest-cli];
sessionVariables = { PAGER = "bat"; BAT_THEME = "catppuccin-mocha"; }; sessionVariables = {
PAGER = "bat";
BAT_THEME = "catppuccin-mocha";
};
}; };
programs = { programs = {
password-store = { enable = true; package = pkgs.pass.withExtensions (e: with e; [ pass-otp pass-file ]); settings = { PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store"; }; }; password-store = {
enable = true;
package = pkgs.pass.withExtensions (e: with e; [pass-otp pass-file]);
settings = {PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store";};
};
git = { git = {
enable = true; enable = true;
delta.enable = true; delta.enable = true;
extraConfig = { color.ui = "auto"; pull.rebase = true; push.autoSetupRemote = true; }; extraConfig = {
aliases = { a = "add ."; c = "commit"; d = "diff --cached"; p = "push"; pa = "!git remote | xargs -L1 git push --all"; }; color.ui = "auto";
pull.rebase = true;
push.autoSetupRemote = true;
};
aliases = {
a = "add .";
c = "commit";
d = "diff --cached";
p = "push";
pa = "!git remote | xargs -L1 git push --all";
};
}; };
tealdeer = { tealdeer = {
enable = true; enable = true;
settings = { display = { compact = true; }; updates = { auto_update = true; }; }; settings = {
display = {compact = true;};
updates = {auto_update = true;};
};
}; };
bottom = { bottom = {
enable = true; enable = true;
settings = { settings = {
flags = { rate = "250ms"; }; flags = {rate = "250ms";};
row = [ row = [
{ ratio = 40; child = [{ type = "cpu"; } { type = "mem"; } { type = "net"; }]; } {
{ ratio = 35; child = [{ type = "temp"; } { type = "disk"; }]; } ratio = 40;
{ ratio = 40; child = [{ type = "proc"; default = true; }]; } child = [{type = "cpu";} {type = "mem";} {type = "net";}];
}
{
ratio = 35;
child = [{type = "temp";} {type = "disk";}];
}
{
ratio = 40;
child = [
{
type = "proc";
default = true;
}
];
}
]; ];
}; };
}; };
fzf = { enable = true; enableBashIntegration = true; enableZshIntegration = true; }; fzf = {
nix-index = { enable = true; enableZshIntegration = false; enableBashIntegration = false; }; enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
};
nix-index = {
enable = true;
enableZshIntegration = false;
enableBashIntegration = false;
};
bat = { bat = {
enable = true; enable = true;
themes = themes = let
let catppuccin = pkgs.fetchFromGitHub {
catppuccin = pkgs.fetchFromGitHub { owner = "catppuccin"; repo = "bat"; rev = "82e7ca555f805b53d2b377390e4ab38c20282e83"; sha256 = "sha256-/Ob9iCVyjJDBCXlss9KwFQTuxybmSSzYRBZxOT10PZg="; }; owner = "catppuccin";
in repo = "bat";
{ rev = "82e7ca555f805b53d2b377390e4ab38c20282e83";
catppuccin-mocha = { src = catppuccin; file = "themes/Catppuccin Mocha.tmTheme"; }; sha256 = "sha256-/Ob9iCVyjJDBCXlss9KwFQTuxybmSSzYRBZxOT10PZg=";
catppuccin-macchiato = { src = catppuccin; file = "themes/Catppuccin Macchiato.tmTheme"; };
catppuccin-frappe = { src = catppuccin; file = "themes/Catppuccin Frappe.tmTheme"; };
catppuccin-latte = { src = catppuccin; file = "themes/Catppuccin Latte.tmTheme"; };
}; };
in {
catppuccin-mocha = {
src = catppuccin;
file = "themes/Catppuccin Mocha.tmTheme";
};
catppuccin-macchiato = {
src = catppuccin;
file = "themes/Catppuccin Macchiato.tmTheme";
};
catppuccin-frappe = {
src = catppuccin;
file = "themes/Catppuccin Frappe.tmTheme";
};
catppuccin-latte = {
src = catppuccin;
file = "themes/Catppuccin Latte.tmTheme";
};
};
}; };
ssh.enable = true; ssh.enable = true;
gpg.enable = true; gpg.enable = true;
}; };
services = { gpg-agent = { enable = true; enableBashIntegration = true; enableZshIntegration = true; enableNushellIntegration = true; pinentryPackage = pkgs.pinentry-qt; }; }; services = {
gpg-agent = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableNushellIntegration = true;
pinentryPackage = pkgs.pinentry-qt;
};
};
} }
); );
shell = moduleWithSystem ( shell = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {pkgs, ...}: {
perSystem@{ pkgs, ... }: { programs = let
programs = shellAliases = {
let cal = "cal $(date +%Y)";
GG = "git add . && git commit -m 'GG' && git push --set-upstream origin HEAD";
gad = "git add . && git diff --cached";
gac = "ga && gc";
ga = "git add .";
gc = "git commit";
dev = "nix develop --command $SHELL";
ls = "eza";
la = "eza --all";
lt = "eza --git-ignore --all --tree --level=10";
sc = "systemctl";
neofetch = "${pkgs.fastfetch}/bin/fastfetch -c all.jsonc";
};
sessionVariables = {};
in {
bash = {
inherit shellAliases sessionVariables;
enable = true;
enableVteIntegration = true;
historyControl = ["erasedups"];
historyIgnore = ["ls" "cd" "exit"];
};
zsh = {
inherit shellAliases sessionVariables;
enable = true;
dotDir = ".config/zsh";
defaultKeymap = "viins";
enableVteIntegration = true;
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
history.expireDuplicatesFirst = true;
historySubstringSearch.enable = true;
};
nushell = {
enable = true;
environmentVariables = {config = ''{ show_banner: false, completions: { quick: false partial: false algorithm: "prefix" } } '';};
