treewide: alejandra -> nixfmt-rfc-style
This commit is contained in:
parent
b36d666c02
commit
0b89e192b1
64 changed files with 541 additions and 377 deletions
|
@ -201,11 +201,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722181846,
|
"lastModified": 1724599287,
|
||||||
"narHash": "sha256-/yyqi39qr7Z+Bkv8gVVqB5q/gu1cLna3TtzbADLzEbc=",
|
"narHash": "sha256-M4OllWFNDcvgY2rgx/9uWn9jpunSb2CzmqPDcuS27SQ=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "214725ef364950e5b086f0cd3f7978f38655a58b",
|
"rev": "a2f4145923cbbabb63e7749a49c86052a17389f7",
|
||||||
"revCount": 70,
|
"revCount": 72,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.ny4.dev/nyancat/nvim"
|
"url": "https://git.ny4.dev/nyancat/nvim"
|
||||||
},
|
},
|
||||||
|
|
55
flake.nix
55
flake.nix
|
@ -83,28 +83,33 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs:
|
outputs =
|
||||||
inputs.flake-utils.lib.eachDefaultSystem (system: let
|
inputs:
|
||||||
pkgs = inputs.nixpkgs.legacyPackages.${system};
|
inputs.flake-utils.lib.eachDefaultSystem (
|
||||||
treefmtEval = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
|
system:
|
||||||
in {
|
let
|
||||||
### nix fmt
|
pkgs = inputs.nixpkgs.legacyPackages.${system};
|
||||||
formatter = treefmtEval.config.build.wrapper;
|
treefmtEval = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
### nix fmt
|
||||||
|
formatter = treefmtEval.config.build.wrapper;
|
||||||
|
|
||||||
### nix flake check
|
### nix flake check
|
||||||
checks.formatting = treefmtEval.config.build.check inputs.self;
|
checks.formatting = treefmtEval.config.build.check inputs.self;
|
||||||
|
|
||||||
### nix {run,shell,build}
|
### nix {run,shell,build}
|
||||||
legacyPackages = import ./pkgs pkgs;
|
legacyPackages = import ./pkgs pkgs;
|
||||||
|
|
||||||
### nix develop
|
### nix develop
|
||||||
devShells.default = pkgs.mkShell {
|
devShells.default = pkgs.mkShell {
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
colmena
|
colmena
|
||||||
sops
|
sops
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
})
|
}
|
||||||
|
)
|
||||||
// {
|
// {
|
||||||
### imports = [];
|
### imports = [];
|
||||||
nixosModules.default = ./nixos/modules;
|
nixosModules.default = ./nixos/modules;
|
||||||
|
@ -120,12 +125,16 @@
|
||||||
./nixos/profiles/core
|
./nixos/profiles/core
|
||||||
./hosts/dust
|
./hosts/dust
|
||||||
];
|
];
|
||||||
specialArgs = {inherit inputs;};
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
colmena = {
|
colmena = {
|
||||||
meta = {
|
meta = {
|
||||||
specialArgs = {inherit inputs;};
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
nixpkgs = import inputs.nixpkgs {
|
nixpkgs = import inputs.nixpkgs {
|
||||||
system = "x86_64-linux"; # How does this work?
|
system = "x86_64-linux"; # How does this work?
|
||||||
};
|
};
|
||||||
|
@ -137,12 +146,12 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
"tyo0" = {
|
"tyo0" = {
|
||||||
imports = [./hosts/tyo0];
|
imports = [ ./hosts/tyo0 ];
|
||||||
deployment.targetHost = "tyo0.ny4.dev";
|
deployment.targetHost = "tyo0.ny4.dev";
|
||||||
};
|
};
|
||||||
|
|
||||||
"blacksteel" = {
|
"blacksteel" = {
|
||||||
imports = [./hosts/blacksteel];
|
imports = [ ./hosts/blacksteel ];
|
||||||
deployment.targetHost = "blacksteel"; # thru tailscale
|
deployment.targetHost = "blacksteel"; # thru tailscale
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
programs.atuin = {
|
programs.atuin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
flags = ["--disable-up-arrow"];
|
flags = [ "--disable-up-arrow" ];
|
||||||
settings = {
|
settings = {
|
||||||
style = "compact";
|
style = "compact";
|
||||||
show_help = false;
|
show_help = false;
|
||||||
|
@ -9,9 +9,26 @@
|
||||||
|
|
||||||
stats = {
|
stats = {
|
||||||
common_subcommands =
|
common_subcommands =
|
||||||
["nix" "nom" "nh" "podman" "docker" "atuin" "hugo" "adb"]
|
[
|
||||||
|
"nix"
|
||||||
|
"nom"
|
||||||
|
"nh"
|
||||||
|
"podman"
|
||||||
|
"docker"
|
||||||
|
"atuin"
|
||||||
|
"hugo"
|
||||||
|
"adb"
|
||||||
|
]
|
||||||
# default
|
# default
|
||||||
++ ["cargo" "go" "git" "npm" "yarn" "pnpm" "kubectl"];
|
++ [
|
||||||
|
"cargo"
|
||||||
|
"go"
|
||||||
|
"git"
|
||||||
|
"npm"
|
||||||
|
"yarn"
|
||||||
|
"pnpm"
|
||||||
|
"kubectl"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
programs.bash = {
|
programs.bash = {
|
||||||
enable = true;
|
enable = true;
|
||||||
historyFile = "${config.xdg.configHome}/bash/.bash_history";
|
historyFile = "${config.xdg.configHome}/bash/.bash_history";
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}:
|
||||||
|
let
|
||||||
package = pkgs.qt6Packages.fcitx5-with-addons.override {
|
package = pkgs.qt6Packages.fcitx5-with-addons.override {
|
||||||
addons = with pkgs; [
|
addons = with pkgs; [
|
||||||
qt6Packages.fcitx5-chinese-addons
|
qt6Packages.fcitx5-chinese-addons
|
||||||
|
@ -11,16 +12,17 @@
|
||||||
fcitx5-pinyin-zhwiki
|
fcitx5-pinyin-zhwiki
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
home.packages = [
|
home.packages = [
|
||||||
package
|
package
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.user.services.fcitx5-daemon = {
|
systemd.user.services.fcitx5-daemon = {
|
||||||
Unit.Description = "Fcitx5 input method editor";
|
Unit.Description = "Fcitx5 input method editor";
|
||||||
Unit.PartOf = ["graphical-session.target"];
|
Unit.PartOf = [ "graphical-session.target" ];
|
||||||
Service.ExecStart = lib.getExe' package "fcitx5";
|
Service.ExecStart = lib.getExe' package "fcitx5";
|
||||||
Install.WantedBy = ["graphical-session.target"];
|
Install.WantedBy = [ "graphical-session.target" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
xdg.configFile."fcitx5/conf/classicui.conf".text = ''
|
xdg.configFile."fcitx5/conf/classicui.conf".text = ''
|
||||||
|
|
|
@ -1,16 +1,17 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
programs.firefox = {
|
programs.firefox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.firefox.override {
|
package = pkgs.firefox.override {
|
||||||
extraPrefsFiles = [
|
extraPrefsFiles = [
|
||||||
"${pkgs.arkenfox-userjs}/user.cfg"
|
"${pkgs.arkenfox-userjs}/user.cfg"
|
||||||
(pkgs.runCommandLocal "userjs" {} ''
|
(pkgs.runCommandLocal "userjs" { } ''
|
||||||
install -Dm644 ${./user-overrides.js} $out
|
install -Dm644 ${./user-overrides.js} $out
|
||||||
substituteInPlace $out \
|
substituteInPlace $out \
|
||||||
--replace-fail "user_pref" "defaultPref"
|
--replace-fail "user_pref" "defaultPref"
|
||||||
'')
|
'')
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
profiles."default" = {};
|
profiles."default" = { };
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
programs.fish = {
|
programs.fish = {
|
||||||
enable = true;
|
enable = true;
|
||||||
interactiveShellInit = ''
|
interactiveShellInit = ''
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
programs.git = rec {
|
programs.git = rec {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.gitFull; # overriding takes forever to compile
|
package = pkgs.gitFull; # overriding takes forever to compile
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
programs.go.enable = true;
|
programs.go.enable = true;
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
gopls
|
gopls
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
programs.gpg = {
|
programs.gpg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
homedir = "${config.xdg.dataHome}/gnupg";
|
homedir = "${config.xdg.dataHome}/gnupg";
|
||||||
|
|
|
@ -4,10 +4,10 @@
|
||||||
bars.default = {
|
bars.default = {
|
||||||
icons = "material-nf";
|
icons = "material-nf";
|
||||||
blocks = [
|
blocks = [
|
||||||
{block = "backlight";}
|
{ block = "backlight"; }
|
||||||
{block = "sound";}
|
{ block = "sound"; }
|
||||||
{block = "battery";}
|
{ block = "battery"; }
|
||||||
{block = "time";}
|
{ block = "time"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
programs.mpv = {
|
