diff --git a/flake.lock b/flake.lock index 145cbfc..33dbc22 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ "fromYaml": "fromYaml" }, "locked": { - "lastModified": 1755819240, - "narHash": "sha256-qcMhnL7aGAuFuutH4rq9fvAhCpJWVHLcHVZLtPctPlo=", + "lastModified": 1746562888, + "narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=", "owner": "SenchoPens", "repo": "base16.nix", - "rev": "75ed5e5e3fce37df22e49125181fa37899c3ccd6", + "rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89", "type": "github" }, "original": { @@ -131,11 +131,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1756083905, - "narHash": "sha256-UqYGTBgI5ypGh0Kf6zZjom/vABg7HQocB4gmxzl12uo=", + "lastModified": 1748383148, + "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "b655eaf16d4cbec9c3472f62eee285d4b419a808", + "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf", "type": "github" }, "original": { @@ -195,11 +195,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1754487366, + "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", "type": "github" }, "original": { @@ -234,11 +234,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", "type": "github" }, "original": { @@ -255,11 +255,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1751413152, + "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", "type": "github" }, "original": { @@ -329,11 +329,11 @@ ] }, "locked": { - "lastModified": 1757588530, - "narHash": "sha256-tJ7A8mID3ct69n9WCvZ3PzIIl3rXTdptn/lZmqSS95U=", + "lastModified": 1754416808, + "narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b084b2c2b6bc23e83bbfe583b03664eb0b18c411", + "rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864", "type": "github" }, "original": { @@ -407,11 +407,11 @@ ] }, "locked": { - "lastModified": 1757920978, - "narHash": "sha256-Mv16aegXLulgyDunijP6SPFJNm8lSXb2w3Q0X+vZ9TY=", + "lastModified": 1754593726, + "narHash": "sha256-bo6aSfDS/GGfM/6LXCKLH/246fDSKjFnBsaRMNE+Wmc=", "owner": "nix-community", "repo": "home-manager", - "rev": "11cc5449c50e0e5b785be3dfcb88245232633eb8", + "rev": "5de16c704b0fc8f519b2c19ed3f683a9e68f3884", "type": "github" }, "original": { @@ -444,11 +444,11 @@ }, "mnw": { "locked": { - "lastModified": 1756659871, - "narHash": "sha256-v6Rh4aQ6RKjM2N02kK9Usn0Ix7+OY66vNpeklc1MnGE=", + "lastModified": 1748710831, + "narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=", "owner": "Gerg-L", "repo": "mnw", - "rev": "ed6cc3e48557ba18266e598a5ebb6602499ada16", + "rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d", "type": "github" }, "original": { @@ -500,11 +500,11 @@ ] }, "locked": { - "lastModified": 1757822619, - "narHash": "sha256-3HIpe3P2h1AUPYcAH9cjuX0tZOqJpX01c0iDwoUYNZ8=", + "lastModified": 1754800038, + "narHash": "sha256-UbLO8/0pVBXLJuyRizYOJigtzQAj8Z2bTnbKSec/wN0=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "050a5feb5d1bb5b6e5fc04a7d3d816923a87c9ea", + "rev": "b65f8d80656f9fcbd1fecc4b7f0730f468333142", "type": "github" }, "original": { @@ -520,11 +520,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1757726013, - "narHash": "sha256-7RPKqqlc5xawEbASZh18b6HX9FogiVTPIw0KdMEjpn8=", + "lastModified": 1754583575, + "narHash": "sha256-GLCNsMGuQQLq3B3+C+jEybyQCtV0xJytGjibNU3tg70=", "owner": "kaylorben", "repo": "nixcord", - "rev": "2133f2ab5af34dab65f5aa17f1f343777bc71070", + "rev": "e049d77a74b3360791800a1d50cbe9518d96b764", "type": "github" }, "original": { @@ -551,11 +551,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1754788789, - "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", + "lastModified": 1753579242, + "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", + "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e", "type": "github" }, "original": { @@ -629,11 +629,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1757745802, - "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", + "lastModified": 1754498491, + "narHash": "sha256-erbiH2agUTD0Z30xcVSFcDHzkRvkRXOQ3lb887bcVrs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", + "rev": "c2ae88e026f9525daf89587f3cbee584b92b6134", "type": "github" }, "original": { @@ -674,11 +674,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1756819007, - "narHash": "sha256-12V64nKG/O/guxSYnr5/nq1EfqwJCdD2+cIGmhz3nrE=", + "lastModified": 1751792365, + "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aaff8c16d7fc04991cac6245bee1baa31f72b1e1", + "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", "type": "github" }, "original": { @@ -700,11 +700,11 @@ ] }, "locked": { - "lastModified": 1756961635, - "narHash": "sha256-hETvQcILTg5kChjYNns1fD5ELdsYB/VVgVmBtqKQj9A=", + "lastModified": 1751906969, + "narHash": "sha256-BSQAOdPnzdpOuCdAGSJmefSDlqmStFNScEnrWzSqKPw=", "owner": "nix-community", "repo": "NUR", - "rev": "6ca27b2654ac55e3f6e0ca434c1b4589ae22b370", + "rev": "ddb679f4131e819efe3bbc6457ba19d7ad116f25", "type": "github" }, "original": { @@ -724,11 +724,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1757773905, - "narHash": "sha256-lM1K3cJsPQyiSGI3rE/F7u02fA/JYBsinMN49IQCY1s=", + "lastModified": 1754552918, + "narHash": "sha256-vbT+nGdMLNAeYZ1S5WBBLJTVWosGne2VRt46rqPfB2A=", "owner": "notashelf", "repo": "nvf", - "rev": "7e74ee604a7c18dda21e6a809720ad37ab5bae43", + "rev": "d61de135ce174f4e04b4e509de02e1afe040a834", "type": "github" }, "original": { @@ -793,11 +793,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1757360005, - "narHash": "sha256-VwzdFEQCpYMU9mc7BSQGQe5wA1MuTYPJnRc9TQCTMcM=", + "lastModified": 1754597531, + "narHash": "sha256-OpC9/PBIuL2WEJUkcuD/wVxI8r+3o6f5RylSIefjHo4=", "owner": "nix-community", "repo": "stylix", - "rev": "834a743c11d66ea18e8c54872fbcc72ce48bc57f", + "rev": "63bb34a66ad7d1af2e95ee20dd675896b2074c32", "type": "github" }, "original": { @@ -917,11 +917,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1754779259, - "narHash": "sha256-8KG2lXGaXLUE0F/JVwLQe7kOVm21IDfNEo0gfga5P4M=", + "lastModified": 1750770351, + "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=", "owner": "tinted-theming", "repo": "schemes", - "rev": "097d751b9e3c8b97ce158e7d141e5a292545b502", + "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a", "type": "github" }, "original": { @@ -933,11 +933,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1754788770, - "narHash": "sha256-LAu5nBr7pM/jD9jwFc6/kyFY4h7Us4bZz7dvVvehuwo=", + "lastModified": 1751159871, + "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "fb2175accef8935f6955503ec9dd3c973eec385c", + "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c", "type": "github" }, "original": { @@ -949,11 +949,11 @@ "tinted-zed": { "flake": false, "locked": { - "lastModified": 