shellAliases = { shellAliases = {
cal = "cal $(date +%Y)"; gcal = ''bash -c "cal $(date +%Y)" '';
GG = "git add . && git commit -m 'GG' && git push --set-upstream origin HEAD"; la = "ls -al";
gad = "git add . && git diff --cached"; dev = "nix develop --command $env.SHELL";
gac = "ga && gc";
ga = "git add .";
gc = "git commit";
dev = "nix develop --command $SHELL";
ls = "eza";
la = "eza --all";
lt = "eza --git-ignore --all --tree --level=10";
sc = "systemctl";
neofetch = "${pkgs.fastfetch}/bin/fastfetch -c all.jsonc";
};
sessionVariables = { };
in
{
bash = {
inherit shellAliases sessionVariables;
enable = true;
enableVteIntegration = true;
historyControl = [ "erasedups" ];
historyIgnore = [ "ls" "cd" "exit" ];
};
zsh = {
inherit shellAliases sessionVariables;
enable = true;
dotDir = ".config/zsh";
defaultKeymap = "viins";
enableVteIntegration = true;
syntaxHighlighting.enable = true;
autosuggestion.enable = true;
history.expireDuplicatesFirst = true;
historySubstringSearch.enable = true;
};
nushell = {
enable = true;
environmentVariables = { config = '' { show_banner: false, completions: { quick: false partial: false algorithm: "prefix" } } ''; };
shellAliases = { gcal = '' bash -c "cal $(date +%Y)" ''; la = "ls -al"; dev = "nix develop --command $env.SHELL"; };
};
kitty.shellIntegration = { enableBashIntegration = true; enableZshIntegration = true; };
tmux = {
enable = true;
clock24 = true;
baseIndex = 1;
escapeTime = 0;
keyMode = "vi";
shell = "\${SHELL}";
terminal = "screen-256color";
plugins = with pkgs.tmuxPlugins; [ tilish catppuccin ];
extraConfig = ''
set-option -a terminal-features 'screen-256color:RGB'
'';
};
starship = { enable = true; enableNushellIntegration = true; enableZshIntegration = true; enableBashIntegration = true; };
eza = {
enable = true;
enableZshIntegration = true;
enableBashIntegration = true;
extraOptions = [
"--long"
"--header"
"--icons"
"--smart-group"
"--mounts"
"--octal-permissions"
"--git"
];
}; };
}; };
kitty.shellIntegration = {
enableBashIntegration = true;
enableZshIntegration = true;
};
tmux = {
enable = true;
clock24 = true;
baseIndex = 1;
escapeTime = 0;
keyMode = "vi";
shell = "\${SHELL}";
terminal = "screen-256color";
plugins = with pkgs.tmuxPlugins; [tilish catppuccin];
extraConfig = ''
set-option -a terminal-features 'screen-256color:RGB'
'';
};
starship = {
enable = true;
enableNushellIntegration = true;
enableZshIntegration = true;
enableBashIntegration = true;
};
eza = {
enable = true;
enableZshIntegration = true;
enableBashIntegration = true;
extraOptions = [
"--long"
"--header"
"--icons"
"--smart-group"
"--mounts"
"--octal-permissions"
"--git"
];
};
};
} }
); );
swayland = moduleWithSystem ( swayland = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {
perSystem@{ pkgs, config, ... }: { pkgs,
config,
...
}: {
home = { home = {
packages = with pkgs; [ audacity gimp grim libnotify libreoffice-qt mupdf slurp transmission_4 wl-clipboard xdg-user-dirs xdg-utils xwayland telegram-desktop ]; packages = with pkgs; [audacity gimp grim libnotify libreoffice-qt mupdf slurp transmission_4 wl-clipboard xdg-user-dirs xdg-utils xwayland telegram-desktop];
pointerCursor = with pkgs; { name = "catppuccin-mocha-green-cursors"; package = catppuccin-cursors.mochaGreen; size = 24; gtk.enable = true; }; pointerCursor = with pkgs; {
name = "catppuccin-mocha-green-cursors";
package = catppuccin-cursors.mochaGreen;
size = 24;
gtk.enable = true;
};
}; };
wayland.windowManager.sway = { wayland.windowManager.sway = {
enable = true; enable = true;
@ -190,10 +282,10 @@ toplevel@{ moduleWithSystem, ... }: {
terminal = "kitty"; terminal = "kitty";
modifier = "Mod4"; modifier = "Mod4";
startup = [ startup = [
{ command = "swaymsg 'workspace 2; exec firefox'"; } {command = "swaymsg 'workspace 2; exec firefox'";}
{ command = "swaymsg 'workspace 1; exec kitty'"; } {command = "swaymsg 'workspace 1; exec kitty'";}
]; ];
bars = [ ]; bars = [];
window.titlebar = false; window.titlebar = false;
keybindings = pkgs.lib.mkOptionDefault { keybindings = pkgs.lib.mkOptionDefault {
"F1" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; "F1" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
@ -213,65 +305,94 @@ toplevel@{ moduleWithSystem, ... }: {
"${modifier}+Shift+c" = "kill"; "${modifier}+Shift+c" = "kill";
"${modifier}+Shift+q" = "exit"; "${modifier}+Shift+q" = "exit";
}; };
input = { "*" = { xkb_layout = "us,bg"; xkb_options = "grp:win_space_toggle"; xkb_variant = ",phonetic"; }; }; input = {
"*" = {
xkb_layout = "us,bg";
xkb_options = "grp:win_space_toggle";
xkb_variant = ",phonetic";
};
};
}; };
swaynag = { enable = config.wayland.windowManager.sway.enable; }; swaynag = {enable = config.wayland.windowManager.sway.enable;};
}; };
programs = { programs = {
waybar = { waybar = {
enable = true; enable = true;
settings = { settings = {
mainBar = mainBar = let
let in {
in layer = "top";
{ position = "top";
