Compare commits
8 commits
faf34f2718
...
c19f0ef0e1
| Author | SHA1 | Date | |
|---|---|---|---|
c19f0ef0e1
|
|||
|
b5b4208b30
|
|||
|
16898eaa7c
|
|||
|
ae6ab3ca6e
|
|||
|
10051bd92e
|
|||
|
0fed8fd708
|
|||
|
9a903869a3
|
|||
|
f45dd5d1df
|
17 changed files with 119 additions and 164 deletions
38
flake.lock
38
flake.lock
|
|
@ -27,11 +27,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723080788,
|
||||
"narHash": "sha256-C5LbM5VMdcolt9zHeLQ0bYMRjUL+N+AL5pK7/tVTdes=",
|
||||
"lastModified": 1723426710,
|
||||
"narHash": "sha256-yrS9al6l3fYfFfvovnyBWnyELDQOdfKyai4K/jKgoBw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "ffc1f95f6c28e1c6d1e587b51a2147027a3e45ed",
|
||||
"rev": "0d510fe40b56ed74907a021d7e1ffd0042592914",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -122,11 +122,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723015306,
|
||||
"narHash": "sha256-jQnFEtH20/OsDPpx71ntZzGdRlpXhUENSQCGTjn//NA=",
|
||||
"lastModified": 1723399884,
|
||||
"narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "b3d5ea65d88d67d4ec578ed11d4d2d51e3de525e",
|
||||
"rev": "086f619dd991a4d355c07837448244029fc2d9ab",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -251,16 +251,16 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1723316219,
|
||||
"narHash": "sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y=",
|
||||
"lastModified": 1723603349,
|
||||
"narHash": "sha256-VMg6N7MryOuvSJ8Sj6YydarnUCkL7cvMdrMcnsJnJCE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "bef98989a27429e1cb9e3d9c25701ba2da742af2",
|
||||
"rev": "daf7bb95821b789db24fc1ac21f613db0c1bf2cb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable-small",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
@ -323,11 +323,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723343015,
|
||||
"narHash": "sha256-oS8Qhpo71B/6OOsuVBFJbems7RKD/5e3TN2AdXhwMjg=",
|
||||
"lastModified": 1723602049,
|
||||
"narHash": "sha256-Z/noCSn9WPkv7O77dWKLcBxe4Ub4bWyNzsL5JhjaQfw=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "ed4fe9af3814694d59c572649e881a6aa6eba533",
|
||||
"rev": "ea0bf33a11a26a62c60123c49d96011da396602c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -346,11 +346,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722897572,
|
||||
"narHash": "sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb+N4Ap4=",
|
||||
"lastModified": 1723501126,
|
||||
"narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9",
|
||||
"rev": "be0eec2d27563590194a9206f551a6f73d52fa34",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -381,11 +381,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1723303070,
|
||||
"narHash": "sha256-krGNVA30yptyRonohQ+i9cnK+CfCpedg6z3qzqVJcTs=",
|
||||
"lastModified": 1723454642,
|
||||
"narHash": "sha256-S0Gvsenh0II7EAaoc9158ZB4vYyuycvMGKGxIbERNAM=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "14c092e0326de759e16b37535161b3cb9770cea3",
|
||||
"rev": "349de7bc435bdff37785c2466f054ed1766173be",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
