ivandimitrov8080/configuration.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ivandimitrov8080:master
Branches Tags
ivandimitrov8080:master
ivandimitrov8080:wireguard
ivandimitrov8080:test
ivandimitrov8080:feature/merge
ivandimitrov8080:refactor_home
ivandimitrov8080:feat_nixosHome
ivandimitrov8080:feat_vm
ivandimitrov8080:feat_parts
..
compare: ivandimitrov8080:refactor_home
Branches Tags
ivandimitrov8080:master
ivandimitrov8080:wireguard
ivandimitrov8080:test
ivandimitrov8080:feature/merge
ivandimitrov8080:refactor_home
ivandimitrov8080:feat_nixosHome
ivandimitrov8080:feat_vm
ivandimitrov8080:feat_parts

No commits in common. "master" and "refactor_home" have entirely different histories.
master ... refactor_h

24 changed files with 718 additions and 1702 deletions
Show Stats Expand all files Collapse all files

24
Justfile
View File

@ -1,24 +0,0 @@
default: nova
all: nova (nova "music")
nova config="nova":
#!/usr/bin/env sh
cfg={{config}}
if [ "$cfg" != "nova" ]; then
cfg="nova-{{config}}"
fi
doas nixos-rebuild switch --flake ./#"$cfg"
update:
nix flake update
clean:
nix-collect-garbage --delete-older-than 90d
doas nix-collect-garbage --delete-older-than 90d
generate format="install-iso" config="install-iso":
nix shell nixpkgs#nixos-generators --command nixos-generate -f {{format}} --flake ./#{{config}}
vps:
nixos-rebuild switch --flake ./#vps --target-host root@37.205.13.29

28
Makefile Normal file
View File

@ -0,0 +1,28 @@
.PHONY: default all home nixos vm update clean
default: all
all: home nixos
home:
home-manager switch --flake ./. -b $$(mktemp -u XXXX)
nixos:
doas nixos-rebuild switch --flake ./.
vm:
nixos-rebuild build-vm --flake ./.#vm
update:
nix flake update
clean: cleanRoot cleanHome
cleanHome:
nix-collect-garbage --delete-older-than 30d
cleanRoot:
doas nix-collect-garbage --delete-older-than 30d
news:
home-manager news --flake ./.

53
README.md
View File

@ -1,26 +1,39 @@
# NixOS configurations
# My personal nixos config.
This repository aims to configure everything I use for all my machines.
### Usage
### Goals
To build the base system for my craptop:
- Provide me with something that I personally can use.
- Make it modular so that it can be reused by other people or me on other people's machines (my company's workstation).
### How to use
[Check the home-manager modules](./home/modules/default.nix)
[Check the NixOS modules](./nixos/modules/default.nix)
These are exposed in the following way
`<this-flake>.homeManagerModules.<module>`
`<this-flake>.nixosModules.<module>`
Run the following for more info:
```bash
nix flake show github:ivandimitrov8080/configuration.nix
sudo nixos-rebuild switch --flake github:ivandimitrov8080/configuration.nix#laptop
```
To build ivand home:
```bash
home-manager switch --flake github:ivandimitrov8080/configuration.nix#ivand
```
To reuse modules:
in your flake.nix:
```nix
inputs.ivan-mods = {
url = "github:ivandimitrov8080/configuration.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = {self, nixpkgs, ivan-mods, ...}:{
...
homeConfigurations = {
my-user = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = with ivan-mods.modules.home; [
programs.nvim
programs.zsh
];
};
};
...
};
```

35
bin/bingwp Executable file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env nu
let today = (date now | format date '%Y-%m-%d')
let pic_dir = (xdg-user-dir PICTURES)
let bg_dir = $pic_dir | path join "bg"
let today_img_file = $bg_dir | path join ( [ $today, ".png" ] | str join )
let is_new = ((date now | format date "%H" | into int) >= 10)
mkdir $bg_dir
def exists [file: path] {
return ($file | path exists)
}
def is_empty [file: path] {
return ((exists $file) and ((ls $file | get size | first | into int) == 0))
}
def fetch [] {
http get ("https://bing.com" + ((http get https://www.bing.com/HPImageArchive.aspx?format=js&n=1).images.0.url)) | save $today_img_file
}
def cleanup [] {
if (is_empty $today_img_file) {
rm -rf $today_img_file
}
}
cleanup
if $is_new and (not (exists $today_img_file)) {
fetch
/run/current-system/sw/bin/ln -sf $today_img_file ( $pic_dir | path join "bg.png" )
}
cleanup

3
bin/i2p Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
chromium --proxy-server=127.0.0.1:4444

22
bin/ks Executable file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env bash
doc_dir=$(xdg-user-dir DOCUMENTS)
ks_dir="$doc_dir/ks"
name="$1"
full_path="$ks_dir/$name.md.gpg"
tmpfile="/tmp/$name.md"
mkdir -p "$ks_dir"
cd "$ks_dir"
if [ -f "$full_path" ]; then
gpg --decrypt -o "$tmpfile" "$full_path"
else
touch "$tmpfile"
fi
$EDITOR "$tmpfile"
gpg --encrypt -r ivan@idimitrov.dev -o "$full_path" "$tmpfile"
git add . && git commit -m "editing $name" && git push --set-upstream origin HEAD

5
bin/purge-home Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/env bash
cd "$HOME"
rm -rf .visualvm .bin .npm .cache .cargo .librewolf .mupdf.history .ollama .psql_history .python_history .sbt .tldrc .zcompdump .viminfo .wireguard

30
bin/screenshot Executable file
View File

@ -0,0 +1,30 @@
#!/usr/bin/env nu
let tmp_img = "/tmp/screen.png" | path join
let ss_dir = ((xdg-user-dir PICTURES | str trim) | path join "ss")
let pic_dir = ($ss_dir | path join ((date now | format date) | str join ".png"))
mkdir $ss_dir
def copy_image [] {
open $pic_dir | wl-copy
}
def prepare_screen [] {
let grim_id = pueue add -i -p grim $tmp_img
let imv_id = pueue add -a $grim_id -p imv -f $tmp_img
grim -g $"(slurp -b '#FFFFFF00' -c '#FF0000FF')" $pic_dir
pueue kill $imv_id $grim_id
pueue wait
pueue remove $imv_id $grim_id
}
def "main area" [] {
prepare_screen
copy_image
}
def main [] {
grim $pic_dir
copy_image
}

3
bin/srvsts Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env bash
ssh -n vpsfree-root 'cat /var/log/nginx/access.log' | goaccess --datetime-format='%d/%b/%Y:%H:%M:%S %z' --log-format='COMBINED'

15
default.nix
View File

@ -1,13 +1,22 @@
top@{ inputs, ... }: {
imports = [ ./nixos ./home ./packages ./overlays ./hardware-configurations ];
imports = [ ./nixos ./home ];
systems = [ "x86_64-linux" ];
flake.stateVersion = "24.05";
perSystem = { system, ... }: {
perSystem = perSystem@{ system, ... }: {
config._module.args = {
pkgs = import inputs.nixpkgs {
inherit system;
overlays = [
top.config.flake.overlays.default
(final: prev: {
nvim = inputs.ide.nvim.${system}.standalone.default {
plugins.lsp.servers = {
bashls.enable = true;
nushell.enable = true;
};
};
scripts = (prev.buildEnv { name = "scripts"; paths = [ ./. ]; });
})
inputs.sal.overlays.default
];
};
};