layer = "top"; height = 30;
position = "top"; output = ["eDP-1" "HDMI-A-1" "*"];
height = 30;
output = [ "eDP-1" "HDMI-A-1" "*" ];
modules-left = [ "sway/workspaces" "sway/mode" ]; modules-left = ["sway/workspaces" "sway/mode"];
modules-center = [ "clock#week" "clock#year" "clock#time" ]; modules-center = ["clock#week" "clock#year" "clock#time"];
modules-right = [ "network" "pulseaudio" "memory" "cpu" "battery" ]; modules-right = ["network" "pulseaudio" "memory" "cpu" "battery"];
"clock#time" = { format = "{:%H:%M:%S}"; interval = 1; tooltip = false; }; "clock#time" = {
"clock#week" = { format = "{:%a}"; tooltip = false; }; format = "{:%H:%M:%S}";
"clock#year" = { format = "{:%Y-%m-%d}"; tooltip = false; }; interval = 1;
tooltip = false;
battery = {
format = "{icon} <span color='#cdd6f4'>{capacity}% {time}</span>";
format-time = " {H} h {M} m";
format-icons = [ "" "" "" "" "" ];
states = { warning = 30; critical = 15; };
tooltip = false;
};
cpu = { format = "<span color='#74c7ec'></span> {usage}%"; };
memory = { format = "<span color='#89b4fa'></span> {percentage}%"; interval = 5; };
pulseaudio = {
format = "<span color='#a6e3a1'>{icon}</span> {volume}% | {format_source}";
format-muted = "<span color='#f38ba8'>󰝟</span> {volume}% | {format_source}";
format-source = "{volume}% <span color='#a6e3a1'></span>";
format-source-muted = "{volume}% <span color='#f38ba8'></span>";
format-icons = { headphone = ""; default = [ "" "" "" ]; };
tooltip = false;
};
network = {
format-ethernet = "<span color='#89dceb'>󰈁</span> | <span color='#fab387'></span> {bandwidthUpBytes} <span color='#fab387'></span> {bandwidthDownBytes}";
format-wifi = "<span color='#06b6d4'>{icon}</span> | <span color='#fab387'></span> {bandwidthUpBytes} <span color='#fab387'></span> {bandwidthDownBytes}";
format-disconnected = "<span color='#eba0ac'>󰈂 no connection</span>";
format-icons = [ "󰤟" "󰤢" "󰤥" "󰤨" ];
interval = 5;
tooltip = false;
};
"sway/workspaces" = { disable-scroll = true; all-outputs = true; };
}; };
"clock#week" = {
format = "{:%a}";
tooltip = false;
};
"clock#year" = {
format = "{:%Y-%m-%d}";
tooltip = false;
};
battery = {
format = "{icon} <span color='#cdd6f4'>{capacity}% {time}</span>";
format-time = " {H} h {M} m";
format-icons = ["" "" "" "" ""];
states = {
warning = 30;
critical = 15;
};
tooltip = false;
};
cpu = {format = "<span color='#74c7ec'></span> {usage}%";};
memory = {
format = "<span color='#89b4fa'></span> {percentage}%";
interval = 5;
};
pulseaudio = {
format = "<span color='#a6e3a1'>{icon}</span> {volume}% | {format_source}";
format-muted = "<span color='#f38ba8'>󰝟</span> {volume}% | {format_source}";
format-source = "{volume}% <span color='#a6e3a1'></span>";
format-source-muted = "{volume}% <span color='#f38ba8'></span>";
format-icons = {
headphone = "";
default = ["" "" ""];
};
tooltip = false;
};
network = {
format-ethernet = "<span color='#89dceb'>󰈁</span> | <span color='#fab387'></span> {bandwidthUpBytes} <span color='#fab387'></span> {bandwidthDownBytes}";
format-wifi = "<span color='#06b6d4'>{icon}</span> | <span color='#fab387'></span> {bandwidthUpBytes} <span color='#fab387'></span> {bandwidthDownBytes}";
format-disconnected = "<span color='#eba0ac'>󰈂 no connection</span>";
format-icons = ["󰤟" "󰤢" "󰤥" "󰤨"];
interval = 5;
tooltip = false;
};
"sway/workspaces" = {
disable-scroll = true;
all-outputs = true;
};
};
};
systemd = {
enable = true;
target = "sway-session.target";
}; };
systemd = { enable = true; target = "sway-session.target"; };
style = '' style = ''
@define-color rosewater #f5e0dc; @define-color rosewater #f5e0dc;
@define-color flamingo #f2cdcd; @define-color flamingo #f2cdcd;
@ -401,12 +522,14 @@ toplevel@{ moduleWithSystem, ... }: {
animation-iteration-count: infinite; animation-iteration-count: infinite;
animation-direction: alternate; animation-direction: alternate;
} }
'' '';
;
}; };
swaylock = { swaylock = {
enable = true; enable = true;
settings = { show-failed-attempts = true; image = config.home.homeDirectory + "/pic/bg.png"; }; settings = {
show-failed-attempts = true;
image = config.home.homeDirectory + "/pic/bg.png";
};
}; };
rofi = { rofi = {
enable = true; enable = true;
@ -414,9 +537,9 @@ toplevel@{ moduleWithSystem, ... }: {
plugins = with pkgs; [ plugins = with pkgs; [
( (
rofi-calc.override rofi-calc.override
{ {
rofi-unwrapped = rofi-wayland-unwrapped; rofi-unwrapped = rofi-wayland-unwrapped;
} }
) )
]; ];
}; };
@ -426,24 +549,54 @@ toplevel@{ moduleWithSystem, ... }: {
}; };
kitty = { kitty = {
enable = true; enable = true;
font = { package = pkgs.fira-code; name = "FiraCodeNFM-Reg"; }; font = {
settings = { background_opacity = "0.90"; cursor_shape = "beam"; }; package = pkgs.fira-code;
name = "FiraCodeNFM-Reg";
};
settings = {
background_opacity = "0.90";
cursor_shape = "beam";
};
};
imv = {
enable = true;
settings = {options.fullscreen = true;};
};
mpv = {
enable = true;
scripts = with pkgs.mpvScripts; [uosc thumbfast];
};