programs.mpv = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
|
@ -22,65 +23,72 @@
|
||||||
modernx-zydezu
|
modernx-zydezu
|
||||||
thumbfast
|
thumbfast
|
||||||
])
|
])
|
||||||
++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (with pkgs.mpvScripts; [
|
++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (
|
||||||
mpris
|
with pkgs.mpvScripts;
|
||||||
]);
|
[
|
||||||
|
mpris
|
||||||
|
]
|
||||||
|
);
|
||||||
|
|
||||||
bindings = let
|
bindings =
|
||||||
inherit (pkgs) anime4k;
|
let
|
||||||
setShader = message: files: ''no-osd change-list glsl-shaders set "${lib.concatStringsSep ":" files}"; show-text "${message}"'';
|
inherit (pkgs) anime4k;
|
||||||
in {
|
setShader =
|
||||||
"CTRL+1" = setShader "Anime4K: Mode A (Fast)" [
|
message: files:
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
''no-osd change-list glsl-shaders set "${lib.concatStringsSep ":" files}"; show-text "${message}"'';
|
||||||
"${anime4k}/Anime4K_Restore_CNN_M.glsl"
|
in
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
{
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
"CTRL+1" = setShader "Anime4K: Mode A (Fast)" [
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Restore_CNN_M.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
||||||
"CTRL+2" = setShader "Anime4K: Mode B (Fast)" [
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
"${anime4k}/Anime4K_Restore_CNN_Soft_M.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
];
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
"CTRL+2" = setShader "Anime4K: Mode B (Fast)" [
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Restore_CNN_Soft_M.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
||||||
"CTRL+3" = setShader "Anime4K: Mode C (Fast)" [
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_Denoise_CNN_x2_M.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
];
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"CTRL+3" = setShader "Anime4K: Mode C (Fast)" [
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_Upscale_Denoise_CNN_x2_M.glsl"
|
||||||
"CTRL+4" = setShader "Anime4K: Mode A+A (Fast)" [
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
"${anime4k}/Anime4K_Restore_CNN_M.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
];
|
||||||
"${anime4k}/Anime4K_Restore_CNN_S.glsl"
|
"CTRL+4" = setShader "Anime4K: Mode A+A (Fast)" [
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"${anime4k}/Anime4K_Restore_CNN_M.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_Restore_CNN_S.glsl"
|
||||||
"CTRL+5" = setShader "Anime4K: Mode B+B (Fast)" [
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
"${anime4k}/Anime4K_Restore_CNN_Soft_M.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
];
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
"CTRL+5" = setShader "Anime4K: Mode B+B (Fast)" [
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
"${anime4k}/Anime4K_Restore_CNN_Soft_S.glsl"
|
"${anime4k}/Anime4K_Restore_CNN_Soft_M.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_M.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
"CTRL+6" = setShader "Anime4K: Mode C+A (Fast)" [
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
"${anime4k}/Anime4K_Restore_CNN_Soft_S.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_Denoise_CNN_x2_M.glsl"
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
];
|
||||||
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
"CTRL+6" = setShader "Anime4K: Mode C+A (Fast)" [
|
||||||
"${anime4k}/Anime4K_Restore_CNN_S.glsl"
|
"${anime4k}/Anime4K_Clamp_Highlights.glsl"
|
||||||
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
"${anime4k}/Anime4K_Upscale_Denoise_CNN_x2_M.glsl"
|
||||||
];
|
"${anime4k}/Anime4K_AutoDownscalePre_x2.glsl"
|
||||||
|
"${anime4k}/Anime4K_AutoDownscalePre_x4.glsl"
|
||||||
|
"${anime4k}/Anime4K_Restore_CNN_S.glsl"
|
||||||
|
"${anime4k}/Anime4K_Upscale_CNN_x2_S.glsl"
|
||||||
|
];
|
||||||
|
|
||||||
"CTRL+0" = ''no-osd change-list glsl-shaders clr ""; show-text "GLSL shaders cleared"'';
|
"CTRL+0" = ''no-osd change-list glsl-shaders clr ""; show-text "GLSL shaders cleared"'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
home.packages = [pkgs.nautilus];
|
{
|
||||||
|
home.packages = [ pkgs.nautilus ];
|
||||||
dconf.settings = {
|
dconf.settings = {
|
||||||
"org/gnome/nautilus/list-view".default-zoom-level = "small";
|
"org/gnome/nautilus/list-view".default-zoom-level = "small";
|
||||||
"org/gnome/nautilus/preferences".default-folder-viewer = "list-view";
|
"org/gnome/nautilus/preferences".default-folder-viewer = "list-view";
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
inputs,
|
inputs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
home.packages = [
|
home.packages = [
|
||||||
(inputs.neovim.packages.${pkgs.stdenv.hostPlatform.system}.default.override {
|
(inputs.neovim.packages.${pkgs.stdenv.hostPlatform.system}.default.override {
|
||||||
viAlias = true;
|
viAlias = true;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
alejandra
|
|
||||||
colmena
|
colmena
|
||||||
deadnix
|
deadnix
|
||||||
nh
|
nh
|
||||||
|
|
|
@ -1,11 +1,14 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
matchBlocks = let
|
matchBlocks =
|
||||||
inherit (config.home) homeDirectory;
|
let
|
||||||
in {
|
inherit (config.home) homeDirectory;
|
||||||
"blacksteel".identityFile = "${homeDirectory}/.ssh/id_github_signing";
|
in
|
||||||
"tyo0.ny4.dev".identityFile = "${homeDirectory}/.ssh/id_github_signing";
|
{
|
||||||
};
|
"blacksteel".identityFile = "${homeDirectory}/.ssh/id_github_signing";
|
||||||
|
"tyo0.ny4.dev".identityFile = "${homeDirectory}/.ssh/id_github_signing";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
programs.starship = {
|
programs.starship = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -4,7 +4,8 @@
|
||||||
inputs,
|
inputs,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../i3status-rust
|
../i3status-rust
|
||||||
../kanshi
|
../kanshi
|
||||||
|
@ -67,9 +68,10 @@
|
||||||
|
|
||||||
### Keybinds
|
### Keybinds
|
||||||
modifier = "Mod4";
|
modifier = "Mod4";
|
||||||
keybindings = let
|
keybindings =
|
||||||
inherit (config.wayland.windowManager.sway.config) modifier;
|
let
|
||||||
in
|
inherit (config.wayland.windowManager.sway.config) modifier;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
### Sway itself
|
### Sway itself
|
||||||
# Window
|
# Window
|
||||||
|
@ -116,17 +118,19 @@
|
||||||
"XF86AudioStop" = "exec ${lib.getExe pkgs.playerctl} stop";
|
"XF86AudioStop" = "exec ${lib.getExe pkgs.playerctl} stop";
|
||||||
}
|
}
|
||||||
//
|
//
|
||||||
# workspace binds
|
# workspace binds
|
||||||
lib.listToAttrs (lib.concatMap (x: [
|
lib.listToAttrs (
|
||||||
{
|
lib.concatMap (x: [
|
||||||
name = "${modifier}+${x}";
|
{
|
||||||
value = "workspace ${x}";
|
name = "${modifier}+${x}";
|
||||||
}
|
value = "workspace ${x}";
|
||||||
{
|
}
|
||||||
name = "${modifier}+Shift+${x}";
|
{
|
||||||
value = "move container to workspace ${x}";
|
name = "${modifier}+Shift+${x}";
|
||||||
}
|
value = "move container to workspace ${x}";
|
||||||
]) (lib.genList (x: toString (x + 1)) 9));
|
}
|
||||||
|
]) (lib.genList (x: toString (x + 1)) 9)
|
||||||
|
);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,36 +3,39 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../swaylock
|
../swaylock
|
||||||
];
|
];
|
||||||
|
|
||||||
services.swayidle = let
|
services.swayidle =
|
||||||
lock = lib.getExe config.programs.swaylock.package;
|
let
|
||||||
brightness = lib.getExe pkgs.brightnessctl;
|
lock = lib.getExe config.programs.swaylock.package;
|
||||||
in {
|
brightness = lib.getExe pkgs.brightnessctl;
|
||||||
enable = true;
|
in
|
||||||
timeouts = [
|
{
|
||||||
{
|
enable = true;
|
||||||
timeout = 60 * 9;
|
timeouts = [
|
||||||
command = "${brightness} -s set 20%";
|
{
|
||||||
resumeCommand = "${brightness} -r";
|
timeout = 60 * 9;
|
||||||
}
|
command = "${brightness} -s set 20%";
