dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Reformat using nixpkgs-fmt

Browse source
This commit is contained in:
Tim Schubert 2021-01-02 14:23:50 +01:00
parent 368ed0797d
commit 5a734099bf
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
36 changed files with 209 additions and 168 deletions
Download patch file Download diff file Expand all files Collapse all files

6
default.nix
View file

@ -12,7 +12,7 @@ rec {
hosts = import ./hosts;
tubslatex = callPackage ./pkgs/tubslatex {};
keys = callPackage ./pkgs/keys {};
homePage = callPackage ./pkgs/homePage {};
tubslatex = callPackage ./pkgs/tubslatex { };
keys = callPackage ./pkgs/keys { };
homePage = callPackage ./pkgs/homePage { };
}

42
hosts/ifrit/default.nix
View file

@ -7,7 +7,8 @@ let
"media.local"
];
backups = "/mnt/storage/backup";
in {
in
{
imports = [
../../modules/profiles/base
];
@ -107,13 +108,22 @@ in {
allowPing = true;
allowedTCPPorts = [
22 # SSH
80 443 # HTTP(S)
111 2049 # NFS
137 138 139 445 # SMB
80
443 # HTTP(S)
111
2049 # NFS
137
138
139
445 # SMB
];
allowedUDPPorts = [
137 138 139 445 # SMB
111 2049 # NFS
137
138
139
445 # SMB
111
2049 # NFS
51234 # Wireguard
];
};
@ -121,16 +131,16 @@ in {
security.acme = {
email = "d553a78d-0349-48db-9c20-5b27af3a1dfc@dadada.li";
acceptTerms = true;
# certs."webchat.dadada.li" = {
# credentialsFile = "/var/lib/lego/acme-joker.env";
# dnsProvider = "joker";
# postRun = "systemctl reload nginx.service";
# };
# certs."weechat.dadada.li" = {
# credentialsFile = "/var/lib/lego/acme-joker.env";
# dnsProvider = "joker";
# postRun = "systemctl reload nginx.service";
# };
# certs."webchat.dadada.li" = {
# credentialsFile = "/var/lib/lego/acme-joker.env";
# dnsProvider = "joker";
# postRun = "systemctl reload nginx.service";
# };
# certs."weechat.dadada.li" = {
# credentialsFile = "/var/lib/lego/acme-joker.env";
# dnsProvider = "joker";
# postRun = "systemctl reload nginx.service";
# };
};
users.users."mist" = {

10
hosts/surgat/default.nix
View file

@ -2,7 +2,8 @@
let
hostName = "surgat";
this = import ../.. { inherit pkgs; };
in {
in
{
imports = [ this.profiles.base ];
networking.hostName = hostName;
@ -43,7 +44,8 @@ in {
allowPing = true;
allowedTCPPorts = [
22 # SSH
80 443 # HTTPS
80
443 # HTTPS
];
allowedUDPPorts = [
51234 # Wireguard
@ -60,10 +62,10 @@ in {
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
networking.interfaces."ens3".ipv6.addresses = [ {
networking.interfaces."ens3".ipv6.addresses = [{
address = "2a01:4f8:c17:1d70::";
prefixLength = 64;
} ];
}];
networking.defaultGateway6 = {
address = "fe80::1";

24
modules/admin.nix
View file

@ -3,15 +3,16 @@
with lib;
let
cfg = config.dadada.admin;
in {
in
{
options.dadada.admin = {
enable = mkEnableOption "Enable admin access";
users = mkOption {
type = with types; attrsOf (listOf path);
default = [];
default = [ ];
description = ''
List of admin users with root access to all the machine.
List of admin users with root access to all the machine.
'';
example = literalExample "\"user1\" = [ /path/to/key1 /path/to/key2 ]";
};
@ -32,12 +33,14 @@ in {
users.mutableUsers = false;
users.users = mapAttrs (user: keys: (
{
extraGroups = [ "wheel" ];
isNormalUser = true;
openssh.authorizedKeys.keyFiles = keys;
})) cfg.users;
users.users = mapAttrs
(user: keys: (
{
extraGroups = [ "wheel" ];
isNormalUser = true;
openssh.authorizedKeys.keyFiles = keys;
}))
cfg.users;
networking.firewall.allowedTCPPorts = [ 22 ];
@ -49,9 +52,8 @@ in {
services.tor.hiddenServices = {
"rat" = mkIf cfg.rat.enable {
name = "rat";
map = [ { port = 22; } ];
map = [{ port = 22; }];
};
};
};
}

