From d69c9c2a10936c0c843281d7db26fc0c793fe87d Mon Sep 17 00:00:00 2001 From: GitButler Date: Sat, 2 Nov 2024 16:29:56 +0100 Subject: [PATCH 01/20] GitButler Integration Commit This is an integration commit for the virtual branches that GitButler is tracking. Due to GitButler managing multiple virtual branches, you cannot switch back and forth between git branches and virtual branches easily. If you switch to another branch, GitButler will need to be reinitialized. If you commit on this branch, GitButler will throw it away. Here are the branches that are currently applied: - factorio-latest (refs/gitbutler/factorio-latest) - flake.lock - flake.nix - modules/nixos/archetypes/gaming/default.nix - hyprpanel (refs/gitbutler/hyprpanel) branch head: acde84ab10891f923177d3dde85b826296a1b4bc - modules/nixos/desktop/addons/hyprpanel/options.json - modules/nixos/desktop/addons/hyprpanel/default.nix - modules/nixos/desktop/addons/hypridle/default.nix - fix hyprland nvidia issue (refs/gitbutler/fix-hyprland-nvidia-issue) branch head: 5158f2a21e773e01f3d4f296db87517bf167c7b7 For more information about what we're doing here, check out our docs: https://docs.gitbutler.com/features/virtual-branches/integration-branch --- .../nixos/desktop/addons/hypridle/default.nix | 5 +- .../desktop/addons/hyprpanel/default.nix | 60 +++++++++++++++++++ .../desktop/addons/hyprpanel/options.json | 2 +- .../system/hardware/gpu/nvidia/default.nix | 9 +++ 4 files changed, 73 insertions(+), 3 deletions(-) create mode 100644 modules/nixos/desktop/addons/hyprpanel/default.nix diff --git a/modules/nixos/desktop/addons/hypridle/default.nix b/modules/nixos/desktop/addons/hypridle/default.nix index 2f2e99c..260fddb 100644 --- a/modules/nixos/desktop/addons/hypridle/default.nix +++ b/modules/nixos/desktop/addons/hypridle/default.nix @@ -23,14 +23,15 @@ in settings = { general = { after_sleep_cmd = "hyprctl dispatch dpms on"; + before_sleep_cmd = "loginctl lock-session"; ignore_dbus_inhibit = false; - lock_cmd = "hyprlock"; + lock_cmd = "pidof hyprlock || hyprlock"; }; listener = [ { timeout = 900; - on-timeout = "hyprlock"; + on-timeout = "loginctl lock-session"; } { timeout = 1200; diff --git a/modules/nixos/desktop/addons/hyprpanel/default.nix b/modules/nixos/desktop/addons/hyprpanel/default.nix new file mode 100644 index 0000000..664624a --- /dev/null +++ b/modules/nixos/desktop/addons/hyprpanel/default.nix @@ -0,0 +1,60 @@ +{ + config, + lib, + namespace, + pkgs, + ... +}: +let + inherit (lib) + mkIf + mkEnableOption + mkMerge + mkOption + literalExpression + ; + + cfg = config.${namespace}.desktop.addons.hyprpanel; + + settingsFormat = pkgs.formats.json { }; + settings = { + bar = { + layouts = { + "0" = { + left = [ + "workspaces" + ]; + middle = [ + "windowtitle" + ]; + }; + }; + }; + }; +in +{ + options.${namespace}.desktop.addons.hyprpanel = { + enable = mkEnableOption "Enable HyprIdle"; + extraSettings = mkOption { + default = { }; + inherit (settingsFormat) type; + description = '' + Additional Options to pass to hyprpanel + ''; + example = literalExpression '' + { + + } + ''; + }; + }; + + config = mkIf cfg.enable { + ${namespace}.home.file = { + ".cache/ags/options_test.json".source = settingsFormat.generate "options.json" mkMerge [ + settings + cfg.extraSettings + ]; + }; + }; +} diff --git a/modules/nixos/desktop/addons/hyprpanel/options.json b/modules/nixos/desktop/addons/hyprpanel/options.json index 448ecab..f93f95c 100644 --- a/modules/nixos/desktop/addons/hyprpanel/options.json +++ b/modules/nixos/desktop/addons/hyprpanel/options.json @@ -456,4 +456,4 @@ "bar.windowtitle.title_map": [], "bar.windowtitle.truncation": false, "bar.workspaces.hideUnoccupied": true -} \ No newline at end of file +} diff --git a/modules/nixos/system/hardware/gpu/nvidia/default.nix b/modules/nixos/system/hardware/gpu/nvidia/default.nix index d2c4e74..5074f6d 100644 --- a/modules/nixos/system/hardware/gpu/nvidia/default.nix +++ b/modules/nixos/system/hardware/gpu/nvidia/default.nix @@ -32,5 +32,14 @@ in }; services.xserver.videoDrivers = [ "nvidia" ]; + + boot.kernelParams = [ + "nvidia_drm.fbdev=1" + + # TODO: remove after https://github.com/NVIDIA/open-gpu-kernel-modules/pull/692 + # and similar are merged and build in nixpkgs-unstable. + # WARNING: this disables tty output and thus hides boot logs. + "initcall_blacklist=simpledrm_platform_driver_init" + ]; }; } From a1eb889f504028ddd809caaf4104918893df70f2 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 21:23:24 +0100 Subject: [PATCH 02/20] introduce new host --- modules/nixos/submodules/basics/default.nix | 4 +-- modules/nixos/tools/git/default.nix | 2 +- modules/nixos/user/default.nix | 7 ++++ systems/x86_64-linux/loptland/default.nix | 37 +++++++++++++++++++++ systems/x86_64-linux/loptland/hardware.nix | 35 +++++++++++++++++++ 5 files changed, 82 insertions(+), 3 deletions(-) create mode 100644 systems/x86_64-linux/loptland/default.nix create mode 100644 systems/x86_64-linux/loptland/hardware.nix diff --git a/modules/nixos/submodules/basics/default.nix b/modules/nixos/submodules/basics/default.nix index 9200885..bdc697b 100644 --- a/modules/nixos/submodules/basics/default.nix +++ b/modules/nixos/submodules/basics/default.nix @@ -13,7 +13,7 @@ let in { options.${namespace}.submodules.basics = with types; { - enable = mkBoolOpt false "Whether or not to enable basic configuration."; + enable = mkEnableOption "Whether or not to enable basic configuration."; }; config = mkIf cfg.enable { @@ -29,7 +29,7 @@ in #optional pciutils usbutils - htop + btop ]; ${namespace} = { diff --git a/modules/nixos/tools/git/default.nix b/modules/nixos/tools/git/default.nix index ad7eb11..8b37b71 100644 --- a/modules/nixos/tools/git/default.nix +++ b/modules/nixos/tools/git/default.nix @@ -24,7 +24,7 @@ in environment.systemPackages = with pkgs; [ git gitAndTools.gh - gitbutler + # gitbutler ]; ${namespace}.home.extraOptions = { diff --git a/modules/nixos/user/default.nix b/modules/nixos/user/default.nix index efdc078..62fb307 100644 --- a/modules/nixos/user/default.nix +++ b/modules/nixos/user/default.nix @@ -48,6 +48,11 @@ in icon = mkOpt (nullOr package) defaultIcon "The profile picture to use for the user."; extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned."; extraOptions = mkOpt attrs { } (mdDoc "Extra options passed to `users.users.`."); + trustedPublicKeys = mkOption { + default = [ ]; + type = nullOr (listOf str); + description = "Trusted public keys for this user for the machine"; + }; }; config = { @@ -92,6 +97,8 @@ in # system to select). uid = 1000; + openssh.authorizedKeys.keys = cfg.trustedPublicKeys; + extraGroups = [ "steamcmd" ] ++ cfg.extraGroups; } // cfg.extraOptions; }; diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix new file mode 100644 index 0000000..241b786 --- /dev/null +++ b/systems/x86_64-linux/loptland/default.nix @@ -0,0 +1,37 @@ +{ + lib, + namespace, + pkgs, + ... +}: +let + inherit (lib.${namespace}) enabled; +in +{ + imports = [ ./hardware.nix ]; + + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + }; + + ${namespace} = { + submodules = { + basics = enabled; + }; + + services = { + factorio-server = enabled; + }; + + user.trustedPublicKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0" + ]; + + }; + + system.stateVersion = "24.11"; +} diff --git a/systems/x86_64-linux/loptland/hardware.nix b/systems/x86_64-linux/loptland/hardware.nix new file mode 100644 index 0000000..38d1a1f --- /dev/null +++ b/systems/x86_64-linux/loptland/hardware.nix @@ -0,0 +1,35 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "sr_mod" + "virtio_blk" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostplatform = lib.mkDefault "x86_64-linux"; +} From 48387d88d27b48ab7c147d5aa917120b8b20d660 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 22:10:21 +0100 Subject: [PATCH 03/20] update hardware.nix --- systems/x86_64-linux/loptland/default.nix | 2 +- systems/x86_64-linux/loptland/hardware.nix | 15 +++++++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 241b786..a3c3daf 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -24,7 +24,7 @@ in }; services = { - factorio-server = enabled; + # factorio-server = enabled; }; user.trustedPublicKeys = [ diff --git a/systems/x86_64-linux/loptland/hardware.nix b/systems/x86_64-linux/loptland/hardware.nix index 38d1a1f..6f1c5cb 100644 --- a/systems/x86_64-linux/loptland/hardware.nix +++ b/systems/x86_64-linux/loptland/hardware.nix @@ -23,13 +23,20 @@ boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; + device = "/dev/disk/by-uuid/26b098dd-0a15-49c5-9998-75f43d17eb26"; fsType = "ext4"; }; - swapDevices = [ ]; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/30AB-7309"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ { device = "/dev/disk/by-uuid/b9bcb425-cb1c-40a1-89bb-d7fe6b421834"; } ]; networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostplatform = lib.mkDefault "x86_64-linux"; } From 9e5b856a18f0d4d8da97fb495215692e005275d3 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 23:05:29 +0100 Subject: [PATCH 04/20] add home.nix --- .../x86_64-linux/cholli@loptland/default.nix | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 homes/x86_64-linux/cholli@loptland/default.nix diff --git a/homes/x86_64-linux/cholli@loptland/default.nix b/homes/x86_64-linux/cholli@loptland/default.nix new file mode 100644 index 0000000..5f2a75c --- /dev/null +++ b/homes/x86_64-linux/cholli@loptland/default.nix @@ -0,0 +1,22 @@ +{ + lib, + pkgs, + config, + osConfig ? { }, + format ? "unknown", + ... +}: +with lib.wyrdgard; +{ + wyrdgard = { + apps = { + kitty = enabled; + }; + + tools = { + direnv = enabled; + }; + }; + + home.stateVersion = "24.11"; +} From b694d6b08199f4afbf7b708e812b9c5cae9b0c22 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 23:14:41 +0100 Subject: [PATCH 05/20] add desktop refactors so dconf is disabled by default --- .../nixos/desktop/addons/hypridle/default.nix | 2 +- .../desktop/addons/hyprpanel/default.nix | 562 +++++++++++++++++- .../desktop/addons/hyprpanel/options.json | 7 +- modules/nixos/desktop/default.nix | 9 +- modules/nixos/desktop/hyprland/default.nix | 20 +- 5 files changed, 582 insertions(+), 18 deletions(-) diff --git a/modules/nixos/desktop/addons/hypridle/default.nix b/modules/nixos/desktop/addons/hypridle/default.nix index 260fddb..5c9d814 100644 --- a/modules/nixos/desktop/addons/hypridle/default.nix +++ b/modules/nixos/desktop/addons/hypridle/default.nix @@ -30,7 +30,7 @@ in listener = [ { - timeout = 900; + timeout = 60; on-timeout = "loginctl lock-session"; } { diff --git a/modules/nixos/desktop/addons/hyprpanel/default.nix b/modules/nixos/desktop/addons/hyprpanel/default.nix index 664624a..32b62da 100644 --- a/modules/nixos/desktop/addons/hyprpanel/default.nix +++ b/modules/nixos/desktop/addons/hyprpanel/default.nix @@ -15,10 +15,48 @@ let ; cfg = config.${namespace}.desktop.addons.hyprpanel; + username = config.${namespace}.user.name; settingsFormat = pkgs.formats.json { }; + + iconColor = "#242438"; + + light-cyan = "#73daca"; + lightBlue = "#414868"; + medium-blue = "#9aa5ce"; + cyan-blue = "#7dcfff"; + navy-blue = "#24283b"; + dark-blue = "#1a1b26"; + dark-blue-gray = "565f89"; + dark-blue-yankees = "#272a3d"; + blue-magenta = "#181825"; + + lightPurple = "#bb9af7"; + + lightRed = "#f7768e"; + red = "#c0caf5"; + + lightGreen = "#9ece6a"; + yellow = "#e0af68"; + settings = { + tear = true; + scalingPriority = "hyprland"; + font.name = "CodeNewRoman Nerd Font Mono"; + bar = { + customModules = { + updates.pollingInterval = 1440000; + ram = { + labelType = "used/total"; + icon = " "; + }; + cpu = { + label = true; + leftClick = "kitty --hold btop"; + icon = " "; + }; + }; layouts = { "0" = { left = [ @@ -27,8 +65,516 @@ let middle = [ "windowtitle" ]; + right = [ + "clock" + ]; + }; + "1" = { + left = [ + "dashboard" + "workspaces" + ]; + middle = [ + "windowtitle" + ]; + right = [ + "volume" + "bluetooth" + "battery" + "systray" + "cpu" + "ram" + "clock" + "notifications" + ]; }; }; + workspaces = { + showAllActive = true; + show_icons = false; + numbered_active_indicator = "underline"; + show_numbered = true; + showWsIcons = false; + showApplicationIcons = false; + hideUnoccupied = true; + }; + launcher = { + icon = "󱄅"; + rightClick = "hyprpanel -t settings-dialog"; + }; + scrollSpeed = 0; + windowtitle = { + class_name = false; + custom_title = false; + icon = false; + label = true; + title_map = [ + + ]; + truncation = true; + }; + network = { + label = false; + truncation = false; + }; + clock.format = "%a %b %d %H:%M:%S"; + notifications.show_total = true; + }; + + menus = { + clock.time.military = true; + dashboard = { + powermenu.avatar.image = "/home/cholli/Pictures/profile.png"; + + shortcuts.enabled = false; + directories.left = { + directory1.command = "kitty $HOME/Downloads"; + directory3.command = "kitty $HOME/projects"; + }; + + stats = { + enable_gpu = true; + enabled = false; + }; + controls.enabled = false; + }; + bluetooth = { + showBattery = true; + batteryState = "always"; + }; + transition = "crossfade"; + }; + + theme = { + bar = { + floating = true; + outer_spacing = "0.2em"; + buttons = { + enableBorders = true; + + workspaces = { + enableBorder = false; + fontSize = "1.2em"; + smartHighlight = false; + active = "#f7768e"; + occupied = "#f7768e"; + available = "#7dcfff"; + hover = "#f7768e"; + background = "#272a3d"; + numbered_active_highlighted_text_color = "#181825"; + numbered_active_underline_color = "#c678dd"; + border = "#f7768e"; + }; + modules = { + power = { + icon = "#181825"; + icon_background = "#f7768e"; + background = "#272a3d"; + border = "#f7768e"; + }; + ram = { + enableBorder = false; + spacing = "0.45em"; + icon = "#181825"; + icon_background = "#e0af68"; + text = "#e0af68"; + background = "#272a3d"; + border = "#e0af68"; + }; + cpu = { + enableBorder = false; + background = "#272a3d"; + icon = "#181825"; + icon_background = "#f7768e"; + text = "#f7768e"; + border = "#f7768e"; + }; + submap = { + background = "#272a3d"; + text = "#73daca"; + border = "#73daca"; + icon = "#181825"; + icon_background = "#73daca"; + }; + }; + + style = "split"; + icon = "#242438"; + icon_background = "#bb9af7"; + text = "#bb9af7"; + hover = "#414868"; + background = "#272a3d"; + dashboard = { + enableBorder = false; + icon = "#272a3d"; + background = "#e0af68"; + border = "#e0af68"; + }; + volume = { + icon = "#272a3d"; + text = "#f7768e"; + background = "#272a3d"; + icon_background = "#f7768e"; + border = "#f7768e"; + }; + notifications = { + total = "#bb9af7"; + icon = "#272a3d"; + background = "#272a3d"; + icon_background = "#bb9af7"; + border = "#bb9af7"; + }; + clock = { + icon = "#272a3d"; + text = "#f7768e"; + background = "#272a3d"; + icon_background = "#f7768e"; + border = "#f7768e"; + }; + systray = { + background = "#272a3d"; + border = "#414868"; + customIcon = "#c0caf5"; + }; + bluetooth = { + icon = "#272a3d"; + text = "#7dcfff"; + background = "#272a3d"; + icon_background = "#7dcfff"; + border = "#7dcfff"; + }; + windowtitle = { + icon = "#272a3d"; + text = "#f7768e"; + background = "#272a3d"; + icon_background = "#f7768e"; + border = "#f7768e"; + enableBorder = false; + }; + radius = "0.3em"; + borderSize = "0.0em"; + padding_x = "0.7rem"; + padding_y = "0.2rem"; + }; + + menus = { + monochrome = false; + opacity = 95; + menu = { + dashboard = { + powermenu = { + shutdown = "#f7768e"; + confirmation = { + deny = "#f7768e"; + confirm = "#9ece6a"; + button_text = "#1a1b26"; + body = "#c0caf5"; + label = "#bb9af7"; + border = "#414868"; + background = "#1a1b26"; + card = "#24283b"; + }; + sleep = "#7dcfff"; + logout = "#9ece6a"; + restart = "#e0af68"; + }; + monitors = { + ram = { + label = "#e0af68"; + bar = "#e0af68"; + icon = "#e0af68"; + }; + cpu = { + label = "#f7768e"; + bar = "#f7768e"; + icon = "#f7768e"; + }; + bar_background = "#414868"; + }; + directories = { + right = { + bottom.color = "#bb9af7"; + middle.color = "#bb9af7"; + top.color = "#73daca"; + }; + left = { + bottom.color = "#f7768e"; + middle.color = "#e0af68"; + top.color = "#f7768e"; + }; + }; + controls = { + input = { + text = "#1a1b26"; + background = "#f7768e"; + }; + volume = { + text = "#1a1b26"; + background = "#f7768e"; + }; + notifications = { + text = "#1a1b26"; + background = "#e0af68"; + }; + bluetooth = { + text = "#1a1b26"; + background = "#7dcfff"; + }; + disabled = "#414868"; + }; + profile.name = "#f7768e"; + border.color = "#414868"; + background.color = "#1a1b26"; + card.color = "#24283b"; + }; + notifications = { + switch = { + puck = "#565f89"; + disabled = "#565f89"; + enabled = "#bb9af7"; + }; + clear = "#f7768e"; + switch_divider = "#414868"; + border = "#414868"; + card = "#24283b"; + background = "#1a1b26"; + no_notifications_label = "#414868"; + label = "#bb9af7"; + scrollbar.color = "#bb9af7"; + pager = { + button = "#bb9af7"; + label = "#565f89"; + background = "#1a1b26"; + }; + }; + clock = { + text = "#c0caf5"; + border.color = "#414868"; + background.color = "#1a1b26"; + card.color = "#24283b"; + + calendar = { + contextdays = "#414868"; + days = "#c0caf5"; + currentday = "#f7768e"; + paginator = "#f7768e"; + weekdays = "#f7768e"; + yearmonth = "#73daca"; + }; + time = { + timeperiod = "#73daca"; + time = "#f7768e"; + }; + }; + systray = { + dropdownmenu.divider = "#24283b"; + dropdownmenu.text = "#c0caf5"; + dropdownmenu.background = "#1a1b26"; + }; + bluetooth = { + iconbutton = { + active = "#7dcfff"; + passive = "#c0caf5"; + }; + icons = { + active = "#7dcfff"; + passive = "#565f89"; + }; + listitems = { + active = "#7dcfff"; + passive = "#c0caf5"; + }; + switch = { + puck = "#565f89"; + disabled = "#565f89"; + enabled = "#7dcfff"; + }; + switch_divider = "#414868"; + status = "#565f89"; + text = "#c0caf5"; + label.color = "#7dcfff"; + border.color = "#414868"; + background.color = "#1a1b26"; + card.color = "#24283b"; + }; + volume = { + text = "#c0caf5"; + card.color = "#24283b"; + label.color = "#f7768e"; + input_slider = { + puck = "#414868"; + backgroundhover = "#414868"; + background = "#565f89"; + primary = "#f7768e"; + }; + audio_slider = { + puck = "#414868"; + backgroundhover = "#414868"; + background = "#565f89"; + primary = "#f7768e"; + }; + icons = { + active = "#f7768e"; + passive = "#565f89"; + }; + iconbutton = { + active = "#f7768e"; + passive = "#c0caf5"; + }; + listitems = { + active = "#f7768e"; + passive = "#c0caf5"; + }; + border.color = "#414868"; + background.color = "#1a1b26"; + }; + media = { + card.color = "#24283b"; + slider = { + puck = "#565f89"; + backgroundhover = "#414868"; + background = "#565f89"; + primary = "#f7768e"; + }; + buttons = { + text = "#1a1b26"; + background = "#bb9af7"; + enabled = "#73daca"; + inactive = "#414868"; + }; + border.color = "#414868"; + background.color = "#1a1b26"; + album = "#f7768e"; + artist = "#73daca"; + song = "#bb9af7"; + }; + power = { + border.color = "#414868"; + buttons = { + sleep = { + icon_background = "#7dcfff"; + text = "#7dcfff"; + background = "#24283b"; + icon = "#1a1b26"; + }; + restart = { + text = "#e0af68"; + icon_background = "#e0af68"; + icon = "#1a1b26"; + background = "#24283b"; + }; + shutdown = { + icon = "#1a1b26"; + background = "#24283b"; + icon_background = "#f7768e"; + text = "#f7768e"; + }; + logout = { + icon = "#1a1b26"; + background = "#24283b"; + text = "#9ece6a"; + icon_background = "#9ece6a"; + }; + }; + background.color = "#1a1b26"; + scaling = 90; + }; + }; + background = "#1a1b26"; + text = "#c0caf5"; + border.color = "#414868"; + popover = { + text = "#bb9af7"; + background = "#1a1b26"; + border = "#1a1b26"; + }; + tooltip = { + text = "#c0caf5"; + background = "#1a1b26"; + }; + dropdownmenu = { + divider = "#24283b"; + text = "#c0caf5"; + background = "#1a1b26"; + }; + slider = { + puck = "#565f89"; + backgroundhover = "#414868"; + background = "#565f89"; + primary = "#bb9af7"; + }; + progressbar = { + background = "#414868"; + foreground = "#bb9af7"; + }; + iconbuttons = { + active = "#bb9af7"; + passive = "#c0caf5"; + }; + buttons = { + text = "#1a1b26"; + disabled = "#565f89"; + active = "#f7768e"; + default = "#bb9af7"; + }; + switch = { + puck = "#565f89"; + disabled = "#565f89"; + enabled = "#bb9af7"; + }; + icons = { + active = "#bb9af7"; + passive = "#414868"; + }; + listitems = { + active = "#bb9af7"; + passive = "#c0caf5"; + }; + label = "#bb9af7"; + feinttext = "#414868"; + dimtext = "#414868"; + cards = "#24283b"; + check_radio_button.background = "#3b4261"; + check_radio_button.active = "#bb9af7"; + }; + transparent = true; + background = "#1a1b26"; + margin_sides = "0.0em"; + location = "top"; + }; + osd = { + monitor = 1; + muted_zero = true; + label = "#bb9af7"; + icon = "#1a1b26"; + bar_overflow_color = "#f7768e"; + bar_empty_color = "#414868"; + bar_color = "#bb9af7"; + icon_container = "#bb9af7"; + bar_container = "#1a1b26"; + }; + notification = { + close_button.label = "#1a1b26"; + close_button.background = "#f7768e"; + labelicon = "#bb9af7"; + text = "#c0caf5"; + time = "#9aa5ce"; + border = "#565f89"; + label = "#bb9af7"; + actions.text = "#24283b"; + actions.background = "#bb9af7"; + background = "#1a1b26"; + }; + font.size = "1.3rem"; + }; + notifications = { + monitor = 1; + active_monitor = false; + }; + wallpaper = { + pywal = false; + image = "/home/cholli/Pictures/firewatch.jpg"; + enable = false; }; }; in @@ -50,11 +596,19 @@ in }; config = mkIf cfg.enable { - ${namespace}.home.file = { - ".cache/ags/options_test.json".source = settingsFormat.generate "options.json" mkMerge [ - settings - cfg.extraSettings + + snowfallorg.users.${username}.home.config = { + wayland.windowManager.hyprland.settings.exec-once = [ + "${pkgs.hyprpanel}/bin/hyprpanel" ]; }; + + ${namespace}.home.file = { + ".cache/ags/hyprpanel/options_test.json" = { + + # source = pkgs.formats.json.generate "options.json" settings; + text = builtins.toJSON settings; + }; + }; }; } diff --git a/modules/nixos/desktop/addons/hyprpanel/options.json b/modules/nixos/desktop/addons/hyprpanel/options.json index f93f95c..c38e309 100644 --- a/modules/nixos/desktop/addons/hyprpanel/options.json +++ b/modules/nixos/desktop/addons/hyprpanel/options.json @@ -46,7 +46,7 @@ "bar.workspaces.numbered_active_indicator": "underline", "bar.scrollSpeed": 0, "menus.dashboard.powermenu.avatar.image": "/home/cholli/Pictures/profile.png", - "menus.dashboard.shortcuts.enabled": true, + "menus.dashboard.shortcuts.enabled": false, "menus.dashboard.directories.left.directory3.command": "bash -c \"xdg-open $HOME/projects/\"", "menus.dashboard.directories.left.directory1.command": "bash -c \"xdg-open $HOME/Downloads/\"", "menus.dashboard.stats.enable_gpu": true, @@ -455,5 +455,6 @@ "bar.windowtitle.label": true, "bar.windowtitle.title_map": [], "bar.windowtitle.truncation": false, - "bar.workspaces.hideUnoccupied": true -} + "bar.workspaces.hideUnoccupied": true, + "bar.launcher.rightClick": "hyprpanel -t settings-dialog" +} \ No newline at end of file diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index 090ab58..06bfffd 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -6,10 +6,17 @@ ... }: let + inherit (lib) mkIf mkEnableOption; user = config.${namespace}.user.name; + + cfg = config.${namespace}.desktop.hyprland; in { - config = { + options.${namespace}.desktop = { + enable = mkEnableOption "Whether to enable desktop theming"; + }; + + config = mkIf cfg.enable { ${namespace}.home.extraOptions = { dconf.settings = { "org/gnome/desktop/interface" = { diff --git a/modules/nixos/desktop/hyprland/default.nix b/modules/nixos/desktop/hyprland/default.nix index 339ce00..465b045 100644 --- a/modules/nixos/desktop/hyprland/default.nix +++ b/modules/nixos/desktop/hyprland/default.nix @@ -55,7 +55,6 @@ in # Wayland Utilities wl-clipboard - wl-screenrec wlr-randr # Screenshot Utility @@ -91,14 +90,18 @@ in }; ${namespace} = { - desktop.addons = { - rofi = { - enable = true; - package = pkgs.rofi-wayland-unwrapped; + desktop = { + enable = true; + addons = { + rofi = { + enable = true; + package = pkgs.rofi-wayland-unwrapped; + }; + hypridle = enabled; + hyprlock = enabled; + hyprpanel = enabled; + hyprpaper = enabled; }; - hypridle = enabled; - hyprlock = enabled; - hyprpaper = enabled; }; nix.extra-substituters.${cachix-url} = { @@ -121,7 +124,6 @@ in ]; exec-once = [ - "${pkgs.hyprpanel}/bin/hyprpanel" "systemctl --user start hyprpolkitagent" "[workspace 2 silent] steam --disable-gpu-compositing" # nvidia pls let me have nice things From 8ffaac44ebc0b4b074d0439ee0428a9d0cf0d4cc Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 23:18:11 +0100 Subject: [PATCH 06/20] loptland enable factorio server --- systems/x86_64-linux/loptland/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index a3c3daf..241b786 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -24,7 +24,7 @@ in }; services = { - # factorio-server = enabled; + factorio-server = enabled; }; user.trustedPublicKeys = [ From 99403760545fb4dff9e2475d9c8436d2447d8166 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Mon, 4 Nov 2024 23:51:24 +0100 Subject: [PATCH 07/20] update flake --- flake.lock | 246 ++++++++++++++++++++++++++++++++++++----------------- flake.nix | 2 +- 2 files changed, 167 insertions(+), 81 deletions(-) diff --git a/flake.lock b/flake.lock index cf6666e..2107ae1 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,24 @@ { "nodes": { + "ags": { + "inputs": { + "nixpkgs": "nixpkgs_3", + "systems": "systems_4" + }, + "locked": { + "lastModified": 1728326430, + "narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=", + "owner": "Aylur", + "repo": "ags", + "rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d", + "type": "github" + }, + "original": { + "owner": "Aylur", + "repo": "ags", + "type": "github" + } + }, "aquamarine": { "inputs": { "hyprutils": [ @@ -56,11 +75,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1730097176, - "narHash": "sha256-ufvRff76Y19mkRsmx+mAnxKE9A9VaNWC2mVY6TwumOw=", + "lastModified": 1730702146, + "narHash": "sha256-a657FU8MS5m0Y4pQvcmQPfvXYOPpxih7u2hU57Bn2i4=", "owner": "nix-community", "repo": "fenix", - "rev": "482b57f3f27a9336e0fbc62fa99ee0f624ccf4d0", + "rev": "fa3610f841725c8e20fc0fab070ee60609fdd5ee", "type": "github" }, "original": { @@ -226,7 +245,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1710146030, @@ -244,7 +263,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1726560853, @@ -277,7 +296,7 @@ }, "flake-utils_5": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1694529238, @@ -296,7 +315,7 @@ "gen-luarc": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1718922730, @@ -360,11 +379,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1729690460, - "narHash": "sha256-x8qkGujBPuOefXPyjcaB8Ot0IYkQBy6O2ZYb8NrnB3k=", + "lastModified": 1730313564, + "narHash": "sha256-1RBs/WOH3gp2ETDruEbM2vq2tPiJmqQ3wrjiKREE5NU=", "owner": "helix-editor", "repo": "helix", - "rev": "101a74bf6edbbfdf9b0628a0bdbbc307ebe10ff2", + "rev": "38faf74febf3332fb119302324bfd21229d39e14", "type": "github" }, "original": { @@ -380,11 +399,11 @@ ] }, "locked": { - "lastModified": 1730016908, - "narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=", + "lastModified": 1730633670, + "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", "owner": "nix-community", "repo": "home-manager", - "rev": "e83414058edd339148dc142a8437edb9450574c8", + "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", "type": "github" }, "original": { @@ -457,11 +476,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1730072482, - "narHash": "sha256-3Aotvc0dFS9J2iDnrSVjjngdZcaD9ghfroVU3jl84Gk=", + "lastModified": 1730749523, + "narHash": "sha256-TWGd3+hjDcwEDE2YzIXWFUWkDFWr5r6KcBADc4Dxiik=", "ref": "refs/heads/main", - "rev": "6cf193e1662f6f750e964a3e174ae017246b4d48", - "revCount": 5385, + "rev": "88e9e0394541a853600bc2c910005c05fa156269", + "revCount": 5410, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -489,11 +508,11 @@ ] }, "locked": { - "lastModified": 1729596320, - "narHash": "sha256-sBPr6O2Ad916f+L7biAjmJVx4TLDITC4joKgeOT47V8=", + "lastModified": 1730755630, + "narHash": "sha256-IA5U8lHx/lnHwbx25dpPpeLbaALqNNjalYCf19tIoj0=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "4d7f0b5d8b952f31f7d2e29af22ab0a55ca5c219", + "rev": "44859f877739c05d031fcab4a2991ec004fa9bc4", "type": "github" }, "original": { @@ -593,11 +612,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1730053985, - "narHash": "sha256-jh7PhejwT+XqkkYnpZ6K/Gkqy4tvjN7g/ZBTvlS+Q9Y=", + "lastModified": 1730590959, + "narHash": "sha256-ss3lT96WFdiNxI4mtrmRtV1XsfxIs2BtYLiU9BKu7Uo=", "owner": "hyprwm", "repo": "hyprlock", - "rev": "edbecc87081756b45bdbea16b63e413473659dcd", + "rev": "f225e23e5b275dd5b3f7b2cc007ab4b559d8a9d9", "type": "github" }, "original": { @@ -606,6 +625,25 @@ "type": "github" } }, + "hyprpanel": { + "inputs": { + "ags": "ags", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1730716171, + "narHash": "sha256-Zk3rFDpwnceOMnpUCXWMYqG3yLL05bo7bS76tOfwZAU=", + "owner": "Jas-SinghFSU", + "repo": "HyprPanel", + "rev": "155b9bb1f703aede9dfa9e17ad19eaa9767f5eb1", + "type": "github" + }, + "original": { + "owner": "Jas-SinghFSU", + "repo": "HyprPanel", + "type": "github" + } + }, "hyprutils": { "inputs": { "nixpkgs": [ @@ -725,11 +763,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730068391, - "narHash": "sha256-jlAGtfMuI8pUUoUmNkm2P/38pOtHZdcAf3Az8XQLAf4=", + "lastModified": 1730537918, + "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "6906ac67a1078cf950b8527341e229eeecb5bc30", + "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", "type": "github" }, "original": { @@ -747,11 +785,11 @@ ] }, "locked": { - "lastModified": 1730106248, - "narHash": "sha256-xicJnAvJ/8nJ6Ojwz6tWk+EcMjcW+M9ozlvfgjFQ+UQ=", + "lastModified": 1730453870, + "narHash": "sha256-d+kIgz4BvTXb7emjSFV3zjNydGmLUmuluQjdBb51R9o=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "24ab2f9ad309b1bba89644116656139dde706833", + "rev": "adb6bc4b661a43328752b4575be4968a4990c033", "type": "github" }, "original": { @@ -762,11 +800,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1729413321, - "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=", + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", "type": "github" }, "original": { @@ -778,17 +816,17 @@ }, "nixpkgs-latest-factorio": { "locked": { - "lastModified": 1729881984, - "narHash": "sha256-GbM6MN8X46nlHFdwCPMS7VG50nI9hJ65FTofa09e6sY=", + "lastModified": 1730638571, + "narHash": "sha256-z9Wy1jmhFrABK3cEyiVmQtUwOuQW1YPwA8+HMnbEpnE=", "owner": "Daholli", "repo": "nixpkgs", - "rev": "19493dc0ad16ffd5414ac9b4e12179d0e1b98468", + "rev": "d941e9aa2d89f377d45516c5edd765fef15ea90a", "type": "github" }, "original": { "owner": "Daholli", "repo": "nixpkgs", - "rev": "19493dc0ad16ffd5414ac9b4e12179d0e1b98468", + "rev": "d941e9aa2d89f377d45516c5edd765fef15ea90a", "type": "github" } }, @@ -806,11 +844,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730110089, - "narHash": "sha256-yfKsL/0ZMxmy8wE9lgNt5DMwUhgqhYUmKTR5Te6HF9A=", + "lastModified": 1730758219, + "narHash": "sha256-/ZDUbjpoP6rhXGzD0s6YGQcKRGX1C6gLn5zxe1npkiQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "730e5fa135993f57f2013d911ce5b98d020365f3", + "rev": "5d608d235a0cb6b142410286169e7857e4f115a2", "type": "github" }, "original": { @@ -838,11 +876,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -854,11 +892,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", "type": "github" }, "original": { @@ -886,15 +924,15 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1718714799, - "narHash": "sha256-FUZpz9rg3gL8NVPKbqU8ei1VkPLsTIfAJ2fdAf5qjak=", - "owner": "nixos", + "lastModified": 1725634671, + "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "c00d587b1a1afbf200b1d8f0b0e4ba9deb1c7f0e", + "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -918,11 +956,43 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1729951556, - "narHash": "sha256-bpb6r3GjzhNW8l+mWtRtLNg5PhJIae041sPyqcFNGb4=", + "lastModified": 1718714799, + "narHash": "sha256-FUZpz9rg3gL8NVPKbqU8ei1VkPLsTIfAJ2fdAf5qjak=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c00d587b1a1afbf200b1d8f0b0e4ba9deb1c7f0e", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1730272153, + "narHash": "sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z+w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4e0eec54db79d4d0909f45a88037210ff8eaffee", + "rev": "2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53", "type": "github" }, "original": { @@ -932,13 +1002,13 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_8": { "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", + "lastModified": 1730200266, + "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", + "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", "type": "github" }, "original": { @@ -982,11 +1052,12 @@ "hyprland": "hyprland", "hyprland-plugins": "hyprland-plugins", "hyprlock": "hyprlock", + "hyprpanel": "hyprpanel", "kickstartnvim": "kickstartnvim", "nix-ld": "nix-ld", "nixos-hardware": "nixos-hardware", "nixos-wsl": "nixos-wsl", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_6", "nixpkgs-latest-factorio": "nixpkgs-latest-factorio", "nixpkgs-master": "nixpkgs-master", "nixpkgs-unstable": "nixpkgs-unstable", @@ -999,11 +1070,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1730028316, - "narHash": "sha256-FsPsSjqnqMHBgDdM24DFLw4YOw0mFKYFJBcLaI6CvI8=", + "lastModified": 1730645367, + "narHash": "sha256-RnmBO+9zmZ3NpU6+NfYUDRg31dsPZ17xUqXVw/ZOKZ8=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "3b3a87fe9bd3f2a79942babc1d1e385b6805c384", + "rev": "e44691a60443f1246a077df659607ca89f2ddc58", "type": "github" }, "original": { @@ -1089,11 +1160,11 @@ ] }, "locked": { - "lastModified": 1719005984, - "narHash": "sha256-mpFl3Jv4fKnn+5znYXG6SsBjfXHJdRG5FEqNSPx0GLA=", + "lastModified": 1730136121, + "narHash": "sha256-tfVayj13Zw+zzOKrmJhnvBod7Hdb9ixBR6/4GUlyMA0=", "owner": "snowfallorg", "repo": "lib", - "rev": "c6238c83de101729c5de3a29586ba166a9a65622", + "rev": "dd348182c1a010993e68004eada86cf0341fe2c4", "type": "github" }, "original": { @@ -1104,15 +1175,15 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_7", "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1729999681, - "narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", + "lastModified": 1730746162, + "narHash": "sha256-ZGmI+3AbT8NkDdBQujF+HIxZ+sWXuyT6X8B49etWY2g=", "owner": "Mic92", "repo": "sops-nix", - "rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", + "rev": "59d6988329626132eaf107761643f55eb979eef1", "type": "github" }, "original": { @@ -1168,16 +1239,16 @@ }, "systems_4": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1211,6 +1282,21 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "xdph": { "inputs": { "hyprland-protocols": [ @@ -1239,11 +1325,11 @@ ] }, "locked": { - "lastModified": 1728166987, - "narHash": "sha256-w6dVTguAn9zJ+7aPOhBQgDz8bn6YZ7b56cY8Kg5HJRI=", + "lastModified": 