|
||||||
{
|
resumeCommand = "${brightness} -r";
|
||||||
timeout = 60 * 10;
|
}
|
||||||
command = "systemctl suspend";
|
{
|
||||||
}
|
timeout = 60 * 10;
|
||||||
];
|
command = "systemctl suspend";
|
||||||
events = [
|
}
|
||||||
{
|
];
|
||||||
event = "lock";
|
events = [
|
||||||
command = lock;
|
{
|
||||||
}
|
event = "lock";
|
||||||
{
|
command = lock;
|
||||||
event = "before-sleep";
|
}
|
||||||
command = lock;
|
{
|
||||||
}
|
event = "before-sleep";
|
||||||
];
|
command = lock;
|
||||||
};
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
inputs,
|
inputs,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
programs.swaylock = {
|
programs.swaylock = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
programs.thunderbird = {
|
programs.thunderbird = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.thunderbird-128;
|
package = pkgs.thunderbird-128;
|
||||||
profiles.default = {
|
profiles.default = {
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
${builtins.readFile (builtins.fetchurl {
|
${builtins.readFile (
|
||||||
url = "https://raw.githubusercontent.com/HorlogeSkynet/thunderbird-user.js/824edabe6303d6b85a32fcba96901706ed4c5922/user.js";
|
builtins.fetchurl {
|
||||||
sha256 = "0jg7i39yp21r66azlzk7978qj57rgb8c09d1hccpcw058isgymq6";
|
url = "https://raw.githubusercontent.com/HorlogeSkynet/thunderbird-user.js/824edabe6303d6b85a32fcba96901706ed4c5922/user.js";
|
||||||
})}
|
sha256 = "0jg7i39yp21r66azlzk7978qj57rgb8c09d1hccpcw058isgymq6";
|
||||||
|
}
|
||||||
|
)}
|
||||||
${builtins.readFile ./user-overrides.js}
|
${builtins.readFile ./user-overrides.js}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
home.packages = [pkgs.tmux];
|
{
|
||||||
|
home.packages = [ pkgs.tmux ];
|
||||||
|
|
||||||
xdg.configFile."tmux/tmux.conf".text = ''
|
xdg.configFile."tmux/tmux.conf".text = ''
|
||||||
run-shell ${pkgs.tmuxPlugins.sensible.rtp}
|
run-shell ${pkgs.tmuxPlugins.sensible.rtp}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
home.packages = [pkgs.ydict];
|
{
|
||||||
|
home.packages = [ pkgs.ydict ];
|
||||||
home.shellAliases = {
|
home.shellAliases = {
|
||||||
"yd" = "ydict -c";
|
"yd" = "ydict -c";
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
home = {
|
home = {
|
||||||
username = "guanranwang";
|
username = "guanranwang";
|
||||||
homeDirectory = "/home/guanranwang";
|
homeDirectory = "/home/guanranwang";
|
||||||
|
@ -33,20 +34,22 @@
|
||||||
fd
|
fd
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.fish.functions = let
|
programs.fish.functions =
|
||||||
jq = lib.getExe pkgs.jq;
|
let
|
||||||
nix = lib.getExe pkgs.nix;
|
jq = lib.getExe pkgs.jq;
|
||||||
curl = lib.getExe pkgs.curl;
|
nix = lib.getExe pkgs.nix;
|
||||||
in {
|
curl = lib.getExe pkgs.curl;
|
||||||
"pb" = ''
|
in
|
||||||
${jq} -Rns '{text: inputs}' | \
|
{
|
||||||
${curl} -s -H 'Content-Type: application/json' --data-binary @- https://pb.ny4.dev | \
|
"pb" = ''
|
||||||
${jq} -r '. | "https://pb.ny4.dev\(.path)"'
|
${jq} -Rns '{text: inputs}' | \
|
||||||
'';
|
${curl} -s -H 'Content-Type: application/json' --data-binary @- https://pb.ny4.dev | \
|
||||||
|
${jq} -r '. | "https://pb.ny4.dev\(.path)"'
|
||||||
|
'';
|
||||||
|
|
||||||
"getmnter" = ''
|
"getmnter" = ''
|
||||||
${nix} eval nixpkgs#{$argv}.meta.maintainers --json | \
|
${nix} eval nixpkgs#{$argv}.meta.maintainers --json | \
|
||||||
${jq} '.[].github | "@" + .' -r
|
${jq} '.[].github | "@" + .' -r
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
nixpkgs.config = {
|
nixpkgs.config = {
|
||||||
allowNonSource = false;
|
allowNonSource = false;
|
||||||
allowNonSourcePredicate = pkg:
|
allowNonSourcePredicate =
|
||||||
|
pkg:
|
||||||
lib.elem (lib.getName pkg) [
|
lib.elem (lib.getName pkg) [
|
||||||
"adoptopenjdk-hotspot-bin"
|
"adoptopenjdk-hotspot-bin"
|
||||||
"cargo-bootstrap"
|
"cargo-bootstrap"
|
||||||
|
@ -13,7 +15,8 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
allowUnfree = false;
|
allowUnfree = false;
|
||||||
allowUnfreePredicate = pkg:
|
allowUnfreePredicate =
|
||||||
|
pkg:
|
||||||
lib.elem (lib.getName pkg) [
|
lib.elem (lib.getName pkg) [
|
||||||
"broadcom-sta"
|
"broadcom-sta"
|
||||||
"minecraft-server"
|
"minecraft-server"
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# OS
|
# OS
|
||||||
../../nixos/profiles/sing-box
|
../../nixos/profiles/sing-box
|
||||||
|
@ -27,24 +28,25 @@
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
######## Secrets
|
######## Secrets
|
||||||
sops.secrets = lib.mapAttrs (_name: value: value // {sopsFile = ./secrets.yaml;}) {
|
sops.secrets = lib.mapAttrs (_name: value: value // { sopsFile = ./secrets.yaml; }) {
|
||||||
"synapse/secret" = {
|
"synapse/secret" = {
|
||||||
restartUnits = ["matrix-synapse.service"];
|
restartUnits = [ "matrix-synapse.service" ];
|
||||||
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
||||||
};
|
};
|
||||||
"synapse/oidc" = {
|
"synapse/oidc" = {
|
||||||
restartUnits = ["matrix-synapse.service"];
|
restartUnits = [ "matrix-synapse.service" ];
|
||||||
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
owner = config.systemd.services.matrix-synapse.serviceConfig.User;
|
||||||
};
|
};
|
||||||
"syncv3/environment" = {
|
"syncv3/environment" = {
|
||||||
restartUnits = ["matrix-sliding-sync.service"];
|
restartUnits = [ "matrix-sliding-sync.service" ];
|
||||||
};
|
};
|
||||||
"mastodon/environment" = {
|
"mastodon/environment" = {
|
||||||
restartUnits = ["mastodon-web.service"];
|
restartUnits = [ "mastodon-web.service" ];
|
||||||
};
|
};
|
||||||
"cloudflared/secret" = {
|
"cloudflared/secret" = {
|
||||||
restartUnits = ["cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41.service"];
|
restartUnits = [ "cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41.service" ];
|
||||||
owner = config.systemd.services."cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41".serviceConfig.User;
|
owner =
|
||||||
|
config.systemd.services."cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41".serviceConfig.User;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -77,7 +79,10 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.caddy.serviceConfig = {
|
systemd.services.caddy.serviceConfig = {
|
||||||
SupplementaryGroups = ["mastodon" "matrix-synapse"];
|
SupplementaryGroups = [
|
||||||
|
"mastodon"
|
||||||
|
"matrix-synapse"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
inputs,
|
inputs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
inputs.nixpkgs.nixosModules.notDetected
|
inputs.nixpkgs.nixosModules.notDetected
|
||||||
inputs.nixos-hardware.nixosModules.apple-macbook-pro
|
inputs.nixos-hardware.nixosModules.apple-macbook-pro
|
||||||
|
@ -14,9 +15,18 @@
|
||||||
|
|
||||||
services.thermald.enable = true;
|
services.thermald.enable = true;
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
|
boot.initrd.availableKernelModules = [
|
||||||
boot.kernelModules = ["kvm-intel" "wl"];
|
"xhci_pci"
|
||||||
boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
|
"ahci"
|
||||||
|
"usbhid"
|
||||||
|
"usb_storage"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
boot.kernelModules = [
|
||||||
|
"kvm-intel"
|
||||||
|
"wl"
|
||||||
|
];
|
||||||
|
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
|
||||||
|
|
||||||
nixpkgs.hostPlatform = "x86_64-linux";
|
nixpkgs.hostPlatform = "x86_64-linux";
|
||||||
|
|
||||||
|
@ -26,7 +36,7 @@
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/ab9b92a9-b67b-43b4-b0d9-9dd59ccd594b";
|
device = "/dev/disk/by-uuid/ab9b92a9-b67b-43b4-b0d9-9dd59ccd594b";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = ["subvol=@"];
|
options = [ "subvol=@" ];
|
||||||
};
|
};
|
||||||
"/boot" = {
|
"/boot" = {
|
||||||
device = "/dev/disk/by-uuid/E5DE-9C92";
|
device = "/dev/disk/by-uuid/E5DE-9C92";
|
||||||
|
@ -34,6 +44,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
swapDevices = [
|
swapDevices = [