13
modules/backup.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, lib, ...}:
{ config, pkgs, lib, ... }:
with lib;
let
backupExcludes = [
backupExcludes = [
"/backup"
"/dev"
"/efi"
@ -20,7 +20,8 @@ let
"/var/tmp"
];
cfg = config.dadada.backupClient;
in {
in
{
options.dadada.backupClient = {
enable = mkEnableOption "Enable backup client";
gs = mkEnableOption "Enable backup to GS location";
@ -51,8 +52,8 @@ in {
within = "1d"; # Keep all archives from the last day
daily = 7;
weekly = 2;
monthly = -1; # Keep at least one archive for each month
yearly = -1; # Keep at least one archive for each year
monthly = -1; # Keep at least one archive for each month
yearly = -1; # Keep at least one archive for each year
};
startAt = "monthly";
};
@ -63,7 +64,7 @@ in {
];
};
services.borgbackup.jobs.bs = mkIf cfg.bs{
services.borgbackup.jobs.bs = mkIf cfg.bs {
paths = "/";
exclude = backupExcludes;
repo = "borg@media.dadada.li:/mnt/storage/backup/${config.networking.hostName}";

5
modules/element.nix
View file

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }:
let
cfg = config.dadada.element;
in {
in
{
options.dadada.element = {
enable = lib.mkEnableOption "Enable element webapp";
};
@ -32,4 +33,4 @@ in {
};
};
};
}
}

5
modules/fido2.nix
View file

@ -3,7 +3,8 @@ with lib;
let
luks = config.dadada.luks;
fido2 = config.dadada.fido2;
in {
in
{
options = {
dadada.luks = {
@ -43,7 +44,7 @@ in {
linuxPackages.acpi_call
fido2luks
python27Packages.dbus-python
python38Packages.solo-python
python38Packages.solo-python
]);
security.pam.u2f = mkIf fido2.enablePam {

4
modules/fileShare.nix
View file

@ -6,7 +6,8 @@ let
ipv6 = "fd42:dead:beef::/48";
ipv4 = "192.168.42.0/24";
allow = "192.168.42.0 fd42:dead:beef::";
in {
in
{
options.dadada.fileShare = {
enable = mkEnableOption "Enable file share server";
};
@ -47,4 +48,3 @@ in {
};
};
}

3
modules/gitea.nix
View file

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }:
let
cfg = config.dadada.gitea;
in {
in
{
options.dadada.gitea = {
enable = lib.mkEnableOption "Enable gitea";
};

20
modules/home/colors.nix
View file

@ -13,21 +13,21 @@ with lib;
cursor = "#e8e8e8";
cursorForeground = "#1f2022";
background = "#292b2e";
color0 = "#1f2022";
color8 = "#585858";
color7 = "#a3a3a3";
color0 = "#1f2022";
color8 = "#585858";
color7 = "#a3a3a3";
color15 = "#f8f8f8";
color1 = "#f2241f";
color9 = "#f2241f";
color2 = "#67b11d";
color1 = "#f2241f";
color9 = "#f2241f";
color2 = "#67b11d";
color10 = "#67b11d";
color3 = "#b1951d";
color3 = "#b1951d";
color11 = "#b1951d";
color4 = "#4f97d7";
color4 = "#4f97d7";
color12 = "#4f97d7";
color5 = "#a31db1";
color5 = "#a31db1";
color13 = "#a31db1";
color6 = "#2d9574";
color6 = "#2d9574";
color14 = "#2d9574";
color16 = "#ffa500";
color17 = "#b03060";

31
modules/home/fish.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.fish;
in {
in
{
options.dadada.home.fish = {
enable = mkEnableOption "Enable fish config";
};
@ -45,21 +46,21 @@ in {
#end
'';
promptInit = ''
function fish_prompt
set last_status $status
printf '%s %s:%s ' \
(set_color red
echo $last_status) \
(set_color green
hostname) \
(set_color blue
prompt_pwd)
set_color normal
end
function fish_prompt
set last_status $status
printf '%s %s:%s ' \
(set_color red
echo $last_status) \
(set_color green
hostname) \
(set_color blue
prompt_pwd)
set_color normal
end
function fish_right_prompt
printf '%s' (__fish_git_prompt)
end
function fish_right_prompt
printf '%s' (__fish_git_prompt)
end
'';
shellAliases = {
gst = "git status";

