diff options
89 files changed, 2706 insertions, 1643 deletions
@@ -8,6 +8,12 @@ creation_rules: | |||
8 | - path_regex: ^hosts/surtr/email/ca | 8 | - path_regex: ^hosts/surtr/email/ca |
9 | key_groups: | 9 | key_groups: |
10 | - age: [ *admin_gkleen ] | 10 | - age: [ *admin_gkleen ] |
11 | - path_regex: ^home-modules/lmu-hausschrift/ | ||
12 | key_groups: | ||
13 | - age: [ *admin_gkleen ] | ||
14 | - path_regex: ^accounts/gkleen@sif/ | ||
15 | key_groups: | ||
16 | - age: [ *admin_gkleen ] | ||
11 | - path_regex: surtr\/?[^\/]*$ | 17 | - path_regex: surtr\/?[^\/]*$ |
12 | key_groups: | 18 | key_groups: |
13 | - age: [ *admin_gkleen, *machine_surtr ] | 19 | - age: [ *admin_gkleen, *machine_surtr ] |
diff --git a/_sources/generated.json b/_sources/generated.json index be1e12e9..4498b987 100644 --- a/_sources/generated.json +++ b/_sources/generated.json | |||
@@ -22,7 +22,7 @@ | |||
22 | }, | 22 | }, |
23 | "bpf-examples": { | 23 | "bpf-examples": { |
24 | "cargoLocks": null, | 24 | "cargoLocks": null, |
25 | "date": "2025-03-06", | 25 | "date": "2025-07-04", |
26 | "extract": null, | 26 | "extract": null, |
27 | "name": "bpf-examples", | 27 | "name": "bpf-examples", |
28 | "passthru": null, | 28 | "passthru": null, |
@@ -34,12 +34,12 @@ | |||
34 | "name": null, | 34 | "name": null, |
35 | "owner": "xdp-project", | 35 | "owner": "xdp-project", |
36 | "repo": "bpf-examples", | 36 | "repo": "bpf-examples", |
37 | "rev": "64e7da048b14822bef06f3971189c4c0985422e7", | 37 | "rev": "588d0064f575e58878f27bfa7eb52e460150dc6a", |
38 | "sha256": "sha256-cyyRNvU35ujxkLraOqw2oiZwUblBpJaEncPl2++VHL4=", | 38 | "sha256": "sha256-8wp2lfp7RQYmMJmHp0hzpCYQXj6hQXDIIKhpiCBYTt0=", |
39 | "sparseCheckout": [], | 39 | "sparseCheckout": [], |
40 | "type": "github" | 40 | "type": "github" |
41 | }, | 41 | }, |
42 | "version": "64e7da048b14822bef06f3971189c4c0985422e7" | 42 | "version": "588d0064f575e58878f27bfa7eb52e460150dc6a" |
43 | }, | 43 | }, |
44 | "emacs-scratch_el": { | 44 | "emacs-scratch_el": { |
45 | "cargoLocks": null, | 45 | "cargoLocks": null, |
@@ -91,11 +91,11 @@ | |||
91 | "passthru": null, | 91 | "passthru": null, |
92 | "pinned": false, | 92 | "pinned": false, |
93 | "src": { | 93 | "src": { |
94 | "sha256": "sha256-afJuTByGUMU6kFqGGa3pbPaFVdYGcJYiR0RfDNYNgDk=", | 94 | "sha256": "sha256-GCtcIXGrMH6LOKxjnB2SkUSChQnMj5d939i2atvqK+Q=", |
95 | "type": "tarball", | 95 | "type": "tarball", |
96 | "url": "https://github.com/wofr06/lesspipe/archive/refs/tags/v2.17.tar.gz" | 96 | "url": "https://github.com/wofr06/lesspipe/archive/refs/tags/v2.18.tar.gz" |
97 | }, | 97 | }, |
98 | "version": "2.17" | 98 | "version": "2.18" |
99 | }, | 99 | }, |
100 | "mako": { | 100 | "mako": { |
101 | "cargoLocks": null, | 101 | "cargoLocks": null, |
@@ -327,11 +327,11 @@ | |||
327 | "passthru": null, | 327 | "passthru": null, |
328 | "pinned": false, | 328 | "pinned": false, |
329 | "src": { | 329 | "src": { |
330 | "sha256": "sha256-Nz/lBhQbzWSnOKN4n0OUdJzDTpf3mfY0+FXoCqF03TU=", | 330 | "sha256": "sha256-JDKt+MzxxyaFWnzuq/7FfT/JPUknH/RRw4Cb8XDOtlk=", |
331 | "type": "tarball", | 331 | "type": "tarball", |
332 | "url": "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.4.0.tar.gz" | 332 | "url": "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.6.0.tar.gz" |
333 | }, | 333 | }, |
334 | "version": "0.4.0" | 334 | "version": "0.6.0" |
335 | }, | 335 | }, |
336 | "psql-versioning": { | 336 | "psql-versioning": { |
337 | "cargoLocks": null, | 337 | "cargoLocks": null, |
@@ -397,7 +397,7 @@ | |||
397 | }, | 397 | }, |
398 | "swayosd": { | 398 | "swayosd": { |
399 | "cargoLocks": null, | 399 | "cargoLocks": null, |
400 | "date": "2025-04-20", | 400 | "date": "2025-07-07", |
401 | "extract": null, | 401 | "extract": null, |
402 | "name": "swayosd", | 402 | "name": "swayosd", |
403 | "passthru": null, | 403 | "passthru": null, |
@@ -407,13 +407,13 @@ | |||
407 | "fetchSubmodules": false, | 407 | "fetchSubmodules": false, |
408 | "leaveDotGit": false, | 408 | "leaveDotGit": false, |
409 | "name": null, | 409 | "name": null, |
410 | "rev": "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c", | 410 | "rev": "73aed75146b81aaf67c4301353790ff5a17aed1f", |
411 | "sha256": "sha256-Z9c/5jKxs5ctUuVu7g+BXA1Wy4lyZLpGATtj2jd84jI=", | 411 | "sha256": "sha256-p31HNelptAw7Sk0NmYP4FkoUCdA5uAsrXC20JJp24Vw=", |
412 | "sparseCheckout": [], | 412 | "sparseCheckout": [], |
413 | "type": "git", | 413 | "type": "git", |
414 | "url": "https://github.com/ErikReider/SwayOSD" | 414 | "url": "https://github.com/ErikReider/SwayOSD" |
415 | }, | 415 | }, |
416 | "version": "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c" | 416 | "version": "73aed75146b81aaf67c4301353790ff5a17aed1f" |
417 | }, | 417 | }, |
418 | "tomorrow-night-paradise-theme": { | 418 | "tomorrow-night-paradise-theme": { |
419 | "cargoLocks": null, | 419 | "cargoLocks": null, |
@@ -437,7 +437,7 @@ | |||
437 | }, | 437 | }, |
438 | "v4l2loopback": { | 438 | "v4l2loopback": { |
439 | "cargoLocks": null, | 439 | "cargoLocks": null, |
440 | "date": "2025-04-29", | 440 | "date": "2025-07-08", |
441 | "extract": null, | 441 | "extract": null, |
442 | "name": "v4l2loopback", | 442 | "name": "v4l2loopback", |
443 | "passthru": null, | 443 | "passthru": null, |
@@ -449,16 +449,16 @@ | |||
449 | "name": null, | 449 | "name": null, |
450 | "owner": "umlaeute", | 450 | "owner": "umlaeute", |
451 | "repo": "v4l2loopback", | 451 | "repo": "v4l2loopback", |
452 | "rev": "8d806ad688961d8840081a609c39d1a82d296b24", | 452 | "rev": "e3fb6825ebb4bc6da2e15a515e24769d76c93332", |
453 | "sha256": "sha256-zuE/qFI8QCWCePmHWjTIPTh2KzmDkwQ2uj5C1dAwo1c=", | 453 | "sha256": "sha256-cgxdWuIwmNaOIYmMA1mEvC+1FQFhTGsffVv71md5yXo=", |
454 | "sparseCheckout": [], | 454 | "sparseCheckout": [], |
455 | "type": "github" | 455 | "type": "github" |
456 | }, | 456 | }, |
457 | "version": "8d806ad688961d8840081a609c39d1a82d296b24" | 457 | "version": "e3fb6825ebb4bc6da2e15a515e24769d76c93332" |
458 | }, | 458 | }, |
459 | "xcompose": { | 459 | "xcompose": { |
460 | "cargoLocks": null, | 460 | "cargoLocks": null, |
461 | "date": "2025-03-11", | 461 | "date": "2025-06-05", |
462 | "extract": null, | 462 | "extract": null, |
463 | "name": "xcompose", | 463 | "name": "xcompose", |
464 | "passthru": null, | 464 | "passthru": null, |
@@ -470,12 +470,12 @@ | |||
470 | "name": null, | 470 | "name": null, |
471 | "owner": "kragen", | 471 | "owner": "kragen", |
472 | "repo": "xcompose", | 472 | "repo": "xcompose", |
473 | "rev": "8b5a6a0c788fd0a4b921d9d3737174defb863873", | 473 | "rev": "4d8eab4d05a19537ce79294ae0459fdae78ffb20", |
474 | "sha256": "sha256-6EjQErdBOd5hqcrdaf88E1UZVYIc3FOfv34hvUwOWdA=", | 474 | "sha256": "sha256-vKY4u5Z2IL111orLLkkF4AoVzqluKG/VQhNUUCqO/k8=", |
475 | "sparseCheckout": [], | 475 | "sparseCheckout": [], |
476 | "type": "github" | 476 | "type": "github" |
477 | }, | 477 | }, |
478 | "version": "8b5a6a0c788fd0a4b921d9d3737174defb863873" | 478 | "version": "4d8eab4d05a19537ce79294ae0459fdae78ffb20" |
479 | }, | 479 | }, |
480 | "yt-dlp": { | 480 | "yt-dlp": { |
481 | "cargoLocks": null, | 481 | "cargoLocks": null, |
@@ -486,10 +486,10 @@ | |||
486 | "pinned": false, | 486 | "pinned": false, |
487 | "src": { | 487 | "src": { |
488 | "name": null, | 488 | "name": null, |
489 | "sha256": "sha256-0BNn0MOulONcseLsy3p8cOGBxMpEj07iN08mSJ0mNgM=", | 489 | "sha256": "sha256-bQroVcClW/zCjf+6gE7IUlublV00pBGRoVYaTOwD2L0=", |
490 | "type": "url", | 490 | "type": "url", |
491 | "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.4.30.tar.gz" | 491 | "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.30.tar.gz" |
492 | }, | 492 | }, |
493 | "version": "2025.4.30" | 493 | "version": "2025.6.30" |
494 | } | 494 | } |
495 | } \ No newline at end of file | 495 | } \ No newline at end of file |
diff --git a/_sources/generated.nix b/_sources/generated.nix index ff85bc0d..f470ad9e 100644 --- a/_sources/generated.nix +++ b/_sources/generated.nix | |||
@@ -18,15 +18,15 @@ | |||
18 | }; | 18 | }; |
19 | bpf-examples = { | 19 | bpf-examples = { |
20 | pname = "bpf-examples"; | 20 | pname = "bpf-examples"; |
21 | version = "64e7da048b14822bef06f3971189c4c0985422e7"; | 21 | version = "588d0064f575e58878f27bfa7eb52e460150dc6a"; |
22 | src = fetchFromGitHub { | 22 | src = fetchFromGitHub { |
23 | owner = "xdp-project"; | 23 | owner = "xdp-project"; |
24 | repo = "bpf-examples"; | 24 | repo = "bpf-examples"; |
25 | rev = "64e7da048b14822bef06f3971189c4c0985422e7"; | 25 | rev = "588d0064f575e58878f27bfa7eb52e460150dc6a"; |
26 | fetchSubmodules = true; | 26 | fetchSubmodules = true; |
27 | sha256 = "sha256-cyyRNvU35ujxkLraOqw2oiZwUblBpJaEncPl2++VHL4="; | 27 | sha256 = "sha256-8wp2lfp7RQYmMJmHp0hzpCYQXj6hQXDIIKhpiCBYTt0="; |
28 | }; | 28 | }; |
29 | date = "2025-03-06"; | 29 | date = "2025-07-04"; |
30 | }; | 30 | }; |
31 | emacs-scratch_el = { | 31 | emacs-scratch_el = { |
32 | pname = "emacs-scratch_el"; | 32 | pname = "emacs-scratch_el"; |
@@ -53,10 +53,10 @@ | |||
53 | }; | 53 | }; |
54 | lesspipe = { | 54 | lesspipe = { |
55 | pname = "lesspipe"; | 55 | pname = "lesspipe"; |
56 | version = "2.17"; | 56 | version = "2.18"; |
57 | src = fetchTarball { | 57 | src = fetchTarball { |
58 | url = "https://github.com/wofr06/lesspipe/archive/refs/tags/v2.17.tar.gz"; | 58 | url = "https://github.com/wofr06/lesspipe/archive/refs/tags/v2.18.tar.gz"; |
59 | sha256 = "sha256-afJuTByGUMU6kFqGGa3pbPaFVdYGcJYiR0RfDNYNgDk="; | 59 | sha256 = "sha256-GCtcIXGrMH6LOKxjnB2SkUSChQnMj5d939i2atvqK+Q="; |
60 | }; | 60 | }; |
61 | }; | 61 | }; |
62 | mako = { | 62 | mako = { |
@@ -196,10 +196,10 @@ | |||
196 | }; | 196 | }; |
197 | prometheus-lvm-exporter = { | 197 | prometheus-lvm-exporter = { |
198 | pname = "prometheus-lvm-exporter"; | 198 | pname = "prometheus-lvm-exporter"; |
199 | version = "0.4.0"; | 199 | version = "0.6.0"; |
200 | src = fetchTarball { | 200 | src = fetchTarball { |
201 | url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.4.0.tar.gz"; | 201 | url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.6.0.tar.gz"; |
202 | sha256 = "sha256-Nz/lBhQbzWSnOKN4n0OUdJzDTpf3mfY0+FXoCqF03TU="; | 202 | sha256 = "sha256-JDKt+MzxxyaFWnzuq/7FfT/JPUknH/RRw4Cb8XDOtlk="; |
203 | }; | 203 | }; |
204 | }; | 204 | }; |
205 | psql-versioning = { | 205 | psql-versioning = { |
@@ -242,17 +242,17 @@ | |||
242 | }; | 242 | }; |
243 | swayosd = { | 243 | swayosd = { |
244 | pname = "swayosd"; | 244 | pname = "swayosd"; |
245 | version = "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c"; | 245 | version = "73aed75146b81aaf67c4301353790ff5a17aed1f"; |
246 | src = fetchgit { | 246 | src = fetchgit { |
247 | url = "https://github.com/ErikReider/SwayOSD"; | 247 | url = "https://github.com/ErikReider/SwayOSD"; |
248 | rev = "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c"; | 248 | rev = "73aed75146b81aaf67c4301353790ff5a17aed1f"; |
249 | fetchSubmodules = false; | 249 | fetchSubmodules = false; |
250 | deepClone = false; | 250 | deepClone = false; |
251 | leaveDotGit = false; | 251 | leaveDotGit = false; |
252 | sparseCheckout = [ ]; | 252 | sparseCheckout = [ ]; |
253 | sha256 = "sha256-Z9c/5jKxs5ctUuVu7g+BXA1Wy4lyZLpGATtj2jd84jI="; | 253 | sha256 = "sha256-p31HNelptAw7Sk0NmYP4FkoUCdA5uAsrXC20JJp24Vw="; |
254 | }; | 254 | }; |
255 | date = "2025-04-20"; | 255 | date = "2025-07-07"; |
256 | }; | 256 | }; |
257 | tomorrow-night-paradise-theme = { | 257 | tomorrow-night-paradise-theme = { |
258 | pname = "tomorrow-night-paradise-theme"; | 258 | pname = "tomorrow-night-paradise-theme"; |
@@ -270,34 +270,34 @@ | |||
270 | }; | 270 | }; |
271 | v4l2loopback = { | 271 | v4l2loopback = { |
272 | pname = "v4l2loopback"; | 272 | pname = "v4l2loopback"; |
273 | version = "8d806ad688961d8840081a609c39d1a82d296b24"; | 273 | version = "e3fb6825ebb4bc6da2e15a515e24769d76c93332"; |
274 | src = fetchFromGitHub { | 274 | src = fetchFromGitHub { |
275 | owner = "umlaeute"; | 275 | owner = "umlaeute"; |
276 | repo = "v4l2loopback"; | 276 | repo = "v4l2loopback"; |
277 | rev = "8d806ad688961d8840081a609c39d1a82d296b24"; | 277 | rev = "e3fb6825ebb4bc6da2e15a515e24769d76c93332"; |
278 | fetchSubmodules = true; | 278 | fetchSubmodules = true; |
279 | sha256 = "sha256-zuE/qFI8QCWCePmHWjTIPTh2KzmDkwQ2uj5C1dAwo1c="; | 279 | sha256 = "sha256-cgxdWuIwmNaOIYmMA1mEvC+1FQFhTGsffVv71md5yXo="; |
280 | }; | 280 | }; |
281 | date = "2025-04-29"; | 281 | date = "2025-07-08"; |
282 | }; | 282 | }; |
283 | xcompose = { | 283 | xcompose = { |
284 | pname = "xcompose"; | 284 | pname = "xcompose"; |
285 | version = "8b5a6a0c788fd0a4b921d9d3737174defb863873"; | 285 | version = "4d8eab4d05a19537ce79294ae0459fdae78ffb20"; |
286 | src = fetchFromGitHub { | 286 | src = fetchFromGitHub { |
287 | owner = "kragen"; | 287 | owner = "kragen"; |
288 | repo = "xcompose"; | 288 | repo = "xcompose"; |
289 | rev = "8b5a6a0c788fd0a4b921d9d3737174defb863873"; | 289 | rev = "4d8eab4d05a19537ce79294ae0459fdae78ffb20"; |
290 | fetchSubmodules = false; | 290 | fetchSubmodules = false; |
291 | sha256 = "sha256-6EjQErdBOd5hqcrdaf88E1UZVYIc3FOfv34hvUwOWdA="; | 291 | sha256 = "sha256-vKY4u5Z2IL111orLLkkF4AoVzqluKG/VQhNUUCqO/k8="; |
292 | }; | 292 | }; |
293 | date = "2025-03-11"; | 293 | date = "2025-06-05"; |
294 | }; | 294 | }; |
295 | yt-dlp = { | 295 | yt-dlp = { |
296 | pname = "yt-dlp"; | 296 | pname = "yt-dlp"; |
297 | version = "2025.4.30"; | 297 | version = "2025.6.30"; |
298 | src = fetchurl { | 298 | src = fetchurl { |
299 | url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.4.30.tar.gz"; | 299 | url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.30.tar.gz"; |
300 | sha256 = "sha256-0BNn0MOulONcseLsy3p8cOGBxMpEj07iN08mSJ0mNgM="; | 300 | sha256 = "sha256-bQroVcClW/zCjf+6gE7IUlublV00pBGRoVYaTOwD2L0="; |
301 | }; | 301 | }; |
302 | }; | 302 | }; |
303 | } | 303 | } |
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index e07362fc..a1a694ea 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix | |||
@@ -71,6 +71,7 @@ in { | |||
71 | imports = [ | 71 | imports = [ |
72 | ./libvirt | 72 | ./libvirt |
73 | ./niri | 73 | ./niri |
74 | ./synadm | ||
74 | flakeInputs.nix-index-database.hmModules.nix-index | 75 | flakeInputs.nix-index-database.hmModules.nix-index |
75 | flakeInputs.impermanence.nixosModules.home-manager.impermanence | 76 | flakeInputs.impermanence.nixosModules.home-manager.impermanence |
76 | ]; | 77 | ]; |
@@ -171,6 +172,7 @@ in { | |||
171 | }; | 172 | }; |
172 | }; | 173 | }; |
173 | }; | 174 | }; |
175 | chromium.enable = true; | ||
174 | 176 | ||
175 | zathura = { | 177 | zathura = { |
176 | enable = true; | 178 | enable = true; |
@@ -282,6 +284,16 @@ in { | |||
282 | pro = "$HOME/projects/pro"; | 284 | pro = "$HOME/projects/pro"; |
283 | media = "$HOME/media"; | 285 | media = "$HOME/media"; |
284 | }; | 286 | }; |
287 | jq.colors = { | ||
288 | arrays = "1;37"; | ||
289 | "false" = "0;37"; | ||
290 | "null" = "2;37"; | ||
291 | numbers = "0;37"; | ||
292 | objectKeys = "1;34"; | ||
293 | objects = "1;37"; | ||
294 | strings = "0;32"; | ||
295 | "true" = "0;37"; | ||
296 | }; | ||
285 | 297 | ||
286 | obs-studio = { | 298 | obs-studio = { |
287 | enable = true; | 299 | enable = true; |
@@ -317,8 +329,10 @@ in { | |||
317 | # notify_on_cmd_finish = "invisible 120"; | 329 | # notify_on_cmd_finish = "invisible 120"; |
318 | }; | 330 | }; |
319 | keybindings = { | 331 | keybindings = { |
320 | "kitty_mod+n" = "detach_window"; | 332 | "kitty_mod+n" = "new_os_window_with_cwd"; |
321 | "kitty_mod+m" = "detach_window ask"; | 333 | "kitty_mod+m" = "detach_window ask"; |
334 | "kitty_mod+enter" = "new_window_with_cwd"; | ||
335 | "kitty_mod+t" = "new_tab_with_cwd"; | ||
322 | }; | 336 | }; |
323 | }; | 337 | }; |
324 | fuzzel = { | 338 | fuzzel = { |
@@ -331,7 +345,7 @@ in { | |||
331 | font = "Fira Sans"; | 345 | font = "Fira Sans"; |
332 | }; | 346 | }; |
333 | colors = { | 347 | colors = { |
334 | background = "000000aa"; | 348 | background = "000000cc"; |
335 | text = "cdd6f4ff"; | 349 | text = "cdd6f4ff"; |
336 | match = "94e2d5ff"; | 350 | match = "94e2d5ff"; |
337 | selection = "585b70ff"; | 351 | selection = "585b70ff"; |
@@ -352,6 +366,7 @@ in { | |||
352 | enable = true; | 366 | enable = true; |
353 | settings.show_banner = false; | 367 | settings.show_banner = false; |
354 | }; | 368 | }; |
369 | fd.enable = true; | ||
355 | }; | 370 | }; |
356 | 371 | ||
357 | services = { | 372 | services = { |
@@ -477,6 +492,13 @@ in { | |||
477 | }; | 492 | }; |
478 | }; | 493 | }; |
479 | 494 | ||
495 | qt.kde.settings = { | ||
496 | kwalletrc = { | ||
497 | KSecretD.Enabled = false; | ||
498 | Wallet."Default Wallet" = "store"; | ||
499 | }; | ||
500 | }; | ||
501 | |||
480 | xsession.preferStatusNotifierItems = true; | 502 | xsession.preferStatusNotifierItems = true; |
481 | 503 | ||
482 | xresources.properties = import ./xresources.nix; | 504 | xresources.properties = import ./xresources.nix; |
@@ -488,16 +510,15 @@ in { | |||
488 | wrappedYTMDesktop libsForQt5.qt5ct playerctl evince papers | 510 | wrappedYTMDesktop libsForQt5.qt5ct playerctl evince papers |
489 | thunderbird zoom-us xdg-desktop-portal steam steam-run | 511 | thunderbird zoom-us xdg-desktop-portal steam steam-run |
490 | wireshark virt-manager rclone cached-nix-shell worktime | 512 | wireshark virt-manager rclone cached-nix-shell worktime |
491 | fira-code-symbols libreoffice xournalpp google-chrome | 513 | fira-code-symbols libreoffice xournalpp |
492 | nixos-shell virt-viewer freerdp gnome-icon-theme | 514 | nixos-shell virt-viewer freerdp gnome-icon-theme |
493 | paper-icon-theme sshpassSecret weechat element-desktop | 515 | paper-icon-theme sshpassSecret weechat element-desktop |
494 | sieve-connect gimp3 inkscape udiskie glab nitrokey-app | 516 | sieve-connect gimp3 inkscape udiskie glab nitrokey-app |
495 | pynitrokey gtklock wlrctl remmina openscad spice-record | 517 | pynitrokey gtklock wlrctl remmina openscad spice-record |
496 | libguestfs-with-appliance nerd-fonts.fira-mono | 518 | libguestfs-with-appliance nerd-fonts.fira-mono |
497 | nerd-fonts.symbols-only nerd-fonts.fira-code powerline-fonts | 519 | nerd-fonts.symbols-only nerd-fonts.fira-code powerline-fonts |
498 | swtpm (hunspellWithDicts (with hunspellDicts; [en_GB-large de_DE])) | 520 | swtpm (hunspell.withDicts (dicts: with dicts; [en_GB-large de_DE])) |
499 | libation | 521 | libation libqalculate |
500 | # synadm | ||
501 | ] ++ mapAttrsToList (_name: pkg: pkgs.callPackage pkg {}) (customUtils.nixImport { dir = ./utils; }); | 522 | ] ++ mapAttrsToList (_name: pkg: pkgs.callPackage pkg {}) (customUtils.nixImport { dir = ./utils; }); |
502 | 523 | ||
503 | file = { | 524 | file = { |
@@ -520,6 +541,7 @@ in { | |||
520 | STACK_XDG = 1; | 541 | STACK_XDG = 1; |
521 | EDITOR = lib.getExe' editor "emacsclient"; | 542 | EDITOR = lib.getExe' editor "emacsclient"; |
522 | RCLONE_PASSWORD_COMMAND = "${lib.getExe' pkgs.libsecret "secret-tool"} lookup service rclone"; | 543 | RCLONE_PASSWORD_COMMAND = "${lib.getExe' pkgs.libsecret "secret-tool"} lookup service rclone"; |
544 | SYSTEMD_TINT_BACKGROUND = "false"; | ||
523 | }; | 545 | }; |
524 | 546 | ||
525 | extraProfileCommands = '' | 547 | extraProfileCommands = '' |
@@ -556,9 +578,17 @@ in { | |||
556 | General = { | 578 | General = { |
557 | dot_as_separator = 0; | 579 | dot_as_separator = 0; |
558 | }; | 580 | }; |
581 | Mode = { | ||
582 | calculate_as_you_type = 1; | ||
583 | }; | ||
559 | }; | 584 | }; |
560 | }; | 585 | }; |
561 | "emacs/init.el".source = ./emacs.el; | 586 | "emacs/init.el".source = pkgs.substitute { |
587 | src = ./emacs.el; | ||
588 | substitutions = [ | ||
589 | "--subst-var-by" "ksshaskpass" (lib.getExe pkgs.kdePackages.ksshaskpass) | ||
590 | ]; | ||
591 | }; | ||
562 | "systemd/user/xdg-desktop-portal.service.d/after-graphical-session.conf".text = '' | 592 | "systemd/user/xdg-desktop-portal.service.d/after-graphical-session.conf".text = '' |
563 | [Unit] | 593 | [Unit] |
564 | After=graphical-session.target | 594 | After=graphical-session.target |
@@ -576,6 +606,8 @@ in { | |||
576 | xdg.dataFile = { | 606 | xdg.dataFile = { |
577 | "dbus-1/services/org.keepassxc.KeePassXC.service".source = "${wrappedKeepassxc}/share/dbus-1/services/org.keepassxc.KeePassXC.service"; | 607 | "dbus-1/services/org.keepassxc.KeePassXC.service".source = "${wrappedKeepassxc}/share/dbus-1/services/org.keepassxc.KeePassXC.service"; |
578 | "dbus-1/services/org.freedesktop.secrets.service.service".source = "${wrappedKeepassxc}/share/dbus-1/services/org.freedesktop.secrets.service.service"; | 608 | "dbus-1/services/org.freedesktop.secrets.service.service".source = "${wrappedKeepassxc}/share/dbus-1/services/org.freedesktop.secrets.service.service"; |
609 | "dbus-1/services/org.kde.kwalletd6.service".source = "${pkgs.kdePackages.kwallet}/share/dbus-1/services/org.kde.kwalletd6.service"; | ||
610 | "dbus-1/services/org.kde.kwalletd5.service".source = "${pkgs.kdePackages.kwallet}/share/dbus-1/services/org.kde.kwalletd5.service"; | ||
579 | "emoji-data/list.txt".source = pkgs.stdenv.mkDerivation { | 611 | "emoji-data/list.txt".source = pkgs.stdenv.mkDerivation { |
580 | inherit (sources.emoji-data) pname src; | 612 | inherit (sources.emoji-data) pname src; |
581 | version = lib.removePrefix "v" sources.emoji-data.version; | 613 | version = lib.removePrefix "v" sources.emoji-data.version; |
@@ -663,11 +695,11 @@ in { | |||
663 | exec -- \ | 695 | exec -- \ |
664 | ${lib.getExe' config.systemd.package "systemd-run"} --wait --user --slice-inherit \ | 696 | ${lib.getExe' config.systemd.package "systemd-run"} --wait --user --slice-inherit \ |
665 | --property 'CPUAccounting=yes' --property 'CPUQuotaPeriodSec=50ms' \ | 697 | --property 'CPUAccounting=yes' --property 'CPUQuotaPeriodSec=50ms' \ |
666 | --property 'Environment=DSCP=46' \ | 698 | -E DSCP=46 -E NIXOS_OZONE_WL \ |
667 | -- ${lib.getExe pkgs.dscp} ${lib.getExe' pkgs.google-chrome "google-chrome-stable"} \ | 699 | -- ${lib.getExe pkgs.dscp} ${lib.getExe cfg.programs.chromium.package} \ |
668 | --class=Rainbow \ | 700 | --class=Rainbow \ |
669 | --kiosk "https://web.openrainbow.com" \ | 701 | --app="https://web.openrainbow.com" \ |
670 | --user-data-dir=''${HOME}/.config/google-chrome-rainbow | 702 | --user-data-dir=''${HOME}/.config/chromium-rainbow |
671 | ''); | 703 | ''); |
672 | icon = pkgs.fetchurl { | 704 | icon = pkgs.fetchurl { |
673 | url = "https://web.openrainbow.com/rb/2.139.17/assets/skins/rainbow/images/homepage/logo__rainbow.svg"; | 705 | url = "https://web.openrainbow.com/rb/2.139.17/assets/skins/rainbow/images/homepage/logo__rainbow.svg"; |
@@ -677,6 +709,42 @@ in { | |||
677 | StartupWMClass = "Rainbow"; | 709 | StartupWMClass = "Rainbow"; |
678 | }; | 710 | }; |
679 | }; | 711 | }; |
712 | kimai = { | ||
713 | name = "Kimai"; | ||
714 | exec = toString (pkgs.writeShellScript "kimai" '' | ||
715 | exec -- \ | ||
716 | ${lib.getExe cfg.programs.chromium.package} \ | ||
717 | --class=Kimai \ | ||
718 | --app="https://kimai.yggdrasil.li" \ | ||
719 | --user-data-dir=''${HOME}/.config/chromium-kimai | ||
720 | ''); | ||
721 | icon = pkgs.fetchurl { | ||
722 | url = "https://www.kimai.org/images/kimai_logo.png"; | ||
723 | hash = "sha256-lnlOttzR2SwXA70R+egJUkeKr4U5V0avqTk8uX4bqfs="; | ||
724 | }; | ||
725 | settings = { | ||
726 | StartupWMClass = "Kimai"; | ||
727 | StartupNotify = "true"; | ||
728 | }; | ||
729 | }; | ||
730 | audiobookshelf = { | ||
731 | name = "Audiobookshelf"; | ||
732 | exec = toString (pkgs.writeShellScript "audiobookshelf" '' | ||
733 | exec -- \ | ||
734 | ${lib.getExe cfg.programs.chromium.package} \ | ||
735 | --class=Audiobookshelf \ | ||
736 | --app="https://audiobookshelf.yggdrasil.li" \ | ||
737 | --user-data-dir=''${HOME}/.config/chromium-audiobookshelf | ||
738 | ''); | ||
739 | icon = pkgs.fetchurl { | ||
740 | url = "https://www.audiobookshelf.org/Logo.png"; | ||
741 | hash = "sha256-JGPk+WNT1C4DC4lSMb0K0YmAMT5LvmSOeO0QRzkc7Lk="; | ||
742 | }; | ||
743 | settings = { | ||
744 | StartupWMClass = "Audiobookshelf"; | ||
745 | StartupNotify = "true"; | ||
746 | }; | ||
747 | }; | ||
680 | thunderbird-lmu = { | 748 | thunderbird-lmu = { |
681 | name = "Thunderbird (LMU)"; | 749 | name = "Thunderbird (LMU)"; |
682 | exec = "thunderbird --name thunderbird -P lmu %U"; | 750 | exec = "thunderbird --name thunderbird -P lmu %U"; |
diff --git a/accounts/gkleen@sif/emacs.el b/accounts/gkleen@sif/emacs.el index 563c5d0b..3beefba6 100644 --- a/accounts/gkleen@sif/emacs.el +++ b/accounts/gkleen@sif/emacs.el | |||
@@ -254,3 +254,5 @@ necessarily running." | |||
254 | (bind-key "C-x C-m" #'move-file) | 254 | (bind-key "C-x C-m" #'move-file) |
255 | 255 | ||
256 | (let ((ssh_auth_sock (string-chop-newline (shell-command-to-string "gpgconf --list-dirs agent-ssh-socket")))) (setenv "SSH_AUTH_SOCK" ssh_auth_sock)) | 256 | (let ((ssh_auth_sock (string-chop-newline (shell-command-to-string "gpgconf --list-dirs agent-ssh-socket")))) (setenv "SSH_AUTH_SOCK" ssh_auth_sock)) |
257 | (setenv "SSH_ASKPASS_REQUIRE" "prefer") | ||
258 | (setenv "SSH_ASKPASS" "@ksshaskpass@") | ||
diff --git a/accounts/gkleen@sif/niri/default.nix b/accounts/gkleen@sif/niri/default.nix index 924d3843..35a3d799 100644 --- a/accounts/gkleen@sif/niri/default.nix +++ b/accounts/gkleen@sif/niri/default.nix | |||
@@ -3,6 +3,7 @@ let | |||
3 | cfg = config.programs.niri; | 3 | cfg = config.programs.niri; |
4 | 4 | ||
5 | kdl = flakeInputs.niri-flake.lib.kdl; | 5 | kdl = flakeInputs.niri-flake.lib.kdl; |
6 | sleaf = name: arg: kdl.node name [arg] []; | ||
6 | 7 | ||
7 | niri = cfg.package; | 8 | niri = cfg.package; |
8 | terminal = lib.getExe config.programs.kitty.package; | 9 | terminal = lib.getExe config.programs.kitty.package; |
@@ -35,7 +36,11 @@ let | |||
35 | if jq -e '.is_focused' <<<"$window_json" >/dev/null; then | 36 | if jq -e '.is_focused' <<<"$window_json" >/dev/null; then |
36 | niri msg action focus-workspace-previous | 37 | niri msg action focus-workspace-previous |
37 | else | 38 | else |
38 | niri msg action focus-window --id "$(jq -r '.id' <<<"$window_json")" | 39 | if [[ $(jq -r --arg workspace_name "$workspace_name" 'map(select(.name == $workspace_name)) | .[0].is_focused' <<<"$workspaces_json") != "true" ]] && [[ $(jq -r --arg workspace_name "$workspace_name" 'map(select(.name == $workspace_name)) | .[0].id' <<<"$workspaces_json") = $(jq -r '.workspace_id' <<<"$window_json") ]]; then |
40 | niri msg action focus-workspace "$workspace_name" | ||
41 | else | ||
42 | niri msg action focus-window --id "$(jq -r '.id' <<<"$window_json")" | ||
43 | fi | ||
39 | fi | 44 | fi |
40 | exit 0 | 45 | exit 0 |
41 | fi | 46 | fi |
@@ -45,7 +50,6 @@ let | |||
45 | ''; | 50 | ''; |
46 | }; | 51 | }; |
47 | focus-or-spawn-action = config.lib.niri.actions.spawn (lib.getExe focus_or_spawn); | 52 | focus-or-spawn-action = config.lib.niri.actions.spawn (lib.getExe focus_or_spawn); |
48 | focus-or-spawn-action-app_id = app_id: focus-or-spawn-action ''select(.app_id == "${app_id}")''; | ||
49 | 53 | ||
50 | with_adjacent_workspace = pkgs.writeShellApplication { | 54 | with_adjacent_workspace = pkgs.writeShellApplication { |
51 | name = "with-adjacent-workspace"; | 55 | name = "with-adjacent-workspace"; |
@@ -84,7 +88,7 @@ let | |||
84 | }; | 88 | }; |
85 | with-adjacent-workspace-action = config.lib.niri.actions.spawn (lib.getExe with_adjacent_workspace) "^${lib.concatMapStringsSep "|" ({ name, ...}: name) cfg.scratchspaces}$"; | 89 | with-adjacent-workspace-action = config.lib.niri.actions.spawn (lib.getExe with_adjacent_workspace) "^${lib.concatMapStringsSep "|" ({ name, ...}: name) cfg.scratchspaces}$"; |
86 | focus-adjacent-workspace = direction: with-adjacent-workspace-action direction ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}''; | 90 | focus-adjacent-workspace = direction: with-adjacent-workspace-action direction ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}''; |
87 | move-column-to-adjacent-workspace = direction: with-adjacent-workspace-action direction ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}}}}''; | 91 | move-column-to-adjacent-workspace = direction: with-adjacent-workspace-action direction ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}, "focus": true}}}''; |
88 | 92 | ||
89 | with_unnamed_workspace = pkgs.writeShellApplication { | 93 | with_unnamed_workspace = pkgs.writeShellApplication { |
90 | name = "with-unnamed-workspace"; | 94 | name = "with-unnamed-workspace"; |
@@ -131,7 +135,7 @@ let | |||
131 | 135 | ||
132 | windows_json="$(niri msg -j windows)" | 136 | windows_json="$(niri msg -j windows)" |
133 | active_workspace="$(jq -r '.[] | select(.is_focused) | .workspace_id' <<<"$windows_json")" | 137 | active_workspace="$(jq -r '.[] | select(.is_focused) | .workspace_id' <<<"$windows_json")" |
134 | window_ix="$(gojq -r --arg active_workspace "$active_workspace" '.[] | select('"$window_select"') | "\(.title)\u0000icon\u001f\(.app_id)"' <<<"$windows_json" | fuzzel --log-level=warning --dmenu --index)" | 138 | window_ix="$(gojq -r --arg active_workspace "$active_workspace" '.[] | select('"$window_select"') | "\(.title)\u0000icon\u001f\(.app_id)"' <<<"$windows_json" | fuzzel --width=60 --log-level=warning --dmenu --index)" |
135 | # shellcheck disable=SC2016 | 139 | # shellcheck disable=SC2016 |
136 | window_json="$(gojq -rc --arg active_workspace "$active_workspace" --arg window_ix "$window_ix" 'map(select('"$window_select"')) | .[($window_ix | tonumber)]' <<<"$windows_json")" | 140 | window_json="$(gojq -rc --arg active_workspace "$active_workspace" --arg window_ix "$window_ix" 'map(select('"$window_select"')) | .[($window_ix | tonumber)]' <<<"$windows_json")" |
137 | 141 | ||
@@ -141,6 +145,25 @@ let | |||
141 | ''; | 145 | ''; |
142 | }; | 146 | }; |
143 | with-select-window-action = config.lib.niri.actions.spawn (lib.getExe with_select_window); | 147 | with-select-window-action = config.lib.niri.actions.spawn (lib.getExe with_select_window); |
148 | |||
149 | with_predicate_window = pred: pkgs.writeShellApplication { | ||
150 | name = "with-predicate-window"; | ||
151 | runtimeInputs = [ niri pkgs.gojq pkgs.socat ]; | ||
152 | text = '' | ||
153 | action="$1" | ||
154 | shift | ||
155 | |||
156 | windows_json="$(niri msg -j windows)" | ||
157 | window_json="$(gojq -rc 'map(select(${pred})) | .[0]' <<<"$windows_json")" | ||
158 | |||
159 | [[ -z "$window_json" || $window_json = "null" ]] && exit 1 | ||
160 | |||
161 | jq -c "$action" <<<"$window_json" | socat STDIO "$NIRI_SOCKET" | ||
162 | ''; | ||
163 | }; | ||
164 | |||
165 | with-urgent-window-action = config.lib.niri.actions.spawn (lib.getExe (with_predicate_window ".is_urgent")); | ||
166 | with-focused-window-action = config.lib.niri.actions.spawn (lib.getExe (with_predicate_window ".is_focused")); | ||
144 | in { | 167 | in { |
145 | imports = [ | 168 | imports = [ |
146 | ./waybar.nix | 169 | ./waybar.nix |
@@ -171,6 +194,17 @@ in { | |||
171 | type = lib.types.nullOr lib.types.str; | 194 | type = lib.types.nullOr lib.types.str; |
172 | default = null; | 195 | default = null; |
173 | }; | 196 | }; |
197 | moveKey = lib.mkOption { | ||
198 | type = lib.types.nullOr lib.types.str; | ||
199 | default = let | ||
200 | keys = lib.splitString "+" config.key; | ||
201 | defMoveKey = lib.concatStringsSep "+" (lib.flatten [ | ||
202 | (lib.take (lib.length keys - 1) keys) | ||
203 | ["Shift"] | ||
204 | (lib.takeEnd 1 keys) | ||
205 | ]); | ||
206 | in if config.key == null then null else defMoveKey; | ||
207 | }; | ||
174 | spawn = lib.mkOption { | 208 | spawn = lib.mkOption { |
175 | type = lib.types.nullOr (lib.types.listOf lib.types.str); | 209 | type = lib.types.nullOr (lib.types.listOf lib.types.str); |
176 | default = null; | 210 | default = null; |
@@ -416,8 +450,8 @@ in { | |||
416 | { title = "^Access Request.*"; } | 450 | { title = "^Access Request.*"; } |
417 | { title = ".*Passkey credentials$"; } | 451 | { title = ".*Passkey credentials$"; } |
418 | ]; | 452 | ]; |
419 | windowRuleExtra = [ | 453 | windowRuleExtra = with kdl; [ |
420 | (kdl.leaf "open-focused" false) | 454 | (sleaf "open-focused" false) |
421 | ]; | 455 | ]; |
422 | key = "Mod+Control+P"; | 456 | key = "Mod+Control+P"; |
423 | app-id = "org.keepassxc.KeePassXC"; | 457 | app-id = "org.keepassxc.KeePassXC"; |
@@ -444,6 +478,20 @@ in { | |||
444 | app-id = "com.github.wwmm.easyeffects"; | 478 | app-id = "com.github.wwmm.easyeffects"; |
445 | spawn = [ "easyeffects" ]; | 479 | spawn = [ "easyeffects" ]; |
446 | } | 480 | } |
481 | { name = "time"; | ||
482 | key = "Mod+Control+K"; | ||
483 | app-id = "chrome-kimai.yggdrasil.li__-Default"; | ||
484 | spawn = [ (toString (pkgs.resholve.writeScript "kimai" { | ||
485 | interpreter = pkgs.runtimeShell; | ||
486 | inputs = [ pkgs.dex ]; | ||
487 | execer = [ "cannot:${lib.getExe pkgs.dex}" ]; | ||
488 | } '' | ||
489 | exec dex $HOME/.local/state/nix/profile/share/applications/kimai.desktop | ||
490 | '')) ]; | ||
491 | windowRuleExtra = with kdl; [ | ||
492 | (sleaf "block-out-from" "screencast") | ||
493 | ]; | ||
494 | } | ||
447 | ]; | 495 | ]; |
448 | programs.niri.config = | 496 | programs.niri.config = |
449 | let | 497 | let |
@@ -453,10 +501,12 @@ in { | |||
453 | then v | 501 | then v |
454 | else null; | 502 | else null; |
455 | opt-props = lib.filterAttrs (lib.const (value: value != null)); | 503 | opt-props = lib.filterAttrs (lib.const (value: value != null)); |
504 | normalize-nodes = nodes: lib.remove null (lib.flatten nodes); | ||
456 | in | 505 | in |
457 | [ (flag "prefer-no-csd") | 506 | normalize-nodes [ |
507 | (flag "prefer-no-csd") | ||
458 | 508 | ||
459 | (leaf "screenshot-path" "~/screenshots/%Y-%m-%dT%H:%M:%S.png") | 509 | (sleaf "screenshot-path" "~/screenshots/%Y-%m-%dT%H:%M:%S.png") |
460 | 510 | ||
461 | (plain "hotkey-overlay" [ | 511 | (plain "hotkey-overlay" [ |
462 | (flag "skip-at-startup") | 512 | (flag "skip-at-startup") |
@@ -464,27 +514,27 @@ in { | |||
464 | 514 | ||
465 | (plain "input" [ | 515 | (plain "input" [ |
466 | (plain "keyboard" [ | 516 | (plain "keyboard" [ |
467 | (leaf "repeat-delay" 300) | 517 | (sleaf "repeat-delay" 300) |
468 | (leaf "repeat-rate" 50) | 518 | (sleaf "repeat-rate" 50) |
469 | 519 | ||
470 | (plain "xkb" [ | 520 | (plain "xkb" [ |
471 | (leaf "layout" "us,us") | 521 | (sleaf "layout" "us,us") |
472 | (leaf "variant" "dvp,") | 522 | (sleaf "variant" "dvp,") |
473 | (leaf "options" "compose:caps,grp:win_space_toggle") | 523 | (sleaf "options" "compose:caps,grp:win_space_toggle") |
474 | ]) | 524 | ]) |
475 | ]) | 525 | ]) |
476 | 526 | ||
477 | (flag "workspace-auto-back-and-forth") | 527 | (flag "workspace-auto-back-and-forth") |
478 | # (leaf "focus-follows-mouse" {}) | 528 | # (sleaf "focus-follows-mouse" {}) |
479 | # (flag "warp-mouse-to-focus") | 529 | # (flag "warp-mouse-to-focus") |
480 | 530 | ||
481 | # (plain "touchpad" [ (flag "off") ]) | 531 | # (plain "touchpad" [ (flag "off") ]) |
482 | (plain "trackball" [ | 532 | (plain "trackball" [ |
483 | (leaf "scroll-method" "on-button-down") | 533 | (sleaf "scroll-method" "on-button-down") |
484 | (leaf "scroll-button" 278) | 534 | (sleaf "scroll-button" 278) |
485 | ]) | 535 | ]) |
486 | (plain "touch" [ | 536 | (plain "touch" [ |
487 | (leaf "map-to-output" "eDP-1") | 537 | (sleaf "map-to-output" "eDP-1") |
488 | ]) | 538 | ]) |
489 | ]) | 539 | ]) |
490 | 540 | ||
@@ -492,7 +542,7 @@ in { | |||
492 | (plain "hot-corners" [(flag "off")]) | 542 | (plain "hot-corners" [(flag "off")]) |
493 | ]) | 543 | ]) |
494 | 544 | ||
495 | (plain "environment" (lib.mapAttrsToList leaf { | 545 | (plain "environment" (lib.mapAttrsToList sleaf { |
496 | NIXOS_OZONE_WL = "1"; | 546 | NIXOS_OZONE_WL = "1"; |
497 | QT_QPA_PLATFORM = "wayland"; | 547 | QT_QPA_PLATFORM = "wayland"; |
498 | QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; | 548 | QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; |
@@ -500,49 +550,52 @@ in { | |||
500 | SDL_VIDEODRIVER = "wayland"; | 550 | SDL_VIDEODRIVER = "wayland"; |
501 | DISPLAY = ":0"; | 551 | DISPLAY = ":0"; |
502 | ELECTRON_OZONE_PLATFORM_HINT = "auto"; | 552 | ELECTRON_OZONE_PLATFORM_HINT = "auto"; |
553 | SSH_ASKPASS_REQUIRE = "prefer"; | ||
554 | SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; | ||
555 | SUDO_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; | ||
503 | })) | 556 | })) |
504 | 557 | ||
505 | (node "output" "eDP-1" [ | 558 | (node "output" ["eDP-1"] [ |
506 | (leaf "scale" 1.5) | 559 | (sleaf "scale" 1.5) |
507 | (leaf "position" { x = 0; y = 0; }) | 560 | (sleaf "position" { x = 0; y = 0; }) |
508 | ]) | 561 | ]) |
509 | (node "output" "Ancor Communications Inc ASUS PB287Q 0x0000DD9B" [ | 562 | (node "output" ["Ancor Communications Inc ASUS PB287Q 0x0000DD9B"] [ |
510 | (leaf "scale" 1.5) | 563 | (sleaf "scale" 1.5) |
511 | (leaf "position" { x = 2560; y = 0; }) | 564 | (sleaf "position" { x = 2560; y = 0; }) |
512 | ]) | 565 | ]) |
513 | (node "output" "HP Inc. HP 727pu CN4417143K" [ | 566 | (node "output" ["HP Inc. HP 727pu CN4417143K"] [ |
514 | (leaf "mode" "2560x1440@119.998") | 567 | (sleaf "mode" "2560x1440@119.998") |
515 | (leaf "scale" 1) | 568 | (sleaf "scale" 1) |
516 | (leaf "position" { x = 2560; y = 0; }) | 569 | (sleaf "position" { x = 2560; y = 0; }) |
517 | (flag "variable-refresh-rate") | 570 | (flag "variable-refresh-rate") |
518 | ]) | 571 | ]) |
519 | 572 | ||
520 | (plain "debug" [ | 573 | (plain "debug" [ |
521 | (leaf "render-drm-device" "/dev/dri/by-path/pci-0000:00:02.0-render") | 574 | (sleaf "render-drm-device" "/dev/dri/by-path/pci-0000:00:02.0-render") |
522 | ]) | 575 | ]) |
523 | 576 | ||
524 | (plain "animations" [ | 577 | (plain "animations" [ |
525 | (leaf "slowdown" 0.5) | 578 | (sleaf "slowdown" 0.5) |
526 | (plain "workspace-switch" [(flag "off")]) | 579 | (plain "workspace-switch" [(flag "off")]) |
527 | ]) | 580 | ]) |
528 | 581 | ||
529 | (plain "layout" [ | 582 | (plain "layout" [ |
530 | (leaf "gaps" 8) | 583 | (sleaf "gaps" 8) |
531 | (plain "struts" [ | 584 | (plain "struts" [ |
532 | (leaf "left" 26) | 585 | (sleaf "left" 26) |
533 | (leaf "right" 26) | 586 | (sleaf "right" 26) |
534 | (leaf "top" 0) | 587 | (sleaf "top" 0) |
535 | (leaf "bottom" 0) | 588 | (sleaf "bottom" 0) |
536 | ]) | 589 | ]) |
537 | (plain "border" [ | 590 | (plain "border" [ |
538 | (leaf "width" 2) | 591 | (sleaf "width" 2) |
539 | (leaf "active-gradient" { | 592 | (sleaf "active-gradient" { |
540 | from = "hsla(195 100% 45% 1)"; | 593 | from = "hsla(195 100% 45% 1)"; |
541 | to = "hsla(155 100% 37.5% 1)"; | 594 | to = "hsla(155 100% 37.5% 1)"; |
542 | angle = 29; | 595 | angle = 29; |
543 | relative-to = "workspace-view"; | 596 | relative-to = "workspace-view"; |
544 | }) | 597 | }) |
545 | (leaf "inactive-gradient" { | 598 | (sleaf "inactive-gradient" { |
546 | from = "hsla(0 0% 27.7% 1)"; | 599 | from = "hsla(0 0% 27.7% 1)"; |
547 | to = "hsla(0 0% 23% 1)"; | 600 | to = "hsla(0 0% 23% 1)"; |
548 | angle = 29; | 601 | angle = 29; |
@@ -553,29 +606,29 @@ in { | |||
553 | (flag "off") | 606 | (flag "off") |
554 | ]) | 607 | ]) |
555 | 608 | ||
556 | (plain "preset-column-widths" (map (prop: leaf "proportion" prop) [ | 609 | (plain "preset-column-widths" (map (prop: sleaf "proportion" prop) [ |
557 | (1. / 4.) (1. / 3.) (1. / 2.) (2. / 3.) (3. / 4.) (1.) | 610 | (1. / 4.) (1. / 3.) (1. / 2.) (2. / 3.) (3. / 4.) (1.) |
558 | ])) | 611 | ])) |
559 | (plain "default-column-width" [ (leaf "proportion" (1. / 2.)) ]) | 612 | (plain "default-column-width" [ (sleaf "proportion" (1. / 2.)) ]) |
560 | (plain "preset-window-heights" (map (prop: leaf "proportion" prop) [ | 613 | (plain "preset-window-heights" (map (prop: sleaf "proportion" prop) [ |
561 | (1. / 3.) (1. / 2.) (2. / 3.) (1.) | 614 | (1. / 3.) (1. / 2.) (2. / 3.) (1.) |
562 | ])) | 615 | ])) |
563 | 616 | ||
564 | (flag "always-center-single-column") | 617 | (flag "always-center-single-column") |
565 | 618 | ||
566 | (plain "tab-indicator" [ | 619 | (plain "tab-indicator" [ |
567 | (leaf "gap" 4) | 620 | (sleaf "gap" 4) |
568 | (leaf "width" 8) | 621 | (sleaf "width" 8) |
569 | (leaf "gaps-between-tabs" 4) | 622 | (sleaf "gaps-between-tabs" 4) |
570 | (flag "place-within-column") | 623 | (flag "place-within-column") |
571 | (leaf "length" { total-proportion = 1.; }) | 624 | (sleaf "length" { total-proportion = 1.; }) |
572 | (leaf "active-gradient" { | 625 | (sleaf "active-gradient" { |
573 | from = "hsla(195 100% 60% 0.75)"; | 626 | from = "hsla(195 100% 60% 0.75)"; |
574 | to = "hsla(155 100% 50% 0.75)"; | 627 | to = "hsla(155 100% 50% 0.75)"; |
575 | angle = 29; | 628 | angle = 29; |
576 | relative-to = "workspace-view"; | 629 | relative-to = "workspace-view"; |
577 | }) | 630 | }) |
578 | (leaf "inactive-gradient" { | 631 | (sleaf "inactive-gradient" { |
579 | from = "hsla(0 0% 42% 0.66)"; | 632 | from = "hsla(0 0% 42% 0.66)"; |
580 | to = "hsla(0 0% 35% 0.66)"; | 633 | to = "hsla(0 0% 35% 0.66)"; |
581 | angle = 29; | 634 | angle = 29; |
@@ -589,129 +642,140 @@ in { | |||
589 | ]) | 642 | ]) |
590 | 643 | ||
591 | (map (name: | 644 | (map (name: |
592 | (node "workspace" name [ | 645 | (node "workspace" [name] [ |
593 | (leaf "open-on-output" "eDP-1") | 646 | (sleaf "open-on-output" "eDP-1") |
594 | ]) | 647 | ]) |
595 | ) (map ({name, ...}: name) cfg.scratchspaces)) | 648 | ) (map ({name, ...}: name) cfg.scratchspaces)) |
596 | (map (name: | 649 | (map (name: |
597 | (leaf "workspace" name) | 650 | (sleaf "workspace" name) |
598 | ) ["comm" "web" "vid" "bmr"]) | 651 | ) ["comm" "web" "vid" "bmr"]) |
599 | 652 | ||
600 | (plain "window-rule" [ | 653 | (plain "window-rule" [ |
601 | (leaf "clip-to-geometry" true) | 654 | (sleaf "clip-to-geometry" true) |
602 | ]) | 655 | ]) |
603 | 656 | ||
604 | (plain "window-rule" [ | 657 | (plain "window-rule" [ |