1755613540, - "narHash": "sha256-zBFrrTxHLDMDX/OYxkCwGGbAhPXLi8FrnLhYLsSOKeY=", + "lastModified": 1751158968, + "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=", "owner": "tinted-theming", "repo": "base16-zed", - "rev": "937bada16cd3200bdbd3a2f5776fc3b686d5cba0", + "rev": "86a470d94204f7652b906ab0d378e4231a5b3384", "type": "github" }, "original": { diff --git a/home/programs/neovim.nix b/home/programs/neovim.nix index c2f6e30..317fa0c 100644 --- a/home/programs/neovim.nix +++ b/home/programs/neovim.nix @@ -53,17 +53,13 @@ ts = { enable = true; - lsp.server = "denols"; + lsp.server = "ts_ls"; extensions.ts-error-translator.enable = true; }; clang = { enable = true; lsp.enable = true; }; - typst = { - enable = true; - format.type = "typstyle"; - }; bash.enable = true; css.enable = true; @@ -71,6 +67,7 @@ markdown.enable = true; nix.enable = true; svelte.enable = true; + typst.enable = true; rust.enable = true; python.enable = true; }; diff --git a/home/programs/nixcord.nix b/home/programs/nixcord.nix index 96aa1f4..9a72e27 100644 --- a/home/programs/nixcord.nix +++ b/home/programs/nixcord.nix @@ -23,7 +23,7 @@ "callTimer" "clearURLs" "copyFileContents" - # "emoteCloner" + "emoteCloner" "fakeNitro" "fixYoutubeEmbeds" "friendsSince" diff --git a/home/programs/other.nix b/home/programs/other.nix index c02cefa..49c037e 100644 --- a/home/programs/other.nix +++ b/home/programs/other.nix @@ -13,6 +13,7 @@ pkgs.gimp pkgs.inkscape pkgs.thunderbird + pkgs.stremio ] ++ lib.optional osConfig.niksos.hardware.portable.enable self.packages.${pkgs.system}.visicut; } diff --git a/home/wayland/hyprland/binds.nix b/home/wayland/hyprland/binds.nix index efb728f..203049e 100644 --- a/home/wayland/hyprland/binds.nix +++ b/home/wayland/hyprland/binds.nix @@ -64,9 +64,6 @@ ] ) 10); - - volumeUp = "${wpctl} set-volume -l '1.0' @DEFAULT_AUDIO_SINK@ 6%+"; - volumeDown = "${wpctl} set-volume -l '1.0' @DEFAULT_AUDIO_SINK@ 6%-"; in { wayland.windowManager.hyprland.settings = { "$m" = "ALT"; @@ -141,20 +138,10 @@ in { bindle = [ # volume - ", XF86AudioRaiseVolume, exec, ${volumeUp}" - ", XF86AudioLowerVolume, exec, ${volumeDown}" + ", XF86AudioRaiseVolume, exec, ${wpctl} set-volume -l '1.0' @DEFAULT_AUDIO_SINK@ 6%+" + ", XF86AudioLowerVolume, exec, ${wpctl} set-volume -l '1.0' @DEFAULT_AUDIO_SINK@ 6%-" ",XF86MonBrightnessUp, exec, ${brightnessctl} s 10%+" ",XF86MonBrightnessDown, exec, ${brightnessctl} s 10%-" ]; - - gesture = [ - "3, down, close" - "3, up, fullscreen" - "3, horizontal, workspace" - "4, left, dispatcher, exec, ${playerctl} previous" - "4, right, dispatcher, exec, ${playerctl} next" - "4, up, dispatcher, exec, ${volumeUp}" - "4, down, dispatcher, exec, ${volumeDown}" - ]; }; } diff --git a/home/wayland/hyprland/settings.nix b/home/wayland/hyprland/settings.nix index 4aad142..f8f5930 100644 --- a/home/wayland/hyprland/settings.nix +++ b/home/wayland/hyprland/settings.nix @@ -74,6 +74,12 @@ }; }; + gestures = { + workspace_swipe = true; + workspace_swipe_forever = true; + workspace_swipe_direction_lock = false; + }; + dwindle = { pseudotile = true; preserve_split = true; @@ -91,7 +97,6 @@ "float, class:foot-somcli" "size >30% >30%, class:foot-somcli" ]; - #NOTE: Also check home/wayland/hyprland/binds + system/hardware/fingerprint }; } diff --git a/hosts/lapserv/default.nix b/hosts/lapserv/default.nix index 6e416f4..1cd0c0e 100644 --- a/hosts/lapserv/default.nix +++ b/hosts/lapserv/default.nix @@ -6,39 +6,7 @@ networking.interfaces.enp2s0.wakeOnLan.enable = true; niksos = { - # server = true; - server = { - baseDomain = "jsw.tf"; - derek-bot.enable = true; - forgejo = { - enable = true; - subDomain = "git"; - }; - immich = { - enable = true; - subDomain = "photos"; - }; - jsw-bot = { - enable = true; - subDomain = "dc"; - }; - nextcloud = { - enable = true; - subDomain = "cloud"; - }; - stalwart = { - enable = true; - subDomain = "mail"; - }; - zitadel = { - enable = true; - subDomain = "z"; - }; - site = { - enable = true; - subDomain = ""; - }; - }; + server = true; hardware.graphics = { nvidia = false; #FIXME: Compile error intel = true; diff --git a/hosts/laptop/default.nix b/hosts/laptop/default.nix index 3a8d7b4..3a7927b 100644 --- a/hosts/laptop/default.nix +++ b/hosts/laptop/default.nix @@ -1,16 +1,13 @@ { - pkgs, - lib, - ... -}: { imports = [ ./hardware-configuration.nix - ./virt.nix + # ./virt.nix ]; # programs.appimage.enable = true; # programs.evolution.enable = true; # TODO: move to appropiate place. + # ! HII niksos = { hardware = { joycond = false; #NOTE: enable when game night lol @@ -42,26 +39,6 @@ }; home-manager.users.jsw.wayland.windowManager.hyprland.settings.monitor = ["eDP-1,2880x1920@120,0x0,1.5,vrr,1"]; - #FIXME: unity - nixpkgs.config.permittedInsecurePackages = ["libxml2-2.13.8"]; - environment = { - etc.vscode.source = lib.getExe pkgs.vscodium; - systemPackages = let - unityhub = pkgs.unityhub.overrideAttrs (prevAttrs: { - nativeBuildInputs = (prevAttrs.nativeBuildInputs or []) ++ [pkgs.makeBinaryWrapper]; - - postInstall = - (prevAttrs.postInstall or "") - + '' - wrapProgram $out/bin/unityhub --set GDK_SCALE 2 --set GDK_DPI_SCALE 0.5 - ''; - }); - in [ - unityhub - ]; - }; - #ENDFIXME - services.udev.extraRules = '' # Ethernet expansion card support ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0bda", ATTR{idProduct}=="8156", ATTR{power/autosuspend}="20" diff --git a/hosts/minimal/default.nix b/hosts/minimal/default.nix index a782795..ee6495e 100644 --- a/hosts/minimal/default.nix +++ b/hosts/minimal/default.nix @@ -34,7 +34,7 @@ }; }; neovim = false; - # server = false; + server = false; }; #NOTE: Old info diff --git a/secrets/bread-dcbot.age b/secrets/bread-dcbot.age new file mode 100644 index 0000000..e65c88b Binary files /dev/null and b/secrets/bread-dcbot.age differ diff --git a/secrets/dcbot.age b/secrets/dcbot.age new file mode 100644 index 0000000..823685d --- /dev/null +++ b/secrets/dcbot.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> ssh-ed25519 GQzYWA a0CqbXhMIeFmKsMSnQzPWJcdi0hH8caayThGHtKNdjc +ZfRN0ukqXH8L1E1pWBU+tw0LmPxsb6/4FoeERCKEYCk +-> ssh-ed25519 MfR7VA WO0CmKh4CQY1ZLtgDbGIhxfbC8C/C9Vw4p4UGkZTzSs +0oQbzzz8A6WJRbFqEPR6WStMRRGtFy2eEXIJ1WCqvIg +-> ssh-ed25519 +cvRTg ZYBJwTDV8zwZIpqY7sZIszS3saww0OV4RwVREVNxWHg +PW9gzG2odI4G2I5zz+Gr2vaouPB6796RWDJzYZNFREQ +-> ssh-ed25519 WCPLrA p8I1d6YXg5pN6Ljeq/wsY5jj4rPaSvD+/au+vEUsgh4 +U0aiqeildEqF8SNh0L4hGIq3rQxY4HcSnDvluwldDpQ +-> ssh-ed25519 7/ziYw 7DGE8Zr0qMGh3P5lUSRYT+AdgRges037cLjHbbPPnTc +daC7dau5IHSZr/HmjszbWrQNsVJOQILqNS/Yn1YE/zM +-> ssh-ed25519 VQy60Q cAuS4VLmDC9iCZ+7e+/5WVIxrvBa7ZChCz2pPSSY/TY +ut6SAJSZMm9/YElx7SShyMufrBYAlb/IyQp0g4ADMa4 +--- DQrDZ/cXaadnKTDN8MrGuTokHttdMbOzs2IPYTIOPw4 +9 