3
modules/home/gpg.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.gpg;
in {
in
{
options.dadada.home.gpg = {
enable = mkEnableOption "Enable GnuPG config";
};

3
modules/home/keyring.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.keyring;
in {
in
{
options.dadada.home.keyring = {
enable = mkEnableOption "Enable keyring config";
};

3
modules/home/kitty/default.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.kitty;
in {
in
{
options.dadada.home.kitty = {
enable = mkEnableOption "Enable kitty config";
};

5
modules/home/mako.nix
View file

@ -1,8 +1,9 @@
{ config, lib, pkgs, colors, ...}:
{ config, lib, pkgs, colors, ... }:
with lib;
let
cfg = config.dadada.home.mako;
in {
in
{
options.dadada.home.mako = {
enable = mkEnableOption "Enable mako config";
};

5
modules/home/session.nix
View file

@ -2,13 +2,14 @@
with lib;
let
cfg = config.dadada.home.session;
in {
in
{
options.dadada.home.session = {
enable = mkEnableOption "Enable session variable management";
sessionVars = mkOption {
description = "Session variables";
type = types.attrs;
default = {};
default = { };
example = ''
EDITOR = "vim";
PAGER = "less";

3
modules/home/ssh.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.ssh;
in {
in
{
options.dadada.home.ssh = {
enable = mkEnableOption "Enable SSH config";
};

21
modules/home/sway/default.nix
View file

@ -1,8 +1,9 @@
{ config, pkgs, lib, colors, ...}:
{ config, pkgs, lib, colors, ... }:
with lib;
let
cfg = config.dadada.home.sway;
in {
in
{
options.dadada.home.sway = {
enable = mkEnableOption "Enable Sway config";
};
@ -21,18 +22,18 @@ in {
swaylock
]);
wayland.windowManager.sway = {
wayland.windowManager.sway = {
enable = true;
config = null;
extraConfig = (builtins.readFile ./config);
extraSessionCommands = ''
export SDL_VIDEODRIVER=wayland
# needs qt5.qtwayland in systemPackages
export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
# Fix for some Java AWT applications (e.g. Android Studio),
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
export SDL_VIDEODRIVER=wayland
# needs qt5.qtwayland in systemPackages
export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
# Fix for some Java AWT applications (e.g. Android Studio),
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
'';
};
};

3
modules/home/syncthing.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.syncthing;
in {
in
{
options.dadada.home.syncthing = {
enable = mkEnableOption "Enable Syncthing config";
};

14
modules/home/termite.nix
View file

@ -1,14 +1,14 @@
{
config,
lib,
pkgs,
colors ? ../../lib/colors.nix,
...
{ config
, lib
, pkgs
, colors ? ../../lib/colors.nix
, ...
}:
with lib;
let
cfg = config.dadada.home.termite;
in {
in
{
options.dadada.home.termite = {
enable = mkEnableOption "Enable termite config";
};

11
modules/home/tmux.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.tmux;
in {
in
{
options.dadada.home.tmux = {
enable = mkEnableOption "Enable tmux config";
};
@ -11,10 +12,10 @@ in {
enable = true;
terminal = "xterm-256color";
extraConfig = ''
set -g status on
set-option -g set-titles on
set-option -g automatic-rename on
set-window-option -g mode-keys vi
set -g status on
set-option -g set-titles on
set-option -g automatic-rename on
set-window-option -g mode-keys vi
'';
};
};

9
modules/home/vim/default.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }:
with lib;
let
let
cfg = config.dadada.home.vim;
vimPlugins = pkgs.callPackage ../../../pkgs/vimPlugins {};
vimPlugins = pkgs.callPackage ../../../pkgs/vimPlugins { };
in
{
options.dadada.home.vim = {
@ -32,6 +32,9 @@ in
#pkgs.vimPlugins.clang_complete
];
};
home.packages = [ pkgs.languagetool ];
home.packages = with pkgs; [
languagetool
nixpkgs-fmt
];
};
}