# `nixpkgs-unstable` contains less(?) jobs, and usually updates faster.
|
||||
#
|
||||
# REFERENCE: https://discourse.nixos.org/t/differences-between-nix-channels/13998/5
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||
|
||||
disko = {
|
||||
url = "github:nix-community/disko";
|
||||
|
|
|
|||
|
|
@ -1,25 +1,22 @@
|
|||
{pkgs, ...}: {
|
||||
home.packages = with pkgs; [
|
||||
# lsp
|
||||
alejandra
|
||||
colmena
|
||||
comma
|
||||
deadnix
|
||||
nh
|
||||
nil
|
||||
statix
|
||||
|
||||
# nixpkgs PRs
|
||||
nix-diff
|
||||
nix-index
|
||||
nix-init
|
||||
nix-output-monitor
|
||||
nix-tree
|
||||
nix-update
|
||||
nixfmt-rfc-style
|
||||
nixpkgs-review
|
||||
|
||||
# misc
|
||||
colmena
|
||||
comma
|
||||
nh
|
||||
nix-index
|
||||
nix-output-monitor
|
||||
nix-tree
|
||||
nurl
|
||||
sops
|
||||
statix
|
||||
];
|
||||
|
||||
# nh
|
||||
|
|
|
|||
|
|
@ -35,12 +35,8 @@
|
|||
checkConfig = false; # wtf?
|
||||
wrapperFeatures.gtk = true;
|
||||
systemd.xdgAutostart = true;
|
||||
xwayland = false;
|
||||
config = {
|
||||
### Startup
|
||||
startup = [
|
||||
{command = "systemctl --user import-environment PATH";}
|
||||
];
|
||||
|
||||
### Visuals
|
||||
output."*".bg = "${inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background} fill";
|
||||
bars = [
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
daemonize = true;
|
||||
show-failed-attempts = true;
|
||||
show-keyboard-layout = true;
|
||||
image = toString inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background.dark;
|
||||
image = toString inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.background;
|
||||
scaling = "fill";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -71,13 +71,6 @@
|
|||
runHook postInstall
|
||||
'';
|
||||
})
|
||||
(source-sans.overrideAttrs {
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
install -Dm444 VF/*.otf -t $out/share/fonts/variable
|
||||
runHook postInstall
|
||||
'';
|
||||
})
|
||||
(source-serif.overrideAttrs {
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
|
@ -87,29 +80,44 @@
|
|||
})
|
||||
source-han-sans-vf-otf
|
||||
source-han-serif-vf-otf
|
||||
noto-fonts
|
||||
noto-fonts-color-emoji
|
||||
];
|
||||
fontconfig.defaultFonts = {
|
||||
emoji = [
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
# Append emoji font for Qt apps, they might use the monochrome emoji
|
||||
monospace = [
|
||||
"JetBrains Mono"
|
||||
"Source Han Sans SC VF"
|
||||
"Symbols Nerd Font"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
sansSerif = [
|
||||
"Inter Variable"
|
||||
"Source Han Sans SC VF"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
serif = [
|
||||
"Source Serif 4 Variable"
|
||||
"Source Han Serif SC VF"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
fontconfig = {
|
||||
defaultFonts = {
|
||||
emoji = [
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
# Append emoji font for Qt apps, they might use the monochrome emoji
|
||||
monospace = [
|
||||
"JetBrains Mono"
|
||||
"Source Han Sans SC VF"
|
||||
"Symbols Nerd Font"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
sansSerif = [
|
||||
"Inter Variable"
|
||||
"Source Han Sans SC VF"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
serif = [
|
||||
"Source Serif 4 Variable"
|
||||
"Source Han Serif SC VF"
|
||||
"Noto Color Emoji"
|
||||
];
|
||||
};