EJG($'_z3!;\k珐IE3%!zO*., `+',*ml%g?0'-<MwYj]SRaթV(ky6@`j9j~[_Dzd^"\7lO# cW=a~K],0![G~4!Xś|(C4)g^-5DnlIm C,-94bI: 1UxeM㒡X(ʼ5m[BXH f_J{ufOTD^*Y3-e-OBt .Qaሲ{m $W7L>r•'>b6D;w*.uYX`A**2$TtԌM_1NƋd +@cJst,ЅhaJpj:sG@P/L4>XR{fJB>z&;|vΚJSA,7E{MEwP:GcYR 糳 z@XՍ*j%MMĵB`HzSKUWy+xGDȓm~֛>%]R;98VLc (RXRrl!eSAʧG3jhw,2b1 \ No newline at end of file diff --git a/secrets/default.nix b/secrets/default.nix index c1cafa6..1681eb2 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -3,9 +3,9 @@ lib, ... }: let + inherit (lib) mkIf; inherit (config.niksos) server; - isEnabled = x: lib.mkIf server.${x}.enable; serviceUser = x: config.systemd.services.${x}.serviceConfig.User; abstrServiceUser = x: config.services.${x}.user; abstrServiceGroup = x: config.services.${x}.group; @@ -14,35 +14,35 @@ in { password.file = ./password.age; # NOTE: server things - jsw-bot = isEnabled "jsw-bot" { - file = ./jsw-bot.age; - owner = serviceUser "jsw-bot"; # + dcbot = mkIf server { + file = ./dcbot.age; + owner = serviceUser "dcbot"; # }; - derek-bot = isEnabled "derek-bot" { - file = ./derek-bot.age; - owner = "derek-bot"; + bread-dcbot = mkIf server { + file = ./bread-dcbot.age; + owner = "bread-dcbot"; }; - # matrix-registration = isEnabled "matrix" { - # file = ./matrix-registration.age; - # owner = abstrServiceUser "matrix-continuwuity"; - # }; - mail-admin = isEnabled "stalwart" { + matrix-registration = mkIf server { + file = ./matrix-registration.age; + owner = abstrServiceUser "matrix-continuwuity"; + }; + mail-admin = mkIf server { # owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart. file = ./mail-admin.age; }; - zitadel-key = isEnabled "zitadel" { + zitadel-key = mkIf server { file = ./zitadel-key.age; owner = abstrServiceUser "zitadel"; }; - forgejo-mailpass = isEnabled "forgejo" { + forgejo-mailpass = mkIf server { file = ./forgejo-mailpass.age; owner = abstrServiceUser "forgejo"; }; - immich-oidc = isEnabled "immich" { + immich-oidc = mkIf server { file = ./immich-oidc.age; owner = abstrServiceUser "immich"; }; - nextcloud-admin-pass = isEnabled "nextcloud" { + nextcloud-admin-pass = mkIf server { file = ./nextcloud-admin-pass.age; owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'. }; diff --git a/secrets/derek-bot.age b/secrets/derek-bot.age deleted file mode 100644 index f45ac46..0000000 Binary files a/secrets/derek-bot.age and /dev/null differ diff --git a/secrets/jsw-bot.age b/secrets/jsw-bot.age deleted file mode 100644 index 3e8c6a9..0000000 Binary files a/secrets/jsw-bot.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 66e90da..1c98513 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -14,8 +14,8 @@ let keys = users ++ devices; in { "password.age".publicKeys = keys; - "jsw-bot.age".publicKeys = keys; - "derek-bot.age".publicKeys = keys; + "dcbot.age".publicKeys = keys; + "bread-dcbot.age".publicKeys = keys; "matrix-registration.age".publicKeys = keys; "mail-admin.age".publicKeys = keys; "zitadel-key.age".publicKeys = keys; diff --git a/switch.sh b/switch.sh index a9c481d..713ffef 100755 --- a/switch.sh +++ b/switch.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash NH_FLAKE=$(mktemp -d) -cp -r . "$NH_FLAKE" #TODO: replace . with valid bash for script dir. +git clone . "$NH_FLAKE" #TODO: replace . with valid bash for script dir. cd "$NH_FLAKE" || exit git lfs install diff --git a/system/hardware/fingerprint.nix b/system/hardware/fingerprint.nix index d6e388b..a506268 100644 --- a/system/hardware/fingerprint.nix +++ b/system/hardware/fingerprint.nix @@ -13,10 +13,10 @@ in { config = mkIf hardware.fingerprint { services = { fprintd.enable = true; - logind.settings.Login = mkIf hypr { + logind.extraConfig = mkIf hypr '' # don’t shutdown when power button is short-pressed - HandlePowerKey = "ignore"; - }; + HandlePowerKey=ignore + ''; }; home-manager.users.jsw.wayland.windowManager.hyprland.settings = mkIf hypr { diff --git a/system/hardware/power.nix b/system/hardware/power.nix index 03c486d..7521e27 100644 --- a/system/hardware/power.nix +++ b/system/hardware/power.nix @@ -9,7 +9,7 @@ in { config = lib.mkIf cfg.enable { services = { - logind.settings.Login = { + logind = { powerKey = "suspend-then-hibernate"; powerKeyLongPress = "poweroff"; }; diff --git a/system/nix/default.nix b/system/nix/default.nix index a11da8e..f55a962 100644 --- a/system/nix/default.nix +++ b/system/nix/default.nix @@ -20,7 +20,7 @@ nix = let flakeInputs = lib.filterAttrs (_: v: lib.isType "flake" v) inputs; in { - # package = pkgs.lix; + package = pkgs.lix; # pin the registry to avoid downloading and evaling a new nixpkgs version every time registry = lib.mapAttrs (_: v: {flake = v;}) flakeInputs; @@ -31,7 +31,7 @@ settings = { auto-optimise-store = true; builders-use-substitutes = true; - experimental-features = ["nix-command" "flakes"]; + experimental-features = ["nix-command" "flakes" "repl-flake"]; flake-registry = "/etc/nix/registry.json"; # for direnv GC roots diff --git a/system/server/jsw-bot.nix b/system/server/bot.nix similarity index 58% rename from system/server/jsw-bot.nix rename to system/server/bot.nix index 3e6f25c..bb0e18b 100644 --- a/system/server/jsw-bot.nix +++ b/system/server/bot.nix @@ -5,13 +5,8 @@ inputs, ... }: let - name = "jsw-bot"; - cfg = import ./lib/extractWebOptions.nix {inherit config name;}; - - inherit (lib) getExe mkIf optional; - inherit (config.niksos.server) nextcloud; - - bash = getExe pkgs.bash; + deno = lib.getExe pkgs.deno; + bash = lib.getExe pkgs.bash; mainDir = "/var/lib/dcbot/"; programDir = mainDir + "program"; @@ -20,14 +15,10 @@ path = builtins.concatStringsSep ":" (map (x: "${x}/bin/") [pkgs.coreutils pkgs.typst pkgs.deno]); in { - options = import ./lib/webOptions.nix { - inherit config lib name; - }; - - config = mkIf cfg.enable { - systemd.services.${name} = { + config = lib.mkIf config.niksos.server { + systemd.services.dcbot = { enable = true; - after = ["network.target"]; #FIXME: doesn't start after network. + after = ["network.target"]; wantedBy = ["default.target"]; description = "Jsw's slaafje, discord bot."; @@ -42,37 +33,35 @@ in { cd "${mainDir}" mkdir -p "${programDir}" "${dataDir}" "${denoDir}" - chown -R ${name}:${name} ${mainDir}* || echo + chown -R dcbot:dcbot ${mainDir}* || echo chmod -R 750 ${mainDir}* || echo cp --no-preserve=mode,ownership -r ${inputs.dcbot}/* "${programDir}/" rm "${dataDir}/.env" || echo - ln -s "${config.age.secrets.jsw-bot.path}" "${dataDir}/.env" + ln -s "${config.age.secrets.dcbot.path}" "${dataDir}/.env" cd "${programDir}" DENO_DIR=${denoDir} deno i ''; serviceConfig = { - StateDirectory = name; + StateDirectory = "dcbot"; ExecStart = "${bash} -c 'cd ${dataDir} && deno run -A ${programDir}/src/main.ts'"; - User = name; - Group = name; + User = "dcbot"; + Group = "dcbot"; Restart = "always"; }; }; - services.caddy = { - enable = true; - virtualHosts.