697
flake.lock
View File

@ -1,53 +1,14 @@
{
"nodes": {
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"devshell": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"devshell_2": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717408969,
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
@ -124,68 +85,6 @@
"type": "github"
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_6": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_7": {
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"revCount": 57,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_8": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -195,11 +94,11 @@
]
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -238,75 +137,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"webshite",
"ide",
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_5": {
"inputs": {
"nixpkgs-lib": [
"webshite",
"ide",
"neovim-nightly-overlay",
"hercules-ci-effects",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"type": "github"
},
"original": {
"id": "flake-parts",
"type": "indirect"
}
},
"flake-parts_6": {
"inputs": {
"nixpkgs-lib": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
@ -346,46 +176,6 @@
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": [
"webshite",
"ide",
"systems"
]
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
@ -415,70 +205,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1721042469,
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"git-hooks_2": {
"inputs": {
"flake-compat": [
"ide",
"nixvim",
"flake-compat"
],
"gitignore": "gitignore_2",
"nixpkgs": [
"ide",
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1721042469,
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"git-hooks_3": {
"inputs": {
"flake-compat": "flake-compat_6",
"gitignore": "gitignore_3",
"nixpkgs": [
"webshite",
"ide",
"neovim-nightly-overlay",
"nixpkgs"
],
"nixpkgs-stable": [
"webshite",
"ide",
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1718879355,
"narHash": "sha256-RTyqP4fBX2MdhNuMP+fnR3lIwbdtXhyj7w7fwtvgspc=",
@ -493,18 +219,16 @@
"type": "github"
}
},
"git-hooks_4": {
"git-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_8",
"gitignore": "gitignore_4",
"flake-compat": "flake-compat_4",
"gitignore": "gitignore_2",
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
@ -570,54 +294,6 @@
"type": "github"
}
},
"gitignore_3": {
"inputs": {
"nixpkgs": [
"webshite",
"ide",
"neovim-nightly-overlay",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_4": {
"inputs": {
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_2",
@ -627,30 +303,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1719226092,
"narHash": "sha256-YNkUMcCUCpnULp40g+svYsaH1RbSEj6s4WdZY/SHe38=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "11e4b8dc112e2f485d7c97e1cee77f9958f498f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"type": "github"
}
},
"hercules-ci-effects_2": {
"inputs": {
"flake-parts": "flake-parts_5",
"nixpkgs": [
"webshite",
"ide",
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1718018037,
"narHash": "sha256-03rLBd/lKecgaKz0j5ESUf9lDn5R0SJatZTKLL5unWE=",
@ -672,11 +324,11 @@
]
},
"locked": {
"lastModified": 1725863684,
"narHash": "sha256-HmdTBpuCsw35Ii35JUKO6AE6nae+kJliQb0XGd4hoLE=",
"lastModified": 1720167120,
"narHash": "sha256-K9JYdlPiyaXp33JRg7CT8rMwH56e4ncXSsXW/YKnNXc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "be47a2bdf278c57c2d05e747a13ed31cef54a037",
"rev": "bbe6e94737289c8cb92d4d8f9199fbfe4f11c0ba",
"type": "github"
},
"original": {
@ -693,29 +345,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1722407237,
"narHash": "sha256-wcpVHUc2nBSSgOM7UJSpcRbyus4duREF31xlzHV5T+A=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "58cef3796271aaeabaed98884d4abaab5d9d162d",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719037157,
"narHash": "sha256-aOKd8+mhBsLQChCu1mn/W5ww79ta5cXVE59aJFrifM8=",
@ -737,11 +366,11 @@
]
},
"locked": {
"lastModified": 1725674607,
"narHash": "sha256-vTaoz2yRd9g3NZNKYufZeB8UJ381aBPmRV91lEmV37o=",
"lastModified": 1720105772,
"narHash": "sha256-tahf6mdtmZofwMZfMsuDAqCR/V1qZt6vV+o6t4YTKG0=",
"owner": "StevenBlack",
"repo": "hosts",
"rev": "10b187280ec15374e4d2b28e7705046e7d535d91",
"rev": "bfefd08fd5dfbc175e82e5c339b0f4ab124c500e",
"type": "github"
},
"original": {
@ -761,36 +390,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1722691995,
"narHash": "sha256-TWpmjsNJN75sHfAfsFTlhSl2t5ZQtoRTthu2XfaFnpw=",
"lastModified": 1720081265,
"narHash": "sha256-MQjLb0AhXlJM5icYj9KJ+FYV/dDGiGKvPQIGcDuceiM=",
"owner": "ivandimitrov8080",
"repo": "flake-ide",
"rev": "c3a2cc3f24a854ad91513f1692607764ee9e6b8e",
"type": "github"
},
"original": {
"owner": "ivandimitrov8080",
"repo": "flake-ide",
"type": "github"
}
},
"ide_2": {
"inputs": {
"flake-utils": "flake-utils_3",
"neovim-nightly-overlay": "neovim-nightly-overlay_2",
"nixpkgs": [
"webshite",
"nixpkgs"
],
"nixvim": "nixvim_2",
"systems": "systems_4"
},
"locked": {
"lastModified": 1720387774,
"narHash": "sha256-vbdLOPW2s5HZ/aRJl2GtcL1d4racetoPRn6W7dGVl+E=",
"owner": "ivandimitrov8080",
"repo": "flake-ide",
"rev": "7194c89a92430d755aabd11d2eae25d13b6e8f00",
"rev": "ede87ccb5225e562efb1be4c68b645c3b2c7dca6",
"type": "github"
},
"original": {
@ -806,11 +410,11 @@
]
},
"locked": {
"lastModified": 1725237485,
"narHash": "sha256-POpzmA7+ecCUEZsu2a5fgwYhJ60POzve+lMhxebmTz4=",
"lastModified": 1719810225,
"narHash": "sha256-/2loMwYYMrBYSOWjNJ253xlwYhnQZ+PVmyE7NDI/xJA=",
"owner": "musnix",
"repo": "musnix",
"rev": "b5f3a47fd74193cb98c85cfeb6a25358150bdd90",
"rev": "2197ffe9fa4c2b62e33d656ee443b086dbb4f151",
"type": "github"
},
"original": {
@ -831,33 +435,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1722471252,
"narHash": "sha256-rgNPBiWN+y2jBiXIEgV/McBfkPeZax80eol0FBoupCk=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "fe7178b41d84add25c63a695620629050fb35bbd",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"type": "github"
}
},
"neovim-nightly-overlay_2": {
"inputs": {
"flake-compat": "flake-compat_5",
"flake-parts": "flake-parts_4",
"git-hooks": "git-hooks_3",
"hercules-ci-effects": "hercules-ci-effects_2",
"neovim-src": "neovim-src_2",
"nixpkgs": [
"webshite",
"ide",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719211247,
"narHash": "sha256-GaEckCf2RaHzoEDj/j07BIV6eyDOT5wCFVSdbbkZ87U=",
@ -873,22 +450,6 @@
}
},
"neovim-src": {
"flake": false,
"locked": {
"lastModified": 1722463651,
"narHash": "sha256-3YorBqxT1RpL3Z2rLDCJhG+1HnBsgjrW8AOlTkFWlbA=",
"owner": "neovim",
"repo": "neovim",
"rev": "e820474cde09273608be5f57e1032aab21e3c97d",
"type": "github"
},
"original": {
"owner": "neovim",
"repo": "neovim",
"type": "github"
}
},
"neovim-src_2": {
"flake": false,
"locked": {
"lastModified": 1719138008,
@ -912,29 +473,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1722082646,
"narHash": "sha256-od8dBWVP/ngg0cuoyEl/w9D+TCNDj6Kh4tr151Aax7w=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "0413754b3cdb879ba14f6e96915e5fdf06c6aab6",
"type": "github"
},
"original": {
"owner": "lnl7",
"repo": "nix-darwin",
"type": "github"
}
},
"nix-darwin_2": {
"inputs": {
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719128254,
"narHash": "sha256-I7jMpq0CAOZA/i70+HDQO/ulLttyQu/K70cSESiMX7A=",
@ -951,11 +489,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"lastModified": 1720031269,
"narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
"type": "github"
},
"original": {
@ -965,21 +503,6 @@
"type": "github"
}
},
"nixpkgs-24_05": {
"locked": {
"lastModified": 1717144377,
"narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "805a384895c696f802a9bf5bf4720f37385df547",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.05",
"type": "indirect"
}
},
"nixvim": {
"inputs": {
"devshell": "devshell",
@ -992,38 +515,8 @@
"ide",
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1722492816,
"narHash": "sha256-aZe7oSm/+GM1whS6bxZy+DJgbcy8rDIkygBA0owCvmU=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "820f8d58eafd7121989fea3ae9e71f29699d856b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixvim",
"type": "github"
}
},
"nixvim_2": {
"inputs": {
"devshell": "devshell_2",
"flake-compat": "flake-compat_7",
"flake-parts": "flake-parts_6",
"git-hooks": "git-hooks_4",
"home-manager": "home-manager_3",
"nix-darwin": "nix-darwin_2",
"nixpkgs": [
"webshite",
"ide",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1719228487,
"narHash": "sha256-eJUcZAjOcGAoh97ZRsy+ls8IkHPMpDuh0IpRKSmoWs4=",
@ -1038,29 +531,6 @@
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722144272,
"narHash": "sha256-olZbfaEdd+zNPuuyYcYGaRzymA9rOmth8yXOlVm+LUs=",
"owner": "NuschtOS",
"repo": "search",
"rev": "16565307c267ec219c2b5d3494ba66df08e7d403",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"parts": {
"inputs": {
"nixpkgs-lib": [
@ -1068,11 +538,11 @@
]
},
"locked": {
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"type": "github"
},
"original": {
@ -1089,10 +559,7 @@
"musnix": "musnix",
"nixpkgs": "nixpkgs",
"parts": "parts",
"sal": "sal",
"simple-nixos-mailserver": "simple-nixos-mailserver",
"vpsadminos": "vpsadminos",
"webshite": "webshite"
"sal": "sal"
}
},
"sal": {
@ -1118,29 +585,6 @@
"type": "github"
}
},
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_4",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-24_05": "nixpkgs-24_05"
},
"locked": {
"lastModified": 1722877200,
"narHash": "sha256-qgKDNJXs+od+1UbRy62uk7dYal3h98I4WojfIqMoGcg=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"type": "gitlab"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -1171,36 +615,6 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1680978846,
"narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
"owner": "nix-systems",
"repo": "x86_64-linux",
"rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "x86_64-linux",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
@ -1209,29 +623,6 @@
"nixpkgs"
]
},
"locked": {
"lastModified": 1722330636,
"narHash": "sha256-uru7JzOa33YlSRwf9sfXpJG+UAV+bnBEYMjrzKrQZFw=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "768acdb06968e53aa1ee8de207fd955335c754b7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"webshite",
"ide",
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1718522839,
"narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=",
@ -1245,42 +636,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"vpsadminos": {
"locked": {
"lastModified": 1725810385,
"narHash": "sha256-+6UULi05KMHmLfhlrNGhMdLZUoQeC5Dc1nLFdINyeyI=",
"owner": "vpsfreecz",
"repo": "vpsadminos",
"rev": "37c5eb47ca3f11deac83e4ada20a6c21d5487f29",
"type": "github"
},
"original": {
"owner": "vpsfreecz",
"repo": "vpsadminos",
"type": "github"
}
},
"webshite": {
"inputs": {
"ide": "ide_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1722604181,
"narHash": "sha256-lbli+H6fgQlVyXX4qtU8SfvncDB+HZOUd53Rj23pyv0=",
"owner": "ivandimitrov8080",
"repo": "idimitrov.dev",
"rev": "4d1b71bf30bcf24b0ef5e347026d2c5369cad8eb",
"type": "github"
},
"original": {
"owner": "ivandimitrov8080",
"repo": "idimitrov.dev",
"type": "github"
}
}
},
"root": "root",

14
flake.nix
View File

@ -1,7 +1,6 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
vpsadminos.url = "github:vpsfreecz/vpsadminos";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -20,23 +19,12 @@
};
sal = {
url = "github:ivandimitrov8080/sal";
inputs = {
nixpkgs.follows = "nixpkgs";
ide.follows = "ide";
};
inputs = { nixpkgs.follows = "nixpkgs"; ide.follows = "ide"; };
};
musnix = {
url = "github:musnix/musnix";
inputs.nixpkgs.follows = "nixpkgs";
};
simple-nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs.nixpkgs.follows = "nixpkgs";
};
webshite = {
url = "github:ivandimitrov8080/idimitrov.dev";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs: inputs.parts.lib.mkFlake { inherit inputs; } { imports = [ ./. ]; };
}

30
hardware-configurations/default.nix
View File

@ -1,30 +0,0 @@
_: {
flake.hardwareConfigurations = {
nova = { lib, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ];
kernelModules = [ ];
luks.devices."nixos".device = "/dev/disk/by-uuid/712dd8ba-d5b4-438a-9a77-663b8c935cfe";
};
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/4C3C-993A";
fsType = "vfat";
};
};
swapDevices = [ ];
networking.useDHCP = lib.mkForce true;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkForce false;
};
};
}

3
home/configs/default.nix Normal file
View File

@ -0,0 +1,3 @@
{
imports = [ ./ivand ];
}

18
home/configs/ivand/default.nix Normal file
View File

@ -0,0 +1,18 @@
toplevel@{ inputs, withSystem, config, ... }:
{
flake.homeConfigurations.ivand = withSystem "x86_64-linux" (ctx@{ pkgs, ... }:
inputs.home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
let
mods = config.flake.homeManagerModules;
in
[
mods.base
mods.shell
mods.util
mods.swayland
mods.web
];
});
}

