aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorspl3g <notspl3g@duck.com>2026-03-18 18:01:41 +0300
committerspl3g <notspl3g@duck.com>2026-03-18 18:01:59 +0300
commit03648b3d9f177227df40129bed22558f6924b91c (patch)
tree8a22eda142beeafd9002a8d5901ba9428a77ad52
parentdc19a2b583b3ab50d8e36ff0a90ca633495f675f (diff)
so.. v2 i guess
Diffstat
-rw-r--r--.gitignore2
-rw-r--r--.sops.yaml16
-rw-r--r--LICENSE21
-rw-r--r--README.md22
-rw-r--r--flake.lock1036
-rw-r--r--flake.nix188
-rw-r--r--home-manager/general.nix117
-rw-r--r--home-manager/homeModules/alacritty.nix27
-rw-r--r--home-manager/homeModules/bspwm.nix64
-rw-r--r--home-manager/homeModules/default.nix20
-rw-r--r--home-manager/homeModules/dunst.nix20
-rw-r--r--home-manager/homeModules/emacs/default.nix52
-rw-r--r--home-manager/homeModules/exwm.nix61
-rw-r--r--home-manager/homeModules/firefox.nix105
-rw-r--r--home-manager/homeModules/fish.nix40
-rw-r--r--home-manager/homeModules/fuzzel.nix28
-rw-r--r--home-manager/homeModules/hyprland.nix231
-rw-r--r--home-manager/homeModules/kanata.nix0
-rw-r--r--home-manager/homeModules/mako.nix22
-rw-r--r--home-manager/homeModules/niri.nix258
-rw-r--r--home-manager/homeModules/nvim.nix8
-rw-r--r--home-manager/homeModules/picom.nix52
-rw-r--r--home-manager/homeModules/rofi.nix48
-rw-r--r--home-manager/homeModules/stylix.nix74
-rw-r--r--home-manager/homeModules/sxhkd.nix40
-rw-r--r--home-manager/homeModules/tmux.nix45
-rw-r--r--home-manager/homeModules/waybar.nix129
-rw-r--r--home-manager/homeModules/zen-browser.nix142
-rw-r--r--home-manager/laptop.nix9
-rw-r--r--home-manager/pc.nix11
-rwxr-xr-xmodules/.direnv/bin/nix-direnv-reload19
-rw-r--r--modules/deploy.nix49
-rw-r--r--modules/flake-parts.nix16
-rw-r--r--modules/home-manager/default.nix7
-rw-r--r--modules/homeModules/alacritty.nix29
-rw-r--r--modules/homeModules/attachments/basecat.aseprite (renamed from home-manager/homeModules/attachments/basecat.aseprite)bin730 -> 730 bytes
-rw-r--r--modules/homeModules/attachments/basecat.png (renamed from home-manager/homeModules/attachments/basecat.png)bin11503 -> 11503 bytes
-rw-r--r--modules/homeModules/attachments/cat.png (renamed from home-manager/homeModules/attachments/cat.png)bin15467 -> 15467 bytes
-rwxr-xr-xmodules/homeModules/attachments/hypr-scripts/bitwarden-float.sh (renamed from home-manager/homeModules/attachments/hypr-scripts/bitwarden-float.sh)0
-rwxr-xr-xmodules/homeModules/attachments/hypr-scripts/hshot.sh (renamed from home-manager/homeModules/attachments/hypr-scripts/hshot.sh)0
-rwxr-xr-xmodules/homeModules/attachments/hypr-scripts/switch-sink.py (renamed from home-manager/homeModules/attachments/hypr-scripts/switch-sink.py)0
-rwxr-xr-xmodules/homeModules/attachments/hypr-scripts/toggle-tg.sh (renamed from home-manager/homeModules/attachments/hypr-scripts/toggle-tg.sh)0
-rwxr-xr-xmodules/homeModules/attachments/hypr-scripts/toggle-vpn.sh (renamed from home-manager/homeModules/attachments/hypr-scripts/toggle-vpn.sh)0
-rw-r--r--modules/homeModules/attachments/rofi-theme.rasi (renamed from home-manager/homeModules/attachments/rofi-theme.rasi)0
-rw-r--r--modules/homeModules/attachments/waybar-style.css (renamed from home-manager/homeModules/attachments/waybar-style.css)0
-rw-r--r--modules/homeModules/bspwm.nix68
-rw-r--r--modules/homeModules/dunst.nix25
-rw-r--r--modules/homeModules/emacs/aliases (renamed from home-manager/homeModules/emacs/aliases)6
-rw-r--r--modules/homeModules/emacs/default.nix49
-rw-r--r--modules/homeModules/emacs/early-init.el (renamed from home-manager/homeModules/emacs/early-init.el)0
-rw-r--r--modules/homeModules/emacs/elpaca.el (renamed from home-manager/homeModules/emacs/elpaca.el)0
-rw-r--r--modules/homeModules/emacs/init.el (renamed from home-manager/homeModules/emacs/init.el)0
-rw-r--r--modules/homeModules/emacs/templates.eld (renamed from home-manager/homeModules/emacs/templates.eld)0
-rw-r--r--modules/homeModules/exwm.nix71
-rw-r--r--modules/homeModules/firefox.nix111
-rw-r--r--modules/homeModules/fish.nix42
-rw-r--r--modules/homeModules/fuzzel.nix33
-rw-r--r--modules/homeModules/hyprland.nix236
-rw-r--r--modules/homeModules/mako.nix24
-rw-r--r--modules/homeModules/niri.nix264
-rw-r--r--modules/homeModules/nvim.nix12
-rw-r--r--modules/homeModules/picom.nix57
-rw-r--r--modules/homeModules/rofi.nix50
-rw-r--r--modules/homeModules/stylix.nix80
-rw-r--r--modules/homeModules/sxhkd.nix45
-rw-r--r--modules/homeModules/tmux.nix50
-rw-r--r--modules/homeModules/waybar.nix131
-rw-r--r--modules/homeModules/zen-browser.nix151
-rw-r--r--modules/hosts/ltrr-block/age.nix10
-rw-r--r--modules/hosts/ltrr-block/configuration.nix467
-rw-r--r--modules/hosts/ltrr-block/disk-config.nix39
-rw-r--r--modules/hosts/ltrr-block/hardware-configuration.nix32
-rw-r--r--modules/hosts/ltrr-block/secrets/cwa.env.agebin0 -> 821 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/explo.env.agebin0 -> 3721 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/navidrome.env.agebin0 -> 351 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/1c8822a2f185737c765ae9a5ce0d3879-soularr-config.agebin0 -> 2790 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/550a141b44c76106807b541c1987996b-wg-priv-key.age8