bash.profileExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
zsh.loginExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
nushell.loginFile.text = ''if (tty) == "/dev/tty1" { sway } '';
};
services = {
mako.enable = true;
cliphist = {
enable = true;
systemdTarget = "sway-session.target";
}; };
imv = { enable = true; settings = { options.fullscreen = true; }; };
mpv = { enable = true; scripts = with pkgs.mpvScripts; [ uosc thumbfast ]; };
bash.profileExtra = '' [ "$(tty)" = "/dev/tty1" ] && exec sway '';
zsh.loginExtra = '' [ "$(tty)" = "/dev/tty1" ] && exec sway '';
nushell.loginFile.text = '' if (tty) == "/dev/tty1" { sway } '';
}; };
services = { mako.enable = true; cliphist = { enable = true; systemdTarget = "sway-session.target"; }; };
systemd.user = { systemd.user = {
timers = { rbingwp = { Timer = { OnCalendar = "*-*-* 10:00:00"; Persistent = true; }; Install = { WantedBy = [ "timers.target" ]; }; }; }; timers = {
rbingwp = {
Timer = {
OnCalendar = "*-*-* 10:00:00";
Persistent = true;
};
Install = {WantedBy = ["timers.target"];};
};
};
services = { services = {
wpd = { wpd = {
Install = { WantedBy = [ "sway-session.target" ]; }; Install = {WantedBy = ["sway-session.target"];};
Unit = { Description = "Switch background every x minutes"; After = "graphical-session-pre.target"; PartOf = "graphical-session.target"; }; Unit = {
Description = "Switch background every x minutes";
After = "graphical-session-pre.target";
PartOf = "graphical-session.target";
};
Service = { Service = {
ExecStart = [ "${pkgs.wpd}/bin/wpd" ]; ExecStart = ["${pkgs.wpd}/bin/wpd"];
}; };
}; };
}; };
@ -464,18 +617,27 @@ toplevel@{ moduleWithSystem, ... }: {
} }
); );
web = moduleWithSystem ( web = moduleWithSystem (
top@{ ... }: top @ {...}: perSystem @ {...}: {
perSystem@{ ... }: {
programs = { programs = {
browserpass.enable = true; browserpass.enable = true;
firefox = { firefox = {
enable = true; enable = true;
profiles.ivand = { profiles.ivand = {
id = 0; id = 0;
search = { default = "DuckDuckGo"; privateDefault = "DuckDuckGo"; force = true; }; search = {
default = "DuckDuckGo";
privateDefault = "DuckDuckGo";
force = true;
};
bookmarks = [ bookmarks = [
{ name = "home-options"; url = "https://nix-community.github.io/home-manager/options.xhtml"; } {
{ name = "nixvim-docs"; url = "https://nix-community.github.io/nixvim/"; } name = "home-options";
url = "https://nix-community.github.io/home-manager/options.xhtml";
}
{
name = "nixvim-docs";
url = "https://nix-community.github.io/nixvim/";
}
]; ];
settings = { settings = {
"general.smoothScroll" = true; "general.smoothScroll" = true;
@ -499,13 +661,44 @@ toplevel@{ moduleWithSystem, ... }: {
TranslateEnabled = false; TranslateEnabled = false;
SearchBar = "unified"; SearchBar = "unified";
SearchSuggestEnabled = false; SearchSuggestEnabled = false;
SanitizeOnShutdown = { Cache = true; FormData = true; Locked = true; Cookies = false; Downloads = false; History = false; Sessions = false; SiteSettings = false; OfflineApps = true; }; SanitizeOnShutdown = {
FirefoxHome = { Search = true; Pocket = false; Snippets = false; TopSites = false; Highlights = false; }; Cache = true;
UserMessaging = { ExtensionRecommendations = false; FeatureRecommendations = false; UrlbarInterventions = false; MoreFromMozilla = false; SkipOnboarding = true; }; FormData = true;
Locked = true;
Cookies = false;
Downloads = false;
History = false;
Sessions = false;
SiteSettings = false;
OfflineApps = true;
};
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
FeatureRecommendations = false;
UrlbarInterventions = false;
MoreFromMozilla = false;
SkipOnboarding = true;
};
Handlers = { Handlers = {
schemes = { schemes = {
mailto = { action = "useHelperApp"; ask = false; handlers = [{ name = "RoundCube"; uriTemplate = "https://mail.idimitrov.dev/?_task=mail&_action=compose&_to=%s"; }]; }; mailto = {
action = "useHelperApp";
ask = false;
handlers = [
{
name = "RoundCube";
uriTemplate = "https://mail.idimitrov.dev/?_task=mail&_action=compose&_to=%s";
}
];
};
}; };
}; };
}; };

58
nixos/configs/default.nix
View File

@ -1,28 +1,44 @@
toplevel@{ inputs, withSystem, ... }: toplevel @ {
let inputs,
withSystem,
...
}: let
system = "x86_64-linux"; system = "x86_64-linux";
mods = toplevel.config.flake.nixosModules; mods = toplevel.config.flake.nixosModules;
hardwareConfigurations = toplevel.config.flake.hardwareConfigurations; hardwareConfigurations = toplevel.config.flake.hardwareConfigurations;
essential = with mods; [ grub base shell security wireless intranet ]; essential = with mods; [grub base shell security wireless intranet];
desktop = with mods; [ sound wayland ]; desktop = with mods; [sound wayland];
configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem { configWithModules = {
specialArgs = { hardware ? {nixpkgs.hostPlatform = system;},
inherit inputs inputs' pkgs; modules,
packages = config.packages; }:
withSystem system (ctx @ {
config,
inputs',
pkgs,
...
}:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs inputs' pkgs;
packages = config.packages;
};
modules = [hardware] ++ modules;
});
novaConfig = mods:
configWithModules {
hardware = hardwareConfigurations.nova;
modules = essential ++ desktop ++ mods;
}; };
modules = [ hardware ] ++ modules; in {
});
novaConfig = mods: configWithModules { hardware = hardwareConfigurations.nova; modules = essential ++ desktop ++ mods; };
in
{
flake.nixosConfigurations = { flake.nixosConfigurations = {
nova = novaConfig [ mods.ivand ]; nova = novaConfig [mods.ivand];
nova-music = novaConfig (with mods; [ ivand music ]); nova-music = novaConfig (with mods; [ivand music]);
nova-crypto = novaConfig (with mods; [ ivand cryptocurrency ]); nova-crypto = novaConfig (with mods; [ivand cryptocurrency]);
nova-nonya = novaConfig (with mods; [ ivand anon cryptocurrency ]); nova-nonya = novaConfig (with mods; [ivand anon cryptocurrency]);
nova-ai = novaConfig (with mods; [ ivand ai ]); nova-ai = novaConfig (with mods; [ivand ai]);
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); }; install-iso = configWithModules {modules = with mods; [grub base shell wireless];};
vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output anonymous-dns firewall rest ]); }; vps = configWithModules {modules = with mods; [base shell security vps mailserver nginx wireguard-output anonymous-dns firewall rest];};
stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); }; stara-miner = configWithModules {modules = essential ++ [mods.monero-miner];};
}; };
} }

4
nixos/default.nix
View File

@ -1,3 +1,3 @@
{ ... }: { {...}: {
imports = [ ./modules ./configs ]; imports = [./modules ./configs];
} }

423
nixos/modules/default.nix
View File

@ -1,45 +1,63 @@
top@{ inputs, moduleWithSystem, ... }: { top @ {
inputs,
moduleWithSystem,
...
}: {
flake.nixosModules = { flake.nixosModules = {
grub = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { grub = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
boot = { boot = {
loader = { loader = {
grub = grub = let
let theme = pkgs.sleek-grub-theme.override {
theme = pkgs.sleek-grub-theme.override { withBanner = "Hello Ivan"; withStyle = "bigSur"; }; withBanner = "Hello Ivan";
in withStyle = "bigSur";
{
enable = pkgs.lib.mkDefault true;
useOSProber = true;
efiSupport = true;
device = "nodev";
theme = theme;
splashImage = "${theme}/background.png";
}; };
in {
enable = pkgs.lib.mkDefault true;
useOSProber = true;
efiSupport = true;
device = "nodev";
theme = theme;
splashImage = "${theme}/background.png";
};
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
}; };
}; };
}); });
base = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { base = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
imports = [ inputs.hosts.nixosModule ]; imports = [inputs.hosts.nixosModule];
system.stateVersion = top.config.flake.stateVersion; system.stateVersion = top.config.flake.stateVersion;
nix = { extraOptions = ''experimental-features = nix-command flakes''; }; nix = {extraOptions = ''experimental-features = nix-command flakes'';};
i18n.supportedLocales = [ "all" ]; i18n.supportedLocales = ["all"];
time.timeZone = "Europe/Prague"; time.timeZone = "Europe/Prague";
environment = { environment = {
systemPackages = with pkgs; [ cmatrix uutils-coreutils-noprefix cryptsetup fd file git glibc gnumake mlocate openssh openssl procs ripgrep srm unzip vim zip just nixos-install-tools tshark ]; systemPackages = with pkgs; [cmatrix uutils-coreutils-noprefix cryptsetup fd file git glibc gnumake mlocate openssh openssl procs ripgrep srm unzip vim zip just nixos-install-tools tshark];
sessionVariables = { MAKEFLAGS = "-j 4"; }; sessionVariables = {MAKEFLAGS = "-j 4";};
shells = with pkgs; [ bash zsh nushell ]; shells = with pkgs; [bash zsh nushell];
enableAllTerminfo = true; enableAllTerminfo = true;
}; };
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
programs = { zsh.enable = true; nix-ld.enable = true; }; programs = {
zsh.enable = true;
nix-ld.enable = true;
};
services = { services = {
dbus.enable = true; dbus.enable = true;
logind = { killUserProcesses = true; powerKeyLongPress = "reboot"; }; logind = {
killUserProcesses = true;
powerKeyLongPress = "reboot";
};
};
networking = {
stevenBlackHosts = {
enable = true;
blockFakenews = true;
blockGambling = true;
blockSocial = true;
};
}; };
networking = { stevenBlackHosts = { enable = true; blockFakenews = true; blockGambling = true; blockSocial = true; }; };
}); });
shell = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { shell = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
programs = { programs = {
starship.enable = true; starship.enable = true;
zsh = { zsh = {
@ -47,7 +65,7 @@ top@{ inputs, moduleWithSystem, ... }: {
syntaxHighlighting.enable = true; syntaxHighlighting.enable = true;
autosuggestions = { autosuggestions = {
enable = true; enable = true;
strategy = [ "completion" ]; strategy = ["completion"];
}; };
shellAliases = { shellAliases = {
cal = "cal $(date +%Y)"; cal = "cal $(date +%Y)";
@ -67,38 +85,68 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
sound = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { sound = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
services = { pipewire = { enable = true; alsa.enable = true; pulse.enable = true; }; }; services = {
environment.systemPackages = with pkgs; [ pwvucontrol ]; pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
};
environment.systemPackages = with pkgs; [pwvucontrol];
}); });
music = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { music = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
imports = [ inputs.musnix.nixosModules.musnix ]; imports = [inputs.musnix.nixosModules.musnix];
environment.systemPackages = with pkgs; [ guitarix ]; environment.systemPackages = with pkgs; [guitarix];