|
||||||
{device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29";}
|
{ device = "/dev/disk/by-uuid/8a2e90a9-5cc2-40fc-82fe-69ef3cd88e29"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
services.mastodon = {
|
services.mastodon = {
|
||||||
enable = true;
|
enable = true;
|
||||||
localDomain = "ny4.dev";
|
localDomain = "ny4.dev";
|
||||||
|
@ -30,7 +31,7 @@
|
||||||
|
|
||||||
systemd.services.mastodon-web = {
|
systemd.services.mastodon-web = {
|
||||||
environment = config.networking.proxy.envVars;
|
environment = config.networking.proxy.envVars;
|
||||||
serviceConfig.EnvironmentFile = [config.sops.secrets."mastodon/environment".path];
|
serviceConfig.EnvironmentFile = [ config.sops.secrets."mastodon/environment".path ];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars;
|
systemd.services.mastodon-sidekiq-all.environment = config.networking.proxy.envVars;
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
services.matrix-synapse = {
|
services.matrix-synapse = {
|
||||||
enable = true;
|
enable = true;
|
||||||
withJemalloc = true;
|
withJemalloc = true;
|
||||||
enableRegistrationScript = false;
|
enableRegistrationScript = false;
|
||||||
extraConfigFiles = [config.sops.secrets."synapse/secret".path];
|
extraConfigFiles = [ config.sops.secrets."synapse/secret".path ];
|
||||||
settings = {
|
settings = {
|
||||||
server_name = "ny4.dev";
|
server_name = "ny4.dev";
|
||||||
public_baseurl = "https://matrix.ny4.dev";
|
public_baseurl = "https://matrix.ny4.dev";
|
||||||
|
@ -14,7 +15,10 @@
|
||||||
type = "http";
|
type = "http";
|
||||||
resources = [
|
resources = [
|
||||||
{
|
{
|
||||||
names = ["client" "federation"];
|
names = [
|
||||||
|
"client"
|
||||||
|
"federation"
|
||||||
|
];
|
||||||
compress = true;
|
compress = true;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -29,7 +33,10 @@
|
||||||
issuer = "https://id.ny4.dev/realms/ny4";
|
issuer = "https://id.ny4.dev/realms/ny4";
|
||||||
client_id = "synapse";
|
client_id = "synapse";
|
||||||
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
client_secret_path = config.sops.secrets."synapse/oidc".path;
|
||||||
scopes = ["openid" "profile"];
|
scopes = [
|
||||||
|
"openid"
|
||||||
|
"profile"
|
||||||
|
];
|
||||||
user_mapping_provider.config = {
|
user_mapping_provider.config = {
|
||||||
localpart_template = "{{ user.preferred_username }}";
|
localpart_template = "{{ user.preferred_username }}";
|
||||||
display_name_template = "{{ user.name }}";
|
display_name_template = "{{ user.name }}";
|
||||||
|
@ -43,7 +50,7 @@
|
||||||
|
|
||||||
systemd.services.matrix-synapse = {
|
systemd.services.matrix-synapse = {
|
||||||
environment = config.networking.proxy.envVars;
|
environment = config.networking.proxy.envVars;
|
||||||
serviceConfig.RuntimeDirectory = ["matrix-synapse"];
|
serviceConfig.RuntimeDirectory = [ "matrix-synapse" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.matrix-sliding-sync = {
|
services.matrix-sliding-sync = {
|
||||||
|
@ -56,7 +63,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.matrix-sliding-sync.serviceConfig = {
|
systemd.services.matrix-sliding-sync.serviceConfig = {
|
||||||
RuntimeDirectory = ["matrix-sliding-sync"];
|
RuntimeDirectory = [ "matrix-sliding-sync" ];
|
||||||
SupplementaryGroups = ["matrix-synapse"];
|
SupplementaryGroups = [ "matrix-synapse" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
services.minecraft-server = {
|
services.minecraft-server = {
|
||||||
enable = true;
|
enable = true;
|
||||||
eula = true;
|
eula = true;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
# TODO: https://github.com/NixOS/nixpkgs/pull/287923
|
# TODO: https://github.com/NixOS/nixpkgs/pull/287923
|
||||||
# currently running qbittorrent-nox with tmux :c
|
# currently running qbittorrent-nox with tmux :c
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
nixpkgs.config = {
|
nixpkgs.config = {
|
||||||
allowAliases = false;
|
allowAliases = false;
|
||||||
|
|
||||||
allowNonSource = false;
|
allowNonSource = false;
|
||||||
allowNonSourcePredicate = pkg:
|
allowNonSourcePredicate =
|
||||||
|
pkg:
|
||||||
lib.elem (lib.getName pkg) [
|
lib.elem (lib.getName pkg) [
|
||||||
"cargo-bootstrap"
|
"cargo-bootstrap"
|
||||||
"cef-binary"
|
"cef-binary"
|
||||||
|
@ -15,7 +17,8 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
allowUnfree = false;
|
allowUnfree = false;
|
||||||
allowUnfreePredicate = pkg:
|
allowUnfreePredicate =
|
||||||
|
pkg:
|
||||||
lib.elem (lib.getName pkg) [
|
lib.elem (lib.getName pkg) [
|
||||||
"fcitx5-pinyin-minecraft"
|
"fcitx5-pinyin-minecraft"
|
||||||
"fcitx5-pinyin-moegirl"
|
"fcitx5-pinyin-moegirl"
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../nixos/profiles/sing-box
|
../../nixos/profiles/sing-box
|
||||||
../../nixos/profiles/wireless
|
../../nixos/profiles/wireless
|
||||||
|
@ -31,8 +32,8 @@
|
||||||
yubikey-manager
|
yubikey-manager
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [53317];
|
networking.firewall.allowedTCPPorts = [ 53317 ];
|
||||||
networking.firewall.allowedUDPPorts = [53317];
|
networking.firewall.allowedUDPPorts = [ 53317 ];
|
||||||
|
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
programs.localsend.enable = true;
|
programs.localsend.enable = true;
|
||||||
|
@ -51,13 +52,13 @@
|
||||||
|
|
||||||
# yubikey
|
# yubikey
|
||||||
services.pcscd.enable = true;
|
services.pcscd.enable = true;
|
||||||
services.udev.packages = [pkgs.yubikey-personalization];
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||||
|
|
||||||
fonts = {
|
fonts = {
|
||||||
enableDefaultPackages = false;
|
enableDefaultPackages = false;
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
(nerdfonts.override {
|
(nerdfonts.override {
|
||||||
fonts = ["NerdFontsSymbolsOnly"];
|
fonts = [ "NerdFontsSymbolsOnly" ];
|
||||||
})
|
})
|
||||||
(inter.overrideAttrs {
|
(inter.overrideAttrs {
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
|
@ -139,9 +140,9 @@
|
||||||
security.polkit.enable = true;
|
security.polkit.enable = true;
|
||||||
systemd.user.services.polkit-gnome-authentication-agent-1 = {
|
systemd.user.services.polkit-gnome-authentication-agent-1 = {
|
||||||
description = "polkit-gnome-authentication-agent-1";
|
description = "polkit-gnome-authentication-agent-1";
|
||||||
wantedBy = ["graphical-session.target"];
|
wantedBy = [ "graphical-session.target" ];
|
||||||
wants = ["graphical-session.target"];
|
wants = [ "graphical-session.target" ];
|
||||||
after = ["graphical-session.target"];
|
after = [ "graphical-session.target" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
|
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
|
||||||
|
@ -151,11 +152,11 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
security.pam.services.swaylock = {};
|
security.pam.services.swaylock = { };
|
||||||
xdg.portal = {
|
xdg.portal = {
|
||||||
enable = true;
|
enable = true;
|
||||||
wlr.enable = true;
|
wlr.enable = true;
|
||||||
extraPortals = [pkgs.xdg-desktop-portal-gtk];
|
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
|
||||||
# https://gitlab.archlinux.org/archlinux/packaging/packages/sway/-/blob/main/sway-portals.conf
|
# https://gitlab.archlinux.org/archlinux/packaging/packages/sway/-/blob/main/sway-portals.conf
|
||||||
config."sway" = {
|
config."sway" = {
|
||||||
default = "gtk";
|
default = "gtk";
|
||||||
|
|
|
@ -1,11 +1,15 @@
|
||||||
let
|
let
|
||||||
# compress-force: https://t.me/archlinuxcn_group/3054167
|
# compress-force: https://t.me/archlinuxcn_group/3054167
|
||||||
mountOptions = ["compress-force=zstd" "noatime"];
|
mountOptions = [
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
];
|
||||||
cryptSettings = {
|
cryptSettings = {
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
bypassWorkqueues = true;
|
bypassWorkqueues = true;
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
disko.devices = {
|
disko.devices = {