605 | (leaf "match" { is-floating = true; }) | 658 | (sleaf "match" { is-floating = true; }) |
606 | (leaf "geometry-corner-radius" 8) | 659 | (sleaf "geometry-corner-radius" 8) |
607 | (plain "shadow" [ (flag "on") ]) | 660 | (plain "shadow" [ (flag "on") ]) |
608 | ]) | 661 | ]) |
609 | 662 | ||
610 | (plain "window-rule" [ | 663 | (plain "window-rule" [ |
611 | (leaf "match" { app-id = "^org\\.keepassxc\\.KeePassXC$"; }) | 664 | (sleaf "match" { app-id = "^org\\.keepassxc\\.KeePassXC$"; }) |
612 | (leaf "block-out-from" "screencast") | 665 | (sleaf "block-out-from" "screencast") |
613 | ]) | 666 | ]) |
614 | (plain "window-rule" [ | 667 | (plain "window-rule" (normalize-nodes [ |
615 | (map (title: | 668 | (map (title: |
616 | (leaf "match" { app-id = "^org\\.keepassxc\\.KeePassXC$"; inherit title; }) | 669 | (sleaf "match" { app-id = "^org\\.keepassxc\\.KeePassXC$"; inherit title; }) |
617 | ) ["^Unlock Database.*" "^Access Request.*" ".*Passkey credentials$"]) | 670 | ) ["^Unlock Database.*" "^Access Request.*" ".*Passkey credentials$" "Browser Access Request$"]) |
618 | (leaf "open-focused" true) | 671 | (sleaf "open-focused" true) |
619 | (leaf "open-floating" true) | 672 | (sleaf "open-floating" true) |
620 | ]) | 673 | ])) |
621 | 674 | ||
622 | (map ({ name, match, exclude, windowRuleExtra, ... }: | 675 | (map ({ name, match, exclude, windowRuleExtra, ... }: |
623 | (optional-node (match != []) (plain "window-rule" [ | 676 | (optional-node (match != []) (plain "window-rule" (normalize-nodes [ |
624 | (map (leaf "match") match) | 677 | (map (sleaf "match") match) |
625 | (map (leaf "exclude") exclude) | 678 | (map (sleaf "exclude") exclude) |
626 | (leaf "open-on-workspace" name) | 679 | (sleaf "open-on-workspace" name) |
627 | (leaf "open-maximized" true) | 680 | (sleaf "open-maximized" true) |
628 | windowRuleExtra | 681 | windowRuleExtra |
629 | ])) | 682 | ]))) |
630 | ) cfg.scratchspaces) | 683 | ) cfg.scratchspaces) |
631 | 684 | ||
632 | (plain "window-rule" [ | 685 | (plain "window-rule" [ |
633 | (leaf "match" { app-id = "^emacs$"; }) | 686 | (sleaf "match" { app-id = "^emacs$"; }) |
634 | (leaf "match" { app-id = "^firefox$"; }) | 687 | (sleaf "match" { app-id = "^firefox$"; }) |
635 | (plain "default-column-width" [(leaf "proportion" (2. / 3.))]) | 688 | (plain "default-column-width" [(sleaf "proportion" (2. / 3.))]) |
636 | ]) | 689 | ]) |
637 | (plain "window-rule" [ | 690 | (plain "window-rule" [ |
638 | (leaf "match" { app-id = "^kitty$"; }) | 691 | (sleaf "match" { app-id = "^kitty$"; }) |
639 | (leaf "match" { app-id = "^kitty-play$"; }) | 692 | (sleaf "match" { app-id = "^kitty-play$"; }) |
640 | (plain "default-column-width" [(leaf "proportion" (1. / 3.))]) | 693 | (plain "default-column-width" [(sleaf "proportion" (1. / 3.))]) |
641 | ]) | 694 | ]) |
642 | 695 | ||
643 | (plain "window-rule" [ | 696 | (plain "window-rule" [ |
644 | (leaf "match" { app-id = "^thunderbird$"; }) | 697 | (sleaf "match" { app-id = "^thunderbird$"; }) |
645 | (leaf "match" { app-id = "^Element$"; }) | 698 | (sleaf "match" { app-id = "^Element$"; }) |
646 | (leaf "match" { app-id = "^Rainbow$"; }) | 699 | (sleaf "match" { app-id = "^chrome-web\.openrainbow\.com__-Default$"; }) |
647 | (leaf "open-on-workspace" "comm") | 700 | (sleaf "open-on-workspace" "comm") |
648 | ]) | 701 | ]) |
649 | (plain "window-rule" [ | 702 | (plain "window-rule" [ |
650 | (leaf "match" { app-id = "^firefox$"; }) | 703 | (sleaf "match" { app-id = "^firefox$"; }) |
651 | (leaf "open-on-workspace" "web") | 704 | (sleaf "open-on-workspace" "web") |
652 | (leaf "open-maximized" true) | 705 | (sleaf "open-maximized" true) |
653 | ]) | 706 | ]) |
654 | (plain "window-rule" [ | 707 | (plain "window-rule" [ |
655 | (leaf "match" { app-id = "^mpv$"; }) | 708 | (sleaf "match" { app-id = "^mpv$"; }) |
656 | (leaf "open-on-workspace" "vid") | 709 | (sleaf "open-on-workspace" "vid") |
657 | (plain "default-column-width" [(leaf "proportion" 1.)]) | 710 | (plain "default-column-width" [(sleaf "proportion" 1.)]) |
658 | ]) | 711 | ]) |
659 | (plain "window-rule" [ | 712 | (plain "window-rule" [ |
660 | (leaf "match" { app-id = "^kitty-play$"; }) | 713 | (sleaf "match" { app-id = "^kitty-play$"; }) |
661 | (leaf "open-on-workspace" "vid") | 714 | (sleaf "open-on-workspace" "vid") |
662 | (leaf "open-focused" false) | 715 | (sleaf "open-focused" false) |
663 | ]) | 716 | ]) |
664 | (plain "window-rule" [ | 717 | (plain "window-rule" [ |
665 | (leaf "match" { app-id = "^pdfpc$"; }) | 718 | (sleaf "match" { app-id = "^chrome-audiobookshelf\.yggdrasil\.li__-Default$"; }) |
666 | (plain "default-column-width" [(leaf "proportion" 1.)]) | 719 | (sleaf "match" { app-id = "^YouTube Music Desktop App$"; }) |
720 | (sleaf "open-on-workspace" "vid") | ||
667 | ]) | 721 | ]) |
668 | (plain "window-rule" [ | 722 | (plain "window-rule" [ |
669 | (leaf "match" { app-id = "^pdfpc$"; title = "^.*presentation.*$"; }) | 723 | (sleaf "match" { app-id = "^pdfpc$"; }) |
670 | (plain "default-column-width" [(leaf "proportion" 1.)]) | 724 | (plain "default-column-width" [(sleaf "proportion" 1.)]) |
671 | (leaf "open-fullscreen" true) | ||
672 | (leaf "open-on-workspace" "bmr") | ||
673 | (leaf "open-focused" false) | ||
674 | ]) | 725 | ]) |
675 | (plain "window-rule" [ | 726 | (plain "window-rule" [ |
676 | (map (leaf "match") [ | 727 | (sleaf "match" { app-id = "^pdfpc$"; title = "^.*presentation.*$"; }) |
728 | (plain "default-column-width" [(sleaf "proportion" 1.)]) | ||
729 | (sleaf "open-fullscreen" true) | ||
730 | (sleaf "open-on-workspace" "bmr") | ||
731 | (sleaf "open-focused" false) | ||
732 | ]) | ||
733 | (plain "window-rule" (normalize-nodes [ | ||
734 | (map (sleaf "match") [ | ||
677 | { app-id = "^Gimp-"; title = "^Quit GIMP$"; } | 735 | { app-id = "^Gimp-"; title = "^Quit GIMP$"; } |
678 | { app-id = "^org\\.kde\\.polkit-kde-authentication-agent-1$"; } | 736 | { app-id = "^org\\.kde\\.polkit-kde-authentication-agent-1$"; } |
679 | { app-id = "^xdg-desktop-portal-gtk$"; } | 737 | { app-id = "^xdg-desktop-portal-gtk$"; } |
680 | ]) | 738 | ]) |
681 | (leaf "open-floating" true) | 739 | (sleaf "open-floating" true) |
682 | ]) | 740 | ])) |
683 | (plain "window-rule" [ | 741 | (plain "window-rule" [ |
684 | (leaf "match" { app-id = "^org\\.pwmt\\.zathura$"; }) | 742 | (sleaf "match" { app-id = "^org\\.pwmt\\.zathura$"; }) |
685 | (leaf "match" { app-id = "^evince$"; }) | 743 | (sleaf "match" { app-id = "^evince$"; }) |
686 | (leaf "match" { app-id = "^org\\.gnome\\.Papers$"; }) | 744 | (sleaf "match" { app-id = "^org\\.gnome\\.Papers$"; }) |
687 | (leaf "default-column-display" "tabbed") | 745 | (sleaf "default-column-display" "tabbed") |
688 | ]) | 746 | ]) |
689 | 747 | ||
690 | (plain "layer-rule" [ | 748 | (plain "layer-rule" [ |
691 | (leaf "match" { namespace = "^notifications$"; }) | 749 | (sleaf "match" { namespace = "^notifications$"; }) |
692 | (leaf "match" { namespace = "^waybar$"; }) | 750 | (sleaf "match" { namespace = "^waybar$"; }) |
693 | (leaf "match" { namespace = "^launcher$"; }) | 751 | (sleaf "match" { namespace = "^launcher$"; }) |
694 | (leaf "block-out-from" "screencast") | 752 | (sleaf "block-out-from" "screencast") |
695 | ]) | 753 | ]) |
696 | 754 | ||
697 | (plain "binds" | 755 | (plain "binds" |
698 | (let | 756 | (let |
699 | bind = name: cfg: node name (opt-props { | 757 | bind = name: cfg: node name [(lib.removeAttrs cfg ["action"])] (lib.mapAttrsToList leaf (lib.removeAttrs cfg.action ["__functor"])); |
700 | cooldown-ms = cfg.cooldown-ms or null; | ||
701 | } | ||
702 | // (lib.optionalAttrs (!(cfg.repeat or true)) { | ||
703 | repeat = false; | ||
704 | }) | ||
705 | // (lib.optionalAttrs (cfg.allow-when-locked or false) { | ||
706 | allow-when-locked = true; | ||
707 | })) (lib.mapAttrsToList leaf (lib.removeAttrs cfg.action ["__functor"])); | ||
708 | in | 758 | in |
709 | [ | 759 | normalize-nodes [ |
710 | (lib.mapAttrsToList bind (with config.lib.niri.actions; { | 760 | (lib.mapAttrsToList bind (with config.lib.niri.actions; { |
711 | "Mod+Slash".action = show-hotkey-overlay; | 761 | "Mod+Slash".action = show-hotkey-overlay; |
712 | 762 | ||
713 | "Mod+Return".action = spawn terminal; | 763 | "Mod+Return".action = spawn terminal; |
714 | "Mod+Shift+Return".action = spawn terminal (lib.getExe config.programs.nushell.package); | 764 | "Mod+Shift+Return".action = |
765 | let | ||
766 | nushellKitty = pkgs.symlinkJoin { | ||
767 | name = "nushell-kitty"; | ||
768 | paths = [ config.programs.kitty.package ]; | ||
769 | buildInputs = [ pkgs.makeWrapper ]; | ||
770 | postBuild = '' | ||
771 | wrapProgram $out/bin/kitty \ | ||
772 | --add-flags "--config ${pkgs.writeText "kitty.conf" '' | ||
773 | include $HOME/${config.xdg.configFile."kitty/kitty.conf".target} | ||
774 | shell ${lib.getExe config.programs.nushell.package} | ||
775 | ''}" | ||
776 | ''; | ||
777 | }; | ||
778 | in spawn (lib.getExe' nushellKitty "kitty"); | ||
715 | "Mod+Q".action = close-window; | 779 | "Mod+Q".action = close-window; |
716 | "Mod+O".action = spawn (lib.getExe config.programs.fuzzel.package); | 780 | "Mod+O".action = spawn (lib.getExe config.programs.fuzzel.package); |
717 | "Mod+Shift+O".action = spawn (lib.getExe config.programs.fuzzel.package) "--list-executables-in-path"; | 781 | "Mod+Shift+O".action = spawn (lib.getExe config.programs.fuzzel.package) "--list-executables-in-path"; |
@@ -747,12 +811,12 @@ in { | |||
747 | done < <(export LC_ALL=C.UTF-8; echo; find "$RESULTS_DIR" -type f -printf $'%T@ %p\n' | sort -n | cut -d' ' -f2- | xargs -r cat) | 811 | done < <(export LC_ALL=C.UTF-8; echo; find "$RESULTS_DIR" -type f -printf $'%T@ %p\n' | sort -n | cut -d' ' -f2- | xargs -r cat) |
748 | $FOUND || echo | 812 | $FOUND || echo |
749 | } | 813 | } |
750 | FUZZEL_RES=$(prev | fuzzel --dmenu --prompt "qalc> ") || exit $? | 814 | FUZZEL_RES=$(prev | fuzzel --dmenu --prompt "qalc> " --width=60) || exit $? |
751 | if [[ "$FUZZEL_RES" =~ .*\ =\ .* ]]; then | 815 | if [[ "$FUZZEL_RES" =~ .*\ =\ .* ]]; then |
752 | QALC_RES="$FUZZEL_RES" | 816 | QALC_RES="$FUZZEL_RES" |
753 | QALC_RET=0 | 817 | QALC_RET=0 |
754 | else | 818 | else |
755 | QALC_RES=$(qalc "$FUZZEL_RES" 2>&1) | 819 | QALC_RES=$(qalc -set "autocalc off" "$FUZZEL_RES" 2>&1) |
756 | QALC_RET=$? | 820 | QALC_RET=$? |
757 | fi | 821 | fi |
758 | [[ -n "$QALC_RES" ]] || exit 1 | 822 | [[ -n "$QALC_RES" ]] || exit 1 |
@@ -772,11 +836,26 @@ in { | |||
772 | notify-send "$QALC_RES" | 836 | notify-send "$QALC_RES" |
773 | ''; | 837 | ''; |
774 | })); | 838 | })); |
839 | "Mod+Shift+U".action = | ||
840 | let | ||
841 | qalcKitty = pkgs.symlinkJoin { | ||
842 | name = "qalc-kitty"; | ||
843 | paths = [ config.programs.kitty.package ]; | ||
844 | buildInputs = [ pkgs.makeWrapper ]; | ||
845 | postBuild = '' | ||
846 | wrapProgram $out/bin/kitty \ | ||
847 | --add-flags "--config ${pkgs.writeText "kitty.conf" '' | ||
848 | include $HOME/${config.xdg.configFile."kitty/kitty.conf".target} | ||
849 | shell ${lib.getExe pkgs.libqalculate} | ||
850 | ''}" | ||
851 | ''; | ||
852 | }; | ||
853 | in spawn (lib.getExe' qalcKitty "kitty"); | ||
775 | "Mod+E".action = spawn (lib.getExe (pkgs.writeShellApplication { | 854 | "Mod+E".action = spawn (lib.getExe (pkgs.writeShellApplication { |
776 | name = "emoji-fuzzel"; | 855 | name = "emoji-fuzzel"; |
777 | runtimeInputs = with pkgs; [ config.programs.fuzzel.package wtype wl-clipboard-rs ]; | 856 | runtimeInputs = with pkgs; [ config.programs.fuzzel.package wtype wl-clipboard-rs ]; |
778 | text = '' | 857 | text = '' |
779 | FUZZEL_RES=$(fuzzel --dmenu --prompt "emoji> " <"$HOME"/.local/share/emoji-data/list.txt) || exit $? | 858 | FUZZEL_RES=$(fuzzel --dmenu --prompt "emoji> " --cache "$HOME"/.cache/fuzzel-emoji --width=60 <"$HOME"/.local/share/emoji-data/list.txt) || exit $? |
780 | [[ -n "$FUZZEL_RES" ]] || exit 1 | 859 | [[ -n "$FUZZEL_RES" ]] || exit 1 |
781 | wl-copy "$(cut -d ':' -f 1 <<<"$FUZZEL_RES" | tr -d '\n')" && wtype -k XF86Paste | 860 | wl-copy "$(cut -d ':' -f 1 <<<"$FUZZEL_RES" | tr -d '\n')" && wtype -k XF86Paste |
782 | ''; | 861 | ''; |
@@ -837,7 +916,7 @@ in { | |||
837 | "Mod+Shift+Asterisk".action = kdl.magic-leaf "move-column-to-workspace" "vid"; | 916 | "Mod+Shift+Asterisk".action = kdl.magic-leaf "move-column-to-workspace" "vid"; |
838 | 917 | ||
839 | "Mod+Plus".action = with-unnamed-workspace-action ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}''; | 918 | "Mod+Plus".action = with-unnamed-workspace-action ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}''; |
840 | "Mod+Shift+Plus".action = with-unnamed-workspace-action ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}}}}''; | 919 | "Mod+Shift+Plus".action = with-unnamed-workspace-action ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}, "focus": true}}}''; |
841 | 920 | ||
842 | "Mod+M".action = consume-or-expel-window-left; | 921 | "Mod+M".action = consume-or-expel-window-left; |
843 | "Mod+W".action = consume-or-expel-window-right; | 922 | "Mod+W".action = consume-or-expel-window-right; |
@@ -909,13 +988,20 @@ in { | |||
909 | "Mod+Comma".action = spawn makoctl "restore"; | 988 | "Mod+Comma".action = spawn makoctl "restore"; |
910 | 989 | ||
911 | "Mod+Control+W".action = with-empty-unnamed-workspace-action "{\"Action\":{\"FocusWorkspace\":{\"reference\":{\"Id\": $workspace_id}}}}"; | 990 | "Mod+Control+W".action = with-empty-unnamed-workspace-action "{\"Action\":{\"FocusWorkspace\":{\"reference\":{\"Id\": $workspace_id}}}}"; |
912 | "Mod+Control+Shift+W".action = with-empty-unnamed-workspace-action "{\"Action\":{\"MoveColumnToWorkspace\":{\"reference\":{\"Id\": $workspace_id}}}}"; | 991 | "Mod+Control+Shift+W".action = with-empty-unnamed-workspace-action "{\"Action\":{\"MoveColumnToWorkspace\":{\"reference\":{\"Id\": $workspace_id}, \"focus\": true}}}"; |
913 | 992 | ||
914 | "Mod+X".action = set-dynamic-cast-window; | 993 | "Mod+X".action = set-dynamic-cast-window; |
915 | "Mod+Shift+X".action = set-dynamic-cast-monitor; | 994 | "Mod+Shift+X".action = set-dynamic-cast-monitor; |
916 | "Mod+Control+Shift+X".action = clear-dynamic-cast-target; | 995 | "Mod+Control+Shift+X".action = clear-dynamic-cast-target; |
996 | |||
997 | "Mod+D".action = with-urgent-window-action "{\"Action\":{\"FocusWindow\":{\"id\": .id}}}"; | ||
998 | "Mod+Shift+D".action = with-focused-window-action "{\"Action\":{\"UnsetUrgent\":{\"id\": .id}}}"; | ||
999 | |||
1000 | "Mod+K".action = spawn (lib.getExe' pkgs.worktime "worktime-ui"); | ||
1001 | "Mod+Shift+K".action = spawn (lib.getExe' pkgs.worktime "worktime-stop"); | ||
917 | })) | 1002 | })) |
918 | (map ({ name, selector, spawn, key, ...}: if key != null && selector != null && spawn != null then bind key { action = focus-or-spawn-action selector name spawn; } else null) cfg.scratchspaces) | 1003 | (map ({ name, selector, spawn, key, ...}: if key != null && selector != null && spawn != null then bind key { action = focus-or-spawn-action selector name spawn; } else null) cfg.scratchspaces) |
1004 | (map ({ name, moveKey, ...}: if moveKey != null then bind moveKey { action = kdl.magic-leaf "move-column-to-workspace" name; } else null) cfg.scratchspaces) | ||
919 | ] | 1005 | ] |
920 | )) | 1006 | )) |
921 | ]; | 1007 | ]; |
diff --git a/accounts/gkleen@sif/niri/mako.nix b/accounts/gkleen@sif/niri/mako.nix index 274441ab..eba26caa 100644 --- a/accounts/gkleen@sif/niri/mako.nix +++ b/accounts/gkleen@sif/niri/mako.nix | |||
@@ -21,9 +21,11 @@ | |||
21 | "urgency=critical".background-color = "#900000dd"; | 21 | "urgency=critical".background-color = "#900000dd"; |
22 | "app-name=Element".group-by = "summary"; | 22 | "app-name=Element".group-by = "summary"; |
23 | "app-name=poweralertd" = { | 23 | "app-name=poweralertd" = { |
24 | history = false; | ||
24 | ignore-timeout = true; | 25 | ignore-timeout = true; |
25 | default-timeout = 2000; | 26 | default-timeout = 2000; |
26 | }; | 27 | }; |
28 | "app-name=worktime".history = false; | ||
27 | "mode=silent".invisible = true; | 29 | "mode=silent".invisible = true; |
28 | }; | 30 | }; |
29 | package = pkgs.symlinkJoin { | 31 | package = pkgs.symlinkJoin { |
diff --git a/accounts/gkleen@sif/niri/waybar.nix b/accounts/gkleen@sif/niri/waybar.nix index cc131c08..c02a9a76 100644 --- a/accounts/gkleen@sif/niri/waybar.nix +++ b/accounts/gkleen@sif/niri/waybar.nix | |||
@@ -27,8 +27,14 @@ in { | |||
27 | modules-right = [ "custom/worktime" "custom/worktime-today" | 27 | modules-right = [ "custom/worktime" "custom/worktime-today" |
28 | "custom/weather" | 28 | "custom/weather" |
29 | "custom/keymap" | 29 | "custom/keymap" |
30 | "privacy" "tray" "wireplumber" "backlight" "battery" "idle_inhibitor" "custom/mako" "clock" ]; | 30 | "privacy" "tray" "wireplumber" "backlight" "battery" "idle_inhibitor" "custom/mako" "custom/lid_inhibitor" "clock" ]; |
31 | 31 | ||
32 | "custom/lid_inhibitor" = { | ||
33 | format = "{}"; | ||
34 | return-type = "json"; | ||
35 | exec = lib.getExe pkgs.waybar-systemd-inhibit; | ||
36 | on-click = lib.getExe' pkgs.waybar-systemd-inhibit "waybar-systemd-inhibit-toggle"; | ||
37 | }; | ||
32 | "custom/mako" = { | 38 | "custom/mako" = { |
33 | format = "{}"; | 39 | format = "{}"; |
34 | return-type = "json"; | 40 | return-type = "json"; |
@@ -211,7 +217,7 @@ in { | |||
211 | layer = "top"; | 217 | layer = "top"; |
212 | position = "top"; | 218 | position = "top"; |
213 | height = 14; | 219 | height = 14; |
214 | output = [ "!eDP-1" "!DP-2" "!DP-3" ]; | 220 | output = [ "!eDP-1" "!DP-2" "!DP-3" "*" ]; |
215 | modules-left = [ "niri/workspaces" ]; | 221 | modules-left = [ "niri/workspaces" ]; |
216 | modules-center = [ "niri/window" ]; | 222 | modules-center = [ "niri/window" ]; |
217 | modules-right = [ "clock" ]; | 223 | modules-right = [ "clock" ]; |
@@ -293,7 +299,7 @@ in { | |||
293 | #tray { | 299 | #tray { |
294 | margin: 0; | 300 | margin: 0; |
295 | } | 301 | } |
296 | #battery, #idle_inhibitor, #backlight, #wireplumber, #custom-mako { | 302 | #battery, #idle_inhibitor, #backlight, #wireplumber, #custom-mako, #custom-lid_inhibitor { |
297 | color: @grey; | 303 | color: @grey; |
298 | margin: 0 5px 0 2px; | 304 | margin: 0 5px 0 2px; |
299 | } | 305 | } |
@@ -302,7 +308,11 @@ in { | |||
302 | margin-left: 6px; | 308 | margin-left: 6px; |
303 | } | 309 | } |
304 | #custom-mako { | 310 | #custom-mako { |
305 | margin-right: 2px; | 311 | margin-right: 4px; |
312 | margin-left: 3px; | ||
313 | } | ||
314 | #custom-lid_inhibitor { | ||
315 | margin-right: 3px; | ||
306 | margin-left: 3px; | 316 | margin-left: 3px; |
307 | } | 317 | } |
308 | #battery { | 318 | #battery { |
@@ -330,7 +340,7 @@ in { | |||
330 | color: @orange; | 340 | color: @orange; |
331 | } | 341 | } |
332 | 342 | ||
333 | #idle_inhibitor { | 343 | #idle_inhibitor, #custom-lid_inhibitor { |
334 | padding-top: 1px; | 344 | padding-top: 1px; |
335 | } | 345 | } |
336 | 346 | ||
@@ -340,6 +350,7 @@ in { | |||
340 | } | 350 | } |
341 | #clock { | 351 | #clock { |
342 | /* margin-right: 5px; */ | 352 | /* margin-right: 5px; */ |
353 | font-feature-settings: "tnum"; | ||
343 | } | 354 | } |
344 | ''; | 355 | ''; |
345 | }; | 356 | }; |
diff --git a/accounts/gkleen@sif/synadm/default.nix b/accounts/gkleen@sif/synadm/default.nix new file mode 100644 index 00000000..0a8e0d4c --- /dev/null +++ b/accounts/gkleen@sif/synadm/default.nix | |||
@@ -0,0 +1,9 @@ | |||
1 | { config, pkgs, ... }: | ||
2 | { | ||
3 | home.packages = with pkgs; [ synadm ]; | ||
4 | sops.secrets."synadm.yaml" = { | ||
5 | format = "binary"; | ||
6 | sopsFile = ./synadm_yaml; | ||
7 | path = config.xdg.configHome + "/synadm.yaml"; | ||
8 | }; | ||
9 | } | ||
diff --git a/accounts/gkleen@sif/synadm/synadm_yaml b/accounts/gkleen@sif/synadm/synadm_yaml new file mode 100644 index 00000000..8d951ccc --- /dev/null +++ b/accounts/gkleen@sif/synadm/synadm_yaml | |||
@@ -0,0 +1,15 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:qJy4Pmbbxja4jmW7OaHsD0mQZ7anZwLhiVmAgkavb+CqwWGDnUBXdz22/MHCbxng5NshcFSpBoCBhgY6B9V2bUiES6bH9AtMlDcs9ebKGMArBTUTnQ2MjWQGfQTqraWdNgy+n327uj9swwCH8EZXdYH/Hlv0t/re470W+VOHeXhGghQ3Y9IGz2sgfvMGr8QxaJNydZz85rgs5QUP/PglCwWIOw2mY1EX2vYwnmiAo49LmIEaxWvRi++KHaeBveDt0nlkJwzUlipL2VOKWxkgpK3yGucQn2mz+FRe1btp+4KGm8H17eUI9FO9sBwq,iv:kgM921ovwCgDYHQj3c5Rupy/8JxHehxUD2jb1k9Ik2Y=,tag:3TLQkJbv679VWy8V2TMugw==,type:str]", | ||
3 | "sops": { | ||
4 | "age": [ | ||
5 | { | ||
6 | "recipient": "age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866", | ||
7 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6bzVHUGNxZTF2WC9MYmZr\neGdVVzJXN3lGdEk3cTBER3J6UTFtcUJna2d3CjdNQmRXd2haZW1MYlJzNkk1dWVD\nVTFQc2gvS0JrejJ6SFh2MXpPWDZpRE0KLS0tIE0wTC85bEpvSnlGdGFkZVFhNjFZ\nbzRiZkxMWUg2ODNVUlBmNFlPNGRrZlkK1VXLJWcssv3ETyZSSM/Hhn5VIaI9iov9\nzShZA9Zx/FX6PYTuUMC29pJ57gKourcIxa/7HwSv/xYn1A6WcYfgSg==\n-----END AGE ENCRYPTED FILE-----\n" | ||
8 | } | ||
9 | ], | ||
10 | "lastmodified": "2025-05-18T11:03:42Z", | ||
11 | "mac": "ENC[AES256_GCM,data:yonJC68PhilAgEHNNJQ8nO53Qo3rx/LnfiOWfuMm24bOUIH9QM3WZZxpigd7bHI4eC4TqRb4LvcSi0nEURTRAhwiTqGNrWbpw2Iv3n5dhLEN9aTcetG5ZuhaXqfVUoML45/ovdBZG/0l8+XIHqxN2M/g/h4JwKoR/6lqzcrVhgo=,iv:xvxBJwy+E5zUdjhGPdZPdy7tnBIEj50hfiDJFsS3wNg=,tag:L4Fas36ZOg4h0QQwC4gjNA==,type:str]", | ||
12 | "unencrypted_suffix": "_unencrypted", | ||
13 | "version": "3.10.2" | ||
14 | } | ||
15 | } | ||
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix index 90cccc58..18c2315f 100644 --- a/accounts/gkleen@sif/systemd.nix +++ b/accounts/gkleen@sif/systemd.nix | |||
@@ -385,6 +385,8 @@ in { | |||
385 | }; | 385 | }; |
386 | Service = { | 386 | Service = { |
387 | ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=60s 127.0.0.1:${toString (port + 1)}"; | 387 | ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd --exit-idle-time=60s 127.0.0.1:${toString (port + 1)}"; |
388 | Restart = "always"; | ||
389 | RestartSec = "23s"; | ||
388 | }; | 390 | }; |
389 | }) [{ host = "proxy.ssh.math.lmu.de"; port = 8118; } { host = "proxy.vidhar"; port = 8120; } { host = "proxy.mathw0h"; port = 8122; } { host = "proxy.mathw0e"; port = 8124; }]); | 391 | }) [{ host = "proxy.ssh.math.lmu.de"; port = 8118; } { host = "proxy.vidhar"; port = 8120; } { host = "proxy.mathw0h"; port = 8122; } { host = "proxy.mathw0e"; port = 8124; }]); |
390 | sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" { | 392 | sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${toString port}" { |
diff --git a/accounts/gkleen@sif/utils/async-yt-dlp.nix b/accounts/gkleen@sif/utils/async-yt-dlp.nix new file mode 100644 index 00000000..c3b82ec5 --- /dev/null +++ b/accounts/gkleen@sif/utils/async-yt-dlp.nix | |||
@@ -0,0 +1,57 @@ | |||
1 | { writers, python3Packages, ... }: | ||
2 | |||
3 | writers.writePython3Bin "async-yt-dlp" { | ||
4 | libraries = with python3Packages; [ yt-dlp ]; | ||
5 | flakeIgnore = ["E501"]; | ||
6 | } '' | ||
7 | import sys | ||
8 | import os | ||
9 | |||
10 | import yt_dlp | ||
11 | import yt_dlp.options | ||
12 | from collections import namedtuple | ||
13 | import socket | ||
14 | from pathlib import Path | ||
15 | import json | ||
16 | |||
17 | create_parser = yt_dlp.options.create_parser | ||
18 | |||
19 | |||
20 | def parse_patched_options(opts): | ||
21 | patched_parser = create_parser() | ||
22 | patched_parser.defaults.update({ | ||
23 | 'ignoreerrors': False, | ||
24 | 'retries': 0, | ||
25 | 'fragment_retries': 0, | ||
26 | 'extract_flat': False, | ||
27 | 'concat_playlist': 'never', | ||
28 | }) | ||
29 | yt_dlp.options.create_parser = lambda: patched_parser | ||
30 | try: | ||
31 | return yt_dlp.parse_options(opts) | ||
32 | finally: | ||
33 | yt_dlp.options.create_parser = create_parser | ||
34 | |||
35 | |||
36 | default_opts = parse_patched_options([]).ydl_opts | ||
37 | |||
38 | |||
39 | def cli_to_api(opts): | ||
40 | opts = parse_patched_options(opts) | ||
41 | urls = opts.urls | ||
42 | opts = opts.ydl_opts | ||
43 | |||
44 | diff = {k: v for k, v in opts.items() if default_opts[k] != v} | ||
45 | if 'postprocessors' in diff: | ||
46 | diff['postprocessors'] = [pp for pp in diff['postprocessors'] | ||
47 | if pp not in default_opts['postprocessors']] | ||
48 | return namedtuple('Options', ('params', 'urls'))(diff, urls) | ||
49 | |||
50 | |||
51 | if __name__ == '__main__': | ||
52 | opts = cli_to_api(sys.argv[1:]) | ||
53 | with socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) as sock: | ||
54 | sock.connect(str(Path(os.environ["XDG_RUNTIME_DIR"]) / "yt-dlp.sock").encode('utf-8')) | ||
55 | with sock.makefile(mode='w', buffering=1, encoding='utf-8') as fh: | ||
56 | json.dump(opts._asdict(), fh) | ||
57 | '' | ||
diff --git a/accounts/gkleen@sif/zshrc b/accounts/gkleen@sif/zshrc index abc200c6..b24ff257 100644 --- a/accounts/gkleen@sif/zshrc +++ b/accounts/gkleen@sif/zshrc | |||
@@ -93,7 +93,7 @@ dir() { | |||
93 | if [[ $curlArchive = "true" ]]; then | 93 | if [[ $curlArchive = "true" ]]; then |
94 | archiveFile=$(mktemp -t "archive.XXXXXXXXXX.${templateArchive:t}") | 94 | archiveFile=$(mktemp -t "archive.XXXXXXXXXX.${templateArchive:t}") |
95 | 95 | ||
96 | curl -L -o ${archiveFile} ${templateArchive} | 96 | curl -SfL -o ${archiveFile} ${templateArchive} |
97 | 97 | ||
98 | templateArchive=${archiveFile} | 98 | templateArchive=${archiveFile} |
99 | fi | 99 | fi |
@@ -231,7 +231,7 @@ clock() { | |||
231 | } | 231 | } |
232 | 232 | ||
233 | public-ip() { | 233 | public-ip() { |
234 | curl -s -H 'Accept: application/json' $@ ifconfig.co | jq -r '.ip' | 234 | curl -sSf -H 'Accept: application/json' $@ ifconfig.co | jq -r '.ip' |
235 | } | 235 | } |
236 | 236 | ||
237 | swap() { | 237 | swap() { |
@@ -6,22 +6,28 @@ | |||
6 | "nixpkgs": [ | 6 | "nixpkgs": [ |
7 | "nixpkgs" | 7 | "nixpkgs" |
8 | ], | 8 | ], |
9 | "poetry2nix": [ | 9 | "pre-commit-hooks-nix": "pre-commit-hooks-nix", |
10 | "poetry2nix" | 10 | "pyproject-build-systems": [ |
11 | "pyproject-build-systems" | ||
11 | ], | 12 | ], |
12 | "pre-commit-hooks-nix": "pre-commit-hooks-nix" | 13 | "pyproject-nix": [ |
14 | "pyproject-nix" | ||
15 | ], | ||
16 | "uv2nix": [ | ||
17 | "uv2nix" | ||
18 | ] | ||
13 | }, | 19 | }, |
14 | "locked": { | 20 | "locked": { |
15 | "lastModified": 1723124245, | 21 | "lastModified": 1749560907, |
16 | "narHash": "sha256-ThDq7vOXo6G4+C5FHqUc64CeX2c5n36tln4ZlDao6s4=", | 22 | "narHash": "sha256-zvAxxnJ5dcnjbuog0W6UvlthD1dLm5t4ZQI25jzNDW4=", |
17 | "owner": "gkleen", | 23 | "owner": "gkleen", |
18 | "repo": "backup-utils", | 24 | "repo": "backup-utils", |
19 | "rev": "74e65090de63fc99f056098677cc490754e2708f", | 25 | "rev": "8ed6a1d7c2e337cb2e35ed68f6d852f0d1049908", |
20 | "type": "gitlab" | 26 | "type": "gitlab" |
21 | }, | 27 | }, |
22 | "original": { | 28 | "original": { |
23 | "owner": "gkleen", | 29 | "owner": "gkleen", |
24 | "ref": "v0.1.6", | 30 | "ref": "v0.1.7", |
25 | "repo": "backup-utils", | 31 | "repo": "backup-utils", |
26 | "type": "gitlab" | 32 | "type": "gitlab" |
27 | } | 33 | } |
@@ -33,22 +39,26 @@ | |||
33 | "nixpkgs": [ | 39 | "nixpkgs": [ |
34 | "nixpkgs" | 40 | "nixpkgs" |
35 | ], | 41 | ], |
36 | "poetry2nix": [ | 42 | "pre-commit-hooks-nix": "pre-commit-hooks-nix_2", |
37 | "poetry2nix" | 43 | "pyproject-build-systems": "pyproject-build-systems", |
44 | "pyproject-nix": [ | ||
45 | "pyproject-nix" | ||
38 | ], | 46 | ], |
39 | "pre-commit-hooks-nix": "pre-commit-hooks-nix_2" | 47 | "uv2nix": [ |
48 | "uv2nix" | ||
49 | ] | ||
40 | }, | 50 | }, |
41 | "locked": { | 51 | "locked": { |
42 | "lastModified": 1734281899, | 52 | "lastModified": 1750599403, |
43 | "narHash": "sha256-9QdIl3sjHY4Xij9KrBUkW1KpLB+jyxlI12UHPitlawI=", | 53 | "narHash": "sha256-MLQ7CISl00w1xq88TL2wukNq3ukzID4u7BVT4okbUik=", |
44 | "owner": "gkleen", | 54 | "owner": "gkleen", |
45 | "repo": "ca", | 55 | "repo": "ca", |
46 | "rev": "1e4ee9d25a5282ef7bc6774072229784fa0036f3", | 56 | "rev": "505a29233ada969b2eca76d616b0d7a8767dfb71", |
47 | "type": "gitlab" | 57 | "type": "gitlab" |
48 | }, | 58 | }, |
49 | "original": { | 59 | "original": { |
50 | "owner": "gkleen", | 60 | "owner": "gkleen", |
51 | "ref": "v3.1.3", | 61 | "ref": "v3.1.5", |
52 | "repo": "ca", | 62 | "repo": "ca", |
53 | "type": "gitlab" | 63 | "type": "gitlab" |
54 | } | 64 | } |
@@ -66,11 +76,11 @@ | |||
66 | ] | 76 | ] |
67 | }, | 77 | }, |
68 | "locked": { | 78 | "locked": { |
69 | "lastModified": 1727447169, | 79 | "lastModified": 1749105467, |
70 | "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=", | 80 | "narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=", |
71 | "owner": "serokell", | 81 | "owner": "serokell", |
72 | "repo": "deploy-rs", | 82 | "repo": "deploy-rs", |
73 | "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76", | 83 | "rev": "6bc76b872374845ba9d645a2f012b764fecd765f", |
74 | "type": "github" | 84 | "type": "github" |
75 | }, | 85 | }, |
76 | "original": { | 86 | "original": { |
@@ -168,11 +178,11 @@ | |||
168 | "nixpkgs-lib": "nixpkgs-lib_2" | 178 | "nixpkgs-lib": "nixpkgs-lib_2" |
169 | }, | 179 | }, |
170 | "locked": { | 180 | "locked": { |
171 | "lastModified": 1733312601, | 181 | "lastModified": 1749398372, |
172 | "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", | 182 | "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", |
173 | "owner": "hercules-ci", | 183 | "owner": "hercules-ci", |
174 | "repo": "flake-parts", | 184 | "repo": "flake-parts", |
175 | "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", | 185 | "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", |
176 | "type": "github" | 186 | "type": "github" |
177 | }, | 187 | }, |
178 | "original": { | 188 | "original": { |
@@ -343,16 +353,16 @@ | |||
343 | ] | 353 | ] |
344 | }, | 354 | }, |
345 | "locked": { | 355 | "locked": { |
346 | "lastModified": 1747139300, | 356 | "lastModified": 1749562430, |
347 | "narHash": "sha256-V+YnIIM2wMprHGgzOU0HzyeWQEjP6EhG8kc4IffWFeg=", | 357 | "narHash": "sha256-M5MqsIsf+o7yngakVUW4poBGZaghB6sUpw7SsWA55kU=", |
348 | "owner": "gkleen", | 358 | "owner": "gkleen", |
349 | "repo": "home-manager", | 359 | "repo": "home-manager", |
350 | "rev": "50182497604587a24bdbe97d6400b1696eac57b1", | 360 | "rev": "dca5a2df9f8a00cc34bea6ead249a8446f5f069e", |
351 | "type": "github" | 361 | "type": "github" |
352 | }, | 362 | }, |
353 | "original": { | 363 | "original": { |
354 | "owner": "gkleen", | 364 | "owner": "gkleen", |
355 | "ref": "nixos-late-start-23.11", | 365 | "ref": "nixos-late-start-25.05", |
356 | "repo": "home-manager", | 366 | "repo": "home-manager", |
357 | "type": "github" | 367 | "type": "github" |
358 | } | 368 | } |
@@ -376,7 +386,7 @@ | |||
376 | "leapseconds": { | 386 | "leapseconds": { |
377 | "flake": false, | 387 | "flake": false, |
378 | "locked": { | 388 | "locked": { |
379 | "narHash": "sha256-5ZaoY/bScQS7EGJRHu6vj9XWhbObmxNEaGugaGU7+lg=", | 389 | "narHash": "sha256-FJgbafPB48+5sT+7ZB8pajSsfJoISEOoaJ0d/2Ya7o8=", |
380 | "type": "file", | 390 | "type": "file", |
381 | "url": "https://data.iana.org/time-zones/tzdb/leap-seconds.list" | 391 | "url": "https://data.iana.org/time-zones/tzdb/leap-seconds.list" |
382 | }, | 392 | }, |
@@ -397,11 +407,11 @@ | |||
397 | "xwayland-satellite-unstable": "xwayland-satellite-unstable" | 407 | "xwayland-satellite-unstable": "xwayland-satellite-unstable" |
398 | }, | 408 | }, |
399 | "locked": { | 409 | "locked": { |
400 | "lastModified": 1747115632, | 410 | "lastModified": 1752078530, |
401 | "narHash": "sha256-SypEtZQsum43HvIT4HqM1RH8CE3wCWFIO5b5IqC/2FA=", | 411 | "narHash": "sha256-TrRmlYdhWcadWvBpDjB9Xlry4uT4ZUIO46d+o5tjtCQ=", |
402 | "owner": "sodiboo", | 412 | "owner": "sodiboo", |
403 | "repo": "niri-flake", | 413 | "repo": "niri-flake", |
404 | "rev": "44eeba852a6671ab1c7be5ca65a58c49794cef4b", | 414 | "rev": "d231d92313192d4d0c78d6ef04167fed9dee87cf", |
405 | "type": "github" | 415 | "type": "github" |
406 | }, | 416 | }, |
407 | "original": { | 417 | "original": { |
@@ -414,16 +424,16 @@ | |||
414 | "niri-stable": { | 424 | "niri-stable": { |
415 | "flake": false, | 425 | "flake": false, |
416 | "locked": { | 426 | "locked": { |
417 | "lastModified": 1740117926, | 427 | "lastModified": 1748151941, |
418 | "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", | 428 | "narHash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=", |
419 | "owner": "YaLTeR", | 429 | "owner": "YaLTeR", |
420 | "repo": "niri", | 430 | "repo": "niri", |
421 | "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", | 431 | "rev": "8ba57fcf25d2fc9565131684a839d58703f1dae7", |
422 | "type": "github" | 432 | "type": "github" |
423 | }, | 433 | }, |
424 | "original": { | 434 | "original": { |
425 | "owner": "YaLTeR", | 435 | "owner": "YaLTeR", |
426 | "ref": "v25.02", | 436 | "ref": "v25.05.1", |
427 | "repo": "niri", | 437 | "repo": "niri", |
428 | "type": "github" | 438 | "type": "github" |
429 | } | 439 | } |
@@ -431,11 +441,11 @@ | |||
431 | "niri-unstable": { | 441 | "niri-unstable": { |
432 | "flake": false, | 442 | "flake": false, |
433 | "locked": { | 443 | "locked": { |
434 | "lastModified": 1747113435, | 444 | "lastModified": 1750791124, |
435 | "narHash": "sha256-9oU1mKAM2BZLSots136UA75RIed53YtYgns9TUkr3ck=", | 445 | "narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", |
436 | "owner": "YaLTeR", | 446 | "owner": "YaLTeR", |
437 | "repo": "niri", | 447 | "repo": "niri", |
438 | "rev": "6d083ea49741d6e8e85d5a1d6b6bcaa837d3b5c0", | 448 | "rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", |
439 | "type": "github" | 449 | "type": "github" |
440 | }, | 450 | }, |
441 | "original": { | 451 | "original": { |
@@ -472,11 +482,11 @@ | |||
472 | ] | 482 | ] |
473 | }, | 483 | }, |
474 | "locked": { | 484 | "locked": { |
475 | "lastModified": 1746934494, | 485 | "lastModified": 1751774635, |
476 | "narHash": "sha256-3n6i+F0sDASjkhbvgFDpPDZGp7z19IrRtjfF9TwJpCA=", | 486 | "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=", |
477 | "owner": "Mic92", | 487 | "owner": "Mic92", |
478 | "repo": "nix-index-database", | 488 | "repo": "nix-index-database", |
479 | "rev": "e9b21b01e4307176b9718a29ac514838e7f6f4ff", | 489 | "rev": "85686025ba6d18df31cc651a91d5adef63378978", |
480 | "type": "github" | 490 | "type": "github" |
481 | }, | 491 | }, |
482 | "original": { | 492 | "original": { |
@@ -514,11 +524,11 @@ | |||
514 | ] | 524 | ] |
515 | }, | 525 | }, |
516 | "locked": { | 526 | "locked": { |
517 | "lastModified": 1741549407, | 527 | "lastModified": 1748140003, |
518 | "narHash": "sha256-f9SXK+/rvlryDNlc++Eva/hYjbkf7OCalWwmwifRhtI=", | 528 | "narHash": "sha256-DNBZmuk1YRM2PmwbHzVdXumRjCUzQkMarg4iI/37rOQ=", |
519 | "owner": "AshleyYakeley", | 529 | "owner": "AshleyYakeley", |
520 | "repo": "NixVirt", | 530 | "repo": "NixVirt", |
521 | "rev": "9950b932dce4ae6b9bda7c83d41705c1a14e10f0", | 531 | "rev": "5dfe108fd859b122f9a96981cb6bc12297653d6c", |
522 | "type": "github" | 532 | "type": "github" |
523 | }, | 533 | }, |
524 | "original": { | 534 | "original": { |
@@ -529,11 +539,11 @@ | |||
529 | }, | 539 | }, |
530 | "nixos-hardware": { | 540 | "nixos-hardware": { |
531 | "locked": { | 541 | "locked": { |
532 | "lastModified": 1747083103, | 542 | "lastModified": 1752048960, |
533 | "narHash": "sha256-dMx20S2molwqJxbmMB4pGjNfgp5H1IOHNa1Eby6xL+0=", | 543 | "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", |
534 | "owner": "NixOS", | 544 | "owner": "NixOS", |
535 | "repo": "nixos-hardware", | 545 | "repo": "nixos-hardware", |
536 | "rev": "d1d68fe8b00248caaa5b3bbe4984c12b47e0867d", | 546 | "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", |
537 | "type": "github" | 547 | "type": "github" |
538 | }, | 548 | }, |
539 | "original": { | 549 | "original": { |
@@ -561,16 +571,16 @@ | |||
561 | }, | 571 | }, |
562 | "nixpkgs-eostre": { | 572 | "nixpkgs-eostre": { |
563 | "locked": { | 573 | "locked": { |
564 | "lastModified": 1701282334, | 574 | "lastModified": 1748026580, |
565 | "narHash": "sha256-MxCVrXY6v4QmfTwIysjjaX0XUhqBbxTWWB4HXtDYsdk=", | 575 | "narHash": "sha256-rWtXrcIzU5wm/C8F9LWvUfBGu5U5E7cFzPYT1pHIJaQ=", |
566 | "owner": "NixOS", | 576 | "owner": "NixOS", |
567 | "repo": "nixpkgs", | 577 | "repo": "nixpkgs", |
568 | "rev": "057f9aecfb71c4437d2b27d3323df7f93c010b7e", | 578 | "rev": "11cb3517b3af6af300dd6c055aeda73c9bf52c48", |
569 | "type": "github" | 579 | "type": "github" |
570 | }, | 580 | }, |
571 | "original": { | 581 | "original": { |
572 | "owner": "NixOS", | 582 | "owner": "NixOS", |
573 | "ref": "23.11", | 583 | "ref": "25.05", |
574 | "repo": "nixpkgs", | 584 | "repo": "nixpkgs", |
575 | "type": "github" | 585 | "type": "github" |
576 | } | 586 | } |
@@ -589,14 +599,17 @@ | |||
589 | }, | 599 | }, |
590 | "nixpkgs-lib_2": { | 600 | "nixpkgs-lib_2": { |
591 | "locked": { | 601 | "locked": { |
592 | "lastModified": 1733096140, | 602 | "lastModified": 1748740939, |
593 | "narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=", | 603 | "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", |
594 | "type": "tarball", | 604 | "owner": "nix-community", |
595 | "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" | 605 | "repo": "nixpkgs.lib", |
606 | "rev": "656a64127e9d791a334452c6b6606d17539476e2", | ||
607 | "type": "github" | ||
596 | }, | 608 | }, |
597 | "original": { | 609 | "original": { |
598 | "type": "tarball", | 610 | "owner": "nix-community", |
599 | "url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz" | 611 | "repo": "nixpkgs.lib", |
612 | "type": "github" | ||
600 | } | 613 | } |
601 | }, | 614 | }, |
602 | "nixpkgs-lib_3": { | 615 | "nixpkgs-lib_3": { |
@@ -651,32 +664,32 @@ | |||
651 | }, | 664 | }, |
652 | "nixpkgs-stable_2": { | 665 | "nixpkgs-stable_2": { |
653 | "locked": { | 666 | "locked": { |
654 | "lastModified": 1746957726, | 667 | "lastModified": 1751943650, |
655 | "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", | 668 | "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=", |
656 | "owner": "NixOS", | 669 | "owner": "NixOS", |
657 | "repo": "nixpkgs", | 670 | "repo": "nixpkgs", |
658 | "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", | 671 | "rev": "88983d4b665fb491861005137ce2b11a9f89f203", |
659 | "type": "github" | 672 | "type": "github" |
660 | }, | 673 | }, |
661 | "original": { | 674 | "original": { |
662 | "owner": "NixOS", | 675 | "owner": "NixOS", |
663 | "ref": "nixos-24.11", | 676 | "ref": "nixos-25.05", |
664 | "repo": "nixpkgs", | 677 | "repo": "nixpkgs", |
665 | "type": "github" | 678 | "type": "github" |
666 | } | 679 | } |
667 | }, | 680 | }, |
668 | "nixpkgs-stable_3": { | 681 | "nixpkgs-stable_3": { |
669 | "locked": { | 682 | "locked": { |
670 | "lastModified": 1717179513, | 683 | "lastModified": 1748026580, |
671 | "narHash": "sha256-vboIEwIQojofItm2xGCdZCzW96U85l9nDW3ifMuAIdM=", | 684 | "narHash": "sha256-rWtXrcIzU5wm/C8F9LWvUfBGu5U5E7cFzPYT1pHIJaQ=", |
672 | "owner": "NixOS", | 685 | "owner": "NixOS", |
673 | "repo": "nixpkgs", | 686 | "repo": "nixpkgs", |
674 | "rev": "63dacb46bf939521bdc93981b4cbb7ecb58427a0", | 687 | "rev": "11cb3517b3af6af300dd6c055aeda73c9bf52c48", |
675 | "type": "github" | 688 | "type": "github" |
676 | }, | 689 | }, |
677 | "original": { | 690 | "original": { |
678 | "owner": "NixOS", | 691 | "owner": "NixOS", |
679 | "ref": "24.05", | 692 | "ref": "25.05", |
680 | "repo": "nixpkgs", | 693 | "repo": "nixpkgs", |
681 | "type": "github" | 694 | "type": "github" |
682 | } | 695 | } |
@@ -699,11 +712,11 @@ | |||
699 | }, | 712 | }, |
700 | "nixpkgs_2": { | 713 | "nixpkgs_2": { |
701 | "locked": { | 714 | "locked": { |
702 | "lastModified": 1746904237, | 715 | "lastModified": 1751984180, |
703 | "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", | 716 | "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", |
704 | "owner": "NixOS", | 717 | "owner": "NixOS", |
705 | "repo": "nixpkgs", | 718 | "repo": "nixpkgs", |
706 | "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", | 719 | "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", |
707 | "type": "github" | 720 | "type": "github" |
708 | }, | 721 | }, |
709 | "original": { | 722 | "original": { |
@@ -811,18 +824,14 @@ | |||
811 | "nixpkgs": [ | 824 | "nixpkgs": [ |
812 | "ca-util", | 825 | "ca-util", |
813 | "nixpkgs" | 826 | "nixpkgs" |
814 | ], | ||
815 | "nixpkgs-stable": [ | ||
816 | "ca-util", | ||
817 | "nixpkgs" | ||
818 | ] | 827 | ] |
819 | }, | 828 | }, |
820 | "locked": { | 829 | "locked": { |
821 | "lastModified": 1734261738, | 830 | "lastModified": 1749636823, |
822 | "narHash": "sha256-3Lzk+7QyX8v60+km26D3dln7NMSA13vW+KYTkMkds6Q=", | 831 | "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", |
823 | "owner": "cachix", | 832 | "owner": "cachix", |
824 | "repo": "pre-commit-hooks.nix", | 833 | "repo": "pre-commit-hooks.nix", |
825 | "rev": "4c8e75efbbdcc6f9203f64b1f21f8a55d2285264", | 834 | "rev": "623c56286de5a3193aa38891a6991b28f9bab056", |
826 | "type": "github" | 835 | "type": "github" |
827 | }, | 836 | }, |
828 | "original": { | 837 | "original": { |
@@ -882,21 +891,50 @@ | |||
882 | "pyproject-build-systems": { | 891 | "pyproject-build-systems": { |
883 | "inputs": { | 892 | "inputs": { |
884 | "nixpkgs": [ | 893 | "nixpkgs": [ |
894 | "ca-util", | ||
885 | "nixpkgs" | 895 | "nixpkgs" |
886 | ], | 896 | ], |
887 | "pyproject-nix": [ | 897 | "pyproject-nix": [ |
898 | "ca-util", | ||
888 | "pyproject-nix" | 899 | "pyproject-nix" |
889 | ], | 900 | ], |
890 | "uv2nix": [ | 901 | "uv2nix": [ |
902 | "ca-util", | ||
891 | "uv2nix" | 903 | "uv2nix" |
892 | ] | 904 | ] |
893 | }, | 905 | }, |
894 | "locked": { | 906 | "locked": { |
895 | "lastModified": 1744599653, | 907 | "lastModified": 1749519371, |
896 | "narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=", | 908 | "narHash": "sha256-UJONN7mA2stweZCoRcry2aa1XTTBL0AfUOY84Lmqhos=", |
897 | "owner": "pyproject-nix", | 909 | "owner": "pyproject-nix", |
898 | "repo": "build-system-pkgs", | 910 | "repo": "build-system-pkgs", |