services.pipewire = { services.pipewire = {
jack.enable = true; jack.enable = true;
extraConfig = { jack."69-low-latency" = { "jack.properties" = { "node.latency" = "64/48000"; }; }; }; extraConfig = {jack."69-low-latency" = {"jack.properties" = {"node.latency" = "64/48000";};};};
}; };
musnix = { musnix = {
enable = true; enable = true;
rtcqs.enable = true; rtcqs.enable = true;
soundcardPciId = "00:1f.3"; soundcardPciId = "00:1f.3";
kernel = { realtime = true; packages = pkgs.linuxPackages-rt; }; kernel = {
realtime = true;
packages = pkgs.linuxPackages-rt;
};
}; };
}); });
wayland = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { wayland = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
hardware.graphics.enable = true; hardware.graphics.enable = true;
security.pam.services.swaylock = { }; security.pam.services.swaylock = {};
xdg.portal = { xdg.portal = {
enable = true; enable = true;
xdgOpenUsePortal = true; xdgOpenUsePortal = true;
wlr = { enable = true; settings = { screencast = { output_name = "HDMI-A-1"; max_fps = 60; }; }; }; wlr = {
enable = true;
settings = {
screencast = {
output_name = "HDMI-A-1";
max_fps = 60;
};
};
};
config.common.default = "*"; config.common.default = "*";
}; };
}); });
security = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { security = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
security = { security = {
sudo = { enable = false; execWheelOnly = true; extraRules = [{ groups = [ "wheel" ]; }]; }; sudo = {
doas = { enable = true; extraRules = [{ groups = [ "wheel" ]; noPass = true; keepEnv = true; }]; }; enable = false;
execWheelOnly = true;
extraRules = [{groups = ["wheel"];}];
};
doas = {
enable = true;
extraRules = [
{
groups = ["wheel"];
noPass = true;
keepEnv = true;
}
];
};
polkit.enable = true; polkit.enable = true;
rtkit.enable = true; rtkit.enable = true;
}; };
@ -106,12 +154,12 @@ top@{ inputs, moduleWithSystem, ... }: {
intranet = { intranet = {
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
wg0 = { wg0 = {
address = [ "10.0.0.2/32" ]; address = ["10.0.0.2/32"];
privateKeyFile = "/etc/wireguard/privatekey"; privateKeyFile = "/etc/wireguard/privatekey";
peers = [ peers = [
{ {
publicKey = "5FiTLnzbgcbgQLlyVyYeESEd+2DtwM1JHCGz/32UcEU="; publicKey = "5FiTLnzbgcbgQLlyVyYeESEd+2DtwM1JHCGz/32UcEU=";
allowedIPs = [ "0.0.0.0/0" "::/0" ]; allowedIPs = ["0.0.0.0/0" "::/0"];
endpoint = "37.205.13.29:51820"; endpoint = "37.205.13.29:51820";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
@ -170,65 +218,75 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}; };
ivand = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: ivand = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: let
let homeMods = top.config.flake.homeManagerModules; in { homeMods = top.config.flake.homeManagerModules;
imports = [ inputs.home-manager.nixosModules.default ]; in {
home-manager = { imports = [inputs.home-manager.nixosModules.default];
backupFileExtension = "bak"; home-manager = {
useUserPackages = true; backupFileExtension = "bak";
useGlobalPkgs = true; useUserPackages = true;
users.ivand = { ... }: { useGlobalPkgs = true;
imports = with homeMods; [ users.ivand = {...}: {
base imports = with homeMods; [
ivand base
shell ivand
util shell
swayland util
web swayland
web
];
};
};
fonts.packages = with pkgs; [(nerdfonts.override {fonts = ["FiraCode"];}) noto-fonts noto-fonts-emoji noto-fonts-lgc-plus];
users = {
users = {
ivand = {
isNormalUser = true;
createHome = true;
extraGroups = [
"adbusers"
"adm"
"audio"
"bluetooth"
"dialout"
"flatpak"
"kvm"
"mlocate"
"realtime"
"render"
"video"
"wheel"
]; ];
}; };
}; };
fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) noto-fonts noto-fonts-emoji noto-fonts-lgc-plus ]; extraGroups = {
users = { mlocate = {};
users = { realtime = {};
ivand = {
isNormalUser = true;
createHome = true;
extraGroups = [
"adbusers"
"adm"
"audio"
"bluetooth"
"dialout"
"flatpak"
"kvm"
"mlocate"
"realtime"
"render"
"video"
"wheel"
];
};
};
extraGroups = { mlocate = { }; realtime = { }; };
}; };
programs.dconf.enable = true; };
}); programs.dconf.enable = true;
});
flatpak = { flatpak = {
xdg = { portal = { enable = true; wlr.enable = true; config.common.default = "*"; }; }; xdg = {
portal = {
enable = true;
wlr.enable = true;
config.common.default = "*";
};
};
services.flatpak.enable = true; services.flatpak.enable = true;
}; };
ai = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { ai = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
services = { ollama.enable = true; }; services = {ollama.enable = true;};
}); });
anon = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { anon = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
environment.systemPackages = with pkgs; [ tor-browser ]; environment.systemPackages = with pkgs; [tor-browser];
}); });
cryptocurrency = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { cryptocurrency = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
environment.systemPackages = with pkgs; [ monero-cli ]; environment.systemPackages = with pkgs; [monero-cli];
services = { monero.enable = true; }; services = {monero.enable = true;};
}); });
monero-miner = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { monero-miner = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
services = { services = {
xmrig = { xmrig = {
enable = true; enable = true;
@ -249,12 +307,16 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
vps = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { vps = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
imports = [ imports = [
inputs.vpsadminos.nixosConfigurations.container inputs.vpsadminos.nixosConfigurations.container
]; ];
}); });
mailserver = moduleWithSystem (toplevel@{ ... }: perSystem@{ config, pkgs, ... }: { mailserver = moduleWithSystem (toplevel @ {...}: perSystem @ {
config,
pkgs,
...
}: {
imports = [ imports = [
inputs.simple-nixos-mailserver.nixosModule inputs.simple-nixos-mailserver.nixosModule
]; ];
@ -262,11 +324,11 @@ top@{ inputs, moduleWithSystem, ... }: {
enable = true; enable = true;
localDnsResolver = false; localDnsResolver = false;
fqdn = "mail.idimitrov.dev"; fqdn = "mail.idimitrov.dev";
domains = [ "idimitrov.dev" "mail.idimitrov.dev" ]; domains = ["idimitrov.dev" "mail.idimitrov.dev"];
loginAccounts = { loginAccounts = {
"ivan@idimitrov.dev" = { "ivan@idimitrov.dev" = {
hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm"; hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm";
aliases = [ "admin@idimitrov.dev" ]; aliases = ["admin@idimitrov.dev"];
}; };
"security@idimitrov.dev" = { "security@idimitrov.dev" = {
hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm"; hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm";
@ -276,10 +338,10 @@ top@{ inputs, moduleWithSystem, ... }: {
hierarchySeparator = "/"; hierarchySeparator = "/";
}; };
services = { services = {
dovecot2.sieve.extensions = [ "fileinto" ]; dovecot2.sieve.extensions = ["fileinto"];
roundcube = { roundcube = {
enable = true; enable = true;
package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); package = pkgs.roundcube.withPlugins (plugins: [plugins.persistent_login]);
plugins = [ plugins = [
"persistent_login" "persistent_login"
]; ];
@ -290,20 +352,18 @@ top@{ inputs, moduleWithSystem, ... }: {
$config['smtp_pass'] = "%p"; $config['smtp_pass'] = "%p";
''; '';
}; };
nginx.virtualHosts = nginx.virtualHosts = let
let restrictToVpn = ''
restrictToVpn = '' allow 10.0.0.2/32;
allow 10.0.0.2/32; allow 10.0.0.3/32;
allow 10.0.0.3/32; allow 10.0.0.4/32;
allow 10.0.0.4/32; deny all;
deny all; '';
''; in {
in "${config.mailserver.fqdn}" = {
{ extraConfig = restrictToVpn;
"${config.mailserver.fqdn}" = {
extraConfig = restrictToVpn;
};
}; };
};
postgresql.enable = true; postgresql.enable = true;
}; };
security = { security = {
@ -313,65 +373,63 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
nginx = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { nginx = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
services = { services = {
nginx = nginx = let
let webshiteConfig = ''
webshiteConfig = '' add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header X-Content-Type-Options nosniff;
add_header X-Content-Type-Options nosniff; '';
''; extensions = ["html" "txt" "png" "jpg" "jpeg"];
extensions = [ "html" "txt" "png" "jpg" "jpeg" ]; serveStatic = exts: ''
serveStatic = exts: '' try_files $uri $uri/ ${pkgs.lib.strings.concatStringsSep " " (builtins.map (x: "$uri." + "${x}") exts)} =404;
try_files $uri $uri/ ${pkgs.lib.strings.concatStringsSep " " (builtins.map (x: "$uri." + "${x}") exts)} =404; '';
''; in {
in enable = true;
{ recommendedGzipSettings = true;
enable = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedProxySettings = true;
recommendedOptimisation = true; recommendedTlsSettings = true;
recommendedProxySettings = true; sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
recommendedTlsSettings = true; virtualHosts = {
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; "idimitrov.dev" = {
virtualHosts = { enableACME = true;
"idimitrov.dev" = { forceSSL = true;
enableACME = true; locations."/" = {
forceSSL = true; root = "${pkgs.webshite}";
locations."/" = { extraConfig = serveStatic extensions;
root = "${pkgs.webshite}";
extraConfig = serveStatic extensions;
};
extraConfig = webshiteConfig;
}; };
"www.idimitrov.dev" = { extraConfig = webshiteConfig;
enableACME = true; };
forceSSL = true; "www.idimitrov.dev" = {
locations."/" = { enableACME = true;
root = "${pkgs.webshite}"; forceSSL = true;
extraConfig = serveStatic extensions; locations."/" = {
}; root = "${pkgs.webshite}";
extraConfig = webshiteConfig; extraConfig = serveStatic extensions;
}; };
"src.idimitrov.dev" = { extraConfig = webshiteConfig;
enableACME = true; };
forceSSL = true; "src.idimitrov.dev" = {
locations."/" = { enableACME = true;
proxyPass = "http://127.0.0.1:3001"; forceSSL = true;
}; locations."/" = {
proxyPass = "http://127.0.0.1:3001";
}; };
"pic.idimitrov.dev" = { };
enableACME = true; "pic.idimitrov.dev" = {
forceSSL = true; enableACME = true;
locations."/" = { forceSSL = true;
root = "/var/pic"; locations."/" = {
extraConfig = '' root = "/var/pic";
autoindex on; extraConfig = ''
${serveStatic ["png"]} autoindex on;
''; ${serveStatic ["png"]}
}; '';
}; };
}; };
}; };
};
gitea = { gitea = {
enable = true; enable = true;
appName = "src"; appName = "src";
@ -407,17 +465,20 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
wireguard-output = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { wireguard-output = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
networking = { networking = {
nat = { nat = {
enable = true; enable = true;
enableIPv6 = true; enableIPv6 = true;
externalInterface = "venet0"; externalInterface = "venet0";
internalInterfaces = [ "wg0" ]; internalInterfaces = ["wg0"];
}; };
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = let iptables = "${pkgs.iptables}/bin/iptables"; ip6tables = "${pkgs.iptables}/bin/ip6tables"; in { wg0 = let
address = [ "10.0.0.1/32" ]; iptables = "${pkgs.iptables}/bin/iptables";
ip6tables = "${pkgs.iptables}/bin/ip6tables";
in {
address = ["10.0.0.1/32"];
listenPort = 51820; listenPort = 51820;
privateKeyFile = "/etc/wireguard/privatekey"; privateKeyFile = "/etc/wireguard/privatekey";
postUp = '' postUp = ''
@ -435,24 +496,24 @@ top@{ inputs, moduleWithSystem, ... }: {
peers = [ peers = [
{ {
publicKey = "kI93V0dVKSqX8hxMJHK5C0c1hEDPQTgPQDU8TKocVgo="; publicKey = "kI93V0dVKSqX8hxMJHK5C0c1hEDPQTgPQDU8TKocVgo=";