|
||||||
disk = {
|
disk = {
|
||||||
"one" = {
|
"one" = {
|
||||||
|
@ -22,7 +26,10 @@ in {
|
||||||
type = "filesystem";
|
type = "filesystem";
|
||||||
format = "vfat";
|
format = "vfat";
|
||||||
mountpoint = "/boot";
|
mountpoint = "/boot";
|
||||||
mountOptions = ["defaults" "umask=007"];
|
mountOptions = [
|
||||||
|
"defaults"
|
||||||
|
"umask=007"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"cryptroot" = {
|
"cryptroot" = {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{inputs, ...}: {
|
{ inputs, ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
inputs.nixpkgs.nixosModules.notDetected
|
inputs.nixpkgs.nixosModules.notDetected
|
||||||
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-12th-gen
|
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-12th-gen
|
||||||
|
@ -21,12 +22,18 @@
|
||||||
boot.loader.timeout = 0;
|
boot.loader.timeout = 0;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
boot.kernelParams = ["ia32_emulation=0"];
|
boot.kernelParams = [ "ia32_emulation=0" ];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
|
boot.initrd.availableKernelModules = [
|
||||||
boot.initrd.kernelModules = [];
|
"xhci_pci"
|
||||||
boot.kernelModules = ["kvm-intel"];
|
"thunderbolt"
|
||||||
boot.extraModulePackages = [];
|
"nvme"
|
||||||
|
"usb_storage"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
nixpkgs.hostPlatform = "x86_64-linux";
|
nixpkgs.hostPlatform = "x86_64-linux";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
./theme.nix
|
./theme.nix
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
config,
|
config,
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
home.pointerCursor = {
|
home.pointerCursor = {
|
||||||
name = "Adwaita";
|
name = "Adwaita";
|
||||||
package = pkgs.adwaita-icon-theme;
|
package = pkgs.adwaita-icon-theme;
|
||||||
|
|
|
@ -1,10 +1,11 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types
|
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types
|
||||||
xdg.mimeApps = {
|
xdg.mimeApps = {
|
||||||
enable = true;
|
enable = true;
|
||||||
defaultApplications =
|
defaultApplications =
|
||||||
{
|
{
|
||||||
"inode/directory" = ["org.gnome.Nautilus.desktop"];
|
"inode/directory" = [ "org.gnome.Nautilus.desktop" ];
|
||||||
}
|
}
|
||||||
### Browser
|
### Browser
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
|
@ -13,7 +14,7 @@
|
||||||
"x-scheme-handler/https"
|
"x-scheme-handler/https"
|
||||||
"x-scheme-handler/about"
|
"x-scheme-handler/about"
|
||||||
"x-scheme-handler/unknown"
|
"x-scheme-handler/unknown"
|
||||||
] (_n: ["firefox.desktop"])
|
] (_n: [ "firefox.desktop" ])
|
||||||
### Audio player
|
### Audio player
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
"audio/aac"
|
"audio/aac"
|
||||||
|
@ -21,31 +22,31 @@
|
||||||
"audio/mpeg"
|
"audio/mpeg"
|
||||||
"audio/ogg"
|
"audio/ogg"
|
||||||
"audio/wav"
|
"audio/wav"
|
||||||
] (_n: ["io.bassi.Amberol.desktop"])
|
] (_n: [ "io.bassi.Amberol.desktop" ])
|
||||||
### Image viewer
|
### Image viewer
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
"image/gif"
|
"image/gif"
|
||||||
"image/jpeg"
|
"image/jpeg"
|
||||||
"image/png"
|
"image/png"
|
||||||
"image/webp"
|
"image/webp"
|
||||||
] (_n: ["org.gnome.Loupe.desktop"])
|
] (_n: [ "org.gnome.Loupe.desktop" ])
|
||||||
### Video player
|
### Video player
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
"video/mp4"
|
"video/mp4"
|
||||||
"video/mpeg"
|
"video/mpeg"
|
||||||
"video/webm"
|
"video/webm"
|
||||||
] (_n: ["mpv.desktop"])
|
] (_n: [ "mpv.desktop" ])
|
||||||
### Code editor
|
### Code editor
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
"text/css"
|
"text/css"
|
||||||
"text/html"
|
"text/html"
|
||||||
"text/javascript"
|
"text/javascript"
|
||||||
"text/plain"
|
"text/plain"
|
||||||
] (_n: ["nvim.desktop"])
|
] (_n: [ "nvim.desktop" ])
|
||||||
### Mail client
|
### Mail client
|
||||||
// lib.genAttrs [
|
// lib.genAttrs [
|
||||||
"x-scheme-handler/mailto"
|
"x-scheme-handler/mailto"
|
||||||
"x-scheme-handler/mid"
|
"x-scheme-handler/mid"
|
||||||
] (_n: ["thunderbird.desktop"]);
|
] (_n: [ "thunderbird.desktop" ]);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
sops.age.sshKeyPaths = lib.mkForce ["/persist/etc/ssh/ssh_host_ed25519_key"];
|
{
|
||||||
|
sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
fileSystems."/persist".neededForBoot = true;
|
fileSystems."/persist".neededForBoot = true;
|
||||||
environment.persistence."/persist" = {
|
environment.persistence."/persist" = {
|
||||||
hideMounts = true;
|
hideMounts = true;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
environment.systemPackages = [pkgs.sbctl];
|
{
|
||||||
|
environment.systemPackages = [ pkgs.sbctl ];
|
||||||
boot.lanzaboote = {
|
boot.lanzaboote = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pkiBundle = "/etc/secureboot";
|
pkiBundle = "/etc/secureboot";
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
nixpkgs.config = {
|
nixpkgs.config = {
|
||||||
allowNonSource = false;
|
allowNonSource = false;
|
||||||
allowNonSourcePredicate = pkg:
|
allowNonSourcePredicate =
|
||||||
|
pkg:
|
||||||
lib.elem (lib.getName pkg) [
|
lib.elem (lib.getName pkg) [
|
||||||
"adoptopenjdk-hotspot-bin"
|
"adoptopenjdk-hotspot-bin"
|
||||||
"cargo-bootstrap"
|
"cargo-bootstrap"
|
||||||
|
@ -12,9 +14,11 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
allowUnfree = false;
|
allowUnfree = false;
|
||||||
allowUnfreePredicate = pkg:
|
allowUnfreePredicate =
|
||||||
lib.elem (lib.getName pkg) [
|
pkg:
|
||||||
];
|
lib.elem (lib.getName pkg)
|
||||||
|
[
|
||||||
|
];
|
||||||
|
|
||||||
permittedInsecurePackages = [
|
permittedInsecurePackages = [
|
||||||
"cinny-4.1.0"
|
"cinny-4.1.0"
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
modulesPath,
|
modulesPath,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${modulesPath}/virtualisation/amazon-image.nix"
|
"${modulesPath}/virtualisation/amazon-image.nix"
|
||||||
./anti-feature.nix
|
./anti-feature.nix
|
||||||
|
@ -33,27 +34,30 @@
|
||||||
systemd.services."print-host-key".enable = false;
|
systemd.services."print-host-key".enable = false;
|
||||||
|
|
||||||
### Secrets
|
### Secrets
|
||||||
sops.secrets = lib.mapAttrs (_name: value: value // {sopsFile = ./secrets.yaml;}) {
|
sops.secrets = lib.mapAttrs (_name: value: value // { sopsFile = ./secrets.yaml; }) {
|
||||||
"hysteria/auth" = {
|
"hysteria/auth" = {
|
||||||
restartUnits = ["hysteria.service"];
|
restartUnits = [ "hysteria.service" ];
|
||||||
};
|
};
|
||||||
"pixivfe/environment" = {
|
"pixivfe/environment" = {
|
||||||
restartUnits = ["pixivfe.service"];
|
restartUnits = [ "pixivfe.service" ];
|
||||||
};
|
};
|
||||||
"searx/environment" = {
|
"searx/environment" = {
|
||||||
restartUnits = ["searx.service"];
|
restartUnits = [ "searx.service" ];
|
||||||
};
|
};
|
||||||
"miniflux/environment" = {
|
"miniflux/environment" = {
|
||||||
restartUnits = ["miniflux.service"];
|
restartUnits = [ "miniflux.service" ];
|
||||||
};
|
};
|
||||||
"vaultwarden/environment" = {
|
"vaultwarden/environment" = {
|
||||||
restartUnits = ["vaultwarden.service"];
|
restartUnits = [ "vaultwarden.service" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
### Services
|
### Services
|
||||||
networking.firewall.allowedUDPPorts = [443]; # hysteria
|
networking.firewall.allowedUDPPorts = [ 443 ]; # hysteria
|
||||||
networking.firewall.allowedTCPPorts = [80 443]; # caddy
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
]; # caddy
|
||||||
|
|
||||||
systemd.tmpfiles.settings = {
|
systemd.tmpfiles.settings = {
|
||||||
"10-www" = {
|
"10-www" = {
|
||||||
|
@ -76,7 +80,7 @@
|
||||||
"cinny" = pkgs.cinny.override {
|
"cinny" = pkgs.cinny.override {
|
||||||
conf = {
|
conf = {
|
||||||
defaultHomeserver = 0;
|
defaultHomeserver = 0;
|
||||||
homeserverList = ["ny4.dev"];
|
homeserverList = [ "ny4.dev" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -122,7 +126,12 @@