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/9288d02fd4269798567444d076247538-explo-env.agebin0 -> 3760 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/939083f61f3167ef5aff27bdba700e8e-xray-config.agebin0 -> 1750 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/d5f4d0c5c7b3217d008be68e8ad757e8-navidrome-env.age7
-rw-r--r--modules/hosts/ltrr-block/secrets/rekeyed/e9669da1b38fb37ba09edf8fdeafc4de-slskd-env.agebin0 -> 507 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/slskd.env.agebin0 -> 491 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/soularr.conf.agebin0 -> 2711 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/transmission-settings.json.age8
-rw-r--r--modules/hosts/ltrr-block/secrets/wg-priv.key.agebin0 -> 294 bytes
-rw-r--r--modules/hosts/ltrr-block/secrets/xray.json.agebin0 -> 1752 bytes
-rw-r--r--modules/hosts/ltrr-cloud/age.nix10
-rw-r--r--modules/hosts/ltrr-cloud/configuration.nix345
-rw-r--r--modules/hosts/ltrr-cloud/disk-config.nix (renamed from nixos/server/disk-config.nix)33
-rw-r--r--modules/hosts/ltrr-cloud/secrets/authelia-jwt.key.agebin0 -> 473 bytes
-rw-r--r--modules/hosts/ltrr-cloud/secrets/authelia-storage.key.agebin0 -> 464 bytes
-rw-r--r--modules/hosts/ltrr-cloud/secrets/rekeyed/97c2df6cc789b9e8ced5811bfa43d3f8-authelia-jwt.age8
-rw-r--r--modules/hosts/ltrr-cloud/secrets/rekeyed/98c1b723eb9ef4334c5a90c456a33743-wg-priv-key.age7
-rw-r--r--modules/hosts/ltrr-cloud/secrets/rekeyed/ab2826e18d1b8ee845f01ac87f5dd6ea-authelia-storage.age8
-rw-r--r--modules/hosts/ltrr-cloud/secrets/wg-priv.key.agebin0 -> 392 bytes
-rw-r--r--modules/hosts/ltrr-mask/configuration.nix125
-rw-r--r--modules/hosts/ltrr-mask/disk-config.nix56
-rw-r--r--modules/nixos/default.nix7
-rw-r--r--modules/nixosModules/booklore.nix176
-rw-r--r--modules/nixosModules/directories.nix90
-rw-r--r--modules/nixosModules/gonic.nix114
-rw-r--r--modules/nixosModules/nfs.nix118
-rw-r--r--modules/nixosModules/nginxProxy.nix217
-rw-r--r--modules/nixosModules/watcharr.nix74
-rw-r--r--modules/overlays.nix30
-rw-r--r--modules/pkgs/explo/default.nix28
-rw-r--r--modules/shell.nix14
-rw-r--r--nixos/general.nix149
-rw-r--r--nixos/laptop/configuration.nix42
-rw-r--r--nixos/laptop/disk-config.nix37
-rw-r--r--nixos/laptop/hardware-configuration.nix40
-rw-r--r--nixos/nixosModules/default.nix13
-rw-r--r--nixos/nixosModules/disks.nix17
-rw-r--r--nixos/nixosModules/docker.nix20
-rw-r--r--nixos/nixosModules/exwm.nix30
-rw-r--r--nixos/nixosModules/greetd.nix24
-rw-r--r--nixos/nixosModules/kanata.nix25
-rw-r--r--nixos/nixosModules/ly.nix16
-rw-r--r--nixos/nixosModules/powerbutton.nix14
-rw-r--r--nixos/nixosModules/printing.nix22
-rw-r--r--nixos/nixosModules/stylix.nix26
-rw-r--r--nixos/nixosModules/user.nix18
-rw-r--r--nixos/pc/configuration.nix36
-rw-r--r--nixos/pc/configuration.nix~12
-rw-r--r--nixos/pc/hardware-configuration.nix51
-rw-r--r--nixos/server/configuration.nix242
-rw-r--r--nixos/server/hardware-configuration.nix26
-rw-r--r--nixos/serverModules/directories.nix90
-rw-r--r--nixos/serverModules/gonic.nix95
-rw-r--r--nixos/serverModules/nfs.nix112
-rw-r--r--nixos/serverModules/nginx.nix136
-rw-r--r--nixos/tw/configuration.nix159
-rw-r--r--nixos/tw/disk-config.nix55
-rw-r--r--nixos/vpn/configuration.nix118
-rw-r--r--nixos/vpn/disk-config.nix55
-rw-r--r--nixpkgs.nix8
-rw-r--r--overlays/default.nix28
-rw-r--r--pkgs/boomer/default.nix55
-rw-r--r--pkgs/default.nix6
-rw-r--r--pkgs/pokemon-colorscripts/default.nix29
-rw-r--r--pkgs/spoofdpi/default.nix18
-rw-r--r--pkgs/tgs2png/default.nix32
-rw-r--r--secrets/ltrr-home/secrets.yaml27
-rw-r--r--secrets/ltrr-tw/secrets.yaml26
-rw-r--r--shell.nix9
145 files changed, 3877 insertions, 4585 deletions
diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index f82b9fc..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-#*#
-*~ \ No newline at end of file
diff --git a/.sops.yaml b/.sops.yaml
deleted file mode 100644
index 920fae8..0000000
--- a/.sops.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-keys:
- - &primary age1xkajd8seprw2an4uczmq0xjjk0xxctvsst68hgkm0lr4dteucy3snarfhv
- - &server_tw age1v55frla7fzursrvuxhznx9kztvlkxasaw98cu5rl5ysktrw8rfwqtfw3ju
- - &server_home age1v76swwd0j8c7tzq3av9tftr0mjnmtu36n7h0enwxxzzu38a7uctqvasjw3
-creation_rules:
- - path_regex: secrets/ltrr-home/secrets.yaml$
- key_groups:
- - age:
- - *primary
- - *server_home
-
- - path_regex: secrets/ltrr-tw/secrets.yaml$
- key_groups:
- - age:
- - *primary
- - *server_tw
diff --git a/LICENSE b/LICENSE
deleted file mode 100644
index b48e3fd..0000000
--- a/LICENSE
+++ /dev/null
@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2025 Ozornin Matvey
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
diff --git a/README.md b/README.md
index 29f9b8c..9c85f9a 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,21 @@
-# Some NixOS configs
+# Some nix configs
+
+## Folder structure
+```
+.