2
home/default.nix
View File

@ -1,3 +1,3 @@
{
imports = [./modules];
imports = [ ./modules ./configs ];
}

547
home/modules/default.nix
View File

@ -1,9 +1,72 @@
toplevel@{ moduleWithSystem, ... }: {
flake.homeManagerModules = {
base = moduleWithSystem (
_: { config, ... }: {
programs.home-manager.enable = true;
home.stateVersion = toplevel.config.flake.stateVersion;
top@{ ... }:
perSystem@{ pkgs, config, ... }: {
programs = {
home-manager.enable = true;
password-store = {
enable = true;
package = pkgs.pass.withExtensions (e: with e; [ pass-otp pass-file ]);
settings = {
PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store";
};
};
git = {
enable = true;
delta.enable = true;
userName = pkgs.lib.mkDefault "Ivan Kirilov Dimitrov";
userEmail = pkgs.lib.mkDefault "ivan@idimitrov.dev";
signing = {
signByDefault = true;
key = "ivan@idimitrov.dev";
};
extraConfig = {
color.ui = "auto";
pull.rebase = true;
push.autoSetupRemote = true;
};
aliases = {
a = "add .";
c = "commit";
d = "diff --cached";
p = "push";
};
};
gpg.enable = true;
};
services = {
pueue.enable = true;
gpg-agent = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableNushellIntegration = true;
pinentryPackage = pkgs.pinentry-qt;
};
};
home = {
stateVersion = toplevel.config.flake.stateVersion;
username = "ivand";
homeDirectory = "/home/ivand";
sessionVariables = {
EDITOR = "nvim";
PAGER = "bat";
TERM = "screen-256color";
MAKEFLAGS = "-j 4";
};
pointerCursor = with pkgs; {
name = lib.mkForce "BreezeX-RosePine-Linux";
package = lib.mkForce rose-pine-cursor;
size = 24;
gtk.enable = true;
};
packages = with pkgs; [
transmission_4
speedtest-cli
nvim
];
};
xdg = {
enable = true;
userDirs = with config; {
@ -18,164 +81,22 @@ toplevel @ { moduleWithSystem, ... }: {
publicShare = "${home.homeDirectory}/pub";
music = "${home.homeDirectory}/mus";
};
mimeApps.enable = true;
};
}
);
ivand = moduleWithSystem (
_: { pkgs, ... }: {
home = {
username = "ivand";
homeDirectory = "/home/ivand";
sessionVariables = { EDITOR = "nvim"; };
packages = with pkgs; [ nvim ];
};
programs = {
git = with pkgs.lib; {
userName = mkForce "Ivan Kirilov Dimitrov";
userEmail = mkForce "ivan@idimitrov.dev";
signing = mkForce {
signByDefault = true;
key = "ivan@idimitrov.dev";
};
};
ssh = {
matchBlocks = {
vpsfree-ivand = {
hostname = "10.0.0.1";
user = "ivand";
};
vpsfree-root = {
hostname = "10.0.0.1";
user = "root";
};
};
};
};
}
);
util = moduleWithSystem (
_: { pkgs
, config
, ...
}: {
home = {
packages = with pkgs; [ openssl mlocate uutils-coreutils-noprefix speedtest-cli ];
sessionVariables = {
PAGER = "bat";
BAT_THEME = "catppuccin-mocha";
};
};
programs = {
password-store = {
mimeApps = {
enable = true;
package = pkgs.pass.withExtensions (e: with e; [ pass-otp pass-file ]);
settings = { PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store"; };
defaultApplications = {
"text/html" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
};
git = {
enable = true;
delta.enable = true;
extraConfig = {
color.ui = "auto";
pull.rebase = true;
push.autoSetupRemote = true;
};
aliases = {
a = "add .";
c = "commit";
d = "diff --cached";
p = "push";
pa = "!git remote | xargs -L1 git push --all";
};
};
tealdeer = {
enable = true;
settings = {
display = { compact = true; };
updates = { auto_update = true; };
};
};
bottom = {
enable = true;
settings = {
flags = { rate = "250ms"; };
row = [
{
ratio = 40;
child = [{ type = "cpu"; } { type = "mem"; } { type = "net"; }];
}
{
ratio = 35;
child = [{ type = "temp"; } { type = "disk"; }];
}
{
ratio = 40;
child = [
{
type = "proc";
default = true;
}
];
}
];
};
};
fzf = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
};
nix-index = {
enable = true;
enableZshIntegration = false;
enableBashIntegration = false;
};
bat = {
enable = true;
themes =
let
catppuccin = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "bat";
rev = "82e7ca555f805b53d2b377390e4ab38c20282e83";
sha256 = "sha256-/Ob9iCVyjJDBCXlss9KwFQTuxybmSSzYRBZxOT10PZg=";
};
in
{
catppuccin-mocha = {
src = catppuccin;
file = "themes/Catppuccin Mocha.tmTheme";
};
catppuccin-macchiato = {
src = catppuccin;
file = "themes/Catppuccin Macchiato.tmTheme";
};
catppuccin-frappe = {
src = catppuccin;
file = "themes/Catppuccin Frappe.tmTheme";
};
catppuccin-latte = {
src = catppuccin;
file = "themes/Catppuccin Latte.tmTheme";
};
};
};
ssh.enable = true;
gpg.enable = true;
};
services = {
gpg-agent = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableNushellIntegration = true;
pinentryPackage = pkgs.pinentry-qt;
};
};
}
);
shell = moduleWithSystem (
_: { pkgs, ... }: {
top@{ ... }:
perSystem@{ pkgs, ... }: {
programs =
let
shellAliases = {
@ -183,16 +104,20 @@ toplevel @ { moduleWithSystem, ... }: {
GG = "git add . && git commit -m 'GG' && git push --set-upstream origin HEAD";
gad = "git add . && git diff --cached";
gac = "ga && gc";
gach = "gac -C HEAD";
ga = "git add .";
gc = "git commit";
dev = "nix develop --command $SHELL";
ls = "eza";
la = "eza --all";
lt = "eza --git-ignore --all --tree --level=10";
ls = "${pkgs.nushell}/bin/nu -c 'ls'";
la = "${pkgs.nushell}/bin/nu -c 'ls -al'";
torrent = "transmission-remote";
vi = "nvim";
sc = "systemctl";
neofetch = "${pkgs.fastfetch}/bin/fastfetch -c all.jsonc";
};
sessionVariables = { };
sessionVariables = {
TERM = "screen-256color";
};
in
{
bash = {
@ -200,7 +125,11 @@ toplevel @ { moduleWithSystem, ... }: {
enable = true;
enableVteIntegration = true;
historyControl = [ "erasedups" ];
historyIgnore = [ "ls" "cd" "exit" ];
historyIgnore = [
"ls"
"cd"
"exit"
];
};
zsh = {
inherit shellAliases sessionVariables;
@ -215,9 +144,22 @@ toplevel @ { moduleWithSystem, ... }: {
};
nushell = {
enable = true;
environmentVariables = { config = ''{ show_banner: false, completions: { quick: false partial: false algorithm: "prefix" } } ''; };
shellAliases = {
gcal = ''bash -c "cal $(date +%Y)" '';
environmentVariables = {
config = ''
{
show_banner: false,
completions: {
quick: false
partial: false
algorithm: "prefix"
}
}
'';
};
shellAliases = shellAliases // {
gcal = ''
bash -c "cal $(date +%Y)"
'';
la = "ls -al";
dev = "nix develop --command $env.SHELL";
};
@ -245,37 +187,44 @@ toplevel @ { moduleWithSystem, ... }: {
enableZshIntegration = true;
enableBashIntegration = true;
};
eza = {
};
}
);
util = moduleWithSystem (
top@{ ... }:
perSystem@{ ... }: {
programs = {
tealdeer = {
enable = true;
enableZshIntegration = true;
enableBashIntegration = true;
extraOptions = [
"--long"
"--header"
"--icons"
"--smart-group"
"--mounts"
"--octal-permissions"
"--git"
settings = {
display = {
compact = true;
};
updates = {
auto_update = true;
};
};
};
bottom = {
enable = true;
settings = {
flags = {
rate = "250ms";
};
row = [
{ ratio = 40; child = [{ type = "cpu"; } { type = "mem"; } { type = "net"; }]; }
{ ratio = 35; child = [{ type = "temp"; } { type = "disk"; }]; }
{ ratio = 40; child = [{ type = "proc"; default = true; }]; }
];
};
};
bat.enable = true;
};
}
);
swayland = moduleWithSystem (
_: { pkgs
, config
, ...
}: {
home = {
packages = with pkgs; [ audacity gimp grim libnotify libreoffice-qt mupdf slurp transmission_4 wl-clipboard xdg-user-dirs xdg-utils xwayland telegram-desktop ];
pointerCursor = with pkgs; {
name = "catppuccin-mocha-green-cursors";
package = catppuccin-cursors.mochaGreen;
size = 24;
gtk.enable = true;
};
};
top@{ ... }:
perSystem@{ pkgs, config, ... }: {
wayland.windowManager.sway = {
enable = true;
systemd.enable = true;
@ -284,25 +233,31 @@ toplevel @ { moduleWithSystem, ... }: {
terminal = "kitty";
modifier = "Mod4";
startup = [
{ command = "swaymsg 'workspace 2; exec firefox'"; }
{ command = "swaymsg 'workspace 1; exec kitty'"; }
{ command = "swaymsg 'workspace 2; exec firefox'"; }
];
bars = [ ];
window.titlebar = false;
keybindings = pkgs.lib.mkOptionDefault {
"F1" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"Shift+F1" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"F2" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"Shift+F2" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ -5%";
"F3" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"Shift+F3" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ +5%";