|
||||||
services.vnstat.enable = true;
|
services.vnstat.enable = true;
|
||||||
systemd.services."no-bankrupt" = {
|
systemd.services."no-bankrupt" = {
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
path = with pkgs; [coreutils gawk vnstat systemd];
|
path = with pkgs; [
|
||||||
|
coreutils
|
||||||
|
gawk
|
||||||
|
vnstat
|
||||||
|
systemd
|
||||||
|
];
|
||||||
script = ''
|
script = ''
|
||||||
TRAFF_TOTAL=1900
|
TRAFF_TOTAL=1900
|
||||||
TRAFF_USED=$(vnstat --oneline b | awk -F ';' '{print $11}')
|
TRAFF_USED=$(vnstat --oneline b | awk -F ';' '{print $11}')
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
services.forgejo = {
|
services.forgejo = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.forgejo;
|
package = pkgs.forgejo;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
services.hysteria = {
|
services.hysteria = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{pkgs, ...}: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
services.keycloak = {
|
services.keycloak = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
services.miniflux = {
|
services.miniflux = {
|
||||||
enable = true;
|
enable = true;
|
||||||
adminCredentialsFile = config.sops.secrets."miniflux/environment".path;
|
adminCredentialsFile = config.sops.secrets."miniflux/environment".path;
|
||||||
|
|
|
@ -10,5 +10,5 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = ["ntfy-sh"];
|
systemd.services.ntfy-sh.serviceConfig.RuntimeDirectory = [ "ntfy-sh" ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
services.pixivfe = {
|
services.pixivfe = {
|
||||||
enable = true;
|
enable = true;
|
||||||
EnvironmentFile = config.sops.secrets."pixivfe/environment".path;
|
EnvironmentFile = config.sops.secrets."pixivfe/environment".path;
|
||||||
|
@ -13,7 +14,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.pixivfe.serviceConfig = {
|
systemd.services.pixivfe.serviceConfig = {
|
||||||
RuntimeDirectory = ["pixivfe"];
|
RuntimeDirectory = [ "pixivfe" ];
|
||||||
ExecStartPost = pkgs.writeShellScript "pixivfe-unixsocket" ''
|
ExecStartPost = pkgs.writeShellScript "pixivfe-unixsocket" ''
|
||||||
${pkgs.coreutils}/bin/sleep 5
|
${pkgs.coreutils}/bin/sleep 5
|
||||||
${pkgs.coreutils}/bin/chmod 777 /run/pixivfe/pixiv.sock
|
${pkgs.coreutils}/bin/chmod 777 /run/pixivfe/pixiv.sock
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
services.searx = {
|
services.searx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.searxng;
|
package = pkgs.searxng;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{config, ...}: {
|
{ config, ... }:
|
||||||
|
{
|
||||||
services.vaultwarden = {
|
services.vaultwarden = {
|
||||||
enable = true;
|
enable = true;
|
||||||
environmentFile = config.sops.secrets."vaultwarden/environment".path;
|
environmentFile = config.sops.secrets."vaultwarden/environment".path;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{...}: {
|
{ ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./services/hysteria.nix
|
./services/hysteria.nix
|
||||||
./services/pixivfe.nix
|
./services/pixivfe.nix
|
||||||
|
|
|
@ -4,17 +4,22 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
utils,
|
utils,
|
||||||
...
|
...
|
||||||
}: let
|
}:
|
||||||
|
let
|
||||||
cfg = config.services.hysteria;
|
cfg = config.services.hysteria;
|
||||||
settingsFormat = pkgs.formats.json {};
|
settingsFormat = pkgs.formats.json { };
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options.services.hysteria = {
|
options.services.hysteria = {
|
||||||
enable = lib.mkEnableOption "Hysteria, a powerful, lightning fast and censorship resistant proxy";
|
enable = lib.mkEnableOption "Hysteria, a powerful, lightning fast and censorship resistant proxy";
|
||||||
|
|
||||||
package = lib.mkPackageOption pkgs "hysteria" {};
|
package = lib.mkPackageOption pkgs "hysteria" { };
|
||||||
|
|
||||||
mode = lib.mkOption {
|
mode = lib.mkOption {
|
||||||
type = lib.types.enum ["server" "client"];
|
type = lib.types.enum [
|
||||||
|
"server"
|
||||||
|
"client"
|
||||||
|
];
|
||||||
default = "server";
|
default = "server";
|
||||||
description = "Whether to use Hysteria as a client or a server.";
|
description = "Whether to use Hysteria as a client or a server.";
|
||||||
};
|
};
|
||||||
|
@ -23,7 +28,7 @@ in {
|
||||||
type = lib.types.submodule {
|
type = lib.types.submodule {
|
||||||
freeformType = settingsFormat.type;
|
freeformType = settingsFormat.type;
|
||||||
};
|
};
|
||||||
default = {};
|
default = { };
|
||||||
description = ''
|
description = ''
|
||||||
The Hysteria configuration, see https://hysteria.network/ for documentation.
|
The Hysteria configuration, see https://hysteria.network/ for documentation.
|
||||||
|
|
||||||
|
@ -38,10 +43,10 @@ in {
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
systemd.services."hysteria" = {
|
systemd.services."hysteria" = {
|
||||||
description = "Hysteria daemon, a powerful, lightning fast and censorship resistant proxy.";
|
description = "Hysteria daemon, a powerful, lightning fast and censorship resistant proxy.";
|
||||||
documentation = ["https://hysteria.network/"];
|
documentation = [ "https://hysteria.network/" ];
|
||||||
wantedBy = ["multi-user.target"];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = ["network-online.target"];
|
after = [ "network-online.target" ];
|
||||||
wants = ["network-online.target"];
|
wants = [ "network-online.target" ];
|
||||||
preStart = utils.genJqSecretsReplacementSnippet cfg.settings "/var/lib/private/hysteria/config.json";
|
preStart = utils.genJqSecretsReplacementSnippet cfg.settings "/var/lib/private/hysteria/config.json";
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = lib.concatStringsSep " " [
|
ExecStart = lib.concatStringsSep " " [
|
||||||
|
@ -54,8 +59,16 @@ in {
|
||||||
StateDirectory = "hysteria";
|
StateDirectory = "hysteria";
|
||||||
|
|
||||||
### Hardening
|
### Hardening
|
||||||
AmbientCapabilities = ["CAP_NET_ADMIN" "CAP_NET_BIND_SERVICE" "CAP_NET_RAW"];
|
AmbientCapabilities = [
|
||||||
CapabilityBoundingSet = ["CAP_NET_ADMIN" "CAP_NET_BIND_SERVICE" "CAP_NET_RAW"];
|
"CAP_NET_ADMIN"
|
||||||
|
"CAP_NET_BIND_SERVICE"
|
||||||
|
"CAP_NET_RAW"
|
||||||
|
];
|
||||||
|
CapabilityBoundingSet = [
|
||||||
|
"CAP_NET_ADMIN"
|
||||||
|
"CAP_NET_BIND_SERVICE"
|
||||||
|
"CAP_NET_RAW"
|
||||||
|
];
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
PrivateMounts = true;
|
PrivateMounts = true;
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
|
|
|
@ -4,13 +4,17 @@
|
||||||
inputs,
|
inputs,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}:
|
||||||
|
let
|
||||||
cfg = config.services.pixivfe;
|
cfg = config.services.pixivfe;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options.services.pixivfe = {
|
options.services.pixivfe = {
|
||||||
enable = lib.mkEnableOption "PixivFE, a privacy respecting frontend for Pixiv";
|
enable = lib.mkEnableOption "PixivFE, a privacy respecting frontend for Pixiv";
|
||||||
|
|
||||||
package = lib.mkPackageOption inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system} "pixivfe" {};
|
package =
|
||||||
|
lib.mkPackageOption inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system} "pixivfe"
|
||||||
|
{ };
|
||||||
|
|
||||||
openFirewall = lib.mkEnableOption "open ports in the firewall needed for the daemon to function";
|
openFirewall = lib.mkEnableOption "open ports in the firewall needed for the daemon to function";
|
||||||
|
|
||||||
|
@ -46,10 +50,7 @@ in {
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
assertions = [
|
assertions = [
|
||||||
{
|
{
|
||||||
assertion =
|
assertion = if cfg.openFirewall then (cfg.settings ? PIXIVFE_PORT) else true;
|
||||||
if cfg.openFirewall
|
|
||||||
then (cfg.settings ? PIXIVFE_PORT)
|
|
||||||
else true;
|
|
||||||
message = ''
|
message = ''
|
||||||
PIXIVFE_PORT must be specified for NixOS to open a port.