+├── flake.lock
+├── flake.nix
+├── modules
+│   ├── deploy.nix #
+│   ├── flake-parts.nix # flake-parts configs
+│   ├── shell.nix
+│   ├── overlays.nix
+│   ├── nixosModules # server modules and some preconfigured things
+│   ├── homeModules
+│   ├── pkgs
+│   └── hosts
+│      ├── ltrr-block # home server
+│      ├── ltrr-cloud # vps
+│      └── ltrr-mini
+└── README.md
+```
diff --git a/flake.lock b/flake.lock
index 74b3bf6..b6e3589 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,154 +1,168 @@
{
"nodes": {
- "aquamarine": {
+ "agenix": {
"inputs": {
- "hyprutils": [
- "hyprland",
- "hyprutils"
- ],
- "hyprwayland-scanner": [
- "hyprland",
- "hyprwayland-scanner"
- ],
+ "agenix": "agenix_2",
+ "crane": "crane",
+ "flake-utils": "flake-utils",
"nixpkgs": [
- "hyprland",
- "nixpkgs"
+ "nixpkgs-stable"
],
- "systems": [
- "hyprland",
- "systems"
- ]
+ "rust-overlay": "rust-overlay"
},
"locked": {
- "lastModified": 1755946532,
- "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=",
- "owner": "hyprwm",
- "repo": "aquamarine",
- "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada",
+ "lastModified": 1761832913,
+ "narHash": "sha256-VCNVjjuRvrKPiYYwqhE3BAKIaReiKXGpxGp27lZ0MFM=",
+ "owner": "yaxitech",
+ "repo": "ragenix",
+ "rev": "83bccfdea758241999f32869fb6b36f7ac72f1ac",
"type": "github"
},
"original": {
- "owner": "hyprwm",
- "repo": "aquamarine",
+ "owner": "yaxitech",
+ "repo": "ragenix",
"type": "github"
}
},
- "base16": {
+ "agenix-rekey": {
"inputs": {
- "fromYaml": "fromYaml"
+ "devshell": "devshell",
+ "flake-parts": "flake-parts",
+ "nixpkgs": [
+ "nixpkgs-stable"
+ ],
+ "pre-commit-hooks": "pre-commit-hooks",
+ "treefmt-nix": "treefmt-nix"
},
"locked": {
- "lastModified": 1755819240,
- "narHash": "sha256-qcMhnL7aGAuFuutH4rq9fvAhCpJWVHLcHVZLtPctPlo=",
- "owner": "SenchoPens",
- "repo": "base16.nix",
- "rev": "75ed5e5e3fce37df22e49125181fa37899c3ccd6",
+ "lastModified": 1759699908,
+ "narHash": "sha256-kYVGY8sAfqwpNch706Fy2+/b+xbtfidhXSnzvthAhIQ=",
+ "owner": "oddlama",
+ "repo": "agenix-rekey",
+ "rev": "42362b12f59978aabf3ec3334834ce2f3662013d",
"type": "github"
},
"original": {
- "owner": "SenchoPens",
- "repo": "base16.nix",
+ "owner": "oddlama",
+ "repo": "agenix-rekey",
"type": "github"
}
},
- "base16-fish": {
- "flake": false,
+ "agenix_2": {
+ "inputs": {
+ "darwin": "darwin",
+ "home-manager": "home-manager",
+ "nixpkgs": [
+ "agenix",
+ "nixpkgs"
+ ],
+ "systems": "systems"
+ },
"locked": {
- "lastModified": 1622559957,
- "narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
- "owner": "tomyun",
- "repo": "base16-fish",
- "rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
+ "lastModified": 1761656077,
+ "narHash": "sha256-lsNWuj4Z+pE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94=",
+ "owner": "ryantm",
+ "repo": "agenix",
+ "rev": "9ba0d85de3eaa7afeab493fed622008b6e4924f5",
"type": "github"
},
"original": {
- "owner": "tomyun",
- "repo": "base16-fish",
+ "owner": "ryantm",
+ "repo": "agenix",
"type": "github"
}
},
- "base16-helix": {
- "flake": false,
+ "crane": {
"locked": {
- "lastModified": 1752979451,
- "narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=",
- "owner": "tinted-theming",
- "repo": "base16-helix",
- "rev": "27cf1e66e50abc622fb76a3019012dc07c678fac",
+ "lastModified": 1760924934,
+ "narHash": "sha256-tuuqY5aU7cUkR71sO2TraVKK2boYrdW3gCSXUkF4i44=",
+ "owner": "ipetkov",
+ "repo": "crane",
+ "rev": "c6b4d5308293d0d04fcfeee92705017537cad02f",
"type": "github"
},
"original": {
- "owner": "tinted-theming",
- "repo": "base16-helix",
+ "owner": "ipetkov",
+ "repo": "crane",
"type": "github"
}
},
- "base16-vim": {
- "flake": false,
+ "darwin": {
+ "inputs": {
+ "nixpkgs": [
+ "agenix",
+ "agenix",
+ "nixpkgs"
+ ]
+ },
"locked": {
- "lastModified": 1732806396,
- "narHash": "sha256-e0bpPySdJf0F68Ndanwm+KWHgQiZ0s7liLhvJSWDNsA=",
- "owner": "tinted-theming",
- "repo": "base16-vim",
- "rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
+ "lastModified": 1744478979,
+ "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
+ "owner": "lnl7",
+ "repo": "nix-darwin",
+ "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
- "owner": "tinted-theming",
- "repo": "base16-vim",
- "rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
+ "owner": "lnl7",
+ "ref": "master",
+ "repo": "nix-darwin",
"type": "github"
}
},
- "betterfox": {
- "flake": false,
+ "deploy-rs": {
+ "inputs": {
+ "flake-compat": "flake-compat_2",
+ "nixpkgs": "nixpkgs",
+ "utils": "utils"
+ },
"locked": {
- "lastModified": 1757098402,
- "narHash": "sha256-aTNEsopnGVueM7MZaYMPUMSJDJeADpvM33UcgO8nz88=",
- "owner": "yokoffing",
- "repo": "Betterfox",
- "rev": "7b3cee24cc7438eef040270b0464cde932e98ffb",
+ "lastModified": 1770019181,
+ "narHash": "sha256-hwsYgDnby50JNVpTRYlF3UR/Rrpt01OrxVuryF40CFY=",
+ "owner": "serokell",
+ "repo": "deploy-rs",
+ "rev": "77c906c0ba56aabdbc72041bf9111b565cdd6171",
"type": "github"
},
"original": {
- "owner": "yokoffing",
- "repo": "Betterfox",
+ "owner": "serokell",
+ "repo": "deploy-rs",
"type": "github"
}
},
- "crowdsec": {
+ "devshell": {
"inputs": {
- "flake-utils": "flake-utils",
"nixpkgs": [
- "nixpkgs-stable"
+ "agenix-rekey",
+ "nixpkgs"
]
},
"locked": {
- "lastModified": 1752497357,
- "narHash": "sha256-9epXn1+T6U4Kfyw8B9zMzbERxDB3VfaPXhVebtai6CE=",
- "ref": "refs/heads/main",
- "rev": "84db7dcea77f7f477d79e69e35fb0bb560232667",
- "revCount": 42,
- "type": "git",
- "url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
+ "lastModified": 1728330715,
+ "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
+ "owner": "numtide",
+ "repo": "devshell",
+ "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
+ "type": "github"
},
"original": {
- "type": "git",
- "url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
+ "owner": "numtide",
+ "repo": "devshell",
+ "type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
- "nixpkgs"
+ "nixpkgs-stable"
]
},
"locked": {
- "lastModified": 1758287904,
- "narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=",
+ "lastModified": 1769524058,
+ "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
"owner": "nix-community",
"repo": "disko",
- "rev": "67ff9807dd148e704baadbd4fd783b54282ca627",
+ "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
"type": "github"
},
"original": {
@@ -157,30 +171,30 @@
"type": "github"
}
},
- "firefox-gnome-theme": {
+ "flake-compat": {
"flake": false,
"locked": {
- "lastModified": 1758112371,