899 | "rev": "7dba6dbc73120e15b558754c26024f6c93015dd7", | 911 | "rev": "7c06967eca687f3482624250428cc12f43c92523", |
912 | "type": "github" | ||
913 | }, | ||
914 | "original": { | ||
915 | "owner": "pyproject-nix", | ||
916 | "repo": "build-system-pkgs", | ||
917 | "type": "github" | ||
918 | } | ||
919 | }, | ||
920 | "pyproject-build-systems_2": { | ||
921 | "inputs": { | ||
922 | "nixpkgs": [ | ||
923 | "nixpkgs" | ||
924 | ], | ||
925 | "pyproject-nix": [ | ||
926 | "pyproject-nix" | ||
927 | ], | ||
928 | "uv2nix": [ | ||
929 | "uv2nix" | ||
930 | ] | ||
931 | }, | ||
932 | "locked": { | ||
933 | "lastModified": 1749519371, | ||
934 | "narHash": "sha256-UJONN7mA2stweZCoRcry2aa1XTTBL0AfUOY84Lmqhos=", | ||
935 | "owner": "pyproject-nix", | ||
936 | "repo": "build-system-pkgs", | ||
937 | "rev": "7c06967eca687f3482624250428cc12f43c92523", | ||
900 | "type": "github" | 938 | "type": "github" |
901 | }, | 939 | }, |
902 | "original": { | 940 | "original": { |
@@ -912,11 +950,11 @@ | |||
912 | ] | 950 | ] |
913 | }, | 951 | }, |
914 | "locked": { | 952 | "locked": { |
915 | "lastModified": 1746540146, | 953 | "lastModified": 1751557494, |
916 | "narHash": "sha256-QxdHGNpbicIrw5t6U3x+ZxeY/7IEJ6lYbvsjXmcxFIM=", | 954 | "narHash": "sha256-dnueIffmEKtG0V4feifalsOYaHXXsrGMaoKI+4O7v/8=", |
917 | "owner": "pyproject-nix", | 955 | "owner": "pyproject-nix", |
918 | "repo": "pyproject.nix", | 956 | "repo": "pyproject.nix", |
919 | "rev": "e09c10c24ebb955125fda449939bfba664c467fd", | 957 | "rev": "939ef94aea81c17bfd2f388465309eab76c45c37", |
920 | "type": "github" | 958 | "type": "github" |
921 | }, | 959 | }, |
922 | "original": { | 960 | "original": { |
@@ -948,7 +986,7 @@ | |||
948 | "nvfetcher": "nvfetcher", | 986 | "nvfetcher": "nvfetcher", |
949 | "poetry2nix": "poetry2nix", | 987 | "poetry2nix": "poetry2nix", |
950 | "prometheus-borg-exporter": "prometheus-borg-exporter", | 988 | "prometheus-borg-exporter": "prometheus-borg-exporter", |
951 | "pyproject-build-systems": "pyproject-build-systems", | 989 | "pyproject-build-systems": "pyproject-build-systems_2", |
952 | "pyproject-nix": "pyproject-nix", | 990 | "pyproject-nix": "pyproject-nix", |
953 | "sops-nix": "sops-nix", | 991 | "sops-nix": "sops-nix", |
954 | "uv2nix": "uv2nix", | 992 | "uv2nix": "uv2nix", |
@@ -962,11 +1000,11 @@ | |||
962 | ] | 1000 | ] |
963 | }, | 1001 | }, |
964 | "locked": { | 1002 | "locked": { |
965 | "lastModified": 1746485181, | 1003 | "lastModified": 1751606940, |
966 | "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", | 1004 | "narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=", |
967 | "owner": "Mic92", | 1005 | "owner": "Mic92", |
968 | "repo": "sops-nix", | 1006 | "repo": "sops-nix", |
969 | "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", | 1007 | "rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d", |
970 | "type": "github" | 1008 | "type": "github" |
971 | }, | 1009 | }, |
972 | "original": { | 1010 | "original": { |
@@ -1037,11 +1075,11 @@ | |||
1037 | ] | 1075 | ] |
1038 | }, | 1076 | }, |
1039 | "locked": { | 1077 | "locked": { |
1040 | "lastModified": 1746649034, | 1078 | "lastModified": 1752195249, |
1041 | "narHash": "sha256-gmv+ZiY3pQnwgI0Gm3Z1tNSux1CnOJ0De+xeDOol1+0=", | 1079 | "narHash": "sha256-xJ4P6Ekm1tQTtUHboca+vqosXQZHPCDTYOq/HfZ6o1M=", |
1042 | "owner": "pyproject-nix", | 1080 | "owner": "pyproject-nix", |
1043 | "repo": "uv2nix", | 1081 | "repo": "uv2nix", |
1044 | "rev": "fe540e91c26f378c62bf6da365a97e848434d0cd", | 1082 | "rev": "06b039bb2fa0bc57ac6e611e05de70d36bb1af8b", |
1045 | "type": "github" | 1083 | "type": "github" |
1046 | }, | 1084 | }, |
1047 | "original": { | 1085 | "original": { |
@@ -1060,16 +1098,16 @@ | |||
1060 | ] | 1098 | ] |
1061 | }, | 1099 | }, |
1062 | "locked": { | 1100 | "locked": { |
1063 | "lastModified": 1742140394, | 1101 | "lastModified": 1752562190, |
1064 | "narHash": "sha256-U1Lp5HZbpnWQRetOLzQl3dURplY2BRfAZYkjBawYrVM=", | 1102 | "narHash": "sha256-zWOMCNe56H2PHUd3rJZ6tklZUZBLgRo85jd9IlK1g9o=", |
1065 | "owner": "gkleen", | 1103 | "owner": "gkleen", |
1066 | "repo": "Waybar", | 1104 | "repo": "Waybar", |
1067 | "rev": "f310667db199c570b599a08152d49b7f80db93f2", | 1105 | "rev": "d008cd998369c40f2344a856caf39cdbbd7bd068", |
1068 | "type": "github" | 1106 | "type": "github" |
1069 | }, | 1107 | }, |
1070 | "original": { | 1108 | "original": { |
1071 | "owner": "gkleen", | 1109 | "owner": "gkleen", |
1072 | "ref": "feat/niri-workspaces-hide", | 1110 | "ref": "feat/niri-urgency", |
1073 | "repo": "Waybar", | 1111 | "repo": "Waybar", |
1074 | "type": "github" | 1112 | "type": "github" |
1075 | } | 1113 | } |
@@ -1077,16 +1115,16 @@ | |||
1077 | "xwayland-satellite-stable": { | 1115 | "xwayland-satellite-stable": { |
1078 | "flake": false, | 1116 | "flake": false, |
1079 | "locked": { | 1117 | "locked": { |
1080 | "lastModified": 1739246919, | 1118 | "lastModified": 1748488455, |
1081 | "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", | 1119 | "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", |
1082 | "owner": "Supreeeme", | 1120 | "owner": "Supreeeme", |
1083 | "repo": "xwayland-satellite", | 1121 | "repo": "xwayland-satellite", |
1084 | "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", | 1122 | "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", |
1085 | "type": "github" | 1123 | "type": "github" |
1086 | }, | 1124 | }, |
1087 | "original": { | 1125 | "original": { |
1088 | "owner": "Supreeeme", | 1126 | "owner": "Supreeeme", |
1089 | "ref": "v0.5.1", | 1127 | "ref": "v0.6", |
1090 | "repo": "xwayland-satellite", | 1128 | "repo": "xwayland-satellite", |
1091 | "type": "github" | 1129 | "type": "github" |
1092 | } | 1130 | } |
@@ -1094,11 +1132,11 @@ | |||
1094 | "xwayland-satellite-unstable": { | 1132 | "xwayland-satellite-unstable": { |
1095 | "flake": false, | 1133 | "flake": false, |
1096 | "locked": { | 1134 | "locked": { |
1097 | "lastModified": 1747111562, | 1135 | "lastModified": 1751228685, |
1098 | "narHash": "sha256-GAqhWoxaBIk0tgoecZPa8gTHDHxNc0JtlwWHZN2iOOo=", | 1136 | "narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", |
1099 | "owner": "Supreeeme", | 1137 | "owner": "Supreeeme", |
1100 | "repo": "xwayland-satellite", | 1138 | "repo": "xwayland-satellite", |
1101 | "rev": "ec9ff64c1e0cbec42710b580b7c0f759b1694e72", | 1139 | "rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", |
1102 | "type": "github" | 1140 | "type": "github" |
1103 | }, | 1141 | }, |
1104 | "original": { | 1142 | "original": { |
@@ -29,13 +29,13 @@ | |||
29 | type = "github"; | 29 | type = "github"; |
30 | owner = "NixOS"; | 30 | owner = "NixOS"; |
31 | repo = "nixpkgs"; | 31 | repo = "nixpkgs"; |
32 | ref = "24.05"; | 32 | ref = "25.05"; |
33 | }; | 33 | }; |
34 | nixpkgs-eostre = { | 34 | nixpkgs-eostre = { |
35 | type = "github"; | 35 | type = "github"; |
36 | owner = "NixOS"; | 36 | owner = "NixOS"; |
37 | repo = "nixpkgs"; | 37 | repo = "nixpkgs"; |
38 | ref = "23.11"; | 38 | ref = "25.05"; |
39 | }; | 39 | }; |
40 | home-manager = { | 40 | home-manager = { |
41 | type = "github"; | 41 | type = "github"; |
@@ -53,7 +53,7 @@ | |||
53 | type = "github"; | 53 | type = "github"; |
54 | owner = "gkleen"; | 54 | owner = "gkleen"; |
55 | repo = "home-manager"; | 55 | repo = "home-manager"; |
56 | ref = "nixos-late-start-23.11"; | 56 | ref = "nixos-late-start-25.05"; |
57 | inputs = { | 57 | inputs = { |
58 | nixpkgs.follows = "nixpkgs-eostre"; | 58 | nixpkgs.follows = "nixpkgs-eostre"; |
59 | }; | 59 | }; |
@@ -145,20 +145,23 @@ | |||
145 | type = "gitlab"; | 145 | type = "gitlab"; |
146 | owner = "gkleen"; | 146 | owner = "gkleen"; |
147 | repo = "ca"; | 147 | repo = "ca"; |
148 | ref = "v3.1.3"; | 148 | ref = "v3.1.5"; |
149 | inputs = { | 149 | inputs = { |
150 | pyproject-nix.follows = "pyproject-nix"; | ||
151 | uv2nix.follows = "uv2nix"; | ||
150 | nixpkgs.follows = "nixpkgs"; | 152 | nixpkgs.follows = "nixpkgs"; |
151 | poetry2nix.follows = "poetry2nix"; | ||
152 | }; | 153 | }; |
153 | }; | 154 | }; |
154 | backup-utils = { | 155 | backup-utils = { |
155 | type = "gitlab"; | 156 | type = "gitlab"; |
156 | owner = "gkleen"; | 157 | owner = "gkleen"; |
157 | repo = "backup-utils"; | 158 | repo = "backup-utils"; |
158 | ref = "v0.1.6"; | 159 | ref = "v0.1.7"; |
159 | inputs = { | 160 | inputs = { |
160 | nixpkgs.follows = "nixpkgs"; | 161 | nixpkgs.follows = "nixpkgs"; |
161 | poetry2nix.follows = "poetry2nix"; | 162 | pyproject-nix.follows = "pyproject-nix"; |
163 | uv2nix.follows = "uv2nix"; | ||
164 | pyproject-build-systems.follows = "pyproject-build-systems"; | ||
162 | }; | 165 | }; |
163 | }; | 166 | }; |
164 | prometheus-borg-exporter = { | 167 | prometheus-borg-exporter = { |
@@ -187,7 +190,7 @@ | |||
187 | type = "github"; | 190 | type = "github"; |
188 | owner = "gkleen"; | 191 | owner = "gkleen"; |
189 | repo = "Waybar"; | 192 | repo = "Waybar"; |
190 | ref = "feat/niri-workspaces-hide"; | 193 | ref = "feat/niri-urgency"; |
191 | inputs = { | 194 | inputs = { |
192 | nixpkgs.follows = "nixpkgs"; | 195 | nixpkgs.follows = "nixpkgs"; |
193 | flake-compat.follows = "flake-compat"; | 196 | flake-compat.follows = "flake-compat"; |
@@ -363,7 +366,7 @@ | |||
363 | 366 | ||
364 | overlays = mapAttrs (_name: path: mkOverlay path) overlayPaths; | 367 | overlays = mapAttrs (_name: path: mkOverlay path) overlayPaths; |
365 | 368 | ||
366 | packages = forAllSystems (system: systemPkgs: nixImport rec { dir = ./tools; _import = _path: name: import "${toString dir}/${name}" ({ inherit system; } // inputs); }); | 369 | packages = forAllSystems (system: systemPkgs: nixImport rec { dir = ./tools; _import = name: _base: import (dir + "/${name}") ({ inherit system; } // inputs); }); |
367 | 370 | ||
368 | # packages = mapAttrs (_name: filterAttrs (_name: isDerivation)) packages; | 371 | # packages = mapAttrs (_name: filterAttrs (_name: isDerivation)) packages; |
369 | # packages' = mapAttrs (_name: filterAttrs (_name: value: !(isDerivation value))) packages; | 372 | # packages' = mapAttrs (_name: filterAttrs (_name: value: !(isDerivation value))) packages; |
@@ -375,6 +378,8 @@ | |||
375 | activateNixosConfigurations activateHomeManagerConfigurations | 378 | activateNixosConfigurations activateHomeManagerConfigurations |
376 | ]; | 379 | ]; |
377 | 380 | ||
381 | lib = nixImport rec { dir = ./lib; _import = name: _base: import (dir + "/${name}") inputs; }; | ||
382 | |||
378 | devShells = forAllSystems (system: systemPkgs: { default = import ./shell.nix ({ inherit system; } // inputs); } // installerShells system systemPkgs); | 383 | devShells = forAllSystems (system: systemPkgs: { default = import ./shell.nix ({ inherit system; } // inputs); } // installerShells system systemPkgs); |
379 | 384 | ||
380 | templates.default = { | 385 | templates.default = { |
@@ -398,7 +403,7 @@ | |||
398 | # path = activateHomeManager (self.nixosConfigurations.${hostname}.config.nixpkgs.system) usercfg.home; | 403 | # path = activateHomeManager (self.nixosConfigurations.${hostname}.config.nixpkgs.system) usercfg.home; |
399 | # }) self.nixosConfigurations.${hostname}.config.home-manager.users); | 404 | # }) self.nixosConfigurations.${hostname}.config.home-manager.users); |
400 | }) (nixImport { dir = ./hosts; _import = (_path: name: name); }); | 405 | }) (nixImport { dir = ./hosts; _import = (_path: name: name); }); |
401 | overrides = if pathExists ./deploy then nixImport { dir = ./deploy; _import = path: _name: import (./deploy + "/${path}") inputs; } else {}; | 406 | overrides = if pathExists ./deploy then nixImport rec { dir = ./deploy; _import = path: _name: import (dir + "/${path}") inputs; } else {}; |
402 | filterEnabled = attrs: mapAttrs (_n: v: filterAttrs (n: _v: n != "enabled") v) (filterAttrs (_n: v: v.enabled or true) attrs); | 407 | filterEnabled = attrs: mapAttrs (_n: v: filterAttrs (n: _v: n != "enabled") v) (filterAttrs (_n: v: v.enabled or true) attrs); |
403 | in mapAttrs (_n: v: if v ? "profiles" then v // { profiles = filterEnabled v.profiles; } else v) (filterEnabled (recursiveUpdate defaults overrides)); | 408 | in mapAttrs (_n: v: if v ? "profiles" then v // { profiles = filterEnabled v.profiles; } else v) (filterEnabled (recursiveUpdate defaults overrides)); |
404 | 409 | ||
diff --git a/home-modules/nixpkgs-release-check.nix b/home-modules/nixpkgs-release-check.nix new file mode 100644 index 00000000..baf2713a --- /dev/null +++ b/home-modules/nixpkgs-release-check.nix | |||
@@ -0,0 +1,4 @@ | |||
1 | { ... }: | ||
2 | { | ||
3 | config.home.enableNixpkgsReleaseCheck = false; | ||
4 | } | ||
diff --git a/hosts/eostre/default.nix b/hosts/eostre/default.nix index fd4b15f2..d4113024 100644 --- a/hosts/eostre/default.nix +++ b/hosts/eostre/default.nix | |||
@@ -37,14 +37,10 @@ with lib; | |||
37 | powerManagement.enable = true; | 37 | powerManagement.enable = true; |
38 | }; | 38 | }; |
39 | 39 | ||
40 | opengl.enable = true; | 40 | graphics.enable = true; |
41 | }; | 41 | }; |
42 | 42 | ||
43 | environment.etc."machine-id".text = "f457b21333f1491e916521151ff5d468"; | ||
44 | |||
45 | networking = { | 43 | networking = { |
46 | hostId = "f457b213"; | ||
47 | |||
48 | domain = "lan.yggdrasil"; | 44 | domain = "lan.yggdrasil"; |
49 | search = [ "lan.yggdrasil" "yggdrasil" ]; | 45 | search = [ "lan.yggdrasil" "yggdrasil" ]; |
50 | 46 | ||
@@ -83,19 +79,14 @@ with lib; | |||
83 | ]; | 79 | ]; |
84 | }; | 80 | }; |
85 | 81 | ||
86 | 82 | services.displayManager.sddm = { | |
87 | services.xserver = { | ||
88 | enable = true; | 83 | enable = true; |
89 | displayManager.sddm = { | 84 | wayland.enable = true; |
90 | enable = true; | 85 | settings = { |
91 | settings = { | 86 | Users.HideUsers = "gkleen"; |
92 | Users.HideUsers = "gkleen"; | ||
93 | }; | ||
94 | }; | 87 | }; |
95 | desktopManager.plasma5.enable = true; | ||
96 | |||
97 | videoDrivers = [ "nvidia" ]; | ||
98 | }; | 88 | }; |
89 | services.desktopManager.plasma6.enable = true; | ||
99 | 90 | ||
100 | 91 | ||
101 | services.openssh = { | 92 | services.openssh = { |
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index f4de24e8..b0d2fd78 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
@@ -12,7 +12,7 @@ let | |||
12 | in { | 12 | in { |
13 | imports = with flake.nixosModules.systemProfiles; [ | 13 | imports = with flake.nixosModules.systemProfiles; [ |
14 | ./hw.nix | 14 | ./hw.nix |
15 | ./mail ./libvirt ./greetd | 15 | ./email ./libvirt ./greetd |
16 | tmpfs-root bcachefs initrd-all-crypto-modules default-locale openssh rebuild-machines niri-unstable networkmanager | 16 | tmpfs-root bcachefs initrd-all-crypto-modules default-locale openssh rebuild-machines niri-unstable networkmanager |
17 | flakeInputs.nixos-hardware.nixosModules.lenovo-thinkpad-p1 | 17 | flakeInputs.nixos-hardware.nixosModules.lenovo-thinkpad-p1 |
18 | flakeInputs.impermanence.nixosModules.impermanence | 18 | flakeInputs.impermanence.nixosModules.impermanence |
@@ -98,6 +98,8 @@ in { | |||
98 | server ptbtime2.ptb.de prefer iburst nts | 98 | server ptbtime2.ptb.de prefer iburst nts |
99 | server ptbtime3.ptb.de prefer iburst nts | 99 | server ptbtime3.ptb.de prefer iburst nts |
100 | server ptbtime4.ptb.de prefer iburst nts | 100 | server ptbtime4.ptb.de prefer iburst nts |
101 | pool ntppool1.time.nl prefer iburst nts | ||
102 | pool ntppool2.time.nl prefer iburst nts | ||
101 | 103 | ||
102 | authselectmode require | 104 | authselectmode require |
103 | minsources 3 | 105 | minsources 3 |
@@ -130,6 +132,12 @@ in { | |||
130 | useNetworkd = true; | 132 | useNetworkd = true; |
131 | }; | 133 | }; |
132 | 134 | ||
135 | environment.etc."NetworkManager/dnsmasq.d/dnssec.conf" = { | ||
136 | text = '' | ||
137 | conf-file=${pkgs.dnsmasq}/share/dnsmasq/trust-anchors.conf | ||
138 | dnssec | ||
139 | ''; | ||
140 | }; | ||
133 | environment.etc."NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf" = { | 141 | environment.etc."NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf" = { |
134 | text = '' | 142 | text = '' |
135 | except-interface=virbr0 | 143 | except-interface=virbr0 |
@@ -372,19 +380,6 @@ in { | |||
372 | ]; | 380 | ]; |
373 | 381 | ||
374 | services = { | 382 | services = { |
375 | uucp = { | ||
376 | enable = true; | ||
377 | nodeName = "sif"; | ||
378 | remoteNodes = { | ||
379 | "ymir" = { | ||
380 | publicKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG6KNtsCOl5fsZ4rV7udTulGMphJweLBoKapzerWNoLY root@ymir"]; | ||
381 | hostnames = ["ymir.yggdrasil.li" "ymir.niflheim.yggdrasil"]; | ||
382 | }; | ||
383 | }; | ||
384 | |||
385 | defaultCommands = lib.mkForce []; | ||
386 | }; | ||
387 | |||
388 | avahi.enable = true; | 383 | avahi.enable = true; |
389 | 384 | ||
390 | fwupd.enable = true; | 385 | fwupd.enable = true; |
@@ -403,8 +398,8 @@ in { | |||
403 | 398 | ||
404 | logind = { | 399 | logind = { |
405 | lidSwitch = "suspend"; | 400 | lidSwitch = "suspend"; |
406 | lidSwitchDocked = "lock"; | 401 | lidSwitchDocked = "ignore"; |
407 | lidSwitchExternalPower = "lock"; | 402 | lidSwitchExternalPower = "ignore"; |
408 | }; | 403 | }; |
409 | 404 | ||
410 | atd = { | 405 | atd = { |
@@ -610,25 +605,6 @@ in { | |||
610 | 605 | ||
611 | environment.etc."X11/xorg.conf.d/50-wacom.conf".source = lib.mkForce ./wacom.conf; | 606 | environment.etc."X11/xorg.conf.d/50-wacom.conf".source = lib.mkForce ./wacom.conf; |
612 | 607 | ||
613 | systemd.services."ac-plugged" = { | ||
614 | description = "Inhibit handling of lid-switch and sleep"; | ||
615 | |||
616 | path = with pkgs; [ systemd coreutils ]; | ||
617 | |||
618 | script = '' | ||
619 | exec systemd-inhibit --what=handle-lid-switch --why="AC is connected" --mode=block sleep infinity | ||
620 | ''; | ||
621 | |||
622 | serviceConfig = { | ||
623 | Type = "simple"; | ||
624 | }; | ||
625 | }; | ||
626 | |||
627 | services.udev.extraRules = with pkgs; lib.mkAfter '' | ||
628 | SUBSYSTEM=="power_supply", ENV{POWER_SUPPLY_ONLINE}=="0", RUN+="${systemd}/bin/systemctl --no-block stop ac-plugged.service" | ||
629 | SUBSYSTEM=="power_supply", ENV{POWER_SUPPLY_ONLINE}=="1", RUN+="${systemd}/bin/systemctl --no-block start ac-plugged.service" | ||
630 | ''; | ||
631 | |||
632 | systemd.services."nix-daemon".serviceConfig = { | 608 | systemd.services."nix-daemon".serviceConfig = { |
633 | MemoryAccounting = true; | 609 | MemoryAccounting = true; |
634 | MemoryHigh = "50%"; | 610 | MemoryHigh = "50%"; |
@@ -688,7 +664,7 @@ in { | |||
688 | directories = [ | 664 | directories = [ |
689 | "/nix" | 665 | "/nix" |
690 | "/root" | 666 | "/root" |
691 | "/home" | 667 | "/home" |
692 | "/var/log" | 668 | "/var/log" |
693 | "/var/lib/sops-nix" | 669 | "/var/lib/sops-nix" |
694 | "/var/lib/nixos" | 670 | "/var/lib/nixos" |
@@ -699,8 +675,6 @@ in { | |||
699 | "/var/lib/upower" | 675 | "/var/lib/upower" |
700 | "/var/lib/postfix" | 676 | "/var/lib/postfix" |
701 | "/etc/NetworkManager/system-connections" | 677 | "/etc/NetworkManager/system-connections" |
702 | { directory = "/var/uucp"; user = "uucp"; group = "uucp"; mode = "0700"; } | ||
703 | { directory = "/var/spool/uucp"; user = "uucp"; group = "uucp"; mode = "0750"; } | ||
704 | ]; | 678 | ]; |
705 | files = [ | 679 | files = [ |
706 | ]; | 680 | ]; |
diff --git a/hosts/sif/email/default.nix b/hosts/sif/email/default.nix new file mode 100644 index 00000000..4eda236e --- /dev/null +++ b/hosts/sif/email/default.nix | |||
@@ -0,0 +1,110 @@ | |||
1 | { config, lib, pkgs, ... }: | ||
2 | { | ||
3 | services.postfix = { | ||
4 | enable = true; | ||
5 | enableSmtp = false; | ||
6 | enableSubmission = false; | ||
7 | setSendmail = true; | ||
8 | networksStyle = "host"; | ||
9 | hostname = "sif.midgard.yggdrasil"; | ||
10 | destination = []; | ||
11 | recipientDelimiter = "+"; | ||
12 | config = { | ||
13 | mydomain = "yggdrasil.li"; | ||
14 | |||
15 | local_transport = "error:5.1.1 No local delivery"; | ||
16 | alias_database = []; | ||
17 | alias_maps = []; | ||
18 | local_recipient_maps = []; | ||
19 | |||
20 | inet_interfaces = "loopback-only"; | ||
21 | |||
22 | message_size_limit = "0"; | ||
23 | |||
24 | authorized_submit_users = "inline:{ gkleen= }"; | ||
25 | authorized_flush_users = "inline:{ gkleen= }"; | ||
26 | authorized_mailq_users = "inline:{ gkleen= }"; | ||
27 | |||
28 | smtp_generic_maps = "inline:{ root=root+sif }"; | ||
29 | |||
30 | mynetworks = ["127.0.0.0/8" "[::1]/128"]; | ||
31 | smtpd_client_restrictions = ["permit_mynetworks" "reject"]; | ||
32 | smtpd_relay_restrictions = ["permit_mynetworks" "reject"]; | ||
33 | |||
34 | sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" '' | ||
35 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de | ||
36 | /@ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtpin1.ifi.lmu.de:587 | ||
37 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ smtps:smtp.math.lmu.de:465 | ||
38 | /@(campus\.)?lmu\.de$/ smtp:postout.lrz.de | ||
39 | ''}''; | ||
40 | sender_bcc_maps = ''regexp:${pkgs.writeText "sender_bcc" '' | ||
41 | /^uni2work(-[^@]*)?@ifi\.lmu\.de$/ uni2work@ifi.lmu.de | ||
42 | /@ifi\.lmu\.de$/ gregor.kleen@ifi.lmu.de | ||
43 | ''}''; | ||
44 | relayhost = "[surtr.yggdrasil.li]:465"; | ||
45 | default_transport = "relay"; | ||
46 | |||
47 | smtp_sasl_auth_enable = true; | ||
48 | smtp_sender_dependent_authentication = true; | ||
49 | smtp_sasl_tls_security_options = "noanonymous"; | ||
50 | smtp_sasl_mechanism_filter = ["plain"]; | ||
51 | smtp_sasl_password_maps = "regexp:/run/credentials/postfix.service/sasl_passwd"; | ||
52 | smtp_cname_overrides_servername = false; | ||
53 | smtp_always_send_ehlo = true; | ||
54 | smtp_tls_security_level = "dane"; | ||
55 | |||
56 | smtp_tls_loglevel = "1"; | ||
57 | smtp_dns_support_level = "dnssec"; | ||
58 | }; | ||
59 | masterConfig = { | ||
60 | submission = { | ||
61 | type = "inet"; | ||
62 | private = false; | ||
63 | command = "smtpd"; | ||
64 | args = [ | ||
65 | "-o" "syslog_name=postfix/$service_name" | ||
66 | ]; | ||
67 | }; | ||
68 | smtp = { }; | ||
69 | smtps = { | ||
70 | type = "unix"; | ||
71 | private = true; | ||
72 | privileged = true; | ||
73 | chroot = false; | ||
74 | command = "smtp"; | ||
75 | args = [ | ||
76 | "-o" "smtp_tls_wrappermode=yes" | ||
77 | "-o" "smtp_tls_security_level=encrypt" | ||
78 | ]; | ||
79 | }; | ||
80 | relay = { | ||
81 | command = "smtp"; | ||
82 | args = [ | ||
83 | "-o" "smtp_fallback_relay=" | ||
84 | "-o" "smtp_tls_security_level=verify" | ||
85 | "-o" "smtp_tls_wrappermode=yes" | ||
86 | "-o" "smtp_tls_cert_file=${./relay.crt}" | ||
87 | "-o" "smtp_tls_key_file=/run/credentials/postfix.service/relay.key" | ||
88 | ]; | ||
89 | }; | ||
90 | }; | ||
91 | }; | ||
92 | |||
93 | systemd.services.postfix = { | ||
94 | serviceConfig.LoadCredential = [ | ||
95 | "sasl_passwd:${config.sops.secrets."postfix-sasl-passwd".path}" | ||
96 | "relay.key:${config.sops.secrets."relay-key".path}" | ||
97 | ]; | ||
98 | }; | ||
99 | |||
100 | sops.secrets = { | ||
101 | postfix-sasl-passwd = { | ||
102 | key = "sasl-passwd"; | ||
103 | sopsFile = ./secrets.yaml; | ||
104 | }; | ||
105 | relay-key = { | ||
106 | format = "binary"; | ||
107 | sopsFile = ./relay.key; | ||
108 | }; | ||
109 | }; | ||
110 | } | ||
diff --git a/hosts/sif/email/relay.crt b/hosts/sif/email/relay.crt new file mode 100644 index 00000000..ac13e7cb --- /dev/null +++ b/hosts/sif/email/relay.crt | |||
@@ -0,0 +1,11 @@ | |||
1 | -----BEGIN CERTIFICATE----- | ||
2 | MIIBjDCCAQygAwIBAgIPQAAAAGgLfNoL/PSMAsutMAUGAytlcTAXMRUwEwYDVQQD | ||
3 | DAx5Z2dkcmFzaWwubGkwHhcNMjUwNDI1MTIwOTQ1WhcNMzUwNDI2MTIxNDQ1WjAR | ||
4 | MQ8wDQYDVQQDDAZna2xlZW4wKjAFBgMrZXADIQB3outi3/3F4YO7Q97WAAaMHW0a | ||
5 | m+Blldrgee+EZnWnD6N1MHMwHwYDVR0jBBgwFoAUTtn+VjMw6Ge1f68KD8dT1CWn | ||
6 | l3YwHQYDVR0OBBYEFFOa4rYZYMbXUVdKv98NB504GUhjMA4GA1UdDwEB/wQEAwID | ||
7 | 6DAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAUGAytlcQNzABC0 | ||
8 | 0UgIt7gLZrU1TmzGoqPBris8R1DbKOJacicF5CU0MIIjHcX7mPFW8KtB4qm6KcPq | ||
9 | kF6IaEPmgKpX3Nubk8HJik9vhIy9ysfINcVTvzXx8pO1bxbvREJRyA/apj10nzav | ||
10 | yauId0cXHvN6g5RLAMsMAA== | ||
11 | -----END CERTIFICATE----- | ||
diff --git a/hosts/sif/email/relay.key b/hosts/sif/email/relay.key new file mode 100644 index 00000000..412a44e0 --- /dev/null +++ b/hosts/sif/email/relay.key | |||
@@ -0,0 +1,19 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:lBlTuzOS75pvRmcTKT4KhHMH44RlE2SvCFAUP+GfsXws1Uai7DZ1MmbhvxxCa+pcLW19+sQYxrXLRNZWby1yOeKBJ2UQeYV5LOk9LSL/WIE3FZkCo5Dv0O0gSFKjjb61WN22a4JnHbLWADf/mLT3GZv91XfvFDo=,iv:ho8wQH3UNzX9JPW5gVcUGtxZzdVwsMFus0Z4KYe5t48=,tag:dAgZyHOva2xVVhE1nTl+lg==,type:str]", | ||
3 | "sops": { | ||
4 | "age": [ | ||
5 | { | ||
6 | "recipient": "age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866", | ||
7 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6eTVRSUdFNUZGZmcxSUlT\nWmlsOGNyWXIzMGNTZjlKbXlhcEdZUXFRVkR3Cll0T0RMd0h2UW16QkR3SHlhYmNZ\nNDFrYXh3Rkp5NWsvcWc3UFJJaHVwT1UKLS0tIHhXVEI0VHBZVkpDQ1FzWENjMmJH\nb1FQWXVUUTBiZ1pKWG00MTNqVEo2SjAKK3VOU+QgRuxWYWEcrJiVMRFCprBICz4F\ngD+9zuPUzPezyJkYwTs+M+wX5GYkXppqm5W58yQLS2UDD38sr+SRjg==\n-----END AGE ENCRYPTED FILE-----\n" | ||
8 | }, | ||
9 | { | ||
10 | "recipient": "age1fj65apkhfkrwyv5tx6zcs9nkjg8267fy733qph30sc7zfn7vapjqkd5kne", | ||
11 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzWmJmZDVFazN2bDY1TkNG\nNXpJN2twMFFjZUxMTVdSNzJwQTFiYktrcGdrCjk4eFVHTko0bFVMSlFFWm9tbjMr\nbWNHMEQ1Rm1qUVhodlB1RGw2aDc4TUEKLS0tIERBK0J5NkN4OXJEZ1ZOZXhNc1Jm\naWNnUmZGbTIxdmNkYi9TZ2h2bGs3MVEKPQGaEf7M/5/xvSOfawpIp50fB3QfFSuz\nPgkrPMneaBeUx+uBYMyEFX4rpzLIBR3pnYMjAfoc+bjWaOtGQuEqyQ==\n-----END AGE ENCRYPTED FILE-----\n" | ||
12 | } | ||
13 | ], | ||
14 | "lastmodified": "2025-04-25T12:14:44Z", | ||
15 | "mac": "ENC[AES256_GCM,data:pObl2bJA93az9E3Ya+hA3ekI8TKKZ9NNTi0KzmWZBOiQwi9FuQYtpnmmT80L1KXWyOKJV6wGdAri3mNe/ue2S0TziSbQ/4+Dj4ubFKgkH7thb5q2dFyxw5FzhYzRQiXFqD/pxcNN9uL0lQI2Al0Eci0zX8Kcd1rAQ6RzLEoSmco=,iv:zo/3QFKTUEDxLy1k5yyU7Z1JMZ7cKdYUc6GHjaTTZKQ=,tag:f63Eja3lBfwJCYAOyEt56g==,type:str]", | ||
16 | "unencrypted_suffix": "_unencrypted", | ||
17 | "version": "3.10.2" | ||
18 | } | ||
19 | } | ||
diff --git a/hosts/sif/mail/secrets.yaml b/hosts/sif/email/secrets.yaml index 3c74b710..3c74b710 100644 --- a/hosts/sif/mail/secrets.yaml +++ b/hosts/sif/email/secrets.yaml | |||
diff --git a/hosts/sif/mail/default.nix b/hosts/sif/mail/default.nix deleted file mode 100644 index 8d6cd705..00000000 --- a/hosts/sif/mail/default.nix +++ /dev/null | |||
@@ -1,70 +0,0 @@ | |||
1 | { config, lib, pkgs, ... }: | ||
2 | { | ||
3 | services.postfix = { | ||
4 | enable = true; | ||
5 | enableSmtp = true; | ||
6 | enableSubmission = false; | ||
7 | setSendmail = true; | ||
8 | networksStyle = "host"; | ||
9 | hostname = "sif.midgard.yggdrasil"; | ||
10 | destination = []; | ||
11 | relayHost = "uucp:ymir"; | ||
12 | recipientDelimiter = "+"; | ||
13 | masterConfig = { | ||
14 | uucp = { | ||
15 | type = "unix"; | ||
16 | private = true; | ||
17 | privileged = true; | ||
18 | chroot = false; | ||
19 | command = "pipe"; | ||
20 | args = [ "flags=Fqhu" "user=uucp" ''argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient)'' ]; | ||
21 | }; | ||
22 | smtps = { | ||
23 | type = "unix"; | ||
24 | private = true; | ||
25 | privileged = true; | ||
26 | chroot = false; | ||
27 | command = "smtp"; | ||
28 | args = [ "-o" "smtp_tls_wrappermode=yes" "-o" "smtp_tls_security_level=encrypt" ]; | ||
29 | }; | ||
30 | }; | ||
31 | config = { | ||
32 | default_transport = "uucp:ymir"; | ||
33 | |||
34 | inet_interfaces = "loopback-only"; | ||
35 | |||
36 | authorized_submit_users = ["!uucp" "static:anyone"]; | ||
37 | message_size_limit = "0"; | ||
38 | |||
39 | sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" '' | ||
40 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de | ||
41 | /@ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtpin1.ifi.lmu.de:587 | ||
42 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ smtps:smtp.math.lmu.de:465 | ||
43 | /@(campus\.)?lmu\.de$/ smtp:postout.lrz.de | ||
44 | ''}''; | ||
45 | sender_bcc_maps = ''regexp:${pkgs.writeText "sender_bcc" '' | ||
46 | /^uni2work(-[^@]*)?@ifi\.lmu\.de$/ uni2work@ifi.lmu.de | ||
47 | /@ifi\.lmu\.de$/ gregor.kleen@ifi.lmu.de | ||
48 | ''}''; | ||
49 | |||
50 | smtp_sasl_auth_enable = true; | ||
51 | smtp_sender_dependent_authentication = true; | ||
52 | smtp_sasl_tls_security_options = "noanonymous"; | ||
53 | smtp_sasl_mechanism_filter = ["plain"]; | ||
54 | smtp_sasl_password_maps = "regexp:/var/db/postfix/sasl_passwd"; | ||
55 | smtp_cname_overrides_servername = false; | ||
56 | smtp_always_send_ehlo = true; | ||
57 | smtp_tls_security_level = "dane"; | ||
58 | |||
59 | smtp_tls_loglevel = "1"; | ||
60 | smtp_dns_support_level = "dnssec"; | ||
61 | }; | ||
62 | }; | ||
63 | |||
64 | sops.secrets.postfix-sasl-passwd = { | ||
65 | key = "sasl-passwd"; | ||
66 | path = "/var/db/postfix/sasl_passwd"; | ||
67 | owner = "postfix"; | ||
68 | sopsFile = ./secrets.yaml; | ||
69 | }; | ||
70 | } | ||
diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix index fbfde757..52ab43f5 100644 --- a/hosts/surtr/bifrost/default.nix +++ b/hosts/surtr/bifrost/default.nix | |||
@@ -18,7 +18,7 @@ in { | |||
18 | ListenPort = 51822; | 18 | ListenPort = 51822; |
19 | }; | 19 | }; |
20 | wireguardPeers = [ | 20 | wireguardPeers = [ |
21 | { AllowedIPs = [ "2a03:4000:52:ada:4:1::/96" ]; | 21 | { AllowedIPs = [ "2a03:4000:52:ada:4:1::/96" "2a03:4000:52:ada:6::/80" ]; |
22 | PublicKey = trim (readFile ../../vidhar/network/bifrost/vidhar.pub); | 22 | PublicKey = trim (readFile ../../vidhar/network/bifrost/vidhar.pub); |
23 | } | 23 | } |
24 | ]; | 24 | ]; |
@@ -34,6 +34,8 @@ in { | |||
34 | routes = [ | 34 | routes = [ |
35 | { Destination = "2a03:4000:52:ada:4::/80"; | 35 | { Destination = "2a03:4000:52:ada:4::/80"; |
36 | } | 36 | } |
37 | { Destination = "2a03:4000:52:ada:6::/80"; | ||
38 | } | ||
37 | ]; | 39 | ]; |
38 | linkConfig = { | 40 | linkConfig = { |
39 | RequiredForOnline = false; | 41 | RequiredForOnline = false; |
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix index d420040a..63beece3 100644 --- a/hosts/surtr/default.nix +++ b/hosts/surtr/default.nix | |||
@@ -7,7 +7,7 @@ with lib; | |||
7 | tmpfs-root qemu-guest openssh rebuild-machines zfs | 7 | tmpfs-root qemu-guest openssh rebuild-machines zfs |
8 | ./zfs.nix ./dns ./tls ./http ./bifrost ./matrix ./postgresql | 8 | ./zfs.nix ./dns ./tls ./http ./bifrost ./matrix ./postgresql |
9 | ./prometheus ./email ./vpn ./borg.nix ./etebase ./immich.nix | 9 | ./prometheus ./email ./vpn ./borg.nix ./etebase ./immich.nix |
10 | ./paperless.nix ./hledger.nix ./audiobookshelf.nix | 10 | ./paperless.nix ./hledger.nix ./audiobookshelf.nix ./kimai.nix |
11 | ]; | 11 | ]; |
12 | 12 | ||
13 | config = { | 13 | config = { |
@@ -22,7 +22,6 @@ with lib; | |||
22 | device = "/dev/vda"; | 22 | device = "/dev/vda"; |
23 | }; | 23 | }; |
24 | 24 | ||
25 | |||
26 | tmp.useTmpfs = true; | 25 | tmp.useTmpfs = true; |
27 | 26 | ||
28 | zfs.devNodes = "/dev"; # /dev/vda2 does not show up in /dev/disk/by-id | 27 | zfs.devNodes = "/dev"; # /dev/vda2 does not show up in /dev/disk/by-id |
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index 7aa3fb00..8aca2b97 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix | |||
@@ -157,7 +157,7 @@ in { | |||
157 | ${concatMapStringsSep "\n" mkZone [ | 157 | ${concatMapStringsSep "\n" mkZone [ |
158 | { domain = "yggdrasil.li"; | 158 | { domain = "yggdrasil.li"; |
159 | addACLs = { "yggdrasil.li" = ["ymir_acme_acl"]; }; | 159 | addACLs = { "yggdrasil.li" = ["ymir_acme_acl"]; }; |
160 | acmeDomains = ["surtr.yggdrasil.li" "yggdrasil.li" "etesync.yggdrasil.li" "immich.yggdrasil.li" "app.etesync.yggdrasil.li" "paperless.yggdrasil.li" "hledger.yggdrasil.li" "audiobookshelf.yggdrasil.li"]; | 160 | acmeDomains = ["surtr.yggdrasil.li" "yggdrasil.li" "etesync.yggdrasil.li" "immich.yggdrasil.li" "app.etesync.yggdrasil.li" "paperless.yggdrasil.li" "hledger.yggdrasil.li" "audiobookshelf.yggdrasil.li" "kimai.yggdrasil.li"]; |
161 | } | 161 | } |
162 | { domain = "nights.email"; | 162 | { domain = "nights.email"; |
163 | addACLs = { "nights.email" = ["ymir_acme_acl"]; }; | 163 | addACLs = { "nights.email" = ["ymir_acme_acl"]; }; |
diff --git a/hosts/surtr/dns/keys/kimai.yggdrasil.li_acme b/hosts/surtr/dns/keys/kimai.yggdrasil.li_acme new file mode 100644 index 00000000..bdfb135a --- /dev/null +++ b/hosts/surtr/dns/keys/kimai.yggdrasil.li_acme | |||
@@ -0,0 +1,19 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:sKFt4pH0Xn7Qm6JFMg/2N7Ht7jtMJukfN+U3dQaoYXPbhRJ+heEtDpXV/WP4AlfbfpIOgTPW3mcmQCwKFNhS00vEsQA4728FfXZzDDmZCa3hwg51wDbL7XUOr0OePgzi86lt0Q193K6CkGqEAa1vFIb//ElEfBYIwdATbmcoAsM3mHhz58X7c1qf8LNuB93o/1N2xXXZI3NWOhOjlviTc2DAhffXDwlMJSYUhldnwtDKmLM1mooJzLgm2p9w7gRD7WPqEqZFq9uFDK69P9uX5T9hFHg=,iv:rAE4sYxxLou4tyD4RWTp3LjQP0cya95coy1MvwfEK/U=,tag:u4SSk8SZFlj0ks7d6tDocw==,type:str]", | ||
3 | "sops": { | ||
4 | "age": [ | ||
5 | { | ||
6 | "recipient": "age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866", | ||
7 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2KzdNUWhEcDB6QmtUTnVh\nNS9Nc2I4UjAzekxhRXo1UmY3SklPejV1TURJCm9NY2lVOERoMDFKTU56Mmh1NHEr\naGV4M1RoVldHV0xyc3Z0MnVqakpjMFUKLS0tIEYxSk9OUm9kMkdtcG5POWRGQVkx\nY1FEaXYwMGo0L0Z0aTVTZDA5aUFDWEUKJ+e/7lR/rNPNVnIy+wkiKiAYMxWp4L7q\nwnSTx451vSnxv9j3JWB43Y7XQC08cisWDj06ULw8FnEbKYOvTYj9mQ==\n-----END AGE ENCRYPTED FILE-----\n" | ||
8 | }, | ||
9 | { | ||
10 | "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", | ||
11 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwOTU3dUEzaXM5T1VkbDRO\nMm14OG1mUkk2bDRhdnBsMHBkc3kvUzlyNlQwCktFSHJhMnhoQ2J6bC9vUHNLWTRC\nRFpYeHo3N2xjWUhjQnRwQ2Nrc1pRUmsKLS0tIDdPeFBVdkxDd1JWSmcxQ0tLMTBD\ncHU3VExZOUhYUlJvbGNoK3FMK2VIbGMKFk94P9aBY04CPIi983f3Aalgh4fnU+/K\n2mxawSMf9jz8704N5XJfmr2hwNy8hqLIn8bjsEMAPTfE1YBGga4w0g==\n-----END AGE ENCRYPTED FILE-----\n" | ||
12 | } | ||
13 | ], | ||
14 | "lastmodified": "2025-05-24T09:42:23Z", | ||
15 | "mac": "ENC[AES256_GCM,data:diCeJGvBmM0Ng722eKoFwDe7pqZrdLPSLn5j9LfdaFI64BAbSbA5bAq4NFXqdJ1vttarD2A5rEafYoXUxP8228x2GhNyWUGW5AWgBjVPUc59gjs4wYKR5HlkVMIadhTwNheEyoEjrxX40GNBgCG7X3ocOtOYKbKECp433gdAPDg=,iv:d+yJMWj2RyFnveo2ZNrpNeV+amXM+H7vdC0A2F7mwjA=,tag:yjibG2iusdprp0ORghYWhw==,type:str]", | ||
16 | "unencrypted_suffix": "_unencrypted", | ||
17 | "version": "3.10.2" | ||
18 | } | ||
19 | } | ||
diff --git a/hosts/surtr/dns/zones/email.nights.soa b/hosts/surtr/dns/zones/email.nights.soa index 913a88d4..34209a99 100644 --- a/hosts/surtr/dns/zones/email.nights.soa +++ b/hosts/surtr/dns/zones/email.nights.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN nights.email. | 1 | $ORIGIN nights.email. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2023013000 ; serial | 4 | 2025060700 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -27,11 +27,7 @@ $TTL 3600 | |||
27 | 27 | ||
28 | _acme-challenge IN NS ns.yggdrasil.li. | 28 | _acme-challenge IN NS ns.yggdrasil.li. |
29 | 29 | ||
30 | ymir._domainkey IN TXT ( | 30 | ymir._domainkey IN CNAME ymir._domainkey.yggdrasil.li. |
31 | "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2" | ||
32 | "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24" | ||
33 | "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ==" | ||
34 | ) | ||
35 | 31 | ||
36 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. | 32 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. |
37 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. | 33 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. |
diff --git a/hosts/surtr/dns/zones/li.141.soa b/hosts/surtr/dns/zones/li.141.soa index ab117f09..78d137bb 100644 --- a/hosts/surtr/dns/zones/li.141.soa +++ b/hosts/surtr/dns/zones/li.141.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN 141.li. | 1 | $ORIGIN 141.li. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2025020900 ; serial | 4 | 2025060701 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -45,11 +45,8 @@ ymir IN AAAA 2a03:4000:6:d004:: | |||
45 | ymir IN MX 0 ymir.yggdrasil.li | 45 | ymir IN MX 0 ymir.yggdrasil.li |
46 | ymir IN TXT "v=spf1 redirect=ymir.yggdrasil.li" | 46 | ymir IN TXT "v=spf1 redirect=ymir.yggdrasil.li" |
47 | 47 | ||
48 | ymir._domainkey IN TXT ( | 48 | ymir._domainkey IN CNAME ymir._domainkey.yggdrasil.li. |
49 | "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2" | 49 | surtr._domainkey IN CNAME surtr._domainkey.yggdrasil.li. |
50 | "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24" | ||
51 | "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ==" | ||
52 | ) | ||
53 | 50 | ||
54 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. | 51 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. |
55 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. | 52 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. |
diff --git a/hosts/surtr/dns/zones/li.kleen.soa b/hosts/surtr/dns/zones/li.kleen.soa index a1c7d35a..5dd3e697 100644 --- a/hosts/surtr/dns/zones/li.kleen.soa +++ b/hosts/surtr/dns/zones/li.kleen.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN kleen.li. | 1 | $ORIGIN kleen.li. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2023013000 ; serial | 4 | 2025060701 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -27,11 +27,8 @@ $TTL 3600 | |||
27 | 27 | ||
28 | _acme-challenge IN NS ns.yggdrasil.li. | 28 | _acme-challenge IN NS ns.yggdrasil.li. |
29 | 29 | ||
30 | ymir._domainkey IN TXT ( | 30 | ymir._domainkey IN CNAME ymir._domainkey.yggdrasil.li. |
31 | "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2" | 31 | surtr._domainkey IN CNAME surtr._domainkey.yggdrasil.li. |
32 | "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24" | ||
33 | "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ==" | ||
34 | ) | ||
35 | 32 | ||
36 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. | 33 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. |
37 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. | 34 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. |
diff --git a/hosts/surtr/dns/zones/li.synapse.soa b/hosts/surtr/dns/zones/li.synapse.soa index 086d4a85..247cf025 100644 --- a/hosts/surtr/dns/zones/li.synapse.soa +++ b/hosts/surtr/dns/zones/li.synapse.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN synapse.li. | 1 | $ORIGIN synapse.li. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2023092100 ; serial | 4 | 2025060701 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
diff --git a/hosts/surtr/dns/zones/li.yggdrasil.soa b/hosts/surtr/dns/zones/li.yggdrasil.soa index 7273827b..500194ae 100644 --- a/hosts/surtr/dns/zones/li.yggdrasil.soa +++ b/hosts/surtr/dns/zones/li.yggdrasil.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN yggdrasil.li. | 1 | $ORIGIN yggdrasil.li. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2025050900 ; serial | 4 | 2025060700 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -101,12 +101,22 @@ _acme-challenge.audiobookshelf IN NS ns.yggdrasil.li. | |||
101 | 101 | ||
102 | audiobookshelf IN HTTPS 1 . alpn="h2,h3" ipv4hint="202.61.241.61" ipv6hint="2a03:4000:52:ada::" | 102 | audiobookshelf IN HTTPS 1 . alpn="h2,h3" ipv4hint="202.61.241.61" ipv6hint="2a03:4000:52:ada::" |
103 | 103 | ||
104 | kimai IN A 202.61.241.61 | ||
105 | kimai IN AAAA 2a03:4000:52:ada:: | ||
106 | kimai IN MX 0 surtr.yggdrasil.li | ||
107 | kimai IN TXT "v=spf1 redirect=surtr.yggdrasil.li" | ||
108 | _acme-challenge.kimai IN NS ns.yggdrasil.li. | ||
109 | |||
110 | kimai IN HTTPS 1 . alpn="h2,h3" ipv4hint="202.61.241.61" ipv6hint="2a03:4000:52:ada::" | ||
111 | |||
104 | vidhar IN AAAA 2a03:4000:52:ada:4:1:: | 112 | vidhar IN AAAA 2a03:4000:52:ada:4:1:: |
105 | vidhar IN MX 0 ymir.yggdrasil.li | 113 | vidhar IN MX 0 ymir.yggdrasil.li |
106 | vidhar IN TXT "v=spf1 redirect=yggdrasil.li" | 114 | vidhar IN TXT "v=spf1 redirect=yggdrasil.li" |
107 | 115 | ||
108 | mailout IN A 188.68.51.254 | 116 | mailout IN A 188.68.51.254 |
109 | mailout IN AAAA 2a03:4000:6:d004:: | 117 | mailout IN AAAA 2a03:4000:6:d004:: |
118 | mailout IN A 202.61.241.61 | ||
119 | mailout IN AAAA 2a03:4000:52:ada:: | ||
110 | mailout IN MX 0 ymir.yggdrasil.li | 120 | mailout IN MX 0 ymir.yggdrasil.li |
111 | mailout IN TXT "v=spf1 redirect=yggdrasil.li" | 121 | mailout IN TXT "v=spf1 redirect=yggdrasil.li" |
112 | 122 | ||
diff --git a/hosts/surtr/dns/zones/org.praseodym.soa b/hosts/surtr/dns/zones/org.praseodym.soa index df505b4c..2b97ca19 100644 --- a/hosts/surtr/dns/zones/org.praseodym.soa +++ b/hosts/surtr/dns/zones/org.praseodym.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN praseodym.org. | 1 | $ORIGIN praseodym.org. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( | 3 | @ IN SOA ns.yggdrasil.li. hostmaster.yggdrasil.li ( |
4 | 2023013000 ; serial | 4 | 2025060701 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -32,11 +32,8 @@ surtr IN AAAA 2a03:4000:52:ada:: | |||
32 | surtr IN MX 0 ymir.yggdrasil.li | 32 | surtr IN MX 0 ymir.yggdrasil.li |
33 | surtr IN TXT "v=spf1 redirect=yggdrasil.li" | 33 | surtr IN TXT "v=spf1 redirect=yggdrasil.li" |
34 | 34 | ||
35 | ymir._domainkey IN TXT ( | 35 | ymir._domainkey IN CNAME ymir._domainkey.yggdrasil.li. |
36 | "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2" | 36 | surtr._domainkey IN CNAME surtr._domainkey.yggdrasil.li. |
37 | "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24" | ||
38 | "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ==" | ||
39 | ) | ||
40 | 37 | ||
41 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. | 38 | _xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li. |
42 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. | 39 | _xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li. |
diff --git a/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py b/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py index 00182523..7c931559 100644 --- a/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py +++ b/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py | |||
@@ -28,10 +28,12 @@ class PolicyHandler(StreamRequestHandler): | |||
28 | 28 | ||
29 | allowed = False | 29 | allowed = False |
30 | user = None | 30 | user = None |
31 | relay_eligible = False | ||
31 | if self.args['sasl_username']: | 32 | if self.args['sasl_username']: |
32 | user = self.args['sasl_username'] | 33 | user = self.args['sasl_username'] |
33 | if self.args['ccert_subject']: | 34 | if self.args['ccert_subject']: |
34 | user = self.args['ccert_subject'] | 35 | user = self.args['ccert_subject'] |
36 | relay_eligible = True | ||
35 | 37 | ||
36 | if user: | 38 | if user: |
37 | with self.server.db_pool.connection() as conn: | 39 | with self.server.db_pool.connection() as conn: |
@@ -44,10 +46,16 @@ class PolicyHandler(StreamRequestHandler): | |||
44 | 46 | ||
45 | with conn.cursor() as cur: | 47 | with conn.cursor() as cur: |
46 | cur.row_factory = namedtuple_row | 48 | cur.row_factory = namedtuple_row |
47 | cur.execute('SELECT "mailbox"."mailbox" as "user", "local", "extension", "domain" FROM "mailbox" INNER JOIN "mailbox_mapping" ON "mailbox".id = "mailbox_mapping"."mailbox" WHERE "mailbox"."mailbox" = %(user)s AND ("local" = %(local)s OR "local" IS NULL) AND ("extension" = %(extension)s OR "extension" IS NULL) AND "domain" = %(domain)s', params = {'user': user, 'local': local, 'extension': extension if extension is not None else '', 'domain': domain}, prepare=True) | 49 | |
48 | for record in cur: | 50 | if relay_eligible: |
49 | logger.debug('Received result: %s', record) | 51 | cur.execute('SELECT EXISTS(SELECT true FROM "mailbox" INNER JOIN "relay_access" ON "mailbox".id = "relay_access"."mailbox" WHERE "mailbox"."mailbox" = %(user)s AND ("domain" = %(domain)s OR %(domain)s ilike CONCAT(\'%%_.\', "domain"))) as "exists"', params = {'user': user, 'domain': domain}) |
50 | allowed = True | 52 | if (row := cur.fetchone()) is not None: |
53 | allowed = row.exists | ||
54 | |||
55 | if not allowed: | ||
56 | cur.execute('SELECT EXISTS(SELECT true FROM "mailbox" INNER JOIN "mailbox_mapping" ON "mailbox".id = "mailbox_mapping"."mailbox" WHERE "mailbox"."mailbox" = %(user)s AND ("local" = %(local)s OR "local" IS NULL) AND ("extension" = %(extension)s OR "extension" IS NULL) AND "domain" = %(domain)s) as "exists"', params = {'user': user, 'local': local, 'extension': extension if extension is not None else '', 'domain': domain}, prepare=True) | ||
57 | if (row := cur.fetchone()) is not None: | ||
58 | allowed = row.exists | ||
51 | 59 | ||
52 | action = '550 5.7.0 Sender address not authorized for current user' | 60 | action = '550 5.7.0 Sender address not authorized for current user' |
53 | if allowed: | 61 | if allowed: |
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 845f6455..fa7ddac6 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { config, pkgs, lib, flakeInputs, ... }: | 1 | { config, pkgs, lib, flake, flakeInputs, ... }: |
2 | 2 | ||
3 | with lib; | 3 | with lib; |
4 | 4 | ||
@@ -15,7 +15,7 @@ let | |||
15 | 15 | ||
16 | for file in $out/pipe/bin/*; do | 16 | for file in $out/pipe/bin/*; do |
17 | wrapProgram $file \ | 17 | wrapProgram $file \ |
18 | --set PATH "${pkgs.coreutils}/bin:${pkgs.rspamd}/bin" | 18 | --set PATH "${makeBinPath (with pkgs; [coreutils rspamd])}" |
19 | done | 19 | done |
20 | ''; | 20 | ''; |
21 | }; | 21 | }; |
@@ -33,12 +33,28 @@ let | |||
33 | }); | 33 | }); |
34 | }); | 34 | }); |
35 | }; | 35 | }; |
36 | internal-policy-server = | ||
37 | let | ||
38 | workspace = flakeInputs.uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./internal-policy-server; }; | ||
39 | pythonSet = flake.lib.pythonSet { | ||
40 | inherit pkgs; | ||
41 | python = pkgs.python312; | ||
42 | overlay = workspace.mkPyprojectOverlay { | ||
43 | sourcePreference = "wheel"; | ||
44 | }; | ||
45 | }; | ||
46 | virtualEnv = pythonSet.mkVirtualEnv "internal-policy-server-env" workspace.deps.default; | ||
47 | in virtualEnv.overrideAttrs (oldAttrs: { | ||
48 | meta = (oldAttrs.meta or {}) // { | ||
49 | mainProgram = "internal-policy-server"; | ||
50 | }; | ||
51 | }); | ||
36 | 52 | ||
37 | nftables-nologin-script = pkgs.writeScript "nftables-mail-nologin" '' | 53 | nftables-nologin-script = pkgs.resholve.writeScript "nftables-mail-nologin" { |
38 | #!${pkgs.zsh}/bin/zsh | 54 | inputs = with pkgs; [inetutils nftables gnugrep findutils]; |
39 | 55 | interpreter = lib.getExe pkgs.zsh; | |
56 | } '' | ||
40 | set -e | 57 | set -e |
41 | export PATH="${lib.makeBinPath (with pkgs; [inetutils nftables])}:$PATH" | ||
42 | 58 | ||
43 | typeset -a as_sets mnt_bys route route6 | 59 | typeset -a as_sets mnt_bys route route6 |
44 | as_sets=(${lib.escapeShellArgs config.services.email.nologin.ASSets}) | 60 | as_sets=(${lib.escapeShellArgs config.services.email.nologin.ASSets}) |
@@ -51,7 +67,7 @@ let | |||
51 | elif [[ "''${line}" =~ "^route6:\s+(.+)$" ]]; then | 67 | elif [[ "''${line}" =~ "^route6:\s+(.+)$" ]]; then |
52 | route6+=($match[1]) | 68 | route6+=($match[1]) |
53 | fi | 69 | fi |
54 | done < <(whois -h whois.radb.net "!i''${as_set},1" | egrep -o 'AS[0-9]+' | xargs -- whois -h whois.radb.net -- -i origin) | 70 | done < <(whois -h whois.radb.net "!i''${as_set},1" | grep -Eo 'AS[0-9]+' | xargs whois -h whois.radb.net -- -i origin) |
55 | done | 71 | done |
56 | for mnt_by in $mnt_bys; do | 72 | for mnt_by in $mnt_bys; do |
57 | while IFS=$'\n' read line; do | 73 | while IFS=$'\n' read line; do |
@@ -113,14 +129,14 @@ in { | |||
113 | setSendmail = true; | 129 | setSendmail = true; |
114 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; | 130 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; |
115 | destination = []; | 131 | destination = []; |
116 | sslCert = "/run/credentials/postfix.service/surtr.yggdrasil.li.pem"; | ||
117 | sslKey = "/run/credentials/postfix.service/surtr.yggdrasil.li.key.pem"; | ||
118 | networks = []; | 132 | networks = []; |
119 | config = let | 133 | config = { |
120 | relay_ccert = "texthash:${pkgs.writeText "relay_ccert" ""}"; | ||
121 | in { | ||
122 | smtpd_tls_security_level = "may"; | 134 | smtpd_tls_security_level = "may"; |
123 | 135 | ||
136 | smtpd_tls_chain_files = [ | ||
137 | "/run/credentials/postfix.service/surtr.yggdrasil.li.full.pem" | ||
138 | ]; | ||
139 | |||
124 | #the dh params | 140 | #the dh params |
125 | smtpd_tls_dh1024_param_file = toString config.security.dhparams.params."postfix-1024".path; | 141 | smtpd_tls_dh1024_param_file = toString config.security.dhparams.params."postfix-1024".path; |
126 | smtpd_tls_dh512_param_file = toString config.security.dhparams.params."postfix-512".path; | 142 | smtpd_tls_dh512_param_file = toString config.security.dhparams.params."postfix-512".path; |
@@ -155,12 +171,7 @@ in { | |||
155 | 171 | ||
156 | smtp_tls_connection_reuse = true; | 172 | smtp_tls_connection_reuse = true; |
157 | 173 | ||
158 | tls_server_sni_maps = ''texthash:${pkgs.writeText "sni" ( | 174 | tls_server_sni_maps = "inline:{${concatMapStringsSep ", " (domain: "{ ${domain} = /run/credentials/postfix.service/${removePrefix "." domain}.full.pem }") (concatMap (domain: [domain "mailin.${domain}" "mailsub.${domain}" ".${domain}"]) emailDomains)}}"; |
159 | concatMapStringsSep "\n\n" (domain: | ||
160 | concatMapStringsSep "\n" (subdomain: "${subdomain} /run/credentials/postfix.service/${removePrefix "." subdomain}.full.pem") | ||
161 | [domain "mailin.${domain}" "mailsub.${domain}" ".${domain}"] | ||
162 | ) emailDomains | ||
163 | )}''; | ||
164 | 175 | ||
165 | smtp_tls_policy_maps = "socketmap:unix:${config.services.postfix-mta-sts-resolver.settings.path}:postfix"; | 176 | smtp_tls_policy_maps = "socketmap:unix:${config.services.postfix-mta-sts-resolver.settings.path}:postfix"; |
166 | 177 | ||
@@ -184,12 +195,12 @@ in { | |||
184 | dbname = email | 195 | dbname = email |
185 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' | 196 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' |
186 | ''}" | 197 | ''}" |
187 | "check_ccert_access ${relay_ccert}" | ||
188 | "reject_non_fqdn_helo_hostname" | 198 | "reject_non_fqdn_helo_hostname" |
189 | "reject_invalid_helo_hostname" | 199 | "reject_invalid_helo_hostname" |
190 | "reject_unauth_destination" | 200 | "reject_unauth_destination" |
191 | "reject_unknown_recipient_domain" | 201 | "reject_unknown_recipient_domain" |
192 | "reject_unverified_recipient" | 202 | "reject_unverified_recipient" |
203 | "check_policy_service unix:/run/postfix-internal-policy.sock" | ||
193 | ]; | 204 | ]; |
194 | unverified_recipient_reject_code = "550"; | 205 | unverified_recipient_reject_code = "550"; |
195 | unverified_recipient_reject_reason = "Recipient address lookup failed"; | 206 | unverified_recipient_reject_reason = "Recipient address lookup failed"; |
@@ -204,7 +215,6 @@ in { | |||
204 | address_verify_sender_ttl = "30045s"; | 215 | address_verify_sender_ttl = "30045s"; |
205 | 216 | ||
206 | smtpd_relay_restrictions = [ | 217 | smtpd_relay_restrictions = [ |
207 | "check_ccert_access ${relay_ccert}" | ||
208 | "reject_unauth_destination" | 218 | "reject_unauth_destination" |
209 | ]; | 219 | ]; |
210 | 220 | ||
@@ -251,11 +261,24 @@ in { | |||
251 | virtual_transport = "dvlmtp:unix:/run/dovecot-lmtp"; | 261 | virtual_transport = "dvlmtp:unix:/run/dovecot-lmtp"; |
252 | smtputf8_enable = false; | 262 | smtputf8_enable = false; |
253 | 263 | ||
254 | authorized_submit_users = "inline:{ root= postfwd= }"; | 264 | authorized_submit_users = "inline:{ root= postfwd= ${config.services.dovecot2.user}= }"; |
265 | authorized_flush_users = "inline:{ root= }"; | ||
266 | authorized_mailq_users = "inline:{ root= }"; | ||
255 | 267 | ||
256 | postscreen_access_list = ""; | 268 | postscreen_access_list = ""; |
257 | postscreen_denylist_action = "drop"; | 269 | postscreen_denylist_action = "drop"; |
258 | postscreen_greet_action = "enforce"; | 270 | postscreen_greet_action = "enforce"; |
271 | |||
272 | sender_bcc_maps = ''pgsql:${pkgs.writeText "sender_bcc_maps.cf" '' | ||
273 | hosts = postgresql:///email | ||
274 | dbname = email | ||
275 | query = SELECT value FROM sender_bcc_maps WHERE key = '%s' | ||
276 | ''}''; | ||
277 | recipient_bcc_maps = ''pgsql:${pkgs.writeText "recipient_bcc_maps.cf" '' | ||
278 | hosts = postgresql:///email | ||
279 | dbname = email | ||
280 | query = SELECT value FROM recipient_bcc_maps WHERE key = '%s' | ||
281 | ''}''; | ||
259 | }; | 282 | }; |
260 | masterConfig = { | 283 | masterConfig = { |
261 | "465" = { | 284 | "465" = { |
@@ -280,7 +303,7 @@ in { | |||
280 | hosts = postgresql:///email | 303 | hosts = postgresql:///email |
281 | dbname = email | 304 | dbname = email |
282 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' OR (lookup = regexp_replace('%s', '\+[^@]*@', '@') AND NOT EXISTS (SELECT 1 FROM virtual_mailbox_access WHERE lookup = '%s')) | 305 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' OR (lookup = regexp_replace('%s', '\+[^@]*@', '@') AND NOT EXISTS (SELECT 1 FROM virtual_mailbox_access WHERE lookup = '%s')) |
283 | ''},permit_tls_all_clientcerts,reject}'' | 306 | ''},check_policy_service unix:/run/postfix-internal-policy.sock,permit_tls_all_clientcerts,reject}'' |
284 | "-o" "smtpd_relay_restrictions=permit_tls_all_clientcerts,reject" | 307 | "-o" "smtpd_relay_restrictions=permit_tls_all_clientcerts,reject" |
285 | "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}" | 308 | "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}" |
286 | "-o" "unverified_sender_reject_code=550" | 309 | "-o" "unverified_sender_reject_code=550" |
@@ -310,7 +333,7 @@ in { | |||
310 | hosts = postgresql:///email | 333 | hosts = postgresql:///email |
311 | dbname = email | 334 | dbname = email |
312 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' OR (lookup = regexp_replace('%s', '\+[^@]*@', '@') AND NOT EXISTS (SELECT 1 FROM virtual_mailbox_access WHERE lookup = '%s')) | 335 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' OR (lookup = regexp_replace('%s', '\+[^@]*@', '@') AND NOT EXISTS (SELECT 1 FROM virtual_mailbox_access WHERE lookup = '%s')) |
313 | ''},permit_sasl_authenticated,reject}'' | 336 | ''},check_policy_service unix:/run/postfix-internal-policy.sock,permit_sasl_authenticated,reject}'' |
314 | "-o" "smtpd_relay_restrictions=permit_sasl_authenticated,reject" | 337 | "-o" "smtpd_relay_restrictions=permit_sasl_authenticated,reject" |
315 | "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}" | 338 | "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}" |
316 | "-o" "unverified_sender_reject_code=550" | 339 | "-o" "unverified_sender_reject_code=550" |
@@ -325,7 +348,10 @@ in { | |||
325 | maxproc = 0; | 348 | maxproc = 0; |
326 | args = [ | 349 | args = [ |
327 | "-o" "header_checks=pcre:${pkgs.writeText "header_checks_submission" '' | 350 | "-o" "header_checks=pcre:${pkgs.writeText "header_checks_submission" '' |
351 | if /^Received: / | ||
352 | !/by surtr\.yggdrasil\.li/ STRIP | ||
328 | /^Received: from [^ ]+ \([^ ]+ [^ ]+\)\s+(.*)$/ REPLACE Received: $1 | 353 | /^Received: from [^ ]+ \([^ ]+ [^ ]+\)\s+(.*)$/ REPLACE Received: $1 |
354 | endif | ||
329 | ''}" | 355 | ''}" |
330 | ]; | 356 | ]; |
331 | }; | 357 | }; |
@@ -373,7 +399,7 @@ in { | |||
373 | enable = true; | 399 | enable = true; |
374 | user = "postfix"; group = "postfix"; | 400 | user = "postfix"; group = "postfix"; |
375 | socket = "local:/run/opendkim/opendkim.sock"; | 401 | socket = "local:/run/opendkim/opendkim.sock"; |
376 | domains = ''csl:${concatStringsSep "," (["surtr.yggdrasil.li"] ++ emailDomains)}''; | 402 | domains = ''csl:${concatStringsSep "," (["surtr.yggdrasil.li" "yggdrasil.li" "141.li" "kleen.li" "synapse.li" "praseodym.org"] ++ emailDomains)}''; |
377 | selector = "surtr"; | 403 | selector = "surtr"; |
378 | configFile = builtins.toFile "opendkim.conf" '' | 404 | configFile = builtins.toFile "opendkim.conf" '' |
379 | Syslog true | 405 | Syslog true |
@@ -477,7 +503,7 @@ in { | |||
477 | }; | 503 | }; |
478 | }; | 504 | }; |
479 | 505 | ||
480 | users.groups.${config.services.rspamd.group}.members = [ config.services.postfix.user "dovecot2" ]; | 506 | users.groups.${config.services.rspamd.group}.members = [ config.services.postfix.user config.services.dovecot2.user ]; |
481 | 507 | ||
482 | services.redis.servers.rspamd.enable = true; | 508 | services.redis.servers.rspamd.enable = true; |
483 | 509 | ||
@@ -487,8 +513,8 @@ in { | |||
487 | services.dovecot2 = { | 513 | services.dovecot2 = { |
488 | enable = true; | 514 | enable = true; |
489 | enablePAM = false; | 515 | enablePAM = false; |
490 | sslServerCert = "/run/credentials/dovecot2.service/surtr.yggdrasil.li.pem"; | 516 | sslServerCert = "/run/credentials/dovecot.service/surtr.yggdrasil.li.pem"; |
491 | sslServerKey = "/run/credentials/dovecot2.service/surtr.yggdrasil.li.key.pem"; | 517 | sslServerKey = "/run/credentials/dovecot.service/surtr.yggdrasil.li.key.pem"; |
492 | sslCACert = toString ./ca/ca.crt; | 518 | sslCACert = toString ./ca/ca.crt; |
493 | mailLocation = "maildir:/var/lib/mail/%u/maildir:UTF-8:INDEX=/var/lib/dovecot/indices/%u"; | 519 | mailLocation = "maildir:/var/lib/mail/%u/maildir:UTF-8:INDEX=/var/lib/dovecot/indices/%u"; |
494 | mailPlugins.globally.enable = [ "fts" "fts_xapian" ]; | 520 | mailPlugins.globally.enable = [ "fts" "fts_xapian" ]; |
@@ -501,8 +527,8 @@ in { | |||
501 | dovecotSqlConf = pkgs.writeText "dovecot-sql.conf" '' | 527 | dovecotSqlConf = pkgs.writeText "dovecot-sql.conf" '' |
502 | driver = pgsql | 528 | driver = pgsql |
503 | connect = dbname=email | 529 | connect = dbname=email |
504 | password_query = SELECT (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN NULL ELSE "password" END) as password, (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN true WHEN password IS NULL THEN true ELSE NULL END) as nopassword, "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' | 530 | password_query = SELECT (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN NULL ELSE "password" END) as password, (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN true WHEN password IS NULL THEN true ELSE NULL END) as nopassword, "user", quota_rule, '${config.services.dovecot2.user}' as uid, '${config.services.dovecot2.group}' as gid FROM imap_user WHERE "user" = '%n' |
505 | user_query = SELECT "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' | 531 | user_query = SELECT "user", quota_rule, '${config.services.dovecot2.user}' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' |
506 | iterate_query = SELECT "user" FROM imap_user | 532 | iterate_query = SELECT "user" FROM imap_user |
507 | ''; | 533 | ''; |
508 | in '' | 534 | in '' |
@@ -510,16 +536,16 @@ in { | |||
510 | 536 | ||
511 | mail_plugins = $mail_plugins quota | 537 | mail_plugins = $mail_plugins quota |
512 | 538 | ||
513 | first_valid_uid = ${toString config.users.users.dovecot2.uid} | 539 | first_valid_uid = ${toString config.users.users.${config.services.dovecot2.user}.uid} |
514 | last_valid_uid = ${toString config.users.users.dovecot2.uid} | 540 | last_valid_uid = ${toString config.users.users.${config.services.dovecot2.user}.uid} |
515 | first_valid_gid = ${toString config.users.groups.dovecot2.gid} | 541 | first_valid_gid = ${toString config.users.groups.${config.services.dovecot2.group}.gid} |
516 | last_valid_gid = ${toString config.users.groups.dovecot2.gid} | 542 | last_valid_gid = ${toString config.users.groups.${config.services.dovecot2.group}.gid} |
517 | 543 | ||
518 | ${concatMapStringsSep "\n\n" (domain: | 544 | ${concatMapStringsSep "\n\n" (domain: |
519 | concatMapStringsSep "\n" (subdomain: '' | 545 | concatMapStringsSep "\n" (subdomain: '' |
520 | local_name ${subdomain} { | 546 | local_name ${subdomain} { |
521 | ssl_cert = </run/credentials/dovecot2.service/${subdomain}.pem | 547 | ssl_cert = </run/credentials/dovecot.service/${subdomain}.pem |
522 | ssl_key = </run/credentials/dovecot2.service/${subdomain}.key.pem | 548 | ssl_key = </run/credentials/dovecot.service/${subdomain}.key.pem |
523 | } | 549 | } |
524 | '') ["imap.${domain}" domain] | 550 | '') ["imap.${domain}" domain] |
525 | ) emailDomains} | 551 | ) emailDomains} |
@@ -540,10 +566,10 @@ in { | |||
540 | auth_debug = yes | 566 | auth_debug = yes |
541 | 567 | ||
542 | service auth { | 568 | service auth { |
543 | user = dovecot2 | 569 | user = ${config.services.dovecot2.user} |
544 | } | 570 | } |
545 | service auth-worker { | 571 | service auth-worker { |
546 | user = dovecot2 | 572 | user = ${config.services.dovecot2.user} |
547 | } | 573 | } |
548 | 574 | ||
549 | userdb { | 575 | userdb { |
@@ -564,7 +590,7 @@ in { | |||
564 | args = ${pkgs.writeText "dovecot-sql.conf" '' | 590 | args = ${pkgs.writeText "dovecot-sql.conf" '' |
565 | driver = pgsql | 591 | driver = pgsql |
566 | connect = dbname=email | 592 | connect = dbname=email |
567 | user_query = SELECT DISTINCT ON (extension IS NULL, local IS NULL) "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM lmtp_mapping WHERE CASE WHEN extension IS NOT NULL AND local IS NOT NULL THEN ('%n' :: citext) = local || '+' || extension AND domain = ('%d' :: citext) WHEN local IS NOT NULL THEN (local = ('%n' :: citext) OR ('%n' :: citext) ILIKE local || '+%%') AND domain = ('%d' :: citext) WHEN extension IS NOT NULL THEN ('%n' :: citext) ILIKE '%%+' || extension AND domain = ('%d' :: citext) ELSE domain = ('%d' :: citext) END ORDER BY (extension IS NULL) ASC, (local IS NULL) ASC | 593 | user_query = SELECT DISTINCT ON (extension IS NULL, local IS NULL) "user", quota_rule, '${config.services.dovecot2.user}' as uid, '${config.services.dovecot2.group}' as gid FROM lmtp_mapping WHERE CASE WHEN extension IS NOT NULL AND local IS NOT NULL THEN ('%n' :: citext) = local || '+' || extension AND domain = ('%d' :: citext) WHEN local IS NOT NULL THEN (local = ('%n' :: citext) OR ('%n' :: citext) ILIKE local || '+%%') AND domain = ('%d' :: citext) WHEN extension IS NOT NULL THEN ('%n' :: citext) ILIKE '%%+' || extension AND domain = ('%d' :: citext) ELSE domain = ('%d' :: citext) END ORDER BY (extension IS NULL) ASC, (local IS NULL) ASC |
568 | ''} | 594 | ''} |
569 | 595 | ||
570 | skip = never | 596 | skip = never |
@@ -672,7 +698,7 @@ in { | |||
672 | plugin { | 698 | plugin { |
673 | plugin = fts fts_xapian | 699 | plugin = fts fts_xapian |
674 | fts = xapian | 700 | fts = xapian |
675 | fts_xapian = partial=2 full=20 attachments=1 verbose=1 | 701 | fts_xapian = partial=3 full=20 attachments=1 verbose=1 |
676 | 702 | ||
677 | fts_autoindex = yes | 703 | fts_autoindex = yes |
678 | 704 | ||
@@ -687,12 +713,12 @@ in { | |||
687 | 713 | ||
688 | systemd.services.dovecot-fts-xapian-optimize = { | 714 | systemd.services.dovecot-fts-xapian-optimize = { |
689 | description = "Optimize dovecot indices for fts_xapian"; | 715 | description = "Optimize dovecot indices for fts_xapian"; |
690 | requisite = [ "dovecot2.service" ]; | 716 | requisite = [ "dovecot.service" ]; |
691 | after = [ "dovecot2.service" ]; | 717 | after = [ "dovecot.service" ]; |
692 | startAt = "*-*-* 22:00:00 Europe/Berlin"; | 718 | startAt = "*-*-* 22:00:00 Europe/Berlin"; |
693 | serviceConfig = { | 719 | serviceConfig = { |
694 | Type = "oneshot"; | 720 | Type = "oneshot"; |
695 | ExecStart = "${pkgs.dovecot}/bin/doveadm fts optimize -A"; | 721 | ExecStart = "${getExe' pkgs.dovecot "doveadm"} fts optimize -A"; |
696 | PrivateDevices = true; | 722 | PrivateDevices = true; |
697 | PrivateNetwork = true; | 723 | PrivateNetwork = true; |
698 | ProtectKernelTunables = true; | 724 | ProtectKernelTunables = true; |
@@ -753,31 +779,29 @@ in { | |||
753 | 779 | ||
754 | security.acme.rfc2136Domains = { | 780 | security.acme.rfc2136Domains = { |
755 | "surtr.yggdrasil.li" = { | 781 | "surtr.yggdrasil.li" = { |
756 | restartUnits = [ "postfix.service" "dovecot2.service" ]; | 782 | restartUnits = [ "postfix.service" "dovecot.service" ]; |
757 | }; | 783 | }; |
758 | } // listToAttrs (map (domain: nameValuePair "spm.${domain}" { restartUnits = ["nginx.service"]; }) spmDomains) | 784 | } // listToAttrs (map (domain: nameValuePair "spm.${domain}" { restartUnits = ["nginx.service"]; }) spmDomains) |
759 | // listToAttrs (concatMap (domain: [ | 785 | // listToAttrs (concatMap (domain: [ |
760 | (nameValuePair domain { restartUnits = ["postfix.service" "dovecot2.service"]; }) | 786 | (nameValuePair domain { restartUnits = ["postfix.service" "dovecot.service"]; }) |
761 | (nameValuePair "mailin.${domain}" { restartUnits = ["postfix.service"]; }) | 787 | (nameValuePair "mailin.${domain}" { restartUnits = ["postfix.service"]; }) |
762 | (nameValuePair "mailsub.${domain}" { restartUnits = ["postfix.service"]; }) | 788 | (nameValuePair "mailsub.${domain}" { restartUnits = ["postfix.service"]; }) |
763 | (nameValuePair "imap.${domain}" { restartUnits = ["dovecot2.service"]; }) | 789 | (nameValuePair "imap.${domain}" { restartUnits = ["dovecot.service"]; }) |
764 | (nameValuePair "mta-sts.${domain}" { restartUnits = ["nginx.service"]; }) | 790 | (nameValuePair "mta-sts.${domain}" { restartUnits = ["nginx.service"]; }) |
765 | ]) emailDomains); | 791 | ]) emailDomains); |
766 | 792 | ||
767 | systemd.services.postfix = { | 793 | systemd.services.postfix = { |
768 | serviceConfig.LoadCredential = [ | 794 | serviceConfig.LoadCredential = let |
769 | "surtr.yggdrasil.li.key.pem:${config.security.acme.certs."surtr.yggdrasil.li".directory}/key.pem" | 795 | tlsCredential = domain: "${domain}.full.pem:${config.security.acme.certs.${domain}.directory}/full.pem"; |
770 | "surtr.yggdrasil.li.pem:${config.security.acme.certs."surtr.yggdrasil.li".directory}/fullchain.pem" | 796 | in [ |
771 | ] ++ concatMap (domain: | 797 | (tlsCredential "surtr.yggdrasil.li") |
772 | map (subdomain: "${subdomain}.full.pem:${config.security.acme.certs.${subdomain}.directory}/full.pem") | 798 | ] ++ concatMap (domain: map tlsCredential [domain "mailin.${domain}" "mailsub.${domain}"]) emailDomains; |
773 | [domain "mailin.${domain}" "mailsub.${domain}"] | ||
774 | ) emailDomains; | ||
775 | }; | 799 | }; |
776 | 800 | ||
777 | systemd.services.dovecot2 = { | 801 | systemd.services.dovecot = { |
778 | preStart = '' | 802 | preStart = '' |
779 | for f in /etc/dovecot/sieve_flag.d/*.sieve /etc/dovecot/sieve_before.d/*.sieve; do | 803 | for f in /etc/dovecot/sieve_flag.d/*.sieve /etc/dovecot/sieve_before.d/*.sieve; do |
780 | ${pkgs.dovecot_pigeonhole}/bin/sievec $f | 804 | ${getExe' pkgs.dovecot_pigeonhole "sievec"} $f |
781 | done | 805 | done |
782 | ''; | 806 | ''; |
783 | 807 | ||
@@ -844,15 +868,16 @@ in { | |||
844 | charset utf-8; | 868 | charset utf-8; |
845 | source_charset utf-8; | 869 | source_charset utf-8; |
846 | ''; | 870 | ''; |
847 | root = pkgs.runCommand "mta-sts.${domain}" {} '' | 871 | root = pkgs.writeTextFile { |
848 | mkdir -p $out/.well-known | 872 | name = "mta-sts.${domain}"; |
849 | cp ${pkgs.writeText "mta-sts.${domain}.txt" '' | 873 | destination = "/.well-known/mta-sts.txt"; |
874 | text = '' | ||
850 | version: STSv1 | 875 | version: STSv1 |
851 | mode: enforce | 876 | mode: enforce |
852 | max_age: 2419200 | 877 | max_age: 2419200 |
853 | mx: mailin.${domain} | 878 | mx: mailin.${domain} |
854 | ''} $out/.well-known/mta-sts.txt | 879 | ''; |
855 | ''; | 880 | }; |
856 | }; | 881 | }; |
857 | }) emailDomains); | 882 | }) emailDomains); |
858 | }; | 883 | }; |
@@ -869,7 +894,7 @@ in { | |||
869 | systemd.services.spm = { | 894 | systemd.services.spm = { |
870 | serviceConfig = { | 895 | serviceConfig = { |
871 | Type = "notify"; | 896 | Type = "notify"; |
872 | ExecStart = "${pkgs.spm}/bin/spm-server"; | 897 | ExecStart = getExe' pkgs.spm "spm-server"; |
873 | User = "spm"; | 898 | User = "spm"; |
874 | Group = "spm"; | 899 | Group = "spm"; |
875 | 900 | ||
@@ -927,7 +952,7 @@ in { | |||
927 | serviceConfig = { | 952 | serviceConfig = { |
928 | Type = "notify"; | 953 | Type = "notify"; |
929 | 954 | ||
930 | ExecStart = "${ccert-policy-server}/bin/ccert-policy-server"; | 955 | ExecStart = getExe' ccert-policy-server "ccert-policy-server"; |
931 | 956 | ||
932 | Environment = [ | 957 | Environment = [ |
933 | "PGDATABASE=email" | 958 | "PGDATABASE=email" |
@@ -960,6 +985,53 @@ in { | |||
960 | }; | 985 | }; |
961 | users.groups."postfix-ccert-sender-policy" = {}; | 986 | users.groups."postfix-ccert-sender-policy" = {}; |
962 | 987 | ||
988 | systemd.sockets."postfix-internal-policy" = { | ||
989 | requiredBy = ["postfix.service"]; | ||
990 | wants = ["postfix-internal-policy.service"]; | ||
991 | socketConfig = { | ||
992 | ListenStream = "/run/postfix-internal-policy.sock"; | ||
993 | }; | ||
994 | }; | ||
995 | systemd.services."postfix-internal-policy" = { | ||
996 | after = [ "postgresql.service" ]; | ||
997 | bindsTo = [ "postgresql.service" ]; | ||
998 | |||
999 | serviceConfig = { | ||
1000 | Type = "notify"; | ||
1001 | |||
1002 | ExecStart = lib.getExe internal-policy-server; | ||
1003 | |||
1004 | Environment = [ | ||
1005 | "PGDATABASE=email" | ||
1006 | ]; | ||
1007 | |||
1008 | DynamicUser = false; | ||
1009 | User = "postfix-internal-policy"; | ||
1010 | Group = "postfix-internal-policy"; | ||
1011 | ProtectSystem = "strict"; | ||
1012 | SystemCallFilter = "@system-service"; | ||
1013 | NoNewPrivileges = true; | ||
1014 | ProtectKernelTunables = true; | ||
1015 | ProtectKernelModules = true; | ||
1016 | ProtectKernelLogs = true; | ||
1017 | ProtectControlGroups = true; | ||
1018 | MemoryDenyWriteExecute = true; | ||
1019 | RestrictSUIDSGID = true; | ||
1020 | KeyringMode = "private"; | ||
1021 | ProtectClock = true; | ||
1022 | RestrictRealtime = true; | ||
1023 | PrivateDevices = true; | ||
1024 | PrivateTmp = true; | ||
1025 | ProtectHostname = true; | ||
1026 | ReadWritePaths = ["/run/postgresql"]; | ||
1027 | }; | ||
1028 | }; | ||
1029 | users.users."postfix-internal-policy" = { | ||
1030 | isSystemUser = true; | ||
1031 | group = "postfix-internal-policy"; | ||
1032 | }; | ||
1033 | users.groups."postfix-internal-policy" = {}; | ||
1034 | |||
963 | services.postfwd = { | 1035 | services.postfwd = { |
964 | enable = true; | 1036 | enable = true; |
965 | cache = false; | 1037 | cache = false; |
diff --git a/hosts/surtr/email/internal-policy-server/.envrc b/hosts/surtr/email/internal-policy-server/.envrc new file mode 100644 index 00000000..2c909235 --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/.envrc | |||
@@ -0,0 +1,4 @@ | |||
1 | use flake | ||
2 | |||
3 | [[ -d ".venv" ]] || ( uv venv && uv sync ) | ||
4 | . .venv/bin/activate | ||
diff --git a/hosts/surtr/email/internal-policy-server/.gitignore b/hosts/surtr/email/internal-policy-server/.gitignore new file mode 100644 index 00000000..4ccfae70 --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | .venv | ||
2 | **/__pycache__ | ||
diff --git a/hosts/surtr/email/internal-policy-server/internal_policy_server/__init__.py b/hosts/surtr/email/internal-policy-server/internal_policy_server/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/internal_policy_server/__init__.py | |||
diff --git a/hosts/surtr/email/internal-policy-server/internal_policy_server/__main__.py b/hosts/surtr/email/internal-policy-server/internal_policy_server/__main__.py new file mode 100644 index 00000000..04f1a59a --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/internal_policy_server/__main__.py | |||
@@ -0,0 +1,106 @@ | |||
1 | from systemd.daemon import listen_fds | ||
2 | from sdnotify import SystemdNotifier | ||
3 | from socketserver import StreamRequestHandler, ThreadingMixIn | ||
4 | from systemd_socketserver import SystemdSocketServer | ||
5 | import sys | ||
6 | from threading import Thread | ||
7 | from psycopg_pool import ConnectionPool | ||
8 | from psycopg.rows import namedtuple_row | ||
9 | |||
10 | import logging | ||
11 | |||
12 | |||
13 | class PolicyHandler(StreamRequestHandler): | ||
14 | def handle(self): | ||
15 | logger.debug('Handling new connection...') | ||
16 | |||
17 | self.args = dict() | ||
18 | |||
19 | line = None | ||
20 | while line := self.rfile.readline().removesuffix(b'\n'): | ||
21 | if b'=' not in line: | ||
22 | break | ||
23 | |||
24 | key, val = line.split(sep=b'=', maxsplit=1) | ||
25 | self.args[key.decode()] = val.decode() | ||
26 | |||
27 | logger.info('Connection parameters: %s', self.args) | ||
28 | |||
29 | allowed = False | ||
30 | user = None | ||
31 | if self.args['sasl_username']: | ||
32 | user = self.args['sasl_username'] | ||
33 | if self.args['ccert_subject']: | ||
34 | user = self.args['ccert_subject'] | ||
35 | |||
36 | with self.server.db_pool.connection() as conn: | ||
37 | local, domain = self.args['recipient'].split(sep='@', maxsplit=1) | ||
38 | extension = None | ||
39 | if '+' in local: | ||
40 | local, extension = local.split(sep='+', maxsplit=1) | ||
41 | |||
42 | logger.debug('Parsed recipient address: %s', {'local': local, 'extension': extension, 'domain': domain}) | ||
43 | |||
44 | with conn.cursor() as cur: | ||
45 | cur.row_factory = namedtuple_row | ||
46 | cur.execute('SELECT id, internal FROM "mailbox_mapping" WHERE ("local" = %(local)s OR "local" IS NULL) AND ("extension" = %(extension)s OR "extension" IS NULL) AND "domain" = %(domain)s', params = {'local': local, 'extension': extension if extension is not None else '', 'domain': domain}, prepare = True) | ||
47 | if (row := cur.fetchone()) is not None: | ||
48 | if not row.internal: | ||
49 | logger.debug('Recipient mailbox is not internal') | ||
50 | allowed = True | ||
51 | elif user: | ||
52 | cur.execute('SELECT EXISTS(SELECT true FROM "mailbox_mapping_access" INNER JOIN "mailbox" ON "mailbox".id = "mailbox_mapping_access"."mailbox" WHERE mailbox_mapping = %(mailbox_mapping)s AND "mailbox"."mailbox" = %(user)s) as "exists"', params = { 'mailbox_mapping': row.id, 'user': user }, prepare = True) | ||
53 | if (row := cur.fetchone()) is not None: | ||
54 | allowed = row.exists | ||
55 | else: | ||
56 | logger.debug('Recipient is not local') | ||
57 | allowed = True | ||
58 | |||
59 | action = '550 5.7.0 Recipient mailbox mapping not authorized for current user' | ||
60 | if allowed: | ||
61 | action = 'DUNNO' | ||
62 | |||
63 | logger.info('Reached verdict: %s', {'allowed': allowed, 'action': action}) | ||
64 | self.wfile.write(f'action={action}\n\n'.encode()) | ||
65 | |||
66 | class ThreadedSystemdSocketServer(ThreadingMixIn, SystemdSocketServer): | ||
67 | def __init__(self, fd, RequestHandlerClass): | ||
68 | super().__init__(fd, RequestHandlerClass) | ||
69 | |||
70 | self.db_pool = ConnectionPool(min_size=1) | ||
71 | self.db_pool.wait() | ||
72 | |||
73 | def main(): | ||
74 | global logger | ||
75 | logger = logging.getLogger(__name__) | ||
76 | console_handler = logging.StreamHandler() | ||
77 | console_handler.setFormatter( logging.Formatter('[%(levelname)s](%(name)s): %(message)s') ) | ||
78 | if sys.stderr.isatty(): | ||
79 | console_handler.setFormatter( logging.Formatter('%(asctime)s [%(levelname)s](%(name)s): %(message)s') ) | ||
80 | logger.addHandler(console_handler) | ||
81 | logger.setLevel(logging.DEBUG) | ||
82 | |||
83 | # log uncaught exceptions | ||
84 | def log_exceptions(type, value, tb): | ||
85 | global logger | ||
86 | |||
87 | logger.error(value) | ||
88 | sys.__excepthook__(type, value, tb) # calls default excepthook | ||
89 | |||
90 | sys.excepthook = log_exceptions | ||
91 | |||
92 | fds = listen_fds() | ||
93 | servers = [ThreadedSystemdSocketServer(fd, PolicyHandler) for fd in fds] | ||
94 | |||
95 | if servers: | ||
96 | for server in servers: | ||
97 | Thread(name=f'Server for fd{server.fileno()}', target=server.serve_forever).start() | ||
98 | else: | ||
99 | return 2 | ||
100 | |||
101 | SystemdNotifier().notify('READY=1') | ||
102 | |||
103 | return 0 | ||
104 | |||
105 | if __name__ == '__main__': | ||
106 | sys.exit(main()) | ||
diff --git a/hosts/surtr/email/internal-policy-server/pyproject.toml b/hosts/surtr/email/internal-policy-server/pyproject.toml new file mode 100644 index 00000000..c697cd01 --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/pyproject.toml | |||
@@ -0,0 +1,18 @@ | |||
1 | [project] | ||
2 | name = "internal-policy-server" | ||
3 | version = "0.1.0" | ||
4 | requires-python = ">=3.12" | ||
5 | dependencies = [ | ||
6 | "psycopg>=3.2.9", | ||
7 | "psycopg-binary>=3.2.9", | ||
8 | "psycopg-pool>=3.2.6", | ||
9 | "sdnotify>=0.3.2", | ||
10 | "systemd-socketserver>=1.0", | ||
11 | ] | ||
12 | |||
13 | [project.scripts] | ||
14 | internal-policy-server = "internal_policy_server.__main__:main" | ||
15 | |||
16 | [build-system] | ||
17 | requires = ["hatchling"] | ||
18 | build-backend = "hatchling.build" | ||
diff --git a/hosts/surtr/email/internal-policy-server/uv.lock b/hosts/surtr/email/internal-policy-server/uv.lock new file mode 100644 index 00000000..f7a4e729 --- /dev/null +++ b/hosts/surtr/email/internal-policy-server/uv.lock | |||
@@ -0,0 +1,119 @@ | |||
1 | version = 1 | ||
2 | revision = 2 | ||
3 | requires-python = ">=3.12" | ||
4 | |||
5 | [[package]] | ||
6 | name = "internal-policy-server" | ||
7 | version = "0.1.0" | ||
8 | source = { editable = "." } | ||
9 | dependencies = [ | ||
10 | { name = "psycopg" }, | ||
11 | { name = "psycopg-binary" }, | ||
12 | { name = "psycopg-pool" }, | ||
13 | { name = "sdnotify" }, | ||
14 | { name = "systemd-socketserver" }, | ||
15 | ] | ||
16 | |||
17 | [package.metadata] | ||
18 | requires-dist = [ | ||
19 | { name = "psycopg", specifier = ">=3.2.9" }, | ||
20 | { name = "psycopg-binary", specifier = ">=3.2.9" }, | ||
21 | { name = "psycopg-pool", specifier = ">=3.2.6" }, | ||
22 | { name = "sdnotify", specifier = ">=0.3.2" }, | ||
23 | { name = "systemd-socketserver", specifier = ">=1.0" }, | ||
24 | ] | ||
25 | |||
26 | [[package]] | ||
27 | name = "psycopg" | ||
28 | version = "3.2.9" | ||
29 | source = { registry = "https://pypi.org/simple" } | ||
30 | dependencies = [ | ||
31 | { name = "typing-extensions", marker = "python_full_version < '3.13'" }, | ||
32 | { name = "tzdata", marker = "sys_platform == 'win32'" }, | ||
33 | ] | ||
34 | sdist = { url = "https://files.pythonhosted.org/packages/27/4a/93a6ab570a8d1a4ad171a1f4256e205ce48d828781312c0bbaff36380ecb/psycopg-3.2.9.tar.gz", hash = "sha256:2fbb46fcd17bc81f993f28c47f1ebea38d66ae97cc2dbc3cad73b37cefbff700", size = 158122, upload-time = "2025-05-13T16:11:15.533Z" } | ||
35 | wheels = [ | ||
36 | { url = "https://files.pythonhosted.org/packages/44/b0/a73c195a56eb6b92e937a5ca58521a5c3346fb233345adc80fd3e2f542e2/psycopg-3.2.9-py3-none-any.whl", hash = "sha256:01a8dadccdaac2123c916208c96e06631641c0566b22005493f09663c7a8d3b6", size = 202705, upload-time = "2025-05-13T16:06:26.584Z" }, | ||
37 | ] | ||
38 | |||
39 | [[package]] | ||
40 | name = "psycopg-binary" | ||
41 | version = "3.2.9" | ||
42 | source = { registry = "https://pypi.org/simple" } | ||
43 | wheels = [ | ||
44 | { url = "https://files.pythonhosted.org/packages/29/6f/ec9957e37a606cd7564412e03f41f1b3c3637a5be018d0849914cb06e674/psycopg_binary-3.2.9-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:be7d650a434921a6b1ebe3fff324dbc2364393eb29d7672e638ce3e21076974e", size = 4022205, upload-time = "2025-05-13T16:07:48.195Z" }, | ||
45 | { url = "https://files.pythonhosted.org/packages/6b/ba/497b8bea72b20a862ac95a94386967b745a472d9ddc88bc3f32d5d5f0d43/psycopg_binary-3.2.9-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:6a76b4722a529390683c0304501f238b365a46b1e5fb6b7249dbc0ad6fea51a0", size = 4083795, upload-time = "2025-05-13T16:07:50.917Z" }, | ||
46 | { url = "https://files.pythonhosted.org/packages/42/07/af9503e8e8bdad3911fd88e10e6a29240f9feaa99f57d6fac4a18b16f5a0/psycopg_binary-3.2.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:96a551e4683f1c307cfc3d9a05fec62c00a7264f320c9962a67a543e3ce0d8ff", size = 4655043, upload-time = "2025-05-13T16:07:54.857Z" }, | ||
47 | { url = "https://files.pythonhosted.org/packages/28/ed/aff8c9850df1648cc6a5cc7a381f11ee78d98a6b807edd4a5ae276ad60ad/psycopg_binary-3.2.9-cp312-cp312-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:61d0a6ceed8f08c75a395bc28cb648a81cf8dee75ba4650093ad1a24a51c8724", size = 4477972, upload-time = "2025-05-13T16:07:57.925Z" }, | ||
48 | { url = "https://files.pythonhosted.org/packages/5c/bd/8e9d1b77ec1a632818fe2f457c3a65af83c68710c4c162d6866947d08cc5/psycopg_binary-3.2.9-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ad280bbd409bf598683dda82232f5215cfc5f2b1bf0854e409b4d0c44a113b1d", size = 4737516, upload-time = "2025-05-13T16:08:01.616Z" }, | ||
49 | { url = "https://files.pythonhosted.org/packages/46/ec/222238f774cd5a0881f3f3b18fb86daceae89cc410f91ef6a9fb4556f236/psycopg_binary-3.2.9-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:76eddaf7fef1d0994e3d536ad48aa75034663d3a07f6f7e3e601105ae73aeff6", size = 4436160, upload-time = "2025-05-13T16:08:04.278Z" }, | ||
50 | { url = "https://files.pythonhosted.org/packages/37/78/af5af2a1b296eeca54ea7592cd19284739a844974c9747e516707e7b3b39/psycopg_binary-3.2.9-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:52e239cd66c4158e412318fbe028cd94b0ef21b0707f56dcb4bdc250ee58fd40", size = 3753518, upload-time = "2025-05-13T16:08:07.567Z" }, | ||
51 | { url = "https://files.pythonhosted.org/packages/ec/ac/8a3ed39ea069402e9e6e6a2f79d81a71879708b31cc3454283314994b1ae/psycopg_binary-3.2.9-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:08bf9d5eabba160dd4f6ad247cf12f229cc19d2458511cab2eb9647f42fa6795", size = 3313598, upload-time = "2025-05-13T16:08:09.999Z" }, | ||
52 | { url = "https://files.pythonhosted.org/packages/da/43/26549af068347c808fbfe5f07d2fa8cef747cfff7c695136172991d2378b/psycopg_binary-3.2.9-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:1b2cf018168cad87580e67bdde38ff5e51511112f1ce6ce9a8336871f465c19a", size = 3407289, upload-time = "2025-05-13T16:08:12.66Z" }, | ||
53 | { url = "https://files.pythonhosted.org/packages/67/55/ea8d227c77df8e8aec880ded398316735add8fda5eb4ff5cc96fac11e964/psycopg_binary-3.2.9-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:14f64d1ac6942ff089fc7e926440f7a5ced062e2ed0949d7d2d680dc5c00e2d4", size = 3472493, upload-time = "2025-05-13T16:08:15.672Z" }, | ||
54 | { url = "https://files.pythonhosted.org/packages/3c/02/6ff2a5bc53c3cd653d281666728e29121149179c73fddefb1e437024c192/psycopg_binary-3.2.9-cp312-cp312-win_amd64.whl", hash = "sha256:7a838852e5afb6b4126f93eb409516a8c02a49b788f4df8b6469a40c2157fa21", size = 2927400, upload-time = "2025-05-13T16:08:18.652Z" }, | ||
55 | { url = "https://files.pythonhosted.org/packages/28/0b/f61ff4e9f23396aca674ed4d5c9a5b7323738021d5d72d36d8b865b3deaf/psycopg_binary-3.2.9-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:98bbe35b5ad24a782c7bf267596638d78aa0e87abc7837bdac5b2a2ab954179e", size = 4017127, upload-time = "2025-05-13T16:08:21.391Z" }, | ||
56 | { url = "https://files.pythonhosted.org/packages/bc/00/7e181fb1179fbfc24493738b61efd0453d4b70a0c4b12728e2b82db355fd/psycopg_binary-3.2.9-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:72691a1615ebb42da8b636c5ca9f2b71f266be9e172f66209a361c175b7842c5", size = 4080322, upload-time = "2025-05-13T16:08:24.049Z" }, | ||
57 | { url = "https://files.pythonhosted.org/packages/58/fd/94fc267c1d1392c4211e54ccb943be96ea4032e761573cf1047951887494/psycopg_binary-3.2.9-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:25ab464bfba8c401f5536d5aa95f0ca1dd8257b5202eede04019b4415f491351", size = 4655097, upload-time = "2025-05-13T16:08:27.376Z" }, | ||
58 | { url = "https://files.pythonhosted.org/packages/41/17/31b3acf43de0b2ba83eac5878ff0dea5a608ca2a5c5dd48067999503a9de/psycopg_binary-3.2.9-cp313-cp313-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0e8aeefebe752f46e3c4b769e53f1d4ad71208fe1150975ef7662c22cca80fab", size = 4482114, upload-time = "2025-05-13T16:08:30.781Z" }, | ||
59 | { url = "https://files.pythonhosted.org/packages/85/78/b4d75e5fd5a85e17f2beb977abbba3389d11a4536b116205846b0e1cf744/psycopg_binary-3.2.9-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b7e4e4dd177a8665c9ce86bc9caae2ab3aa9360b7ce7ec01827ea1baea9ff748", size = 4737693, upload-time = "2025-05-13T16:08:34.625Z" }, | ||
60 | { url = "https://files.pythonhosted.org/packages/3b/95/7325a8550e3388b00b5e54f4ced5e7346b531eb4573bf054c3dbbfdc14fe/psycopg_binary-3.2.9-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7fc2915949e5c1ea27a851f7a472a7da7d0a40d679f0a31e42f1022f3c562e87", size = 4437423, upload-time = "2025-05-13T16:08:37.444Z" }, | ||
61 | { url = "https://files.pythonhosted.org/packages/1a/db/cef77d08e59910d483df4ee6da8af51c03bb597f500f1fe818f0f3b925d3/psycopg_binary-3.2.9-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:a1fa38a4687b14f517f049477178093c39c2a10fdcced21116f47c017516498f", size = 3758667, upload-time = "2025-05-13T16:08:40.116Z" }, | ||
62 | { url = "https://files.pythonhosted.org/packages/95/3e/252fcbffb47189aa84d723b54682e1bb6d05c8875fa50ce1ada914ae6e28/psycopg_binary-3.2.9-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:5be8292d07a3ab828dc95b5ee6b69ca0a5b2e579a577b39671f4f5b47116dfd2", size = 3320576, upload-time = "2025-05-13T16:08:43.243Z" }, | ||
63 | { url = "https://files.pythonhosted.org/packages/1c/cd/9b5583936515d085a1bec32b45289ceb53b80d9ce1cea0fef4c782dc41a7/psycopg_binary-3.2.9-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:778588ca9897b6c6bab39b0d3034efff4c5438f5e3bd52fda3914175498202f9", size = 3411439, upload-time = "2025-05-13T16:08:47.321Z" }, | ||
64 | { url = "https://files.pythonhosted.org/packages/45/6b/6f1164ea1634c87956cdb6db759e0b8c5827f989ee3cdff0f5c70e8331f2/psycopg_binary-3.2.9-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:f0d5b3af045a187aedbd7ed5fc513bd933a97aaff78e61c3745b330792c4345b", size = 3477477, upload-time = "2025-05-13T16:08:51.166Z" }, | ||
65 | { url = "https://files.pythonhosted.org/packages/7b/1d/bf54cfec79377929da600c16114f0da77a5f1670f45e0c3af9fcd36879bc/psycopg_binary-3.2.9-cp313-cp313-win_amd64.whl", hash = "sha256:2290bc146a1b6a9730350f695e8b670e1d1feb8446597bed0bbe7c3c30e0abcb", size = 2928009, upload-time = "2025-05-13T16:08:53.67Z" }, | ||
66 | ] | ||
67 | |||
68 | [[package]] | ||
69 | name = "psycopg-pool" | ||
70 | version = "3.2.6" | ||
71 | source = { registry = "https://pypi.org/simple" } | ||
72 | dependencies = [ | ||
73 | { name = "typing-extensions" }, | ||
74 | ] | ||
75 | sdist = { url = "https://files.pythonhosted.org/packages/cf/13/1e7850bb2c69a63267c3dbf37387d3f71a00fd0e2fa55c5db14d64ba1af4/psycopg_pool-3.2.6.tar.gz", hash = "sha256:0f92a7817719517212fbfe2fd58b8c35c1850cdd2a80d36b581ba2085d9148e5", size = 29770, upload-time = "2025-02-26T12:03:47.129Z" } | ||
76 | wheels = [ | ||
77 | { url = "https://files.pythonhosted.org/packages/47/fd/4feb52a55c1a4bd748f2acaed1903ab54a723c47f6d0242780f4d97104d4/psycopg_pool-3.2.6-py3-none-any.whl", hash = "sha256:5887318a9f6af906d041a0b1dc1c60f8f0dda8340c2572b74e10907b51ed5da7", size = 38252, upload-time = "2025-02-26T12:03:45.073Z" }, | ||
78 | ] | ||
79 | |||
80 | [[package]] | ||
81 | name = "sdnotify" | ||
82 | version = "0.3.2" | ||
83 | source = { registry = "https://pypi.org/simple" } | ||
84 | sdist = { url = "https://files.pythonhosted.org/packages/ce/d8/9fdc36b2a912bf78106de4b3f0de3891ff8f369e7a6f80be842b8b0b6bd5/sdnotify-0.3.2.tar.gz", hash = "sha256:73977fc746b36cc41184dd43c3fe81323e7b8b06c2bb0826c4f59a20c56bb9f1", size = 2459, upload-time = "2017-08-02T20:03:44.395Z" } | ||
85 | |||
86 | [[package]] | ||
87 | name = "systemd-python" | ||
88 | version = "235" | ||
89 | source = { registry = "https://pypi.org/simple" } | ||
90 | sdist = { url = "https://files.pythonhosted.org/packages/10/9e/ab4458e00367223bda2dd7ccf0849a72235ee3e29b36dce732685d9b7ad9/systemd-python-235.tar.gz", hash = "sha256:4e57f39797fd5d9e2d22b8806a252d7c0106c936039d1e71c8c6b8008e695c0a", size = 61677, upload-time = "2023-02-11T13:42:16.588Z" } | ||
91 | |||
92 | [[package]] | ||
93 | name = "systemd-socketserver" | ||
94 | version = "1.0" | ||
95 | source = { registry = "https://pypi.org/simple" } | ||
96 | dependencies = [ | ||
97 | { name = "systemd-python" }, | ||
98 | ] | ||
99 | wheels = [ | ||
100 | { url = "https://files.pythonhosted.org/packages/d8/4f/b28b7f08880120a26669b080ca74487c8c67e8b54dcb0467a8f0c9f38ed6/systemd_socketserver-1.0-py3-none-any.whl", hash = "sha256:987a8bfbf28d959e7c2966c742ad7bad482f05e121077defcf95bb38267db9a8", size = 3248, upload-time = "2020-04-26T05:26:40.661Z" }, | ||
101 | ] | ||
102 | |||
103 | [[package]] | ||
104 | name = "typing-extensions" | ||
105 | version = "4.13.2" | ||
106 | source = { registry = "https://pypi.org/simple" } | ||
107 | sdist = { url = "https://files.pythonhosted.org/packages/f6/37/23083fcd6e35492953e8d2aaaa68b860eb422b34627b13f2ce3eb6106061/typing_extensions-4.13.2.tar.gz", hash = "sha256:e6c81219bd689f51865d9e372991c540bda33a0379d5573cddb9a3a23f7caaef", size = 106967, upload-time = "2025-04-10T14:19:05.416Z" } | ||
108 | wheels = [ | ||
109 | { url = "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", hash = "sha256:a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", size = 45806, upload-time = "2025-04-10T14:19:03.967Z" }, | ||
110 | ] | ||
111 | |||
112 | [[package]] | ||
113 | name = "tzdata" | ||
114 | version = "2025.2" | ||
115 | source = { registry = "https://pypi.org/simple" } | ||
116 | sdist = { url = "https://files.pythonhosted.org/packages/95/32/1a225d6164441be760d75c2c42e2780dc0873fe382da3e98a2e1e48361e5/tzdata-2025.2.tar.gz", hash = "sha256:b60a638fcc0daffadf82fe0f57e53d06bdec2f36c4df66280ae79bce6bd6f2b9", size = 196380, upload-time = "2025-03-23T13:54:43.652Z" } | ||
117 | wheels = [ | ||
118 | { url = "https://files.pythonhosted.org/packages/5c/23/c7abc0ca0a1526a0774eca151daeb8de62ec457e77262b66b359c3c7679e/tzdata-2025.2-py2.py3-none-any.whl", hash = "sha256:1a403fada01ff9221ca8044d701868fa132215d84beb92242d9acd2147f667a8", size = 347839, upload-time = "2025-03-23T13:54:41.845Z" }, | ||
119 | ] | ||
diff --git a/hosts/surtr/kimai.nix b/hosts/surtr/kimai.nix new file mode 100644 index 00000000..454b3d80 --- /dev/null +++ b/hosts/surtr/kimai.nix | |||
@@ -0,0 +1,68 @@ | |||
1 | { config, ... }: | ||
2 | |||
3 | { | ||
4 | config = { | ||
5 | security.acme.rfc2136Domains = { | ||
6 | "kimai.yggdrasil.li" = { | ||
7 | restartUnits = ["nginx.service"]; | ||
8 | }; | ||
9 | }; | ||
10 | |||
11 | services.nginx = { | ||
12 | upstreams."kimai" = { | ||
13 | servers = { | ||
14 | "[2a03:4000:52:ada:6::2]:80" = {}; | ||
15 | }; | ||
16 | extraConfig = '' | ||
17 | keepalive 8; | ||
18 | ''; | ||
19 | }; | ||
20 | virtualHosts = { | ||
21 | "kimai.yggdrasil.li" = { | ||
22 | kTLS = true; | ||
23 | http3 = true; | ||
24 | forceSSL = true; | ||
25 | sslCertificate = "/run/credentials/nginx.service/kimai.yggdrasil.li.pem"; | ||
26 | sslCertificateKey = "/run/credentials/nginx.service/kimai.yggdrasil.li.key.pem"; | ||
27 | sslTrustedCertificate = "/run/credentials/nginx.service/kimai.yggdrasil.li.chain.pem"; | ||
28 | extraConfig = '' | ||
29 | charset utf-8; | ||
30 | ''; | ||
31 | |||
32 | locations = { | ||
33 | "/".extraConfig = '' | ||
34 | proxy_pass http://kimai; | ||
35 | |||
36 | proxy_http_version 1.1; | ||
37 | proxy_set_header Upgrade $http_upgrade; | ||
38 | proxy_set_header Connection "upgrade"; | ||
39 | |||
40 | proxy_redirect off; | ||
41 | proxy_set_header Host $host; | ||
42 | proxy_set_header X-Real-IP $remote_addr; | ||
43 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
44 | proxy_set_header X-Forwarded-Host $server_name; | ||
45 | proxy_set_header X-Forwarded-Proto $scheme; | ||
46 | |||
47 | client_max_body_size 0; | ||
48 | proxy_request_buffering off; | ||
49 | proxy_buffering off; | ||
50 | |||
51 | proxy_read_timeout 300; | ||
52 | ''; | ||
53 | }; | ||
54 | }; | ||
55 | }; | ||
56 | }; | ||
57 | |||
58 | systemd.services.nginx = { | ||
59 | serviceConfig = { | ||
60 | LoadCredential = [ | ||
61 | "kimai.yggdrasil.li.key.pem:${config.security.acme.certs."kimai.yggdrasil.li".directory}/key.pem" | ||
62 | "kimai.yggdrasil.li.pem:${config.security.acme.certs."kimai.yggdrasil.li".directory}/fullchain.pem" | ||
63 | "kimai.yggdrasil.li.chain.pem:${config.security.acme.certs."kimai.yggdrasil.li".directory}/chain.pem" | ||
64 | ]; | ||
65 | }; | ||
66 | }; | ||
67 | }; | ||
68 | } | ||
diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix index 059f4088..3786ea7c 100644 --- a/hosts/surtr/postgresql/default.nix +++ b/hosts/surtr/postgresql/default.nix | |||
@@ -280,6 +280,64 @@ in { | |||
280 | CREATE VIEW imap_user ("user", "password", quota_rule) AS SELECT mailbox.mailbox AS "user", "password", quota_rule FROM mailbox_quota_rule INNER JOIN mailbox ON mailbox_quota_rule.mailbox = mailbox.mailbox; | 280 | CREATE VIEW imap_user ("user", "password", quota_rule) AS SELECT mailbox.mailbox AS "user", "password", quota_rule FROM mailbox_quota_rule INNER JOIN mailbox ON mailbox_quota_rule.mailbox = mailbox.mailbox; |
281 | 281 | ||
282 | COMMIT; | 282 | COMMIT; |
283 | |||
284 | BEGIN; | ||
285 | SELECT _v.register_patch('013-internal', ARRAY['000-base'], null); | ||
286 | |||
287 | ALTER TABLE mailbox_mapping ADD COLUMN internal bool NOT NULL DEFAULT false; | ||
288 | CREATE TABLE mailbox_mapping_access ( | ||
289 | id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(), | ||
290 | mailbox_mapping uuid REFERENCES mailbox_mapping(id), | ||
291 | mailbox uuid REFERENCES mailbox(id) | ||
292 | ); | ||
293 | CREATE USER "postfix-internal-policy"; | ||
294 | GRANT CONNECT ON DATABASE "email" TO "postfix-internal-policy"; | ||
295 | ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO "postfix-internal-policy"; | ||
296 | GRANT SELECT ON ALL TABLES IN SCHEMA public TO "postfix-internal-policy"; | ||
297 | |||
298 | COMMIT; | ||
299 | |||
300 | BEGIN; | ||
301 | SELECT _v.register_patch('014-relay', ARRAY['000-base'], null); | ||
302 | |||
303 | CREATE TABLE relay_access ( | ||
304 | id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(), | ||
305 | mailbox uuid REFERENCES mailbox(id), | ||
306 | domain citext NOT NULL CONSTRAINT domain_non_empty CHECK (domain <> ''') | ||
307 | ); | ||
308 | |||
309 | COMMIT; | ||
310 | |||
311 | BEGIN; | ||
312 | SELECT _v.register_patch('015-relay-unique', ARRAY['000-base', '014-relay'], null); | ||
313 | |||
314 | CREATE UNIQUE INDEX relay_unique ON relay_access (mailbox, domain); | ||
315 | |||
316 | COMMIT; | ||
317 | |||
318 | BEGIN; | ||
319 | SELECT _v.register_patch('015-sender_bcc', null, null); | ||
320 | |||
321 | CREATE TABLE sender_bcc_maps ( | ||
322 | id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(), | ||
323 | key text NOT NULL CONSTRAINT key_not_empty CHECK (key <> '''), | ||
324 | value text NOT NULL CONSTRAINT value_not_empty CHECK (value <> '''), | ||
325 | CONSTRAINT key_unique UNIQUE (key) | ||
326 | ); | ||
327 | |||
328 | COMMIT; | ||
329 | |||
330 | BEGIN; | ||
331 | SELECT _v.register_patch('016-recipient_bcc', null, null); | ||
332 | |||
333 | CREATE TABLE recipient_bcc_maps ( | ||
334 | id uuid PRIMARY KEY NOT NULL DEFAULT gen_random_uuid(), | ||
335 | key text NOT NULL CONSTRAINT key_not_empty CHECK (key <> '''), | ||
336 | value text NOT NULL CONSTRAINT value_not_empty CHECK (value <> '''), | ||
337 | CONSTRAINT recipient_bcc_maps_key_unique UNIQUE (key) | ||
338 | ); | ||
339 | |||
340 | COMMIT; | ||
283 | ''} | 341 | ''} |
284 | 342 | ||
285 | psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" '' | 343 | psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" '' |
diff --git a/hosts/surtr/tls/tsig_keys/kimai.yggdrasil.li b/hosts/surtr/tls/tsig_keys/kimai.yggdrasil.li new file mode 100644 index 00000000..b9199975 --- /dev/null +++ b/hosts/surtr/tls/tsig_keys/kimai.yggdrasil.li | |||
@@ -0,0 +1,19 @@ | |||
1 | { | ||
2 | "data": "ENC[AES256_GCM,data:ATcU3Ix7o5d/49rD5H8je1ozTjoghrloMh5DIZ5WE3oYauUAknpGfr9xq92V,iv:vy9YK5Ot7CCjMtgAGVeAUQuaSw4F5kmmZ0GJYV9kCdQ=,tag:F/MXTUM2AI1fGXa9Ewn8yQ==,type:str]", | ||
3 | "sops": { | ||
4 | "age": [ | ||
5 | { | ||
6 | "recipient": "age1rmmhetcmllq0ahl5qznlr0eya2zdxwl9h6y5wnl97d2wtyx5t99sm2u866", | ||
7 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDMEF0cUdydERYVzJCa3pW\nTlo0NUFON0d5RGJFVnVTNVg3cjNEUERQMEdFClEvQW5odlNEd2F1VTFmMWQrL2RB\ncllFZVpIVVJrNTJsSGF4UEdZMnVmQzAKLS0tIFUrQkkzRVZiOFNiTnFCT1pEYVRM\nQm8wV1JkQ3RrR1dkL0FsNkhsY2kxa1kKGnAo/6oibgXexUU31THdLu6X+pRtrkjD\nZnXGPZ2xaESDVUVEYQPVpNrjt9brZGJBI1BasrkEwHAXMbJC236yYQ==\n-----END AGE ENCRYPTED FILE-----\n" | ||
8 | }, | ||
9 | { | ||
10 | "recipient": "age19a7j77w267z04zls7m28a8hj4a0g5af6ltye2d5wypg33c3l89csd4r9zq", | ||
11 | "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MGs1Z2ZqK2pqWHdVYTJH\naTlncHdPa3Zld0JhQW5Ccmc1SStWSnlDR0JrCmpML2d4TGdldUdoZCtaWVpPZVl0\nVm4waWVBS1orRS90ZS96N0Y2M29LY0UKLS0tIEI1Z2VVbVVxRUpOZEN4NnBRRklC\nQXloelZCb04xbmduTlVuL005TlRGMHMKfLB6zA3sj3HgDBC7VGfGVB6I1zJpt0PV\nkCV2yADgvAA2pT9HPg9IWAEpTPysOBiuE2jPNtFvylZYwTDHoumFnQ==\n-----END AGE ENCRYPTED FILE-----\n" | ||
12 | } | ||
13 | ], | ||
14 | "lastmodified": "2025-05-24T09:42:23Z", | ||
15 | "mac": "ENC[AES256_GCM,data:0pk1LpWPmX9td/TwJFxwWp5pTDyW78UtHXMDah+V9Tmgi8hH7ONdysgjwpDwS/c4zGnMA3qtobEL286U3//CTXt2qVsiUGLsnngzs2E6yBg8oGMYlGrch4M355Fl5ZxYsc8QLA6qWcuZ4H3QW8PnoqdJixcHoYLoxG01dzh4Bc0=,iv:zchk4enI1D80BkJLji5RLm7OTk3GeF8nYHuwqBxCXIM=,tag:bgkknPMqkSidi6bDFfv6UQ==,type:str]", | ||
16 | "unencrypted_suffix": "_unencrypted", | ||
17 | "version": "3.10.2" | ||
18 | } | ||
19 | } | ||
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index c9470ee9..547572c6 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix | |||
@@ -4,7 +4,7 @@ with lib; | |||
4 | 4 | ||
5 | { | 5 | { |
6 | imports = with flake.nixosModules.systemProfiles; [ | 6 | imports = with flake.nixosModules.systemProfiles; [ |
7 | ./zfs.nix ./network ./samba.nix ./dns ./prometheus ./borg ./pgbackrest ./postgresql.nix ./immich.nix ./paperless ./hledger ./audiobookshelf | 7 | ./zfs.nix ./network ./samba.nix ./dns ./prometheus ./borg ./pgbackrest ./postgresql.nix ./immich.nix ./paperless ./hledger ./audiobookshelf ./kimai |
8 | tmpfs-root zfs | 8 | tmpfs-root zfs |
9 | initrd-all-crypto-modules default-locale openssh rebuild-machines | 9 | initrd-all-crypto-modules default-locale openssh rebuild-machines |
10 | build-server | 10 | build-server |
@@ -136,7 +136,7 @@ with lib; | |||
136 | wantedBy = ["basic.target"]; | 136 | wantedBy = ["basic.target"]; |
137 | serviceConfig = { | 137 | serviceConfig = { |
138 | ExecStart = pkgs.writeShellScript "limit-pstate-start" '' | 138 | ExecStart = pkgs.writeShellScript "limit-pstate-start" '' |
139 | echo 50 > /sys/devices/system/cpu/intel_pstate/max_perf_pct | 139 | echo 40 > /sys/devices/system/cpu/intel_pstate/max_perf_pct |
140 | ''; | 140 | ''; |
141 | RemainAfterExit = true; | 141 | RemainAfterExit = true; |
142 | ExecStop = pkgs.writeShellScript "limit-pstate-stop" '' | 142 | ExecStop = pkgs.writeShellScript "limit-pstate-stop" '' |
diff --git a/hosts/vidhar/kimai/default.nix b/hosts/vidhar/kimai/default.nix new file mode 100644 index 00000000..0258697b --- /dev/null +++ b/hosts/vidhar/kimai/default.nix | |||
@@ -0,0 +1,89 @@ | |||
1 | { flake, config, ... }: | ||
2 | |||
3 | { | ||
4 | config = { | ||
5 | boot.enableContainers = true; | ||
6 | boot.kernel.sysctl = { | ||
7 | "net.netfilter.nf_log_all_netns" = true; | ||
8 | }; | ||
9 | |||
10 | containers."kimai" = { | ||
11 | autoStart = true; | ||
12 | ephemeral = true; | ||
13 | bindMounts = { | ||
14 | "/var/lib/kimai" = { | ||
15 | hostPath = "/var/lib/kimai/state"; | ||
16 | isReadOnly = false; | ||
17 | }; | ||
18 | "/var/lib/mysql" = { | ||
19 | hostPath = "/var/lib/kimai/mysql"; | ||
20 | isReadOnly = false; | ||
21 | }; | ||
22 | }; | ||
23 | privateNetwork = true; | ||
24 | # forwardPorts = [ | ||
25 | # { containerPort = 80; | ||
26 | # hostPort = 28983; | ||
27 | # } | ||
28 | # ]; | ||
29 | hostAddress = "192.168.52.113"; | ||
30 | localAddress = "192.168.52.114"; | ||
31 | hostAddress6 = "2a03:4000:52:ada:6::1"; | ||
32 | localAddress6 = "2a03:4000:52:ada:6::2"; | ||
33 | config = let hostConfig = config; in { config, pkgs, lib, ... }: { | ||
34 | system.stateVersion = lib.mkIf hostConfig.containers."kimai".ephemeral config.system.nixos.release; | ||
35 | system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; | ||
36 | nixpkgs.pkgs = hostConfig.nixpkgs.pkgs; | ||
37 | |||
38 | services.kimai.sites."kimai.yggdrasil.li" = { | ||
39 | database.socket = "/run/mysqld/mysqld.sock"; | ||
40 | }; | ||
41 | |||
42 | networking = { | ||
43 | useDHCP = false; | ||
44 | useNetworkd = true; | ||
45 | useHostResolvConf = false; | ||
46 | firewall.enable = false; | ||
47 | nftables = { | ||
48 | enable = true; | ||
49 | rulesetFile = ./ruleset.nft; | ||
50 | }; | ||
51 | }; | ||
52 | |||
53 | services.resolved.fallbackDns = [ | ||
54 | "9.9.9.10#dns10.quad9.net" | ||
55 | "149.112.112.10#dns10.quad9.net" | ||
56 | "2620:fe::10#dns10.quad9.net" | ||
57 | "2620:fe::fe:10#dns10.quad9.net" | ||
58 | ]; | ||
59 | |||
60 | systemd.network = { | ||
61 | networks.upstream = { | ||
62 | name = "eth0"; | ||
63 | matchConfig = { | ||
64 | Name = "eth0"; | ||
65 | }; | ||
66 | linkConfig = { | ||
67 | RequiredForOnline = true; | ||
68 | }; | ||
69 | networkConfig = { | ||
70 | Address = [ "192.168.52.114/32" "2a03:4000:52:ada:6::2/128" ]; | ||
71 | LLMNR = false; | ||
72 | MulticastDNS = false; | ||
73 | }; | ||
74 | routes = [ | ||
75 | { Destination = "192.168.52.113/32"; } | ||
76 | { Destination = "2a03:4000:52:ada:6::1/128"; } | ||
77 | { Destination = "0.0.0.0/0"; | ||
78 | Gateway = "192.168.52.113"; | ||
79 | } | ||
80 | { Destination = "::/0"; | ||
81 | Gateway = "2a03:4000:52:ada:6::1"; | ||
82 | } | ||
83 | ]; | ||
84 | }; | ||
85 | }; | ||
86 | }; | ||
87 | }; | ||
88 | }; | ||
89 | } | ||
diff --git a/hosts/vidhar/kimai/ruleset.nft b/hosts/vidhar/kimai/ruleset.nft new file mode 100644 index 00000000..ad4db6d5 --- /dev/null +++ b/hosts/vidhar/kimai/ruleset.nft | |||
@@ -0,0 +1,149 @@ | |||
1 | define icmp_protos = {ipv6-icmp, icmp, igmp} | ||
2 | |||
3 | table arp filter { | ||
4 | limit lim_arp { | ||
5 | rate over 50 mbytes/second burst 50 mbytes | ||
6 | } | ||
7 | |||
8 | counter arp-rx {} | ||
9 | counter arp-tx {} | ||
10 | |||
11 | counter arp-ratelimit-rx {} | ||
12 | counter arp-ratelimit-tx {} | ||
13 | |||
14 | chain input { | ||
15 | type filter hook input priority filter | ||
16 | policy accept | ||
17 | |||
18 | limit name lim_arp counter name arp-ratelimit-rx drop | ||
19 | |||
20 | counter name arp-rx | ||
21 | } | ||
22 | |||
23 | chain output { | ||
24 | type filter hook output priority filter | ||
25 | policy accept | ||
26 | |||
27 | limit name lim_arp counter name arp-ratelimit-tx drop | ||
28 | |||
29 | counter name arp-tx | ||
30 | } | ||
31 | } | ||
32 | |||
33 | table inet filter { | ||
34 | limit lim_reject { | ||
35 | rate over 1000/second burst 1000 packets | ||
36 | } | ||
37 | |||
38 | limit lim_icmp { | ||
39 | rate over 50 mbytes/second burst 50 mbytes | ||
40 | } | ||
41 | |||
42 | counter invalid-fw {} | ||
43 | counter fw-lo {} | ||
44 | |||
45 | counter reject-ratelimit-fw {} | ||
46 | counter reject-fw {} | ||
47 | counter reject-tcp-fw {} | ||
48 | counter reject-icmp-fw {} | ||
49 | |||
50 | counter drop-fw {} | ||
51 | |||
52 | counter invalid-rx {} | ||
53 | |||
54 | counter rx-lo {} | ||
55 | counter invalid-local4-rx {} | ||
56 | counter invalid-local6-rx {} | ||
57 | |||
58 | counter icmp-ratelimit-rx {} | ||
59 | counter icmp-rx {} | ||
60 | |||
61 | counter kimai-rx {} | ||
62 | |||
63 | counter established-rx {} | ||
64 | |||
65 | counter reject-ratelimit-rx {} | ||
66 | counter reject-rx {} | ||
67 | counter reject-tcp-rx {} | ||
68 | counter reject-icmp-rx {} | ||
69 | |||
70 | counter drop-rx {} | ||
71 | |||
72 | counter tx-lo {} | ||
73 | |||
74 | counter icmp-ratelimit-tx {} | ||
75 | counter icmp-tx {} | ||
76 | |||
77 | counter kimai-tx {} | ||
78 | |||
79 | counter tx {} | ||
80 | |||
81 | chain forward { | ||
82 | type filter hook forward priority filter | ||
83 | policy drop | ||
84 | |||
85 | |||
86 | ct state invalid log level debug prefix "kimai: drop invalid forward: " counter name invalid-fw drop | ||
87 | |||
88 | |||
89 | iifname lo counter name fw-lo accept | ||
90 | |||
91 | |||
92 | limit name lim_reject log level debug prefix "kimai: drop forward: " counter name reject-ratelimit-fw drop | ||
93 | log level debug prefix "kimai: reject forward: " counter name reject-fw | ||
94 | meta l4proto tcp ct state new counter name reject-tcp-fw reject with tcp reset | ||
95 | ct state new counter name reject-icmp-fw reject | ||
96 | |||
97 | |||
98 | counter name drop-fw | ||
99 | } | ||
100 | |||
101 | chain input { | ||
102 | type filter hook input priority filter | ||
103 | policy drop | ||
104 | |||
105 | |||
106 | ct state invalid log level debug prefix "kimai: drop invalid input: " counter name invalid-rx drop | ||
107 | |||
108 | |||
109 | iifname lo counter name rx-lo accept | ||
110 | iif != lo ip daddr 127.0.0.1/8 counter name invalid-local4-rx reject | ||
111 | iif != lo ip6 daddr ::1/128 counter name invalid-local6-rx reject | ||
112 | |||
113 | |||
114 | meta l4proto $icmp_protos limit name lim_icmp counter name icmp-ratelimit-rx drop | ||
115 | meta l4proto $icmp_protos counter name icmp-rx accept | ||
116 | |||
117 | |||
118 | tcp dport 80 counter name kimai-rx accept | ||
119 | |||
120 | |||
121 | ct state { established, related } counter name established-rx accept | ||
122 | |||
123 | |||
124 | limit name lim_reject log level debug prefix "kimai: drop input: " counter name reject-ratelimit-rx drop | ||
125 | log level debug prefix "kimai: reject input: " counter name reject-rx | ||
126 | meta l4proto tcp ct state new counter name reject-tcp-rx reject with tcp reset | ||
127 | ct state new counter name reject-icmp-rx reject | ||
128 | |||
129 | |||
130 | counter name drop-rx | ||
131 | } | ||
132 | |||
133 | chain output { | ||
134 | type filter hook output priority filter | ||
135 | policy accept | ||
136 | |||
137 | |||
138 | oifname lo counter name tx-lo accept | ||
139 | |||
140 | meta l4proto $icmp_protos limit name lim_icmp counter name icmp-ratelimit-tx drop | ||
141 | meta l4proto $icmp_protos counter name icmp-tx accept | ||
142 | |||
143 | |||
144 | tcp sport 80 counter name kimai-tx | ||
145 | |||
146 | |||
147 | counter name tx | ||
148 | } | ||
149 | } | ||
diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft index 6b0ac9fc..7897fb3d 100644 --- a/hosts/vidhar/network/ruleset.nft +++ b/hosts/vidhar/network/ruleset.nft | |||
@@ -60,6 +60,7 @@ table inet filter { | |||
60 | counter fw-lo {} | 60 | counter fw-lo {} |
61 | counter fw-lan {} | 61 | counter fw-lan {} |
62 | counter fw-gpon {} | 62 | counter fw-gpon {} |
63 | counter fw-kimai {} | ||
63 | 64 | ||
64 | counter fw-cups {} | 65 | counter fw-cups {} |
65 | 66 | ||
@@ -95,6 +96,7 @@ table inet filter { | |||
95 | counter paperless-rx {} | 96 | counter paperless-rx {} |
96 | counter hledger-rx {} | 97 | counter hledger-rx {} |
97 | counter audiobookshelf-rx {} | 98 | counter audiobookshelf-rx {} |
99 | counter kimai-rx {} | ||
98 | 100 | ||
99 | counter established-rx {} | 101 | counter established-rx {} |
100 | 102 | ||
@@ -127,6 +129,7 @@ table inet filter { | |||
127 | counter paperless-tx {} | 129 | counter paperless-tx {} |
128 | counter hledger-tx {} | 130 | counter hledger-tx {} |
129 | counter audiobookshelf-tx {} | 131 | counter audiobookshelf-tx {} |
132 | counter kimai-tx {} | ||
130 | 133 | ||
131 | counter tx {} | 134 | counter tx {} |
132 | 135 | ||
@@ -150,8 +153,13 @@ table inet filter { | |||
150 | 153 | ||
151 | oifname { lan, gpon, bifrost } meta l4proto $icmp_protos jump forward_icmp_accept | 154 | oifname { lan, gpon, bifrost } meta l4proto $icmp_protos jump forward_icmp_accept |
152 | iifname lan oifname { gpon, bifrost } counter name fw-lan accept | 155 | iifname lan oifname { gpon, bifrost } counter name fw-lan accept |
156 | iifname ve-kimai oifname gpon counter name fw-kimai accept | ||
153 | 157 | ||
154 | iifname gpon oifname lan ct state { established, related } counter name fw-gpon accept | 158 | iifname gpon oifname lan ct state { established, related } counter name fw-gpon accept |
159 | iifname gpon oifname ve-kimai ct state { established, related } counter name fw-kimai accept | ||
160 | |||
161 | iifname bifrost oifname ve-kimai tcp dport 80 ip6 saddr $bifrost_surtr ip6 daddr 2a03:4000:52:ada:6::2 counter name kimai-rx accept | ||
162 | iifname ve-kimai oifname bifrost tcp sport 80 ip6 saddr 2a03:4000:52:ada:6::2 ip6 daddr $bifrost_surtr counter name kimai-tx accept | ||
155 | 163 | ||
156 | 164 | ||
157 | limit name lim_reject log level debug prefix "drop forward: " counter name reject-ratelimit-fw drop | 165 | limit name lim_reject log level debug prefix "drop forward: " counter name reject-ratelimit-fw drop |
@@ -266,7 +274,7 @@ table inet filter { | |||
266 | 274 | ||
267 | table inet nat { | 275 | table inet nat { |
268 | counter gpon-nat {} | 276 | counter gpon-nat {} |
269 | # counter container-nat {} | 277 | counter kimai-nat {} |
270 | 278 | ||
271 | chain postrouting { | 279 | chain postrouting { |
272 | type nat hook postrouting priority srcnat | 280 | type nat hook postrouting priority srcnat |
@@ -274,7 +282,7 @@ table inet nat { | |||
274 | 282 | ||
275 | 283 | ||
276 | meta nfproto ipv4 oifname gpon counter name gpon-nat masquerade | 284 | meta nfproto ipv4 oifname gpon counter name gpon-nat masquerade |
277 | # iifname ve-* oifname gpon counter name container-nat masquerade | 285 | iifname ve-kimai oifname gpon counter name kimai-nat masquerade |
278 | } | 286 | } |
279 | } | 287 | } |
280 | 288 | ||
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index b1d90d47..094f9f7a 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix | |||
@@ -27,6 +27,7 @@ in { | |||
27 | 27 | ||
28 | extraFlags = [ | 28 | extraFlags = [ |
29 | "--web.enable-remote-write-receiver" | 29 | "--web.enable-remote-write-receiver" |
30 | "--storage.tsdb.retention.size=35GB" | ||
30 | ]; | 31 | ]; |
31 | 32 | ||
32 | exporters = { | 33 | exporters = { |
diff --git a/lib/pythonSet.nix b/lib/pythonSet.nix new file mode 100644 index 00000000..c69216cc --- /dev/null +++ b/lib/pythonSet.nix | |||
@@ -0,0 +1,42 @@ | |||
1 | { uv2nix, pyproject-nix, pyproject-build-systems, ... }: | ||
2 | { pkgs, python, overlay, lib ? pkgs.lib }: | ||
3 | (pkgs.callPackage pyproject-nix.build.packages { | ||
4 | inherit python; | ||
5 | }).overrideScope | ||
6 | ( | ||
7 | lib.composeManyExtensions [ | ||
8 | pyproject-build-systems.overlays.default | ||
9 | overlay | ||
10 | (final: prev: { | ||
11 | sdnotify = (prev.sdnotify.override { | ||
12 | sourcePreference = "sdist"; | ||
13 | }).overrideAttrs (oldAttrs: { | ||
14 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ | ||
15 | (final.resolveBuildSystem { setuptools = []; }) | ||
16 | ]; | ||
17 | }); | ||
18 | systemd-python = (prev.systemd-python.override { | ||
19 | sourcePreference = "sdist"; | ||
20 | }).overrideAttrs (oldAttrs: { | ||
21 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ | ||
22 | pkgs.pkg-config pkgs.systemd.dev | ||
23 | (final.resolveBuildSystem { setuptools = []; }) | ||
24 | ]; | ||
25 | }); | ||
26 | halo = (prev.halo.override { | ||
27 | sourcePreference = "sdist"; | ||
28 | }).overrideAttrs (oldAttrs: { | ||
29 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ | ||
30 | (final.resolveBuildSystem { setuptools = []; }) | ||
31 | ]; | ||
32 | }); | ||
33 | unshare = (prev.unshare.override { | ||
34 | sourcePreference = "sdist"; | ||
35 | }).overrideAttrs (oldAttrs: { | ||
36 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ | ||
37 | (final.resolveBuildSystem { setuptools = []; }) | ||
38 | ]; | ||
39 | }); | ||
40 | }) | ||
41 | ] | ||
42 | ) | ||
diff --git a/modules/abs-podcast-autoplaylist.nix b/modules/abs-podcast-autoplaylist.nix index 2532cfc3..f526a434 100644 --- a/modules/abs-podcast-autoplaylist.nix +++ b/modules/abs-podcast-autoplaylist.nix | |||
@@ -37,6 +37,7 @@ in { | |||
37 | PrivateDevices = true; | 37 | PrivateDevices = true; |
38 | Type = "oneshot"; | 38 | Type = "oneshot"; |
39 | ExecStart = "${lib.getExe pkgs.abs-podcast-autoplaylist} %I.toml"; | 39 | ExecStart = "${lib.getExe pkgs.abs-podcast-autoplaylist} %I.toml"; |
40 | TimeoutSec = "5min"; | ||
40 | }; | 41 | }; |
41 | }; | 42 | }; |
42 | } // lib.mapAttrs' (name: { configSecret, ... }: lib.nameValuePair "abs-podcast-autoplaylist@${utils.escapeSystemdPath name}" { | 43 | } // lib.mapAttrs' (name: { configSecret, ... }: lib.nameValuePair "abs-podcast-autoplaylist@${utils.escapeSystemdPath name}" { |
diff --git a/modules/borgcopy/.envrc b/modules/borgcopy/.envrc new file mode 100644 index 00000000..01e755c1 --- /dev/null +++ b/modules/borgcopy/.envrc | |||
@@ -0,0 +1,4 @@ | |||
1 | use flake | ||
2 | |||
3 | uv venv && uv sync | ||
4 | . .venv/bin/activate | ||
diff --git a/modules/borgcopy/.gitignore b/modules/borgcopy/.gitignore new file mode 100644 index 00000000..4ccfae70 --- /dev/null +++ b/modules/borgcopy/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | .venv | ||
2 | **/__pycache__ | ||
diff --git a/modules/borgcopy/default.nix b/modules/borgcopy/default.nix index 8e1afc27..af021777 100644 --- a/modules/borgcopy/default.nix +++ b/modules/borgcopy/default.nix | |||
@@ -1,25 +1,32 @@ | |||
1 | { config, pkgs, lib, utils, flakeInputs, ... }: | 1 | { config, pkgs, lib, utils, flake, flakeInputs, ... }: |
2 | 2 | ||
3 | with lib; | 3 | with lib; |
4 | 4 | ||
5 | let | 5 | let |
6 | copyBorg = | 6 | copyBorg = let |
7 | with pkgs.poetry2nix; | 7 | workspace = flakeInputs.uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./.; }; |
8 | mkPoetryApplication { | 8 | pythonSet = flake.lib.pythonSet { |
9 | projectDir = cleanPythonSources { src = ./.; }; | 9 | inherit pkgs; |
10 | python = pkgs.python312; | ||
11 | overlay = workspace.mkPyprojectOverlay { | ||
12 | sourcePreference = "wheel"; | ||
13 | }; | ||
14 | }; | ||
15 | virtualEnv = pythonSet.mkVirtualEnv "copy_borg" workspace.deps.default; | ||
16 | in virtualEnv.overrideAttrs (oldAttrs: { | ||
17 | meta = (oldAttrs.meta or {}) // { | ||
18 | mainProgram = "copy_borg"; | ||
19 | }; | ||
10 | 20 | ||
11 | overrides = overrides.withDefaults (self: super: { | 21 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ pkgs.makeWrapper ]; |
12 | pyprctl = super.pyprctl.overridePythonAttrs (oldAttrs: { | ||
13 | buildInputs = (oldAttrs.buildInputs or []) ++ [super.setuptools]; | ||
14 | }); | ||
15 | inherit (pkgs.python3Packages) python-unshare; | ||
16 | }); | ||
17 | 22 | ||
18 | postInstall = '' | 23 | postInstall = '' |
19 | wrapProgram $out/bin/copy_borg \ | 24 | ${oldAttrs.postInstall or ""} |
20 | --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir} | 25 | |
21 | ''; | 26 | wrapProgram $out/bin/copy_borg \ |
22 | }; | 27 | --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir} |
28 | ''; | ||
29 | }); | ||
23 | 30 | ||
24 | copyService = name: opts: nameValuePair "copy-borg@${utils.escapeSystemdPath name}" { | 31 | copyService = name: opts: nameValuePair "copy-borg@${utils.escapeSystemdPath name}" { |
25 | restartIfChanged = false; | 32 | restartIfChanged = false; |
diff --git a/modules/borgcopy/poetry.lock b/modules/borgcopy/poetry.lock deleted file mode 100644 index 759ecfe9..00000000 --- a/modules/borgcopy/poetry.lock +++ /dev/null | |||
@@ -1,180 +0,0 @@ | |||
1 | # This file is automatically @generated by Poetry 1.4.2 and should not be changed by hand. | ||
2 | |||
3 | [[package]] | ||
4 | name = "colorama" | ||
5 | version = "0.4.6" | ||
6 | description = "Cross-platform colored terminal text." | ||
7 | category = "main" | ||
8 | optional = false | ||
9 | python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" | ||
10 | files = [ | ||
11 | {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, | ||
12 | {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, | ||
13 | ] | ||
14 | |||
15 | [[package]] | ||
16 | name = "halo" | ||
17 | version = "0.0.31" | ||
18 | description = "Beautiful terminal spinners in Python" | ||
19 | category = "main" | ||
20 | optional = false | ||
21 | python-versions = ">=3.4" | ||
22 | files = [ | ||
23 | {file = "halo-0.0.31-py2-none-any.whl", hash = "sha256:5350488fb7d2aa7c31a1344120cee67a872901ce8858f60da7946cef96c208ab"}, | ||
24 | {file = "halo-0.0.31.tar.gz", hash = "sha256:7b67a3521ee91d53b7152d4ee3452811e1d2a6321975137762eb3d70063cc9d6"}, | ||
25 | ] | ||
26 | |||
27 | [package.dependencies] | ||
28 | colorama = ">=0.3.9" | ||
29 | log-symbols = ">=0.0.14" | ||
30 | six = ">=1.12.0" | ||
31 | spinners = ">=0.0.24" | ||
32 | termcolor = ">=1.1.0" | ||
33 | |||
34 | [package.extras] | ||
35 | ipython = ["IPython (==5.7.0)", "ipywidgets (==7.1.0)"] | ||
36 | |||
37 | [[package]] | ||
38 | name = "humanize" | ||
39 | version = "4.6.0" | ||
40 | description = "Python humanize utilities" | ||
41 | category = "main" | ||
42 | optional = false | ||
43 | python-versions = ">=3.7" | ||
44 | files = [ | ||
45 | {file = "humanize-4.6.0-py3-none-any.whl", hash = "sha256:401201aca462749773f02920139f302450cb548b70489b9b4b92be39fe3c3c50"}, | ||
46 | {file = "humanize-4.6.0.tar.gz", hash = "sha256:5f1f22bc65911eb1a6ffe7659bd6598e33dcfeeb904eb16ee1e705a09bf75916"}, | ||
47 | ] | ||
48 | |||
49 | [package.extras] | ||
50 | tests = ["freezegun", "pytest", "pytest-cov"] | ||
51 | |||
52 | [[package]] | ||
53 | name = "log-symbols" | ||
54 | version = "0.0.14" | ||
55 | description = "Colored symbols for various log levels for Python" | ||
56 | category = "main" | ||
57 | optional = false | ||
58 | python-versions = "*" | ||
59 | files = [ | ||
60 | {file = "log_symbols-0.0.14-py3-none-any.whl", hash = "sha256:4952106ff8b605ab7d5081dd2c7e6ca7374584eff7086f499c06edd1ce56dcca"}, | ||
61 | {file = "log_symbols-0.0.14.tar.gz", hash = "sha256:cf0bbc6fe1a8e53f0d174a716bc625c4f87043cc21eb55dd8a740cfe22680556"}, | ||
62 | ] | ||
63 | |||
64 | [package.dependencies] | ||
65 | colorama = ">=0.3.9" | ||
66 | |||
67 | [[package]] | ||
68 | name = "pyprctl" | ||
69 | version = "0.1.3" | ||
70 | description = "An interface to Linux's prctl() syscall written in pure Python using ctypes." | ||
71 | category = "main" | ||
72 | optional = false | ||
73 | python-versions = ">=3.6" | ||
74 | files = [ | ||
75 | {file = "pyprctl-0.1.3-py3-none-any.whl", hash = "sha256:6302e5114f078fb33e5799835d0a69e2fc180bb6b28ad073515fa40c5272f1dd"}, | ||
76 | {file = "pyprctl-0.1.3.tar.gz", hash = "sha256:1fb54d3ab030ec02e4afc38fb9662d6634c12834e91ae7959de56a9c09f69c26"}, | ||
77 | ] | ||
78 | |||
79 | [[package]] | ||
80 | name = "python-dateutil" | ||
81 | version = "2.8.2" | ||
82 | description = "Extensions to the standard Python datetime module" | ||
83 | category = "main" | ||
84 | optional = false | ||
85 | python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" | ||
86 | files = [ | ||
87 | {file = "python-dateutil-2.8.2.tar.gz", hash = "sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86"}, | ||
88 | {file = "python_dateutil-2.8.2-py2.py3-none-any.whl", hash = "sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9"}, | ||
89 | ] | ||
90 | |||
91 | [package.dependencies] | ||
92 | six = ">=1.5" | ||
93 | |||
94 | [[package]] | ||
95 | name = "python-unshare" | ||
96 | version = "0.2" | ||
97 | description = "Python bindings for the Linux unshare() syscall" | ||
98 | category = "main" | ||
99 | optional = false | ||
100 | python-versions = "*" | ||
101 | files = [ | ||
102 | {file = "python-unshare-0.2.tar.gz", hash = "sha256:f79b7de441b6c27930b775085a6a4fd2f378b628737aaaebc2a6c519023fd47a"}, | ||
103 | ] | ||
104 | |||
105 | [[package]] | ||
106 | name = "six" | ||
107 | version = "1.16.0" | ||
108 | description = "Python 2 and 3 compatibility utilities" | ||
109 | category = "main" | ||
110 | optional = false | ||
111 | python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" | ||
112 | files = [ | ||
113 | {file = "six-1.16.0-py2.py3-none-any.whl", hash = "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"}, | ||
114 | {file = "six-1.16.0.tar.gz", hash = "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"}, | ||
115 | ] | ||
116 | |||
117 | [[package]] | ||
118 | name = "spinners" | ||
119 | version = "0.0.24" | ||
120 | description = "Spinners for terminals" | ||
121 | category = "main" | ||
122 | optional = false | ||
123 | python-versions = "*" | ||
124 | files = [ | ||
125 | {file = "spinners-0.0.24-py3-none-any.whl", hash = "sha256:2fa30d0b72c9650ad12bbe031c9943b8d441e41b4f5602b0ec977a19f3290e98"}, | ||
126 | {file = "spinners-0.0.24.tar.gz", hash = "sha256:1eb6aeb4781d72ab42ed8a01dcf20f3002bf50740d7154d12fb8c9769bf9e27f"}, | ||
127 | ] | ||
128 | |||
129 | [[package]] | ||
130 | name = "termcolor" | ||
131 | version = "2.2.0" | ||
132 | description = "ANSI color formatting for output in terminal" | ||
133 | category = "main" | ||
134 | optional = false | ||
135 | python-versions = ">=3.7" | ||
136 | files = [ | ||
137 | {file = "termcolor-2.2.0-py3-none-any.whl", hash = "sha256:91ddd848e7251200eac969846cbae2dacd7d71c2871e92733289e7e3666f48e7"}, | ||
138 | {file = "termcolor-2.2.0.tar.gz", hash = "sha256:dfc8ac3f350788f23b2947b3e6cfa5a53b630b612e6cd8965a015a776020b99a"}, | ||
139 | ] | ||
140 | |||
141 | [package.extras] | ||
142 | tests = ["pytest", "pytest-cov"] | ||
143 | |||
144 | [[package]] | ||
145 | name = "tqdm" | ||
146 | version = "4.65.0" | ||
147 | description = "Fast, Extensible Progress Meter" | ||
148 | category = "main" | ||
149 | optional = false | ||
150 | python-versions = ">=3.7" | ||
151 | files = [ | ||
152 | {file = "tqdm-4.65.0-py3-none-any.whl", hash = "sha256:c4f53a17fe37e132815abceec022631be8ffe1b9381c2e6e30aa70edc99e9671"}, | ||
153 | {file = "tqdm-4.65.0.tar.gz", hash = "sha256:1871fb68a86b8fb3b59ca4cdd3dcccbc7e6d613eeed31f4c332531977b89beb5"}, | ||
154 | ] | ||
155 | |||
156 | [package.dependencies] | ||
157 | colorama = {version = "*", markers = "platform_system == \"Windows\""} | ||
158 | |||
159 | [package.extras] | ||
160 | dev = ["py-make (>=0.1.0)", "twine", "wheel"] | ||
161 | notebook = ["ipywidgets (>=6)"] | ||
162 | slack = ["slack-sdk"] | ||
163 | telegram = ["requests"] | ||
164 | |||
165 | [[package]] | ||
166 | name = "xdg" | ||
167 | version = "6.0.0" | ||
168 | description = "Variables defined by the XDG Base Directory Specification" | ||
169 | category = "main" | ||
170 | optional = false | ||
171 | python-versions = ">=3.7,<4.0" | ||
172 | files = [ | ||
173 | {file = "xdg-6.0.0-py3-none-any.whl", hash = "sha256:df3510755b4395157fc04fc3b02467c777f3b3ca383257397f09ab0d4c16f936"}, | ||
174 | {file = "xdg-6.0.0.tar.gz", hash = "sha256:24278094f2d45e846d1eb28a2ebb92d7b67fc0cab5249ee3ce88c95f649a1c92"}, | ||
175 | ] | ||
176 | |||
177 | [metadata] | ||
178 | lock-version = "2.0" | ||
179 | python-versions = ">=3.10.0,<3.12" | ||
180 | content-hash = "3c6b538852447a8f3ae34e1be122716d47e669a2b44f7c5d3d850e5d877353c7" | ||
diff --git a/modules/borgcopy/pyproject.toml b/modules/borgcopy/pyproject.toml index f3401ed2..d76d73c6 100644 --- a/modules/borgcopy/pyproject.toml +++ b/modules/borgcopy/pyproject.toml | |||
@@ -1,22 +1,25 @@ | |||
1 | [tool.poetry] | 1 | [project] |
2 | name = "copy_borg" | 2 | name = "copy_borg" |
3 | version = "0.0.0" | 3 | version = "0.0.0" |
4 | authors = ["Gregor Kleen <gkleen@yggdrasil.li>"] | ||
5 | description = "" | 4 | description = "" |
5 | authors = [{ name = "Gregor Kleen", email = "gkleen@yggdrasil.li" }] | ||
6 | requires-python = "~=3.12" | ||
7 | dependencies = [ | ||
8 | "humanize>=4.6.0,<5", | ||
9 | "tqdm>=4.65.0,<5", | ||
10 | "python-dateutil>=2.8.2,<3", | ||
11 | "xdg>=6.0.0,<7", | ||
12 | "pyprctl>=0.1.3,<0.2", | ||
13 | "halo>=0.0.31,<0.0.32", | ||
14 | "unshare>=0.22", | ||
15 | ] | ||
6 | 16 | ||
7 | [tool.poetry.scripts] | 17 | [project.scripts] |
8 | copy_borg = "copy_borg.__main__:main" | 18 | copy_borg = "copy_borg.__main__:main" |
9 | 19 | ||
10 | [tool.poetry.dependencies] | ||
11 | python = ">=3.10.0,<3.12" | ||
12 | humanize = "^4.6.0" | ||
13 | tqdm = "^4.65.0" | ||
14 | python-dateutil = "^2.8.2" | ||
15 | xdg = "^6.0.0" | ||
16 | python-unshare = "^0.2" | ||
17 | pyprctl = "^0.1.3" | ||
18 | halo = "^0.0.31" | ||
19 | |||
20 | [build-system] | 20 | [build-system] |
21 | requires = ["poetry-core>=1.0.0"] | 21 | requires = ["hatchling"] |
22 | build-backend = "poetry.core.masonry.api" \ No newline at end of file | 22 | build-backend = "hatchling.build" |
23 | |||
24 | [tool.hatch.build.targets.wheel] | ||
25 | packages = ["copy_borg"] | ||
diff --git a/modules/borgcopy/uv.lock b/modules/borgcopy/uv.lock new file mode 100644 index 00000000..1a282598 --- /dev/null +++ b/modules/borgcopy/uv.lock | |||
@@ -0,0 +1,146 @@ | |||
1 | version = 1 | ||
2 | revision = 2 | ||
3 | requires-python = ">=3.12, <4" | ||
4 | |||
5 | [[package]] | ||
6 | name = "colorama" | ||
7 | version = "0.4.6" | ||
8 | source = { registry = "https://pypi.org/simple" } | ||
9 | sdist = { url = "https://files.pythonhosted.org/packages/d8/53/6f443c9a4a8358a93a6792e2acffb9d9d5cb0a5cfd8802644b7b1c9a02e4/colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", size = 27697, upload-time = "2022-10-25T02:36:22.414Z" } | ||
10 | wheels = [ | ||
11 | { url = "https://files.pythonhosted.org/packages/d1/d6/3965ed04c63042e047cb6a3e6ed1a63a35087b6a609aa3a15ed8ac56c221/colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6", size = 25335, upload-time = "2022-10-25T02:36:20.889Z" }, | ||
12 | ] | ||
13 | |||
14 | [[package]] | ||
15 | name = "copy-borg" | ||
16 | version = "0.0.0" | ||
17 | source = { editable = "." } | ||
18 | dependencies = [ | ||
19 | { name = "halo" }, | ||
20 | { name = "humanize" }, | ||
21 | { name = "pyprctl" }, | ||
22 | { name = "python-dateutil" }, | ||
23 | { name = "tqdm" }, | ||
24 | { name = "unshare" }, | ||
25 | { name = "xdg" }, | ||
26 | ] | ||
27 | |||
28 | [package.metadata] | ||
29 | requires-dist = [ | ||
30 | { name = "halo", specifier = ">=0.0.31,<0.0.32" }, | ||
31 | { name = "humanize", specifier = ">=4.6.0,<5" }, | ||
32 | { name = "pyprctl", specifier = ">=0.1.3,<0.2" }, | ||
33 | { name = "python-dateutil", specifier = ">=2.8.2,<3" }, | ||
34 | { name = "tqdm", specifier = ">=4.65.0,<5" }, | ||
35 | { name = "unshare", specifier = ">=0.22" }, | ||
36 | { name = "xdg", specifier = ">=6.0.0,<7" }, | ||
37 | ] | ||
38 | |||
39 | [[package]] | ||
40 | name = "halo" | ||
41 | version = "0.0.31" | ||
42 | source = { registry = "https://pypi.org/simple" } | ||
43 | dependencies = [ | ||
44 | { name = "colorama" }, | ||
45 | { name = "log-symbols" }, | ||
46 | { name = "six" }, | ||
47 | { name = "spinners" }, | ||
48 | { name = "termcolor" }, | ||
49 | ] | ||
50 | sdist = { url = "https://files.pythonhosted.org/packages/ee/48/d53580d30b1fabf25d0d1fcc3f5b26d08d2ac75a1890ff6d262f9f027436/halo-0.0.31.tar.gz", hash = "sha256:7b67a3521ee91d53b7152d4ee3452811e1d2a6321975137762eb3d70063cc9d6", size = 11666, upload-time = "2020-11-10T02:36:48.335Z" } | ||
51 | |||
52 | [[package]] | ||
53 | name = "humanize" | ||
54 | version = "4.12.3" | ||
55 | source = { registry = "https://pypi.org/simple" } | ||
56 | sdist = { url = "https://files.pythonhosted.org/packages/22/d1/bbc4d251187a43f69844f7fd8941426549bbe4723e8ff0a7441796b0789f/humanize-4.12.3.tar.gz", hash = "sha256:8430be3a615106fdfceb0b2c1b41c4c98c6b0fc5cc59663a5539b111dd325fb0", size = 80514, upload-time = "2025-04-30T11:51:07.98Z" } | ||
57 | wheels = [ | ||
58 | { url = "https://files.pythonhosted.org/packages/a0/1e/62a2ec3104394a2975a2629eec89276ede9dbe717092f6966fcf963e1bf0/humanize-4.12.3-py3-none-any.whl", hash = "sha256:2cbf6370af06568fa6d2da77c86edb7886f3160ecd19ee1ffef07979efc597f6", size = 128487, upload-time = "2025-04-30T11:51:06.468Z" }, | ||
59 | ] | ||
60 | |||
61 | [[package]] | ||
62 | name = "log-symbols" | ||
63 | version = "0.0.14" | ||
64 | source = { registry = "https://pypi.org/simple" } | ||
65 | dependencies = [ | ||
66 | { name = "colorama" }, | ||
67 | ] | ||
68 | sdist = { url = "https://files.pythonhosted.org/packages/45/87/e86645d758a4401c8c81914b6a88470634d1785c9ad09823fa4a1bd89250/log_symbols-0.0.14.tar.gz", hash = "sha256:cf0bbc6fe1a8e53f0d174a716bc625c4f87043cc21eb55dd8a740cfe22680556", size = 3211, upload-time = "2019-08-08T06:32:22.538Z" } | ||
69 | wheels = [ | ||
70 | { url = "https://files.pythonhosted.org/packages/28/5d/d710c38be68b0fb54e645048fe359c3904cc3cb64b2de9d40e1712bf110c/log_symbols-0.0.14-py3-none-any.whl", hash = "sha256:4952106ff8b605ab7d5081dd2c7e6ca7374584eff7086f499c06edd1ce56dcca", size = 3081, upload-time = "2019-08-08T06:32:20.604Z" }, | ||
71 | ] | ||
72 | |||
73 | [[package]] | ||
74 | name = "pyprctl" | ||
75 | version = "0.1.3" | ||
76 | source = { registry = "https://pypi.org/simple" } | ||
77 | sdist = { url = "https://files.pythonhosted.org/packages/c9/16/6ed71ebcad76c1cd5f22185bcc6b31c0ee62fc5e693b626febea8fedeba3/pyprctl-0.1.3.tar.gz", hash = "sha256:1fb54d3ab030ec02e4afc38fb9662d6634c12834e91ae7959de56a9c09f69c26", size = 18739, upload-time = "2021-10-26T23:52:03.87Z" } | ||
78 | wheels = [ | ||
79 | { url = "https://files.pythonhosted.org/packages/bf/5e/62765de39bbce8111fb1f4453a4a804913bf49179fa265fb713ed66c9d15/pyprctl-0.1.3-py3-none-any.whl", hash = "sha256:6302e5114f078fb33e5799835d0a69e2fc180bb6b28ad073515fa40c5272f1dd", size = 20016, upload-time = "2021-10-26T23:52:02.986Z" }, | ||
80 | ] | ||
81 | |||
82 | [[package]] | ||
83 | name = "python-dateutil" | ||
84 | version = "2.9.0.post0" | ||
85 | source = { registry = "https://pypi.org/simple" } | ||
86 | dependencies = [ | ||
87 | { name = "six" }, | ||
88 | ] | ||
89 | sdist = { url = "https://files.pythonhosted.org/packages/66/c0/0c8b6ad9f17a802ee498c46e004a0eb49bc148f2fd230864601a86dcf6db/python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3", size = 342432, upload-time = "2024-03-01T18:36:20.211Z" } | ||
90 | wheels = [ | ||
91 | { url = "https://files.pythonhosted.org/packages/ec/57/56b9bcc3c9c6a792fcbaf139543cee77261f3651ca9da0c93f5c1221264b/python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427", size = 229892, upload-time = "2024-03-01T18:36:18.57Z" }, | ||
92 | ] | ||
93 | |||
94 | [[package]] | ||
95 | name = "six" | ||
96 | version = "1.17.0" | ||
97 | source = { registry = "https://pypi.org/simple" } | ||
98 | sdist = { url = "https://files.pythonhosted.org/packages/94/e7/b2c673351809dca68a0e064b6af791aa332cf192da575fd474ed7d6f16a2/six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81", size = 34031, upload-time = "2024-12-04T17:35:28.174Z" } | ||
99 | wheels = [ | ||
100 | { url = "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", size = 11050, upload-time = "2024-12-04T17:35:26.475Z" }, | ||
101 | ] | ||
102 | |||
103 | [[package]] | ||
104 | name = "spinners" | ||
105 | version = "0.0.24" | ||
106 | source = { registry = "https://pypi.org/simple" } | ||
107 | sdist = { url = "https://files.pythonhosted.org/packages/d3/91/bb331f0a43e04d950a710f402a0986a54147a35818df0e1658551c8d12e1/spinners-0.0.24.tar.gz", hash = "sha256:1eb6aeb4781d72ab42ed8a01dcf20f3002bf50740d7154d12fb8c9769bf9e27f", size = 5308, upload-time = "2020-02-19T21:42:32.326Z" } | ||
108 | wheels = [ | ||
109 | { url = "https://files.pythonhosted.org/packages/9f/8e/3310207a68118000ca27ac878b8386123628b335ecb3d4bec4743357f0d1/spinners-0.0.24-py3-none-any.whl", hash = "sha256:2fa30d0b72c9650ad12bbe031c9943b8d441e41b4f5602b0ec977a19f3290e98", size = 5499, upload-time = "2020-02-19T21:42:30.876Z" }, | ||
110 | ] | ||
111 | |||
112 | [[package]] | ||
113 | name = "termcolor" | ||
114 | version = "3.1.0" | ||
115 | source = { registry = "https://pypi.org/simple" } | ||
116 | sdist = { url = "https://files.pythonhosted.org/packages/ca/6c/3d75c196ac07ac8749600b60b03f4f6094d54e132c4d94ebac6ee0e0add0/termcolor-3.1.0.tar.gz", hash = "sha256:6a6dd7fbee581909eeec6a756cff1d7f7c376063b14e4a298dc4980309e55970", size = 14324, upload-time = "2025-04-30T11:37:53.791Z" } | ||
117 | wheels = [ | ||
118 | { url = "https://files.pythonhosted.org/packages/4f/bd/de8d508070629b6d84a30d01d57e4a65c69aa7f5abe7560b8fad3b50ea59/termcolor-3.1.0-py3-none-any.whl", hash = "sha256:591dd26b5c2ce03b9e43f391264626557873ce1d379019786f99b0c2bee140aa", size = 7684, upload-time = "2025-04-30T11:37:52.382Z" }, | ||
119 | ] | ||
120 | |||
121 | [[package]] | ||
122 | name = "tqdm" | ||
123 | version = "4.67.1" | ||
124 | source = { registry = "https://pypi.org/simple" } | ||
125 | dependencies = [ | ||
126 | { name = "colorama", marker = "sys_platform == 'win32'" }, | ||
127 | ] | ||
128 | sdist = { url = "https://files.pythonhosted.org/packages/a8/4b/29b4ef32e036bb34e4ab51796dd745cdba7ed47ad142a9f4a1eb8e0c744d/tqdm-4.67.1.tar.gz", hash = "sha256:f8aef9c52c08c13a65f30ea34f4e5aac3fd1a34959879d7e59e63027286627f2", size = 169737, upload-time = "2024-11-24T20:12:22.481Z" } | ||
129 | wheels = [ | ||
130 | { url = "https://files.pythonhosted.org/packages/d0/30/dc54f88dd4a2b5dc8a0279bdd7270e735851848b762aeb1c1184ed1f6b14/tqdm-4.67.1-py3-none-any.whl", hash = "sha256:26445eca388f82e72884e0d580d5464cd801a3ea01e63e5601bdff9ba6a48de2", size = 78540, upload-time = "2024-11-24T20:12:19.698Z" }, | ||
131 | ] | ||
132 | |||
133 | [[package]] | ||
134 | name = "unshare" | ||
135 | version = "0.22" | ||
136 | source = { registry = "https://pypi.org/simple" } | ||
137 | sdist = { url = "https://files.pythonhosted.org/packages/15/85/2ba218129c95b894efe87506489b525f859c40f6e21cb0521ff3cec754f4/unshare-0.22.tar.gz", hash = "sha256:d521d72cca6e876f22cbd5ff5eb51f1beef75e8f9c53b599b55fa05fba1dd3a6", size = 2041, upload-time = "2019-10-17T12:58:31.498Z" } | ||
138 | |||
139 | [[package]] | ||
140 | name = "xdg" | ||
141 | version = "6.0.0" | ||
142 | source = { registry = "https://pypi.org/simple" } | ||
143 | sdist = { url = "https://files.pythonhosted.org/packages/2a/b9/0e6e6f19fb75cf5e1758f4f33c1256738f718966700cffc0fde2f966218b/xdg-6.0.0.tar.gz", hash = "sha256:24278094f2d45e846d1eb28a2ebb92d7b67fc0cab5249ee3ce88c95f649a1c92", size = 3453, upload-time = "2023-02-27T19:27:44.309Z" } | ||
144 | wheels = [ | ||
145 | { url = "https://files.pythonhosted.org/packages/dd/54/3516c1cf349060fc3578686d271eba242f10ec00b4530c2985af9faac49b/xdg-6.0.0-py3-none-any.whl", hash = "sha256:df3510755b4395157fc04fc3b02467c777f3b3ca383257397f09ab0d4c16f936", size = 3855, upload-time = "2023-02-27T19:27:42.151Z" }, | ||
146 | ] | ||
diff --git a/modules/pgbackrest.nix b/modules/pgbackrest.nix index 81c74a8e..550e970b 100644 --- a/modules/pgbackrest.nix +++ b/modules/pgbackrest.nix | |||
@@ -43,6 +43,8 @@ let | |||
43 | loglevelType = types.enum ["off" "error" "warn" "info" "detail" "debug" "trace"]; | 43 | loglevelType = types.enum ["off" "error" "warn" "info" "detail" "debug" "trace"]; |
44 | inherit (utils.systemdUtils.unitOptions) unitOption; | 44 | inherit (utils.systemdUtils.unitOptions) unitOption; |
45 | in { | 45 | in { |
46 | disabledModules = ["services/backup/pgbackrest.nix"]; | ||
47 | |||
46 | options = { | 48 | options = { |
47 | services.pgbackrest = { | 49 | services.pgbackrest = { |
48 | enable = mkEnableOption "pgBackRest"; | 50 | enable = mkEnableOption "pgBackRest"; |
diff --git a/modules/systemd-run0.nix b/modules/systemd-run0.nix new file mode 100644 index 00000000..8575ec7c --- /dev/null +++ b/modules/systemd-run0.nix | |||
@@ -0,0 +1,4 @@ | |||
1 | { config, lib, ... }: | ||
2 | { | ||
3 | config.security.pam.services.systemd-run0 = lib.mkIf (lib.versionAtLeast config.systemd.package.version "256") {}; | ||
4 | } | ||
diff --git a/modules/uucp.nix b/modules/uucp.nix deleted file mode 100644 index 10f7297b..00000000 --- a/modules/uucp.nix +++ /dev/null | |||
@@ -1,373 +0,0 @@ | |||
1 | { flake, config, lib, pkgs, ... }: | ||
2 | |||
3 | with lib; | ||
4 | |||
5 | let | ||
6 | portSpec = name: node: concatStringsSep "\n" (map (port: '' | ||
7 | port ${name}.${port} | ||
8 | type pipe | ||
9 | protocol ${node.protocols} | ||
10 | reliable true | ||
11 | command ${pkgs.openssh}/bin/ssh -x -o batchmode=yes ${name}.${port} | ||
12 | '') node.hostnames); | ||
13 | sysSpec = name: node: '' | ||
14 | system ${name} | ||
15 | time any | ||
16 | chat-seven-bit false | ||
17 | chat . "" | ||
18 | protocol ${node.protocols} | ||
19 | command-path ${concatStringsSep " " cfg.commandPath} | ||
20 | commands ${concatStringsSep " " node.commands} | ||
21 | ${concatStringsSep "\nalternate\n" (map (port: '' | ||
22 | port ${name}.${port} | ||
23 | '') node.hostnames)} | ||
24 | ''; | ||
25 | sshConfig = name: node: concatStringsSep "\n" (map (port: '' | ||
26 | Host ${name}.${port} | ||
27 | Hostname ${port} | ||
28 | IdentitiesOnly Yes | ||
29 | IdentityFile ${cfg.sshKeyDir}/${name} | ||
30 | '') node.hostnames); | ||
31 | sshKeyGen = name: node: '' | ||
32 | if [[ ! -e ${cfg.sshKeyDir}/${name} ]]; then | ||
33 | ${pkgs.openssh}/bin/ssh-keygen ${escapeShellArgs node.generateKey} -f ${cfg.sshKeyDir}/${name} | ||
34 | fi | ||
35 | ''; | ||
36 | restrictKey = key: '' | ||
37 | restrict,command="${chat}" ${key} | ||
38 | ''; | ||
39 | chat = pkgs.writeScript "chat" '' | ||
40 | #!${pkgs.stdenv.shell} | ||
41 | |||
42 | echo . | ||
43 | exec ${config.security.wrapperDir}/uucico | ||
44 | ''; | ||
45 | |||
46 | nodeCfg = { | ||
47 | options = { | ||
48 | commands = mkOption { | ||
49 | type = types.listOf types.str; | ||
50 | default = cfg.defaultCommands; | ||
51 | defaultText = literalExpression "config.services.uucp.defaultCommands"; | ||
52 | description = "Commands to allow for this remote"; | ||
53 | }; | ||
54 | |||
55 | protocols = mkOption { | ||
56 | type = types.separatedString ""; | ||
57 | default = cfg.defaultProtocols; | ||
58 | defaultText = literalExpression "config.services.uucp.defaultProtocols"; | ||
59 | description = "UUCP protocols to use for this remote"; | ||
60 | }; | ||
61 | |||
62 | publicKeys = mkOption { | ||
63 | type = types.listOf types.str; | ||
64 | default = []; | ||
65 | description = "SSH client public keys for this node"; | ||
66 | }; | ||
67 | |||
68 | generateKey = mkOption { | ||
69 | type = types.listOf types.str; | ||
70 | default = [ "-t" "ed25519" "-N" "" ]; | ||
71 | description = "Arguments to pass to `ssh-keygen` to generate a keypair for communication with this host"; | ||
72 | }; | ||
73 | |||
74 | hostnames = mkOption { | ||
75 | type = types.listOf types.str; | ||
76 | default = []; | ||
77 | description = "Hostnames to try in order when connecting"; | ||
78 | }; | ||
79 | }; | ||
80 | }; | ||
81 | |||
82 | cfg = config.services.uucp; | ||
83 | in { | ||
84 | options = { | ||
85 | services.uucp = { | ||
86 | enable = mkOption { | ||
87 | type = types.bool; | ||
88 | default = false; | ||
89 | description = '' | ||
90 | If enabled we set up an account accesible via uucp over ssh | ||
91 | ''; | ||
92 | }; | ||
93 | |||
94 | nodeName = mkOption { | ||
95 | type = types.str; | ||
96 | default = "nixos"; | ||
97 | description = "uucp node name"; | ||
98 | }; | ||
99 | |||
100 | sshUser = mkOption { | ||
101 | type = types.attrs; | ||
102 | default = {}; | ||
103 | description = "Overrides for the local uucp linux-user"; | ||
104 | }; | ||
105 | |||
106 | extraSSHConfig = mkOption { | ||
107 | type = types.str; | ||
108 | default = ""; | ||
109 | description = "Extra SSH config"; | ||
110 | }; | ||
111 | |||
112 | remoteNodes = mkOption { | ||
113 | type = types.attrsOf (types.submodule nodeCfg); | ||
114 | default = {}; | ||
115 | description = '' | ||
116 | Ports to set up | ||
117 | Names will probably need to be configured in sshConfig | ||
118 | ''; | ||
119 | }; | ||
120 | |||
121 | commandPath = mkOption { | ||
122 | type = types.listOf types.path; | ||
123 | default = [ "${pkgs.rmail}/bin" ]; | ||
124 | defaultText = literalExpression ''[ "''${pkgs.rmail}/bin" ]''; | ||
125 | description = '' | ||
126 | Command search path for all systems | ||
127 | ''; | ||
128 | }; | ||
129 | |||
130 | defaultCommands = mkOption { | ||
131 | type = types.listOf types.str; | ||
132 | default = ["rmail"]; | ||
133 | description = "Commands allowed for remotes without explicit override"; | ||
134 | }; | ||
135 | |||
136 | defaultProtocols = mkOption { | ||
137 | type = types.separatedString ""; | ||
138 | default = "te"; | ||
139 | description = "UUCP protocol to use within ssh unless overriden"; | ||
140 | }; | ||
141 | |||
142 | incomingProtocols = mkOption { | ||
143 | type = types.separatedString ""; | ||
144 | default = "te"; | ||
145 | description = "UUCP protocols to use when called"; | ||
146 | }; | ||
147 | |||
148 | homeDir = mkOption { | ||
149 | type = types.path; | ||
150 | default = "/var/uucp"; | ||
151 | description = "Home of the uucp user"; | ||
152 | }; | ||
153 | |||
154 | sshKeyDir = mkOption { | ||
155 | type = types.path; | ||
156 | default = "${cfg.homeDir}/.ssh/"; | ||
157 | defaultText = literalExpression ''''${config.services.uucp.homeDir}/.ssh/''; | ||
158 | description = "Directory to store ssh keypairs"; | ||
159 | }; | ||
160 | |||
161 | spoolDir = mkOption { | ||
162 | type = types.path; | ||
163 | default = "/var/spool/uucp"; | ||
164 | description = "Spool directory"; | ||
165 | }; | ||
166 | |||
167 | lockDir = mkOption { | ||
168 | type = types.path; | ||
169 | default = "/var/spool/uucp"; | ||
170 | description = "Lock directory"; | ||
171 | }; | ||
172 | |||
173 | pubDir = mkOption { | ||
174 | type = types.path; | ||
175 | default = "/var/spool/uucppublic"; | ||
176 | description = "Public directory"; | ||
177 | }; | ||
178 | |||
179 | logFile = mkOption { | ||
180 | type = types.path; | ||
181 | default = "/var/log/uucp"; | ||
182 | description = "Log file"; | ||
183 | }; | ||
184 | |||
185 | statFile = mkOption { | ||
186 | type = types.path; | ||
187 | default = "/var/log/uucp.stat"; | ||
188 | description = "Statistics file"; | ||
189 | }; | ||
190 | |||
191 | debugFile = mkOption { | ||
192 | type = types.path; | ||
193 | default = "/var/log/uucp.debug"; | ||
194 | description = "Debug file"; | ||
195 | }; | ||
196 | |||
197 | interval = mkOption { | ||
198 | type = types.nullOr types.str; | ||
199 | default = "1h"; | ||
200 | description = '' | ||
201 | Specification of when to run `uucico' in format used by systemd timers | ||
202 | The default is to do so every hour | ||
203 | ''; | ||
204 | }; | ||
205 | |||
206 | nmDispatch = mkOption { | ||
207 | type = types.bool; | ||
208 | default = config.networking.networkmanager.enable; | ||
209 | defaultText = literalExpression "config.networking.networkmanager.enable"; | ||
210 | description = '' | ||
211 | Install a network-manager dispatcher script to automatically | ||
212 | call all remotes when networking is available | ||
213 | ''; | ||
214 | }; | ||
215 | |||
216 | extraConfig = mkOption { | ||
217 | type = types.lines; | ||
218 | default = '' | ||
219 | run-uuxqt 1 | ||
220 | ''; | ||
221 | description = "Extra configuration to append verbatim to `/etc/uucp/config'"; | ||
222 | }; | ||
223 | |||
224 | extraSys = mkOption { | ||
225 | type = types.lines; | ||
226 | default = '' | ||
227 | protocol-parameter g packet-size 4096 | ||
228 | ''; | ||
229 | description = "Extra configuration to prepend verbatim to `/etc/uucp/sys`"; | ||
230 | }; | ||
231 | }; | ||
232 | }; | ||
233 | |||
234 | config = mkIf cfg.enable { | ||
235 | environment.etc."uucp/config" = { | ||
236 | text = '' | ||
237 | hostname ${cfg.nodeName} | ||
238 | |||
239 | spool ${cfg.spoolDir} | ||
240 | lockdir ${cfg.lockDir} | ||
241 | pubdir ${cfg.pubDir} | ||
242 | logfile ${cfg.logFile} | ||
243 | statfile ${cfg.statFile} | ||
244 | debugfile ${cfg.debugFile} | ||
245 | |||
246 | ${cfg.extraConfig} | ||
247 | ''; | ||
248 | }; | ||
249 | |||
250 | users.groups."uucp" = {}; | ||
251 | users.users."uucp" = { | ||
252 | name = "uucp"; | ||
253 | group = "uucp"; | ||
254 | isSystemUser = true; | ||
255 | isNormalUser = false; | ||
256 | createHome = true; | ||
257 | home = cfg.homeDir; | ||
258 | description = "User for uucp over ssh"; | ||
259 | useDefaultShell = true; | ||
260 | openssh.authorizedKeys.keys = map restrictKey (concatLists (mapAttrsToList (name: node: node.publicKeys) cfg.remoteNodes)); | ||
261 | } // cfg.sshUser; | ||
262 | |||
263 | system.activationScripts."uucp-sshconfig" = '' | ||
264 | mkdir -p ${config.users.users."uucp".home}/.ssh | ||
265 | chown ${config.users.users."uucp".name}:${config.users.users."uucp".group} ${config.users.users."uucp".home}/.ssh | ||
266 | chmod 700 ${config.users.users."uucp".home}/.ssh | ||
267 | ln -fs ${builtins.toFile "ssh-config" '' | ||
268 | ${concatStringsSep "\n" (mapAttrsToList sshConfig cfg.remoteNodes)} | ||
269 | |||
270 | ${cfg.extraSSHConfig} | ||
271 | ''} ${config.users.users."uucp".home}/.ssh/config | ||
272 | |||
273 | mkdir -p ${cfg.sshKeyDir} | ||
274 | chown ${config.users.users."uucp".name}:${config.users.users."uucp".group} ${cfg.sshKeyDir} | ||
275 | chmod 700 ${cfg.sshKeyDir} | ||
276 | |||
277 | ${concatStringsSep "\n" (mapAttrsToList sshKeyGen cfg.remoteNodes)} | ||
278 | ''; | ||
279 | |||
280 | system.activationScripts."uucp-logs" = '' | ||
281 | touch ${cfg.logFile} | ||
282 | chown ${config.users.users."uucp".name}:${config.users.users."uucp".group} ${cfg.logFile} | ||
283 | chmod 644 ${cfg.logFile} | ||
284 | touch ${cfg.statFile} | ||
285 | chown ${config.users.users."uucp".name}:${config.users.users."uucp".group} ${cfg.statFile} | ||
286 | chmod 644 ${cfg.statFile} | ||
287 | touch ${cfg.debugFile} | ||
288 | chown ${config.users.users."uucp".name}:${config.users.users."uucp".group} ${cfg.debugFile} | ||
289 | chmod 644 ${cfg.debugFile} | ||
290 | ''; | ||
291 | |||
292 | environment.etc."uucp/port" = { | ||
293 | text = '' | ||
294 | port ssh | ||
295 | type stdin | ||
296 | protocol ${cfg.incomingProtocols} | ||
297 | '' + concatStringsSep "\n" (mapAttrsToList portSpec cfg.remoteNodes); | ||
298 | }; | ||
299 | environment.etc."uucp/sys" = { | ||
300 | text = cfg.extraSys + "\n" + concatStringsSep "\n" (mapAttrsToList sysSpec cfg.remoteNodes); | ||
301 | }; | ||
302 | |||
303 | security.wrappers = let | ||
304 | wrapper = p: { | ||
305 | name = p; | ||
306 | value = { | ||
307 | source = "${pkgs.uucp}/bin/${p}"; | ||
308 | owner = "root"; | ||
309 | group = "root"; | ||
310 | setuid = true; | ||
311 | setgid = false; | ||
312 | }; | ||
313 | }; | ||
314 | in listToAttrs (map wrapper ["uucico" "cu" "uucp" "uuname" "uustat" "uux" "uuxqt"]); | ||
315 | |||
316 | nixpkgs.overlays = [(self: super: { | ||
317 | rmail = super.writeShellScriptBin "rmail" '' | ||
318 | # Dummy UUCP rmail command for postfix/qmail systems | ||
319 | |||
320 | IFS=" " read junk from junk junk junk junk junk junk junk relay | ||
321 | |||
322 | case "$from" in | ||
323 | *[@!]*) ;; | ||
324 | *) from="$from@$relay";; | ||
325 | esac | ||
326 | |||
327 | exec ${config.security.wrapperDir}/sendmail -G -i -f "$from" -- "$@" | ||
328 | ''; | ||
329 | })]; | ||
330 | |||
331 | environment.systemPackages = with pkgs; [ | ||
332 | uucp | ||
333 | ]; | ||
334 | |||
335 | systemd.services."uucico@" = { | ||
336 | serviceConfig = { | ||
337 | User = "uucp"; | ||
338 | Type = "oneshot"; | ||
339 | ExecStart = "${config.security.wrapperDir}/uucico -D -S %i"; | ||
340 | }; | ||
341 | }; | ||
342 | |||
343 | systemd.timers."uucico@" = { | ||
344 | timerConfig.OnActiveSec = cfg.interval; | ||
345 | timerConfig.OnUnitActiveSec = cfg.interval; | ||
346 | }; | ||
347 | |||
348 | systemd.targets."multi-user" = { | ||
349 | wants = mapAttrsToList (name: node: "uucico@${name}.timer") cfg.remoteNodes; | ||
350 | }; | ||
351 | |||
352 | systemd.kill-user.enable = true; | ||
353 | systemd.targets."sleep" = { | ||
354 | after = [ "kill-user@uucp.service" ]; | ||
355 | wants = [ "kill-user@uucp.service" ]; | ||
356 | }; | ||
357 | |||
358 | networking.networkmanager.dispatcherScripts = optional cfg.nmDispatch { | ||
359 | type = "basic"; | ||
360 | source = pkgs.writeScript "callRemotes.sh" '' | ||
361 | #!${pkgs.stdenv.shell} | ||
362 | |||
363 | shopt -s extglob | ||
364 | |||
365 | case "''${2}" in | ||
366 | (?(vpn-)up) | ||
367 | ${concatStringsSep "\n " (mapAttrsToList (name: node: "${pkgs.systemd}/bin/systemctl start uucico@${name}.service") cfg.remoteNodes)} | ||
368 | ;; | ||
369 | esac | ||
370 | ''; | ||
371 | }; | ||
372 | }; | ||
373 | } | ||
diff --git a/overlays/abs-podcast-autoplaylist/default.nix b/overlays/abs-podcast-autoplaylist/default.nix index 075e0ba0..843f1b65 100644 --- a/overlays/abs-podcast-autoplaylist/default.nix +++ b/overlays/abs-podcast-autoplaylist/default.nix | |||
@@ -1,23 +1,14 @@ | |||
1 | { prev, final, flakeInputs, ... }: | 1 | { prev, final, flake, flakeInputs, ... }: |
2 | |||
3 | with flakeInputs; | ||
4 | 2 | ||
5 | let | 3 | let |
6 | workspace = uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./.; }; | 4 | workspace = flakeInputs.uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./.; }; |
7 | overlay = workspace.mkPyprojectOverlay { | 5 | pythonSet = flake.lib.pythonSet { |
8 | sourcePreference = "wheel"; | 6 | pkgs = final; |
7 | python = final.python312; | ||
8 | overlay = workspace.mkPyprojectOverlay { | ||
9 | sourcePreference = "wheel"; | ||
10 | }; | ||
9 | }; | 11 | }; |
10 | python = final.python312; | ||
11 | pythonSet = | ||
12 | (final.callPackage pyproject-nix.build.packages { | ||
13 | inherit python; | ||
14 | }).overrideScope | ||
15 | ( | ||
16 | prev.lib.composeManyExtensions [ | ||
17 | pyproject-build-systems.overlays.default | ||
18 | overlay | ||
19 | ] | ||
20 | ); | ||
21 | virtualEnv = pythonSet.mkVirtualEnv "abs-podcast-autoplaylist-env" workspace.deps.default; | 12 | virtualEnv = pythonSet.mkVirtualEnv "abs-podcast-autoplaylist-env" workspace.deps.default; |
22 | in { | 13 | in { |
23 | abs-podcast-autoplaylist = virtualEnv.overrideAttrs (oldAttrs: { | 14 | abs-podcast-autoplaylist = virtualEnv.overrideAttrs (oldAttrs: { |
diff --git a/overlays/deploy-rs.nix b/overlays/deploy-rs.nix index 0bf1c3b2..678c6f5f 100644 --- a/overlays/deploy-rs.nix +++ b/overlays/deploy-rs.nix | |||
@@ -2,13 +2,15 @@ | |||
2 | flakeInputs.deploy-rs.overlays.default | 2 | flakeInputs.deploy-rs.overlays.default |
3 | (final: prev: { | 3 | (final: prev: { |
4 | deploy-rs = prev.deploy-rs // { | 4 | deploy-rs = prev.deploy-rs // { |
5 | deploy-rs = prev.deploy-rs.deploy-rs.overrideAttrs (oldAttrs: { | 5 | deploy-rs = prev.symlinkJoin { |
6 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [final.makeWrapper]; | 6 | name = "${prev.deploy-rs.deploy-rs.name}-wrapped"; |
7 | preFixup = '' | 7 | paths = [ prev.deploy-rs.deploy-rs ]; |
8 | buildInputs = [ prev.makeWrapper ]; | ||
9 | postBuild = '' | ||
8 | wrapProgram $out/bin/deploy \ | 10 | wrapProgram $out/bin/deploy \ |
9 | --prefix PATH : ${prev.lib.makeBinPath (with final; [ nix-monitored ])} | 11 | --prefix PATH : ${prev.lib.makeBinPath (with final; [ nix-monitored ])} |
10 | ''; | 12 | ''; |
11 | }); | 13 | }; |
12 | }; | 14 | }; |
13 | }) | 15 | }) |
14 | final prev | 16 | final prev |
diff --git a/overlays/etesync-dav.nix b/overlays/etesync-dav.nix index cec216e2..f7a5146f 100644 --- a/overlays/etesync-dav.nix +++ b/overlays/etesync-dav.nix | |||
@@ -1,54 +1,29 @@ | |||
1 | { final, prev, ... }: { | 1 | { final, prev, ... }: { |
2 | etesync-dav = prev.python3Packages.buildPythonApplication rec { | 2 | etesync-dav = final.python3Packages.buildPythonApplication rec { |
3 | pname = "etesync-dav"; | 3 | pname = "etesync-dav"; |
4 | version = "0.33.4"; | 4 | version = "0.35.0"; |
5 | format = "pyproject"; | ||
5 | 6 | ||
6 | src = prev.fetchFromGitHub { | 7 | src = prev.fetchFromGitHub { |
7 | owner = "etesync"; | 8 | owner = "etesync"; |
8 | repo = "etesync-dav"; | 9 | repo = "etesync-dav"; |
9 | rev = "v${version}"; | 10 | tag = "v${version}"; |
10 | hash = "sha256-g+rK762tSWPDaBsaTwpTzfK/lqVs+Z/Qrpq2HCpipQE="; | 11 | hash = "sha256-CD02nuA9GD/oe7mjExUHIftkPxM1pZQKyDalXSoOhXY="; |
11 | }; | 12 | }; |
12 | 13 | ||
13 | dependencies = with prev.python3Packages; [ | 14 | build-system = with final.python3Packages; [ setuptools ]; |
15 | |||
16 | pythonRelaxDeps = [ "radicale" ]; | ||
17 | |||
18 | dependencies = with final.python3Packages; [ | ||
14 | appdirs | 19 | appdirs |
15 | etebase | 20 | etebase |
16 | etesync | 21 | etesync |
17 | flask | 22 | flask |
18 | flask-wtf | 23 | flask-wtf |
19 | msgpack | 24 | msgpack |
20 | setuptools | 25 | (final.python3Packages.toPythonModule (final.radicale.override { inherit (final) python3; })) |
21 | (toPythonModule (buildPythonApplication rec { | ||
22 | pname = "radicale"; | ||
23 | version = "3.2.3"; | ||
24 | pyproject = true; | ||
25 | |||
26 | src = prev.fetchFromGitHub { | ||
27 | owner = "Kozea"; | ||
28 | repo = "Radicale"; | ||
29 | rev = "refs/tags/v${version}"; | ||
30 | hash = "sha256-1IlnXVetQQuKBt6+QVKNeMM6qBQAiUhqc+4x3xOnSdE="; | ||
31 | }; | ||
32 | |||
33 | build-system = [ | ||
34 | setuptools | ||
35 | ]; | ||
36 | |||
37 | dependencies = | ||
38 | [ | ||
39 | defusedxml | ||
40 | passlib | ||
41 | vobject | ||
42 | pika | ||
43 | python-dateutil | ||
44 | pytz # https://github.com/Kozea/Radicale/issues/816 | ||
45 | ] | ||
46 | ++ passlib.optional-dependencies.bcrypt; | ||
47 | |||
48 | doCheck = false; | ||
49 | })) | ||
50 | requests | 26 | requests |
51 | types-setuptools | ||
52 | requests.optional-dependencies.socks | 27 | requests.optional-dependencies.socks |
53 | ]; | 28 | ]; |
54 | 29 | ||
diff --git a/overlays/prometheus-lvm-exporter.nix b/overlays/prometheus-lvm-exporter.nix index 240f8d85..cae45003 100644 --- a/overlays/prometheus-lvm-exporter.nix +++ b/overlays/prometheus-lvm-exporter.nix | |||
@@ -3,7 +3,7 @@ | |||
3 | pname = "prometheus-lvm-exporter"; | 3 | pname = "prometheus-lvm-exporter"; |
4 | inherit (sources.prometheus-lvm-exporter) version src; | 4 | inherit (sources.prometheus-lvm-exporter) version src; |
5 | 5 | ||
6 | vendorHash = "sha256-z/fV0PzoWSDTJ44En19o7zJPPPox5ymFw7sw0Ab9t00="; | 6 | vendorHash = "sha256-QpJM11Rg+TUV0GWYlvIkwuQqiTsfSdQNtPpD6zT08ew="; |
7 | 7 | ||
8 | doCheck = false; | 8 | doCheck = false; |
9 | 9 | ||
diff --git a/overlays/spice-record.nix b/overlays/spice-record.nix index 06a114da..2d37079b 100644 --- a/overlays/spice-record.nix +++ b/overlays/spice-record.nix | |||
@@ -8,5 +8,7 @@ | |||
8 | wrapProgram $out/bin/spice-record \ | 8 | wrapProgram $out/bin/spice-record \ |
9 | --prefix PATH : ${prev.lib.makeBinPath (with prev; [ ffmpeg-full ])} | 9 | --prefix PATH : ${prev.lib.makeBinPath (with prev; [ ffmpeg-full ])} |
10 | ''; | 10 | ''; |
11 | pyproject = true; | ||
12 | build-system = [ prev.python3Packages.setuptools ]; | ||
11 | }; | 13 | }; |
12 | } | 14 | } |
diff --git a/overlays/swayosd/default.nix b/overlays/swayosd/default.nix index b4601a03..5e715dae 100644 --- a/overlays/swayosd/default.nix +++ b/overlays/swayosd/default.nix | |||
@@ -4,7 +4,7 @@ | |||
4 | cargoDeps = prev.rustPlatform.fetchCargoVendor { | 4 | cargoDeps = prev.rustPlatform.fetchCargoVendor { |
5 | inherit (oldAttrs) pname; | 5 | inherit (oldAttrs) pname; |
6 | inherit version src; | 6 | inherit version src; |
7 | hash = "sha256-yWybf4GKxHrk4WrW5SmjfPD0Gv79tpXOwNLlWeykYy0="; | 7 | hash = "sha256-J2sl6/4+bRWlkvaTJtFsMqvvOxYtWLRjJcYWcu0loRE="; |
8 | }; | 8 | }; |
9 | patches = (oldAttrs.patches or []) ++ [ | 9 | patches = (oldAttrs.patches or []) ++ [ |
10 | ./exponential.patch | 10 | ./exponential.patch |
diff --git a/overlays/uucp/default.nix b/overlays/uucp/default.nix deleted file mode 100644 index 4189dbcc..00000000 --- a/overlays/uucp/default.nix +++ /dev/null | |||
@@ -1,9 +0,0 @@ | |||
1 | { final, prev, ... }: { | ||
2 | uucp = prev.uucp.overrideAttrs (oldAttrs: { | ||
3 | configureFlags = (oldAttrs.configureFlags or []) ++ ["--with-newconfigdir=/etc/uucp"]; | ||
4 | patches = (oldAttrs.patches or []) ++ [ | ||
5 | ./mailprogram.patch | ||
6 | ]; | ||
7 | NIX_CFLAGS_COMPILE = "${oldAttrs.NIX_CFLAGS_COMPILE or ""} -Wno-error=incompatible-pointer-types"; | ||
8 | }); | ||
9 | } | ||
diff --git a/overlays/uucp/mailprogram.patch b/overlays/uucp/mailprogram.patch deleted file mode 100644 index 89ac8f31..00000000 --- a/overlays/uucp/mailprogram.patch +++ /dev/null | |||
@@ -1,16 +0,0 @@ | |||
1 | policy.h | 2 +- | ||
2 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
3 | |||
4 | diff --git a/policy.h b/policy.h | ||
5 | index 5afe34b..8e92c8b 100644 | ||
6 | --- a/policy.h | ||
7 | +++ b/policy.h | ||
8 | @@ -240,7 +240,7 @@ | ||
9 | the sendmail choice below. Otherwise, select one of the other | ||
10 | choices as appropriate. */ | ||
11 | #if 1 | ||
12 | -#define MAIL_PROGRAM "/usr/lib/sendmail -t" | ||
13 | +#define MAIL_PROGRAM "${config.security.wrapperDir}/sendmail -t" | ||
14 | /* #define MAIL_PROGRAM "/usr/sbin/sendmail -t" */ | ||
15 | #define MAIL_PROGRAM_TO_BODY 1 | ||
16 | #define MAIL_PROGRAM_SUBJECT_BODY 1 | ||
diff --git a/overlays/waybar-systemd-inhibit/.envrc b/overlays/waybar-systemd-inhibit/.envrc new file mode 100644 index 00000000..2c909235 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/.envrc | |||
@@ -0,0 +1,4 @@ | |||
1 | use flake | ||
2 | |||
3 | [[ -d ".venv" ]] || ( uv venv && uv sync ) | ||
4 | . .venv/bin/activate | ||
diff --git a/overlays/waybar-systemd-inhibit/.gitignore b/overlays/waybar-systemd-inhibit/.gitignore new file mode 100644 index 00000000..4ccfae70 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | .venv | ||
2 | **/__pycache__ | ||
diff --git a/overlays/waybar-systemd-inhibit/default.nix b/overlays/waybar-systemd-inhibit/default.nix new file mode 100644 index 00000000..ae6b8c75 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/default.nix | |||
@@ -0,0 +1,20 @@ | |||
1 | { prev, final, flake, flakeInputs, ... }: | ||
2 | |||
3 | let | ||
4 | workspace = flakeInputs.uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./.; }; | ||
5 | pythonSet = flake.lib.pythonSet { | ||
6 | pkgs = final; | ||
7 | python = final.python312; | ||
8 | overlay = workspace.mkPyprojectOverlay { | ||
9 | sourcePreference = "wheel"; | ||
10 | }; | ||
11 | }; | ||
12 | virtualEnv = pythonSet.mkVirtualEnv "waybar-systemd-inhibit-env" workspace.deps.default; | ||
13 | in { | ||
14 | waybar-systemd-inhibit = virtualEnv.overrideAttrs (oldAttrs: { | ||
15 | meta = (oldAttrs.meta or {}) // { | ||
16 | mainProgram = "waybar-systemd-inhibit"; | ||
17 | }; | ||
18 | nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ final.gobject-introspection final.wrapGAppsHook ]; | ||
19 | }); | ||
20 | } | ||
diff --git a/overlays/waybar-systemd-inhibit/pyproject.toml b/overlays/waybar-systemd-inhibit/pyproject.toml new file mode 100644 index 00000000..6c6240b8 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/pyproject.toml | |||
@@ -0,0 +1,17 @@ | |||
1 | [project] | ||
2 | name = "waybar-systemd-inhibit" | ||
3 | version = "0.1.0" | ||
4 | requires-python = ">=3.12" | ||
5 | dependencies = [ | ||
6 | "asyncclick>=8.1.8", | ||
7 | "asyncio>=3.4.3", | ||
8 | "dbus-next>=0.2.3", | ||
9 | ] | ||
10 | |||
11 | [project.scripts] | ||
12 | waybar-systemd-inhibit = "waybar_systemd_inhibit.__main__:main" | ||
13 | waybar-systemd-inhibit-toggle = "waybar_systemd_inhibit.__main__:toggle" | ||
14 | |||
15 | [build-system] | ||
16 | requires = ["hatchling"] | ||
17 | build-backend = "hatchling.build" | ||
diff --git a/overlays/waybar-systemd-inhibit/uv.lock b/overlays/waybar-systemd-inhibit/uv.lock new file mode 100644 index 00000000..4e10d145 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/uv.lock | |||
@@ -0,0 +1,102 @@ | |||
1 | version = 1 | ||
2 | revision = 2 | ||
3 | requires-python = ">=3.12" | ||
4 | |||
5 | [[package]] | ||
6 | name = "anyio" | ||
7 | version = "4.9.0" | ||
8 | source = { registry = "https://pypi.org/simple" } | ||
9 | dependencies = [ | ||
10 | { name = "idna" }, | ||
11 | { name = "sniffio" }, | ||
12 | { name = "typing-extensions", marker = "python_full_version < '3.13'" }, | ||
13 | ] | ||
14 | sdist = { url = "https://files.pythonhosted.org/packages/95/7d/4c1bd541d4dffa1b52bd83fb8527089e097a106fc90b467a7313b105f840/anyio-4.9.0.tar.gz", hash = "sha256:673c0c244e15788651a4ff38710fea9675823028a6f08a5eda409e0c9840a028", size = 190949, upload-time = "2025-03-17T00:02:54.77Z" } | ||
15 | wheels = [ | ||
16 | { url = "https://files.pythonhosted.org/packages/a1/ee/48ca1a7c89ffec8b6a0c5d02b89c305671d5ffd8d3c94acf8b8c408575bb/anyio-4.9.0-py3-none-any.whl", hash = "sha256:9f76d541cad6e36af7beb62e978876f3b41e3e04f2c1fbf0884604c0a9c4d93c", size = 100916, upload-time = "2025-03-17T00:02:52.713Z" }, | ||
17 | ] | ||
18 | |||
19 | [[package]] | ||
20 | name = "asyncclick" | ||
21 | version = "8.1.8" | ||
22 | source = { registry = "https://pypi.org/simple" } | ||
23 | dependencies = [ | ||
24 | { name = "anyio" }, | ||
25 | { name = "colorama", marker = "sys_platform == 'win32'" }, | ||
26 | ] | ||
27 | sdist = { url = "https://files.pythonhosted.org/packages/cb/b5/e1e5fdf1c1bb7e6e614987c120a98d9324bf8edfaa5f5cd16a6235c9d91b/asyncclick-8.1.8.tar.gz", hash = "sha256:0f0eb0f280e04919d67cf71b9fcdfb4db2d9ff7203669c40284485c149578e4c", size = 232900, upload-time = "2025-01-06T09:46:52.694Z" } | ||
28 | wheels = [ | ||
29 | { url = "https://files.pythonhosted.org/packages/14/cc/a436f0fc2d04e57a0697e0f87a03b9eaed03ad043d2d5f887f8eebcec95f/asyncclick-8.1.8-py3-none-any.whl", hash = "sha256:eb1ccb44bc767f8f0695d592c7806fdf5bd575605b4ee246ffd5fadbcfdbd7c6", size = 99093, upload-time = "2025-01-06T09:46:51.046Z" }, | ||
30 | { url = "https://files.pythonhosted.org/packages/92/c4/ae9e9d25522c6dc96ff167903880a0fe94d7bd31ed999198ee5017d977ed/asyncclick-8.1.8.0-py3-none-any.whl", hash = "sha256:be146a2d8075d4fe372ff4e877f23c8b5af269d16705c1948123b9415f6fd678", size = 99115, upload-time = "2025-01-06T09:50:52.72Z" }, | ||
31 | ] | ||
32 | |||
33 | [[package]] | ||
34 | name = "asyncio" | ||
35 | version = "3.4.3" | ||
36 | source = { registry = "https://pypi.org/simple" } | ||
37 | sdist = { url = "https://files.pythonhosted.org/packages/da/54/054bafaf2c0fb8473d423743e191fcdf49b2c1fd5e9af3524efbe097bafd/asyncio-3.4.3.tar.gz", hash = "sha256:83360ff8bc97980e4ff25c964c7bd3923d333d177aa4f7fb736b019f26c7cb41", size = 204411, upload-time = "2015-03-10T14:11:26.494Z" } | ||
38 | wheels = [ | ||
39 | { url = "https://files.pythonhosted.org/packages/22/74/07679c5b9f98a7cb0fc147b1ef1cc1853bc07a4eb9cb5731e24732c5f773/asyncio-3.4.3-py3-none-any.whl", hash = "sha256:c4d18b22701821de07bd6aea8b53d21449ec0ec5680645e5317062ea21817d2d", size = 101767, upload-time = "2015-03-10T14:05:10.959Z" }, | ||
40 | ] | ||
41 | |||
42 | [[package]] | ||
43 | name = "colorama" | ||
44 | version = "0.4.6" | ||
45 | source = { registry = "https://pypi.org/simple" } | ||
46 | sdist = { url = "https://files.pythonhosted.org/packages/d8/53/6f443c9a4a8358a93a6792e2acffb9d9d5cb0a5cfd8802644b7b1c9a02e4/colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", size = 27697, upload-time = "2022-10-25T02:36:22.414Z" } | ||
47 | wheels = [ | ||
48 | { url = "https://files.pythonhosted.org/packages/d1/d6/3965ed04c63042e047cb6a3e6ed1a63a35087b6a609aa3a15ed8ac56c221/colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6", size = 25335, upload-time = "2022-10-25T02:36:20.889Z" }, | ||
49 | ] | ||
50 | |||
51 | [[package]] | ||
52 | name = "dbus-next" | ||
53 | version = "0.2.3" | ||
54 | source = { registry = "https://pypi.org/simple" } | ||
55 | sdist = { url = "https://files.pythonhosted.org/packages/ce/45/6a40fbe886d60a8c26f480e7d12535502b5ba123814b3b9a0b002ebca198/dbus_next-0.2.3.tar.gz", hash = "sha256:f4eae26909332ada528c0a3549dda8d4f088f9b365153952a408e28023a626a5", size = 71112, upload-time = "2021-07-25T22:11:28.398Z" } | ||
56 | wheels = [ | ||
57 | { url = "https://files.pythonhosted.org/packages/d2/fc/c0a3f4c4eaa5a22fbef91713474666e13d0ea2a69c84532579490a9f2cc8/dbus_next-0.2.3-py3-none-any.whl", hash = "sha256:58948f9aff9db08316734c0be2a120f6dc502124d9642f55e90ac82ffb16a18b", size = 57885, upload-time = "2021-07-25T22:11:25.466Z" }, | ||
58 | ] | ||
59 | |||
60 | [[package]] | ||
61 | name = "idna" | ||
62 | version = "3.10" | ||
63 | source = { registry = "https://pypi.org/simple" } | ||
64 | sdist = { url = "https://files.pythonhosted.org/packages/f1/70/7703c29685631f5a7590aa73f1f1d3fa9a380e654b86af429e0934a32f7d/idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9", size = 190490, upload-time = "2024-09-15T18:07:39.745Z" } | ||
65 | wheels = [ | ||
66 | { url = "https://files.pythonhosted.org/packages/76/c6/c88e154df9c4e1a2a66ccf0005a88dfb2650c1dffb6f5ce603dfbd452ce3/idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3", size = 70442, upload-time = "2024-09-15T18:07:37.964Z" }, | ||
67 | ] | ||
68 | |||
69 | [[package]] | ||
70 | name = "sniffio" | ||
71 | version = "1.3.1" | ||
72 | source = { registry = "https://pypi.org/simple" } | ||
73 | sdist = { url = "https://files.pythonhosted.org/packages/a2/87/a6771e1546d97e7e041b6ae58d80074f81b7d5121207425c964ddf5cfdbd/sniffio-1.3.1.tar.gz", hash = "sha256:f4324edc670a0f49750a81b895f35c3adb843cca46f0530f79fc1babb23789dc", size = 20372, upload-time = "2024-02-25T23:20:04.057Z" } | ||
74 | wheels = [ | ||
75 | { url = "https://files.pythonhosted.org/packages/e9/44/75a9c9421471a6c4805dbf2356f7c181a29c1879239abab1ea2cc8f38b40/sniffio-1.3.1-py3-none-any.whl", hash = "sha256:2f6da418d1f1e0fddd844478f41680e794e6051915791a034ff65e5f100525a2", size = 10235, upload-time = "2024-02-25T23:20:01.196Z" }, | ||
76 | ] | ||
77 | |||
78 | [[package]] | ||
79 | name = "typing-extensions" | ||
80 | version = "4.13.2" | ||
81 | source = { registry = "https://pypi.org/simple" } | ||
82 | sdist = { url = "https://files.pythonhosted.org/packages/f6/37/23083fcd6e35492953e8d2aaaa68b860eb422b34627b13f2ce3eb6106061/typing_extensions-4.13.2.tar.gz", hash = "sha256:e6c81219bd689f51865d9e372991c540bda33a0379d5573cddb9a3a23f7caaef", size = 106967, upload-time = "2025-04-10T14:19:05.416Z" } | ||
83 | wheels = [ | ||
84 | { url = "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", hash = "sha256:a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", size = 45806, upload-time = "2025-04-10T14:19:03.967Z" }, | ||
85 | ] | ||
86 | |||
87 | [[package]] | ||
88 | name = "waybar-systemd-inhibit" | ||
89 | version = "0.1.0" | ||
90 | source = { editable = "." } | ||
91 | dependencies = [ | ||
92 | { name = "asyncclick" }, | ||
93 | { name = "asyncio" }, | ||
94 | { name = "dbus-next" }, | ||
95 | ] | ||
96 | |||
97 | [package.metadata] | ||
98 | requires-dist = [ | ||
99 | { name = "asyncclick", specifier = ">=8.1.8" }, | ||
100 | { name = "asyncio", specifier = ">=3.4.3" }, | ||
101 | { name = "dbus-next", specifier = ">=0.2.3" }, | ||
102 | ] | ||
diff --git a/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__init__.py b/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__init__.py | |||
diff --git a/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__main__.py b/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__main__.py new file mode 100644 index 00000000..35cc7fd1 --- /dev/null +++ b/overlays/waybar-systemd-inhibit/waybar_systemd_inhibit/__main__.py | |||
@@ -0,0 +1,117 @@ | |||
1 | import asyncclick as click | ||
2 | from dbus_next.aio import MessageBus | ||
3 | from dbus_next import BusType, Message, PropertyAccess | ||
4 | import asyncio | ||
5 | from functools import update_wrapper | ||
6 | from dbus_next.service import ServiceInterface, method, dbus_property | ||
7 | from dbus_next import Variant, DBusError | ||
8 | import os | ||
9 | import json | ||
10 | |||
11 | class BlockInterface(ServiceInterface): | ||
12 | def __init__(self, system_bus, logind): | ||
13 | super().__init__('li.yggdrasil.WaybarSystemdInhibit') | ||
14 | self.system_bus = system_bus | ||
15 | self.logind = logind | ||
16 | self.fd = None | ||
17 | |||
18 | def Release(self): | ||
19 | if not self.fd: | ||
20 | return | ||
21 | |||
22 | os.close(self.fd) | ||
23 | self.fd = None | ||
24 | self.emit_properties_changed({'IsAcquired': False}) | ||
25 | |||
26 | async def Acquire(self): | ||
27 | if self.fd: | ||
28 | return | ||
29 | |||
30 | res = await self.system_bus.call(Message( | ||
31 | destination='org.freedesktop.login1', | ||
32 | path='/org/freedesktop/login1', | ||
33 | interface='org.freedesktop.login1.Manager', | ||
34 | member='Inhibit', | ||
35 | signature='ssss', | ||
36 | body=[ | ||
37 | "handle-lid-switch", | ||
38 | "waybar-systemd-inhibit", | ||
39 | "User request", | ||
40 | "block", | ||
41 | ], | ||
42 | )) | ||
43 | self.fd = res.unix_fds[res.body[0]] | ||
44 | self.emit_properties_changed({'IsAcquired': True}) | ||
45 | |||
46 | @method() | ||
47 | async def ToggleBlock(self): | ||
48 | if self.fd: | ||
49 | self.Release() | ||
50 | else: | ||
51 | await self.Acquire() | ||
52 | |||
53 | @dbus_property(access=PropertyAccess.READ) | ||
54 | def IsAcquired(self) -> 'b': | ||
55 | return self.fd is not None | ||
56 | |||
57 | |||
58 | @click.command() | ||
59 | async def main(): | ||
60 | system_bus = await MessageBus(bus_type=BusType.SYSTEM, negotiate_unix_fd=True).connect() | ||
61 | session_bus = await MessageBus(bus_type=BusType.SESSION).connect() | ||
62 | |||
63 | introspection = await system_bus.introspect('org.freedesktop.login1', '/org/freedesktop/login1') | ||
64 | obj = system_bus.get_proxy_object('org.freedesktop.login1', '/org/freedesktop/login1', introspection) | ||
65 | logind = obj.get_interface('org.freedesktop.login1.Manager') | ||
66 | properties = obj.get_interface('org.freedesktop.DBus.Properties') | ||
67 | |||
68 | def is_blocked_logind(what: str): | ||
69 | return "handle-lid-switch" in what.split(':') | ||
70 | |||
71 | def print_state(is_blocked: bool, is_acquired: bool = False): | ||
72 | icon = "󰌢" if is_blocked else "󰛧" | ||
73 | text = f"<span font=\"Symbols Nerd Font Mono\">{icon}</span>" | ||
74 | if is_acquired: | ||
75 | text = f"<span color=\"#f28a21\">{text}</span>" | ||
76 | elif is_blocked: | ||
77 | text = f"<span color=\"#ffffff\">{text}</span>" | ||
78 | print(json.dumps({'text': text, 'tooltip': ("Manually inhibited" if is_acquired else None)}, separators=(',', ':')), flush=True) | ||
79 | |||
80 | print_state(is_blocked_logind(await logind.get_block_inhibited())) | ||
81 | |||
82 | async def get_inhibit(): | ||
83 | introspection = await session_bus.introspect('li.yggdrasil.WaybarSystemdInhibit', '/li/yggdrasil/WaybarSystemdInhibit') | ||
84 | return session_bus.get_proxy_object('li.yggdrasil.WaybarSystemdInhibit', '/li/yggdrasil/WaybarSystemdInhibit', introspection) | ||
85 | |||
86 | async def on_logind_properties_changed(interface_name, changed_properties, invalidated_properties): | ||
87 | if 'BlockInhibited' not in changed_properties: | ||
88 | return | ||
89 | |||
90 | properties = (await get_inhibit()).get_interface('li.yggdrasil.WaybarSystemdInhibit') | ||
91 | |||
92 | print_state(is_blocked_logind(changed_properties['BlockInhibited'].value), await properties.get_is_acquired()) | ||
93 | |||
94 | properties.on_properties_changed(on_logind_properties_changed) | ||
95 | |||
96 | session_bus.export('/li/yggdrasil/WaybarSystemdInhibit', BlockInterface(system_bus, logind)) | ||
97 | await session_bus.request_name('li.yggdrasil.WaybarSystemdInhibit') | ||
98 | |||
99 | properties = (await get_inhibit()).get_interface('org.freedesktop.DBus.Properties') | ||
100 | |||
101 | async def on_inhibit_properties_changed(interface_name, changed_properties, invalidated_properties): | ||
102 | if 'IsAcquired' not in changed_properties: | ||
103 | return | ||
104 | |||
105 | print_state(is_blocked_logind(await logind.get_block_inhibited()), changed_properties['IsAcquired'].value) | ||
106 | |||
107 | properties.on_properties_changed(on_inhibit_properties_changed) | ||
108 | |||
109 | await session_bus.wait_for_disconnect() | ||
110 | |||
111 | @click.command() | ||
112 | async def toggle(): | ||
113 | session_bus = await MessageBus(bus_type=BusType.SESSION).connect() | ||
114 | introspection = await session_bus.introspect('li.yggdrasil.WaybarSystemdInhibit', '/li/yggdrasil/WaybarSystemdInhibit') | ||
115 | obj = session_bus.get_proxy_object('li.yggdrasil.WaybarSystemdInhibit', '/li/yggdrasil/WaybarSystemdInhibit', introspection) | ||
116 | interface = obj.get_interface('li.yggdrasil.WaybarSystemdInhibit') | ||
117 | await interface.call_toggle_block() | ||
diff --git a/overlays/worktime/.envrc b/overlays/worktime/.envrc new file mode 100644 index 00000000..2c909235 --- /dev/null +++ b/overlays/worktime/.envrc | |||
@@ -0,0 +1,4 @@ | |||
1 | use flake | ||
2 | |||
3 | [[ -d ".venv" ]] || ( uv venv && uv sync ) | ||
4 | . .venv/bin/activate | ||
diff --git a/overlays/worktime/.gitignore b/overlays/worktime/.gitignore new file mode 100644 index 00000000..4ccfae70 --- /dev/null +++ b/overlays/worktime/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | .venv | ||
2 | **/__pycache__ | ||
diff --git a/overlays/worktime/default.nix b/overlays/worktime/default.nix index 1d8433af..579cf7ad 100644 --- a/overlays/worktime/default.nix +++ b/overlays/worktime/default.nix | |||
@@ -1,13 +1,19 @@ | |||
1 | { prev, ... }: | 1 | { prev, final, flake, flakeInputs, ... }: |
2 | 2 | ||
3 | with prev.poetry2nix; | 3 | let |
4 | 4 | workspace = flakeInputs.uv2nix.lib.workspace.loadWorkspace { workspaceRoot = ./.; }; | |
5 | { | 5 | pythonSet = flake.lib.pythonSet { |
6 | worktime = mkPoetryApplication { | 6 | pkgs = final; |
7 | python = prev.python312; | 7 | python = final.python312; |
8 | 8 | overlay = workspace.mkPyprojectOverlay { | |
9 | projectDir = cleanPythonSources { src = ./.; }; | 9 | sourcePreference = "wheel"; |
10 | 10 | }; | |
11 | meta.mainProgram = "worktime"; | ||
12 | }; | 11 | }; |
12 | virtualEnv = pythonSet.mkVirtualEnv "worktime" workspace.deps.default; | ||
13 | in { | ||
14 | worktime = virtualEnv.overrideAttrs (oldAttrs: { | ||
15 | meta = (oldAttrs.meta or {}) // { | ||
16 | mainProgram = "worktime"; | ||
17 | }; | ||
18 | }); | ||
13 | } | 19 | } |
diff --git a/overlays/worktime/poetry.lock b/overlays/worktime/poetry.lock deleted file mode 100644 index 7c1ca91d..00000000 --- a/overlays/worktime/poetry.lock +++ /dev/null | |||
@@ -1,284 +0,0 @@ | |||
1 | # This file is automatically @generated by Poetry 2.1.1 and should not be changed by hand. | ||
2 | |||
3 | [[package]] | ||
4 | name = "backoff" | ||
5 | version = "2.2.1" | ||
6 | description = "Function decoration for backoff and retry" | ||
7 | optional = false | ||
8 | python-versions = ">=3.7,<4.0" | ||
9 | groups = ["main"] | ||
10 | files = [ | ||
11 | {file = "backoff-2.2.1-py3-none-any.whl", hash = "sha256:63579f9a0628e06278f7e47b7d7d5b6ce20dc65c5e96a6f3ca99a6adca0396e8"}, | ||
12 | {file = "backoff-2.2.1.tar.gz", hash = "sha256:03f829f5bb1923180821643f8753b0502c3b682293992485b0eef2807afa5cba"}, | ||
13 | ] | ||
14 | |||
15 | [[package]] | ||
16 | name = "certifi" | ||
17 | version = "2025.1.31" | ||
18 | description = "Python package for providing Mozilla's CA Bundle." | ||
19 | optional = false | ||
20 | python-versions = ">=3.6" | ||
21 | groups = ["main"] | ||
22 | files = [ | ||
23 | {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"}, | ||
24 | {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"}, | ||
25 | ] | ||
26 | |||
27 | [[package]] | ||
28 | name = "charset-normalizer" | ||
29 | version = "3.4.1" | ||
30 | description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." | ||
31 | optional = false | ||
32 | python-versions = ">=3.7" | ||
33 | groups = ["main"] | ||
34 | files = [ | ||
35 | {file = "charset_normalizer-3.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de"}, | ||
36 | {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176"}, | ||
37 | {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037"}, | ||
38 | {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f"}, | ||
39 | {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a"}, | ||
40 | {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a"}, | ||
41 | {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247"}, | ||
42 | {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408"}, | ||
43 | {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb"}, | ||
44 | {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d"}, | ||
45 | {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807"}, | ||
46 | {file = "charset_normalizer-3.4.1-cp310-cp310-win32.whl", hash = "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f"}, | ||
47 | {file = "charset_normalizer-3.4.1-cp310-cp310-win_amd64.whl", hash = "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f"}, | ||
48 | {file = "charset_normalizer-3.4.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125"}, | ||
49 | {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1"}, | ||
50 | {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3"}, | ||
51 | {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd"}, | ||
52 | {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00"}, | ||
53 | {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12"}, | ||
54 | {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77"}, | ||
55 | {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146"}, | ||
56 | {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd"}, | ||
57 | {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6"}, | ||
58 | {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8"}, | ||
59 | {file = "charset_normalizer-3.4.1-cp311-cp311-win32.whl", hash = "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b"}, | ||
60 | {file = "charset_normalizer-3.4.1-cp311-cp311-win_amd64.whl", hash = "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76"}, | ||
61 | {file = "charset_normalizer-3.4.1-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545"}, | ||
62 | {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7"}, | ||
63 | {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757"}, | ||
64 | {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa"}, | ||
65 | {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d"}, | ||
66 | {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"}, | ||
67 | {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b"}, | ||
68 | {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d"}, | ||
69 | {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a"}, | ||
70 | {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9"}, | ||
71 | {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1"}, | ||
72 | {file = "charset_normalizer-3.4.1-cp312-cp312-win32.whl", hash = "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35"}, | ||
73 | {file = "charset_normalizer-3.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f"}, | ||
74 | {file = "charset_normalizer-3.4.1-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda"}, | ||
75 | {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313"}, | ||
76 | {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9"}, | ||
77 | {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b"}, | ||
78 | {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11"}, | ||
79 | {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f"}, | ||
80 | {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd"}, | ||
81 | {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2"}, | ||
82 | {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886"}, | ||
83 | {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601"}, | ||
84 | {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd"}, | ||
85 | {file = "charset_normalizer-3.4.1-cp313-cp313-win32.whl", hash = "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407"}, | ||
86 | {file = "charset_normalizer-3.4.1-cp313-cp313-win_amd64.whl", hash = "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971"}, | ||
87 | {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089"}, | ||
88 | {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d"}, | ||
89 | {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf"}, | ||
90 | {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e"}, | ||
91 | {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a"}, | ||
92 | {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_aarch64.whl", hash = "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd"}, | ||
93 | {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_i686.whl", hash = "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534"}, | ||
94 | {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_ppc64le.whl", hash = "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e"}, | ||
95 | {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_s390x.whl", hash = "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e"}, | ||
96 | {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa"}, | ||
97 | {file = "charset_normalizer-3.4.1-cp37-cp37m-win32.whl", hash = "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487"}, | ||
98 | {file = "charset_normalizer-3.4.1-cp37-cp37m-win_amd64.whl", hash = "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d"}, | ||
99 | {file = "charset_normalizer-3.4.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c"}, | ||
100 | {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9"}, | ||
101 | {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8"}, | ||
102 | {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6"}, | ||
103 | {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c"}, | ||
104 | {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a"}, | ||
105 | {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd"}, | ||
106 | {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd"}, | ||
107 | {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824"}, | ||
108 | {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca"}, | ||
109 | {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b"}, | ||
110 | {file = "charset_normalizer-3.4.1-cp38-cp38-win32.whl", hash = "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e"}, | ||
111 | {file = "charset_normalizer-3.4.1-cp38-cp38-win_amd64.whl", hash = "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4"}, | ||
112 | {file = "charset_normalizer-3.4.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41"}, | ||
113 | {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f"}, | ||
114 | {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2"}, | ||
115 | {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770"}, | ||
116 | {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4"}, | ||
117 | {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537"}, | ||
118 | {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496"}, | ||
119 | {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78"}, | ||
120 | {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7"}, | ||
121 | {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6"}, | ||
122 | {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294"}, | ||
123 | {file = "charset_normalizer-3.4.1-cp39-cp39-win32.whl", hash = "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5"}, | ||
124 | {file = "charset_normalizer-3.4.1-cp39-cp39-win_amd64.whl", hash = "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765"}, | ||
125 | {file = "charset_normalizer-3.4.1-py3-none-any.whl", hash = "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85"}, | ||
126 | {file = "charset_normalizer-3.4.1.tar.gz", hash = "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3"}, | ||
127 | ] | ||
128 | |||
129 | [[package]] | ||
130 | name = "idna" | ||
131 | version = "3.10" | ||
132 | description = "Internationalized Domain Names in Applications (IDNA)" | ||
133 | optional = false | ||
134 | python-versions = ">=3.6" | ||
135 | groups = ["main"] | ||
136 | files = [ | ||
137 | {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}, | ||
138 | {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"}, | ||
139 | ] | ||
140 | |||
141 | [package.extras] | ||
142 | all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"] | ||
143 | |||
144 | [[package]] | ||
145 | name = "jsonpickle" | ||
146 | version = "4.0.5" | ||
147 | description = "jsonpickle encodes/decodes any Python object to/from JSON" | ||
148 | optional = false | ||
149 | python-versions = ">=3.8" | ||
150 | groups = ["main"] | ||
151 | files = [ | ||
152 | {file = "jsonpickle-4.0.5-py3-none-any.whl", hash = "sha256:b4ac7d0a75ddcdfd93445737f1d36ff28768690d43e54bf5d0ddb1d915e580df"}, | ||
153 | {file = "jsonpickle-4.0.5.tar.gz", hash = "sha256:f299818b39367c361b3f26bdba827d4249ab5d383cd93144d0f94b5417aacb35"}, | ||
154 | ] | ||
155 | |||
156 | [package.extras] | ||
157 | cov = ["pytest-cov"] | ||
158 | dev = ["black", "pyupgrade"] | ||
159 | docs = ["furo", "rst.linker (>=1.9)", "sphinx (>=3.5)"] | ||
160 | packaging = ["build", "setuptools (>=61.2)", "setuptools-scm[toml] (>=6.0)", "twine"] | ||
161 | testing = ["PyYAML", "atheris (>=2.3.0,<2.4.0) ; python_version < \"3.12\"", "bson", "ecdsa", "feedparser", "gmpy2", "numpy", "pandas", "pymongo", "pytest (>=6.0,!=8.1.*)", "pytest-benchmark", "pytest-benchmark[histogram]", "pytest-checkdocs (>=1.2.3)", "pytest-enabler (>=1.0.1)", "pytest-ruff (>=0.2.1)", "scikit-learn", "scipy (>=1.9.3) ; python_version > \"3.10\"", "scipy ; python_version <= \"3.10\"", "simplejson", "sqlalchemy", "ujson"] | ||
162 | |||
163 | [[package]] | ||
164 | name = "python-dateutil" | ||
165 | version = "2.9.0.post0" | ||
166 | description = "Extensions to the standard Python datetime module" | ||
167 | optional = false | ||
168 | python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" | ||
169 | groups = ["main"] | ||
170 | files = [ | ||
171 | {file = "python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3"}, | ||
172 | {file = "python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"}, | ||
173 | ] | ||
174 | |||
175 | [package.dependencies] | ||
176 | six = ">=1.5" | ||
177 | |||
178 | [[package]] | ||
179 | name = "pyxdg" | ||
180 | version = "0.28" | ||
181 | description = "PyXDG contains implementations of freedesktop.org standards in python." | ||
182 | optional = false | ||
183 | python-versions = "*" | ||
184 | groups = ["main"] | ||
185 | files = [ | ||
186 | {file = "pyxdg-0.28-py2.py3-none-any.whl", hash = "sha256:bdaf595999a0178ecea4052b7f4195569c1ff4d344567bccdc12dfdf02d545ab"}, | ||
187 | {file = "pyxdg-0.28.tar.gz", hash = "sha256:3267bb3074e934df202af2ee0868575484108581e6f3cb006af1da35395e88b4"}, | ||
188 | ] | ||
189 | |||
190 | [[package]] | ||
191 | name = "requests" | ||
192 | version = "2.32.3" | ||
193 | description = "Python HTTP for Humans." | ||
194 | optional = false | ||
195 | python-versions = ">=3.8" | ||
196 | groups = ["main"] | ||
197 | files = [ | ||
198 | {file = "requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"}, | ||
199 | {file = "requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760"}, | ||
200 | ] | ||
201 | |||
202 | [package.dependencies] | ||
203 | certifi = ">=2017.4.17" | ||
204 | charset-normalizer = ">=2,<4" | ||
205 | idna = ">=2.5,<4" | ||
206 | urllib3 = ">=1.21.1,<3" | ||
207 | |||
208 | [package.extras] | ||
209 | socks = ["PySocks (>=1.5.6,!=1.5.7)"] | ||
210 | use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] | ||
211 | |||
212 | [[package]] | ||
213 | name = "six" | ||
214 | version = "1.17.0" | ||
215 | description = "Python 2 and 3 compatibility utilities" | ||
216 | optional = false | ||
217 | python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" | ||
218 | groups = ["main"] | ||
219 | files = [ | ||
220 | {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"}, | ||
221 | {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"}, | ||
222 | ] | ||
223 | |||
224 | [[package]] | ||
225 | name = "tabulate" | ||
226 | version = "0.9.0" | ||
227 | description = "Pretty-print tabular data" | ||
228 | optional = false | ||
229 | python-versions = ">=3.7" | ||
230 | groups = ["main"] | ||
231 | files = [ | ||
232 | {file = "tabulate-0.9.0-py3-none-any.whl", hash = "sha256:024ca478df22e9340661486f85298cff5f6dcdba14f3813e8830015b9ed1948f"}, | ||
233 | {file = "tabulate-0.9.0.tar.gz", hash = "sha256:0095b12bf5966de529c0feb1fa08671671b3368eec77d7ef7ab114be2c068b3c"}, | ||
234 | ] | ||
235 | |||
236 | [package.extras] | ||
237 | widechars = ["wcwidth"] | ||
238 | |||
239 | [[package]] | ||
240 | name = "toml" | ||
241 | version = "0.10.2" | ||
242 | description = "Python Library for Tom's Obvious, Minimal Language" | ||
243 | optional = false | ||
244 | python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" | ||
245 | groups = ["main"] | ||
246 | files = [ | ||
247 | {file = "toml-0.10.2-py2.py3-none-any.whl", hash = "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b"}, | ||
248 | {file = "toml-0.10.2.tar.gz", hash = "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"}, | ||
249 | ] | ||
250 | |||
251 | [[package]] | ||
252 | name = "uritools" | ||
253 | version = "4.0.3" | ||
254 | description = "URI parsing, classification and composition" | ||
255 | optional = false | ||
256 | python-versions = ">=3.7" | ||
257 | groups = ["main"] | ||
258 | files = [ | ||
259 | {file = "uritools-4.0.3-py3-none-any.whl", hash = "sha256:bae297d090e69a0451130ffba6f2f1c9477244aa0a5543d66aed2d9f77d0dd9c"}, | ||
260 | {file = "uritools-4.0.3.tar.gz", hash = "sha256:ee06a182a9c849464ce9d5fa917539aacc8edd2a4924d1b7aabeeecabcae3bc2"}, | ||
261 | ] | ||
262 | |||
263 | [[package]] | ||
264 | name = "urllib3" | ||
265 | version = "2.3.0" | ||
266 | description = "HTTP library with thread-safe connection pooling, file post, and more." | ||
267 | optional = false | ||
268 | python-versions = ">=3.9" | ||
269 | groups = ["main"] | ||
270 | files = [ | ||
271 | {file = "urllib3-2.3.0-py3-none-any.whl", hash = "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df"}, | ||
272 | {file = "urllib3-2.3.0.tar.gz", hash = "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"}, | ||
273 | ] | ||
274 | |||
275 | [package.extras] | ||
276 | brotli = ["brotli (>=1.0.9) ; platform_python_implementation == \"CPython\"", "brotlicffi (>=0.8.0) ; platform_python_implementation != \"CPython\""] | ||
277 | h2 = ["h2 (>=4,<5)"] | ||
278 | socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] | ||
279 | zstd = ["zstandard (>=0.18.0)"] | ||
280 | |||
281 | [metadata] | ||
282 | lock-version = "2.1" | ||
283 | python-versions = "^3.12" | ||
284 | content-hash = "2b335da94bf3e2d2bee7d8ca6e84cdb56e97ac29d1224d8c8dca98d93bbdcea2" | ||
diff --git a/overlays/worktime/pyproject.toml b/overlays/worktime/pyproject.toml index de4b9fd4..42da51f5 100644 --- a/overlays/worktime/pyproject.toml +++ b/overlays/worktime/pyproject.toml | |||
@@ -1,23 +1,28 @@ | |||
1 | [tool.poetry] | 1 | [project] |
2 | name = "worktime" | 2 | name = "worktime" |
3 | version = "0.1.0" | 3 | version = "1.0.0" |
4 | description = "" | 4 | requires-python = "~=3.12" |
5 | authors = ["Gregor Kleen <gkleen@yggdrasil.li>"] | 5 | dependencies = [ |
6 | "pyxdg>=0.28,<0.29", | ||
7 | "python-dateutil>=2.9.0.post0,<3", | ||
8 | "uritools>=4.0.3,<5", | ||
9 | "requests>=2.32.3,<3", | ||
10 | "tabulate>=0.9.0,<0.10", | ||
11 | "toml>=0.10.2,<0.11", | ||
12 | "jsonpickle>=4.0.5,<5", | ||
13 | "frozendict>=2.4.6", | ||
14 | "atomicwriter>=0.2.5", | ||
15 | "desktop-notify>=1.3.3", | ||
16 | ] | ||
6 | 17 | ||
7 | [tool.poetry.dependencies] | 18 | [project.scripts] |
8 | python = "^3.12" | ||
9 | pyxdg = "^0.28" | ||
10 | python-dateutil = "^2.9.0.post0" | ||
11 | uritools = "^4.0.3" | ||
12 | requests = "^2.32.3" | ||
13 | tabulate = "^0.9.0" | ||
14 | backoff = "^2.2.1" | ||
15 | toml = "^0.10.2" | ||
16 | jsonpickle = "^4.0.5" | ||
17 | |||
18 | [tool.poetry.scripts] | ||
19 | worktime = "worktime.__main__:main" | 19 | worktime = "worktime.__main__:main" |
20 | worktime-ui = "worktime.__main__:ui" | ||
21 | worktime-stop = "worktime.__main__:stop" | ||
20 | 22 | ||
21 | [build-system] | 23 | [build-system] |
22 | requires = ["poetry-core"] | 24 | requires = ["hatchling"] |
23 | build-backend = "poetry.core.masonry.api" \ No newline at end of file | 25 | build-backend = "hatchling.build" |
26 | |||
27 | [dependency-groups] | ||
28 | dev = [] | ||
diff --git a/overlays/worktime/uv.lock b/overlays/worktime/uv.lock new file mode 100644 index 00000000..39de4ccf --- /dev/null +++ b/overlays/worktime/uv.lock | |||
@@ -0,0 +1,248 @@ | |||
1 | version = 1 | ||
2 | revision = 2 | ||
3 | requires-python = ">=3.12, <4" | ||
4 | |||
5 | [[package]] | ||
6 | name = "atomicwriter" | ||
7 | version = "0.2.5" | ||
8 | source = { registry = "https://pypi.org/simple" } | ||
9 | sdist = { url = "https://files.pythonhosted.org/packages/50/b4/dd04e186eb244d1ed84b1d0ebfba19ddc7f8886b98e345aaca4208b031d2/atomicwriter-0.2.5.tar.gz", hash = "sha256:5ced6afb0579377a13e191b17a16115e14c30ec00e6c38b60403f58235a867af", size = 64990, upload-time = "2025-05-24T20:35:42.538Z" } | ||
10 | wheels = [ | ||
11 | { url = "https://files.pythonhosted.org/packages/99/7c/672a0de09b0b355a2ffa521ef25cf106f1984823379dee37f7305fdc1774/atomicwriter-0.2.5-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:5c1fab874e62ebe96f1af0e965dc1e92c4c1ef2e2e9612a444371b8fc751ec43", size = 234141, upload-time = "2025-05-24T20:34:32.74Z" }, | ||
12 | { url = "https://files.pythonhosted.org/packages/b9/0c/e1c5bad033284c212c0a77121b48dd4147f80e9a7cd82a9d2ce0a2160901/atomicwriter-0.2.5-cp312-cp312-macosx_11_0_x86_64.whl", hash = "sha256:8dbb67cc730be7d6bdfd5e991271bc17052be8fb2e4fa27854b47d8a76d36349", size = 245788, upload-time = "2025-05-24T20:34:33.897Z" }, | ||
13 | { url = "https://files.pythonhosted.org/packages/f4/d3/7036e203cc5fc4c49bf916b4ba158e0d2779de127afad5963edd7e3b9400/atomicwriter-0.2.5-cp312-cp312-manylinux_2_28_aarch64.whl", hash = "sha256:a4e7f81932839c738425dc96ad98e4a7511b740cd3d75f480bfabbcf8e6f7eae", size = 260428, upload-time = "2025-05-24T20:34:35.533Z" }, | ||
14 | { url = "https://files.pythonhosted.org/packages/e5/b9/9a4d235a8d67fb442302dc0f3ea2394b7bd994bfc99b1dc0f744c7852418/atomicwriter-0.2.5-cp312-cp312-manylinux_2_28_x86_64.whl", hash = "sha256:de37a3a5d1b57b719cfb0b81a11cab2114acfdc2c36051bf0af72d05eb644411", size = 263648, upload-time = "2025-05-24T20:34:36.72Z" }, | ||
15 | { url = "https://files.pythonhosted.org/packages/71/7c/32d4ddad53375de42f3e972bb0633ec76f2c31772f2e508479d4788651d9/atomicwriter-0.2.5-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:0b925e55750092fd482565b6068b8c8366fd79de526681af9e58eb209f0deeca", size = 323775, upload-time = "2025-05-24T20:34:37.968Z" }, | ||
16 | { url = "https://files.pythonhosted.org/packages/06/fe/6a226368a3f7ea30001fbd165f6a97f28c8f1a884896357b3d694983f5d2/atomicwriter-0.2.5-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:538f78f25e01584535782397211c66b8b3c9de90c2d1fc01a668ddce73dd0cb2", size = 340819, upload-time = "2025-05-24T20:34:39.63Z" }, | ||
17 | { url = "https://files.pythonhosted.org/packages/92/95/b035b2296c483fde5392c629e0b6e3844eba6e54ea965c4b8827379b0893/atomicwriter-0.2.5-cp312-cp312-win_amd64.whl", hash = "sha256:1d2d49a1b94ea7b289be9f7134d756bfb0bbf53eb0e58411334ed1b9958abe5e", size = 152789, upload-time = "2025-05-24T20:34:40.905Z" }, | ||
18 | { url = "https://files.pythonhosted.org/packages/da/25/caa0959ae8ce24763e24e1f45be6cb897414545d224a155f929d496d6812/atomicwriter-0.2.5-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:3f5490fd5bec378509521f7c2a19a64031a0de07d368d76733c3f76a0b9f026b", size = 233830, upload-time = "2025-05-24T20:34:42.532Z" }, | ||
19 | { url = "https://files.pythonhosted.org/packages/d2/76/3c41bfd4fd74bc63bec29f05a806a767258eea7cf151496b4ab015cb5323/atomicwriter-0.2.5-cp313-cp313-macosx_11_0_x86_64.whl", hash = "sha256:a4dada83ff1255c7e640363cc2a4399ab9a822d4dbc9c18f55bbf0c8b12ce056", size = 245461, upload-time = "2025-05-24T20:34:44.454Z" }, | ||
20 | { url = "https://files.pythonhosted.org/packages/c3/1e/5512dbdfdc3f4ab12f5923c50ae4765cc2fc65a9f112bb9dccbcbe60b395/atomicwriter-0.2.5-cp313-cp313-manylinux_2_28_aarch64.whl", hash = "sha256:ef2cf15e67513f05ad37d4cec48e403982c6b3c07f491472effd76d2157de7e2", size = 259892, upload-time = "2025-05-24T20:34:45.688Z" }, | ||
21 | { url = "https://files.pythonhosted.org/packages/e5/1d/2382b6cacb119115828eb519697a555900bcfdb062efeb0f82603295402d/atomicwriter-0.2.5-cp313-cp313-manylinux_2_28_x86_64.whl", hash = "sha256:73618f74c3c5f5401d3da0a3cd3043f23de5b6bb4a3d85bc580940a441355d25", size = 263125, upload-time = "2025-05-24T20:34:47.205Z" }, | ||
22 | { url = "https://files.pythonhosted.org/packages/07/d7/c4d68386161870db4a8d0452f0655a19902fa435b749c12e6ef800e89b19/atomicwriter-0.2.5-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:bbd5eda80710ddac7aefb421c79cef6b905852a827e764f0f12fcbaa88919f7a", size = 323503, upload-time = "2025-05-24T20:34:48.417Z" }, | ||
23 | { url = "https://files.pythonhosted.org/packages/b7/08/0fc03c0736ab8466e1b47a3ee17a528da18019cff93b7c4c2b33df82c19e/atomicwriter-0.2.5-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:b4776aaca40bc3040c3716c2adad74625c42285083ff31e8bf24a95315225c7b", size = 340156, upload-time = "2025-05-24T20:34:50.389Z" }, | ||
24 | { url = "https://files.pythonhosted.org/packages/fa/09/7ba888cf4d90bcabd9e82db3bdb9de50e4ef072e0ea0d375cd1931b79349/atomicwriter-0.2.5-cp313-cp313-win_amd64.whl", hash = "sha256:225ed1fbfa1996d9b0b2252f8a5d81263e51cbc797086d830f488c35b1d2ab42", size = 152274, upload-time = "2025-05-24T20:34:51.785Z" }, | ||
25 | { url = "https://files.pythonhosted.org/packages/2a/70/07d2ba2e0a126cfecfbfed46baf599c9e2155f4c8338fed4d3ae0041b133/atomicwriter-0.2.5-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:63b55982cfa47232f179689933bf003eefb2bd33464235883ed3ce7322cf38f3", size = 232879, upload-time = "2025-05-24T20:34:53.195Z" }, | ||
26 | { url = "https://files.pythonhosted.org/packages/f6/4d/397eb5435917135df93b339d849884bb1125896b1e15163c5244aa590336/atomicwriter-0.2.5-cp313-cp313t-macosx_11_0_x86_64.whl", hash = "sha256:e33f40b2a27f8831beeabb485923acb6dd067cc70bba1a63096749b3dc4747ff", size = 244386, upload-time = "2025-05-24T20:34:54.852Z" }, | ||
27 | { url = "https://files.pythonhosted.org/packages/8b/01/73f0b683fa55e61dd29d30e48e9a75ddb049e6dad0ac4ae1a29dbc05f21e/atomicwriter-0.2.5-cp313-cp313t-manylinux_2_28_aarch64.whl", hash = "sha256:c646e115e88147d71f845a005fc53910f22c4dc65bd634768cb90b7f34259359", size = 258255, upload-time = "2025-05-24T20:34:56.046Z" }, | ||
28 | { url = "https://files.pythonhosted.org/packages/4b/19/692387c1fb1b8714a9b2fab99a58850fd4136bed988814c8ff74d0c8de02/atomicwriter-0.2.5-cp313-cp313t-manylinux_2_28_x86_64.whl", hash = "sha256:47f974e986ff6514351c3ea75041009a514be0c34c225c062b0ad8a28ec9c0a3", size = 261768, upload-time = "2025-05-24T20:34:57.795Z" }, | ||
29 | { url = "https://files.pythonhosted.org/packages/3e/f2/4d466f52ee635cc54011713272f302584c6d1ce612c331d9989fa6fa672f/atomicwriter-0.2.5-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:e1db8b9004cd3f628166e83b25eb814b82345f9d6bc15e99b6d201c355455b45", size = 321975, upload-time = "2025-05-24T20:34:59.45Z" }, | ||
30 | { url = "https://files.pythonhosted.org/packages/84/ad/0189ad9783ca6609df47e06cc0cd22866a8073d46478f59c6ab3ec13e0fb/atomicwriter-0.2.5-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:a7da4a114121ab865663578b801a0520b2b518d4591af0bd294f6aac0dad243b", size = 338946, upload-time = "2025-05-24T20:35:01.501Z" }, | ||
31 | { url = "https://files.pythonhosted.org/packages/94/79/2c4d8f75eeb09192cf572957f031271998f3c985fabd79d513fff66ac715/atomicwriter-0.2.5-cp313-cp313t-win_amd64.whl", hash = "sha256:7aab4b3956cc17219e7e4da76e8a1bceb3d3aeaf03234f89b90e234a2adcf27b", size = 151571, upload-time = "2025-05-24T20:35:02.747Z" }, | ||
32 | { url = "https://files.pythonhosted.org/packages/32/19/d6a686d189c3577e7f08b33df398b959c24bf74b3cec34359104db1a24ff/atomicwriter-0.2.5-cp39-abi3-macosx_11_0_arm64.whl", hash = "sha256:8d0fccac2dfe5d884d97edbda28be9c16d55faee9bdf66f53a99384ac387cc43", size = 239320, upload-time = "2025-05-24T20:35:04.028Z" }, | ||
33 | { url = "https://files.pythonhosted.org/packages/8e/35/35571a4eed57816c3b5fdbefcb15f38563fbe4f3a4a7d1588c8ef899afaf/atomicwriter-0.2.5-cp39-abi3-macosx_11_0_x86_64.whl", hash = "sha256:6583c24333508839db2156d895cbbb5cd3ff20d4f9c698e341435e5b35990eaa", size = 250818, upload-time = "2025-05-24T20:35:05.21Z" }, | ||
34 | { url = "https://files.pythonhosted.org/packages/81/d9/145093630bc25f115a49d32d9ef66745f5cdef787492d77fd27e74d20389/atomicwriter-0.2.5-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:136a9902ae3f1c0cb262a07dd3ac85069d71f8b11347cd740030567e67d611aa", size = 265796, upload-time = "2025-05-24T20:35:06.388Z" }, | ||
35 | { url = "https://files.pythonhosted.org/packages/58/32/d1881adade2ebc70aa9dbb61cadabc2c00cfa99a7a5d6ba48f44e279056f/atomicwriter-0.2.5-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:0b6830434b6a49c19473c3f3975dfa0a87dec95bee81297f7393e378f9a0b82f", size = 269378, upload-time = "2025-05-24T20:35:07.578Z" }, | ||
36 | { url = "https://files.pythonhosted.org/packages/93/f5/2661ea763784a4991c4c7be5c932a468937bd1d4618b833a63ec638a3b76/atomicwriter-0.2.5-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:53095a01891a2901aa04c10c8de52c0ba41e0d8a4a1893318cf34ccbdbde00b7", size = 328167, upload-time = "2025-05-24T20:35:08.764Z" }, | ||
37 | { url = "https://files.pythonhosted.org/packages/ec/bc/e3aa521671a589bee9662d3e2108e4835a5d80e6da76e4d05d98d1c78005/atomicwriter-0.2.5-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:ecf4dc3983bb1f28b21cb09c2d96b6936d8864c559dcf151b57813cb1eae998b", size = 347153, upload-time = "2025-05-24T20:35:10.507Z" }, | ||
38 | { url = "https://files.pythonhosted.org/packages/59/b7/e190383e7240b1f247c6df9bc6667db8df10190cd0bb2dba8ea6bd704ea4/atomicwriter-0.2.5-cp39-abi3-win_amd64.whl", hash = "sha256:92cff264a20364301ab341b332fd0112866870b8cb35caf99a3f3fee0e6c19e8", size = 156374, upload-time = "2025-05-24T20:35:11.716Z" }, | ||
39 | ] | ||
40 | |||
41 | [[package]] | ||
42 | name = "certifi" | ||
43 | version = "2025.1.31" | ||
44 | source = { registry = "https://pypi.org/simple" } | ||
45 | sdist = { url = "https://files.pythonhosted.org/packages/1c/ab/c9f1e32b7b1bf505bf26f0ef697775960db7932abeb7b516de930ba2705f/certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651", size = 167577, upload-time = "2025-01-31T02:16:47.166Z" } | ||
46 | wheels = [ | ||
47 | { url = "https://files.pythonhosted.org/packages/38/fc/bce832fd4fd99766c04d1ee0eead6b0ec6486fb100ae5e74c1d91292b982/certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe", size = 166393, upload-time = "2025-01-31T02:16:45.015Z" }, | ||
48 | ] | ||
49 | |||
50 | [[package]] | ||
51 | name = "charset-normalizer" | ||
52 | version = "3.4.1" | ||
53 | source = { registry = "https://pypi.org/simple" } | ||
54 | sdist = { url = "https://files.pythonhosted.org/packages/16/b0/572805e227f01586461c80e0fd25d65a2115599cc9dad142fee4b747c357/charset_normalizer-3.4.1.tar.gz", hash = "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3", size = 123188, upload-time = "2024-12-24T18:12:35.43Z" } | ||
55 | wheels = [ | ||
56 | { url = "https://files.pythonhosted.org/packages/0a/9a/dd1e1cdceb841925b7798369a09279bd1cf183cef0f9ddf15a3a6502ee45/charset_normalizer-3.4.1-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545", size = 196105, upload-time = "2024-12-24T18:10:38.83Z" }, | ||
57 | { url = "https://files.pythonhosted.org/packages/d3/8c/90bfabf8c4809ecb648f39794cf2a84ff2e7d2a6cf159fe68d9a26160467/charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7", size = 140404, upload-time = "2024-12-24T18:10:44.272Z" }, | ||
58 | { url = "https://files.pythonhosted.org/packages/ad/8f/e410d57c721945ea3b4f1a04b74f70ce8fa800d393d72899f0a40526401f/charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757", size = 150423, upload-time = "2024-12-24T18:10:45.492Z" }, | ||
59 | { url = "https://files.pythonhosted.org/packages/f0/b8/e6825e25deb691ff98cf5c9072ee0605dc2acfca98af70c2d1b1bc75190d/charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa", size = 143184, upload-time = "2024-12-24T18:10:47.898Z" }, | ||
60 | { url = "https://files.pythonhosted.org/packages/3e/a2/513f6cbe752421f16d969e32f3583762bfd583848b763913ddab8d9bfd4f/charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d", size = 145268, upload-time = "2024-12-24T18:10:50.589Z" }, | ||
61 | { url = "https://files.pythonhosted.org/packages/74/94/8a5277664f27c3c438546f3eb53b33f5b19568eb7424736bdc440a88a31f/charset_normalizer-3.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616", size = 147601, upload-time = "2024-12-24T18:10:52.541Z" }, | ||
62 | { url = "https://files.pythonhosted.org/packages/7c/5f/6d352c51ee763623a98e31194823518e09bfa48be2a7e8383cf691bbb3d0/charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b", size = 141098, upload-time = "2024-12-24T18:10:53.789Z" }, | ||
63 | { url = "https://files.pythonhosted.org/packages/78/d4/f5704cb629ba5ab16d1d3d741396aec6dc3ca2b67757c45b0599bb010478/charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d", size = 149520, upload-time = "2024-12-24T18:10:55.048Z" }, | ||
64 | { url = "https://files.pythonhosted.org/packages/c5/96/64120b1d02b81785f222b976c0fb79a35875457fa9bb40827678e54d1bc8/charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a", size = 152852, upload-time = "2024-12-24T18:10:57.647Z" }, | ||
65 | { url = "https://files.pythonhosted.org/packages/84/c9/98e3732278a99f47d487fd3468bc60b882920cef29d1fa6ca460a1fdf4e6/charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9", size = 150488, upload-time = "2024-12-24T18:10:59.43Z" }, | ||
66 | { url = "https://files.pythonhosted.org/packages/13/0e/9c8d4cb99c98c1007cc11eda969ebfe837bbbd0acdb4736d228ccaabcd22/charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1", size = 146192, upload-time = "2024-12-24T18:11:00.676Z" }, | ||
67 | { url = "https://files.pythonhosted.org/packages/b2/21/2b6b5b860781a0b49427309cb8670785aa543fb2178de875b87b9cc97746/charset_normalizer-3.4.1-cp312-cp312-win32.whl", hash = "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35", size = 95550, upload-time = "2024-12-24T18:11:01.952Z" }, | ||
68 | { url = "https://files.pythonhosted.org/packages/21/5b/1b390b03b1d16c7e382b561c5329f83cc06623916aab983e8ab9239c7d5c/charset_normalizer-3.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f", size = 102785, upload-time = "2024-12-24T18:11:03.142Z" }, | ||
69 | { url = "https://files.pythonhosted.org/packages/38/94/ce8e6f63d18049672c76d07d119304e1e2d7c6098f0841b51c666e9f44a0/charset_normalizer-3.4.1-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda", size = 195698, upload-time = "2024-12-24T18:11:05.834Z" }, | ||
70 | { url = "https://files.pythonhosted.org/packages/24/2e/dfdd9770664aae179a96561cc6952ff08f9a8cd09a908f259a9dfa063568/charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313", size = 140162, upload-time = "2024-12-24T18:11:07.064Z" }, | ||
71 | { url = "https://files.pythonhosted.org/packages/24/4e/f646b9093cff8fc86f2d60af2de4dc17c759de9d554f130b140ea4738ca6/charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9", size = 150263, upload-time = "2024-12-24T18:11:08.374Z" }, | ||
72 | { url = "https://files.pythonhosted.org/packages/5e/67/2937f8d548c3ef6e2f9aab0f6e21001056f692d43282b165e7c56023e6dd/charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b", size = 142966, upload-time = "2024-12-24T18:11:09.831Z" }, | ||
73 | { url = "https://files.pythonhosted.org/packages/52/ed/b7f4f07de100bdb95c1756d3a4d17b90c1a3c53715c1a476f8738058e0fa/charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11", size = 144992, upload-time = "2024-12-24T18:11:12.03Z" }, | ||
74 | { url = "https://files.pythonhosted.org/packages/96/2c/d49710a6dbcd3776265f4c923bb73ebe83933dfbaa841c5da850fe0fd20b/charset_normalizer-3.4.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f", size = 147162, upload-time = "2024-12-24T18:11:13.372Z" }, | ||
75 | { url = "https://files.pythonhosted.org/packages/b4/41/35ff1f9a6bd380303dea55e44c4933b4cc3c4850988927d4082ada230273/charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd", size = 140972, upload-time = "2024-12-24T18:11:14.628Z" }, | ||
76 | { url = "https://files.pythonhosted.org/packages/fb/43/c6a0b685fe6910d08ba971f62cd9c3e862a85770395ba5d9cad4fede33ab/charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2", size = 149095, upload-time = "2024-12-24T18:11:17.672Z" }, | ||
77 | { url = "https://files.pythonhosted.org/packages/4c/ff/a9a504662452e2d2878512115638966e75633519ec11f25fca3d2049a94a/charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886", size = 152668, upload-time = "2024-12-24T18:11:18.989Z" }, | ||
78 | { url = "https://files.pythonhosted.org/packages/6c/71/189996b6d9a4b932564701628af5cee6716733e9165af1d5e1b285c530ed/charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601", size = 150073, upload-time = "2024-12-24T18:11:21.507Z" }, | ||
79 | { url = "https://files.pythonhosted.org/packages/e4/93/946a86ce20790e11312c87c75ba68d5f6ad2208cfb52b2d6a2c32840d922/charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd", size = 145732, upload-time = "2024-12-24T18:11:22.774Z" }, | ||
80 | { url = "https://files.pythonhosted.org/packages/cd/e5/131d2fb1b0dddafc37be4f3a2fa79aa4c037368be9423061dccadfd90091/charset_normalizer-3.4.1-cp313-cp313-win32.whl", hash = "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407", size = 95391, upload-time = "2024-12-24T18:11:24.139Z" }, | ||
81 | { url = "https://files.pythonhosted.org/packages/27/f2/4f9a69cc7712b9b5ad8fdb87039fd89abba997ad5cbe690d1835d40405b0/charset_normalizer-3.4.1-cp313-cp313-win_amd64.whl", hash = "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971", size = 102702, upload-time = "2024-12-24T18:11:26.535Z" }, | ||
82 | { url = "https://files.pythonhosted.org/packages/0e/f6/65ecc6878a89bb1c23a086ea335ad4bf21a588990c3f535a227b9eea9108/charset_normalizer-3.4.1-py3-none-any.whl", hash = "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85", size = 49767, upload-time = "2024-12-24T18:12:32.852Z" }, | ||
83 | ] | ||
84 | |||
85 | [[package]] | ||
86 | name = "dbus-next" | ||
87 | version = "0.2.3" | ||
88 | source = { registry = "https://pypi.org/simple" } | ||
89 | sdist = { url = "https://files.pythonhosted.org/packages/ce/45/6a40fbe886d60a8c26f480e7d12535502b5ba123814b3b9a0b002ebca198/dbus_next-0.2.3.tar.gz", hash = "sha256:f4eae26909332ada528c0a3549dda8d4f088f9b365153952a408e28023a626a5", size = 71112, upload-time = "2021-07-25T22:11:28.398Z" } | ||
90 | wheels = [ | ||
91 | { url = "https://files.pythonhosted.org/packages/d2/fc/c0a3f4c4eaa5a22fbef91713474666e13d0ea2a69c84532579490a9f2cc8/dbus_next-0.2.3-py3-none-any.whl", hash = "sha256:58948f9aff9db08316734c0be2a120f6dc502124d9642f55e90ac82ffb16a18b", size = 57885, upload-time = "2021-07-25T22:11:25.466Z" }, | ||
92 | ] | ||
93 | |||
94 | [[package]] | ||
95 | name = "desktop-notify" | ||
96 | version = "1.3.3" | ||
97 | source = { registry = "https://pypi.org/simple" } | ||
98 | dependencies = [ | ||
99 | { name = "dbus-next" }, | ||
100 | ] | ||
101 | sdist = { url = "https://files.pythonhosted.org/packages/7a/d8/7ae5779257f5f1aa0a2d50c02d70b29522bd414692f3d3bd18ef119fe82d/desktop-notify-1.3.3.tar.gz", hash = "sha256:62934ad1f72f292f9a3af5ffe45af32814af18c396c00369385540c72bf08077", size = 7828, upload-time = "2021-01-03T16:46:36.483Z" } | ||
102 | wheels = [ | ||
103 | { url = "https://files.pythonhosted.org/packages/0a/cd/a7e3bd0262f3e8a9272fd24d0193e24dad7cb4e4edd27da48e74b5523e59/desktop_notify-1.3.3-py3-none-any.whl", hash = "sha256:8ad7ecc3a9a603dd5fa3cdc11cc6265cfbc7f6df9d8ed240f4663f43ef0de37a", size = 9937, upload-time = "2021-01-03T16:46:35.157Z" }, | ||
104 | ] | ||
105 | |||
106 | [[package]] | ||
107 | name = "frozendict" | ||
108 | version = "2.4.6" | ||
109 | source = { registry = "https://pypi.org/simple" } | ||
110 | sdist = { url = "https://files.pythonhosted.org/packages/bb/59/19eb300ba28e7547538bdf603f1c6c34793240a90e1a7b61b65d8517e35e/frozendict-2.4.6.tar.gz", hash = "sha256:df7cd16470fbd26fc4969a208efadc46319334eb97def1ddf48919b351192b8e", size = 316416, upload-time = "2024-10-13T12:15:32.449Z" } | ||
111 | wheels = [ | ||
112 | { url = "https://files.pythonhosted.org/packages/04/13/d9839089b900fa7b479cce495d62110cddc4bd5630a04d8469916c0e79c5/frozendict-2.4.6-py311-none-any.whl", hash = "sha256:d065db6a44db2e2375c23eac816f1a022feb2fa98cbb50df44a9e83700accbea", size = 16148, upload-time = "2024-10-13T12:15:26.839Z" }, | ||
113 | { url = "https://files.pythonhosted.org/packages/ba/d0/d482c39cee2ab2978a892558cf130681d4574ea208e162da8958b31e9250/frozendict-2.4.6-py312-none-any.whl", hash = "sha256:49344abe90fb75f0f9fdefe6d4ef6d4894e640fadab71f11009d52ad97f370b9", size = 16146, upload-time = "2024-10-13T12:15:28.16Z" }, | ||
114 | { url = "https://files.pythonhosted.org/packages/a5/8e/b6bf6a0de482d7d7d7a2aaac8fdc4a4d0bb24a809f5ddd422aa7060eb3d2/frozendict-2.4.6-py313-none-any.whl", hash = "sha256:7134a2bb95d4a16556bb5f2b9736dceb6ea848fa5b6f3f6c2d6dba93b44b4757", size = 16146, upload-time = "2024-10-13T12:15:29.495Z" }, | ||
115 | ] | ||
116 | |||
117 | [[package]] | ||
118 | name = "idna" | ||
119 | version = "3.10" | ||
120 | source = { registry = "https://pypi.org/simple" } | ||
121 | sdist = { url = "https://files.pythonhosted.org/packages/f1/70/7703c29685631f5a7590aa73f1f1d3fa9a380e654b86af429e0934a32f7d/idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9", size = 190490, upload-time = "2024-09-15T18:07:39.745Z" } | ||
122 | wheels = [ | ||
123 | { url = "https://files.pythonhosted.org/packages/76/c6/c88e154df9c4e1a2a66ccf0005a88dfb2650c1dffb6f5ce603dfbd452ce3/idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3", size = 70442, upload-time = "2024-09-15T18:07:37.964Z" }, | ||
124 | ] | ||
125 | |||
126 | [[package]] | ||
127 | name = "jsonpickle" | ||
128 | version = "4.0.5" | ||
129 | source = { registry = "https://pypi.org/simple" } | ||
130 | sdist = { url = "https://files.pythonhosted.org/packages/d6/33/4bda317ab294722fcdfff8f63aab74af9fda3675a4652d984a101aa7587e/jsonpickle-4.0.5.tar.gz", hash = "sha256:f299818b39367c361b3f26bdba827d4249ab5d383cd93144d0f94b5417aacb35", size = 315661, upload-time = "2025-03-29T19:22:56.92Z" } | ||
131 | wheels = [ | ||
132 | { url = "https://files.pythonhosted.org/packages/dc/1b/0e79cf115e0f54f1e8f56effb6ffd2ef8f92e9c324d692ede660067f1bfe/jsonpickle-4.0.5-py3-none-any.whl", hash = "sha256:b4ac7d0a75ddcdfd93445737f1d36ff28768690d43e54bf5d0ddb1d915e580df", size = 46382, upload-time = "2025-03-29T19:22:54.252Z" }, | ||
133 | ] | ||
134 | |||
135 | [[package]] | ||
136 | name = "python-dateutil" | ||
137 | version = "2.9.0.post0" | ||
138 | source = { registry = "https://pypi.org/simple" } | ||
139 | dependencies = [ | ||
140 | { name = "six" }, | ||
141 | ] | ||
142 | sdist = { url = "https://files.pythonhosted.org/packages/66/c0/0c8b6ad9f17a802ee498c46e004a0eb49bc148f2fd230864601a86dcf6db/python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3", size = 342432, upload-time = "2024-03-01T18:36:20.211Z" } | ||
143 | wheels = [ | ||
144 | { url = "https://files.pythonhosted.org/packages/ec/57/56b9bcc3c9c6a792fcbaf139543cee77261f3651ca9da0c93f5c1221264b/python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427", size = 229892, upload-time = "2024-03-01T18:36:18.57Z" }, | ||
145 | ] | ||
146 | |||
147 | [[package]] | ||
148 | name = "pyxdg" | ||
149 | version = "0.28" | ||
150 | source = { registry = "https://pypi.org/simple" } | ||
151 | sdist = { url = "https://files.pythonhosted.org/packages/b0/25/7998cd2dec731acbd438fbf91bc619603fc5188de0a9a17699a781840452/pyxdg-0.28.tar.gz", hash = "sha256:3267bb3074e934df202af2ee0868575484108581e6f3cb006af1da35395e88b4", size = 77776, upload-time = "2022-06-05T11:35:01Z" } | ||
152 | wheels = [ | ||
153 | { url = "https://files.pythonhosted.org/packages/e5/8d/cf41b66a8110670e3ad03dab9b759704eeed07fa96e90fdc0357b2ba70e2/pyxdg-0.28-py2.py3-none-any.whl", hash = "sha256:bdaf595999a0178ecea4052b7f4195569c1ff4d344567bccdc12dfdf02d545ab", size = 49520, upload-time = "2022-06-05T11:34:58.832Z" }, | ||
154 | ] | ||
155 | |||
156 | [[package]] | ||
157 | name = "requests" | ||
158 | version = "2.32.3" | ||
159 | source = { registry = "https://pypi.org/simple" } | ||
160 | dependencies = [ | ||
161 | { name = "certifi" }, | ||
162 | { name = "charset-normalizer" }, | ||
163 | { name = "idna" }, | ||
164 | { name = "urllib3" }, | ||
165 | ] | ||
166 | sdist = { url = "https://files.pythonhosted.org/packages/63/70/2bf7780ad2d390a8d301ad0b550f1581eadbd9a20f896afe06353c2a2913/requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760", size = 131218, upload-time = "2024-05-29T15:37:49.536Z" } | ||
167 | wheels = [ | ||
168 | { url = "https://files.pythonhosted.org/packages/f9/9b/335f9764261e915ed497fcdeb11df5dfd6f7bf257d4a6a2a686d80da4d54/requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6", size = 64928, upload-time = "2024-05-29T15:37:47.027Z" }, | ||
169 | ] | ||
170 | |||
171 | [[package]] | ||
172 | name = "six" | ||
173 | version = "1.17.0" | ||
174 | source = { registry = "https://pypi.org/simple" } | ||
175 | sdist = { url = "https://files.pythonhosted.org/packages/94/e7/b2c673351809dca68a0e064b6af791aa332cf192da575fd474ed7d6f16a2/six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81", size = 34031, upload-time = "2024-12-04T17:35:28.174Z" } | ||
176 | wheels = [ | ||
177 | { url = "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", size = 11050, upload-time = "2024-12-04T17:35:26.475Z" }, | ||
178 | ] | ||
179 | |||
180 | [[package]] | ||
181 | name = "tabulate" | ||
182 | version = "0.9.0" | ||
183 | source = { registry = "https://pypi.org/simple" } | ||
184 | sdist = { url = "https://files.pythonhosted.org/packages/ec/fe/802052aecb21e3797b8f7902564ab6ea0d60ff8ca23952079064155d1ae1/tabulate-0.9.0.tar.gz", hash = "sha256:0095b12bf5966de529c0feb1fa08671671b3368eec77d7ef7ab114be2c068b3c", size = 81090, upload-time = "2022-10-06T17:21:48.54Z" } | ||
185 | wheels = [ | ||
186 | { url = "https://files.pythonhosted.org/packages/40/44/4a5f08c96eb108af5cb50b41f76142f0afa346dfa99d5296fe7202a11854/tabulate-0.9.0-py3-none-any.whl", hash = "sha256:024ca478df22e9340661486f85298cff5f6dcdba14f3813e8830015b9ed1948f", size = 35252, upload-time = "2022-10-06T17:21:44.262Z" }, | ||
187 | ] | ||
188 | |||
189 | [[package]] | ||
190 | name = "toml" | ||
191 | version = "0.10.2" | ||
192 | source = { registry = "https://pypi.org/simple" } | ||
193 | sdist = { url = "https://files.pythonhosted.org/packages/be/ba/1f744cdc819428fc6b5084ec34d9b30660f6f9daaf70eead706e3203ec3c/toml-0.10.2.tar.gz", hash = "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f", size = 22253, upload-time = "2020-11-01T01:40:22.204Z" } | ||
194 | wheels = [ | ||
195 | { url = "https://files.pythonhosted.org/packages/44/6f/7120676b6d73228c96e17f1f794d8ab046fc910d781c8d151120c3f1569e/toml-0.10.2-py2.py3-none-any.whl", hash = "sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b", size = 16588, upload-time = "2020-11-01T01:40:20.672Z" }, | ||
196 | ] | ||
197 | |||
198 | [[package]] | ||
199 | name = "uritools" | ||
200 | version = "4.0.3" | ||
201 | source = { registry = "https://pypi.org/simple" } | ||
202 | sdist = { url = "https://files.pythonhosted.org/packages/d3/43/4182fb2a03145e6d38698e38b49114ce59bc8c79063452eb585a58f8ce78/uritools-4.0.3.tar.gz", hash = "sha256:ee06a182a9c849464ce9d5fa917539aacc8edd2a4924d1b7aabeeecabcae3bc2", size = 24184, upload-time = "2024-05-28T18:07:45.194Z" } | ||
203 | wheels = [ | ||
204 | { url = "https://files.pythonhosted.org/packages/e6/17/5a4510d9ca9cc8be217ce359eb54e693dca81cf4d442308b282d5131b17d/uritools-4.0.3-py3-none-any.whl", hash = "sha256:bae297d090e69a0451130ffba6f2f1c9477244aa0a5543d66aed2d9f77d0dd9c", size = 10304, upload-time = "2024-05-28T18:07:42.731Z" }, | ||
205 | ] | ||
206 | |||
207 | [[package]] | ||
208 | name = "urllib3" | ||
209 | version = "2.3.0" | ||
210 | source = { registry = "https://pypi.org/simple" } | ||
211 | sdist = { url = "https://files.pythonhosted.org/packages/aa/63/e53da845320b757bf29ef6a9062f5c669fe997973f966045cb019c3f4b66/urllib3-2.3.0.tar.gz", hash = "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d", size = 307268, upload-time = "2024-12-22T07:47:30.032Z" } | ||
212 | wheels = [ | ||
213 | { url = "https://files.pythonhosted.org/packages/c8/19/4ec628951a74043532ca2cf5d97b7b14863931476d117c471e8e2b1eb39f/urllib3-2.3.0-py3-none-any.whl", hash = "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df", size = 128369, upload-time = "2024-12-22T07:47:28.074Z" }, | ||
214 | ] | ||
215 | |||
216 | [[package]] | ||
217 | name = "worktime" | ||
218 | version = "1.0.0" | ||
219 | source = { editable = "." } | ||
220 | dependencies = [ | ||
221 | { name = "atomicwriter" }, | ||
222 | { name = "desktop-notify" }, | ||
223 | { name = "frozendict" }, | ||
224 | { name = "jsonpickle" }, | ||
225 | { name = "python-dateutil" }, | ||
226 | { name = "pyxdg" }, | ||
227 | { name = "requests" }, | ||
228 | { name = "tabulate" }, | ||
229 | { name = "toml" }, | ||
230 | { name = "uritools" }, | ||
231 | ] | ||
232 | |||
233 | [package.metadata] | ||
234 | requires-dist = [ | ||
235 | { name = "atomicwriter", specifier = ">=0.2.5" }, | ||
236 | { name = "desktop-notify", specifier = ">=1.3.3" }, | ||
237 | { name = "frozendict", specifier = ">=2.4.6" }, | ||
238 | { name = "jsonpickle", specifier = ">=4.0.5,<5" }, | ||
239 | { name = "python-dateutil", specifier = ">=2.9.0.post0,<3" }, | ||
240 | { name = "pyxdg", specifier = ">=0.28,<0.29" }, | ||
241 | { name = "requests", specifier = ">=2.32.3,<3" }, | ||
242 | { name = "tabulate", specifier = ">=0.9.0,<0.10" }, | ||
243 | { name = "toml", specifier = ">=0.10.2,<0.11" }, | ||
244 | { name = "uritools", specifier = ">=4.0.3,<5" }, | ||
245 | ] | ||
246 | |||
247 | [package.metadata.requires-dev] | ||
248 | dev = [] | ||
diff --git a/overlays/worktime/worktime/__main__.py b/overlays/worktime/worktime/__main__.py index 4eee5dc2..bf24bbec 100755 --- a/overlays/worktime/worktime/__main__.py +++ b/overlays/worktime/worktime/__main__.py | |||
@@ -1,10 +1,12 @@ | |||
1 | import requests | 1 | import requests |
2 | from requests.exceptions import HTTPError | 2 | from requests.exceptions import HTTPError |
3 | from requests.auth import HTTPBasicAuth | 3 | from requests.auth import HTTPBasicAuth |
4 | from requests.adapters import HTTPAdapter, Retry | ||
4 | from datetime import * | 5 | from datetime import * |
5 | from xdg import BaseDirectory | 6 | from xdg import BaseDirectory |
6 | import toml | 7 | import toml |
7 | from uritools import (uricompose) | 8 | from uritools import uricompose |
9 | from urllib.parse import urljoin | ||
8 | 10 | ||
9 | from inspect import signature | 11 | from inspect import signature |
10 | 12 | ||
@@ -27,77 +29,76 @@ from sys import stderr, stdout | |||
27 | 29 | ||
28 | from tabulate import tabulate | 30 | from tabulate import tabulate |
29 | 31 | ||
30 | from itertools import groupby, count | 32 | from itertools import groupby, count, islice |
31 | from functools import cache, partial | 33 | from functools import cache, partial |
32 | 34 | ||
33 | import backoff | ||
34 | |||
35 | from pathlib import Path | 35 | from pathlib import Path |
36 | 36 | ||
37 | from collections import defaultdict | 37 | from collections import defaultdict |
38 | from collections.abc import Iterable, Generator | ||
39 | from typing import Any | ||
38 | 40 | ||
39 | import jsonpickle | 41 | import jsonpickle |
40 | from hashlib import blake2s | 42 | from hashlib import blake2s |
41 | import json | 43 | import json |
42 | 44 | ||
43 | class TogglAPISection(Enum): | 45 | import asyncio |
44 | TOGGL = '/api/v9' | 46 | |
45 | REPORTS = '/reports/api/v2' | 47 | from frozendict import frozendict |
46 | 48 | from contextlib import closing | |
47 | class TogglAPIError(Exception): | 49 | import os |
48 | def __init__(self, response, *, http_error=None): | 50 | from time import clock_gettime_ns, CLOCK_MONOTONIC |
49 | self.http_error = http_error | 51 | from atomicwriter import AtomicWriter |
50 | self.response = response | 52 | import desktop_notify.aio as notify |
51 | 53 | ||
52 | def __str__(self): | 54 | class BearerAuth(requests.auth.AuthBase): |
53 | if not self.http_error is None: | 55 | def __init__(self, token): |
54 | return str(self.http_error) | 56 | self.token = token |
55 | else: | 57 | def __call__(self, r): |
56 | return self.response.text | 58 | r.headers["authorization"] = "Bearer " + self.token |
57 | 59 | return r | |
58 | class TogglAPI(object): | 60 | |
59 | def __init__(self, api_token, workspace_id, client_ids): | 61 | class KimaiSession(requests.Session): |
60 | self._api_token = api_token | 62 | def __init__(self, base_url: str, api_token: str): |
61 | self._workspace_id = workspace_id | 63 | super().__init__() |
62 | self._client_ids = set(map(int, client_ids.split(','))) if client_ids else None | 64 | self.base_url = base_url |
63 | 65 | self.auth = BearerAuth(api_token) | |
64 | def _make_url(self, api=TogglAPISection.TOGGL, section=['me', 'time_entries', 'current'], params={}): | 66 | retries = Retry(total=5, backoff_factor=0.1, status_forcelist=[500, 502, 503, 504]) |
65 | if api is TogglAPISection.REPORTS: | 67 | super().mount(base_url, HTTPAdapter(max_retries=retries)) |
66 | params.update({'user_agent': 'worktime', 'workspace_id': self._workspace_id}) | 68 | |
67 | 69 | def request(self, method, url, *args, **kwargs): | |
68 | api_path = api.value | 70 | joined_url = urljoin(self.base_url, url) |
69 | section_path = '/'.join(section) | 71 | return super().request(method, joined_url, *args, headers = {'Accept': 'application/json'} | (kwargs['headers'] if 'headers' in kwargs else {}), **{k: v for k, v in kwargs.items() if k not in ['headers']}) |
70 | uri = uricompose(scheme='https', host='api.track.toggl.com', path=f"{api_path}/{section_path}", query=params) | 72 | |
71 | 73 | class KimaiAPI(object): | |
72 | return uri | 74 | def __init__(self, base_url: str, api_token: str, clients: Iterable[str]): |
73 | 75 | self._session = KimaiSession(base_url, api_token) | |
74 | def _query(self, url, method): | 76 | self._kimai_clients = self._session.get('/api/customers').json() |
75 | response = self._raw_query(url, method) | 77 | self._client_ids = self.resolve_clients(clients) |
76 | response.raise_for_status() | 78 | kimai_user = self._session.get('/api/users/me').json() |
77 | return response | 79 | self._tz = gettz(kimai_user['timezone']) |
78 | 80 | ||
79 | @backoff.on_predicate( | 81 | def resolve_clients(self, clients: Iterable[str]) -> frozenset[int]: |
80 | backoff.expo, | 82 | return frozenset({ client['id'] for client in self._kimai_clients if client['name'] in clients }) |
81 | factor=0.1, max_value=2, | 83 | |
82 | predicate=lambda r: r.status_code == 429, | 84 | def render_datetime(self, datetime: datetime) -> str: |
83 | max_time=10, | 85 | return datetime.astimezone(self._tz).strftime('%Y-%m-%dT%H:%M:%S') |
84 | ) | 86 | |
85 | def _raw_query(self, url, method): | 87 | def get_timesheets(self, params: dict[str, Any] = {}) -> Generator[Any]: |
86 | headers = {'content-type': 'application/json', 'accept': 'application/json'} | 88 | for page in count(start=1): |
87 | response = None | 89 | resp = self._session.get('/api/timesheets', params=params | {'size': 100, 'page': page}) |
88 | 90 | if resp.status_code == 404: | |
89 | if method == 'GET': | 91 | break |
90 | response = requests.get(url, headers=headers, auth=HTTPBasicAuth(self._api_token, 'api_token')) | 92 | yield from resp.json() |
91 | elif method == 'POST': | ||
92 | response = requests.post(url, headers=headers, auth=HTTPBasicAuth(self._api_token, 'api_token')) | ||
93 | else: | ||
94 | raise ValueError(f"Undefined HTTP method “{method}”") | ||
95 | |||
96 | return response | ||
97 | 93 | ||
98 | def entry_durations(self, start_date, *, end_date, rounding=False, client_ids): | 94 | def entry_durations(self, start_date: datetime, *, end_date: datetime, clients: Iterable[str] | None = None) -> Generator[timedelta]: |
99 | if client_ids is not None and not client_ids: | 95 | client_ids = None |
96 | if clients is not None and not clients: | ||
100 | return | 97 | return |
98 | elif clients is None: | ||
99 | client_ids = self._client_ids | ||
100 | else: | ||
101 | client_ids = self.resolve_clients(clients) | ||
101 | 102 | ||
102 | cache_dir = Path(BaseDirectory.save_cache_path('worktime')) / 'entry_durations' | 103 | cache_dir = Path(BaseDirectory.save_cache_path('worktime')) / 'entry_durations' |
103 | step = timedelta(days = 120) | 104 | step = timedelta(days = 120) |
@@ -116,11 +117,8 @@ class TogglAPI(object): | |||
116 | cache_key = blake2s(jsonpickle.encode({ | 117 | cache_key = blake2s(jsonpickle.encode({ |
117 | 'start': req_start, | 118 | 'start': req_start, |
118 | 'end': req_end, | 119 | 'end': req_end, |
119 | 'rounding': rounding, | 120 | 'client_ids': client_ids, |
120 | 'clients': client_ids, | 121 | }).encode('utf-8'), key = self._session.auth.token.encode('utf-8')).hexdigest() |
121 | 'workspace': self._workspace_id, | ||
122 | 'workspace_clients': self._client_ids | ||
123 | }).encode('utf-8'), key = self._api_token.encode('utf-8')).hexdigest() | ||
124 | cache_path = cache_dir / cache_key[:2] / cache_key[2:4] / f'{cache_key[4:]}.json' | 122 | cache_path = cache_dir / cache_key[:2] / cache_key[2:4] / f'{cache_key[4:]}.json' |
125 | try: | 123 | try: |
126 | with cache_path.open('r', encoding='utf-8') as ch: | 124 | with cache_path.open('r', encoding='utf-8') as ch: |
@@ -130,85 +128,83 @@ class TogglAPI(object): | |||
130 | pass | 128 | pass |
131 | 129 | ||
132 | entries = list() | 130 | entries = list() |
133 | params = { 'since': (req_start - timedelta(days=1)).date().isoformat(), | 131 | params = { |
134 | 'until': (req_end + timedelta(days=1)).date().isoformat(), | 132 | 'begin': self.render_datetime(req_start), |
135 | 'rounding': 'yes' if rounding else 'no', | 133 | 'end': self.render_datetime(req_end), |
136 | 'billable': 'yes' | 134 | 'customers[]': list(client_ids), |
137 | } | 135 | 'billable': 1, |
138 | if client_ids is not None: | 136 | } |
139 | params |= { 'client_ids': ','.join(map(str, client_ids)) } | 137 | |
140 | for page in count(start = 1): | 138 | for entry in self.get_timesheets(params): |
141 | url = self._make_url(api = TogglAPISection.REPORTS, section = ['details'], params = params | { 'page': page }) | 139 | if entry['end'] is None: |
142 | r = self._query(url = url, method='GET') | 140 | continue |
143 | if not r or not r.json(): | 141 | |
144 | raise TogglAPIError(r) | 142 | start = isoparse(entry['begin']) |
145 | report = r.json() | 143 | end = isoparse(entry['end']) |
146 | for entry in report['data']: | 144 | |
147 | start = isoparse(entry['start']) | 145 | if start > req_end or end < req_start: |
148 | end = isoparse(entry['end']) | 146 | continue |
149 | |||
150 | if start > req_end or end < req_start: | ||
151 | continue | ||
152 | 147 | ||
153 | x = min(end, req_end) - max(start, req_start) | 148 | x = min(end, req_end) - max(start, req_start) |
154 | if cache_key: | 149 | if cache_key: |
155 | entries.append(x) | 150 | entries.append(x) |
156 | yield x | 151 | yield x |
157 | if not report['data']: | ||
158 | break | ||
159 | 152 | ||
160 | if cache_path: | 153 | if cache_path: |
161 | cache_path.parent.mkdir(parents=True, exist_ok=True) | 154 | cache_path.parent.mkdir(parents=True, exist_ok=True) |
162 | with cache_path.open('w', encoding='utf-8') as ch: | 155 | with cache_path.open('w', encoding='utf-8') as ch: |
163 | ch.write(jsonpickle.encode(entries)) | 156 | ch.write(jsonpickle.encode(entries)) |
164 | # res = timedelta(milliseconds=report['total_billable']) if report['total_billable'] else timedelta(milliseconds=0) | ||
165 | # return res | ||
166 | 157 | ||
167 | def get_billable_hours(self, start_date, end_date=datetime.now(timezone.utc), rounding=False): | 158 | def get_billable_hours(self, start_date: datetime, end_date: datetime = datetime.now(timezone.utc)) -> timedelta: |
168 | billable_acc = timedelta(milliseconds = 0) | 159 | return sum(self.entry_durations(start_date, end_date=end_date), start=timedelta(milliseconds=0)) |
169 | if 0 in self._client_ids: | ||
170 | url = self._make_url(api = TogglAPISection.TOGGL, section = ['workspaces', self._workspace_id, 'clients']) | ||
171 | r = self._query(url = url, method = 'GET') | ||
172 | if not r or not r.json(): | ||
173 | raise TogglAPIError(r) | ||
174 | 160 | ||
175 | billable_acc += sum(self.entry_durations(start_date, end_date=end_date, rounding=rounding, client_ids=None), start=timedelta(milliseconds=0)) - sum(self.entry_durations(start_date, end_date=end_date, rounding=rounding, client_ids=frozenset(map(lambda c: c['id'], r.json()))), start=timedelta(milliseconds=0)) | 161 | def get_running_entry(self) -> Any | None: |
176 | 162 | kimai_entries = self._session.get('/api/timesheets/active').json() | |
177 | billable_acc += sum(self.entry_durations(start_date, end_date=end_date, rounding=rounding, client_ids=frozenset(*(self._client_ids - {0}))), start=timedelta(milliseconds=0)) | 163 | if not kimai_entries: |
178 | 164 | return None | |
179 | return billable_acc | 165 | entry = kimai_entries[0] |
180 | 166 | ||
181 | def get_running_clock(self, now=datetime.now(timezone.utc)): | 167 | if entry['project']['customer']['id'] not in self._client_ids: |
182 | url = self._make_url(api = TogglAPISection.TOGGL, section = ['me', 'time_entries', 'current']) | 168 | return None |
183 | r = self._query(url = url, method='GET') | ||
184 | 169 | ||
185 | if not r or (not r.json() and r.json() is not None): | 170 | return entry |
186 | raise TogglAPIError(r) | ||
187 | 171 | ||
188 | if not r.json() or not r.json()['billable']: | 172 | def get_running_clock(self, now: datetime = datetime.now(timezone.utc)) -> timedelta | None: |
173 | entry = self.get_running_entry() | ||
174 | if not entry: | ||
189 | return None | 175 | return None |
176 | start = isoparse(entry['begin']) | ||
177 | return now - start if start <= now else None | ||
190 | 178 | ||
191 | if self._client_ids is not None: | 179 | def get_recent_entries(self) -> Generator[Any]: |
192 | if 'pid' in r.json() and r.json()['pid']: | 180 | step = timedelta(days = 7) |
193 | url = self._make_url(api = TogglAPISection.TOGGL, section = ['projects', str(r.json()['pid'])]) | 181 | now = datetime.now().astimezone(timezone.utc) |
194 | pr = self._query(url = url, method = 'GET') | 182 | ids = set() |
195 | if not pr or not pr.json(): | 183 | for req_end in (now - step * i for i in count()): |
196 | raise TogglAPIError(pr) | 184 | params = { |
185 | 'begin': self.render_datetime(req_end - step), | ||
186 | 'end': self.render_datetime(req_end), | ||
187 | 'full': 'true', | ||
188 | } | ||
189 | for entry in self.get_timesheets(params): | ||
190 | if entry['id'] in ids: | ||
191 | continue | ||
192 | ids.add(entry['id']) | ||
193 | yield entry | ||
197 | 194 | ||
198 | if not pr.json(): | 195 | def start_clock(self, project_id: int, activity_id: int, description: str | None = None, tags: Iterable[str] | None = None, billable: bool = True): |
199 | return None | 196 | self._session.post('/api/timesheets', json={ |
197 | 'begin': self.render_datetime(datetime.now()), | ||
198 | 'project': project_id, | ||
199 | 'activity': activity_id, | ||
200 | 'description': description if description else '', | ||
201 | 'tags': (','.join(tags)) if tags else '', | ||
202 | 'billable': billable, | ||
203 | }).raise_for_status() | ||
200 | 204 | ||
201 | if 'cid' in pr.json() and pr.json()['cid']: | 205 | def stop_clock(self, running_id: int): |
202 | if pr.json()['cid'] not in self._client_ids: | 206 | self._session.patch(f'/api/timesheets/{running_id}/stop').raise_for_status() |
203 | return None | ||
204 | elif 0 not in self._client_ids: | ||
205 | return None | ||
206 | elif 0 not in self._client_ids: | ||
207 | return None | ||
208 | 207 | ||
209 | start = isoparse(r.json()['start']) | ||
210 | |||
211 | return now - start if start <= now else None | ||
212 | 208 | ||
213 | class Worktime(object): | 209 | class Worktime(object): |
214 | time_worked = timedelta() | 210 | time_worked = timedelta() |
@@ -281,10 +277,10 @@ class Worktime(object): | |||
281 | 277 | ||
282 | config = Worktime.config() | 278 | config = Worktime.config() |
283 | config_dir = BaseDirectory.load_first_config('worktime') | 279 | config_dir = BaseDirectory.load_first_config('worktime') |
284 | api = TogglAPI( | 280 | api = KimaiAPI( |
285 | api_token=config.get("TOGGL", {}).get("ApiToken", None), | 281 | base_url=config.get("KIMAI", {}).get("BaseUrl", None), |
286 | workspace_id=config.get("TOGGL", {}).get("Workspace", None), | 282 | api_token=config.get("KIMAI", {}).get("ApiToken", None), |
287 | client_ids=config.get("TOGGL", {}).get("ClientIds", None) | 283 | clients=config.get("KIMAI", {}).get("Clients", None) |
288 | ) | 284 | ) |
289 | date_format = config.get("WORKTIME", {}).get("DateFormat", '%Y-%m-%d') | 285 | date_format = config.get("WORKTIME", {}).get("DateFormat", '%Y-%m-%d') |
290 | 286 | ||
@@ -496,7 +492,7 @@ class Worktime(object): | |||
496 | 492 | ||
497 | self.time_to_work += self.time_pulled_forward | 493 | self.time_to_work += self.time_pulled_forward |
498 | 494 | ||
499 | self.time_worked += api.get_billable_hours(self.start_date, self.now, rounding = config.get("WORKTIME", {}).get("rounding", True)) | 495 | self.time_worked += api.get_billable_hours(self.start_date, self.now) |
500 | 496 | ||
501 | def format_days(worktime, days, date_format=None): | 497 | def format_days(worktime, days, date_format=None): |
502 | if not date_format: | 498 | if not date_format: |
@@ -886,7 +882,7 @@ def main(): | |||
886 | 882 | ||
887 | config = Worktime.config() | 883 | config = Worktime.config() |
888 | 884 | ||
889 | parser = argparse.ArgumentParser(prog = "worktime", description = 'Track worktime using toggl API') | 885 | parser = argparse.ArgumentParser(prog = "worktime", description = 'Track worktime using Kimai API') |
890 | parser.add_argument('--time', dest = 'now', metavar = 'TIME', type = isotime, help = 'Time to calculate status for (default: current time)', default = datetime.now(tzlocal())) | 886 | parser.add_argument('--time', dest = 'now', metavar = 'TIME', type = isotime, help = 'Time to calculate status for (default: current time)', default = datetime.now(tzlocal())) |
891 | parser.add_argument('--start', dest = 'start_datetime', metavar = 'TIME', type = isotime, help = 'Time to calculate status from (default: None)', default = None) | 887 | parser.add_argument('--start', dest = 'start_datetime', metavar = 'TIME', type = isotime, help = 'Time to calculate status from (default: None)', default = None) |
892 | parser.add_argument('--no-running', dest = 'include_running', action = 'store_false') | 888 | parser.add_argument('--no-running', dest = 'include_running', action = 'store_false') |
@@ -923,5 +919,139 @@ def main(): | |||
923 | 919 | ||
924 | args.cmd(**vars(args)) | 920 | args.cmd(**vars(args)) |
925 | 921 | ||
922 | async def ui_update_options(api, cache_path): | ||
923 | options = set() | ||
924 | sort_order = dict() | ||
925 | entry_iter = enumerate(api.get_recent_entries()) | ||
926 | loop = asyncio.get_event_loop() | ||
927 | start = clock_gettime_ns(CLOCK_MONOTONIC) | ||
928 | while item := await loop.run_in_executor(None, next, entry_iter): | ||
929 | ix, entry = item | ||
930 | if len(options) >= 20 or ix >= 1000: | ||
931 | break | ||
932 | elif len(options) >= 3: | ||
933 | now = clock_gettime_ns(CLOCK_MONOTONIC) | ||
934 | if now - start >= 4000000000: | ||
935 | break | ||
936 | |||
937 | option = frozendict({ | ||
938 | 'tags': frozenset(entry['tags']), | ||
939 | 'activity': frozendict({'id': entry['activity']['id'], 'name': entry['activity']['name']}), | ||
940 | 'project': frozendict({'id': entry['project']['id'], 'customer': entry['project']['customer']['name'], 'name': entry['project']['name']}), | ||
941 | 'description': entry['description'] if entry['description'] else None, | ||
942 | 'billable': entry['billable'], | ||
943 | }) | ||
944 | sort_value = isoparse(entry['begin']) | ||
945 | if option in sort_order: | ||
946 | sort_value = max(sort_value, sort_order[option]) | ||
947 | sort_order[option] = sort_value | ||
948 | options.add(option) | ||
949 | |||
950 | options = list(sorted(options, key = lambda o: sort_order[o], reverse = True)) | ||
951 | |||
952 | with AtomicWriter(cache_path, overwrite=True) as ch: | ||
953 | ch.write_text(jsonpickle.encode(options)) | ||
954 | |||
955 | return options | ||
956 | |||
957 | def ui_render_option(option): | ||
958 | res = '' | ||
959 | if option['description']: | ||
960 | res += '„{}“, '.format(option['description']) | ||
961 | res += option['activity']['name'] + ', ' | ||
962 | res += option['project']['name'] | ||
963 | if option['project']['customer'] not in option['project']['name']: | ||
964 | res += ' ({})'.format(option['project']['customer']) | ||
965 | if option['tags']: | ||
966 | res += ', {}'.format(' '.join(map(lambda t: '#{}'.format(t), option['tags']))) | ||
967 | if not option['billable']: | ||
968 | res += ', not billable' | ||
969 | return res | ||
970 | |||
971 | async def ui_main(): | ||
972 | cache_path = Path(BaseDirectory.save_cache_path('worktime-ui')) / 'options.json' | ||
973 | options = None | ||
974 | try: | ||
975 | with cache_path.open('r', encoding='utf-8') as ch: | ||
976 | options = jsonpickle.decode(ch.read()) | ||
977 | except FileNotFoundError: | ||
978 | pass | ||
979 | |||
980 | config = Worktime.config() | ||
981 | api = KimaiAPI( | ||
982 | base_url=config.get("KIMAI", {}).get("BaseUrl", None), | ||
983 | api_token=config.get("KIMAI", {}).get("ApiToken", None), | ||
984 | clients=config.get("KIMAI", {}).get("Clients", None) | ||
985 | ) | ||
986 | running_entry = api.get_running_entry() | ||
987 | |||
988 | async with asyncio.TaskGroup() as tg: | ||
989 | update_options = tg.create_task(ui_update_options(api, cache_path)) | ||
990 | if not options: | ||
991 | options = await update_options | ||
992 | |||
993 | read_fd, write_fd = os.pipe() | ||
994 | w_pipe = open(write_fd, 'wb', 0) | ||
995 | loop = asyncio.get_event_loop() | ||
996 | w_transport, _ = await loop.connect_write_pipe( | ||
997 | asyncio.Protocol, | ||
998 | w_pipe, | ||
999 | ) | ||
1000 | r_pipe = open(read_fd, 'rb', 0) | ||
1001 | |||
1002 | proc = await asyncio.create_subprocess_exec( | ||
1003 | "fuzzel", "--dmenu", "--index", "--width=60", | ||
1004 | stdout = asyncio.subprocess.PIPE, | ||
1005 | stdin = r_pipe, | ||
1006 | ) | ||
1007 | |||
1008 | with closing(w_transport) as t: | ||
1009 | if running_entry: | ||
1010 | t.write(b'Stop running timesheet\n') | ||
1011 | for option in options: | ||
1012 | t.write(ui_render_option(option).encode('utf-8') + b'\n') | ||
1013 | |||
1014 | stdout, _ = await proc.communicate() | ||
1015 | if proc.returncode != 0: | ||
1016 | return | ||
1017 | fuzzel_out = int(stdout.decode('utf-8')) | ||
1018 | if fuzzel_out < 0 or fuzzel_out >= len(options): | ||
1019 | return | ||
1020 | elif running_entry and fuzzel_out == 0: | ||
1021 | api.stop_clock(running_entry['id']) | ||
1022 | await notify.Server('worktime').Notify("Stopped running timesheet").set_timeout(65000).show() | ||
1023 | else: | ||
1024 | if running_entry: | ||
1025 | fuzzel_out -= 1 | ||
1026 | option = options[fuzzel_out] | ||
1027 | api.start_clock( | ||
1028 | project_id = option['project']['id'], | ||
1029 | activity_id = option['activity']['id'], | ||
1030 | description = option['description'], | ||
1031 | tags = option['tags'], | ||
1032 | billable = option['billable'], | ||
1033 | ) | ||
1034 | await notify.Server('worktime').Notify("Timesheet started…").set_timeout(65000).show() | ||
1035 | |||
1036 | |||
1037 | def ui(): | ||
1038 | asyncio.run(ui_main()) | ||
1039 | |||
1040 | async def stop_main(): | ||
1041 | config = Worktime.config() | ||
1042 | api = KimaiAPI( | ||
1043 | base_url=config.get("KIMAI", {}).get("BaseUrl", None), | ||
1044 | api_token=config.get("KIMAI", {}).get("ApiToken", None), | ||
1045 | clients=config.get("KIMAI", {}).get("Clients", None) | ||
1046 | ) | ||
1047 | if running_entry := api.get_running_entry(): | ||
1048 | api.stop_clock(running_entry['id']) | ||
1049 | await notify.Server('worktime').Notify("Stopped running timesheet").set_timeout(65000).show() | ||
1050 | else: | ||
1051 | await notify.Server('worktime').Notify("No timesheet currently running").set_timeout(65000).show() | ||
1052 | |||
1053 | def stop(): | ||
1054 | asyncio.run(stop_main()) | ||
1055 | |||
926 | if __name__ == "__main__": | 1056 | if __name__ == "__main__": |
927 | sys.exit(main()) | 1057 | sys.exit(main()) |
@@ -3,6 +3,12 @@ let | |||
3 | pkgs = self.legacyPackages.${system}; | 3 | pkgs = self.legacyPackages.${system}; |
4 | utils = import ./utils { inherit (nixpkgs) lib; }; | 4 | utils = import ./utils { inherit (nixpkgs) lib; }; |
5 | inherit (utils) nixImport; | 5 | inherit (utils) nixImport; |
6 | uv-links = pkgs.symlinkJoin { | ||
7 | name = "uv-links"; | ||
8 | paths = [ | ||
9 | pkgs.python312.pkgs.pygobject3 | ||
10 | ]; | ||
11 | }; | ||
6 | in pkgs.mkShell { | 12 | in pkgs.mkShell { |
7 | nativeBuildInputs = builtins.attrValues self.packages.${system} ++ (with pkgs; [ | 13 | nativeBuildInputs = builtins.attrValues self.packages.${system} ++ (with pkgs; [ |
8 | sops | 14 | sops |
@@ -15,5 +21,9 @@ in pkgs.mkShell { | |||
15 | nvfetcher.packages.${system}.default | 21 | nvfetcher.packages.${system}.default |
16 | ca-util.packages.${system}.ca | 22 | ca-util.packages.${system}.ca |
17 | poetry uv | 23 | poetry uv |
24 | ninja pkg-config cairo.dev systemd.dev | ||
18 | ]); | 25 | ]); |
26 | shellHook = '' | ||
27 | export UV_FIND_LINKS=${uv-links}/lib/python3.12/site-packages | ||
28 | ''; | ||
19 | } | 29 | } |
diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix index 229a007e..e5f9dc16 100644 --- a/system-profiles/core/default.nix +++ b/system-profiles/core/default.nix | |||
@@ -180,13 +180,7 @@ in { | |||
180 | }; | 180 | }; |
181 | environment.systemPackages = with pkgs; [ git-annex scutiger ]; | 181 | environment.systemPackages = with pkgs; [ git-annex scutiger ]; |
182 | } | 182 | } |
183 | ] ++ (optional (options ? system.switch.enableNg) { | 183 | ] ++ (optional (options ? system.rebuild.enableNg) { |
184 | system.switch = lib.mkDefault { | ||
185 | enable = false; | ||
186 | enableNg = true; | ||
187 | }; | ||
188 | }) | ||
189 | ++ (optional (options ? system.rebuild.enableNg) { | ||
190 | system.rebuild.enableNg = lib.mkDefault true; | 184 | system.rebuild.enableNg = lib.mkDefault true; |
191 | }) | 185 | }) |
192 | ++ (optional (options ? services.userborn) { | 186 | ++ (optional (options ? services.userborn) { |
diff --git a/system-profiles/nfsroot.nix b/system-profiles/nfsroot.nix index b0116d61..e3dc2d2e 100644 --- a/system-profiles/nfsroot.nix +++ b/system-profiles/nfsroot.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { config, options, pkgs, lib, flake, flakeInputs, ... }: | 1 | { config, options, pkgs, lib, flake, ... }: |
2 | 2 | ||
3 | with lib; | 3 | with lib; |
4 | 4 | ||
@@ -86,7 +86,7 @@ in { | |||
86 | mkdir -p /mnt-root/etc/ | 86 | mkdir -p /mnt-root/etc/ |
87 | cp /etc/resolv.conf /mnt-root/etc/resolv.conf | 87 | cp /etc/resolv.conf /mnt-root/etc/resolv.conf |
88 | ''; | 88 | ''; |
89 | networking.useDHCP = true; | 89 | networking.useDHCP = mkImageMediaOverride true; |
90 | networking.resolvconf.enable = false; | 90 | networking.resolvconf.enable = false; |
91 | networking.dhcpcd.persistent = true; | 91 | networking.dhcpcd.persistent = true; |
92 | 92 | ||
diff --git a/system-profiles/zfs.nix b/system-profiles/zfs.nix index a93dddd2..af9f1c17 100644 --- a/system-profiles/zfs.nix +++ b/system-profiles/zfs.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { pkgs, lib, ... } : { | 1 | { config, pkgs, lib, ... } : { |
2 | config = { | 2 | config = { |
3 | boot = { | 3 | boot = { |
4 | kernelPackages = pkgs.linuxPackages_6_12; | 4 | kernelPackages = pkgs.linuxPackages_6_12; |
diff --git a/user-profiles/tmux/default.nix b/user-profiles/tmux/default.nix index dc4e791f..7ea0c0d5 100644 --- a/user-profiles/tmux/default.nix +++ b/user-profiles/tmux/default.nix | |||
@@ -16,8 +16,8 @@ | |||
16 | 16 | ||
17 | installPhase = '' | 17 | installPhase = '' |
18 | substitute $src $out \ | 18 | substitute $src $out \ |
19 | --subst-var-by zsh ${config.programs.zsh.package} \ | 19 | --subst-var-by zsh ${lib.getExe config.programs.zsh.package} \ |
20 | --subst-var-by man ${config.programs.man.package} | 20 | --subst-var-by man ${lib.getExe config.programs.man.package} |
21 | ''; | 21 | ''; |
22 | }); | 22 | }); |
23 | }; | 23 | }; |
diff --git a/user-profiles/yt-dlp.nix b/user-profiles/yt-dlp.nix index ef0be87e..5c9858a6 100644 --- a/user-profiles/yt-dlp.nix +++ b/user-profiles/yt-dlp.nix | |||
@@ -13,11 +13,12 @@ | |||
13 | "best" | 13 | "best" |
14 | ]; | 14 | ]; |
15 | embed-subs = true; | 15 | embed-subs = true; |
16 | embed-thumbnail = true; | ||
17 | embed-metadata = true; | ||
16 | # write-subs = true; | 18 | # write-subs = true; |
17 | write-auto-subs = true; | 19 | write-auto-subs = true; |
18 | sub-langs = "en(-(gb|us|orig))?,de(-(de|orig))?,-live_chat,-rechat"; | 20 | sub-langs = "en(-(gb|us|orig))?,de(-(de|orig))?,-live_chat,-rechat"; |
19 | prefer-free-formats = true; | 21 | prefer-free-formats = true; |
20 | embed-metadata = true; | ||
21 | # downloader = "${pkgs.axel}/bin/axel"; | 22 | # downloader = "${pkgs.axel}/bin/axel"; |
22 | concurrent-fragments = 12; | 23 | concurrent-fragments = 12; |
23 | buffer-size = "16K"; | 24 | buffer-size = "16K"; |
@@ -29,6 +30,7 @@ | |||
29 | # ]; | 30 | # ]; |
30 | remux-video = "mp4>mkv"; | 31 | remux-video = "mp4>mkv"; |
31 | output = lib.mkDefault "\"%(modified_date>%Y%m%d,release_date>%Y%m%d,upload_date>%Y%m%d)s %(title)s [%(uploader)s %(webpage_url)s].%(ext)s\""; | 32 | output = lib.mkDefault "\"%(modified_date>%Y%m%d,release_date>%Y%m%d,upload_date>%Y%m%d)s %(title)s [%(uploader)s %(webpage_url)s].%(ext)s\""; |
33 | audio-multistreams = true; | ||
32 | }; | 34 | }; |
33 | }; | 35 | }; |
34 | }; | 36 | }; |
diff --git a/user-profiles/zsh/default.nix b/user-profiles/zsh/default.nix index 973ff775..ab523a52 100644 --- a/user-profiles/zsh/default.nix +++ b/user-profiles/zsh/default.nix | |||
@@ -21,6 +21,8 @@ | |||
21 | abbreviations = { | 21 | abbreviations = { |
22 | re = "systemctl restart"; | 22 | re = "systemctl restart"; |
23 | ure = "systemctl --user restart"; | 23 | ure = "systemctl --user restart"; |
24 | st = "systemctl status"; | ||
25 | ust = "systemctl --user status"; | ||
24 | }; | 26 | }; |
25 | globalAbbreviations = { | 27 | globalAbbreviations = { |
26 | "L" = "| less"; | 28 | "L" = "| less"; |
@@ -28,6 +30,7 @@ | |||
28 | "G" = "| grep"; | 30 | "G" = "| grep"; |
29 | "B" = "&> /dev/null &"; | 31 | "B" = "&> /dev/null &"; |
30 | "BB" = "&> /dev/null &!"; | 32 | "BB" = "&> /dev/null &!"; |
33 | "J" = lib.mkIf config.programs.jq.enable "| jq '.'"; | ||
31 | }; | 34 | }; |
32 | }; | 35 | }; |
33 | 36 | ||