|
PIXIVFE_PORT must be specified for NixOS to open a port.
|
||||||
|
|
||||||
|
@ -58,9 +59,10 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
assertion =
|
assertion =
|
||||||
if (cfg.EnvironmentFile == null)
|
if (cfg.EnvironmentFile == null) then
|
||||||
then (cfg.settings ? PIXIVFE_UNIXSOCKET) || (cfg.settings ? PIXIVFE_PORT)
|
(cfg.settings ? PIXIVFE_UNIXSOCKET) || (cfg.settings ? PIXIVFE_PORT)
|
||||||
else true;
|
else
|
||||||
|
true;
|
||||||
message = ''
|
message = ''
|
||||||
PIXIVFE_PORT or PIXIVFE_UNIXSOCKET must be set for PixivFE to run.
|
PIXIVFE_PORT or PIXIVFE_UNIXSOCKET must be set for PixivFE to run.
|
||||||
|
|
||||||
|
@ -68,10 +70,7 @@ in {
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
assertion =
|
assertion = if (cfg.EnvironmentFile == null) then cfg.settings ? PIXIVFE_TOKEN else true;
|
||||||
if (cfg.EnvironmentFile == null)
|
|
||||||
then cfg.settings ? PIXIVFE_TOKEN
|
|
||||||
else true;
|
|
||||||
message = ''
|
message = ''
|
||||||
PIXIVFE_TOKEN must be set for PixivFE to run.
|
PIXIVFE_TOKEN must be set for PixivFE to run.
|
||||||
|
|
||||||
|
@ -82,23 +81,21 @@ in {
|
||||||
|
|
||||||
systemd.services."pixivfe" = {
|
systemd.services."pixivfe" = {
|
||||||
description = "PixivFE, a privacy respecting frontend for Pixiv.";
|
description = "PixivFE, a privacy respecting frontend for Pixiv.";
|
||||||
documentation = ["https://pixivfe.pages.dev/"];
|
documentation = [ "https://pixivfe.pages.dev/" ];
|
||||||
wantedBy = ["multi-user.target"];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = ["network-online.target"];
|
after = [ "network-online.target" ];
|
||||||
wants = ["network-online.target"];
|
wants = [ "network-online.target" ];
|
||||||
environment = lib.mkIf (cfg.settings != null) (lib.mapAttrs (_: v:
|
environment = lib.mkIf (cfg.settings != null) (
|
||||||
if lib.isBool v
|
lib.mapAttrs (_: v: if lib.isBool v then lib.boolToString v else toString v) cfg.settings
|
||||||
then lib.boolToString v
|
);
|
||||||
else toString v)
|
|
||||||
cfg.settings);
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
inherit (cfg) EnvironmentFile;
|
inherit (cfg) EnvironmentFile;
|
||||||
ExecStart = lib.getExe cfg.package;
|
ExecStart = lib.getExe cfg.package;
|
||||||
DynamicUser = true;
|
DynamicUser = true;
|
||||||
|
|
||||||
### Hardening
|
### Hardening
|
||||||
AmbientCapabilities = ["CAP_NET_BIND_SERVICE"]; # For ports <= 1024
|
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; # For ports <= 1024
|
||||||
CapabilityBoundingSet = ["CAP_NET_BIND_SERVICE"];
|
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
PrivateMounts = true;
|
PrivateMounts = true;
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
|
@ -122,7 +119,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||||
allowedTCPPorts = [cfg.settings.PIXIVFE_PORT];
|
allowedTCPPorts = [ cfg.settings.PIXIVFE_PORT ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,8 @@
|
||||||
inputs,
|
inputs,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
./hardening.nix
|
./hardening.nix
|
||||||
|
@ -29,7 +30,9 @@
|
||||||
users.guanranwang = import ../../../home;
|
users.guanranwang = import ../../../home;
|
||||||
useGlobalPkgs = true;
|
useGlobalPkgs = true;
|
||||||
useUserPackages = true;
|
useUserPackages = true;
|
||||||
extraSpecialArgs = {inherit inputs;};
|
extraSpecialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||||
|
@ -80,13 +83,13 @@
|
||||||
|
|
||||||
# Avoid TOFU MITM with github by providing their public key here.
|
# Avoid TOFU MITM with github by providing their public key here.
|
||||||
programs.ssh.knownHosts = {
|
programs.ssh.knownHosts = {
|
||||||
"github.com".hostNames = ["github.com"];
|
"github.com".hostNames = [ "github.com" ];
|
||||||
"github.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
"github.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
||||||
|
|
||||||
"gitlab.com".hostNames = ["gitlab.com"];
|
"gitlab.com".hostNames = [ "gitlab.com" ];
|
||||||
"gitlab.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf";
|
"gitlab.com".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf";
|
||||||
|
|
||||||
"git.sr.ht".hostNames = ["git.sr.ht"];
|
"git.sr.ht".hostNames = [ "git.sr.ht" ];
|
||||||
"git.sr.ht".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZvRd4EtM7R+IHVMWmDkVU3VLQTSwQDSAvW0t2Tkj60";
|
"git.sr.ht".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZvRd4EtM7R+IHVMWmDkVU3VLQTSwQDSAvW0t2Tkj60";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -120,8 +123,8 @@
|
||||||
### sops-nix
|
### sops-nix
|
||||||
sops = {
|
sops = {
|
||||||
defaultSopsFile = ../../../secrets.yaml;
|
defaultSopsFile = ../../../secrets.yaml;
|
||||||
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
gnupg.sshKeyPaths = [];
|
gnupg.sshKeyPaths = [ ];
|
||||||
secrets."hashed-passwd".neededForUsers = true;
|
secrets."hashed-passwd".neededForUsers = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
services.resolved.enable = true;
|
services.resolved.enable = true;
|
||||||
|
|
||||||
### https://wiki.archlinux.org/title/Sysctl#Improving_performance
|
### https://wiki.archlinux.org/title/Sysctl#Improving_performance
|
||||||
boot.kernelModules = ["tcp_bbr"];
|
boot.kernelModules = [ "tcp_bbr" ];
|
||||||
boot.kernel.sysctl = {
|
boot.kernel.sysctl = {
|
||||||
"net.core.default_qdisc" = "cake";
|
"net.core.default_qdisc" = "cake";
|
||||||
"net.ipv4.tcp_congestion_control" = "bbr";
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
config,
|
config,
|
||||||
inputs,
|
inputs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
nix.settings = {
|
nix.settings = {
|
||||||
substituters =
|
substituters =
|
||||||
(lib.optionals (config.time.timeZone == "Asia/Shanghai") [
|
(lib.optionals (config.time.timeZone == "Asia/Shanghai") [
|
||||||
|
@ -26,7 +27,7 @@
|
||||||
"no-url-literals"
|
"no-url-literals"
|
||||||
];
|
];
|
||||||
flake-registry = "";
|
flake-registry = "";
|
||||||
trusted-users = ["@wheel"];
|
trusted-users = [ "@wheel" ];
|
||||||
allow-import-from-derivation = false;
|
allow-import-from-derivation = false;
|
||||||
auto-allocate-uids = true;
|
auto-allocate-uids = true;
|
||||||
auto-optimise-store = true;
|
auto-optimise-store = true;
|
||||||
|
@ -38,7 +39,7 @@
|
||||||
nix = {
|
nix = {
|
||||||
# Add each flake input as a registry
|
# Add each flake input as a registry
|
||||||
# To make nix3 commands consistent with the flake
|
# To make nix3 commands consistent with the flake
|
||||||
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
|
||||||
|
|
||||||
# Disable nix-channel
|
# Disable nix-channel
|
||||||
channel.enable = false;
|
channel.enable = false;
|
||||||
|
@ -52,7 +53,7 @@
|
||||||
extraOptions = "!include ${config.sops.secrets.nix-access-tokens.path}";
|
extraOptions = "!include ${config.sops.secrets.nix-access-tokens.path}";
|
||||||
};
|
};
|
||||||
|
|
||||||
users.groups."nix-access-tokens" = {};
|
users.groups."nix-access-tokens" = { };
|
||||||
sops.secrets."nix-access-tokens" = {
|
sops.secrets."nix-access-tokens" = {
|
||||||
group = config.users.groups."nix-access-tokens".name;
|
group = config.users.groups."nix-access-tokens".name;
|
||||||
mode = "0440";
|
mode = "0440";
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
services.zram-generator = {
|
services.zram-generator = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings.zram0 = {