- "narHash": "sha256-lizRM2pj6PHrR25yimjyFn04OS4wcdbc38DCdBVa2rk=",
- "owner": "rafaelmardojai",
- "repo": "firefox-gnome-theme",
- "rev": "0909cfe4a2af8d358ad13b20246a350e14c2473d",
+ "lastModified": 1696426674,
+ "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
- "owner": "rafaelmardojai",
- "repo": "firefox-gnome-theme",
+ "owner": "edolstra",
+ "repo": "flake-compat",
"type": "github"
}
},
- "flake-compat": {
+ "flake-compat_2": {
"flake": false,
"locked": {
- "lastModified": 1747046372,
- "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+ "lastModified": 1733328505,
+ "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
- "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+ "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
@@ -192,7 +206,7 @@
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
- "nurpkgs",
+ "agenix-rekey",
"nixpkgs"
]
},
@@ -212,17 +226,14 @@
},
"flake-parts_2": {
"inputs": {
- "nixpkgs-lib": [
- "stylix",
- "nixpkgs"
- ]
+ "nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
- "lastModified": 1756770412,
- "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
+ "lastModified": 1768135262,
+ "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "4524271976b625a4a605beefd893f270620fd751",
+ "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac",
"type": "github"
},
"original": {
@@ -233,7 +244,7 @@
},
"flake-utils": {
"inputs": {
- "systems": "systems"
+ "systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
@@ -244,30 +255,15 @@
"type": "github"
},
"original": {
- "id": "flake-utils",
- "type": "indirect"
- }
- },
- "fromYaml": {
- "flake": false,
- "locked": {
- "lastModified": 1731966426,
- "narHash": "sha256-lq95WydhbUTWig/JpqiB7oViTcHFP8Lv41IGtayokA8=",
- "owner": "SenchoPens",
- "repo": "fromYaml",
- "rev": "106af9e2f715e2d828df706c386a685698f3223b",
- "type": "github"
- },
- "original": {
- "owner": "SenchoPens",
- "repo": "fromYaml",
+ "owner": "numtide",
+ "repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
- "hyprland",
+ "agenix-rekey",
"pre-commit-hooks",
"nixpkgs"
]
@@ -286,57 +282,38 @@
"type": "github"
}
},
- "gnome-shell": {
- "flake": false,
- "locked": {
- "lastModified": 1748186689,
- "narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
- "owner": "GNOME",
- "repo": "gnome-shell",
- "rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
- "type": "github"
- },
- "original": {
- "owner": "GNOME",
- "ref": "48.2",
- "repo": "gnome-shell",
- "type": "github"
- }
- },
"home-manager": {
"inputs": {
"nixpkgs": [
+ "agenix",
+ "agenix",
"nixpkgs"
]
},
"locked": {
- "lastModified": 1759261733,
- "narHash": "sha256-G104PUPKBgJmcu4NWs0LUaPpSOTD4jiq4mamLWu3Oc0=",
+ "lastModified": 1745494811,
+ "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "5a21f4819ee1be645f46d6b255d49f4271ef6723",
+ "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
- "ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
- "nixpkgs": [
- "zen-browser",
- "nixpkgs"
- ]
+ "nixpkgs": "nixpkgs_2"
},
"locked": {
- "lastModified": 1752603129,
- "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
+ "lastModified": 1769699427,
+ "narHash": "sha256-dAQt3qXugGhg92A+jqaUcmH0elbgEN/mV4vy1+ohLZk=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
+ "rev": "2a08ab21abc8b482f41c521b5f9b0df5b18a67eb",
"type": "github"
},
"original": {
@@ -345,384 +322,59 @@
"type": "github"
}
},
- "hyprcursor": {
- "inputs": {
- "hyprlang": [
- "hyprland",
- "hyprlang"
- ],
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1753964049,
- "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=",
- "owner": "hyprwm",
- "repo": "hyprcursor",
- "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprcursor",
- "type": "github"
- }
- },
- "hyprgraphics": {
- "inputs": {
- "hyprutils": [
- "hyprland",
- "hyprutils"
- ],
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1758192433,
- "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=",
- "owner": "hyprwm",
- "repo": "hyprgraphics",
- "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprgraphics",
- "type": "github"
- }
- },
- "hyprland": {
- "inputs": {
- "aquamarine": "aquamarine",
- "hyprcursor": "hyprcursor",
- "hyprgraphics": "hyprgraphics",
- "hyprland-protocols": "hyprland-protocols",
- "hyprland-qtutils": "hyprland-qtutils",
- "hyprlang": "hyprlang",
- "hyprutils": "hyprutils",
- "hyprwayland-scanner": "hyprwayland-scanner",
- "nixpkgs": "nixpkgs",
- "pre-commit-hooks": "pre-commit-hooks",
- "systems": "systems_2",
- "xdph": "xdph"
- },
- "locked": {
- "lastModified": 1759169434,
- "narHash": "sha256-1u6kq88ICeE9IiJPditYa248ZoEqo00kz6iUR+jLvBQ=",
- "owner": "hyprwm",
- "repo": "Hyprland",
- "rev": "38c1e72c9d81fcdad8f173e06102a5da18836230",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "Hyprland",
- "type": "github"
- }
- },
- "hyprland-protocols": {
- "inputs": {
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1749046714,
- "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=",
- "owner": "hyprwm",
- "repo": "hyprland-protocols",
- "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprland-protocols",
- "type": "github"
- }
- },
- "hyprland-qt-support": {
- "inputs": {
- "hyprlang": [
- "hyprland",
- "hyprland-qtutils",
- "hyprlang"
- ],
- "nixpkgs": [
- "hyprland",
- "hyprland-qtutils",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "hyprland-qtutils",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1749154592,
- "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=",
- "owner": "hyprwm",
- "repo": "hyprland-qt-support",
- "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprland-qt-support",
- "type": "github"
- }
- },
- "hyprland-qtutils": {
- "inputs": {
- "hyprland-qt-support": "hyprland-qt-support",
- "hyprlang": [
- "hyprland",
- "hyprlang"
- ],
- "hyprutils": [
- "hyprland",
- "hyprland-qtutils",
- "hyprlang",
- "hyprutils"
- ],
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1757694755,
- "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=",
- "owner": "hyprwm",
- "repo": "hyprland-qtutils",
- "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprland-qtutils",
- "type": "github"
- }
- },
- "hyprlang": {
- "inputs": {
- "hyprutils": [
- "hyprland",
- "hyprutils"
- ],
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1756810301,
- "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=",
- "owner": "hyprwm",
- "repo": "hyprlang",
- "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprlang",
- "type": "github"
- }
- },
- "hyprutils": {
- "inputs": {