|
||||
# GitHub perfers Noto Sans...
|
||||
localConf = ''
|
||||
<selectfont>
|
||||
<rejectfont>
|
||||
<pattern>
|
||||
<patelt name="family">
|
||||
<string>Noto Sans</string>
|
||||
</patelt>
|
||||
</pattern>
|
||||
</rejectfont>
|
||||
</selectfont>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -121,10 +129,7 @@
|
|||
services.greetd = {
|
||||
enable = true;
|
||||
settings.default_session.command = "${lib.getExe pkgs.greetd.tuigreet} --cmd ${pkgs.writeShellScript "sway" ''
|
||||
while read -r l; do
|
||||
eval export $l
|
||||
done < <(/run/current-system/systemd/lib/systemd/user-environment-generators/30-systemd-environment-d-generator)
|
||||
|
||||
dbus-update-activation-environment --all --systemd
|
||||
exec systemd-cat --identifier=sway sway
|
||||
''}";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,8 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
{pkgs, ...}: {
|
||||
imports =
|
||||
[
|
||||
./theme.nix
|
||||
|
|
@ -38,7 +34,6 @@
|
|||
loupe
|
||||
mousai
|
||||
seahorse
|
||||
inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system}.scripts.lofi
|
||||
];
|
||||
|
||||
programs.obs-studio.enable = true;
|
||||
|
|
|
|||
|
|
@ -85,26 +85,30 @@ id.ny4.dev {
|
|||
element.ny4.dev {
|
||||
import default
|
||||
root * @element@
|
||||
header X-Frame-Options SAMEORIGIN;
|
||||
header X-Content-Type-Options nosniff;
|
||||
header X-XSS-Protection "1; mode=block";
|
||||
header Content-Security-Policy "frame-ancestors 'self'";
|
||||
file_server
|
||||
}
|
||||
|
||||
cinny.ny4.dev {
|
||||
import default
|
||||
|
||||
@index {
|
||||
not path /index.html
|
||||
not path /public/*
|
||||
not path /assets/*
|
||||
not path /config.json
|
||||
not path /manifest.json
|
||||
not path /pdf.worker.min.js
|
||||
not path /olm.wasm
|
||||
path /*
|
||||
}
|
||||
@index {
|
||||
not path /index.html
|
||||
not path /public/*
|
||||
not path /assets/*
|
||||
not path /config.json
|
||||
not path /manifest.json
|
||||
not path /pdf.worker.min.js
|
||||
not path /olm.wasm
|
||||
path /*
|
||||
}
|
||||
|
||||
root * @cinny@
|
||||
rewrite /*/olm.wasm /olm.wasm
|
||||
rewrite @index /index.html
|
||||
root * @cinny@
|
||||
rewrite /*/olm.wasm /olm.wasm
|
||||
rewrite @index /index.html
|
||||
file_server
|
||||
}
|
||||
|
||||
|
|
@ -122,3 +126,8 @@ reddit.ny4.dev {
|
|||
import default
|
||||
reverse_proxy localhost:9400
|
||||
}
|
||||
|
||||
vault.ny4.dev {
|
||||
import default
|
||||
reverse_proxy localhost:9500
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@
|
|||
./services/ntfy.nix
|
||||
./services/pixivfe.nix
|
||||
./services/searx.nix
|
||||
./services/vaultwarden.nix
|
||||
];
|
||||
|
||||
time.timeZone = "Asia/Tokyo";
|
||||
|
|
@ -47,6 +48,9 @@
|
|||
"miniflux/environment" = {
|
||||
restartUnits = ["miniflux.service"];