allowedIPs = [ "10.0.0.2/32" ]; allowedIPs = ["10.0.0.2/32"];
} }
{ {
publicKey = "RqTsFxFCcgYsytcDr+jfEoOA5UNxa1ZzGlpx6iuTpXY="; publicKey = "RqTsFxFCcgYsytcDr+jfEoOA5UNxa1ZzGlpx6iuTpXY=";
allowedIPs = [ "10.0.0.3/32" ]; allowedIPs = ["10.0.0.3/32"];
} }
{ {
publicKey = "1e0mjluqXdLbzv681HlC9B8BfGN8sIXIw3huLyQqwXI="; publicKey = "1e0mjluqXdLbzv681HlC9B8BfGN8sIXIw3huLyQqwXI=";
allowedIPs = [ "10.0.0.4/32" ]; allowedIPs = ["10.0.0.4/32"];
} }
]; ];
}; };
}; };
}; };
}); });
anonymous-dns = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: { anonymous-dns = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
networking = { networking = {
nameservers = [ "127.0.0.1" "::1" ]; nameservers = ["127.0.0.1" "::1"];
dhcpcd.extraConfig = "nohook resolv.conf"; dhcpcd.extraConfig = "nohook resolv.conf";
}; };
services = { services = {
@ -469,7 +530,12 @@ top@{ inputs, moduleWithSystem, ... }: {
require_nolog = true; require_nolog = true;
require_nofilter = true; require_nofilter = true;
anonymized_dns = { anonymized_dns = {
routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }]; routes = [
{
server_name = "*";
via = ["sdns://gQ8yMTcuMTM4LjIyMC4yNDM"];
}
];
}; };
sources.public-resolvers = { sources.public-resolvers = {
urls = [ urls = [
@ -483,7 +549,7 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
firewall = moduleWithSystem (toplevel@{ ... }: perSystem@{ lib, ... }: { firewall = moduleWithSystem (toplevel @ {...}: perSystem @ {lib, ...}: {
networking = { networking = {
firewall = lib.mkForce { firewall = lib.mkForce {
enable = true; enable = true;
@ -516,25 +582,24 @@ top@{ inputs, moduleWithSystem, ... }: {
}; };
}; };
}); });
rest = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: { rest = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
fileSystems."/mnt/export1981" = { fileSystems."/mnt/export1981" = {
device = "172.16.128.47:/nas/5490"; device = "172.16.128.47:/nas/5490";
fsType = "nfs"; fsType = "nfs";
options = [ "nofail" ]; options = ["nofail"];
}; };
users = { users = {
users.ivand = { users.ivand = {
isNormalUser = true; isNormalUser = true;
hashedPassword = hashedPassword = "$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";
"$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG"; extraGroups = ["wheel" "adm" "mlocate"];
extraGroups = [ "wheel" "adm" "mlocate" ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
'' ''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICcLkzuCoBEg+wq/H+hkrv6pLJ8J5BejaNJVNnymlnlo ivan@idimitrov.dev ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICcLkzuCoBEg+wq/H+hkrv6pLJ8J5BejaNJVNnymlnlo ivan@idimitrov.dev
'' ''
]; ];
}; };
extraGroups = { mlocate = { }; }; extraGroups = {mlocate = {};};
}; };
services = { services = {
openssh = { openssh = {
@ -547,7 +612,7 @@ top@{ inputs, moduleWithSystem, ... }: {
systemd = { systemd = {
timers = { timers = {
bingwp = { bingwp = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
timerConfig = { timerConfig = {
OnCalendar = "*-*-* 10:00:00"; OnCalendar = "*-*-* 10:00:00";
Persistent = true; Persistent = true;

14
overlays/default.nix
View File

@ -1,7 +1,13 @@
top@{ inputs, withSystem, ... }: { top @ {
flake.overlays.default = final: prev: inputs,
let system = "x86_64-linux"; in withSystem system ( withSystem,
{ config, ... }: { ...
}: {
flake.overlays.default = final: prev: let
system = "x86_64-linux";
in
withSystem system (
{config, ...}: {
nvim = config.packages.nvim; nvim = config.packages.nvim;
bingwp = config.packages.bingwp; bingwp = config.packages.bingwp;
screenshot = config.packages.screenshot; screenshot = config.packages.screenshot;

18
packages/default.nix
View File

@ -1,5 +1,9 @@
top@{ inputs, ... }: { top @ {inputs, ...}: {
perSystem = perSystem@{ system, pkgs, ... }: { perSystem = perSystem @ {
system,
pkgs,
...
}: {
config.packages = { config.packages = {
nvim = inputs.ide.nvim.${system}.standalone.default { nvim = inputs.ide.nvim.${system}.standalone.default {
plugins.lsp.servers = { plugins.lsp.servers = {
@ -7,12 +11,12 @@ top@{ inputs, ... }: {
pylsp.enable = true; pylsp.enable = true;
lua-ls.enable = true; lua-ls.enable = true;
}; };
extraPlugins = with pkgs.vimPlugins; [ vim-just ]; extraPlugins = with pkgs.vimPlugins; [vim-just];
}; };
wpd = pkgs.writeShellApplication { wpd = pkgs.writeShellApplication {
name = "wpd"; name = "wpd";
runtimeInputs = with pkgs; [ swaybg xdg-user-dirs fd uutils-coreutils-noprefix ]; runtimeInputs = with pkgs; [swaybg xdg-user-dirs fd uutils-coreutils-noprefix];
runtimeEnv = { WAYLAND_DISPLAY = "wayland-1"; }; runtimeEnv = {WAYLAND_DISPLAY = "wayland-1";};
text = '' text = ''
random_pic () { random_pic () {
bg_dir="$(xdg-user-dir PICTURES)/bg" bg_dir="$(xdg-user-dir PICTURES)/bg"
@ -32,7 +36,7 @@ top@{ inputs, ... }: {
}; };
screenshot = pkgs.writeShellApplication { screenshot = pkgs.writeShellApplication {
name = "screenshot"; name = "screenshot";
runtimeInputs = with pkgs; [ wl-clipboard xdg-utils ]; runtimeInputs = with pkgs; [wl-clipboard xdg-utils];
text = '' text = ''
ss_dir="$(xdg-user-dir PICTURES)/ss" ss_dir="$(xdg-user-dir PICTURES)/ss"
pic_dir="$ss_dir/$(date "+%Y-%m-%d_%H-%M-%S").png" pic_dir="$ss_dir/$(date "+%Y-%m-%d_%H-%M-%S").png"
@ -53,7 +57,7 @@ top@{ inputs, ... }: {
}; };
cursors = pkgs.catppuccin-cursors.overrideAttrs (prev: rec { cursors = pkgs.catppuccin-cursors.overrideAttrs (prev: rec {
version = "0.3.1"; version = "0.3.1";
nativeBuildInputs = prev.nativeBuildInputs ++ [ pkgs.xcur2png ]; nativeBuildInputs = prev.nativeBuildInputs ++ [pkgs.xcur2png];
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "catppuccin"; owner = "catppuccin";
repo = "cursors"; repo = "cursors";