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1756117388,
- "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=",
- "owner": "hyprwm",
- "repo": "hyprutils",
- "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprutils",
- "type": "github"
- }
- },
- "hyprwayland-scanner": {
- "inputs": {
- "nixpkgs": [
- "hyprland",
- "nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
- ]
- },
- "locked": {
- "lastModified": 1755184602,
- "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=",
- "owner": "hyprwm",
- "repo": "hyprwayland-scanner",
- "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "hyprwayland-scanner",
- "type": "github"
- }
- },
- "nh": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
+ "import-tree": {
"locked": {
- "lastModified": 1759134674,
- "narHash": "sha256-7NaMOQpxRFjjUGOLZmoAwb/5dDQQTFn3NuzfZHJZzJ8=",
- "owner": "viperML",
- "repo": "nh",
- "rev": "f3920fd9354902815db2b51c7b3c698f65b62e95",
+ "lastModified": 1763762820,
+ "narHash": "sha256-ZvYKbFib3AEwiNMLsejb/CWs/OL/srFQ8AogkebEPF0=",
+ "owner": "vic",
+ "repo": "import-tree",
+ "rev": "3c23749d8013ec6daa1d7255057590e9ca726646",
"type": "github"
},
"original": {
- "owner": "viperML",
- "repo": "nh",
+ "owner": "vic",
+ "repo": "import-tree",
"type": "github"
}
},
- "niri": {
- "inputs": {
- "niri-stable": "niri-stable",
- "niri-unstable": "niri-unstable",
- "nixpkgs": "nixpkgs_2",
- "nixpkgs-stable": "nixpkgs-stable",
- "xwayland-satellite-stable": "xwayland-satellite-stable",
- "xwayland-satellite-unstable": "xwayland-satellite-unstable"
- },
- "locked": {
- "lastModified": 1759207481,
- "narHash": "sha256-xhUr1oMQwL/8h8xnPi5QxUHRFDHoCofhw8Jy7qTD4BY=",
- "owner": "sodiboo",
- "repo": "niri-flake",
- "rev": "d425163158a96a26924597574316a627d2e982aa",
- "type": "github"
- },
- "original": {
- "owner": "sodiboo",
- "repo": "niri-flake",
- "type": "github"
- }
- },
- "niri-stable": {
- "flake": false,
+ "nixpkgs": {
"locked": {
- "lastModified": 1756556321,
- "narHash": "sha256-RLD89dfjN0RVO86C/Mot0T7aduCygPGaYbog566F0Qo=",
- "owner": "YaLTeR",
- "repo": "niri",
- "rev": "01be0e65f4eb91a9cd624ac0b76aaeab765c7294",
+ "lastModified": 1743014863,
+ "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
"type": "github"
},
"original": {
- "owner": "YaLTeR",
- "ref": "v25.08",
- "repo": "niri",
+ "owner": "NixOS",
+ "ref": "nixpkgs-unstable",
+ "repo": "nixpkgs",
"type": "github"
}
},
- "niri-unstable": {
- "flake": false,
+ "nixpkgs-lib": {
"locked": {
- "lastModified": 1758691861,
- "narHash": "sha256-CYgoGrY/Fx+hjzp8graTxJw1M7mn1f2jBkK26M04T0s=",
- "owner": "YaLTeR",
- "repo": "niri",
- "rev": "e837e39623457dc5ad29c34a5ce4d4616e5fbf1e",
- "type": "github"
- },
- "original": {
- "owner": "YaLTeR",
- "repo": "niri",
- "type": "github"
- }
- },
- "nix-index-database": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1760241904,
- "narHash": "sha256-OD7QnaGEVNdukYEbJbUNWPsvnDrpbZOZxVIk6Pt9Jhw=",
+ "lastModified": 1765674936,
+ "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=",
"owner": "nix-community",
- "repo": "nix-index-database",
- "rev": "c9f5ea45f25652ec2f771f9426ccacb21cbbaeaa",
+ "repo": "nixpkgs.lib",
+ "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85",
"type": "github"
},
"original": {
"owner": "nix-community",
- "repo": "nix-index-database",
- "type": "github"
- }
- },
- "nixpkgs": {
- "locked": {
- "lastModified": 1758198701,
- "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
+ "repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-small": {
"locked": {
- "lastModified": 1759240490,
- "narHash": "sha256-RPoiXImMd8sEYqOFd71pis08RheOgrd859E+5CIp6Sw=",
+ "lastModified": 1769651179,
+ "narHash": "sha256-+CBdFa+LgNhX63PxP5JsBi9iMbf9GPBzxXOHQweFBRU=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "b6f6c613838dd776620c34e8f15fe4d8a9cdf9c0",
+ "rev": "fabe65b5b16d107e904f3d9a590b91bed77e767a",
"type": "github"
},
"original": {
@@ -734,43 +386,27 @@
},
"nixpkgs-stable": {
"locked": {
- "lastModified": 1759143472,
- "narHash": "sha256-TvODmeR2W7yX/JmOCmP+lAFNkTT7hAxYcF3Kz8SZV3w=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "5ed4e25ab58fd4c028b59d5611e14ea64de51d23",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-25.05",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs-stable_2": {
- "locked": {
- "lastModified": 1761173472,
- "narHash": "sha256-m9W0dYXflzeGgKNravKJvTMR4Qqa2MVD11AwlGMufeE=",
+ "lastModified": 1769598131,
+ "narHash": "sha256-e7VO/kGLgRMbWtpBqdWl0uFg8Y2XWFMdz0uUJvlML8o=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "c8aa8cc00a5cb57fada0851a038d35c08a36a2bb",
+ "rev": "fa83fd837f3098e3e678e6cf017b2b36102c7211",
"type": "github"
},
"original": {
"owner": "nixos",
- "ref": "nixos-25.05",
+ "ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1759036355,
- "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=",
+ "lastModified": 1769018530,
+ "narHash": "sha256-MJ27Cy2NtBEV5tsK+YraYr2g851f3Fl1LpNHDzDX15c=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127",
+ "rev": "88d3861acdd3d2f0e361767018218e51810df8a1",
"type": "github"
},
"original": {
@@ -782,27 +418,11 @@
},
"nixpkgs_3": {
"locked": {
- "lastModified": 1759036355,
- "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_4": {
- "locked": {
- "lastModified": 1758690382,
- "narHash": "sha256-NY3kSorgqE5LMm1LqNwGne3ZLMF2/ILgLpFr1fS4X3o=",
+ "lastModified": 1769461804,
+ "narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "e643668fd71b949c53f8626614b21ff71a07379d",
+ "rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
"type": "github"
},
"original": {
@@ -812,160 +432,61 @@
"type": "github"
}
},
- "nur": {
- "inputs": {
- "flake-parts": [
- "stylix",
- "flake-parts"
- ],
- "nixpkgs": [
- "stylix",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1758998580,
- "narHash": "sha256-VLx0z396gDCGSiowLMFz5XRO/XuNV+4EnDYjdJhHvUk=",
- "owner": "nix-community",
- "repo": "NUR",
- "rev": "ba8d9c98f5f4630bcb0e815ab456afd90c930728",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "NUR",
- "type": "github"
- }
- },
- "nurpkgs": {
- "inputs": {
- "flake-parts": "flake-parts",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1759306765,
- "narHash": "sha256-L/rTRSo7zBlHflwAhjYxFHvW3Z6AXFKmZg85vu2HwS4=",
- "owner": "nix-community",
- "repo": "NUR",
- "rev": "d45b542c49e55d1246a25374692b079e448cb701",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "NUR",
- "type": "github"
- }
- },
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