${cfg.domain} = { - extraConfig = '' - reverse_proxy :9001 - ''; - }; + services.caddy.virtualHosts."dc.jsw.tf" = { + serverAliases = ["www.dc.jsw.tf"]; + extraConfig = '' + reverse_proxy :9001 + ''; }; users.groups."dcbot" = { - members = optional nextcloud.enable "nextcloud"; #TODO: if config.niksos.server.nextcloud + members = ["nextcloud"]; #TODO: if config.niksos.server.nextcloud #NOTE: for nextcloud mounted folder }; users.users."dcbot" = { diff --git a/system/server/caddy.nix b/system/server/caddy.nix index 47d34f1..389cbed 100644 --- a/system/server/caddy.nix +++ b/system/server/caddy.nix @@ -3,15 +3,13 @@ lib, ... }: let - inherit (config.services.caddy) enable; - inherit (lib) mkIf; + cfg = config.niksos.server; in { - config = mkIf enable { - services.caddy = { - email = "jurnwubben@gmail.com"; - enableReload = false; - }; - - networking.firewall.allowedTCPPorts = [80 443]; + services.caddy = { + enable = cfg; + email = "jurnwubben@gmail.com"; + enableReload = false; }; + + networking.firewall.allowedTCPPorts = lib.mkIf cfg [80 443]; } diff --git a/system/server/default.nix b/system/server/default.nix index 920d92c..c232262 100644 --- a/system/server/default.nix +++ b/system/server/default.nix @@ -1,24 +1,16 @@ -{lib, ...}: let - inherit (lib) mkOption types; -in { +{lib, ...}: { imports = [ # ./matrix.nix - # ./temp.nix - ./jsw-bot.nix + ./bot.nix ./caddy.nix - ./derek-bot.nix + ./derekBot.nix ./forgejo.nix ./immich.nix ./index ./mail.nix ./nextcloud.nix + ./temp.nix ./zitadel.nix ]; - options.niksos.server = { - baseDomain = mkOption { - type = types.lines; - description = "Set's the apex domain for the webservices. Do not include 'https' or a slash at the end. Just 'example.com'."; - example = "example.com"; - }; - }; + options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option. } diff --git a/system/server/derek-bot.nix b/system/server/derekBot.nix similarity index 73% rename from system/server/derek-bot.nix rename to system/server/derekBot.nix index 23d5d9d..c71da3d 100644 --- a/system/server/derek-bot.nix +++ b/system/server/derekBot.nix @@ -4,26 +4,26 @@ lib, ... }: let - name = "derek-bot"; - cfg = config.niksos.server.${name}.enable; - - userGroup = name; + cfg = config.niksos.server; + userGroup = "bread-dcbot"; gitRepo = "https://github.com/The-Breadening/Breadener"; - inherit (lib) getExe mkEnableOption mkIf; - bash = getExe pkgs.bash; - + bash = lib.getExe pkgs.bash; varLib = "/var/lib/"; - mainDir = "${varLib}${userGroup}"; - programDir = "${mainDir}/program"; - denoDir = "${mainDir}/deno"; - tokenDir = "${mainDir}/Breadener-token"; - + mainDir = + varLib + + ( + if !cfg + then "" + else userGroup + ) + + "/"; + programDir = mainDir + "program"; + denoDir = mainDir + "deno"; + tokenDir = mainDir + "Breadener-token"; path = builtins.concatStringsSep ":" (map (x: "${x}/bin/") [pkgs.coreutils pkgs.deno pkgs.git]); in { - options.niksos.server.${name}.enable = mkEnableOption name; - - config = mkIf cfg { + config = lib.mkIf config.niksos.server { systemd.services.