"F9" = "exec doas ${pkgs.light}/bin/light -A 10";
"F8" = "exec doas ${pkgs.light}/bin/light -U 10";
"Alt+Shift+l" = "exec ${pkgs.swaylock}/bin/swaylock";
# Audio
"XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"Alt+XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ +5%";
"Alt+XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ -5%";
"XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
# Display
"Alt+Shift+l" = "exec ${pkgs.swaylock}/bin/swaylock"; # Lock screen
"XF86ScreenSaver" = "output 'eDP-1' toggle"; # Turn screen off
"XF86MonBrightnessUp" = "exec doas ${pkgs.light}/bin/light -A 10";
"XF86MonBrightnessDown" = "exec doas ${pkgs.light}/bin/light -U 10";
# Programs
"${modifier}+p" = "exec ${menu}";
"${modifier}+Shift+s" = "exec ${pkgs.screenshot}/bin/screenshot";
"${modifier}+Shift+a" = "exec screenshot area";
"${modifier}+Shift+s" = "exec screenshot";
"${modifier}+c" = "exec ${pkgs.sal}/bin/sal";
"End" = "exec rofi -show calc";
# sway commands
"${modifier}+Shift+r" = "reload";
"${modifier}+Shift+c" = "kill";
"${modifier}+Shift+q" = "exit";
@ -315,35 +270,40 @@ toplevel @ { moduleWithSystem, ... }: {
};
};
};
swaynag = { inherit (config.wayland.windowManager.sway) enable; };
swaynag = {
enable = true;
};
};
programs = {
waybar = {
enable = true;
settings = {
mainBar =
let
in
{
layer = "top";
position = "top";
height = 30;
output = [ "eDP-1" "HDMI-A-1" "*" ];
modules-left = [ "sway/workspaces" "sway/mode" ];
output = [
"eDP-1"
"HDMI-A-1"
];
modules-left = [ "sway/workspaces" ];
modules-center = [ "clock#week" "clock#year" "clock#time" ];
modules-right = [ "network" "pulseaudio" "memory" "cpu" "battery" ];
"clock#time" = {
format = "{:%H:%M:%S}";
interval = 1;
tooltip = false;
};
"clock#week" = {
format = "{:%a}";
tooltip = false;
};
"clock#year" = {
format = "{:%Y-%m-%d}";
tooltip = false;
};
battery = {
@ -354,10 +314,11 @@ toplevel @ { moduleWithSystem, ... }: {
warning = 30;
critical = 15;
};
tooltip = false;
};
cpu = { format = "<span color='#74c7ec'></span> {usage}%"; };
cpu = {
format = "<span color='#74c7ec'></span> {usage}%";
};
memory = {
format = "<span color='#89b4fa'></span> {percentage}%";
@ -373,7 +334,6 @@ toplevel @ { moduleWithSystem, ... }: {
headphone = "";
default = [ "" "" "" ];
};
tooltip = false;
};
network = {
@ -382,7 +342,6 @@ toplevel @ { moduleWithSystem, ... }: {
format-disconnected = "<span color='#eba0ac'>󰈂 no connection</span>";
format-icons = [ "󰤟" "󰤢" "󰤥" "󰤨" ];
interval = 5;
tooltip = false;
};
"sway/workspaces" = {
@ -395,33 +354,7 @@ toplevel @ { moduleWithSystem, ... }: {
enable = true;
target = "sway-session.target";
};
style = ''
@define-color rosewater #f5e0dc;
@define-color flamingo #f2cdcd;
@define-color pink #f5c2e7;
@define-color mauve #cba6f7;
@define-color red #f38ba8;
@define-color maroon #eba0ac;
@define-color peach #fab387;
@define-color yellow #f9e2af;
@define-color green #a6e3a1;
@define-color teal #94e2d5;
@define-color sky #89dceb;
@define-color sapphire #74c7ec;
@define-color blue #89b4fa;
@define-color lavender #b4befe;
@define-color text #cdd6f4;
@define-color subtext1 #bac2de;
@define-color subtext0 #a6adc8;
@define-color overlay2 #9399b2;
@define-color overlay1 #7f849c;
@define-color overlay0 #6c7086;
@define-color surface2 #585b70;
@define-color surface1 #45475a;
@define-color surface0 #313244;
@define-color base #1e1e2e;
@define-color mantle #181825;
@define-color crust #11111b;
style = /* CSS */ ''
* {
font-family: FontAwesome, 'Fira Code';
font-size: 13px;
@ -558,19 +491,22 @@ toplevel @ { moduleWithSystem, ... }: {
settings = {
background_opacity = "0.90";
cursor_shape = "beam";
term = "screen-256color";
};
};
imv = {
enable = true;
settings = { options.fullscreen = true; };
};
mpv = {
enable = true;
scripts = with pkgs.mpvScripts; [ uosc thumbfast ];
};
bash.profileExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
zsh.loginExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
nushell.loginFile.text = ''if (tty) == "/dev/tty1" { sway } '';
imv.enable = true;
mpv.enable = true;
bash.profileExtra = ''
[ "$(tty)" = "/dev/tty1" ] && exec sway
'';
zsh.loginExtra = ''
[ "$(tty)" = "/dev/tty1" ] && exec sway
'';
nushell.loginFile.text = ''
if (tty) == "/dev/tty1" {
sway
}
'';
};
services = {
mako.enable = true;
@ -580,57 +516,54 @@ toplevel @ { moduleWithSystem, ... }: {
};
};
systemd.user = {
timers = {
rbingwp = {
Timer = {
OnCalendar = "*-*-* 10:00:00";
Persistent = true;
};
Install = { WantedBy = [ "timers.target" ]; };
};
};
timers = { rbingwp = { Timer = { OnCalendar = "*-*-* 10:00:00"; Persistent = true; }; Install = { WantedBy = [ "timers.target" ]; }; }; };
services = {
wpd = {
Install = { WantedBy = [ "sway-session.target" ]; };
Unit = {
Description = "Switch background every x minutes";
After = "graphical-session-pre.target";
PartOf = "graphical-session.target";
};
Service = {
ExecStart = [ "${pkgs.wpd}/bin/wpd" ];
Environment = [
"PATH=${pkgs.xdg-user-dirs}/bin:${pkgs.swaybg}/bin"
];
ExecStart = [ "${pkgs.nushell}/bin/nu -c 'swaybg -i ((xdg-user-dir PICTURES) | path split | path join bg.png)'" ];
};
};
bingwp = {
Service = { Type = "oneshot"; Environment = [ "PATH=${pkgs.xdg-user-dirs}/bin:${pkgs.nushell}/bin" ]; ExecStart = [ "${pkgs.scripts}/bin/bingwp" ]; };
};
rbingwp = {
Install = { WantedBy = [ "sway-session.target" ]; };
Unit = { Description = "Restart bingwp and wpd services"; After = "graphical-session-pre.target"; PartOf = "graphical-session.target"; };
Service = {
Type = "oneshot";
ExecStart = [ "${pkgs.nushell}/bin/nu -c '${pkgs.systemd}/bin/systemctl --user restart bingwp.service; ${pkgs.systemd}/bin/systemctl --user restart wpd.service'" ];
};
};
};
};
xdg.mimeApps.defaultApplications = {
"image/jpg" = "imv.desktop";
"image/jpeg" = "imv.desktop";
"image/png" = "imv.desktop";
"image/webp" = "imv.desktop";
"image/gif" = "imv.desktop";
"image/svg+xml" = "imv.desktop";
"video/mp4" = "mpv.desktop";
"video/mpeg" = "mpv.desktop";
"video/ogg" = "mpv.desktop";
"video/webm" = "mpv.desktop";
"video/x-msvideo" = "mpv.desktop";
};
home.packages = with pkgs; [
audacity
gimp
grim
libnotify
libreoffice-qt
mupdf
slurp
wl-clipboard
xdg-user-dirs
xdg-utils
xwayland
];
}
);
web = moduleWithSystem (
_: _: {
top@{ ... }:
perSystem@{ pkgs, ... }: {
programs = {
browserpass.enable = true;
firefox = {
enable = true;
profiles.ivand = {
id = 0;
search = {
default = "DuckDuckGo";
privateDefault = "DuckDuckGo";
force = true;
};
search.default = "DuckDuckGo";
bookmarks = [
{
name = "home-options";
@ -645,7 +578,7 @@ toplevel @ { moduleWithSystem, ... }: {
"general.smoothScroll" = true;
"signon.rememberSignons" = false;
"extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
"layout.frame_rate" = 60;
"layout.frame_rate" = 120;
};
};
policies = {
@ -657,23 +590,7 @@ toplevel @ { moduleWithSystem, ... }: {
OfferToSaveLogins = false;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
NoDefaultBookmarks = true;
PopupBlocking.Default = false;
PromptForDownloadLocation = false;
TranslateEnabled = false;
SearchBar = "unified";
SearchSuggestEnabled = false;
SanitizeOnShutdown = {
Cache = true;
FormData = true;
Locked = true;
Cookies = false;
Downloads = false;
History = false;
Sessions = false;
SiteSettings = false;
OfflineApps = true;
};
FirefoxHome = {
Search = true;
Pocket = false;
@ -681,11 +598,9 @@ toplevel @ { moduleWithSystem, ... }: {
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
FeatureRecommendations = false;
UrlbarInterventions = false;
MoreFromMozilla = false;
SkipOnboarding = true;
};
@ -705,16 +620,26 @@ toplevel @ { moduleWithSystem, ... }: {
};
};
};
chromium = {
};
home = {
file.".mozilla/native-messaging-hosts/gpgmejson.json".text = builtins.toJSON {
name = "gpgmejson";
description = "Integration with GnuPG";
path = "${pkgs.gpgme.dev}/bin/gpgme-json";
type = "stdio";
allowed_extensions = [
"jid1-AQqSMBYb0a8ADg@jetpack"
];
};
};
}
);
work = moduleWithSystem (
top@{ ... }:
perSystem@{ pkgs, ... }: {
programs.chromium = {
enable = true;
};
};
xdg.mimeApps.defaultApplications = {
"text/html" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
package = pkgs.ungoogled-chromium;
};
}
);