7
modules/home/xdg.nix
View file

@ -19,7 +19,8 @@ let
"application/pdf" = "org.pwmt.zathura.desktop";
};
cfg = config.dadada.home.xdg;
in {
in
{
options.dadada.home.xdg = {
enable = mkEnableOption "Enable XDG config";
};
@ -32,9 +33,9 @@ in {
defaultApplications = apps;
};
userDirs = {
download ="\$HOME/tmp";
download = "\$HOME/tmp";
music = "\$HOME/lib/music";
videos ="\$HOME/lib/videos";
videos = "\$HOME/lib/videos";
pictures = "\$HOME/lib/pictures";
documents = "\$HOME/lib";
desktop = "$HOME/tmp";

25
modules/home/zsh.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.home.zsh;
in {
in
{
options.dadada.home.zsh = {
enable = mkEnableOption "Enable ZSH config";
};
@ -26,19 +27,19 @@ in {
plugins = [
];
initExtra = ''
source ~/.nix-profile/share/zsh-git-prompt/zshrc.sh
source ~/.nix-profile/share/fzf/key-bindings.zsh
source ~/.nix-profile/share/fzf/completion.zsh
source ~/.nix-profile/share/zsh-git-prompt/zshrc.sh
source ~/.nix-profile/share/fzf/key-bindings.zsh
source ~/.nix-profile/share/fzf/completion.zsh
preexec() { echo -n -e "\033]0;$1\007" }
preexec() { echo -n -e "\033]0;$1\007" }
PROMPT="%F{red}%?%f %F{green}%m%f:%F{blue}%~%f "
RPROMPT='$(git_super_status)'
#NIX_BUILD_SHELL="${pkgs.zsh}/bin/zsh"
if [ "$TMUX" = "" ]
then
tmux
fi
PROMPT="%F{red}%?%f %F{green}%m%f:%F{blue}%~%f "
RPROMPT='$(git_super_status)'
#NIX_BUILD_SHELL="${pkgs.zsh}/bin/zsh"
if [ "$TMUX" = "" ]
then
tmux
fi
'';
profileExtra = ''
'';

4
modules/homepage.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }:
let
cfg = config.dadada.homePage;
in with lib; {
in
with lib; {
options.dadada.homePage = {
enable = mkEnableOption "Enable home page";
};

9
modules/networking.nix
View file

@ -1,14 +1,15 @@
{ config, pkgs, lib, ...}:
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.dadada.networking;
in {
in
{
options.dadada.networking = {
useLocalResolver = mkEnableOption "Enable local caching name server";
wanInterfaces = mkOption {
type = with types; listOf str;
description = "WAN network interfaces";
default = [];
default = [ ];
};
vpnExtension = mkOption {
type = with types; nullOr str;
@ -73,7 +74,7 @@ in {
enable = true;
allowedUDPPorts = [
51234 # Wireguard
5353 # mDNS
5353 # mDNS
];
};
};

4
modules/share.nix
View file

@ -3,7 +3,8 @@
with lib;
let
cfg = config.dadada.share;
in {
in
{
options.dadada.share = {
enable = mkEnableOption "Enable file share";
};
@ -27,4 +28,3 @@ in {
};
};
}

3
modules/steam.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.steam;
in {
in
{
options.dadada.steam = {
enable = mkEnableOption "Enable Steam config";
};

3
modules/update.nix
View file

@ -2,7 +2,8 @@
with lib;
let
cfg = config.dadada.autoUpgrade;
in {
in
{
options.dadada.autoUpgrade = {
enable = mkEnableOption "Enable automatic upgrades";

17
modules/vpnServer.nix
View file

@ -21,13 +21,14 @@ let
};
};
};
in {
in
{
options.dadada.vpnServer = {
enable = mkEnableOption "Enable wireguard gateway";
peers = mkOption {
description = "Set of extensions and public keys of peers";
type = with types; attrsOf (submodule wgPeer);
default = {};
default = { };
};
};
config = mkIf cfg.enable {
@ -37,11 +38,13 @@ in {
privateKeyFile = "/var/lib/wireguard/wg0-key";
ips = [ "fd42:dead:beef:1337::0/64" ];
listenPort = 51234;
peers = map (peer: (
{
allowedIPs = [ "fd42:dead:beef:1337::${peer.id}/128" ];
publicKey = peer.key;
})) (attrValues cfg.peers);
peers = map
(peer: (
{
allowedIPs = [ "fd42:dead:beef:1337::${peer.id}/128" ];
publicKey = peer.key;
}))
(attrValues cfg.peers);
};
};
}

4
modules/weechat.nix
View file

@ -3,7 +3,8 @@
with lib;
let
cfg = config.dadada.weechat;
in {
in
{
options.dadada.weechat = {
enable = mkEnableOption "Enable weechat relay";
};
@ -55,4 +56,3 @@ in {
};
};
}

7
overlay.nix
View file

@ -1,11 +1,10 @@
self: super:
let
isReserved = n: n == "lib" || n == "overlays" || n == "modules";
nameValuePair = n: v: { name = n; value = v; };
attrs = import ./default.nix { pkgs = super; };
in
builtins.listToAttrs
builtins.listToAttrs
(map (n: nameValuePair n attrs.${n})
(builtins.filter (n: !isReserved n)
(builtins.attrNames attrs)))
(builtins.filter (n: !isReserved n)
(builtins.attrNames attrs)))

41
overlays/tubslatex.nix
View file

@ -1,25 +1,26 @@
self: super:
{
# Based on https://gist.github.com/clefru/9ed1186bf0b76d27e0ad20cbd9966b87
tubslatex = super.lib.overrideDerivation (super.texlive.combine {
inherit (super.texlive) scheme-full;
tubslatex.pkgs = [ (super.callPackage ../pkgs/tubslatex {}) ];
}) (oldAttrs: {
postBuild = ''
# Save the udpmap.cfg because texlive.combine removes it.
cat $out/share/texmf/web2c/updmap.cfg > $out/share/texmf/web2c/updmap.cfg.1
'' + oldAttrs.postBuild + ''
# Move updmap.cfg into its original place and rerun mktexlsr, so that kpsewhich finds it
rm $out/share/texmf/web2c/updmap.cfg || true
cat $out/share/texmf/web2c/updmap.cfg.1 > $out/share/texmf/web2c/updmap.cfg
rm $out/share/texmf/web2c/updmap.cfg.1
perl `type -P mktexlsr.pl` $out/share/texmf
yes | perl `type -P updmap.pl` --sys --syncwithtrees --force || true
perl `type -P updmap.pl` --sys --enable Map=NexusProSerif.map --enable Map=NexusProSans.map
# Regenerate .map files.
perl `type -P updmap.pl` --sys
'';
});
tubslatex = super.lib.overrideDerivation
(super.texlive.combine {
inherit (super.texlive) scheme-full;
tubslatex.pkgs = [ (super.callPackage ../pkgs/tubslatex { }) ];
})
(oldAttrs: {
postBuild = ''
# Save the udpmap.cfg because texlive.combine removes it.
cat $out/share/texmf/web2c/updmap.cfg > $out/share/texmf/web2c/updmap.cfg.1
'' + oldAttrs.postBuild + ''
# Move updmap.cfg into its original place and rerun mktexlsr, so that kpsewhich finds it
rm $out/share/texmf/web2c/updmap.cfg || true
cat $out/share/texmf/web2c/updmap.cfg.1 > $out/share/texmf/web2c/updmap.cfg
rm $out/share/texmf/web2c/updmap.cfg.1
perl `type -P mktexlsr.pl` $out/share/texmf
yes | perl `type -P updmap.pl` --sys --syncwithtrees --force || true
perl `type -P updmap.pl` --sys --enable Map=NexusProSerif.map --enable Map=NexusProSans.map
# Regenerate .map files.
perl `type -P updmap.pl` --sys
'';
});
}

4
pkgs/keys/default.nix
View file

@ -9,8 +9,8 @@ stdenv.mkDerivation rec {
buildPhase = "";
installPhase = ''
mkdir $out
cp * $out
mkdir $out
cp * $out
'';
meta = with stdenv.lib; {

4
pkgs/tubslatex/default.nix
View file

@ -5,8 +5,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ unzip ];
buildInputs = [ unzip ];
installPhase = ''
mkdir -p $out
cp -r * $out/
mkdir -p $out
cp -r * $out/
'';
pname = "tubslatex";
name = pname;

2
pkgs/vimPlugins/filetype/ftplugin/nix.vim
View file

@ -1,3 +1,5 @@
setlocal expandtab
setlocal shiftwidth=2
setlocal softtabstop=2
let b:ale_fixers = [ 'nixpkgs-fmt', 'remove_trailing_lines', 'trim_whitespace']