${userGroup} = { enable = true; after = ["network.target"]; @@ -39,7 +39,7 @@ in { export PATH=${path} cd "${mainDir}" - chown -R ${userGroup}:${userGroup} ${mainDir}/* || echo + chown -R ${userGroup}:${userGroup} ${mainDir}* || echo rm -rf "${tokenDir}" || echo mkdir -p "${denoDir}" "${tokenDir}" @@ -48,7 +48,7 @@ in { if [ ! -d "${programDir}" ]; then git clone "${gitRepo}" "${programDir}" fi - chmod -R 750 ${mainDir}/* || echo + chmod -R 750 ${mainDir}* || echo cd "${programDir}" diff --git a/system/server/forgejo.nix b/system/server/forgejo.nix index 423849b..3b9da1e 100644 --- a/system/server/forgejo.nix +++ b/system/server/forgejo.nix @@ -3,24 +3,17 @@ lib, ... }: let - name = "forgejo"; - cfg = import ./lib/extractWebOptions.nix {inherit config name;}; - - DOMAIN = cfg.domain; + DOMAIN = "git.jsw.tf"; in { - options = import ./lib/webOptions.nix {inherit config lib name;}; config = - lib.mkIf cfg.enable + lib.mkIf config.niksos.server { - services.caddy = { - enable = true; - virtualHosts.${DOMAIN}.extraConfig = '' - request_body { - max_size 512M - } - reverse_proxy unix/${config.services.forgejo.settings.server.HTTP_ADDR} - ''; - }; + services.caddy.virtualHosts.${DOMAIN}.extraConfig = '' + request_body { + max_size 512M + } + reverse_proxy unix/${config.services.forgejo.settings.server.HTTP_ADDR} + ''; services.forgejo = { enable = true; @@ -59,13 +52,12 @@ in { DEFAULT_ACTIONS_URL = "github"; }; mailer = { - #FIXME: Only enable if stalwart is enabled by default. ENABLED = true; SUBJECT_PREFIX = "JSWGit"; PROTOCOL = "smtps"; - SMTP_ADDR = "mail.${cfg.baseDomain}"; #FIXME: replace with config... to stalwart setting once using stalwart nixos module. + SMTP_ADDR = "mail.jsw.tf"; #FIXME: replace with config... to stalwart setting once using stalwart nixos module. SMTP_PORT = 465; - FROM = "git@${cfg.baseDomain}"; + FROM = "git@jsw.tf"; USER = "git"; PASSWD_URI = "file:${config.age.secrets.forgejo-mailpass.path}"; }; diff --git a/system/server/immich.nix b/system/server/immich.nix index 772b26f..3554292 100644 --- a/system/server/immich.nix +++ b/system/server/immich.nix @@ -4,29 +4,23 @@ pkgs, ... }: let - name = "immich"; inherit (lib) mkIf mkForce mkDefault; - cfg = import ./lib/extractWebOptions.nix {inherit config name;}; - + cfg = config.niksos.server; oidcSubstitute = "*@#OPENIDCLIENTSECRET#@*"; config-dir = "/run/immich-conf"; - httpsUrl = "https://" + cfg.domain; + url = "photos.jsw.tf"; + httpsUrl = "https://" + url; in { - options = import ./lib/webOptions.nix {inherit config lib name;}; - config = - mkIf cfg.enable + mkIf cfg { - services.caddy = { - enable = true; - virtualHosts.${cfg.domain}.extraConfig = '' - reverse_proxy localhost:9002 - ''; - }; - users.users.${config.services.immich.user}.extraGroups = ["video" "render"]; - services.immich = { + services.caddy.virtualHosts.${url}.extraConfig = '' + reverse_proxy localhost:9002 + ''; + + services.immich = mkIf cfg { enable = true; port = 9002; diff --git a/system/server/index/default.nix b/system/server/index/default.nix index 44a2634..2cfd6f7 100644 --- a/system/server/index/default.nix +++ b/system/server/index/default.nix @@ -2,19 +2,13 @@ config, lib, ... -}: let - name = "site"; - cfg = import ../lib/extractWebOptions.nix {inherit config name;}; -in { - options = import ../lib/webOptions.nix {inherit config lib name;}; - config = lib.mkIf cfg.enable { - services.caddy.virtualHosts.${cfg.domain} = { - extraConfig = '' - header Content-Type text/html - respond <