57
nixos/configs/default.nix
View File

@ -1,41 +1,30 @@
toplevel @ { inputs
, withSystem
, ...
}:
toplevel@{ inputs, withSystem, ... }:
let
system = "x86_64-linux";
mods = toplevel.config.flake.nixosModules;
inherit (toplevel.config.flake) hardwareConfigurations;
essential = with mods; [ grub base shell security wireless intranet ];
desktop = with mods; [ sound wayland ];
configWithModules =
{ hardware ? { nixpkgs.hostPlatform = system; }
, modules
,
}:
withSystem system ({ inputs', pkgs, ... }:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs inputs' pkgs;
};
modules = [ hardware ] ++ modules;
});
novaConfig = mods:
configWithModules {
hardware = hardwareConfigurations.nova;
modules = essential ++ desktop ++ mods;
};
in
{
flake.nixosConfigurations = {
nova = novaConfig [ mods.ivand ];
nova-music = novaConfig (with mods; [ ivand music ]);
nova-crypto = novaConfig (with mods; [ ivand cryptocurrency ]);
nova-nonya = novaConfig (with mods; [ ivand anon cryptocurrency ]);
nova-ai = novaConfig (with mods; [ ivand ai ]);
nova-containers = novaConfig (with mods; [ ivand containers ]);
install-iso = configWithModules { modules = with mods; [ grub base shell wireless ]; };
vps = configWithModules { modules = with mods; [ base shell security vps mailserver nginx wireguard-output anonymous-dns firewall rest ]; };
stara-miner = configWithModules { modules = essential ++ [ mods.monero-miner ]; };
nixos = withSystem system (ctx@{ config, inputs', ... }:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs inputs';
packages = config.packages;
};
modules = [
./nova-hardware.nix
inputs.hosts.nixosModule
inputs.musnix.nixosModules.musnix
] ++ (with toplevel.config.flake.nixosModules; [ grub base sound music wayland security ivand wireless wireguard ]);
});
vm = withSystem system (ctx@{ config, inputs', ... }:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs inputs';
packages = config.packages;
};
modules = [
inputs.hosts.nixosModule
] ++ (with toplevel.config.flake.nixosModules; [ vm base security testUser ]);
});
};
}

38
nixos/configs/laptop-hardware.nix Normal file
View File

@ -0,0 +1,38 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/sda1";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D76B-0BB3";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

41
nixos/configs/nova-hardware.nix Normal file
View File

@ -0,0 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af";
fsType = "btrfs";
};
boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/712dd8ba-d5b4-438a-9a77-663b8c935cfe";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/4C3C-993A";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s20f0u6.useDHCP = lib.mkDefault true;
# networking.interfaces.enp47s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp45s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