|
||||
};
|
||||
"vaultwarden/environment" = {
|
||||
restartUnits = ["vaultwarden.service"];
|
||||
};
|
||||
};
|
||||
|
||||
### Services
|
||||
|
|
|
|||
|
|
@ -6,6 +6,8 @@ pixivfe:
|
|||
environment: ENC[AES256_GCM,data:/Q/rShBXlXkWOOP+7OhKtKTSrp2zNizMaAOyKfWbKgJMHTjNfmMtRuGKRez9KXM5MDIMIF9iJSQ=,iv:whIAkaWiZcZT4HfmJw4qA+fbQ9zHFp+kTuHxQDE3XoU=,tag:FroLTMtNwGlvZw3osftj3A==,type:str]
|
||||
miniflux:
|
||||
environment: ENC[AES256_GCM,data:eT1rVeXbDANk/+9xmxmTHvMNofyplNGvVFgTj4lFQlJSHTi+br1qfg0tddf5aCtE8cNGt0fNm63qguI2Df/+KWENhb0vCpjRG7zryfBhEwMP5jkVgDnaHYolS1z3OmhlEpE=,iv:tWAUCtlk8wDGWGmn7j00QOVwjPYDkTPDGpyxd1pP6ig=,tag:gLNdzK9GZ/m5mWL5YNrzyQ==,type:str]
|
||||
vaultwarden:
|
||||
environment: ENC[AES256_GCM,data:+pcUVL7yVXKVp57/feHHWmSuH/2B0hLtADxZWCQOOMG+M3UQh+4dHA5debiv,iv:Zy6xn4Z4VwVXfWWjVeCYY/gRnDp//7yUPLbtLuABFPY=,tag:LxEc31YhgyjEhDrqoJxCJw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -30,8 +32,8 @@ sops:
|
|||
R1ZMMG1jWnljNWl5Nk5MU3RCMlFPYjgKL1ScxzF0D1R18H+oe6dlxUGlL9myHEr3
|
||||
3HBPoapKCSQ/cT7Xma4bsWD1AVJIf1Ak+MeCs9ItGwKAcnd9JYZ9KA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-07-18T09:46:47Z"
|
||||
mac: ENC[AES256_GCM,data:EJsQO/XsF8SpyEP8s9u1DXQkSsqodknF9ibl94/kOOIutx9ML+L0ltYA3+/eW17K9Mwvy6CyojKiQLiYgL2RLJd1zxZKedmp+l3klu1im8Wocwh073nemHIR1J6H5hoE6y36tDCXRrMDbWIfMjvlp6FlhFsI/n3Na1iCDall6mA=,iv:O9Y0j5G3sE67Bfz0MhcPYYpU71cGgtIdde8a1WQiigs=,tag:eNIvBVu7LPnC5s2f3MzptQ==,type:str]
|
||||
lastmodified: "2024-08-12T12:55:54Z"
|
||||
mac: ENC[AES256_GCM,data:H1zm+Rk9F9SkRbANU4GYjhZpys3e5qQNBBsdIbgXD3AZTAKZVyemT6Vb8k0ufkfzQ98L0Xrm/S1JQFvcyaZqRHv+C2GW3F34FlSS4IOtaJz9IgVIdvaM4WvaOTtpC5B+5CKnA/oBPOmhEBCdi2LIjzrUltEzKpemWHkIIT2eHQA=,iv:1RCjLEz0W+tHQep4EguweYKSfePXa1VE3+gzlcFsAug=,tag:Oonqihfe83l5SNOmLjOPYg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.0
|
||||
|
|
|
|||
17
hosts/tyo0/services/vaultwarden.nix
Normal file
17
hosts/tyo0/services/vaultwarden.nix
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
{config, ...}: {
|
||||
services.vaultwarden = {
|
||||
enable = true;
|
||||
environmentFile = config.sops.secrets."vaultwarden/environment".path;
|
||||
config = {
|
||||
DOMAIN = "https://vault.ny4.dev";
|
||||
IP_HEADER = "X-Forwarded-For";
|
||||
ROCKET_ADDRESS = "127.0.0.1";
|
||||
ROCKET_PORT = 9500;
|
||||
|
||||
EMERGENCY_ACCESS_ALLOWED = false;
|
||||
SENDS_ALLOWED = false;
|
||||
SIGNUPS_ALLOWED = false;
|
||||
ORG_CREATION_USERS = "none";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -36,7 +36,6 @@
|
|||
|
||||
environment.systemPackages = with pkgs; [
|
||||
unzip
|
||||
wget
|
||||
tree
|
||||
file
|
||||
htop
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
webui = pkgs.metacubexd;
|
||||
};
|
||||
|
||||
systemd.services.mihomo.serviceConfig.preStart = ''
|
||||
systemd.services.mihomo.preStart = ''
|
||||