1730743262, + "narHash": "sha256-iTLqj3lU8kFehPm5tXpctzkD274t/k1nwSSq3qCWXeg=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "fb9c8d665af0588bb087f97d0f673ddf0d501787", + "rev": "09b23cef06fe248e61cec8862c04b9bcb62f4b6d", "type": "github" }, "original": { @@ -1254,14 +1340,14 @@ }, "zen-browser": { "inputs": { - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1730084618, - "narHash": "sha256-gZyHBeo21uZPi7QzzRPlUo3te1HO+aNxYsRo+LzDokg=", + "lastModified": 1730444716, + "narHash": "sha256-WtqSpYQyG5ad+GK7B0ViDSl0NolHp7yM24TacUslBXE=", "owner": "ch4og", "repo": "zen-browser-flake", - "rev": "f36474f335ea16534da68715d1f5ae27a5642c94", + "rev": "d3c639ee7bff20f799f443e18fffa6331a71cd3a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0fe16d4..3f0ed80 100644 --- a/flake.nix +++ b/flake.nix @@ -7,7 +7,7 @@ nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-master.url = "github:nixos/nixpkgs/master"; - nixpkgs-latest-factorio.url = "github:Daholli/nixpkgs/19493dc0ad16ffd5414ac9b4e12179d0e1b98468"; + nixpkgs-latest-factorio.url = "github:Daholli/nixpkgs/d941e9aa2d89f377d45516c5edd765fef15ea90a"; home-manager = { url = "github:nix-community/home-manager/master"; From c06723f7ec950e04024748868538628853d10397 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Tue, 5 Nov 2024 09:27:46 +0100 Subject: [PATCH 08/20] factorio-headless: removed from main PC since the server is now running --- systems/x86_64-linux/yggdrasil/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/systems/x86_64-linux/yggdrasil/default.nix b/systems/x86_64-linux/yggdrasil/default.nix index f217373..ec3dff9 100644 --- a/systems/x86_64-linux/yggdrasil/default.nix +++ b/systems/x86_64-linux/yggdrasil/default.nix @@ -5,7 +5,7 @@ ... }: let - inherit (lib.${namespace}) enabled; + inherit (lib.${namespace}) enabled disabled; in { imports = [ ./hardware.nix ]; @@ -79,7 +79,7 @@ in }; services = { - factorio-server = enabled; + factorio-server = disabled; }; system = { From a1c14b5d8ce1f14b7102f9c5227b4c74ae1128d1 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Tue, 5 Nov 2024 14:49:08 +0100 Subject: [PATCH 09/20] change the way admins are configured --- modules/nixos/services/factorio-server/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/nixos/services/factorio-server/default.nix b/modules/nixos/services/factorio-server/default.nix index a278920..de2d419 100644 --- a/modules/nixos/services/factorio-server/default.nix +++ b/modules/nixos/services/factorio-server/default.nix @@ -40,7 +40,6 @@ in "autosave_slots": 5, "ignore_player_limit_for_returning_players": true, "username" : "${config.sops.placeholder.factorio_username}", - "admins": ["${config.sops.placeholder.factorio_username}"], "token": "${config.sops.placeholder.factorio_token}" } ''; @@ -55,6 +54,11 @@ in nonBlockingSaving = true; autosave-interval = 15; saveName = "SpaceAge"; + admins = [ + "daholli" + "galbrain" + "geigeabc" + ]; extraSettingsFile = config.sops.templates."extraSettingsFile.json".path; }; }; From 9bde5f050c816112f02d30febd97c5961c2512d6 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 13:55:24 +0100 Subject: [PATCH 10/20] forgejo: init very little config --- systems/x86_64-linux/loptland/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 241b786..7719729 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -10,6 +10,8 @@ in { imports = [ ./hardware.nix ]; + environment.systemPackages = [ pkgs.forgejo-cli ]; + services.openssh = { enable = true; settings = { @@ -18,6 +20,11 @@ in }; }; + services.forgejo = { + enable = true; + lfs.enable = true; + }; + ${namespace} = { submodules = { basics = enabled; From 7132c558ef2edc2b52287ad4183102c39ff6df15 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 16:20:04 +0100 Subject: [PATCH 11/20] loptland: move to separate secrets file --- .sops.yaml | 10 ++++++++ .../services/factorio-server/default.nix | 12 ++++++++-- secrets/secrets-loptland.yaml | 24 +++++++++++++++++++ systems/x86_64-linux/loptland/default.nix | 5 +++- 4 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 secrets/secrets-loptland.yaml diff --git a/.sops.yaml b/.sops.yaml index 76fe9cb..bdeec1a 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -5,3 +5,13 @@ creation_rules: key_groups: - age: - *primary + + - path_regex: secrets/secrets-yggdrasil.yaml$ + key_groups: + - age: + - *primary + + - path_regex: secrets/secrets-loptland.yaml$ + key_groups: + - age: + - *primary diff --git a/modules/nixos/services/factorio-server/default.nix b/modules/nixos/services/factorio-server/default.nix index de2d419..37a8e97 100644 --- a/modules/nixos/services/factorio-server/default.nix +++ b/modules/nixos/services/factorio-server/default.nix @@ -8,25 +8,33 @@ with lib.${namespace}; let cfg = config.${namespace}.services.factorio-server; - inherit (lib) mkIf mkEnableOption; + inherit (lib) mkIf mkOption mkEnableOption; in { options.${namespace}.services.factorio-server = { enable = mkEnableOption "Enable Factorio Headless Server"; + sopsFile = mkOption { + type = lib.types.path; + default = lib.snowfall.fs.get-file "secrets/secrets.yaml"; + description = "SecretFile"; + }; }; config = mkIf cfg.enable { - environment.systemPackages = with pkgs; [ pkgs.factorio-headless ]; + environment.systemPackages = [ pkgs.factorio-headless ]; sops = { secrets = { factorio_token = { restartUnits = [ "factorio.service" ]; + inherit sopsFile; }; factorio_username = { restartUnits = [ "factorio.service" ]; + inherit sopsFile; }; factorio_game_password = { restartUnits = [ "factorio.service" ]; + inherit sopsFile; }; }; templates."extraSettingsFile.json".content = '' diff --git a/secrets/secrets-loptland.yaml b/secrets/secrets-loptland.yaml new file mode 100644 index 0000000..2713740 --- /dev/null +++ b/secrets/secrets-loptland.yaml @@ -0,0 +1,24 @@ +#ENC[AES256_GCM,data:DhmsYsRs9ig5,iv:waUaAhcSgeolFkC2z3W8aGObT3Gp/oavdFfsEUVJoco=,tag:3nVYMqj+EvOz75b8KSm/8Q==,type:comment] +factorio_username: ENC[AES256_GCM,data:egV5kXtAiw==,iv:Hay0PC2yol5FAJGcWxLkxzNdwpD1V4UfDDnkhsjvjVQ=,tag:QBDS6eAeOswQoHBoi4Gj6A==,type:str] +factorio_token: ENC[AES256_GCM,data:whruEJQCNIqqfMA0A3yQdwwrzpIJBt815Lvex4Au,iv:hh3zZt+UxV9ltSHIAjpTRwtDvPgPU5APrB/1bXtKUkE=,tag:AgUmBYWp+Oyxm8O7yD8vlA==,type:str] +factorio_game_password: ENC[AES256_GCM,data:Gu/p0+Sbd6Y=,iv:6AB1T3JdleiUnusU7hw/0wOFNSBsAsBgP2yD9FB7zXk=,tag:DMgD4csthynuBon+KNZtOw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1amdd4hu6k0czf3mtlhd03yj3yzkdaynl7q5fdlqmjzpe9pwgxfjs3j0c85 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3NFlTd2hOTHBtUDhuT0lF + amtLclY2ZTN0SStZQjFSNkZUd1RmMkdJZ0dJCnB2WU04dk41Qk45aGphMW9GQVJ4 + b2VWQVlOVFFLaGJWaU9FVU5ZUWtlRncKLS0tIGVPYW5DQnJMeW1qdWtINDNlQWFo + NmhrdXhpbVlmUFNsT1VaQjZyYkZkdzgKhL2BKXfPWNWUbFavpmtBQpnNEm/x0xH6 + NsjiV05AcrqPmGjj2kjvTv4ULPSoHiHiC5McUMfFTYIrCJgNvUbmMg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-06T13:41:52Z" + mac: ENC[AES256_GCM,data:Z/CkDDYJQgYasgaXiIZy+Tr5Z8DjlkLg9XxmrC2cvHABpc5g6mxxSrSYG9DforI2hHvpmz5qPZQ1ztCSft9iPetFGPuWGzCNgvp9CUfMfG7sMAF/+/vEYbgU8plNMHuEAAsfsaZA4HUbM3qHEwQdXmJ6bF+AbPGuMt4z4mSuLQA=,iv:59RdAFi1SpgF3WhDFGxjCmSumn5uxgJCPGpcFJiLhzQ=,tag:mtngOX1rM1zx+VKgaZeX3g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 7719729..4faebcf 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -31,7 +31,10 @@ in }; services = { - factorio-server = enabled; + factorio-server = { + enable = true; + sopsFile = lib.snowfall.fs.get-file "secrets/secrets-loptland.yaml"; + }; }; user.trustedPublicKeys = [ From 67c1b1f8e09901f7b3b2152953c6c4e64f6f9d6d Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 16:29:52 +0100 Subject: [PATCH 12/20] loptland: fix typo --- modules/nixos/services/factorio-server/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/nixos/services/factorio-server/default.nix b/modules/nixos/services/factorio-server/default.nix index 37a8e97..5faf5d0 100644 --- a/modules/nixos/services/factorio-server/default.nix +++ b/modules/nixos/services/factorio-server/default.nix @@ -26,15 +26,15 @@ in secrets = { factorio_token = { restartUnits = [ "factorio.service" ]; - inherit sopsFile; + inherit (cfg) sopsFile; }; factorio_username = { restartUnits = [ "factorio.service" ]; - inherit sopsFile; + inherit (cfg) sopsFile; }; factorio_game_password = { restartUnits = [ "factorio.service" ]; - inherit sopsFile; + inherit (cfg) sopsFile; }; }; templates."extraSettingsFile.json".content = '' From aa08b7805669af8f4f2c885463c8a64b3c7413aa Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 16:57:10 +0100 Subject: [PATCH 13/20] loptland: more sops configuration --- secrets/secrets-loptland.yaml | 9 ++++++--- systems/x86_64-linux/loptland/default.nix | 22 +++++++++++++++++++++- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/secrets/secrets-loptland.yaml b/secrets/secrets-loptland.yaml