|
settings.zram0 = {
|
||||||
|
|
|
@ -2,14 +2,16 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
foot.terminfo
|
foot.terminfo
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO: colmena
|
# TODO: colmena
|
||||||
services.openssh.settings.PermitRootLogin = "prohibit-password";
|
services.openssh.settings.PermitRootLogin = "prohibit-password";
|
||||||
users.users."root".openssh.authorizedKeys.keys = config.users.users.guanranwang.openssh.authorizedKeys.keys;
|
users.users."root".openssh.authorizedKeys.keys =
|
||||||
|
config.users.users.guanranwang.openssh.authorizedKeys.keys;
|
||||||
|
|
||||||
time.timeZone = "UTC";
|
time.timeZone = "UTC";
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
services.sing-box = {
|
services.sing-box = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -94,16 +95,18 @@
|
||||||
httpsProxy = "http://127.0.0.1:1080/";
|
httpsProxy = "http://127.0.0.1:1080/";
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.shellAliases = let
|
environment.shellAliases =
|
||||||
inherit (config.networking.proxy) httpProxy httpsProxy;
|
let
|
||||||
in {
|
inherit (config.networking.proxy) httpProxy httpsProxy;
|
||||||
"setproxy" = "export http_proxy=${httpProxy} https_proxy=${httpsProxy}";
|
in
|
||||||
"unsetproxy" = "set -e http_proxy https_proxy";
|
{
|
||||||
};
|
"setproxy" = "export http_proxy=${httpProxy} https_proxy=${httpsProxy}";
|
||||||
|
"unsetproxy" = "set -e http_proxy https_proxy";
|
||||||
|
};
|
||||||
|
|
||||||
### sops-nix
|
### sops-nix
|
||||||
sops.secrets."sing-box/tyo0" = {
|
sops.secrets."sing-box/tyo0" = {
|
||||||
restartUnits = ["sing-box.service"];
|
restartUnits = [ "sing-box.service" ];
|
||||||
sopsFile = ./secrets.yaml;
|
sopsFile = ./secrets.yaml;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{lib, ...}: {
|
{ lib, ... }:
|
||||||
sops.secrets = lib.mapAttrs (_name: value: value // {sopsFile = ./secrets.yaml;}) {
|
{
|
||||||
|
sops.secrets = lib.mapAttrs (_name: value: value // { sopsFile = ./secrets.yaml; }) {
|
||||||
"wireless/wangxiaobo".path = "/var/lib/iwd/wangxiaobo.psk";
|
"wireless/wangxiaobo".path = "/var/lib/iwd/wangxiaobo.psk";
|
||||||
"wireless/ImmortalWrt".path = "/var/lib/iwd/ImmortalWrt.psk";
|
"wireless/ImmortalWrt".path = "/var/lib/iwd/ImmortalWrt.psk";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
let
|
let
|
||||||
addPatches = pkg: patches:
|
addPatches =
|
||||||
|
pkg: patches:
|
||||||
pkg.overrideAttrs (old: {
|
pkg.overrideAttrs (old: {
|
||||||
patches = (old.patches or []) ++ patches;
|
patches = (old.patches or [ ]) ++ patches;
|
||||||
});
|
});
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
patches = _final: prev: {
|
patches = _final: prev: {
|
||||||
# https://aur.archlinux.org/pkgbase/nautilus-typeahead
|
# https://aur.archlinux.org/pkgbase/nautilus-typeahead
|
||||||
nautilus = prev.nautilus.overrideAttrs {
|
nautilus = prev.nautilus.overrideAttrs {
|
||||||
|
@ -21,39 +23,42 @@ in {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
qt6Packages = prev.qt6Packages.overrideScope (_final': prev': {
|
qt6Packages = prev.qt6Packages.overrideScope (
|
||||||
# HACK: no more qt5
|
_final': prev': {
|
||||||
fcitx5-with-addons = prev'.fcitx5-with-addons.override {
|
# HACK: no more qt5
|
||||||
libsForQt5.fcitx5-qt = prev.emptyDirectory;
|
fcitx5-with-addons = prev'.fcitx5-with-addons.override {
|
||||||
};
|
libsForQt5.fcitx5-qt = prev.emptyDirectory;
|
||||||
|
};
|
||||||
|
|
||||||
# HACK: no more qtwebengine, opencc
|
# HACK: no more qtwebengine, opencc
|
||||||
fcitx5-chinese-addons =
|
fcitx5-chinese-addons =
|
||||||
(prev'.fcitx5-chinese-addons.override {
|
(prev'.fcitx5-chinese-addons.override {
|
||||||
curl = prev.emptyDirectory;
|
curl = prev.emptyDirectory;
|
||||||
opencc = prev.emptyDirectory;
|
opencc = prev.emptyDirectory;
|
||||||
qtwebengine = prev.emptyDirectory;
|
qtwebengine = prev.emptyDirectory;
|
||||||
})
|
}).overrideAttrs
|
||||||
.overrideAttrs (oldAttrs: {
|
(oldAttrs: {
|
||||||
buildInputs = oldAttrs.buildInputs ++ [prev.gettext prev'.qtbase];
|
buildInputs = oldAttrs.buildInputs ++ [
|
||||||
cmakeFlags =
|
prev.gettext
|
||||||
oldAttrs.cmakeFlags
|
prev'.qtbase
|
||||||
++ [
|
];
|
||||||
(prev.lib.cmakeBool "ENABLE_BROWSER" false)
|
cmakeFlags = oldAttrs.cmakeFlags ++ [
|
||||||
(prev.lib.cmakeBool "ENABLE_CLOUDPINYIN" false)
|
(prev.lib.cmakeBool "ENABLE_BROWSER" false)
|
||||||
(prev.lib.cmakeBool "ENABLE_OPENCC" false)
|
(prev.lib.cmakeBool "ENABLE_CLOUDPINYIN" false)
|
||||||
];
|
(prev.lib.cmakeBool "ENABLE_OPENCC" false)
|
||||||
});
|
];
|
||||||
});
|
});
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
# HACK: no more gtk2
|
# HACK: no more gtk2
|
||||||
gnome-themes-extra =
|
gnome-themes-extra =
|
||||||
(prev.gnome-themes-extra.override {
|
(prev.gnome-themes-extra.override {
|
||||||
gtk2 = prev.emptyDirectory;
|
gtk2 = prev.emptyDirectory;
|
||||||
})
|
}).overrideAttrs
|
||||||
.overrideAttrs {
|
{
|
||||||
configureFlags = ["--disable-gtk2-engine"];
|
configureFlags = [ "--disable-gtk2-engine" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
sway-unwrapped = addPatches prev.sway-unwrapped [
|
sway-unwrapped = addPatches prev.sway-unwrapped [
|
||||||
# text_input: Implement input-method popups
|
# text_input: Implement input-method popups
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
|
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
|
||||||
# only keeping some packages that only fits for personal use.
|
# only keeping some packages that only fits for personal use.
|
||||||
pkgs: let
|
pkgs:
|
||||||
|
let
|
||||||
inherit (pkgs) callPackage;
|
inherit (pkgs) callPackage;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
# https://github.com/NixOS/nixpkgs/pull/308720
|
# https://github.com/NixOS/nixpkgs/pull/308720
|
||||||
pixivfe = callPackage ./pixivfe.nix {};
|
pixivfe = callPackage ./pixivfe.nix { };
|
||||||
|
|
||||||
background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src;
|
background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src;
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,7 @@ buildGoModule rec {
|
||||||
"-w"
|
"-w"
|
||||||
];
|
];
|
||||||
|
|
||||||
nativeBuildInputs = [makeBinaryWrapper];
|
nativeBuildInputs = [ makeBinaryWrapper ];
|
||||||
|
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
mkdir -p $out/share/pixivfe
|
mkdir -p $out/share/pixivfe
|
||||||
|
@ -37,7 +37,7 @@ buildGoModule rec {
|
||||||
homepage = "https://codeberg.org/VnPower/PixivFE";
|
homepage = "https://codeberg.org/VnPower/PixivFE";
|
||||||
license = lib.licenses.agpl3Only;
|
license = lib.licenses.agpl3Only;
|
||||||
mainProgram = "pixivfe";
|
mainProgram = "pixivfe";
|
||||||
maintainers = with lib.maintainers; [Guanran928];
|
maintainers = with lib.maintainers; [ Guanran928 ];
|
||||||
platforms = lib.platforms.linux;
|
platforms = lib.platforms.linux;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
projectRootFile = "flake.nix";
|
projectRootFile = "flake.nix";
|
||||||
|
|
||||||
### nix
|
### nix
|
||||||
programs.alejandra.enable = true;
|
programs.nixfmt.enable = true;
|
||||||
programs.deadnix.enable = true;
|
programs.deadnix.enable = true;
|
||||||
programs.statix.enable = true;
|
programs.statix.enable = true;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue