summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--_sources/generated.json26
-rw-r--r--_sources/generated.nix26
-rw-r--r--accounts/gkleen@eostre.nix8
-rw-r--r--accounts/gkleen@installer.nix8
-rw-r--r--accounts/gkleen@sif/default.nix31
-rw-r--r--accounts/gkleen@sif/niri/default.nix14
-rw-r--r--accounts/gkleen@sif/niri/mako.nix54
-rw-r--r--accounts/gkleen@sif/systemd.nix32
-rw-r--r--accounts/gkleen@sif/zshrc80
-rw-r--r--accounts/gkleen@surtr.nix8
-rw-r--r--accounts/gkleen@vidhar.nix4
-rw-r--r--accounts/mherold@eostre.nix6
-rw-r--r--accounts/root@installer.nix8
-rw-r--r--accounts/root@sif.nix8
-rw-r--r--accounts/root@surtr.nix8
-rw-r--r--accounts/root@vidhar.nix9
-rw-r--r--flake.lock72
-rw-r--r--hosts/sif/default.nix34
-rw-r--r--hosts/sif/ruleset.nft8
-rw-r--r--hosts/surtr/email/default.nix14
-rw-r--r--hosts/surtr/vpn/default.nix8
-rw-r--r--hosts/surtr/vpn/geri.pub2
-rw-r--r--hosts/vidhar/network/dhcp/default.nix88
-rw-r--r--installer-profiles/cd-dvd.nix8
-rw-r--r--installer-profiles/netboot.nix5
-rw-r--r--installer-profiles/nfsroot.nix2
-rw-r--r--installer/default.nix2
-rw-r--r--modules/i18n.nix156
-rw-r--r--modules/installer.nix56
-rw-r--r--modules/postsrsd.nix157
-rw-r--r--overlays/cake-prometheus-exporter/default.nix11
-rw-r--r--overlays/inwx-cdnskey/default.nix11
-rw-r--r--overlays/nftables-prometheus-exporter/default.nix11
-rw-r--r--overlays/persistent-nix-shell/default.nix5
-rw-r--r--overlays/postsrsd.nix11
-rw-r--r--overlays/zte-prometheus-exporter/default.nix11
-rw-r--r--system-profiles/core/default.nix26
-rw-r--r--system-profiles/default-locale.nix27
-rw-r--r--system-profiles/rebuild-machines/default.nix20
-rw-r--r--user-profiles/feeds/alot.config50
-rw-r--r--user-profiles/feeds/default.nix11
-rw-r--r--user-profiles/feeds/imm-notmuch-insert.py52
-rw-r--r--user-profiles/feeds/module.nix236
-rw-r--r--user-profiles/tmux/default.nix10
-rw-r--r--user-profiles/tmux/tmux.conf9
-rw-r--r--user-profiles/utils.nix4
-rw-r--r--user-profiles/zsh/default.nix95
-rw-r--r--user-profiles/zsh/zshrc6
-rw-r--r--users/gkleen/default.nix2
-rw-r--r--users/root.nix2
50 files changed, 795 insertions, 757 deletions
diff --git a/_sources/generated.json b/_sources/generated.json
index b3604420..be1e12e9 100644
--- a/_sources/generated.json
+++ b/_sources/generated.json
@@ -270,11 +270,11 @@
270 "pinned": false, 270 "pinned": false,
271 "src": { 271 "src": {
272 "name": null, 272 "name": null,
273 "sha256": "sha256-D0UnGL0H+zua5fJAoBbfEyU4ZdjQXf6LeQ+475oVKow=", 273 "sha256": "sha256-8kd17ChqLuVH5/OdPc2rVDKEDWHl9ZWLh8k+EBrCGH8=",
274 "type": "url", 274 "type": "url",
275 "url": "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.86/netboot.xyz.efi" 275 "url": "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.87/netboot.xyz.efi"
276 }, 276 },
277 "version": "2.0.86" 277 "version": "2.0.87"
278 }, 278 },
279 "netbootxyz-lkrn": { 279 "netbootxyz-lkrn": {
280 "cargoLocks": null, 280 "cargoLocks": null,
@@ -285,11 +285,11 @@
285 "pinned": false, 285 "pinned": false,
286 "src": { 286 "src": {
287 "name": null, 287 "name": null,
288 "sha256": "sha256-zUuvv/MCXhgqBCa4dl4+bWtS+Z1PCDRUX0pGLonaWpY=", 288 "sha256": "sha256-/qY3NdRC0SghQ4kamrkm9EFumrKlirqDCJ+XY+jHWLA=",
289 "type": "url", 289 "type": "url",
290 "url": "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.86/netboot.xyz.lkrn" 290 "url": "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.87/netboot.xyz.lkrn"
291 }, 291 },
292 "version": "2.0.86" 292 "version": "2.0.87"
293 }, 293 },
294 "postfix-mta-sts-resolver": { 294 "postfix-mta-sts-resolver": {
295 "cargoLocks": null, 295 "cargoLocks": null,
@@ -437,7 +437,7 @@
437 }, 437 },
438 "v4l2loopback": { 438 "v4l2loopback": {
439 "cargoLocks": null, 439 "cargoLocks": null,
440 "date": "2025-04-16", 440 "date": "2025-04-29",
441 "extract": null, 441 "extract": null,
442 "name": "v4l2loopback", 442 "name": "v4l2loopback",
443 "passthru": null, 443 "passthru": null,
@@ -449,12 +449,12 @@
449 "name": null, 449 "name": null,
450 "owner": "umlaeute", 450 "owner": "umlaeute",
451 "repo": "v4l2loopback", 451 "repo": "v4l2loopback",
452 "rev": "119543510c0455f4e6517ae82d81d65354225a31", 452 "rev": "8d806ad688961d8840081a609c39d1a82d296b24",
453 "sha256": "sha256-1SAYXV0KEQEQEiQbBom2YHoeDzuDWkmCmcetlU85h/M=", 453 "sha256": "sha256-zuE/qFI8QCWCePmHWjTIPTh2KzmDkwQ2uj5C1dAwo1c=",
454 "sparseCheckout": [], 454 "sparseCheckout": [],
455 "type": "github" 455 "type": "github"
456 }, 456 },
457 "version": "119543510c0455f4e6517ae82d81d65354225a31" 457 "version": "8d806ad688961d8840081a609c39d1a82d296b24"
458 }, 458 },
459 "xcompose": { 459 "xcompose": {
460 "cargoLocks": null, 460 "cargoLocks": null,
@@ -486,10 +486,10 @@
486 "pinned": false, 486 "pinned": false,
487 "src": { 487 "src": {
488 "name": null, 488 "name": null,
489 "sha256": "sha256-G/4OZg0acKCeJ7LVj5LjCx4uNizEh4KfL4JDRq5J+5E=", 489 "sha256": "sha256-0BNn0MOulONcseLsy3p8cOGBxMpEj07iN08mSJ0mNgM=",
490 "type": "url", 490 "type": "url",
491 "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.3.31.tar.gz" 491 "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.4.30.tar.gz"
492 }, 492 },
493 "version": "2025.3.31" 493 "version": "2025.4.30"
494 } 494 }
495} \ No newline at end of file 495} \ No newline at end of file
diff --git a/_sources/generated.nix b/_sources/generated.nix
index c3b65800..ff85bc0d 100644
--- a/_sources/generated.nix
+++ b/_sources/generated.nix
@@ -164,18 +164,18 @@
164 }; 164 };
165 netbootxyz-efi = { 165 netbootxyz-efi = {
166 pname = "netbootxyz-efi"; 166 pname = "netbootxyz-efi";
167 version = "2.0.86"; 167 version = "2.0.87";
168 src = fetchurl { 168 src = fetchurl {
169 url = "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.86/netboot.xyz.efi"; 169 url = "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.87/netboot.xyz.efi";
170 sha256 = "sha256-D0UnGL0H+zua5fJAoBbfEyU4ZdjQXf6LeQ+475oVKow="; 170 sha256 = "sha256-8kd17ChqLuVH5/OdPc2rVDKEDWHl9ZWLh8k+EBrCGH8=";
171 }; 171 };
172 }; 172 };
173 netbootxyz-lkrn = { 173 netbootxyz-lkrn = {
174 pname = "netbootxyz-lkrn"; 174 pname = "netbootxyz-lkrn";
175 version = "2.0.86"; 175 version = "2.0.87";
176 src = fetchurl { 176 src = fetchurl {
177 url = "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.86/netboot.xyz.lkrn"; 177 url = "https://github.com/netbootxyz/netboot.xyz/releases/download/2.0.87/netboot.xyz.lkrn";
178 sha256 = "sha256-zUuvv/MCXhgqBCa4dl4+bWtS+Z1PCDRUX0pGLonaWpY="; 178 sha256 = "sha256-/qY3NdRC0SghQ4kamrkm9EFumrKlirqDCJ+XY+jHWLA=";
179 }; 179 };
180 }; 180 };
181 postfix-mta-sts-resolver = { 181 postfix-mta-sts-resolver = {
@@ -270,15 +270,15 @@
270 }; 270 };
271 v4l2loopback = { 271 v4l2loopback = {
272 pname = "v4l2loopback"; 272 pname = "v4l2loopback";
273 version = "119543510c0455f4e6517ae82d81d65354225a31"; 273 version = "8d806ad688961d8840081a609c39d1a82d296b24";
274 src = fetchFromGitHub { 274 src = fetchFromGitHub {
275 owner = "umlaeute"; 275 owner = "umlaeute";
276 repo = "v4l2loopback"; 276 repo = "v4l2loopback";
277 rev = "119543510c0455f4e6517ae82d81d65354225a31"; 277 rev = "8d806ad688961d8840081a609c39d1a82d296b24";
278 fetchSubmodules = true; 278 fetchSubmodules = true;
279 sha256 = "sha256-1SAYXV0KEQEQEiQbBom2YHoeDzuDWkmCmcetlU85h/M="; 279 sha256 = "sha256-zuE/qFI8QCWCePmHWjTIPTh2KzmDkwQ2uj5C1dAwo1c=";
280 }; 280 };
281 date = "2025-04-16"; 281 date = "2025-04-29";
282 }; 282 };
283 xcompose = { 283 xcompose = {
284 pname = "xcompose"; 284 pname = "xcompose";
@@ -294,10 +294,10 @@
294 }; 294 };
295 yt-dlp = { 295 yt-dlp = {
296 pname = "yt-dlp"; 296 pname = "yt-dlp";
297 version = "2025.3.31"; 297 version = "2025.4.30";
298 src = fetchurl { 298 src = fetchurl {
299 url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.3.31.tar.gz"; 299 url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.4.30.tar.gz";
300 sha256 = "sha256-G/4OZg0acKCeJ7LVj5LjCx4uNizEh4KfL4JDRq5J+5E="; 300 sha256 = "sha256-0BNn0MOulONcseLsy3p8cOGBxMpEj07iN08mSJ0mNgM=";
301 }; 301 };
302 }; 302 };
303} 303}
diff --git a/accounts/gkleen@eostre.nix b/accounts/gkleen@eostre.nix
index 72818d44..28daf3fd 100644
--- a/accounts/gkleen@eostre.nix
+++ b/accounts/gkleen@eostre.nix
@@ -1,16 +1,16 @@
1{ flake, userName, pkgs, ... }: 1{ flake, userName, pkgs, ... }:
2{ 2{
3 imports = with flake.nixosModules.userProfiles.${userName}; [ 3 imports = with flake.nixosModules.userProfiles.${userName}; [
4 zsh utils tmux 4 utils
5 ]; 5 ];
6 6
7 config = { 7 config = {
8 home-manager.users.${userName} = { 8 home-manager.users.${userName} = {
9 home.stateVersion = "20.09"; 9 home.stateVersion = "20.09";
10 10
11 nixpkgs.config = { 11 # nixpkgs.config = {
12 allowUnfree = true; 12 # allowUnfree = true;
13 }; 13 # };
14 14
15 home.packages = with pkgs; [ 15 home.packages = with pkgs; [
16 thunderbird libreoffice element-desktop keepassxc vlc 16 thunderbird libreoffice element-desktop keepassxc vlc
diff --git a/accounts/gkleen@installer.nix b/accounts/gkleen@installer.nix
index c7a418f8..5fe1db38 100644
--- a/accounts/gkleen@installer.nix
+++ b/accounts/gkleen@installer.nix
@@ -1,7 +1,11 @@
1{ userName, ... }: 1{ flake, userName, ... }:
2 2
3{ 3{
4 home-manager.users.${userName} = { config, ... } : { 4 imports = with flake.nixosModules.userProfiles.${userName}; [
5 zsh tmux
6 ];
7
8 config.home-manager.users.${userName} = { config, ... } : {
5 home.stateVersion = config.home.version.release; 9 home.stateVersion = config.home.version.release;
6 }; 10 };
7} 11}
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix
index b46d021e..80f03e49 100644
--- a/accounts/gkleen@sif/default.nix
+++ b/accounts/gkleen@sif/default.nix
@@ -63,7 +63,7 @@ let
63 }; 63 };
64in { 64in {
65 imports = with flake.nixosModules.userProfiles.${userName}; [ 65 imports = with flake.nixosModules.userProfiles.${userName}; [
66 mpv yt-dlp (args: import ./xcompose.nix (inputs // args)) 66 zsh tmux mpv yt-dlp (args: import ./xcompose.nix (inputs // args))
67 ]; 67 ];
68 68
69 config = { 69 config = {
@@ -77,10 +77,10 @@ in {
77 77
78 home.stateVersion = "20.09"; 78 home.stateVersion = "20.09";
79 79
80 nixpkgs.config = { 80 # nixpkgs.config = {
81 allowUnfree = true; 81 # allowUnfree = true;
82 zathura.useMupdf = false; 82 # zathura.useMupdf = false;
83 }; 83 # };
84 84
85 nix.registry = { 85 nix.registry = {
86 "flk" = { 86 "flk" = {
@@ -186,7 +186,7 @@ in {
186 gpu-api = "vulkan"; 186 gpu-api = "vulkan";
187 }; 187 };
188 188
189 zsh.initExtra = let 189 zsh.initContent = let
190 zshrc = pkgs.resholve.mkDerivation { 190 zshrc = pkgs.resholve.mkDerivation {
191 pname = "zshrc"; 191 pname = "zshrc";
192 version = "0.0.0"; 192 version = "0.0.0";
@@ -219,7 +219,6 @@ in {
219 gnutar 219 gnutar
220 cpio 220 cpio
221 magic-wormhole 221 magic-wormhole
222 quickserve
223 cfg.programs.zsh.package 222 cfg.programs.zsh.package
224 fuse 223 fuse
225 util-linux 224 util-linux
@@ -232,6 +231,7 @@ in {
232 config.systemd.package 231 config.systemd.package
233 config.programs.ssh.package 232 config.programs.ssh.package
234 gnused 233 gnused
234 miniserve
235 ]; 235 ];
236 execer = with pkgs; [ 236 execer = with pkgs; [
237 "cannot:${lib.getExe' rpm "rpm2cpio"}" 237 "cannot:${lib.getExe' rpm "rpm2cpio"}"
@@ -240,7 +240,6 @@ in {
240 "cannot:${lib.getExe cfg.programs.git.package}" 240 "cannot:${lib.getExe cfg.programs.git.package}"
241 "cannot:${lib.getExe cpio}" 241 "cannot:${lib.getExe cpio}"
242 "cannot:${lib.getExe' magic-wormhole "wormhole"}" 242 "cannot:${lib.getExe' magic-wormhole "wormhole"}"
243 "cannot:${lib.getExe quickserve}"
244 "cannot:${lib.getExe' fuse "fusermount"}" 243 "cannot:${lib.getExe' fuse "fusermount"}"
245 "cannot:${lib.getExe less}" 244 "cannot:${lib.getExe less}"
246 "cannot:${lib.getExe' config.systemd.package "systemctl"}" 245 "cannot:${lib.getExe' config.systemd.package "systemctl"}"
@@ -322,14 +321,6 @@ in {
322 "kitty_mod+m" = "detach_window ask"; 321 "kitty_mod+m" = "detach_window ask";
323 }; 322 };
324 }; 323 };
325 wpaperd = {
326 enable = true;
327 settings.default = {
328 path = "~/.wallpapers";
329 duration = "15m";
330 mode = "center";
331 };
332 };
333 fuzzel = { 324 fuzzel = {
334 enable = true; 325 enable = true;
335 settings = { 326 settings = {
@@ -360,6 +351,14 @@ in {
360 }; 351 };
361 352
362 services = { 353 services = {
354 wpaperd = {
355 enable = true;
356 settings.default = {
357 path = "~/.wallpapers";
358 duration = "15m";
359 mode = "center";
360 };
361 };
363 emacs = { 362 emacs = {
364 enable = true; 363 enable = true;
365 socketActivation.enable = true; 364 socketActivation.enable = true;
diff --git a/accounts/gkleen@sif/niri/default.nix b/accounts/gkleen@sif/niri/default.nix
index 732e3c7a..a9b4b0f8 100644
--- a/accounts/gkleen@sif/niri/default.nix
+++ b/accounts/gkleen@sif/niri/default.nix
@@ -249,7 +249,7 @@ in {
249 import os 249 import os
250 import socket 250 import socket
251 import json 251 import json
252 import sys 252 # import sys
253 from collections import defaultdict 253 from collections import defaultdict
254 from threading import Thread, Lock 254 from threading import Thread, Lock
255 from socketserver import StreamRequestHandler, ThreadingTCPServer 255 from socketserver import StreamRequestHandler, ThreadingTCPServer
@@ -275,7 +275,7 @@ in {
275 def focus_workspace(output, workspace): 275 def focus_workspace(output, workspace):
276 with history_lock: 276 with history_lock:
277 workspace_history[output] = [workspace] + [ws for ws in workspace_history[output] if ws != workspace] # noqa: E501 277 workspace_history[output] = [workspace] + [ws for ws in workspace_history[output] if ws != workspace] # noqa: E501
278 print(json.dumps(workspace_history), file=sys.stderr) 278 # print(json.dumps(workspace_history), file=sys.stderr)
279 279
280 sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) 280 sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
281 sock.connect(os.environ["NIRI_SOCKET"]) 281 sock.connect(os.environ["NIRI_SOCKET"])
@@ -743,19 +743,19 @@ in {
743 "Mod+Shift+Control+C".action = move-workspace-up; 743 "Mod+Shift+Control+C".action = move-workspace-up;
744 744
745 "Mod+ParenLeft".action = focus-workspace "comm"; 745 "Mod+ParenLeft".action = focus-workspace "comm";
746 "Mod+Shift+ParenLeft".action = move-column-to-workspace "comm"; 746 "Mod+Shift+ParenLeft".action = kdl.magic-leaf "move-column-to-workspace" "comm";
747 747
748 "Mod+ParenRight".action = focus-workspace "web"; 748 "Mod+ParenRight".action = focus-workspace "web";
749 "Mod+Shift+ParenRight".action = move-column-to-workspace "web"; 749 "Mod+Shift+ParenRight".action = kdl.magic-leaf "move-column-to-workspace" "web";
750 750
751 "Mod+BraceRight".action = focus-workspace "read"; 751 "Mod+BraceRight".action = focus-workspace "read";
752 "Mod+Shift+BraceRight".action = move-column-to-workspace "read"; 752 "Mod+Shift+BraceRight".action = kdl.magic-leaf "move-column-to-workspace" "read";
753 753
754 "Mod+BraceLeft".action = focus-workspace "mon"; 754 "Mod+BraceLeft".action = focus-workspace "mon";
755 "Mod+Shift+BraceLeft".action = move-column-to-workspace "mon"; 755 "Mod+Shift+BraceLeft".action = kdl.magic-leaf "move-column-to-workspace" "mon";
756 756
757 "Mod+Asterisk".action = focus-workspace "vid"; 757 "Mod+Asterisk".action = focus-workspace "vid";
758 "Mod+Shift+Asterisk".action = move-column-to-workspace "vid"; 758 "Mod+Shift+Asterisk".action = kdl.magic-leaf "move-column-to-workspace" "vid";
759 759
760 "Mod+Plus".action = with-unnamed-workspace-action ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}''; 760 "Mod+Plus".action = with-unnamed-workspace-action ''{"Action":{"FocusWorkspace":{"reference":{"Id": .id}}}}'';
761 "Mod+Shift+Plus".action = with-unnamed-workspace-action ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}}}}''; 761 "Mod+Shift+Plus".action = with-unnamed-workspace-action ''{"Action":{"MoveColumnToWorkspace":{"reference":{"Id": .id}}}}'';
diff --git a/accounts/gkleen@sif/niri/mako.nix b/accounts/gkleen@sif/niri/mako.nix
index 2788fb82..9373dc21 100644
--- a/accounts/gkleen@sif/niri/mako.nix
+++ b/accounts/gkleen@sif/niri/mako.nix
@@ -3,37 +3,29 @@
3 config = { 3 config = {
4 services.mako = { 4 services.mako = {
5 enable = true; 5 enable = true;
6 font = "Fira Sans 10"; 6 settings = {
7 format = "<i>%s</i>\\n%b"; 7 font = "Fira Sans 10";
8 margin = "2"; 8 format = "<i>%s</i>\\n%b";
9 maxVisible = -1; 9 margin = "2";
10 backgroundColor = "#000000dd"; 10 max-visible = -1;
11 progressColor = "source #223544ff"; 11 background-color = "#000000dd";
12 width = 384; 12 progress-color = "source #223544ff";
13 extraConfig = '' 13 width = 384;
14 outer-margin=1 14 outer-margin = 1;
15 max-history=100 15 max-history = 100;
16 max-icon-size=48 16 max-icon-size = 48;
17 17 };
18 [grouped] 18 criteria = {
19 format=<b>(%g)</b> <i>%s</i>\n%b 19 grouped.format = "<b>(%g)</b> <i>%s</i>\n%b";
20 20 "urgency=low".text-color = "#999999ff";
21 [urgency=low] 21 "urgency=critical".background-color = "#900000dd";
22 text-color=#999999ff 22 "app-name=Element".group-by = "summary";
23 23 "app-name=poweralertd" = {
24 [urgency=critical] 24 ignore-timeout = true;
25 background-color=#900000dd 25 default-timeout = 2000;
26 26 };
27 [app-name=Element] 27 "mode=silent".invisible = true;
28 group-by=summary 28 };
29
30 [app-name=poweralertd]
31 ignore-timeout=1
32 default-timeout=2000
33
34 [mode=silent]
35 invisible=1
36 '';
37 package = pkgs.symlinkJoin { 29 package = pkgs.symlinkJoin {
38 name = "${pkgs.mako.name}-wrapped"; 30 name = "${pkgs.mako.name}-wrapped";
39 paths = with pkgs; [ mako ]; 31 paths = with pkgs; [ mako ];
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix
index 2237b708..90cccc58 100644
--- a/accounts/gkleen@sif/systemd.nix
+++ b/accounts/gkleen@sif/systemd.nix
@@ -242,7 +242,7 @@ in {
242 "-${lib.getExe pkgs.playerctl} -a pause" 242 "-${lib.getExe pkgs.playerctl} -a pause"
243 "-${lib.getExe (pkgs.writeShellApplication { 243 "-${lib.getExe (pkgs.writeShellApplication {
244 name = "generate-css"; 244 name = "generate-css";
245 runtimeInputs = with pkgs; [cfg.programs.wpaperd.package jq coreutils imagemagick findutils]; 245 runtimeInputs = with pkgs; [cfg.services.wpaperd.package jq coreutils imagemagick findutils];
246 text = '' 246 text = ''
247 declare -A monitors 247 declare -A monitors
248 monitors=() 248 monitors=()
@@ -333,21 +333,21 @@ in {
333 ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\""; 333 ExecStopPost = "${pkgs.coreutils}/bin/rm -rfv \"$CACHE_DIRECTORY\"";
334 }; 334 };
335 }; 335 };
336 wpaperd = { 336 # wpaperd = {
337 Install = { 337 # Install = {
338 WantedBy = ["graphical-session.target"]; 338 # WantedBy = ["graphical-session.target"];
339 }; 339 # };
340 Unit = { 340 # Unit = {
341 After = [ "graphical-session.target" ]; 341 # After = [ "graphical-session.target" ];
342 PartOf = [ "graphical-session.target" ]; 342 # PartOf = [ "graphical-session.target" ];
343 }; 343 # };
344 Service = { 344 # Service = {
345 ExecStart = lib.getExe cfg.programs.wpaperd.package; 345 # ExecStart = lib.getExe cfg.services.wpaperd.package;
346 Type = "simple"; 346 # Type = "simple";
347 Restart = "always"; 347 # Restart = "always";
348 RestartSec = "2s"; 348 # RestartSec = "2s";
349 }; 349 # };
350 }; 350 # };
351 xembed-sni-proxy = { 351 xembed-sni-proxy = {
352 Unit = { 352 Unit = {
353 PartOf = lib.mkForce ["tray.target"]; 353 PartOf = lib.mkForce ["tray.target"];
diff --git a/accounts/gkleen@sif/zshrc b/accounts/gkleen@sif/zshrc
index 06f6f6f2..7645e0fc 100644
--- a/accounts/gkleen@sif/zshrc
+++ b/accounts/gkleen@sif/zshrc
@@ -6,11 +6,10 @@ dir() {
6 forceShell=false 6 forceShell=false
7 wormhole=false 7 wormhole=false
8 gitWorktree="" 8 gitWorktree=""
9 # notmuchMsg=""
10 quickserve=false
11 modifyPDF="" 9 modifyPDF=""
10 miniserve=false
12 11
13 while getopts ':t:a:d:ir:wqg:p:' arg; do 12 while getopts ':t:a:d:ir:wg:p:m' arg; do
14 case $arg in 13 case $arg in
15 "t") ;; 14 "t") ;;
16 "a") 15 "a")
@@ -26,9 +25,8 @@ dir() {
26 "r") repoUrl=${OPTARG} ;; 25 "r") repoUrl=${OPTARG} ;;
27 "w") wormhole=true ;; 26 "w") wormhole=true ;;
28 "g") gitWorktree=${OPTARG} ;; 27 "g") gitWorktree=${OPTARG} ;;
29 # "n") notmuchMsg=${OPTARG} ;;
30 "q") quickserve=true ;;
31 "p") modifyPDF=${OPTARG:a} ;; 28 "p") modifyPDF=${OPTARG:a} ;;
29 "m") miniserve=true ;;
32 *) printf "Invalid option: %s\n" $arg >&2; exit 2 ;; 30 *) printf "Invalid option: %s\n" $arg >&2; exit 2 ;;
33 esac 31 esac
34 done 32 done
@@ -52,17 +50,29 @@ dir() {
52 gitWorktree="" 50 gitWorktree=""
53 fi 51 fi
54 52
53 miniservePIDFile=""
54 if [[ ${miniserve} = "true" ]]; then
55 miniservePIDFile=$(mktemp --tmpdir --suffix=.pid)
56 fi
57
55 cleanup() 58 cleanup()
56 { 59 {
57 cd ${modifyPDF:h}
58 if [[ -n ${modifyPDF} ]]; then 60 if [[ -n ${modifyPDF} ]]; then
61 cd ${modifyPDF:h}
59 typeset -a pages 62 typeset -a pages
60 eval 'pages=(${dir}/${modifyPDF:t:r}_*.png(on))' 63 eval 'pages=(${dir}/${modifyPDF:t:r}_*.png(on))'
61 magick -verbose "$pages" ${modifyPDF} 64 magick -verbose "$pages" ${modifyPDF}
65 modifyPDF=""
66 fi
67 if [[ -n ${miniservePIDFile} ]]; then
68 kill --verbose $(cat ${miniservePIDFile}) && wait $(cat ${miniservePIDFile})
69 miniservePIDFile=""
62 fi 70 fi
63 } 71 }
64 72
65 ( 73 (
74 set -o localtraps
75 trap 'return 1' INT TERM
66 trap cleanup EXIT 76 trap cleanup EXIT
67 77
68 cd ${dir} 78 cd ${dir}
@@ -135,18 +145,18 @@ dir() {
135 [[ $wormhole = "true" ]] && wormhole receive --accept-file 145 [[ $wormhole = "true" ]] && wormhole receive --accept-file
136 146
137 147
138 if [[ $quickserve = "true" ]]; then 148 if [[ ${#@} -gt 0 ]]; then
139 quickserve --root . --upload . --show-hidden --tar gz 149 ${@}
140 fi 150 fi
141 151
152 cd $(pwd) # Needed for mounting to work
142 153
143 if [[ ${#@} -eq 0 ]] || [[ $forceShell = "true" ]]; then 154 if [[ ${miniserve} = "true" ]]; then
144 if [[ ${#@} -gt 0 ]]; then 155 miniserve --random-route --hidden --enable-tar-gz --enable-zip . &
145 ${@} 156 echo $! > "${miniservePIDFile}"
146 fi 157 fi
147
148 cd $(pwd) # Needed for mounting to work
149 158
159 if [[ ${#@} -eq 0 ]] && [[ ${miniserve} != "true" ]] || [[ $forceShell = "true" ]]; then
150 isSingleDir() { 160 isSingleDir() {
151 typeset -a contents 161 typeset -a contents
152 contents=(*(N) .*(N)) 162 contents=(*(N) .*(N))
@@ -160,10 +170,9 @@ dir() {
160 } 170 }
161 while d=$(isSingleDir); do cd ${d}; done 171 while d=$(isSingleDir); do cd ${d}; done
162 172
163
164 zsh 173 zsh
165 else 174 elif [[ ${miniserve} == "true" ]]; then
166 ${@} 175 wait $(cat "${miniservePIDFile}")
167 fi 176 fi
168 ) 177 )
169} 178}
@@ -171,27 +180,30 @@ dir() {
171tmpdir() { 180tmpdir() {
172 cleanup() 181 cleanup()
173 { 182 {
174 cd / 183 cd /
175 unmount() { 184 unmount() {
176 printf "Unmounting %s\n" ${1} >&2 185 printf "Unmounting %s\n" ${1} >&2
177 fusermount -u ${1} || umount ${1} || sudo umount ${1} 186 fusermount -u ${1} || umount ${1} || sudo umount ${1}
178 } 187 }
179 188
180 if mountpoint -q -- ${dir}; then 189 if [[ -n ${dir} ]]; then
181 unmount ${dir} || return $? 190 if mountpoint -q -- ${dir}; then
182 else 191 unmount ${dir} || return $?
183 while read -d $'\0' subDir; do 192 else
184 mountpoint -q -- ${subDir} || continue 193 while read -d $'\0' subDir; do
185 unmount ${subDir} || return $? 194 mountpoint -q -- ${subDir} || continue
186 done <<<$(find ${dir} -xdev -type d -print0 | sort -zr) 195 unmount ${subDir} || return $?
187 fi 196 done <<<$(find ${dir} -xdev -type d -print0 | sort -zr)
188 197 fi
189 rm -rfv --one-file-system -- ${dir} 198
199 rm -rfv --one-file-system -- ${dir}
200 dir=""
201 fi
190 } 202 }
191 203
192 local tmpdir="" 204 local tmpdir=""
193 205
194 while getopts ':t:a:s:Sd:ir:wqg:p:' arg; do 206 while getopts ':t:a:d:ir:wg:p:m' arg; do
195 case $arg in 207 case $arg in
196 "t") tmpdir="=${OPTARG}" ;; 208 "t") tmpdir="=${OPTARG}" ;;
197 "?"|":") printf "Invalid option: %s\n" $arg >&2; exit 2 ;; 209 "?"|":") printf "Invalid option: %s\n" $arg >&2; exit 2 ;;
@@ -199,6 +211,8 @@ tmpdir() {
199 done 211 done
200 212
201 ( 213 (
214 set -o localtraps
215 trap 'return 1' INT TERM
202 trap cleanup EXIT 216 trap cleanup EXIT
203 217
204 218
@@ -247,14 +261,6 @@ l() {
247 ls --long --binary --git --time-style=iso --header $@ 261 ls --long --binary --git --time-style=iso --header $@
248} 262}
249 263
250re() {
251 systemctl restart $@
252}
253
254ure() {
255 systemctl --user restart $@
256}
257
258ssh-installer() { 264ssh-installer() {
259 ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/gkleen@sif.midgard.yggdrasil $@ 265 ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentityFile=~/.ssh/gkleen@sif.midgard.yggdrasil $@
260} 266}
diff --git a/accounts/gkleen@surtr.nix b/accounts/gkleen@surtr.nix
index 58c4f21d..8f678ac9 100644
--- a/accounts/gkleen@surtr.nix
+++ b/accounts/gkleen@surtr.nix
@@ -1,3 +1,7 @@
1{ userName, ... }: { 1{ flake, userName, ... }: {
2 home-manager.users.${userName}.home.stateVersion = "20.09"; 2 imports = with flake.nixosModules.userProfiles.${userName}; [
3 zsh tmux
4 ];
5
6 config.home-manager.users.${userName}.home.stateVersion = "20.09";
3} 7}
diff --git a/accounts/gkleen@vidhar.nix b/accounts/gkleen@vidhar.nix
index 8509c2f4..3a37c4bd 100644
--- a/accounts/gkleen@vidhar.nix
+++ b/accounts/gkleen@vidhar.nix
@@ -1,4 +1,8 @@
1{ flake, pkgs, userName, config, ... }: { 1{ flake, pkgs, userName, config, ... }: {
2 imports = with flake.nixosModules.userProfiles.${userName}; [
3 zsh tmux
4 ];
5
2 config = { 6 config = {
3 users.users.${userName} = { 7 users.users.${userName} = {
4 uid = 1000; 8 uid = 1000;
diff --git a/accounts/mherold@eostre.nix b/accounts/mherold@eostre.nix
index 51e4529a..0e2f37aa 100644
--- a/accounts/mherold@eostre.nix
+++ b/accounts/mherold@eostre.nix
@@ -7,9 +7,9 @@
7 home-manager.users.${userName} = { 7 home-manager.users.${userName} = {
8 home.stateVersion = "20.09"; 8 home.stateVersion = "20.09";
9 9
10 nixpkgs.config = { 10 # nixpkgs.config = {
11 allowUnfree = true; 11 # allowUnfree = true;
12 }; 12 # };
13 13
14 home.packages = with pkgs; [ 14 home.packages = with pkgs; [
15 thunderbird libreoffice element-desktop keepassxc vlc 15 thunderbird libreoffice element-desktop keepassxc vlc
diff --git a/accounts/root@installer.nix b/accounts/root@installer.nix
index c7a418f8..5fe1db38 100644
--- a/accounts/root@installer.nix
+++ b/accounts/root@installer.nix
@@ -1,7 +1,11 @@
1{ userName, ... }: 1{ flake, userName, ... }:
2 2
3{ 3{
4 home-manager.users.${userName} = { config, ... } : { 4 imports = with flake.nixosModules.userProfiles.${userName}; [
5 zsh tmux
6 ];
7
8 config.home-manager.users.${userName} = { config, ... } : {
5 home.stateVersion = config.home.version.release; 9 home.stateVersion = config.home.version.release;
6 }; 10 };
7} 11}
diff --git a/accounts/root@sif.nix b/accounts/root@sif.nix
index c9e129a0..bb816230 100644
--- a/accounts/root@sif.nix
+++ b/accounts/root@sif.nix
@@ -1,6 +1,10 @@
1{ userName, ... }: 1{ flake, userName, ... }:
2{ 2{
3 home-manager.users.${userName} = { 3 imports = with flake.nixosModules.userProfiles.${userName}; [
4 zsh tmux
5 ];
6
7 config.home-manager.users.${userName} = {
4 home.stateVersion = "20.09"; 8 home.stateVersion = "20.09";
5 9
6 programs.ssh.matchBlocks = { 10 programs.ssh.matchBlocks = {
diff --git a/accounts/root@surtr.nix b/accounts/root@surtr.nix
index 58c4f21d..8f678ac9 100644
--- a/accounts/root@surtr.nix
+++ b/accounts/root@surtr.nix
@@ -1,3 +1,7 @@
1{ userName, ... }: { 1{ flake, userName, ... }: {
2 home-manager.users.${userName}.home.stateVersion = "20.09"; 2 imports = with flake.nixosModules.userProfiles.${userName}; [
3 zsh tmux
4 ];
5
6 config.home-manager.users.${userName}.home.stateVersion = "20.09";
3} 7}
diff --git a/accounts/root@vidhar.nix b/accounts/root@vidhar.nix
index e82414a8..0fc56633 100644
--- a/accounts/root@vidhar.nix
+++ b/accounts/root@vidhar.nix
@@ -1,6 +1,11 @@
1{ config, userName, ... }: 1{ flake, config, userName, ... }:
2
2{ 3{
3 home-manager.users.${userName} = { 4 imports = with flake.nixosModules.userProfiles.${userName}; [
5 zsh tmux
6 ];
7
8 config.home-manager.users.${userName} = {
4 home.stateVersion = "20.09"; 9 home.stateVersion = "20.09";
5 10
6 programs.ssh.matchBlocks = { 11 programs.ssh.matchBlocks = {
diff --git a/flake.lock b/flake.lock
index abb6541a..64091d39 100644
--- a/flake.lock
+++ b/flake.lock
@@ -115,11 +115,11 @@
115 "flake-compat_3": { 115 "flake-compat_3": {
116 "flake": false, 116 "flake": false,
117 "locked": { 117 "locked": {
118 "lastModified": 1733328505, 118 "lastModified": 1747046372,
119 "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", 119 "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
120 "owner": "edolstra", 120 "owner": "edolstra",
121 "repo": "flake-compat", 121 "repo": "flake-compat",
122 "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", 122 "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
123 "type": "github" 123 "type": "github"
124 }, 124 },
125 "original": { 125 "original": {
@@ -322,11 +322,11 @@
322 ] 322 ]
323 }, 323 },
324 "locked": { 324 "locked": {
325 "lastModified": 1738691953, 325 "lastModified": 1746904907,
326 "narHash": "sha256-JY/w2Xyrj3mhUhLJkSgk8t7MSf3LGZjewPTQ7QtCbHE=", 326 "narHash": "sha256-XYo6bwc7xwo4lO6a/D2ttYRN4yDmsAjyt5O1E0vOLDg=",
327 "owner": "gkleen", 327 "owner": "gkleen",
328 "repo": "home-manager", 328 "repo": "home-manager",
329 "rev": "c077fc8684289ab1b1c2231bab1566879e099c97", 329 "rev": "696495266c65b76f08d8196b87aa7bd835906570",
330 "type": "github" 330 "type": "github"
331 }, 331 },
332 "original": { 332 "original": {
@@ -343,11 +343,11 @@
343 ] 343 ]
344 }, 344 },
345 "locked": { 345 "locked": {
346 "lastModified": 1710245356, 346 "lastModified": 1747139300,
347 "narHash": "sha256-8cQGUn+N1dTgklMWMejSLN2q8Oz+7Rnqsfaw2rt3bU4=", 347 "narHash": "sha256-V+YnIIM2wMprHGgzOU0HzyeWQEjP6EhG8kc4IffWFeg=",
348 "owner": "gkleen", 348 "owner": "gkleen",
349 "repo": "home-manager", 349 "repo": "home-manager",
350 "rev": "a14fe0c27d04dfa3d80abe2db743e9a7f4f2a33d", 350 "rev": "50182497604587a24bdbe97d6400b1696eac57b1",
351 "type": "github" 351 "type": "github"
352 }, 352 },
353 "original": { 353 "original": {
@@ -397,11 +397,11 @@
397 "xwayland-satellite-unstable": "xwayland-satellite-unstable" 397 "xwayland-satellite-unstable": "xwayland-satellite-unstable"
398 }, 398 },
399 "locked": { 399 "locked": {
400 "lastModified": 1745483403, 400 "lastModified": 1747115632,
401 "narHash": "sha256-fNemxNtPugDzCK7ofPApufFhD4EW5PiA0v3+aS1O6rY=", 401 "narHash": "sha256-SypEtZQsum43HvIT4HqM1RH8CE3wCWFIO5b5IqC/2FA=",
402 "owner": "sodiboo", 402 "owner": "sodiboo",
403 "repo": "niri-flake", 403 "repo": "niri-flake",
404 "rev": "17ebd40a372527ad20cc799b1835beaf7abf7200", 404 "rev": "44eeba852a6671ab1c7be5ca65a58c49794cef4b",
405 "type": "github" 405 "type": "github"
406 }, 406 },
407 "original": { 407 "original": {
@@ -431,11 +431,11 @@
431 "niri-unstable": { 431 "niri-unstable": {
432 "flake": false, 432 "flake": false,
433 "locked": { 433 "locked": {
434 "lastModified": 1745351516, 434 "lastModified": 1747113435,
435 "narHash": "sha256-nQRp1Q+kV137Dsk7WCsnq6zQA7YrvRll2wVcG7wZpHA=", 435 "narHash": "sha256-9oU1mKAM2BZLSots136UA75RIed53YtYgns9TUkr3ck=",
436 "owner": "YaLTeR", 436 "owner": "YaLTeR",
437 "repo": "niri", 437 "repo": "niri",
438 "rev": "6ab055a4b968ccf115a1be3b65b0d5ec4d7c33f1", 438 "rev": "6d083ea49741d6e8e85d5a1d6b6bcaa837d3b5c0",
439 "type": "github" 439 "type": "github"
440 }, 440 },
441 "original": { 441 "original": {
@@ -472,11 +472,11 @@
472 ] 472 ]
473 }, 473 },
474 "locked": { 474 "locked": {
475 "lastModified": 1745120797, 475 "lastModified": 1746934494,
476 "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=", 476 "narHash": "sha256-3n6i+F0sDASjkhbvgFDpPDZGp7z19IrRtjfF9TwJpCA=",
477 "owner": "Mic92", 477 "owner": "Mic92",
478 "repo": "nix-index-database", 478 "repo": "nix-index-database",
479 "rev": "69716041f881a2af935021c1182ed5b0cc04d40e", 479 "rev": "e9b21b01e4307176b9718a29ac514838e7f6f4ff",
480 "type": "github" 480 "type": "github"
481 }, 481 },
482 "original": { 482 "original": {
@@ -493,11 +493,11 @@
493 ] 493 ]
494 }, 494 },
495 "locked": { 495 "locked": {
496 "lastModified": 1737219791, 496 "lastModified": 1745680380,
497 "narHash": "sha256-OU0NPjJ3woNDFNx7HtWuUXBb4eI6Ggre/Uj2qhiSjrg=", 497 "narHash": "sha256-Z8PknjkmIr/8ZCH+dmc2Pc+UltiOr7/oKg37PXuVvuU=",
498 "owner": "ners", 498 "owner": "ners",
499 "repo": "nix-monitored", 499 "repo": "nix-monitored",
500 "rev": "6ed8ed4832ff26c616e5856ba19f5b8141d61bd3", 500 "rev": "60f3baa4701d58eab86c2d1d9c3d7e820074d461",
501 "type": "github" 501 "type": "github"
502 }, 502 },
503 "original": { 503 "original": {
@@ -529,11 +529,11 @@
529 }, 529 },
530 "nixos-hardware": { 530 "nixos-hardware": {
531 "locked": { 531 "locked": {
532 "lastModified": 1745392233, 532 "lastModified": 1747083103,
533 "narHash": "sha256-xmqG4MZArM1JNxPJ33s0MtuBzgnaCO9laARoU3AfP8E=", 533 "narHash": "sha256-dMx20S2molwqJxbmMB4pGjNfgp5H1IOHNa1Eby6xL+0=",
534 "owner": "NixOS", 534 "owner": "NixOS",
535 "repo": "nixos-hardware", 535 "repo": "nixos-hardware",
536 "rev": "8bf8a2a0822365bd8f44fd1a19d7ed0a1d629d64", 536 "rev": "d1d68fe8b00248caaa5b3bbe4984c12b47e0867d",
537 "type": "github" 537 "type": "github"
538 }, 538 },
539 "original": { 539 "original": {
@@ -651,11 +651,11 @@
651 }, 651 },
652 "nixpkgs-stable_2": { 652 "nixpkgs-stable_2": {
653 "locked": { 653 "locked": {
654 "lastModified": 1745279238, 654 "lastModified": 1746957726,
655 "narHash": "sha256-AQ7M9wTa/Pa/kK5pcGTgX/DGqMHyzsyINfN7ktsI7Fo=", 655 "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=",
656 "owner": "NixOS", 656 "owner": "NixOS",
657 "repo": "nixpkgs", 657 "repo": "nixpkgs",
658 "rev": "9684b53175fc6c09581e94cc85f05ab77464c7e3", 658 "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94",
659 "type": "github" 659 "type": "github"
660 }, 660 },
661 "original": { 661 "original": {
@@ -699,11 +699,11 @@
699 }, 699 },
700 "nixpkgs_2": { 700 "nixpkgs_2": {
701 "locked": { 701 "locked": {
702 "lastModified": 1745391562, 702 "lastModified": 1746904237,
703 "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", 703 "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
704 "owner": "NixOS", 704 "owner": "NixOS",
705 "repo": "nixpkgs", 705 "repo": "nixpkgs",
706 "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", 706 "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
707 "type": "github" 707 "type": "github"
708 }, 708 },
709 "original": { 709 "original": {
@@ -962,11 +962,11 @@
962 ] 962 ]
963 }, 963 },
964 "locked": { 964 "locked": {
965 "lastModified": 1745310711, 965 "lastModified": 1746485181,
966 "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", 966 "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
967 "owner": "Mic92", 967 "owner": "Mic92",
968 "repo": "sops-nix", 968 "repo": "sops-nix",
969 "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", 969 "rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
970 "type": "github" 970 "type": "github"
971 }, 971 },
972 "original": { 972 "original": {
@@ -1094,11 +1094,11 @@
1094 "xwayland-satellite-unstable": { 1094 "xwayland-satellite-unstable": {
1095 "flake": false, 1095 "flake": false,
1096 "locked": { 1096 "locked": {
1097 "lastModified": 1745372360, 1097 "lastModified": 1747111562,
1098 "narHash": "sha256-5DX9lYmEbkdANCzME2v3coV0EnWOhS7NsTlGBQuqmjM=", 1098 "narHash": "sha256-GAqhWoxaBIk0tgoecZPa8gTHDHxNc0JtlwWHZN2iOOo=",
1099 "owner": "Supreeeme", 1099 "owner": "Supreeeme",
1100 "repo": "xwayland-satellite", 1100 "repo": "xwayland-satellite",
1101 "rev": "c31679aa41966ee9272bb240703755cb1e7c72e3", 1101 "rev": "ec9ff64c1e0cbec42710b580b7c0f759b1694e72",
1102 "type": "github" 1102 "type": "github"
1103 }, 1103 },
1104 "original": { 1104 "original": {
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index 0897e1d8..f4de24e8 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -126,38 +126,8 @@ in {
126 rulesetFile = ./ruleset.nft; 126 rulesetFile = ./ruleset.nft;
127 }; 127 };
128 128
129 # firewall = {
130 # enable = true;
131 # allowedTCPPorts = [ 22 # ssh
132 # 8000 # quickserve
133 # ];
134 # };
135
136 # wlanInterfaces = {
137 # wlan0 = {
138 # device = "wlp82s0";
139 # };
140 # };
141
142 # bonds = {
143 # "lan" = {
144 # interfaces = [ "wlan0" "enp0s31f6" "dock0" ];
145 # driverOptions = {
146 # miimon = "1000";
147 # mode = "active-backup";
148 # primary_reselect = "always";
149 # };
150 # };
151 # };
152
153 useDHCP = false; 129 useDHCP = false;
154 useNetworkd = true; 130 useNetworkd = true;
155
156 # interfaces."tinc.yggdrasil" = {
157 # virtual = true;
158 # virtualType = config.services.tinc.networks.yggdrasil.interfaceType;
159 # macAddress = "5c:93:21:c3:61:39";
160 # };
161 }; 131 };
162 132
163 environment.etc."NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf" = { 133 environment.etc."NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf" = {
@@ -751,10 +721,6 @@ in {
751 721
752 home-manager.sharedModules = [ flakeInputs.nixVirt.homeModules.default ]; 722 home-manager.sharedModules = [ flakeInputs.nixVirt.homeModules.default ];
753 723
754 environment.pathsToLink = [
755 "share/zsh"
756 ];
757
758 system.stateVersion = "24.11"; 724 system.stateVersion = "24.11";
759 }; 725 };
760} 726}
diff --git a/hosts/sif/ruleset.nft b/hosts/sif/ruleset.nft
index 2af8b2ee..62339f69 100644
--- a/hosts/sif/ruleset.nft
+++ b/hosts/sif/ruleset.nft
@@ -61,7 +61,7 @@ table inet filter {
61 counter mosh-rx {} 61 counter mosh-rx {}
62 counter wg-rx {} 62 counter wg-rx {}
63 counter yggdrasil-gre-rx {} 63 counter yggdrasil-gre-rx {}
64 counter quickserve-rx {} 64 counter miniserve-rx {}
65 counter ausweisapp2-rx {} 65 counter ausweisapp2-rx {}
66 66
67 counter established-rx {} 67 counter established-rx {}
@@ -81,7 +81,7 @@ table inet filter {
81 counter mosh-tx {} 81 counter mosh-tx {}
82 counter wg-tx {} 82 counter wg-tx {}
83 counter yggdrasil-gre-tx {} 83 counter yggdrasil-gre-tx {}
84 counter quickserve-tx {} 84 counter miniserve-tx {}
85 85
86 counter tx {} 86 counter tx {}
87 87
@@ -134,7 +134,7 @@ table inet filter {
134 tcp dport 22 counter name ssh-rx accept 134 tcp dport 22 counter name ssh-rx accept
135 udp dport 60000-61000 counter name mosh-rx accept 135 udp dport 60000-61000 counter name mosh-rx accept
136 136
137 tcp dport 8000 counter name quickserve-rx accept 137 tcp dport 8080 counter name miniserve-rx accept
138 udp dport 24727 counter name ausweisapp2-rx accept 138 udp dport 24727 counter name ausweisapp2-rx accept
139 139
140 udp dport 51820-51822 counter name wg-rx accept 140 udp dport 51820-51822 counter name wg-rx accept
@@ -173,7 +173,7 @@ table inet filter {
173 udp sport 51820-51822 counter name wg-tx 173 udp sport 51820-51822 counter name wg-tx
174 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx 174 iifname "yggdrasil-wg-*" meta l4proto gre counter name yggdrasil-gre-tx
175 175
176 tcp sport 8000 counter name quickserve-tx accept 176 tcp sport 8080 counter name miniserve-tx accept
177 177
178 oifname virbr0 udp sport 67 counter name libvirt-dhcp accept 178 oifname virbr0 udp sport 67 counter name libvirt-dhcp accept
179 oifname virbr0 udp sport 547 counter name libvirt-dhcp accept 179 oifname virbr0 udp sport 547 counter name libvirt-dhcp accept
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index 13b33c7f..4666d1d6 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -215,7 +215,7 @@ in {
215 smtpd_client_event_limit_exceptions = ""; 215 smtpd_client_event_limit_exceptions = "";
216 216
217 milter_default_action = "accept"; 217 milter_default_action = "accept";
218 smtpd_milters = [config.services.opendkim.socket "local:/run/rspamd/rspamd-milter.sock"]; 218 smtpd_milters = [config.services.opendkim.socket "local:/run/rspamd/rspamd-milter.sock" "local:/run/postsrsd/postsrsd-milter.sock"];
219 non_smtpd_milters = [config.services.opendkim.socket "local:/run/rspamd/rspamd-milter.sock"]; 219 non_smtpd_milters = [config.services.opendkim.socket "local:/run/rspamd/rspamd-milter.sock"];
220 220
221 alias_maps = ""; 221 alias_maps = "";
@@ -237,11 +237,6 @@ in {
237 ::/0 silent-discard, dsn 237 ::/0 silent-discard, dsn
238 ''}"; 238 ''}";
239 239
240 sender_canonical_maps = "tcp:localhost:${toString config.services.postsrsd.forwardPort}";
241 sender_canonical_classes = "envelope_sender";
242 recipient_canonical_maps = "tcp:localhost:${toString config.services.postsrsd.reversePort}";
243 recipient_canonical_classes = ["envelope_recipient" "header_recipient"];
244
245 virtual_mailbox_domains = ''pgsql:${pkgs.writeText "virtual_mailbox_domains.cf" '' 240 virtual_mailbox_domains = ''pgsql:${pkgs.writeText "virtual_mailbox_domains.cf" ''
246 hosts = postgresql:///email 241 hosts = postgresql:///email
247 dbname = email 242 dbname = email
@@ -366,10 +361,11 @@ in {
366 361
367 services.postsrsd = { 362 services.postsrsd = {
368 enable = true; 363 enable = true;
369 domain = "surtr.yggdrasil.li"; 364 domains = [ "surtr.yggdrasil.li" ] ++ concatMap (domain: [".${domain}" domain]) emailDomains;
370 separator = "+"; 365 separator = "+";
371 excludeDomains = [ "surtr.yggdrasil.li" 366 extraConfig = ''
372 ] ++ concatMap (domain: [".${domain}" domain]) emailDomains; 367 milter = unix:/run/postsrsd/postsrsd-milter.sock
368 '';
373 }; 369 };
374 370
375 services.opendkim = { 371 services.opendkim = {
diff --git a/hosts/surtr/vpn/default.nix b/hosts/surtr/vpn/default.nix
index 1bdcf74e..92223144 100644
--- a/hosts/surtr/vpn/default.nix
+++ b/hosts/surtr/vpn/default.nix
@@ -1,4 +1,4 @@
1{ pkgs, config, lib, ... }: 1{ flake, pkgs, config, lib, ... }:
2 2
3with lib; 3with lib;
4 4
@@ -22,7 +22,11 @@ in {
22 "--load-credential=surtr.priv:/run/credentials/container@vpn.service/surtr.priv" 22 "--load-credential=surtr.priv:/run/credentials/container@vpn.service/surtr.priv"
23 "--network-ipvlan=ens3:upstream" 23 "--network-ipvlan=ens3:upstream"
24 ]; 24 ];
25 config = { 25 config = let hostConfig = config; in { config, pkgs, ... }: {
26 system.stateVersion = lib.mkIf hostConfig.containers."vpn".ephemeral config.system.nixos.release;
27 system.configurationRevision = mkIf (flake ? rev) flake.rev;
28 nixpkgs.pkgs = hostConfig.nixpkgs.pkgs;
29
26 boot.kernel.sysctl = { 30 boot.kernel.sysctl = {
27 "net.core.rmem_max" = 4194304; 31 "net.core.rmem_max" = 4194304;
28 "net.core.wmem_max" = 4194304; 32 "net.core.wmem_max" = 4194304;
diff --git a/hosts/surtr/vpn/geri.pub b/hosts/surtr/vpn/geri.pub
index ed5de2b2..2cd9b24e 100644
--- a/hosts/surtr/vpn/geri.pub
+++ b/hosts/surtr/vpn/geri.pub
@@ -1 +1 @@
sYuQSNZHzfegv8HRz71jnZm2nFLGeRnaGwVonhKUj2k= hhER05bvstOTGfiAG3IJsFkBNWCUZHokBXwaiC5d534=
diff --git a/hosts/vidhar/network/dhcp/default.nix b/hosts/vidhar/network/dhcp/default.nix
index 098d3061..11460393 100644
--- a/hosts/vidhar/network/dhcp/default.nix
+++ b/hosts/vidhar/network/dhcp/default.nix
@@ -306,32 +306,30 @@ in {
306 pkgs.symlinkJoin { 306 pkgs.symlinkJoin {
307 name = "installer-${system}"; 307 name = "installer-${system}";
308 paths = [ 308 paths = [
309 (let 309 (builtins.addErrorContext "while evaluating installer-${system}-nfsroot" (let
310 installerBuild = (flake.nixosConfigurations.${"installer-${system}-nfsroot"}.extendModules { 310 installerBuild' = (flake.nixosConfigurations.${"installer-${system}-nfsroot"}.extendModules {
311 modules = [ 311 modules = [
312 ({ ... }: { 312 ({ ... }: {
313 config.nfsroot.storeDevice = "${nfsIp}:nix-store"; 313 config.nfsroot.storeDevice = "${nfsIp}:nix-store";
314 config.nfsroot.registrationUrl = "${nfsrootBaseUrl}/installer-${system}/registration"; 314 config.nfsroot.registrationUrl = "${nfsrootBaseUrl}/installer-${system}/registration";
315 config.system.nixos.label = "installer-${system}";
315 }) 316 })
316 ]; 317 ];
317 }).config.system.build; 318 });
318 in builtins.toPath (pkgs.runCommandLocal "install-${system}" {} '' 319 installerBuild = installerBuild'.config.system.build;
320 in builtins.toPath (pkgs.runCommandLocal "installer-${system}" {} ''
319 mkdir -p $out/installer-${system} 321 mkdir -p $out/installer-${system}
320 install -m 0444 -t $out/installer-${system} \ 322 install -m 0444 -t $out/installer-${system} \
321 ${installerBuild.initialRamdisk}/initrd \ 323 ${installerBuild.initialRamdisk}/initrd \
322 ${installerBuild.kernel}/bzImage \ 324 ${installerBuild.kernel}/bzImage \
323 ${installerBuild.netbootIpxeScript}/netboot.ipxe \ 325 ${installerBuild.netbootIpxeScript}/netboot.ipxe \
324 ${pkgs.closureInfo { rootPaths = installerBuild.storeContents; }}/registration 326 ${pkgs.closureInfo { rootPaths = installerBuild.storeContents; }}/registration
325 '')) 327 install -m 0444 ${pkgs.writeText "installer-${system}.menu.ipxe" ''
326 (pkgs.writeTextFile {
327 name = "installer-${system}.menu.ipxe";
328 destination = "/installer-${system}.menu.ipxe";
329 text = ''
330 #!ipxe 328 #!ipxe
331 329
332 :start 330 :start
333 menu iPXE boot menu for installer-${system} 331 menu iPXE boot menu for installer-${system}
334 item installer installer-${system} 332 item installer ${with installerBuild'; "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} (Linux ${config.boot.kernelPackages.kernel.modDirVersion})"}
335 item memtest memtest86plus 333 item memtest memtest86plus
336 item netboot netboot.xyz 334 item netboot netboot.xyz
337 item shell iPXE shell 335 item shell iPXE shell
@@ -353,8 +351,8 @@ in {
353 :memtest 351 :memtest
354 iseq ''${platform} efi && chain --autofree memtest.efi || chain --autofree memtest.bin 352 iseq ''${platform} efi && chain --autofree memtest.efi || chain --autofree memtest.bin
355 goto start 353 goto start
356 ''; 354 ''} $out/installer-${system}.menu.ipxe
357 }) 355 '')))
358 ]; 356 ];
359 }) ["x86_64-linux"] 357 }) ["x86_64-linux"]
360 ) ++ [ 358 ) ++ [
@@ -366,15 +364,17 @@ in {
366 install -m 0444 ${sources.netbootxyz-efi.src} $out/netboot.xyz.efi 364 install -m 0444 ${sources.netbootxyz-efi.src} $out/netboot.xyz.efi
367 install -m 0444 ${sources.netbootxyz-lkrn.src} $out/netboot.xyz.lkrn 365 install -m 0444 ${sources.netbootxyz-lkrn.src} $out/netboot.xyz.lkrn
368 '') 366 '')
369 (let 367 (builtins.addErrorContext "while evaluating eostre" (let
370 eostreBuild = (flake.nixosConfigurations.eostre.extendModules { 368 eostreBuild' = (flake.nixosConfigurations.eostre.extendModules {
371 modules = [ 369 modules = [
372 ({ ... }: { 370 ({ ... }: {
373 config.nfsroot.storeDevice = "${nfsIp}:nix-store"; 371 config.nfsroot.storeDevice = "${nfsIp}:nix-store";
374 config.nfsroot.registrationUrl = "${nfsrootBaseUrl}/eostre/registration"; 372 config.nfsroot.registrationUrl = "${nfsrootBaseUrl}/eostre/registration";
373 config.system.nixos.label = "eostre";
375 }) 374 })
376 ]; 375 ];
377 }).config.system.build; 376 });
377 eostreBuild = eostreBuild'.config.system.build;
378 in builtins.toPath (pkgs.runCommandLocal "eostre" {} '' 378 in builtins.toPath (pkgs.runCommandLocal "eostre" {} ''
379 mkdir -p $out/eostre 379 mkdir -p $out/eostre
380 install -m 0444 -t $out/eostre \ 380 install -m 0444 -t $out/eostre \
@@ -382,43 +382,39 @@ in {
382 ${eostreBuild.kernel}/bzImage \ 382 ${eostreBuild.kernel}/bzImage \
383 ${eostreBuild.netbootIpxeScript}/netboot.ipxe \ 383 ${eostreBuild.netbootIpxeScript}/netboot.ipxe \
384 ${pkgs.closureInfo { rootPaths = eostreBuild.storeContents; }}/registration 384 ${pkgs.closureInfo { rootPaths = eostreBuild.storeContents; }}/registration
385 '')) 385 install -m 0444 ${pkgs.writeText "eostre.menu.ipxe" ''
386 (pkgs.writeTextFile { 386 #!ipxe
387 name = "eostre.menu.ipxe";
388 destination = "/eostre.menu.ipxe";
389 text = ''
390 #!ipxe
391 387
392 set menu-timeout 5000 388 set menu-timeout 5000
393 389
394 :start 390 :start
395 menu iPXE boot menu for eostre 391 menu iPXE boot menu for eostre
396 item eostre eostre 392 item eostre ${with eostreBuild'; "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} (Linux ${config.boot.kernelPackages.kernel.modDirVersion})"}
397 item memtest memtest86plus 393 item memtest memtest86plus
398 item netboot netboot.xyz 394 item netboot netboot.xyz
399 item shell iPXE shell 395 item shell iPXE shell
400 choose --timeout ''${menu-timeout} --default eostre selected || goto shell 396 choose --timeout ''${menu-timeout} --default eostre selected || goto shell
401 set menu-timeout 0 397 set menu-timeout 0
402 goto ''${selected} 398 goto ''${selected}
403 399
404 :shell 400 :shell
405 set menu-timeout 0 401 set menu-timeout 0
406 shell 402 shell
407 goto start 403 goto start
408 404
409 :eostre 405 :eostre
410 chain eostre/netboot.ipxe 406 chain eostre/netboot.ipxe
411 goto start 407 goto start
412 408
413 :netboot 409 :netboot
414 iseq ''${platform} efi && chain --autofree netboot.xyz.efi || chain --autofree netboot.xyz.lkrn 410 iseq ''${platform} efi && chain --autofree netboot.xyz.efi || chain --autofree netboot.xyz.lkrn
415 goto start 411 goto start
416 412
417 :memtest 413 :memtest
418 iseq ''${platform} efi && chain --autofree memtest.efi || chain --autofree memtest.bin 414 iseq ''${platform} efi && chain --autofree memtest.efi || chain --autofree memtest.bin
419 goto start 415 goto start
420 ''; 416 ''} $out/eostre.menu.ipxe
421 }) 417 '')))
422 ]; 418 ];
423 }; 419 };
424 }; 420 };
diff --git a/installer-profiles/cd-dvd.nix b/installer-profiles/cd-dvd.nix
index 45291bad..ac12d885 100644
--- a/installer-profiles/cd-dvd.nix
+++ b/installer-profiles/cd-dvd.nix
@@ -1,7 +1,13 @@
1{ flakeInputs, ... }: 1{ flakeInputs, lib, ... }:
2 2
3{ 3{
4 imports = [ 4 imports = [
5 "${flakeInputs.nixpkgs.outPath}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" 5 "${flakeInputs.nixpkgs.outPath}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
6 ]; 6 ];
7
8 config = {
9 isoImage.squashfsCompression = "zstd -Xcompression-level 9";
10 system.installer.channel.enable = false;
11 boot.loader.grub.memtest86.enable = lib.mkForce false;
12 };
7} 13}
diff --git a/installer-profiles/netboot.nix b/installer-profiles/netboot.nix
index 28e8084d..6e39ebfb 100644
--- a/installer-profiles/netboot.nix
+++ b/installer-profiles/netboot.nix
@@ -4,4 +4,9 @@
4 imports = [ 4 imports = [
5 "${flakeInputs.nixpkgs.outPath}/nixos/modules/installer/netboot/netboot-minimal.nix" 5 "${flakeInputs.nixpkgs.outPath}/nixos/modules/installer/netboot/netboot-minimal.nix"
6 ]; 6 ];
7
8 config = {
9 netboot.squashfsCompression = "zstd -Xcompression-level 9";
10 system.installer.channel.enable = false;
11 };
7} 12}
diff --git a/installer-profiles/nfsroot.nix b/installer-profiles/nfsroot.nix
index 6bd875b4..a8f6def6 100644
--- a/installer-profiles/nfsroot.nix
+++ b/installer-profiles/nfsroot.nix
@@ -8,4 +8,6 @@
8 "${flakeInputs.nixpkgs.outPath}/nixos/modules/profiles/base.nix" 8 "${flakeInputs.nixpkgs.outPath}/nixos/modules/profiles/base.nix"
9 "${flakeInputs.nixpkgs.outPath}/nixos/modules/profiles/installation-device.nix" 9 "${flakeInputs.nixpkgs.outPath}/nixos/modules/profiles/installation-device.nix"
10 ]; 10 ];
11
12 config.system.installer.channel.enable = false;
11} 13}
diff --git a/installer/default.nix b/installer/default.nix
index 7c6a4f40..26f38572 100644
--- a/installer/default.nix
+++ b/installer/default.nix
@@ -47,7 +47,7 @@ with lib;
47 services.xserver.videoDrivers = [ "nvidia" ]; 47 services.xserver.videoDrivers = [ "nvidia" ];
48 systemd.services.nvidia-control-devices = { 48 systemd.services.nvidia-control-devices = {
49 wantedBy = [ "multi-user.target" ]; 49 wantedBy = [ "multi-user.target" ];
50 serviceConfig.ExecStart = "${pkgs.linuxPackages.nvidia_x11.bin}/bin/nvidia-smi"; 50 serviceConfig.ExecStart = lib.getExe' pkgs.linuxPackages.nvidia_x11.bin "nvidia-smi";
51 }; 51 };
52 nixpkgs.externalConfig.allowUnfree = true; 52 nixpkgs.externalConfig.allowUnfree = true;
53 53
diff --git a/modules/i18n.nix b/modules/i18n.nix
new file mode 100644
index 00000000..f84e8b64
--- /dev/null
+++ b/modules/i18n.nix
@@ -0,0 +1,156 @@
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7let
8 aggregatedLocales =
9 (builtins.map
10 (l: (lib.replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8")
11 (
12 [ config.i18n.defaultLocale ]
13 ++ (lib.optionals (builtins.isList config.i18n.extraLocales) config.i18n.extraLocales)
14 ++ (lib.attrValues (lib.filterAttrs (n: _v: lib.hasPrefix "LC_" n) config.i18n.extraLocaleSettings))
15 )
16 )
17 ++ (lib.optional (builtins.isString config.i18n.extraLocales) config.i18n.extraLocales);
18in
19{
20 disabledModules = [ "config/i18n.nix" ];
21
22 ###### interface
23
24 options = {
25
26 i18n = {
27 glibcLocales = lib.mkOption {
28 type = lib.types.path;
29 default = pkgs.glibcLocales.override {
30 allLocales = lib.any (x: x == "all") config.i18n.supportedLocales;
31 locales = config.i18n.supportedLocales;
32 };
33 defaultText = lib.literalExpression ''
34 pkgs.glibcLocales.override {
35 allLocales = lib.any (x: x == "all") config.i18n.supportedLocales;
36 locales = config.i18n.supportedLocales;
37 }
38 '';
39 example = lib.literalExpression "pkgs.glibcLocales";
40 description = ''
41 Customized pkg.glibcLocales package.
42
43 Changing this option can disable handling of i18n.defaultLocale
44 and supportedLocale.
45 '';
46 };
47
48 defaultLocale = lib.mkOption {
49 type = lib.types.str;
50 default = "en_US.UTF-8";
51 example = "nl_NL.UTF-8";
52 description = ''
53 The default locale. It determines the language for program
54 messages, the format for dates and times, sort order, and so on.
55 It also determines the character set, such as UTF-8.
56 '';
57 };
58
59 extraLocales = lib.mkOption {
60 type = lib.types.either (lib.types.listOf lib.types.str) (lib.types.enum [ "all" ]);
61 default = [ ];
62 example = [ "nl_NL.UTF-8" ];
63 description = ''
64 Additional locales that the system should support, besides the ones
65 configured with {option}`i18n.defaultLocale` and
66 {option}`i18n.extraLocaleSettings`.
67 Set this to `"all"` to install all available locales.
68 '';
69 };
70
71 extraLocaleSettings = lib.mkOption {
72 type = lib.types.attrsOf lib.types.str;
73 default = { };
74 example = {
75 LC_MESSAGES = "en_US.UTF-8";
76 LC_TIME = "de_DE.UTF-8";
77 };
78 description = ''
79 A set of additional system-wide locale settings other than
80 `LANG` which can be configured with
81 {option}`i18n.defaultLocale`.
82 '';
83 };
84
85 supportedLocales = lib.mkOption {
86 type = lib.types.listOf lib.types.str;
87 visible = false;
88 default = lib.unique (
89 [
90 "C.UTF-8/UTF-8"
91 "en_US.UTF-8/UTF-8"
92 ]
93 ++ aggregatedLocales
94 );
95 example = [
96 "en_US.UTF-8/UTF-8"
97 "nl_NL.UTF-8/UTF-8"
98 "nl_NL/ISO-8859-1"
99 ];
100 description = ''
101 List of locales that the system should support. The value
102 `"all"` means that all locales supported by
103 Glibc will be installed. A full list of supported locales
104 can be found at <https://sourceware.org/git/?p=glibc.git;a=blob;f=localedata/SUPPORTED>.
105 '';
106 };
107
108 };
109
110 };
111
112 ###### implementation
113
114 config = {
115 warnings =
116 lib.optional
117 (
118 !(
119 (lib.subtractLists config.i18n.supportedLocales aggregatedLocales) == [ ]
120 || lib.any (x: x == "all") config.i18n.supportedLocales
121 )
122 )
123 ''
124 `i18n.supportedLocales` is deprecated in favor of `i18n.extraLocales`,
125 and it seems you are using `i18n.supportedLocales` and forgot to
126 include some locales specified in `i18n.defaultLocale`,
127 `i18n.extraLocales` or `i18n.extraLocaleSettings`.
128
129 If you're trying to install additional locales not specified in
130 `i18n.defaultLocale` or `i18n.extraLocaleSettings`, consider adding
131 only those locales to `i18n.extraLocales`.
132 '';
133
134 environment.systemPackages =
135 # We increase the priority a little, so that plain glibc in systemPackages can't win.
136 lib.optional (config.i18n.supportedLocales != [ ]) (lib.setPrio (-1) config.i18n.glibcLocales);
137
138 environment.sessionVariables = {
139 LANG = config.i18n.defaultLocale;
140 LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
141 } // config.i18n.extraLocaleSettings;
142
143 systemd.globalEnvironment = lib.mkIf (config.i18n.supportedLocales != [ ]) {
144 LOCALE_ARCHIVE = "${config.i18n.glibcLocales}/lib/locale/locale-archive";
145 };
146
147 # ‘/etc/locale.conf’ is used by systemd.
148 environment.etc."locale.conf".source = pkgs.writeText "locale.conf" ''
149 LANG=${config.i18n.defaultLocale}
150 ${lib.concatStringsSep "\n" (
151 lib.mapAttrsToList (n: v: "${n}=${v}") config.i18n.extraLocaleSettings
152 )}
153 '';
154
155 };
156}
diff --git a/modules/installer.nix b/modules/installer.nix
new file mode 100644
index 00000000..3e5c6d5b
--- /dev/null
+++ b/modules/installer.nix
@@ -0,0 +1,56 @@
1{ flake, config, lib, pkgs, ... }:
2
3let
4 cfg = config.installer.links;
5
6 installerOutPath = {
7 "cd-dvd" = _: installerBuild: "${installerBuild.config.system.build.isoImage}/iso";
8 "netboot" = {system, variant}: installerBuild: pkgs.runCommandLocal "${system}-${variant}" {} ''
9 mkdir $out
10 install -m 0444 -t $out \
11 ${installerBuild.config.system.build.netbootRamdisk}/initrd \
12 ${installerBuild.config.system.build.kernel}/${config.system.boot.loader.kernelFile} \
13 ${installerBuild.config.system.build.netbootIpxeScript}/netboot.ipxe \
14 ${pkgs.ipxe.override {
15 additionalTargets = {
16 "bin-i386-efi/ipxe.efi" = "i386-ipxe.efi";
17 };
18 additionalOptions = [
19 "NSLOOKUP_CMD"
20 "PING_CMD"
21 "CONSOLE_CMD"
22 ];
23 embedScript = pkgs.writeText "netboot.ipxe" ''
24 #!ipxe
25
26 chain netboot.ipxe
27 '';
28 }}/{ipxe.efi,i386-ipxe.efi,ipxe.lkrn}
29 '';
30 };
31in {
32 options = {
33 installer.links = lib.mkOption {
34 type = lib.types.listOf (lib.types.submodule {
35 options = {
36 system = lib.mkOption {
37 type = lib.types.str;
38 };
39 variant = lib.mkOption {
40 type = lib.types.str;
41 };
42 };
43 });
44 default = [];
45 };
46 };
47
48 config = lib.mkIf (cfg != []) {
49 systemd.tmpfiles.rules = map (installer'@{system, variant}:
50 let
51 installer = "${system}-${variant}";
52 installerBuild = builtins.addErrorContext "while evaluating installer-${installer}" flake.nixosConfigurations.${"installer-${installer}"};
53 in "L+ /run/installer-${installer} - - - - ${installerOutPath.${variant} installer' installerBuild}"
54 ) cfg;
55 };
56}
diff --git a/modules/postsrsd.nix b/modules/postsrsd.nix
new file mode 100644
index 00000000..205e669d
--- /dev/null
+++ b/modules/postsrsd.nix
@@ -0,0 +1,157 @@
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7let
8
9 cfg = config.services.postsrsd;
10 runtimeDirectoryName = "postsrsd";
11 runtimeDirectory = "/run/${runtimeDirectoryName}";
12 # TODO: follow RFC 42, but we need a libconfuse format first:
13 # https://github.com/NixOS/nixpkgs/issues/401565
14 # Arrays in `libconfuse` look like this: {"Life", "Universe", "Everything"}
15 # See https://www.nongnu.org/confuse/tutorial-html/ar01s03.html.
16 #
17 # Note: We're using `builtins.toJSON` to escape strings, but JSON strings
18 # don't have exactly the same semantics as libconfuse strings. For example,
19 # "${F}" gets treated as an env var reference, see above issue for details.
20 libconfuseDomains = "{ " + lib.concatMapStringsSep ", " builtins.toJSON cfg.domains + " }";
21 configFile = pkgs.writeText "postsrsd.conf" ''
22 secrets-file = "''${CREDENTIALS_DIRECTORY}/secrets-file"
23 domains = ${libconfuseDomains}
24 separator = "${cfg.separator}"
25
26 # Disable postsrsd's jailing in favor of confinement with systemd.
27 unprivileged-user = ""
28 chroot-dir = ""
29
30 ${cfg.extraConfig}
31 '';
32
33in
34{
35 imports =
36 map
37 (
38 name:
39 lib.mkRemovedOptionModule [ "services" "postsrsd" name ] ''
40 `postsrsd` was upgraded to `>= 2.0.0`, with some different behaviors and configuration settings:
41 - NixOS Release Notes: https://nixos.org/manual/nixos/unstable/release-notes#sec-nixpkgs-release-25.05-incompatibilities
42 - NixOS Options Reference: https://nixos.org/manual/nixos/unstable/options#opt-services.postsrsd.enable
43 - Migration instructions: https://github.com/roehling/postsrsd/blob/2.0.10/README.rst#migrating-from-version-1x
44 - Postfix Setup: https://github.com/roehling/postsrsd/blob/2.0.10/README.rst#postfix-setup
45 ''
46 )
47 [
48 "domain"
49 "forwardPort"
50 "reversePort"
51 "timeout"
52 "excludeDomains"
53 ];
54
55 disabledModules = [ "services/mail/postsrsd.nix" ];
56
57 options = {
58 services.postsrsd = {
59 enable = lib.mkOption {
60 type = lib.types.bool;
61 default = false;
62 description = "Whether to enable the postsrsd SRS server for Postfix.";
63 };
64
65 secretsFile = lib.mkOption {
66 type = lib.types.path;
67 default = "/var/lib/postsrsd/postsrsd.secret";
68 description = "Secret keys used for signing and verification";
69 };
70
71 domains = lib.mkOption {
72 type = lib.types.listOf lib.types.str;
73 description = "Domain names for rewrite";
74 default = [ config.networking.hostName ];
75 defaultText = lib.literalExpression "[ config.networking.hostName ]";
76 };
77
78 separator = lib.mkOption {
79 type = lib.types.enum [
80 "-"
81 "="
82 "+"
83 ];
84 default = "=";
85 description = "First separator character in generated addresses";
86 };
87
88 user = lib.mkOption {
89 type = lib.types.str;
90 default = "postsrsd";
91 description = "User for the daemon";
92 };
93
94 group = lib.mkOption {
95 type = lib.types.str;
96 default = "postsrsd";
97 description = "Group for the daemon";
98 };
99
100 extraConfig = lib.mkOption {
101 type = lib.types.lines;
102 default = "";
103 };
104 };
105 };
106
107 config = lib.mkIf cfg.enable {
108 users.users = lib.optionalAttrs (cfg.user == "postsrsd") {
109 postsrsd = {
110 group = cfg.group;
111 uid = config.ids.uids.postsrsd;
112 };
113 };
114
115 users.groups = lib.optionalAttrs (cfg.group == "postsrsd") {
116 postsrsd.gid = config.ids.gids.postsrsd;
117 };
118
119 systemd.services.postsrsd-generate-secrets = {
120 path = [ pkgs.coreutils ];
121 script = ''
122 if [ -e "${cfg.secretsFile}" ]; then
123 echo "Secrets file exists. Nothing to do!"
124 else
125 echo "WARNING: secrets file not found, autogenerating!"
126 DIR="$(dirname "${cfg.secretsFile}")"
127 install -m 750 -o ${cfg.user} -g ${cfg.group} -d "$DIR"
128 install -m 600 -o ${cfg.user} -g ${cfg.group} <(dd if=/dev/random bs=18 count=1 | base64) "${cfg.secretsFile}"
129 fi
130 '';
131 serviceConfig = {
132 Type = "oneshot";
133 };
134 };
135
136 systemd.services.postsrsd = {
137 description = "PostSRSd SRS rewriting server";
138 after = [
139 "network.target"
140 "postsrsd-generate-secrets.service"
141 ];
142 before = [ "postfix.service" ];
143 wantedBy = [ "multi-user.target" ];
144 requires = [ "postsrsd-generate-secrets.service" ];
145 confinement.enable = true;
146
147 serviceConfig = {
148 ExecStart = "${lib.getExe pkgs.postsrsd} -C ${configFile}";
149 User = cfg.user;
150 Group = cfg.group;
151 PermissionsStartOnly = true;
152 RuntimeDirectory = runtimeDirectoryName;
153 LoadCredential = "secrets-file:${cfg.secretsFile}";
154 };
155 };
156 };
157}
diff --git a/overlays/cake-prometheus-exporter/default.nix b/overlays/cake-prometheus-exporter/default.nix
index 3d0acc2d..69a5008c 100644
--- a/overlays/cake-prometheus-exporter/default.nix
+++ b/overlays/cake-prometheus-exporter/default.nix
@@ -1,19 +1,18 @@
1{ final, prev, ... }: 1{ final, prev, ... }:
2let 2let
3 inpPython = final.python310.override {}; 3 inpPython = final.python310.override {};
4 python = inpPython.withPackages (ps: with ps; []);
4in { 5in {
5 cake-prometheus-exporter = prev.stdenv.mkDerivation rec { 6 cake-prometheus-exporter = prev.stdenv.mkDerivation rec {
6 pname = "cake-prometheus-exporter"; 7 pname = "cake-prometheus-exporter";
7 version = "0.0.0"; 8 version = "0.0.0";
8 9
9 src = ./cake-prometheus-exporter.py; 10 src = prev.replaceVars ./cake-prometheus-exporter.py { inherit python; };
10 11
11 phases = [ "buildPhase" "checkPhase" "installPhase" ]; 12 phases = [ "unpackPhase" "checkPhase" "installPhase" ];
12 13
13 python = inpPython.withPackages (ps: with ps; []); 14 unpackPhase = ''
14 15 cp $src cake-prometheus-exporter
15 buildPhase = ''
16 substituteAll $src cake-prometheus-exporter
17 ''; 16 '';
18 17
19 doCheck = true; 18 doCheck = true;
diff --git a/overlays/inwx-cdnskey/default.nix b/overlays/inwx-cdnskey/default.nix
index cd564f24..e1bee0f2 100644
--- a/overlays/inwx-cdnskey/default.nix
+++ b/overlays/inwx-cdnskey/default.nix
@@ -2,17 +2,16 @@
2let 2let
3 packageOverrides = final.callPackage ./python-packages.nix {}; 3 packageOverrides = final.callPackage ./python-packages.nix {};
4 inpPython = final.python39.override { inherit packageOverrides; }; 4 inpPython = final.python39.override { inherit packageOverrides; };
5 python = inpPython.withPackages (ps: with ps; [pyxdg inwx-domrobot configparser dnspython]);
5in { 6in {
6 inwx-cdnskey = prev.stdenv.mkDerivation rec { 7 inwx-cdnskey = prev.stdenv.mkDerivation rec {
7 name = "inwx-cdnskey"; 8 name = "inwx-cdnskey";
8 src = ./inwx-cdnskey.py; 9 src = prev.replaceVars ./inwx-cdnskey.py { inherit python; };
9 10
10 phases = [ "buildPhase" "checkPhase" "installPhase" ]; 11 phases = [ "unpackPhase" "checkPhase" "installPhase" ];
11 12
12 python = inpPython.withPackages (ps: with ps; [pyxdg inwx-domrobot configparser dnspython]); 13 unpackPhase = ''
13 14 cp $src inwx-cdnskey
14 buildPhase = ''
15 substituteAll $src inwx-cdnskey
16 ''; 15 '';
17 16
18 doCheck = true; 17 doCheck = true;
diff --git a/overlays/nftables-prometheus-exporter/default.nix b/overlays/nftables-prometheus-exporter/default.nix
index aab0c8e9..48f668c4 100644
--- a/overlays/nftables-prometheus-exporter/default.nix
+++ b/overlays/nftables-prometheus-exporter/default.nix
@@ -1,17 +1,16 @@
1{ final, prev, ... }: 1{ final, prev, ... }:
2let 2let
3 inpPython = final.python310; 3 inpPython = final.python310;
4 python = inpPython.withPackages (ps: with ps; []);
4in { 5in {
5 nftables-prometheus-exporter = prev.stdenv.mkDerivation rec { 6 nftables-prometheus-exporter = prev.stdenv.mkDerivation rec {
6 name = "nftables-prometheus-exporter"; 7 name = "nftables-prometheus-exporter";
7 src = ./nftables-prometheus-exporter.py; 8 src = prev.replaceVars ./nftables-prometheus-exporter.py { inherit python; };
8 9
9 phases = [ "buildPhase" "checkPhase" "installPhase" ]; 10 phases = [ "unpackPhase" "checkPhase" "installPhase" ];
10 11
11 python = inpPython.withPackages (ps: with ps; []); 12 unpackPhase = ''
12 13 cp $src nftables-prometheus-exporter
13 buildPhase = ''
14 substituteAll $src nftables-prometheus-exporter
15 ''; 14 '';
16 15
17 doCheck = true; 16 doCheck = true;
diff --git a/overlays/persistent-nix-shell/default.nix b/overlays/persistent-nix-shell/default.nix
index c36b9e86..6067cade 100644
--- a/overlays/persistent-nix-shell/default.nix
+++ b/overlays/persistent-nix-shell/default.nix
@@ -5,10 +5,9 @@
5 5
6 phases = [ "buildPhase" "installPhase" ]; 6 phases = [ "buildPhase" "installPhase" ];
7 7
8 inherit (final) zsh;
9
10 buildPhase = '' 8 buildPhase = ''
11 substituteAll $src persistent-nix-shell 9 substitute $src persistent-nix-shell \
10 --subst-var-by zsh ${final.zsh}
12 ''; 11 '';
13 12
14 installPhase = '' 13 installPhase = ''
diff --git a/overlays/postsrsd.nix b/overlays/postsrsd.nix
new file mode 100644
index 00000000..cb1ccf30
--- /dev/null
+++ b/overlays/postsrsd.nix
@@ -0,0 +1,11 @@
1{ final, prev, ... }:
2{
3 postsrsd = prev.postsrsd.overrideAttrs (oldAttrs: {
4 cmakeFlags = (oldAttrs.cmakeFlags or []) ++ [
5 "-DWITH_MILTER=ON"
6 ];
7 buildInputs = (oldAttrs.buildInputs or []) ++ [
8 final.libmilter
9 ];
10 });
11}
diff --git a/overlays/zte-prometheus-exporter/default.nix b/overlays/zte-prometheus-exporter/default.nix
index 2188e7b3..cd4207cd 100644
--- a/overlays/zte-prometheus-exporter/default.nix
+++ b/overlays/zte-prometheus-exporter/default.nix
@@ -2,17 +2,16 @@
2let 2let
3 packageOverrides = final.callPackage ./python-packages.nix {}; 3 packageOverrides = final.callPackage ./python-packages.nix {};
4 inpPython = final.python310.override { inherit packageOverrides; }; 4 inpPython = final.python310.override { inherit packageOverrides; };
5 python = inpPython.withPackages (ps: with ps; [pytimeparse requests]);
5in { 6in {
6 zte-prometheus-exporter = prev.stdenv.mkDerivation rec { 7 zte-prometheus-exporter = prev.stdenv.mkDerivation rec {
7 name = "zte-prometheus-exporter"; 8 name = "zte-prometheus-exporter";
8 src = ./zte-prometheus-exporter.py; 9 src = prev.replaceVars ./zte-prometheus-exporter.py { inherit python; };
9 10
10 phases = [ "buildPhase" "checkPhase" "installPhase" ]; 11 phases = [ "unpackPhase" "checkPhase" "installPhase" ];
11 12
12 python = inpPython.withPackages (ps: with ps; [pytimeparse requests]); 13 unpackPhase = ''
13 14 cp $src zte-prometheus-exporter
14 buildPhase = ''
15 substituteAll $src zte-prometheus-exporter
16 ''; 15 '';
17 16
18 doCheck = true; 17 doCheck = true;
diff --git a/system-profiles/core/default.nix b/system-profiles/core/default.nix
index b85aea4e..229a007e 100644
--- a/system-profiles/core/default.nix
+++ b/system-profiles/core/default.nix
@@ -127,36 +127,16 @@ in {
127 127
128 flake-registry = "${flakeInputs.flake-registry}/flake-registry.json"; 128 flake-registry = "${flakeInputs.flake-registry}/flake-registry.json";
129 }; 129 };
130 nixPath = [ 130 nixPath = map (flake: "${flake}=flake:${flake}") (attrNames config.nix.registry);
131 "nixpkgs=${pkgs.runCommand "nixpkgs" {} ''
132 mkdir $out
133 ln -s ${./nixpkgs.nix} $out/default.nix
134 ln -s /run/nixpkgs/lib $out/lib
135 ''}"
136 ];
137 registry = 131 registry =
138 let override = { self = "nixos"; }; 132 let override = { self = "nixos"; };
139 in mapAttrs' (inpName: inpFlake: nameValuePair 133 in mapAttrs' (inpName: inpFlake: nameValuePair
140 (override.${inpName} or inpName) 134 (override.${inpName} or inpName)
141 { flake = inpFlake; } ) flakeInputs; 135 { to = { type = "path"; path = inpFlake; }; } ) flakeInputs;
142 }; 136 };
143 137
144 systemd.tmpfiles.rules = [ 138 systemd.tmpfiles.rules = [
145 "L+ /run/nixpkgs - - - - ${flakeInputs.${config.nixpkgs.flakeInput}.outPath}" 139 "L+ /run/nixpkgs - - - - ${flakeInputs.${config.nixpkgs.flakeInput}.outPath}"
146 "L+ /run/nixpkgs-overlays.nix - - - - ${pkgs.writeText "overlays.nix" ''
147 with builtins;
148
149 attrValues (import
150 (
151 let lock = fromJSON (readFile ${flake + "/flake.lock"}); in
152 fetchTarball {
153 url = "https://github.com/edolstra/flake-compat/archive/''${lock.nodes.flake-compat.locked.rev}.tar.gz";
154 sha256 = lock.nodes.flake-compat.locked.narHash;
155 }
156 )
157 { src = ${flake}; }
158 ).defaultNix.overlays
159 ''}"
160 "L+ /etc/nixos - - - - ${flake}" 140 "L+ /etc/nixos - - - - ${flake}"
161 ] ++ map (input: "L+ /run/flake-inputs/${input} - - - - ${flakeInputs.${input}.outPath}") (attrNames flakeInputs); 141 ] ++ map (input: "L+ /run/flake-inputs/${input} - - - - ${flakeInputs.${input}.outPath}") (attrNames flakeInputs);
162 142
@@ -177,8 +157,6 @@ in {
177 { 157 {
178 manual.manpages.enable = true; 158 manual.manpages.enable = true;
179 systemd.user.startServices = "sd-switch"; 159 systemd.user.startServices = "sd-switch";
180
181 programs.ssh.internallyManaged = mkForce true;
182 } 160 }
183 ]; 161 ];
184 extraSpecialArgs = { inherit flake flakeInputs path; hostConfig = config; }; 162 extraSpecialArgs = { inherit flake flakeInputs path; hostConfig = config; };
diff --git a/system-profiles/default-locale.nix b/system-profiles/default-locale.nix
index 2d483f04..60d338cb 100644
--- a/system-profiles/default-locale.nix
+++ b/system-profiles/default-locale.nix
@@ -1,16 +1,23 @@
1{ lib, ... }: 1{ lib, options, ... }:
2 2
3with lib; 3with lib;
4 4
5{ 5{
6 i18n = { 6 config = foldr recursiveUpdate {} ([
7 defaultLocale = "en_DK.UTF-8"; 7 {
8 extraLocaleSettings = { 8 i18n = {
9 "TIME_STYLE" = "long-iso"; 9 defaultLocale = "en_DK.UTF-8";
10 }; 10 extraLocaleSettings = {
11 supportedLocales = [ "C.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "en_DK.UTF-8/UTF-8" ]; 11 "TIME_STYLE" = "long-iso";
12 }; 12 };
13 console.keyMap = mkDefault "dvorak-programmer"; 13 };
14 console.keyMap = mkDefault "dvorak-programmer";
14 15
15 time.timeZone = mkDefault "Europe/Berlin"; 16 time.timeZone = mkDefault "Europe/Berlin";
17 }
18 ] ++ (optional (options ? i18n.extraLocales) {
19 i18n.extraLocales = [ "C.UTF-8" "en_US.UTF-8" "en_DK.UTF-8" ];
20 }) ++ (optional (!(options ? i18n.extraLocales)) {
21 i18n.supportedLocales = [ "C.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "en_DK.UTF-8/UTF-8" ];
22 }));
16} 23}
diff --git a/system-profiles/rebuild-machines/default.nix b/system-profiles/rebuild-machines/default.nix
index 544f47e1..de86cd74 100644
--- a/system-profiles/rebuild-machines/default.nix
+++ b/system-profiles/rebuild-machines/default.nix
@@ -25,16 +25,18 @@ let
25 25
26 phases = [ "buildPhase" "installPhase" ]; 26 phases = [ "buildPhase" "installPhase" ];
27 27
28 inherit (pkgs) zsh coreutils openssh;
29 inherit (cfg) scriptName;
30 inherit (cfg.flake) flakeOutput;
31 flake = cfg.flake.name;
32 nixosRebuild = config.system.build.nixos-rebuild;
33 inherit (config.security) wrapperDir;
34 inherit sshConfig;
35
36 buildPhase = '' 28 buildPhase = ''
37 substituteAll $src rebuild-machine.zsh 29 substitute $src rebuild-machine.zsh \
30 --subst-var-by zsh ${pkgs.zsh} \
31 --subst-var-by coreutils ${pkgs.coreutils} \
32 --subst-var-by openssh ${pkgs.openssh} \
33 --subst-var-by wrapperDir ${config.security.wrapperDir} \
34 --subst-var-by sshConfig ${sshConfig} \
35 --subst-var-by out "$out" \
36 --subst-var-by nixosRebuild ${config.system.build.nixos-rebuild} \
37 --subst-var-by flake ${cfg.flake.name} \
38 --subst-var-by scriptName ${cfg.scriptName} \
39 --subst-var-by flakeOutput ${cfg.flake.flakeOutput}
38 ''; 40 '';
39 41
40 installPhase = '' 42 installPhase = ''
diff --git a/user-profiles/feeds/alot.config b/user-profiles/feeds/alot.config
deleted file mode 100644
index a14d4539..00000000
--- a/user-profiles/feeds/alot.config
+++ /dev/null
@@ -1,50 +0,0 @@
1attachment_prefix="~/Downloads"
2bug_on_exit=true
3editor_cmd="false"
4tabwidth=2
5timestamp_format="%a %d %b %H:%M:%S %Y UTC%z"
6auto_remove_unread=True
7#initial_command="search ( tag:inbox ) AND NOT ( tag:killed )"
8initial_command="search ( tag:inbox ) AND NOT ( is:link OR is:media OR is:killed )"
9
10[accounts]
11 [[private]]
12 realname = @realname@
13 address = @address@
14
15[bindings]
16j =
17k =
18'g g' =
19G =
20I = search ( tag:inbox ) AND NOT ( is:killed )
21U = search ( tag:inbox ) AND NOT ( is:link OR is:media OR is:killed )
22V = search ( tag:inbox AND is:media OR ( is:live AND date:12h.. AND NOT is:unread ) ) AND NOT ( is:killed )
23W = search ( is:media ) AND NOT ( tag:inbox OR is:killed OR is:highlight )
24L = search ( tag:inbox AND is:link ) AND NOT ( is:killed )
25
26h = move first
27t = move up
28n = move down
29s = move last
30 [[search]]
31 a =
32 s =
33
34 u = toggletags unread
35 i = toggletags inbox
36 j = untag unread,inbox
37 r = toggletags later
38 [[thread]]
39 s =
40 S =
41 n =
42 'g j' =
43 'g k' =
44 'g l' =
45 w = save
46 W = save --all
47 'g h' = move parent
48 'g t' = move next sibling
49 'g n' = move previous sibling
50 'g s' = move first reply \ No newline at end of file
diff --git a/user-profiles/feeds/default.nix b/user-profiles/feeds/default.nix
deleted file mode 100644
index 82be90c7..00000000
--- a/user-profiles/feeds/default.nix
+++ /dev/null
@@ -1,11 +0,0 @@
1{ config, flakeInputs, pkgs, lib, userName, customUtils, ... }:
2{
3 home-manager.users.${userName} = {...}: {
4 imports = [
5 (customUtils.overrideModuleArgs
6 (import ./module.nix)
7 (inputs: inputs // { inherit flakeInputs; inherit (config.nixpkgs) system; })
8 )
9 ];
10 };
11}
diff --git a/user-profiles/feeds/imm-notmuch-insert.py b/user-profiles/feeds/imm-notmuch-insert.py
deleted file mode 100644
index b7eed292..00000000
--- a/user-profiles/feeds/imm-notmuch-insert.py
+++ /dev/null
@@ -1,52 +0,0 @@
1#!@python@/bin/python
2
3import json
4import sys
5import subprocess
6from io import BytesIO
7from email.message import EmailMessage
8import configparser
9from os import environ
10from datetime import *
11from dateutil.tz import *
12from dateutil.parser import isoparse
13from html2text import html2text
14
15def main():
16 notmuchConfig = configparser.ConfigParser()
17 notmuchConfig.read(environ.get('NOTMUCH_CONFIG'))
18
19 callbackMessage = json.load(sys.stdin)
20
21 msg = EmailMessage()
22 authors = ', '.join(map(lambda author: author['name'], callbackMessage['feed_item']['authors']))
23 if authors:
24 msg['From'] = f"{callbackMessage['feed_definition']['title']} ({authors}) <imm@imm.invalid>"
25 else:
26 msg['From'] = f"{callbackMessage['feed_definition']['title']} <imm@imm.invalid>"
27 msg['To'] = f"{notmuchConfig['user']['name']} <{notmuchConfig['user']['primary_email']}>"
28 if 'title' in callbackMessage['feed_item'] and callbackMessage['feed_item']['title']:
29 msg['Subject'] = callbackMessage['feed_item']['title']
30 msg['Item-Identifier'] = f"{callbackMessage['feed_item']['identifier']}"
31 for link in callbackMessage['feed_item']['links']:
32 msg.add_header('Link', link['uri'])
33 date = None
34 if 'date' in callbackMessage['feed_item']:
35 date = isoparse(callbackMessage['feed_item']['date'])
36 else:
37 date = datetime.now(tzlocal())
38 msg['Date'] = date.strftime('%a, %e %b %Y %T %z')
39
40 if 'content' in callbackMessage['feed_item'] and callbackMessage['feed_item']['content']:
41 msg.set_content(html2text(callbackMessage['feed_item']['content']))
42 msg.add_alternative(callbackMessage['feed_item']['content'], subtype='html')
43
44
45 subprocess.run(
46 args=['notmuch', 'insert'],
47 check=True,
48 input=bytes(msg)
49 )
50
51if __name__ == '__main__':
52 sys.exit(main())
diff --git a/user-profiles/feeds/module.nix b/user-profiles/feeds/module.nix
deleted file mode 100644
index 63e827eb..00000000
--- a/user-profiles/feeds/module.nix
+++ /dev/null
@@ -1,236 +0,0 @@
1{ config, flakeInputs, pkgs, lib, system, ... }:
2
3with lib;
4
5let
6 inherit (flakeInputs.home-manager.lib) hm;
7
8 databasePath = "${config.xdg.dataHome}/feeds";
9
10 imm =
11 let
12 hlib = pkgs.haskell.lib;
13 haskellPackages = pkgs.haskellPackages.override {
14 overrides = finalHaskell: prevHaskell: {
15 uri-bytestring = finalHaskell.callCabal2nix "uri-bytestring" (pkgs.fetchFromGitHub {
16 owner = "gkleen";
17 repo = "uri-bytestring";
18 rev = "5f7f32c8274bc4d1b81d99582f5148fe3e8b637e";
19 sha256 = "XLanwyCDIlMuOkpE5LbTNOBfL+1kZX+URfj9Bhs1Nsc=";
20 fetchSubmodules = true;
21 }) {};
22 atom-conduit = finalHaskell.callCabal2nix "atom-conduit" (pkgs.fetchFromGitHub {
23 owner = "gkleen";
24 repo = "atom-conduit";
25 rev = "022f0182a02373f87c06a0a09817c8c41efe2425";
26 sha256 = "8yEyh3ymqkoM/YP+eBqPq1I5ofzj0Qn7ojL7IWx1DPo=";
27 fetchSubmodules = true;
28 }) {};
29 rss-conduit = finalHaskell.callCabal2nix "rss-condit" (pkgs.fetchFromGitHub {
30 owner = "gkleen";
31 repo = "rss-conduit";
32 rev = "dbb0960a8d3dc519f1607aa0223b3a25a49282ef";
33 sha256 = "Md1XApZWkdv4JvNoaVnjz0S85LbEC6w9U3PUcwXfu94=";
34 fetchSubmodules = true;
35 }) {};
36 beam-core = hlib.doJailbreak (finalHaskell.callCabal2nix "beam-core" "${beamSrc}/beam-core" {});
37 beam-migrate = hlib.doJailbreak (finalHaskell.callCabal2nix "beam-migrate" "${beamSrc}/beam-migrate" {});
38 beam-sqlite = hlib.doJailbreak (finalHaskell.callCabal2nix "beam-sqlite" "${beamSrc}/beam-sqlite" {});
39
40 imm = finalHaskell.callCabal2nix "imm" (pkgs.fetchFromGitHub {
41 owner = "k0ral";
42 repo = "imm";
43 rev = "5033879667264cb44cee65671a66f6aa43f249e7";
44 sha256 = "PG22caLQmAGhLZP49HsazuNd8IFKKaTuhXIQBD8v4Fs=";
45 fetchSubmodules = true;
46 }) {};
47 };
48 };
49 beamSrc = pkgs.fetchFromGitHub {
50 owner = "haskell-beam";
51 repo = "beam";
52 rev = "efd464b079755a781c2bb7a2fc030d6c141bbb8a";
53 sha256 = "8nTuBP/vD0L/qMo4h3XNrGZvpIwXuMVdj40j5gvHU6w=";
54 fetchSubmodules = true;
55 };
56 in haskellPackages.imm;
57 immWrapped = pkgs.runCommand "${imm.name}-wrapped-${config.home.username}"
58 { nativeBuildInputs = with pkgs; [ makeWrapper ];
59 } ''
60 mkdir -p $out/bin
61 makeWrapper ${imm}/bin/imm $out/bin/imm \
62 --add-flags --callbacks=${notmuchCallbacks}
63 '';
64
65 notmuchCallbacks = pkgs.writeText "imm-callbacks-${config.home.username}.dhall" ''
66 [ { _executable = "${immNotmuchInsert}/bin/imm-notmuch-insert"
67 , _arguments = [] : List Text
68 }
69 ]
70 '';
71
72 immNotmuchInsert = pkgs.stdenv.mkDerivation rec {
73 name = "imm-notmuch-insert-${config.home.username}";
74 src = ./imm-notmuch-insert.py;
75
76 phases = [ "buildPhase" "checkPhase" "installPhase" "fixupPhase" ];
77
78 python = pkgs.python39.withPackages (ps: with ps; [ configparser python-dateutil html2text ]);
79
80 nativeBuildInputs = with pkgs; [ makeWrapper ];
81
82 buildPhase = ''
83 substituteAll $src imm-notmuch-insert
84 '';
85
86 doCheck = true;
87 checkPhase = ''
88 ${python}/bin/python -m py_compile imm-notmuch-insert
89 '';
90
91 installPhase = ''
92 install -m 0755 -D -t $out/bin \
93 imm-notmuch-insert
94 '';
95
96 fixupPhase = ''
97 wrapProgram $out/bin/imm-notmuch-insert \
98 --prefix PATH : ${pkgs.notmuch}/bin \
99 --set NOTMUCH_CONFIG ${configPath}
100 '';
101 };
102
103 mkIniKeyValue = key: value:
104 let
105 tweakVal = v:
106 if isString v then
107 v
108 else if isList v then
109 concatMapStringsSep ";" tweakVal v
110 else if isBool v then
111 (if v then "true" else "false")
112 else
113 toString v;
114 in "${key}=${tweakVal value}";
115
116 notmuchIni = {
117 database = { path = databasePath; };
118
119 maildir = { synchronize_flags = false; };
120
121 new = {
122 ignore = [];
123 tags = ["new"];
124 };
125
126 user = {
127 name = config.home.username;
128 primary_email = "${config.home.username}@imm.invalid";
129 };
130
131 search = { exclude_tags = ["deleted"]; };
132 };
133 configPath = pkgs.writeText "notmuchrc" (generators.toINI { mkKeyValue = mkIniKeyValue; } notmuchIni);
134
135 afewConfigDir = pkgs.symlinkJoin {
136 name = "afew-config";
137 paths = [
138 (pkgs.writeTextDir "config" ''
139 [InboxFilter]
140 '')
141 ];
142 };
143
144 notmuchHooksDir =
145 let
146 afewHook = pkgs.writeShellScript "afew" ''
147 exec -- ${pkgs.afew}/bin/afew -c ${afewConfigDir} -C ${configPath} --tag --new -vv
148 '';
149 in pkgs.linkFarm "notmuch-hooks" [
150 { name = "post-new";
151 path = afewHook;
152 }
153 { name = "post-insert";
154 path = afewHook;
155 }
156 ];
157
158 notmuchWrapped = pkgs.runCommand "${pkgs.notmuch.name}-wrapped-${config.home.username}"
159 { nativeBuildInputs = with pkgs; [ makeWrapper ];
160 } ''
161 mkdir -p $out/bin
162 makeWrapper ${pkgs.notmuch}/bin/notmuch $out/bin/notmuch-feeds \
163 --set NOTMUCH_CONFIG ${configPath}
164 '';
165 alotWrapped = pkgs.runCommand "${pkgs.alot.name}-wrapped-${config.home.username}"
166 { nativeBuildInputs = with pkgs; [ makeWrapper gnused ];
167 } ''
168 mkdir -p $out/bin
169 makeWrapper ${pkgs.alot}/bin/alot $out/bin/alot-feeds \
170 --prefix MAILCAPS : ${alotMailcaps} \
171 --add-flags --config=${alotConfig} \
172 --add-flags --notmuch-config=${configPath}
173
174 mkdir $out/share
175 ln -s ${pkgs.alot}/share/alot $out/share
176 mkdir -p $out/share/applications
177 sed -r 's/alot/alot-feeds/g' ${pkgs.alot}/share/applications/alot.desktop > $out/share/applications/alot-feeds.desktop
178 mkdir -p $out/share/zsh/site-functions
179 sed -r 's/alot/alot-feeds/g' ${pkgs.alot}/share/zsh/site-functions/_alot > $out/share/zsh/site-functions/_alot-feeds
180 '';
181
182 alotConfig = pkgs.runCommand "alot" {
183 realname = notmuchIni.user.name;
184 address = notmuchIni.user.primary_email;
185 } "substituteAll ${./alot.config} $out";
186 alotMailcaps = pkgs.writeText "mailcaps" ''
187 text/html; ${pkgs.lynx}/bin/lynx -dump -dont_wrap_pre -assume_charset=utf-8 -display_charset=utf-8 "%s"; nametemplate=%s.html; copiousoutput
188 '';
189in {
190 config = {
191 home.packages = [ immWrapped notmuchWrapped pkgs.notmuch.man alotWrapped ];
192
193 home.activation.createImm = hm.dag.entryAfter ["writeBoundary"] ''
194 $DRY_RUN_CMD mkdir -p $VERBOSE_ARG ${config.xdg.configHome}/imm
195 '';
196
197 home.activation.createFeedsDatabase = hm.dag.entryAfter ["linkGeneration" "writeBoundary"] ''
198 $DRY_RUN_CMD mkdir -p -m 0750 $VERBOSE_ARG ${databasePath}
199 $DRY_RUN_CMD mkdir -p $VERBOSE_ARG ${databasePath}/new ${databasePath}/cur ${databasePath}/tmp
200 if ! [[ -d ${databasePath}/.notmuch ]]; then
201 NOTMUCH_VERBOSE_ARG="--quiet"
202 if [[ -v VERBOSE ]]; then
203 NOTMUCH_VERBOSE_ARG="--verbose"
204 fi
205 NOTMUCH_CONFIG=${configPath} $DRY_RUN_CMD ${pkgs.notmuch}/bin/notmuch new $NOTMUCH_VERBOSE_ARG
206 fi
207 $DRY_RUN_CMD ln -Tsf $VERBOSE_ARG ${notmuchHooksDir} ${databasePath}/.notmuch/hooks
208 '';
209
210 systemd.user.services."logrotate-imm" = {
211 Unit = {
212 Description = "Rotate imm logfile";
213 };
214 Service = {
215 Type = "oneshot";
216 ExecStart = ''
217 ${pkgs.logrotate}/bin/logrotate --state ${config.xdg.configHome}/imm/imm.logrotate ${pkgs.writeText "logrotate.conf" ''
218 ${config.xdg.configHome}/imm/imm.log {
219 rotate 5
220 size 1024k
221 }
222 ''}
223 '';
224 };
225 };
226 systemd.user.timers."logrotate-imm" = {
227 Timer = {
228 OnActiveSec = "6h";
229 OnUnitActiveSec = "6h";
230 };
231 Install = {
232 WantedBy = ["default.target"];
233 };
234 };
235 };
236}
diff --git a/user-profiles/tmux/default.nix b/user-profiles/tmux/default.nix
index 11c53788..dc4e791f 100644
--- a/user-profiles/tmux/default.nix
+++ b/user-profiles/tmux/default.nix
@@ -1,10 +1,11 @@
1{ userName, pkgs, lib, ... }: 1{ userName, pkgs, lib, ... }:
2{ 2{
3 home-manager.users.${userName} = { 3 home-manager.users.${userName} = { config, ... }: {
4 programs.tmux = { 4 programs.tmux = {
5 enable = true; 5 enable = true;
6 clock24 = true; 6 clock24 = true;
7 historyLimit = 50000; 7 historyLimit = 50000;
8 mouse = true;
8 extraConfig = lib.readFile (pkgs.stdenv.mkDerivation { 9 extraConfig = lib.readFile (pkgs.stdenv.mkDerivation {
9 name = "tmux.conf"; 10 name = "tmux.conf";
10 src = ./tmux.conf; 11 src = ./tmux.conf;
@@ -13,11 +14,10 @@
13 14
14 phases = [ "installPhase" ]; 15 phases = [ "installPhase" ];
15 16
16 inherit (pkgs) zsh;
17 mandb = pkgs.man-db;
18
19 installPhase = '' 17 installPhase = ''
20 substituteAll $src $out 18 substitute $src $out \
19 --subst-var-by zsh ${config.programs.zsh.package} \
20 --subst-var-by man ${config.programs.man.package}
21 ''; 21 '';
22 }); 22 });
23 }; 23 };
diff --git a/user-profiles/tmux/tmux.conf b/user-profiles/tmux/tmux.conf
index 415d13e7..9e658800 100644
--- a/user-profiles/tmux/tmux.conf
+++ b/user-profiles/tmux/tmux.conf
@@ -1,23 +1,20 @@
1set-option -g history-limit 50000
2set-option -g status-bg black 1set-option -g status-bg black
3set-option -g status-fg white 2set-option -g status-fg white
4set-option -g clock-mode-colour white 3set-option -g clock-mode-colour white
5set-option -g clock-mode-style 24
6set-option -g bell-action any 4set-option -g bell-action any
7set-option -g default-shell @zsh@/bin/zsh 5set-option -g default-shell @zsh@
8set-option -g update-environment 'DISPLAY SSH_ASKPASS SSH_AUTH_SOCK SSH_AGENT_PID SSH_CONNECTION WINDOWID XAUTHORITY PROMPT_INFO PATH PGHOST PGLOG' 6set-option -g update-environment 'DISPLAY SSH_ASKPASS SSH_AUTH_SOCK SSH_AGENT_PID SSH_CONNECTION WINDOWID XAUTHORITY PROMPT_INFO PATH PGHOST PGLOG'
9set-option -g mouse on
10set-option -g set-clipboard on 7set-option -g set-clipboard on
11set-option -g terminal-overrides 'rxvt-uni*:XT:Ms=\E]52;%p1%s;%p2%s\007' 8set-option -g terminal-overrides 'rxvt-uni*:XT:Ms=\E]52;%p1%s;%p2%s\007'
12 9
13set-environment -g LESS " -R " 10set-environment -g LESS " -R "
14 11
15## determine if we should enable 256-colour support 12## determine if we should enable 256-colour support
16if "[[ ''${TERM} =~ 256color || ''${TERM} == fbterm || ''${TERM} =~ alacritty ]]" 'set -g default-terminal tmux-256color' 13if "[[ ''${TERM} =~ 256color || ''${TERM} == fbterm || ''${TERM} =~ alacritty || ''${TERM} =~ kitty ]]" 'set -g default-terminal tmux-256color'
17 14
18set-option -g status-right "" 15set-option -g status-right ""
19 16
20bind / command-prompt "split-window -h 'exec @mandb@/bin/man %%'" 17bind / command-prompt "split-window -h 'exec @man@ %%'"
21bind C clock-mode 18bind C clock-mode
22bind r switch-client -r 19bind r switch-client -r
23 20
diff --git a/user-profiles/utils.nix b/user-profiles/utils.nix
index 4b7c4d0f..da79e336 100644
--- a/user-profiles/utils.nix
+++ b/user-profiles/utils.nix
@@ -44,6 +44,8 @@ in {
44 jq.enable = true; 44 jq.enable = true;
45 45
46 lesspipe.enable = true; 46 lesspipe.enable = true;
47
48 man.enable = true;
47 }; 49 };
48 50
49 home.sessionVariables = { 51 home.sessionVariables = {
@@ -52,7 +54,7 @@ in {
52 54
53 home.packages = with pkgs; [ 55 home.packages = with pkgs; [
54 autossh usbutils pciutils eza silver-searcher pwgen xkcdpass 56 autossh usbutils pciutils eza silver-searcher pwgen xkcdpass
55 unzip magic-wormhole qrencode tty-clock dnsutils openssl sshfs 57 unzip magic-wormhole dnsutils openssl sshfs
56 psmisc mosh tree vnstat file pv bc zip nmap aspell 58 psmisc mosh tree vnstat file pv bc zip nmap aspell
57 aspellDicts.de aspellDicts.en borgbackup man-pages rsync socat 59 aspellDicts.de aspellDicts.en borgbackup man-pages rsync socat
58 inetutils yq cached-nix-shell persistent-nix-shell rage 60 inetutils yq cached-nix-shell persistent-nix-shell rage
diff --git a/user-profiles/zsh/default.nix b/user-profiles/zsh/default.nix
index 428e2459..973ff775 100644
--- a/user-profiles/zsh/default.nix
+++ b/user-profiles/zsh/default.nix
@@ -1,38 +1,69 @@
1{ userName, pkgs, customUtils, lib, config, ... }: 1{ userName, pkgs, customUtils, lib, config, ... }:
2let 2{
3 dotDir = ".config/zsh"; 3 config = {
4 p10kZsh = "${dotDir}/.p10k.zsh"; 4 home-manager.users.${userName} = let sysConfig = config; in { config, ... }: {
5 cfg = config.home-manager.users.${userName}; 5 config = {
6in { 6 programs.zsh = {
7 home-manager.users.${userName} = { 7 dotDir = ".config/zsh";
8 programs.zsh = { 8 enable = true;
9 inherit dotDir; 9 autocd = true;
10 enable = true; 10 enableCompletion = true;
11 autocd = true; 11 enableVteIntegration = true;
12 enableCompletion = true; 12 history = {
13 append = true;
14 expireDuplicatesFirst = true;
15 extended = true;
16 findNoDups = true;
17 };
18 syntaxHighlighting.enable = true;
19 zsh-abbr = {
20 enable = true;
21 abbreviations = {
22 re = "systemctl restart";
23 ure = "systemctl --user restart";
24 };
25 globalAbbreviations = {
26 "L" = "| less";
27 "S" = "&> /dev/null";
28 "G" = "| grep";
29 "B" = "&> /dev/null &";
30 "BB" = "&> /dev/null &!";
31 };
32 };
13 33
14 plugins = [ 34 plugins = [
15 { name = "powerlevel10k"; 35 { name = "powerlevel10k";
16 file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; 36 file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
17 src = pkgs.zsh-powerlevel10k; 37 src = pkgs.zsh-powerlevel10k;
18 } 38 }
19 ]; 39 ];
20 initExtraFirst = '' 40 initContent = lib.mkMerge [
21 if [[ $TERM == "dumb" ]]; then 41 (lib.mkBefore ''
22 unsetopt zle 42 if [[ $TERM == "dumb" ]]; then
23 PS1='$ ' 43 unsetopt zle
24 return 44 PS1='$ '
25 fi 45 return
26 ''; 46 fi
27 initExtraBeforeCompInit = '' 47 '')
28 source "${cfg.home.homeDirectory}/${p10kZsh}" 48 (lib.mkOrder 550 ''
29 ''; 49 source "$HOME/${config.xdg.configFile."zsh/.p10k.zsh".target}"
30 initExtra = lib.mkAfter '' 50 '')
31 source ${./zshrc} 51 (lib.mkAfter ''
32 source "${pkgs.zsh-syntax-highlighting}/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh" 52 source ${./zshrc}
33 ''; 53 '')
54 ];
55 };
56
57 xdg.configFile."zsh/.p10k.zsh".source = ./p10k.zsh;
58 };
34 }; 59 };
35 60
36 home.file.${p10kZsh}.source = ./p10k.zsh; 61 programs.zsh.enable = true;
62 environment.pathsToLink = [ "/share/zsh" ];
63 environment.shellAliases = lib.mkOverride 90 {};
64
65 nixpkgs.externalConfig.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
66 "zsh-abbr"
67 ];
37 }; 68 };
38} 69}
diff --git a/user-profiles/zsh/zshrc b/user-profiles/zsh/zshrc
index ed614182..af3aca64 100644
--- a/user-profiles/zsh/zshrc
+++ b/user-profiles/zsh/zshrc
@@ -33,9 +33,3 @@ zle -N self-insert url-quote-magic
33zle -N bracketed-paste bracketed-paste-magic 33zle -N bracketed-paste bracketed-paste-magic
34 34
35setopt extended_glob 35setopt extended_glob
36
37alias -g L='| less'
38alias -g S='&> /dev/null'
39alias -g G='| grep'
40alias -g B='&> /dev/null &'
41alias -g BB='&> /dev/null &!'
diff --git a/users/gkleen/default.nix b/users/gkleen/default.nix
index 5cc32521..5ce93de7 100644
--- a/users/gkleen/default.nix
+++ b/users/gkleen/default.nix
@@ -1,7 +1,7 @@
1{ flake, userName, pkgs, customUtils, lib, ... }: 1{ flake, userName, pkgs, customUtils, lib, ... }:
2{ 2{
3 imports = with flake.nixosModules.userProfiles.${userName}; [ 3 imports = with flake.nixosModules.userProfiles.${userName}; [
4 zsh tmux utils direnv 4 utils direnv
5 ]; 5 ];
6 6
7 users.users.${userName} = { 7 users.users.${userName} = {
diff --git a/users/root.nix b/users/root.nix
index b61f9cfd..ed1acd50 100644
--- a/users/root.nix
+++ b/users/root.nix
@@ -3,7 +3,7 @@ let
3 haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}"; 3 haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}";
4in { 4in {
5 imports = with flake.nixosModules.userProfiles.${userName}; [ 5 imports = with flake.nixosModules.userProfiles.${userName}; [
6 zsh tmux direnv utils 6 direnv utils
7 ]; 7 ];
8 8
9 users.users.${userName} = lib.mkIf haveGKleen { 9 users.users.${userName} = lib.mkIf haveGKleen {
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-15 03:27:53 +0000