- "hyprland",
+ "agenix-rekey",
"nixpkgs"
]
},
"locked": {
- "lastModified": 1758108966,
- "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=",
+ "lastModified": 1735882644,
+ "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=",
"owner": "cachix",
- "repo": "git-hooks.nix",
- "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b",
+ "repo": "pre-commit-hooks.nix",
+ "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656",
"type": "github"
},
"original": {
"owner": "cachix",
- "repo": "git-hooks.nix",
+ "repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
- "betterfox": "betterfox",
- "crowdsec": "crowdsec",
+ "agenix": "agenix",
+ "agenix-rekey": "agenix-rekey",
+ "deploy-rs": "deploy-rs",
"disko": "disko",
- "home-manager": "home-manager",
- "hyprland": "hyprland",
- "nh": "nh",
- "niri": "niri",
- "nix-index-database": "nix-index-database",
+ "flake-parts": "flake-parts_2",
+ "home-manager": "home-manager_2",
+ "import-tree": "import-tree",
"nixpkgs": "nixpkgs_3",
"nixpkgs-small": "nixpkgs-small",
- "nixpkgs-stable": "nixpkgs-stable_2",
- "nurpkgs": "nurpkgs",
- "shimmer": "shimmer",
- "sops-nix": "sops-nix",
- "stylix": "stylix",
- "zen-browser": "zen-browser"
- }
- },
- "shimmer": {
- "flake": false,
- "locked": {
- "lastModified": 1759261526,
- "narHash": "sha256-hN9tqH7gwdkr/5eRqqItMGeoISE5cwy3HB8PRilnREw=",
- "owner": "nuclearcodecat",
- "repo": "shimmer",
- "rev": "dfb34a0a1f322157fc3ce085f2016060fa7b1d57",
- "type": "github"
- },
- "original": {
- "owner": "nuclearcodecat",
- "repo": "shimmer",
- "type": "github"
+ "nixpkgs-stable": "nixpkgs-stable"
}
},
- "sops-nix": {
+ "rust-overlay": {
"inputs": {
"nixpkgs": [
- "nixpkgs-stable"
+ "agenix",
+ "nixpkgs"
]
},
"locked": {
- "lastModified": 1759188042,
- "narHash": "sha256-f9QC2KKiNReZDG2yyKAtDZh0rSK2Xp1wkPzKbHeQVRU=",
- "owner": "Mic92",
- "repo": "sops-nix",
- "rev": "9fcfabe085281dd793589bdc770a2e577a3caa5d",
+ "lastModified": 1761791894,
+ "narHash": "sha256-myRIDh+PxaREz+z9LzbqBJF+SnTFJwkthKDX9zMyddY=",
+ "owner": "oxalica",
+ "repo": "rust-overlay",
+ "rev": "59c45eb69d9222a4362673141e00ff77842cd219",
"type": "github"
},
"original": {
- "owner": "Mic92",
- "repo": "sops-nix",
- "type": "github"
- }
- },
- "stylix": {
- "inputs": {
- "base16": "base16",
- "base16-fish": "base16-fish",
- "base16-helix": "base16-helix",
- "base16-vim": "base16-vim",
- "firefox-gnome-theme": "firefox-gnome-theme",
- "flake-parts": "flake-parts_2",
- "gnome-shell": "gnome-shell",
- "nixpkgs": "nixpkgs_4",
- "nur": "nur",
- "systems": "systems_3",
- "tinted-foot": "tinted-foot",
- "tinted-kitty": "tinted-kitty",
- "tinted-schemes": "tinted-schemes",
- "tinted-tmux": "tinted-tmux",
- "tinted-zed": "tinted-zed"
- },
- "locked": {
- "lastModified": 1759305203,
- "narHash": "sha256-Mj3VQcpE5CVqfhi0Yp2B5qn5EcUwiPD4nCngxUiBHMg=",
- "owner": "danth",
- "repo": "stylix",
- "rev": "126e6c7625620e949d86578046fe97f418478c42",
- "type": "github"
- },
- "original": {
- "owner": "danth",
- "repo": "stylix",
+ "owner": "oxalica",
+ "repo": "rust-overlay",
"type": "github"
}
},
@@ -986,16 +507,16 @@
},
"systems_2": {
"locked": {
- "lastModified": 1689347949,
- "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
- "repo": "default-linux",
- "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
- "repo": "default-linux",
+ "repo": "default",
"type": "github"
}
},
@@ -1014,179 +535,42 @@
"type": "github"
}
},
- "tinted-foot": {
- "flake": false,
- "locked": {
- "lastModified": 1726913040,
- "narHash": "sha256-+eDZPkw7efMNUf3/Pv0EmsidqdwNJ1TaOum6k7lngDQ=",
- "owner": "tinted-theming",
- "repo": "tinted-foot",
- "rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
- "type": "github"
- },
- "original": {
- "owner": "tinted-theming",
- "repo": "tinted-foot",
- "rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
- "type": "github"
- }
- },
- "tinted-kitty": {
- "flake": false,
- "locked": {
- "lastModified": 1735730497,
- "narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
- "owner": "tinted-theming",
- "repo": "tinted-kitty",
- "rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
- "type": "github"
- },
- "original": {
- "owner": "tinted-theming",
- "repo": "tinted-kitty",
- "type": "github"
- }
- },
- "tinted-schemes": {
- "flake": false,
- "locked": {
- "lastModified": 1757716333,
- "narHash": "sha256-d4km8W7w2zCUEmPAPUoLk1NlYrGODuVa3P7St+UrqkM=",
- "owner": "tinted-theming",
- "repo": "schemes",
- "rev": "317a5e10c35825a6c905d912e480dfe8e71c7559",
- "type": "github"
- },
- "original": {
- "owner": "tinted-theming",
- "repo": "schemes",
- "type": "github"
- }
- },
- "tinted-tmux": {
- "flake": false,
- "locked": {
- "lastModified": 1757811970,
- "narHash": "sha256-n5ZJgmzGZXOD9pZdAl1OnBu3PIqD+X3vEBUGbTi4JiI=",
- "owner": "tinted-theming",
- "repo": "tinted-tmux",
- "rev": "d217ba31c846006e9e0ae70775b0ee0f00aa6b1e",
- "type": "github"
- },
- "original": {
- "owner": "tinted-theming",
- "repo": "tinted-tmux",
- "type": "github"
- }
- },
- "tinted-zed": {
- "flake": false,
- "locked": {
- "lastModified": 1757811247,
- "narHash": "sha256-4EFOUyLj85NRL3OacHoLGEo0wjiRJzfsXtR4CZWAn6w=",
- "owner": "tinted-theming",
- "repo": "base16-zed",
- "rev": "824fe0aacf82b3c26690d14e8d2cedd56e18404e",
- "type": "github"
- },
- "original": {
- "owner": "tinted-theming",
- "repo": "base16-zed",
- "type": "github"
- }
- },
- "xdph": {
+ "treefmt-nix": {
"inputs": {
- "hyprland-protocols": [
- "hyprland",
- "hyprland-protocols"
- ],
- "hyprlang": [
- "hyprland",
- "hyprlang"
- ],
- "hyprutils": [
- "hyprland",
- "hyprutils"
- ],
- "hyprwayland-scanner": [
- "hyprland",
- "hyprwayland-scanner"
- ],
"nixpkgs": [
- "hyprland",
+ "agenix-rekey",
"nixpkgs"
- ],
- "systems": [
- "hyprland",
- "systems"
]
},
"locked": {
- "lastModified": 1755354946,
- "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=",
- "owner": "hyprwm",
- "repo": "xdg-desktop-portal-hyprland",
- "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0",
- "type": "github"
- },
- "original": {
- "owner": "hyprwm",
- "repo": "xdg-desktop-portal-hyprland",
- "type": "github"
- }
- },
- "xwayland-satellite-stable": {
- "flake": false,
- "locked": {
- "lastModified": 1755491097,
- "narHash": "sha256-m+9tUfsmBeF2Gn4HWa6vSITZ4Gz1eA1F5Kh62B0N4oE=",
- "owner": "Supreeeme",
- "repo": "xwayland-satellite",
- "rev": "388d291e82ffbc73be18169d39470f340707edaa",
- "type": "github"
- },
- "original": {
- "owner": "Supreeeme",
- "ref": "v0.7",
- "repo": "xwayland-satellite",