${pkgs.coreutils}/bin/ln -sf ${pkgs.v2ray-geoip}/share/v2ray/geoip.dat /var/lib/private/mihomo/GeoIP.dat
|
||||
${pkgs.coreutils}/bin/ln -sf ${pkgs.v2ray-domain-list-community}/share/v2ray/geosite.dat /var/lib/private/mihomo/GeoSite.dat
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,24 +0,0 @@
|
|||
{
|
||||
fetchurl,
|
||||
imagemagick,
|
||||
runCommandLocal,
|
||||
}:
|
||||
runCommandLocal "49983419_p0.jpg" {
|
||||
nativeBuildInputs = [imagemagick];
|
||||
|
||||
# https://www.pixiv.net/en/artworks/49983419
|
||||
image = fetchurl {
|
||||
url = "https://i.pximg.net/img-original/img/2015/04/23/12/43/35/49983419_p0.jpg";
|
||||
hash = "sha256-JZ5VmsjVjZfHXpx3JxzAyYzZppZmgH38AiAA+B0TDiw=";
|
||||
curlOptsList = ["-e" "https://www.pixiv.net/"];
|
||||
};
|
||||
|
||||
outputs = ["out" "dark"];
|
||||
} ''
|
||||
magick $image -crop 3500x1600+0+100 $out
|
||||
magick $image \
|
||||
-crop 3500x1600+0+100 \
|
||||
-blur 8x8 \
|
||||
-brightness-contrast -10,0 \
|
||||
$dark
|
||||
''
|
||||
|
|
@ -1,20 +1,10 @@
|
|||
# NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
|
||||
# only keeping some packages that only fits for personal use.
|
||||
pkgs: let
|
||||
inherit (pkgs) lib callPackage;
|
||||
inherit (pkgs) callPackage;
|
||||
in {
|
||||
# https://github.com/NixOS/nixpkgs/pull/308720
|
||||
pixivfe = callPackage ./pixivfe.nix {};
|
||||
|
||||
background = callPackage ./background.nix {};
|
||||
|
||||
scripts = lib.makeScope pkgs.newScope (self: let
|
||||
inherit (self) callPackage;
|
||||
in {
|
||||
# util
|
||||
makeScript = callPackage ./scripts/makeScript.nix {};
|
||||
|
||||
# scripts
|
||||
lofi = callPackage ./scripts/lofi.nix {};
|
||||
});
|
||||
background = pkgs.nixos-artwork.wallpapers.nineish-dark-gray.src;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
{
|
||||
makeScript,
|
||||
coreutils,
|
||||
mpv,
|
||||
fetchurl,
|
||||
}:
|
||||
makeScript {
|
||||
name = "lofi";
|
||||
runtimeInputs = [coreutils mpv];
|
||||
src = fetchurl {
|
||||
url = "https://raw.githubusercontent.com/lime-desu/bin/69422c37582c5914863997c75c268791a0de136e/lofi";
|
||||
hash = "sha256-hT+S/rqOHUYnnFcSDFfQht4l1DGasz1L3wDHKUWLraA=";
|
||||
};
|
||||
}
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
lib,
|
||||
runtimeShell,
|
||||
runCommandLocal,
|
||||
makeBinaryWrapper,
|
||||
}: {
|
||||
name,
|
||||
src,
|
||||
runtimeInputs ? [],
|
||||
}:
|
||||
# FIXME: incorrect argv0
|
||||
runCommandLocal name {
|
||||
inherit src;
|
||||
nativeBuildInputs = [makeBinaryWrapper];
|
||||
meta.mainProgram = name;
|
||||
} ''
|
||||
install -Dm755 $src $out/bin/.$name
|
||||
makeBinaryWrapper ${runtimeShell} $out/bin/$name \
|
||||
--add-flags $out/bin/.$name \
|
||||
--prefix PATH : ${lib.makeBinPath runtimeInputs}
|
||||
''
|
||||
Loading…
Reference in a new issue