622
nixos/modules/default.nix
View File

@ -1,50 +1,60 @@
top @ { inputs, moduleWithSystem, ... }: {
top@{ moduleWithSystem, ... }: {
flake.nixosModules = {
grub = moduleWithSystem (_: { pkgs, ... }: {
grub = {
boot = {
loader = {
grub =
let
theme = pkgs.sleek-grub-theme.override {
withBanner = "Hello Ivan";
withStyle = "bigSur";
};
in
{
inherit theme;
enable = pkgs.lib.mkDefault true;
grub = {
enable = true;
useOSProber = true;
efiSupport = true;
device = "nodev";
splashImage = "${theme}/background.png";
};
efi.canTouchEfiVariables = true;
efi = {
canTouchEfiVariables = true;
};
};
});
base = moduleWithSystem (_: { pkgs, ... }: {
imports = [ inputs.hosts.nixosModule ];
};
};
base = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
system.stateVersion = top.config.flake.stateVersion;
nix = { extraOptions = ''experimental-features = nix-command flakes''; };
nix = {
extraOptions = ''
experimental-features = nix-command flakes
'';
};
i18n.supportedLocales = [ "all" ];
time.timeZone = "Europe/Prague";
fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) noto-fonts noto-fonts-emoji noto-fonts-lgc-plus ];
environment = {
systemPackages = with pkgs; [ cmatrix uutils-coreutils-noprefix cryptsetup fd file git glibc gnumake mlocate openssh openssl procs ripgrep srm unzip vim zip just nixos-install-tools tshark ];
sessionVariables = { MAKEFLAGS = "-j 4"; };
shells = with pkgs; [ bash zsh nushell ];
enableAllTerminfo = true;
systemPackages = with pkgs; [
cmatrix
coreutils-full
cryptsetup
fd
file
git
glibc
gnumake
mlocate
moreutils
openssh
openssl
procs
ripgrep
srm
unzip
vim
zip
];
shells = with pkgs; [ zsh nushell ];
};
users.defaultUserShell = pkgs.zsh;
programs = {
zsh.enable = true;
nix-ld.enable = true;
dconf.enable = true;
};
services = {
dbus.enable = true;
logind = {
killUserProcesses = true;
powerKeyLongPress = "reboot";
};
};
networking = {
stevenBlackHosts = {
@ -54,35 +64,7 @@ top @ { inputs, moduleWithSystem, ... }: {
};
};
});
shell = moduleWithSystem (_: { pkgs, ... }: {
programs = {
starship.enable = true;
zsh = {
enableBashCompletion = true;
syntaxHighlighting.enable = true;
autosuggestions = {
enable = true;
strategy = [ "completion" ];
};
shellAliases = {
cal = "cal $(date +%Y)";
GG = "git add . && git commit -m 'GG' && git push --set-upstream origin HEAD";
gad = "git add . && git diff --cached";
gac = "ga && gc";
ga = "git add .";
gc = "git commit";
dev = "nix develop --command $SHELL";
eza = "${pkgs.eza}/bin/eza '--long' '--header' '--icons' '--smart-group' '--mounts' '--octal-permissions' '--git'";
ls = "eza";
la = "eza --all";
lt = "eza --git-ignore --all --tree --level=10";
sc = "systemctl";
neofetch = "${pkgs.fastfetch}/bin/fastfetch -c all.jsonc";
};
};
};
});
sound = moduleWithSystem (_: { pkgs, ... }: {
sound = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
services = {
pipewire = {
enable = true;
@ -90,68 +72,74 @@ top @ { inputs, moduleWithSystem, ... }: {
pulse.enable = true;
};
};
environment.systemPackages = with pkgs; [ pwvucontrol ];
environment.systemPackages = with pkgs; [
pwvucontrol
];
});
music = moduleWithSystem (_: { pkgs, ... }: {
imports = [ inputs.musnix.nixosModules.musnix ];
environment.systemPackages = with pkgs; [ guitarix ];
music = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
environment.systemPackages = with pkgs; [
guitarix
];
services.pipewire = {
jack.enable = true;
extraConfig = { jack."69-low-latency" = { "jack.properties" = { "node.latency" = "64/48000"; }; }; };
extraConfig = {
jack."69-low-latency" = {
"jack.properties" = {
"node.latency" = "64/48000";
};
};
};
};
musnix = {
enable = true;
rtcqs.enable = true;
soundcardPciId = "00:1f.3";
kernel = {
realtime = true;
packages = pkgs.linuxPackages-rt;
packages = pkgs.linuxPackages_6_8_rt;
};
# magic to me
rtirq = {
# highList = "snd_hrtimer";
resetAll = 1;
prioLow = 0;
enable = true;
nameList = "rtc0 snd";
};
};
});
wayland = moduleWithSystem (_: _: {
wayland = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: {
hardware.graphics.enable = true;
security.pam.services.swaylock = { };
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
wlr = {
enable = true;
settings = {
screencast = {
output_name = "HDMI-A-1";
max_fps = 60;
};
};
};
config.common.default = "*";
};
});
security = moduleWithSystem (_: _: {
security = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: {
security = {
sudo = {
enable = false;
execWheelOnly = true;
extraRules = [{ groups = [ "wheel" ]; }];
extraRules = [
{
groups = [ "wheel" ];
}
];
};
doas = {
enable = true;
extraRules = [
{
groups = [ "wheel" ];
noPass = true;
keepEnv = true;
}
# Allow wheel to run all commands without password and keep user env.
{ groups = [ "wheel" ]; noPass = true; keepEnv = true; }
];
};
polkit.enable = true;
rtkit.enable = true;
};
});
intranet = {
wireguard = {
networking.wg-quick.interfaces = {
wg0 = {
address = [ "10.0.0.2/32" ];
address = [ "10.0.0.4/32" ];
privateKeyFile = "/etc/wireguard/privatekey";
peers = [
{
@ -163,12 +151,6 @@ top @ { inputs, moduleWithSystem, ... }: {
];
};
};
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
};
};
};
wireless = {
networking = {
@ -208,49 +190,13 @@ top @ { inputs, moduleWithSystem, ... }: {
"KOTEKLAN_GUEST" = {
psk = "koteklankotek";
};
"TP-Link_BE7A" = {
psk = "84665461";
};
"Post120" = {
psk = "9996663333";
};
"MOONLIGHT2019" = {
psk = "seacrets";
};
"Kaiser Terrasse" = {
psk = "Internet12";
};
"ATHENS-HAWKS" = { };
"3G" = {
hidden = true;
};
};
};
};
};
ivand = moduleWithSystem (_: { pkgs, ... }:
let
homeMods = top.config.flake.homeManagerModules;
in
{
imports = [ inputs.home-manager.nixosModules.default ];
home-manager = {
backupFileExtension = "bak";
useUserPackages = true;
useGlobalPkgs = true;
users.ivand = { ... }: {
imports = with homeMods; [
base
ivand
shell
util
swayland
web
];
};
};
fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) noto-fonts noto-fonts-emoji noto-fonts-lgc-plus ];
ivand = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
users = {
defaultUserShell = pkgs.zsh;
users = {
ivand = {
isNormalUser = true;
@ -264,19 +210,40 @@ top @ { inputs, moduleWithSystem, ... }: {
"flatpak"
"kvm"
"mlocate"
"realtime"
"render"
"video"
"wheel"
];
};
};
extraGroups = {
mlocate = { };
realtime = { };
extraGroups = { mlocate = { }; };
};
});
testUser = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
users = {
defaultUserShell = pkgs.zsh;
users = {
test = {
isNormalUser = true;
createHome = true;
initialPassword = "test";
extraGroups = [
"adbusers"
"adm"
"audio"
"bluetooth"
"dialout"
"flatpak"
"kvm"
"mlocate"
"render"
"video"
"wheel"
];
};
};
programs.dconf.enable = true;
extraGroups = { mlocate = { }; };
};
});
flatpak = {
xdg = {
@ -288,369 +255,44 @@ top @ { inputs, moduleWithSystem, ... }: {
};
services.flatpak.enable = true;
};
ai = moduleWithSystem (_: _: {
services = { ollama.enable = true; };
});
containers = moduleWithSystem (_: _: {
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
};
users.users.ivand.extraGroups = [ "docker" ];
});
anon = moduleWithSystem (_: { pkgs, ... }: {
environment.systemPackages = with pkgs; [ tor-browser ];
});
cryptocurrency = moduleWithSystem (_: { pkgs, ... }: {
environment.systemPackages = with pkgs; [ monero-cli ];
services = { monero.enable = true; };
});
monero-miner = moduleWithSystem (_: _: {
ai = moduleWithSystem (toplevel@{ ... }: perSystem@{ ... }: {
services = {
xmrig = {
enable = true;
settings = {
autosave = true;
cpu = true;
opencl = false;
cuda = false;
pools = [
{
url = "pool.supportxmr.com:443";
user = "48e9t9xvq4M4HBWomz6whiY624YRCPwgJ7LPXngcc8pUHk6hCuR3k6ENpLGDAhPEHWaju8Z4btxkbENpcwaqWcBvLxyh5cn";
keepalive = true;
tls = true;
}
];
};
};
ollama.enable = true;
};
});
vps = moduleWithSystem (_: { ... }: {
imports = [
inputs.vpsadminos.nixosConfigurations.container
];
});
mailserver = moduleWithSystem (_: { config
, pkgs
, ...
}: {
imports = [
inputs.simple-nixos-mailserver.nixosModule
];
mailserver = {
enable = true;
localDnsResolver = false;
fqdn = "mail.idimitrov.dev";
domains = [ "idimitrov.dev" "mail.idimitrov.dev" ];
loginAccounts = {
"ivan@idimitrov.dev" = {
hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm";
aliases = [ "admin@idimitrov.dev" ];
};
"security@idimitrov.dev" = {
hashedPassword = "$2b$05$rTVIQD98ogXeCBKdk/YufulWHqpMCAlb7SHDPlh5y8Xbukoa/uQLm";
};
};
certificateScheme = "acme-nginx";
hierarchySeparator = "/";
};
services = {
dovecot2.sieve.extensions = [ "fileinto" ];
roundcube = {
enable = true;
package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
plugins = [
"persistent_login"
];
hostName = "${config.mailserver.fqdn}";
extraConfig = ''
$config['smtp_host'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
nginx.virtualHosts =
let
restrictToVpn = ''
allow 10.0.0.2/32;
allow 10.0.0.3/32;
allow 10.0.0.4/32;
deny all;
'';
in
{
"${config.mailserver.fqdn}" = {
extraConfig = restrictToVpn;
};
};
postgresql.enable = true;
};
security = {
acme = {
acceptTerms = true;
defaults.email = "security@idimitrov.dev";
};
};
});
nginx = moduleWithSystem (_: { pkgs, ... }: {
services = {
nginx =
let
webshiteConfig = ''
add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Content-Type-Options nosniff;
'';
extensions = [ "html" "txt" "png" "jpg" "jpeg" ];
serveStatic = exts: ''
try_files $uri $uri/ ${pkgs.lib.strings.concatStringsSep " " (builtins.map (x: "$uri." + "${x}") exts)} =404;
'';
in
{
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
virtualHosts = {
"idimitrov.dev" = {
enableACME = true;
forceSSL = true;
locations."/" = {
root = "${pkgs.webshite}";
extraConfig = serveStatic extensions;
};
extraConfig = webshiteConfig;
};
"www.idimitrov.dev" = {
enableACME = true;
forceSSL = true;
locations."/" = {
root = "${pkgs.webshite}";
extraConfig = serveStatic extensions;
};
extraConfig = webshiteConfig;
};
"src.idimitrov.dev" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3001";
};
};
"pic.idimitrov.dev" = {
enableACME = true;
forceSSL = true;
locations."/" = {
root = "/var/pic";
extraConfig = ''
autoindex on;
${serveStatic ["png"]}
'';
};
};
};
};
gitea = {
enable = true;
appName = "src";
database = {
type = "postgres";
};
settings = {
server = {
DOMAIN = "src.idimitrov.dev";
ROOT_URL = "https://src.idimitrov.dev/";
HTTP_PORT = 3001;
};
repository = {
DEFAULT_BRANCH = "master";
};
service = {
DISABLE_REGISTRATION = true;
};
};
};
postgresql = {
enable = true;
ensureUsers = [
{
name = "root";
ensureClauses = {
superuser = true;
createrole = true;
createdb = true;
};
}
];
};
};
});
wireguard-output = moduleWithSystem (_: { pkgs, ... }: {
networking = {
nat = {
enable = true;
enableIPv6 = true;
externalInterface = "venet0";
internalInterfaces = [ "wg0" ];
};
wg-quick.interfaces = {
wg0 =
let
iptables = "${pkgs.iptables}/bin/iptables";
ip6tables = "${pkgs.iptables}/bin/ip6tables";
in
{
address = [ "10.0.0.1/32" ];
listenPort = 51820;
privateKeyFile = "/etc/wireguard/privatekey";
postUp = ''
${iptables} -A FORWARD -i wg0 -j ACCEPT
${iptables} -t nat -A POSTROUTING -s 10.0.0.1/24 -o venet0 -j MASQUERADE
${ip6tables} -A FORWARD -i wg0 -j ACCEPT
${ip6tables} -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o venet0 -j MASQUERADE
'';
preDown = ''
${iptables} -D FORWARD -i wg0 -j ACCEPT
${iptables} -t nat -D POSTROUTING -s 10.0.0.1/24 -o venet0 -j MASQUERADE
${ip6tables} -D FORWARD -i wg0 -j ACCEPT
${ip6tables} -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o venet0 -j MASQUERADE
'';
peers = [
{
publicKey = "kI93V0dVKSqX8hxMJHK5C0c1hEDPQTgPQDU8TKocVgo=";
allowedIPs = [ "10.0.0.2/32" ];
}
{
publicKey = "RqTsFxFCcgYsytcDr+jfEoOA5UNxa1ZzGlpx6iuTpXY=";
allowedIPs = [ "10.0.0.3/32" ];
}
{
publicKey = "1e0mjluqXdLbzv681HlC9B8BfGN8sIXIw3huLyQqwXI=";
allowedIPs = [ "10.0.0.4/32" ];
}
];
};
};
};
});
anonymous-dns = moduleWithSystem (_: _: {
networking = {
nameservers = [ "127.0.0.1" "::1" ];
dhcpcd.extraConfig = "nohook resolv.conf";
};
services = {
dnscrypt-proxy2 = {
enable = true;
settings = {
cache = false;
ipv4_servers = true;
ipv6_servers = true;
dnscrypt_servers = true;
doh_servers = false;
odoh_servers = false;
require_dnssec = true;
require_nolog = true;
require_nofilter = true;
anonymized_dns = {
routes = [
{
server_name = "*";
via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ];
}
];
};
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
};
};
};
});
firewall = moduleWithSystem (_: { lib, ... }: {
networking = {
firewall = lib.mkForce {
enable = true;
allowedTCPPorts = [
25 # smtp
465 # smtps
80 # http
443 # https
];
allowedUDPPorts = [
25
465
80
443
51820 # wireguard
];
extraCommands = ''
iptables -N vpn # create a new chain named vpn
iptables -A vpn --src 10.0.0.2 -j ACCEPT # allow
iptables -A vpn --src 10.0.0.3 -j ACCEPT # allow
iptables -A vpn --src 10.0.0.4 -j ACCEPT # allow
iptables -A vpn -j DROP # drop everyone else
iptables -I INPUT -m tcp -p tcp --dport 22 -j vpn
'';
extraStopCommands = ''
iptables -F vpn
iptables -D INPUT -m tcp -p tcp --dport 22 -j vpn
iptables -X vpn
'';
};
};
});
rest = moduleWithSystem (_: { pkgs, ... }: {
fileSystems."/mnt/export1981" = {
device = "172.16.128.47:/nas/5490";
fsType = "nfs";
options = [ "nofail" ];
};
users = {
users.ivand = {
isNormalUser = true;
hashedPassword = "$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";
extraGroups = [ "wheel" "adm" "mlocate" ];
openssh.authorizedKeys.keys = [
''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICcLkzuCoBEg+wq/H+hkrv6pLJ8J5BejaNJVNnymlnlo ivan@idimitrov.dev
''
];
};
extraGroups = { mlocate = { }; };
};
services = {
openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
};
};
};
systemd = {
timers = {
bingwp = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*-*-* 10:00:00";
Persistent = true;
vm = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }: {
nixpkgs.hostPlatform = "x86_64-linux";
virtualisation.vmVariant = {
# following configuration is added only when building VM with build-vm
virtualisation = {
memorySize = 8192;
cores = 4;
resolution = {
x = 1920;
y = 1080;
};
diskImage = "$HOME/doc/vm.qcow2";
qemu = {
options = [ "-vga qxl" "-spice port=5900,addr=127.0.0.1,disable-ticketing=on" ];
};
};
services = {
bingwp = {
description = "Download bing image of the day";
script = ''
${pkgs.nushell}/bin/nu -c "http get ('https://bing.com' + ((http get https://www.bing.com/HPImageArchive.aspx?format=js&n=1).images.0.url)) | save ('/var/pic' | path join ( [ (date now | format date '%Y-%m-%d'), '.png' ] | str join ))"
${pkgs.nushell}/bin/nu -c "${pkgs.toybox}/bin/ln -sf (ls /var/pic | where type == file | get name | sort | last) /var/pic/latest.png"
'';
displayManager.sddm.enable = true;
xserver = {
enable = true;
desktopManager.xfce.enable = true;
videoDrivers = [ "qxl" ];
};
spice-autorandr.enable = true;
spice-vdagentd.enable = true;
spice-webdavd.enable = true;
};
environment = {
systemPackages = with pkgs; [
xorg.xf86videoqxl
tor-browser
gnupg
];
};
};
});