index 2713740..fe53cdb 100644 --- a/secrets/secrets-loptland.yaml +++ b/secrets/secrets-loptland.yaml @@ -1,7 +1,10 @@ -#ENC[AES256_GCM,data:DhmsYsRs9ig5,iv:waUaAhcSgeolFkC2z3W8aGObT3Gp/oavdFfsEUVJoco=,tag:3nVYMqj+EvOz75b8KSm/8Q==,type:comment] +domain: ENC[AES256_GCM,data:9NNsGWnIot9Y9pwLVD9AknFoffZdBD331QdSSlNf1ic=,iv:TbCXwbN9RL4cYY2Aa/Qefccdj+hN9DJhEcKlpkGhFdw=,tag:iNEZRZhrlUUHvOzWnEHcjw==,type:str] +#ENC[AES256_GCM,data:Cgp+gOU81+rvdlY=,iv:8DxJxnCslDoEu0bxtlTjmNiAUCdiAV/8VYKTb4yqQ50=,tag:ZTkK7WCOBh1It6GuKPUXdg==,type:comment] factorio_username: ENC[AES256_GCM,data:egV5kXtAiw==,iv:Hay0PC2yol5FAJGcWxLkxzNdwpD1V4UfDDnkhsjvjVQ=,tag:QBDS6eAeOswQoHBoi4Gj6A==,type:str] factorio_token: ENC[AES256_GCM,data:whruEJQCNIqqfMA0A3yQdwwrzpIJBt815Lvex4Au,iv:hh3zZt+UxV9ltSHIAjpTRwtDvPgPU5APrB/1bXtKUkE=,tag:AgUmBYWp+Oyxm8O7yD8vlA==,type:str] factorio_game_password: ENC[AES256_GCM,data:Gu/p0+Sbd6Y=,iv:6AB1T3JdleiUnusU7hw/0wOFNSBsAsBgP2yD9FB7zXk=,tag:DMgD4csthynuBon+KNZtOw==,type:str] +#ENC[AES256_GCM,data:15i2BBxM4iM=,iv:JV6Lsk8jUZl/eIJWkH/w5I2NraB9J9+0ggsENBGgbdI=,tag:HDwGheUv7dFIztQoJBjGmQ==,type:comment] +forgejo_db_password: ENC[AES256_GCM,data:CFsvko1AXRymDBC6WiOBs98rvFM=,iv:Wemhu8URxA6HsWQyYcPSwJzuMP4myrDC3rU3GEDVt7c=,tag:6wcNlDFVdnjez8hzi4E2cw==,type:str] sops: kms: [] gcp_kms: [] @@ -17,8 +20,8 @@ sops: NmhrdXhpbVlmUFNsT1VaQjZyYkZkdzgKhL2BKXfPWNWUbFavpmtBQpnNEm/x0xH6 NsjiV05AcrqPmGjj2kjvTv4ULPSoHiHiC5McUMfFTYIrCJgNvUbmMg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-06T13:41:52Z" - mac: ENC[AES256_GCM,data:Z/CkDDYJQgYasgaXiIZy+Tr5Z8DjlkLg9XxmrC2cvHABpc5g6mxxSrSYG9DforI2hHvpmz5qPZQ1ztCSft9iPetFGPuWGzCNgvp9CUfMfG7sMAF/+/vEYbgU8plNMHuEAAsfsaZA4HUbM3qHEwQdXmJ6bF+AbPGuMt4z4mSuLQA=,iv:59RdAFi1SpgF3WhDFGxjCmSumn5uxgJCPGpcFJiLhzQ=,tag:mtngOX1rM1zx+VKgaZeX3g==,type:str] + lastmodified: "2024-11-06T15:56:31Z" + mac: ENC[AES256_GCM,data:DPZelvgjo39BDVak1eqsZhc8BK+g5btBV/4GsbBvZsdGOfjTywjwKe2Bz6NZukorCIWzqC6JBED3yLUpYCi+noWJgzPrUQoWKu+qPF1lH4B7FJixJjfSC44ETR21AZtU65UTNEFl1X1pb/+HhD8aLtKy34Dfhw26/Yrh5ZAMex8=,iv:k/adT/ydTLW1TIT+BSanp2xe9S/i2HnTBe1Wpzr94aA=,tag:iEHBO8b2ZFZIfF+Eep00fQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1 diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 4faebcf..a52bf33 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -1,4 +1,5 @@ { + config, lib, namespace, pkgs, @@ -6,12 +7,24 @@ }: let inherit (lib.${namespace}) enabled; + + sopsFile = lib.snowfall.fs.get-file "secrets/secrets-loptland.yaml"; in { imports = [ ./hardware.nix ]; environment.systemPackages = [ pkgs.forgejo-cli ]; + sops.secrets = { + domain = { + inherit sopsFile; + }; + + forgejo_db_password = { + inherit sopsFile; + }; + }; + services.openssh = { enable = true; settings = { @@ -23,6 +36,13 @@ in services.forgejo = { enable = true; lfs.enable = true; + database = { + passwordFile = config.sops.secrets.forgejo_db_password.path; + }; + # settings = { + # server.DOMAIN = config.sops.secrets.domain; + # }; + }; ${namespace} = { @@ -33,7 +53,7 @@ in services = { factorio-server = { enable = true; - sopsFile = lib.snowfall.fs.get-file "secrets/secrets-loptland.yaml"; + inherit sopsFile; }; }; From 8d6c10ccdfb312bf916dfb1aeb47537284172284 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 19:54:03 +0100 Subject: [PATCH 14/20] loptland: I have no idea how nginx works, also need to read up on ACME and LetsEncrypt --- systems/x86_64-linux/loptland/default.nix | 36 ++++++++++++++++++----- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index a52bf33..4e25861 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -8,6 +8,9 @@ let inherit (lib.${namespace}) enabled; + domainName = "v2202411240203293899.ultrasrv.de"; + forgejoPort = 3000; + sopsFile = lib.snowfall.fs.get-file "secrets/secrets-loptland.yaml"; in { @@ -16,10 +19,6 @@ in environment.systemPackages = [ pkgs.forgejo-cli ]; sops.secrets = { - domain = { - inherit sopsFile; - }; - forgejo_db_password = { inherit sopsFile; }; @@ -33,18 +32,41 @@ in }; }; + services.nginx = { + enable = true; + virtualHosts = { + "git.${domainName}" = { + locations."/" = { + proxyPass = "http://localhost:${toString forgejoPort}/"; + }; + }; + }; + }; + services.forgejo = { enable = true; + database.type = "postgres"; lfs.enable = true; database = { passwordFile = config.sops.secrets.forgejo_db_password.path; }; - # settings = { - # server.DOMAIN = config.sops.secrets.domain; - # }; + settings = { + server = { + DOMAIN = "git.${domainName}"; + ROOT_URL = "http://git.${domainName}:${toString forgejoPort}"; + HTTP_PORT = forgejoPort; + }; + service.DISABLE_REGISTRATION = false; + }; }; + networking.firewall.allowedTCPPorts = [ + forgejoPort + 80 + 443 + ]; + ${namespace} = { submodules = { basics = enabled; From 32f138f92721134fbc7674c69a82f371cd429600 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Wed, 6 Nov 2024 20:11:50 +0100 Subject: [PATCH 15/20] loptland: nginx maybe this helps? --- systems/x86_64-linux/loptland/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 4e25861..f68bc9a 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -16,8 +16,6 @@ in { imports = [ ./hardware.nix ]; - environment.systemPackages = [ pkgs.forgejo-cli ]; - sops.secrets = { forgejo_db_password = { inherit sopsFile; @@ -34,13 +32,22 @@ in services.nginx = { enable = true; + recommendedProxySettings = true; + virtualHosts = { "git.${domainName}" = { locations."/" = { proxyPass = "http://localhost:${toString forgejoPort}/"; }; }; + + "${domainName}" = { + locations."/" = { + return = "404 This Site does not exist yet"; + }; + }; }; + }; services.forgejo = { From ed4b918da7d36938a4468f323561b16146471578 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Thu, 7 Nov 2024 21:36:01 +0100 Subject: [PATCH 16/20] loptland: move acme to its own file --- modules/nixos/security/acme/default.nix | 75 +++++++++++++++++++++++ secrets/secrets-loptland.yaml | 9 ++- systems/x86_64-linux/loptland/default.nix | 34 +++++++--- 3 files changed, 108 insertions(+), 10 deletions(-) create mode 100644 modules/nixos/security/acme/default.nix diff --git a/modules/nixos/security/acme/default.nix b/modules/nixos/security/acme/default.nix new file mode 100644 index 0000000..e8cd265 --- /dev/null +++ b/modules/nixos/security/acme/default.nix @@ -0,0 +1,75 @@ +{ + config, + lib, + namespace, + pkgs, + ... +}: +with lib; +with lib.${namespace}; +let + cfg = config.${namespace}.security.acme; +in +{ + options.${namespace}.security.acme = with lib.types; { + enable = mkEnableOption "Enable sops (Default true)"; + email = mkOpt str config.${namespace}.user.email "The email to use."; + sopsFile = mkOption { + type = lib.types.path; + default = lib.snowfall.fs.get-file "secrets/secrets.yaml"; + description = "SecretFile"; + }; + domainname = mkOpt str "christophhollizeck.dev"; + staging = mkOpt bool virtual "Use staging server for testing or not"; + }; + + config = mkIf cfg.enable { + sops = { + secrets = { + netcup_customer_number = { + inherit sopsFile; + }; + + netcup_api_key = { + inherit sopsFile; + }; + + netcup_api_password = { + inherit sopsFile; + }; + }; + + templates = { + "netcup.env" = { + content = '' + NETCUP_CUSTOMER_NUMBER=${config.sops.placeholder.netcup_customer_number} + NETCUP_API_KEY=${config.sops.placeholder.netcup_api_key} + NETCUP_API_PASSWORD=${config.sops.placeholder.netcup_api_password} + NETCUP_PROPAGATION_TIMEOUT=1200 + ''; + }; + }; + + }; + + security.acme = { + acceptTerms = true; + defaults = { + inherit (cfg) email; + + group = mkIf config.services.nginx.enable "nginx"; + reloadServices = optional config.services.nginx.enable "nginx.service"; + + dnsProvider = "netcup"; + environmentFile = config.sops.templates."netcup.env".path; + }; + + certs."${cfg.domainName}" = { + server = mkIf cfg.staging "https://acme-staging-v02.api.letsencrypt.org/directory"; + dnsResolver = "1.1.1.1:53"; + extraDomainNames = [ "*.${cfg.domainName}" ]; + }; + }; + + }; +} diff --git a/secrets/secrets-loptland.yaml b/secrets/secrets-loptland.yaml index fe53cdb..76030da 100644 --- a/secrets/secrets-loptland.yaml +++ b/secrets/secrets-loptland.yaml @@ -1,10 +1,13 @@ -domain: ENC[AES256_GCM,data:9NNsGWnIot9Y9pwLVD9AknFoffZdBD331QdSSlNf1ic=,iv:TbCXwbN9RL4cYY2Aa/Qefccdj+hN9DJhEcKlpkGhFdw=,tag:iNEZRZhrlUUHvOzWnEHcjw==,type:str] #ENC[AES256_GCM,data:Cgp+gOU81+rvdlY=,iv:8DxJxnCslDoEu0bxtlTjmNiAUCdiAV/8VYKTb4yqQ50=,tag:ZTkK7WCOBh1It6GuKPUXdg==,type:comment] factorio_username: ENC[AES256_GCM,data:egV5kXtAiw==,iv:Hay0PC2yol5FAJGcWxLkxzNdwpD1V4UfDDnkhsjvjVQ=,tag:QBDS6eAeOswQoHBoi4Gj6A==,type:str] factorio_token: ENC[AES256_GCM,data:whruEJQCNIqqfMA0A3yQdwwrzpIJBt815Lvex4Au,iv:hh3zZt+UxV9ltSHIAjpTRwtDvPgPU5APrB/1bXtKUkE=,tag:AgUmBYWp+Oyxm8O7yD8vlA==,type:str] factorio_game_password: ENC[AES256_GCM,data:Gu/p0+Sbd6Y=,iv:6AB1T3JdleiUnusU7hw/0wOFNSBsAsBgP2yD9FB7zXk=,tag:DMgD4csthynuBon+KNZtOw==,type:str] #ENC[AES256_GCM,data:15i2BBxM4iM=,iv:JV6Lsk8jUZl/eIJWkH/w5I2NraB9J9+0ggsENBGgbdI=,tag:HDwGheUv7dFIztQoJBjGmQ==,type:comment] forgejo_db_password: ENC[AES256_GCM,data:CFsvko1AXRymDBC6WiOBs98rvFM=,iv:Wemhu8URxA6HsWQyYcPSwJzuMP4myrDC3rU3GEDVt7c=,tag:6wcNlDFVdnjez8hzi4E2cw==,type:str] +#ENC[AES256_GCM,data:nQnLBl7v,iv:HORr/Uvw4eUXfW5uS6rWr+6FkFF9bTNpMYGaRpVITRY=,tag:/r4n/xpqp7EPecGxDj4N+w==,type:comment] +netcup_customer_number: ENC[AES256_GCM,data:pRooJa3O,iv:0U/ONcWa2eqcsT1UpgXmLpAvJndaU8zln2g1HMbBQYE=,tag:+pu8EBl/dnm6DoLAtrjZBQ==,type:str] +netcup_api_key: ENC[AES256_GCM,data:nlkDz1VV2NIXxv/tIROWDHN9DLI0lVq9n9l2FlDwt+3H4G4gg6yCeZjGtR+pTCNfwio=,iv:x8HLL10ww52UJDkz7Yi02KBg7jbuLFHAlG0iMYDd8hk=,tag:pcuka4/Hu/QFIwS0b8GlxQ==,type:str] +netcup_api_password: ENC[AES256_GCM,data:k2mdQp57x5ZTypRCHbVlq1fembJ0uj5D0rb72K5rac43p888y3TFyiYVuDTosxR66mo=,iv:0OhtKWD/LWeV5ZWN9fbPozebSxvaFRdSn1AkX97ffAM=,tag:uY6A4jBL/9mtGy7++Yvn0A==,type:str] sops: kms: [] gcp_kms: [] @@ -20,8 +23,8 @@ sops: NmhrdXhpbVlmUFNsT1VaQjZyYkZkdzgKhL2BKXfPWNWUbFavpmtBQpnNEm/x0xH6 NsjiV05AcrqPmGjj2kjvTv4ULPSoHiHiC5McUMfFTYIrCJgNvUbmMg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-06T15:56:31Z" - mac: ENC[AES256_GCM,data:DPZelvgjo39BDVak1eqsZhc8BK+g5btBV/4GsbBvZsdGOfjTywjwKe2Bz6NZukorCIWzqC6JBED3yLUpYCi+noWJgzPrUQoWKu+qPF1lH4B7FJixJjfSC44ETR21AZtU65UTNEFl1X1pb/+HhD8aLtKy34Dfhw26/Yrh5ZAMex8=,iv:k/adT/ydTLW1TIT+BSanp2xe9S/i2HnTBe1Wpzr94aA=,tag:iEHBO8b2ZFZIfF+Eep00fQ==,type:str] + lastmodified: "2024-11-07T14:40:34Z" + mac: ENC[AES256_GCM,data:uk2AeOA9pnhekuofIjXavCGy9ZaO0ObprkvnGhJg5lPr/hyT9l7YcZtMQ7wckKDLS03I1hCAcNg0w/EmSUeU2+EHLb6Z1IUj3l0HBUPtPIJwJZifkrzp9iQwGwlK+i6nfREEgPGeuNMj/rnD67MECO4NRHTzGBzH7ZImoDpu0Us=,iv:ss8Q7i75UOQDMJfw4dQCT0qxPUGwfHizX0c/TUej+vc=,tag:iufeO6sfaToNcJg6E8tuxA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.1 diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index f68bc9a..9dc9e73 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -6,19 +6,26 @@ ... }: let + inherit (lib) mkIf; inherit (lib.${namespace}) enabled; - domainName = "v2202411240203293899.ultrasrv.de"; + domainName = "christophhollizeck.dev"; forgejoPort = 3000; + cfg.enableAcme = true; + sopsFile = lib.snowfall.fs.get-file "secrets/secrets-loptland.yaml"; in { imports = [ ./hardware.nix ]; - sops.secrets = { - forgejo_db_password = { - inherit sopsFile; + environment.systemPackages = [ ]; + + sops = { + secrets = { + forgejo_db_password = { + inherit sopsFile; + }; }; }; @@ -36,18 +43,23 @@ in virtualHosts = { "git.${domainName}" = { + forceSSL = cfg.enableAcme; + useACMEHost = mkIf cfg.enableAcme domainName; + locations."/" = { proxyPass = "http://localhost:${toString forgejoPort}/"; }; }; "${domainName}" = { + forceSSL = cfg.enableAcme; + useACMEHost = mkIf cfg.enableAcme domainName; + locations."/" = { - return = "404 This Site does not exist yet"; + return = "404"; }; }; }; - }; services.forgejo = { @@ -57,6 +69,7 @@ in database = { passwordFile = config.sops.secrets.forgejo_db_password.path; }; + settings = { server = { DOMAIN = "git.${domainName}"; @@ -64,7 +77,7 @@ in HTTP_PORT = forgejoPort; }; - service.DISABLE_REGISTRATION = false; + service.DISABLE_REGISTRATION = true; }; }; @@ -86,6 +99,13 @@ in }; }; + security = { + acme = { + enable = cfg.enableAcme; + inherit sopsFile; + }; + }; + user.trustedPublicKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0" ]; From 5c542b941466168571746d23bcc91dc65e17f0b1 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Thu, 7 Nov 2024 22:14:22 +0100 Subject: [PATCH 17/20] ssh: attempt to speed up connection to self hosted git but forcing ipv4 --- flake.lock | 104 ++++++++++----------- systems/x86_64-linux/yggdrasil/default.nix | 4 + 2 files changed, 56 insertions(+), 52 deletions(-) diff --git a/flake.lock b/flake.lock index 2107ae1..768ae8b 100644 --- a/flake.lock +++ b/flake.lock @@ -39,11 +39,11 @@ ] }, "locked": { - "lastModified": 1729527199, - "narHash": "sha256-D5/YksfRga8Akd04ZtIkuYSIOjXVrAzQIQBSeplokzU=", + "lastModified": 1730968822, + "narHash": "sha256-NocDjINsh6ismkhb0Xr6xPRksmhuB2WGf8ZmXMhxu7Y=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "8d732fa8aff8b12ef2b1e2f00fc8153e41312b72", + "rev": "a49bc3583ff223f426cb3526fdaa4bcaa247ec14", "type": "github" }, "original": { @@ -75,11 +75,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1730702146, - "narHash": "sha256-a657FU8MS5m0Y4pQvcmQPfvXYOPpxih7u2hU57Bn2i4=", + "lastModified": 1730961036, + "narHash": "sha256-nkho9Dq4WzyF4xr83UdxrlDS5Sm7ZKkPaqGVupLOpOI=", "owner": "nix-community", "repo": "fenix", - "rev": "fa3610f841725c8e20fc0fab070ee60609fdd5ee", + "rev": "9bf50cb857db8dba15528f3905e271d948cbff06", "type": "github" }, "original": { @@ -379,11 +379,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1730313564, - "narHash": "sha256-1RBs/WOH3gp2ETDruEbM2vq2tPiJmqQ3wrjiKREE5NU=", + "lastModified": 1730790589, + "narHash": "sha256-xJ6bQ4VmdTB7A+dMbmOMaZ8a6erB6rkZkB+yzqD7gd4=", "owner": "helix-editor", "repo": "helix", - "rev": "38faf74febf3332fb119302324bfd21229d39e14", + "rev": "b53dafe326d51b7f64a1c52379e3d4150cd2991e", "type": "github" }, "original": { @@ -399,11 +399,11 @@ ] }, "locked": { - "lastModified": 1730633670, - "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -476,11 +476,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1730749523, - "narHash": "sha256-TWGd3+hjDcwEDE2YzIXWFUWkDFWr5r6KcBADc4Dxiik=", + "lastModified": 1730969692, + "narHash": "sha256-yHY98IWTLDz57TrseUxdh5QnpngcNCjNXTJ2XCeNhtk=", "ref": "refs/heads/main", - "rev": "88e9e0394541a853600bc2c910005c05fa156269", - "revCount": 5410, + "rev": "e58e97b0a38b8ccc87a4304c9e4e2b37c9966875", + "revCount": 5425, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -612,11 +612,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1730590959, - "narHash": "sha256-ss3lT96WFdiNxI4mtrmRtV1XsfxIs2BtYLiU9BKu7Uo=", + "lastModified": 1730911842, + "narHash": "sha256-stAVRv13iACAIJ6mheJOwZXWD24YDupyshaUDovVNi4=", "owner": "hyprwm", "repo": "hyprlock", - "rev": "f225e23e5b275dd5b3f7b2cc007ab4b559d8a9d9", + "rev": "4fc133c96fa1ad2968cad44f8e9e9e923cd0381a", "type": "github" }, "original": { @@ -631,11 +631,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1730716171, - "narHash": "sha256-Zk3rFDpwnceOMnpUCXWMYqG3yLL05bo7bS76tOfwZAU=", + "lastModified": 1730958442, + "narHash": "sha256-8vmh+ehnDnIenBNibGTPCu8p7cJiFP6bzj0E7pBxgQQ=", "owner": "Jas-SinghFSU", "repo": "HyprPanel", - "rev": "155b9bb1f703aede9dfa9e17ad19eaa9767f5eb1", + "rev": "dbd932941b46ced4eac5da30994d5af2ca80530c", "type": "github" }, "original": { @@ -656,11 +656,11 @@ ] }, "locked": { - "lastModified": 1728941256, - "narHash": "sha256-WRypmcZ2Bw94lLmcmxYokVOHPJSZ7T06V49QZ4tkZeQ=", + "lastModified": 1730968903, + "narHash": "sha256-zFvzLXcSm0Ia4XI1SE4FQ9KE63hlGrRWhLtwMolWuR8=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "fd4be8b9ca932f7384e454bcd923c5451ef2aa85", + "rev": "3ce0cde8709cdacbfba471f8e828433b58a561e9", "type": "github" }, "original": { @@ -763,11 +763,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730537918, - "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", + "lastModified": 1730919458, + "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", + "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", "type": "github" }, "original": { @@ -800,11 +800,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -844,11 +844,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730758219, - "narHash": "sha256-/ZDUbjpoP6rhXGzD0s6YGQcKRGX1C6gLn5zxe1npkiQ=", + "lastModified": 1731013087, + "narHash": "sha256-RYC/HjbCxras96cu169X3p/AzCQRBcVLLYwV7lb9KeE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5d608d235a0cb6b142410286169e7857e4f115a2", + "rev": "febd04d099308693051236f860871410a34c2d6f", "type": "github" }, "original": { @@ -860,11 +860,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1720386169, - "narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=", + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "194846768975b7ad2c4988bdb82572c00222c0d7", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", "type": "github" }, "original": { @@ -892,11 +892,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -972,11 +972,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -1029,11 +1029,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1729104314, - "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", + "lastModified": 1730814269, + "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", + "rev": "d70155fdc00df4628446352fc58adc640cd705c2", "type": "github" }, "original": { @@ -1070,11 +1070,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1730645367, - "narHash": "sha256-RnmBO+9zmZ3NpU6+NfYUDRg31dsPZ17xUqXVw/ZOKZ8=", + "lastModified": 1730749868, + "narHash": "sha256-b8UMpLh61z6T4J1NObustAuFGoJiAKBTaPTrEf3Amts=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "e44691a60443f1246a077df659607ca89f2ddc58", + "rev": "b51f9bc736dc0472481a47d7c05de2901323e543", "type": "github" }, "original": { @@ -1179,11 +1179,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1730746162, - "narHash": "sha256-ZGmI+3AbT8NkDdBQujF+HIxZ+sWXuyT6X8B49etWY2g=", + "lastModified": 1731008979, + "narHash": "sha256-yN1NxvmqV8UltLkqYBWTeZNgpD/eyh/7LM58caHiEfE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "59d6988329626132eaf107761643f55eb979eef1", + "rev": "fe63071416471abdab06caa234122932a7c4b980", "type": "github" }, "original": { diff --git a/systems/x86_64-linux/yggdrasil/default.nix b/systems/x86_64-linux/yggdrasil/default.nix index ec3dff9..7dfecfe 100644 --- a/systems/x86_64-linux/yggdrasil/default.nix +++ b/systems/x86_64-linux/yggdrasil/default.nix @@ -21,6 +21,10 @@ in virtualisation.waydroid = enabled; + programs.ssh.extraConfig = '' + AddressFamily inet + ''; + ${namespace} = { archetypes = { gaming.enable = true; From fdb4c024e47d10ff80048c3234ff3ba668ff7ad4 Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Thu, 7 Nov 2024 22:22:14 +0100 Subject: [PATCH 18/20] op: autosignin in terminal only session --- systems/x86_64-linux/loptland/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index 9dc9e73..b53511f 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -110,6 +110,12 @@ in "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0" ]; + home.extraOptions = { + programs.fish.shellInit = '' + eval $(op signin) + ''; + }; + }; system.stateVersion = "24.11"; From a0103c86d919faff0796a51c8bc0bc76c82b970c Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Thu, 7 Nov 2024 22:33:27 +0100 Subject: [PATCH 19/20] acme: fix typos --- modules/nixos/security/acme/default.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules/nixos/security/acme/default.nix b/modules/nixos/security/acme/default.nix index e8cd265..a574009 100644 --- a/modules/nixos/security/acme/default.nix +++ b/modules/nixos/security/acme/default.nix @@ -19,23 +19,23 @@ in default = lib.snowfall.fs.get-file "secrets/secrets.yaml"; description = "SecretFile"; }; - domainname = mkOpt str "christophhollizeck.dev"; - staging = mkOpt bool virtual "Use staging server for testing or not"; + domainname = mkOpt str "christophhollizeck.dev" "domainname to use"; + staging = mkOpt bool false "Use staging server for testing or not"; }; config = mkIf cfg.enable { sops = { secrets = { netcup_customer_number = { - inherit sopsFile; + inherit (cfg) sopsFile; }; netcup_api_key = { - inherit sopsFile; + inherit (cfg) sopsFile; }; netcup_api_password = { - inherit sopsFile; + inherit (cfg) sopsFile; }; }; @@ -64,10 +64,10 @@ in environmentFile = config.sops.templates."netcup.env".path; }; - certs."${cfg.domainName}" = { + certs."${cfg.domainname}" = { server = mkIf cfg.staging "https://acme-staging-v02.api.letsencrypt.org/directory"; dnsResolver = "1.1.1.1:53"; - extraDomainNames = [ "*.${cfg.domainName}" ]; + extraDomainNames = [ "*.${cfg.domainname}" ]; }; }; From b8155bff9e26eb980167cf5a99ed7c891247a44a Mon Sep 17 00:00:00 2001 From: Christoph Hollizeck Date: Fri, 8 Nov 2024 00:14:39 +0100 Subject: [PATCH 20/20] loptland: add ssh key of phone, make sure that fish loads op in terminal only session, without bricking homemanager --- modules/nixos/apps/cli-apps/helix/default.nix | 217 +++++++++--------- systems/x86_64-linux/loptland/default.nix | 12 +- 2 files changed, 112 insertions(+), 117 deletions(-) diff --git a/modules/nixos/apps/cli-apps/helix/default.nix b/modules/nixos/apps/cli-apps/helix/default.nix index d81fb6f..5610350 100644 --- a/modules/nixos/apps/cli-apps/helix/default.nix +++ b/modules/nixos/apps/cli-apps/helix/default.nix @@ -18,7 +18,7 @@ let in { options.${namespace}.apps.cli-apps.helix = { - enable = mkEnableOption "Whether to enable nixvim or not"; + enable = mkEnableOption "Whether to enable helix or not"; }; config = mkIf cfg.enable { @@ -30,124 +30,119 @@ in }; ${namespace} = { - home = { - extraOptions = { - programs.helix = { - enable = true; - package = helix-pkg; - defaultEditor = true; - settings = { - theme = "tokyonight"; - editor = { - auto-format = true; - line-number = "relative"; + home.extraOptions = { + programs.helix = { + enable = true; + package = helix-pkg; + defaultEditor = true; + settings = { + theme = "tokyonight"; + editor = { + auto-format = true; + line-number = "relative"; - lsp = { - display-inlay-hints = true; - display-messages = true; - }; - - cursor-shape = { - normal = "block"; - insert = "bar"; - select = "underline"; - }; - - indent-guides = { - render = true; - character = "|"; - }; - - statusline = { - left = [ - "mode" - "spinner" - ]; - center = [ "file-name" ]; - right = [ - "workspace-diagnostics" - "diagnostics" - "selections" - "position" - "total-line-numbers" - "spacer" - "file-encoding" - "file-line-ending" - "file-type" - ]; - separator = "│"; - }; + lsp = { + display-inlay-hints = true; + display-messages = true; }; - keys = { - normal = { - esc = [ - "collapse_selection" - "keep_primary_selection" - ]; - space = { - space = "file_picker"; - }; + cursor-shape = { + normal = "block"; + insert = "bar"; + select = "underline"; + }; - C-j = [ - "move_line_down" - "move_line_down" - "move_line_down" - "move_line_down" - "move_line_down" - ]; - C-k = [ - "move_line_up" - "move_line_up" - "move_line_up" - "move_line_up" - "move_line_up" - ]; - }; + indent-guides = { + render = true; + character = "|"; + }; + + statusline = { + left = [ + "mode" + "spinner" + ]; + center = [ "file-name" ]; + right = [ + "workspace-diagnostics" + "diagnostics" + "selections" + "position" + "total-line-numbers" + "spacer" + "file-encoding" + "file-line-ending" + "file-type" + ]; + separator = "│"; }; }; - languages = { - language = [ - { - name = "nix"; - auto-format = true; - formatter.command = "${pkgs.nixfmt-rfc-style}/bin/nixfmt"; - language-servers = [ - "nixd" - "nil" - ]; - } - { - # provided by the dev environment in the rust shell - name = "rust"; - auto-format = true; - formatter.command = "cargo fmt"; - language-servers = [ "rust-analyzer" ]; - } - ]; + keys = { + normal = { + esc = [ + "collapse_selection" + "keep_primary_selection" + ]; + space = { + space = "file_picker"; + }; - language-server = { - nil = { - command = "${pkgs.nil}/bin/nil"; - }; - nixd = { - command = "${pkgs.nixd}/bin/nixd"; - }; - marksman = { - command = "${pkgs.marksman}/bin/marksman"; - }; - vscode-json-language-server = { - command = "${pkgs.vscode-langservers-extracted}/bin/vscode-json-language-server"; - args = [ "--stdio" ]; - config.provideFormatter = true; - config.json.validate.enable = true; - }; - vscode-css-language-server = { - command = "${pkgs.vscode-langservers-extracted}/bin/vscode-css-language-server"; - args = [ "--stdio" ]; - config.provideFormatter = true; - }; + C-j = [ + "move_line_down" + "move_line_down" + "move_line_down" + "move_line_down" + "move_line_down" + ]; + C-k = [ + "move_line_up" + "move_line_up" + "move_line_up" + "move_line_up" + "move_line_up" + ]; + }; + }; + }; + + languages = { + language = [ + { + name = "nix"; + auto-format = true; + formatter.command = "${pkgs.nixfmt-rfc-style}/bin/nixfmt"; + language-servers = [ + "nixd" + "nil" + ]; + } + { + # provided by the dev environment in the rust shell + name = "rust"; + auto-format = true; + formatter.command = "cargo fmt"; + language-servers = [ "rust-analyzer" ]; + } + ]; + + language-server = { + nixd = { + command = "${pkgs.nixd}/bin/nixd"; + }; + marksman = { + command = "${pkgs.marksman}/bin/marksman"; + }; + vscode-json-language-server = { + command = "${pkgs.vscode-langservers-extracted}/bin/vscode-json-language-server"; + args = [ "--stdio" ]; + config.provideFormatter = true; + config.json.validate.enable = true; + }; + vscode-css-language-server = { + command = "${pkgs.vscode-langservers-extracted}/bin/vscode-css-language-server"; + args = [ "--stdio" ]; + config.provideFormatter = true; }; }; }; diff --git a/systems/x86_64-linux/loptland/default.nix b/systems/x86_64-linux/loptland/default.nix index b53511f..92ae507 100644 --- a/systems/x86_64-linux/loptland/default.nix +++ b/systems/x86_64-linux/loptland/default.nix @@ -108,14 +108,14 @@ in user.trustedPublicKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII4Pr7p0jizrvIl0UhcvrmL5SHRQQQWIcHLAnRFyUZS6" ]; + }; - home.extraOptions = { - programs.fish.shellInit = '' - eval $(op signin) - ''; - }; - + snowfallorg.users.${config.${namespace}.user.name}.home.config = { + programs.fish.shellInit = '' + eval $(op signin) + ''; }; system.stateVersion = "24.11";