8
overlays/default.nix
View File

@ -1,8 +0,0 @@
{ withSystem, ... }: {
flake.overlays.default = _: _:
withSystem "x86_64-linux" (
{ config, ... }: with config.packages; {
inherit nvim bingwp screenshot cursors wpd webshite sal;
}
);
}

69
packages/default.nix
View File

@ -1,69 +0,0 @@
{ inputs, ... }: {
perSystem =
{ system, pkgs, ... }: {
config.packages = {
nvim = inputs.ide.nvim.${system}.standalone.default {
plugins.lsp.servers = {
bashls.enable = true;
pylsp.enable = true;
lua-ls.enable = true;
};
extraPlugins = with pkgs.vimPlugins; [ vim-just ];
};
wpd = pkgs.writeShellApplication {
name = "wpd";
runtimeInputs = with pkgs; [ swaybg xdg-user-dirs fd uutils-coreutils-noprefix ];
runtimeEnv = { WAYLAND_DISPLAY = "wayland-1"; };
text = ''
random_pic () {
bg_dir="$(xdg-user-dir PICTURES)/bg"
fd . --extension png "$bg_dir" | shuf -n1
}
swaybg -i "$(random_pic)" -m fill &
OLD_PID=$!
while true; do
sleep 60
swaybg -i "$(random_pic)" -m fill &
NEXT_PID=$!
sleep 5
kill -9 $OLD_PID
OLD_PID=$NEXT_PID
done
'';
};
screenshot = pkgs.writeShellApplication {
name = "screenshot";
runtimeInputs = with pkgs; [ wl-clipboard xdg-utils ];
text = ''
ss_dir="$(xdg-user-dir PICTURES)/ss"
pic_dir="$ss_dir/$(date "+%Y-%m-%d_%H-%M-%S").png"
mkdir -p "$ss_dir"
copy_image () {
wl-copy < "$pic_dir"
}
main () {
grim "$pic_dir"
copy_image
}
main
'';
};
cursors = pkgs.catppuccin-cursors.overrideAttrs (prev: rec {
version = "0.3.1";
nativeBuildInputs = prev.nativeBuildInputs ++ [ pkgs.xcur2png ];
src = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "cursors";
rev = "v${version}";
hash = "sha256-CuzD6O/RImFKLWzJoiUv7nlIdoXNvwwl+k5mTeVIY10=";
};
});
webshite = inputs.webshite.packages.${system}.default;
sal = inputs.sal.packages."x86_64-linux".default;
};
};
}