- "type": "github"
- }
- },
- "xwayland-satellite-unstable": {
- "flake": false,
- "locked": {
- "lastModified": 1758577423,
- "narHash": "sha256-sB2GAOjhjoWnjU6A/uHNJiY6O3UeztV5pJAN2g1FkXU=",
- "owner": "Supreeeme",
- "repo": "xwayland-satellite",
- "rev": "03368548ba745e17a85bd631613a59cb2d8469a4",
+ "lastModified": 1735135567,
+ "narHash": "sha256-8T3K5amndEavxnludPyfj3Z1IkcFdRpR23q+T0BVeZE=",
+ "owner": "numtide",
+ "repo": "treefmt-nix",
+ "rev": "9e09d30a644c57257715902efbb3adc56c79cf28",
"type": "github"
},
"original": {
- "owner": "Supreeeme",
- "repo": "xwayland-satellite",
+ "owner": "numtide",
+ "repo": "treefmt-nix",
"type": "github"
}
},
- "zen-browser": {
+ "utils": {
"inputs": {
- "home-manager": "home-manager_2",
- "nixpkgs": [
- "nixpkgs"
- ]
+ "systems": "systems_3"
},
"locked": {
- "lastModified": 1759292536,
- "narHash": "sha256-fWTojLEpXgqwtKZb+qJ5gn9y8N6MAKM35yu0k+4yWmo=",
- "owner": "0xc000022070",
- "repo": "zen-browser-flake",
- "rev": "d11cff279fb1d879cd72d6fb3bbd1ae7b584674b",
+ "lastModified": 1731533236,
+ "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
- "owner": "0xc000022070",
- "repo": "zen-browser-flake",
+ "owner": "numtide",
+ "repo": "flake-utils",
"type": "github"
}
}
diff --git a/flake.nix b/flake.nix
index 6578dc0..497471e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,192 +1,32 @@
{
- description = "NixOS configs <3";
-
inputs = {
- nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
- nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
-
- # Nix replacement because why not
- # lix-module = {
- # url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz";
- # inputs.nixpkgs.follows = "nixpkgs";
- # };
-
- home-manager = {
- url = "github:nix-community/home-manager/master";
- inputs.nixpkgs.follows = "nixpkgs";
- };
+ nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
- # Nix User Repo
- nurpkgs = {
- url = "github:/nix-community/NUR";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- hyprland = {
- url = "github:hyprwm/Hyprland";
- };
-
- # Nix command helper
- nh = {
- url = "github:viperML/nh";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- # Styling for (almost) everything
- stylix.url = "github:danth/stylix";
+ flake-parts.url = "github:hercules-ci/flake-parts";
+ import-tree.url = "github:vic/import-tree";
+ home-manager.url = "github:nix-community/home-manager";
disko = {
url = "github:nix-community/disko";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- # Secrets
- sops-nix = {
- url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
- crowdsec = {
- url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git";
+ agenix = {
+ url = "github:yaxitech/ragenix";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
- nix-index-database = {
- url = "github:nix-community/nix-index-database";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- zen-browser = {
- url = "github:0xc000022070/zen-browser-flake";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- niri.url = "github:sodiboo/niri-flake";
-
- shimmer = {
- url = "github:nuclearcodecat/shimmer";
- flake = false;
+ agenix-rekey = {
+ url = "github:oddlama/agenix-rekey";
+ inputs.nixpkgs.follows = "nixpkgs-stable";
};
- betterfox = {
- url = "github:yokoffing/Betterfox";
- flake = false;
- };
+ deploy-rs.url = "github:serokell/deploy-rs";
};
- outputs = {
- self,
- nixpkgs,
- nixpkgs-stable,
- home-manager,
- nurpkgs,
- hyprland,
- disko,
- sops-nix,
- crowdsec,
- nix-index-database,
- ...
- } @ inputs: let
- inherit (self) outputs;
- forAllSystems = nixpkgs.lib.genAttrs [
- "aarch64-linux"
- "i686-linux"
- "x86_64-linux"
- ];
- in {
- packages = forAllSystems (
- system: let
- pkgs = nixpkgs.legacyPackages.${system};
- in
- import ./pkgs {inherit pkgs;}
- );
- # Devshell for bootstrapping
- # Acessible through 'nix develop' or 'nix-shell' (legacy)
- devShells = forAllSystems (
- system: let
- pkgs = nixpkgs.legacyPackages.${system};
- in
- import ./shell.nix {inherit pkgs;}
- );
-
- # Your custom packages and modifications, exported as overlays
- overlays = import ./overlays {inherit inputs outputs;};
- # Reusable nixos modules you might want to export
- # These are usually stuff you would upstream into nixpkgs
- nixosModules = import ./modules/nixos;
- # Reusable home-manager modules you might want to export
- # These are usually stuff you would upstream into home-manager
- homeManagerModules = import ./modules/home-manager;
-
- # NixOS configuration entrypoint
- # Available through 'nixos-rebuild --flake .#your-hostname'
- nixosConfigurations = {
- ltrr-mini = nixpkgs.lib.nixosSystem {
- specialArgs = {inherit inputs outputs;};
- modules = [
- ./nixos/laptop/configuration.nix
- disko.nixosModules.disko
- ];
- };
-
- ltrr = nixpkgs.lib.nixosSystem {
- specialArgs = {inherit inputs outputs;};
- modules = [
- ./nixos/pc/configuration.nix
- ];
- };
-
- ltrr-tw = nixpkgs-stable.lib.nixosSystem {
- specialArgs = {inherit inputs outputs;};
- system = "x86_64-linux";
- modules = [
- disko.nixosModules.disko
- sops-nix.nixosModules.sops
- crowdsec.nixosModules.crowdsec
- ./nixos/tw/configuration.nix
- ];
- };
-
- ltrr-vpn = nixpkgs-stable.lib.nixosSystem {
- system = "x86_64-linux";
- modules = [
- disko.nixosModules.disko
- ./nixos/vpn/configuration.nix
- ];
- };
-
- ltrr-home = nixpkgs-stable.lib.nixosSystem {
- specialArgs = {inherit inputs outputs;};
- system = "x86_64-linux";
- modules = [
- disko.nixosModules.disko
- sops-nix.nixosModules.sops
- ./nixos/server/configuration.nix
- ];
- };
- };
-
- homeConfigurations = {
- "jerpo@ltrr-mini" = home-manager.lib.homeManagerConfiguration {
- pkgs = nixpkgs.legacyPackages.x86_64-linux;
- extraSpecialArgs = {inherit inputs outputs;};
- modules = [
- ./home-manager/laptop.nix
- nurpkgs.modules.homeManager.default
- nix-index-database.homeModules.nix-index
- ];
- };
-
- "jerpo@ltrr" = home-manager.lib.homeManagerConfiguration {
- pkgs = nixpkgs.legacyPackages.x86_64-linux;
- extraSpecialArgs = {inherit inputs outputs;};
- modules = [
- ./home-manager/pc.nix
- nurpkgs.modules.homeManager.default
- nix-index-database.homeModules.nix-index
- ];
- };
- };
- };
+ outputs = inputs:
+ inputs.flake-parts.lib.mkFlake {inherit inputs;}
+ (inputs.import-tree ./modules);
}
diff --git a/home-manager/general.nix b/home-manager/general.nix
deleted file mode 100644
index c87edac..0000000
--- a/home-manager/general.nix
+++ /dev/null
@@ -1,117 +0,0 @@
-{
- pkgs,
- inputs,
- outputs,
- config,
- lib,
- ...
-}: let
- username = "jerpo";
- homeDirectory = "/home/${username}";
- configHome = "${homeDirectory}/.config";
-
- cliPkgs = with pkgs; [
- fd
- ripgrep
-
- jq
- wget
- btop
- tealdeer
-
- zip
- unzip
- p7zip
-
- ffmpeg
- ghostscript
- xdragon
- steam-run
- python311
- pokemon-colorscripts
-
- xdg-utils
- pkg-config
- nix-prefetch-scripts
- adwaita-icon-theme
- ];
-
- nogamesPkgs = with pkgs; [
- vkd3d
- steam
- bottles
- open-sans
- osu-lazer-bin
- ];
- baconPkgs = with pkgs; [
- vesktop
- chromium
- geeqie
- darktable
- telegram-desktop
- libreoffice-fresh
- transmission_4-gtk
- ];
-
- kube = with pkgs; [
- kubectl
- kubernetes-helm
- ];
-in {
- imports = [
- ./homeModules
- ];
-
- nixpkgs = {
- overlays = [
- outputs.overlays.additions
- outputs.overlays.modifications
- outputs.overlays.truly-unstable-packages
- ];
- config = {
- allowUnfree = true;
- allowUnfreePredicate = _: true;
- };
- };
-
- home = {
- inherit username homeDirectory;
- stateVersion = "23.05";
- packages = baconPkgs ++ nogamesPkgs ++ cliPkgs ++ kube;
- sessionVariables = {
- NH_FLAKE = "/home/jerpo/nixfiles";
- };
- };
-
- xdg = {
- inherit configHome;
- enable = true;
- };
-
- lib.meta = {
- configPath = "${config.home.homeDirectory}/nixfiles/";
- mkMutableSymlink = path:
- config.lib.file.mkOutOfStoreSymlink
- (config.lib.meta.configPath + lib.strings.removePrefix (toString inputs.self) (toString path));
- };
-
- # from homeModules
- stylixConfig.enable = true;
- stylixConfig.theme = "everforest";
-
- emacs.enable = true;
- emacs.package = pkgs.emacs30;
- alacritty.enable = true;
- fish.enable = true;
-
- zen-browser.enable = true;
-
- tmux.enable = true;
-
- programs.nix-index-database.comma.enable = true;
- programs.nix-index = {
- enable = true;
- };
-
- programs.home-manager.enable = true;
-}
diff --git a/home-manager/homeModules/alacritty.nix b/home-manager/homeModules/alacritty.nix
deleted file mode 100644
index 0f9d5ba..0000000
--- a/home-manager/homeModules/alacritty.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- alacritty.enable = lib.mkEnableOption "enable alacritty";
- };
-
- config = lib.mkIf config.alacritty.enable {
- programs.alacritty = {
- enable = true;
- settings = {
- cursor = {
- style = "Beam";
- thickness = 0.25;
- };
- window = {
- padding = {
- x = 10;
- };
- };
- };
- };
- };
-}
-
-
-
diff --git a/home-manager/homeModules/bspwm.nix b/home-manager/homeModules/bspwm.nix
deleted file mode 100644
index 712a95c..0000000
--- a/home-manager/homeModules/bspwm.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- imports = [
- ./picom.nix
- ./dunst.nix
- ./sxhkd.nix
- ];
-
- options = {
- bspwm.enable = lib.mkEnableOption "enable bspwm";
- };
-
- config = lib.mkIf config.bspwm.enable {
- picom.enable = true;
- dunst.enable = true;
- sxhkd.enable = true;
-
- rofi = {
- enable = true;
- package = pkgs.rofi;
- };
-
- xsession.windowManager.bspwm = {
- enable = true;
-
- monitors =
- let
- workspaces = [
- "α"
- "β"
- "γ"
- "δ"
- "ε"
- ];
- in {
- "^1" = workspaces;
- # "^2" = workspaces;
- };
-
- settings = {
- # focused_border_color = "#908caa";
- # normal_border_color = "#363a4f";
- # presel_feedback_color = "#752f20";
- border_width = 3;
- window_gap = 12;
- focus_follows_pointer = true;
- split_ratio = 0.5;
- };
-
- startupPrograms = [
- "sxhkd"
- "picom -b"
- "emacs --daemon"
- "feh --bg-fill ${config.wallpaper}"
- ];
- };
- home.packages = with pkgs; [
- feh
- betterlockscreen
- xfce.xfce4-screenshooter
- ];
- };
-}
diff --git a/home-manager/homeModules/default.nix b/home-manager/homeModules/default.nix
deleted file mode 100644
index 20a7c6f..0000000
--- a/home-manager/homeModules/default.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- imports = [
- ./emacs
- ./firefox.nix
- ./mako.nix
- ./rofi.nix
- ./nvim.nix
- ./bspwm.nix
- ./hyprland.nix
- ./picom.nix
- ./alacritty.nix
- ./fish.nix
- ./waybar.nix
- ./fuzzel.nix
- ./stylix.nix
- ./exwm.nix
- ./zen-browser.nix
- ./tmux.nix
- ];
-}
diff --git a/home-manager/homeModules/dunst.nix b/home-manager/homeModules/dunst.nix
deleted file mode 100644
index 1a5fd31..0000000
--- a/home-manager/homeModules/dunst.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- dunst.enable = lib.mkEnableOption "enable dunst";
- };
- config = lib.mkIf config.dunst.enable {
- home.packages = [ pkgs.libnotify ];
- services.dunst = {
- enable = true;
- settings = {
- global = {
- origin = "bottom-right";
- notification_limit = 5;
- progress_bar = true;
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/emacs/default.nix b/home-manager/homeModules/emacs/default.nix
deleted file mode 100644
index 7a8b66f..0000000
--- a/home-manager/homeModules/emacs/default.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{
- pkgs,
- config,
- lib,
- ...
-}:
-
-let
- mkMutableSymlink = config.lib.meta.mkMutableSymlink;
-in
-{
- options = {
- emacs.enable = lib.mkEnableOption "enable emacs";
- emacs.package = lib.mkPackageOption pkgs "emacs package" { default = [ "emacs30-pgtk" ]; };
- };
- config = lib.mkIf config.emacs.enable {
- home.sessionVariables.EDITOR = "emacsclient -a emacs";
- home.packages =
- with pkgs;
- with python311Packages;
- [
- # required dependencies
- ripgrep
- fd
- tree-sitter
- emacs-all-the-icons-fonts
- libappindicator
- poppler_utils
- nixd
- alejandra
- sqlite
- ];
-
- programs.emacs = {
- enable = true;
- package = config.emacs.package;
- extraPackages =
- epkgs: with epkgs; [
- treesit-grammars.with-all-grammars
- mu4e
- ];
- };
-
- xdg.configFile = {
- "emacs/early-init.el".source = mkMutableSymlink ./early-init.el;
- "emacs/init.el".source = mkMutableSymlink ./init.el;
- "emacs/elpaca.el".source = mkMutableSymlink ./elpaca.el;
- "emacs/etc/tempel/templates.eld".source = mkMutableSymlink ./templates.eld;
- "emacs/etc/eshell/aliases".source = mkMutableSymlink ./aliases;
- };
- };
-}
diff --git a/home-manager/homeModules/exwm.nix b/home-manager/homeModules/exwm.nix
deleted file mode 100644
index bc5d79c..0000000
--- a/home-manager/homeModules/exwm.nix
+++ /dev/null
@@ -1,61 +0,0 @@
-{ lib, pkgs, config, ... }:
-{
- imports = [
- ./picom.nix
- ./dunst.nix
- ];
-
- options = {
- exwm.enable = lib.mkEnableOption " enable exwm";
- };
-
- config = lib.mkIf config.exwm.enable {
- picom.enable = true;
- dunst.enable = true;
-
- programs.emacs = {
- extraPackages = epkgs: with epkgs; [ exwm ];
- extraConfig = ''
- (setq exwm--my-scripts "${./attachments/hypr-scripts}")
- '';
- };
- services = {
- # Screenshotting.
- flameshot.enable = true;
-
- # Screen locking.
- screen-locker = {
- enable = true;
- lockCmd = "${pkgs.i3lock-fancy}/bin/i3lock-fancy -p -t ''";
- inactiveInterval = 20;
- };
- };
- home.file.xinitrc = {
- text = ''
- # Disable access control for the current user.
- xhost +SI:localuser:$USER
-
- # Make Java applications aware this is a non-reparenting window manager.
- export _JAVA_AWT_WM_NONREPARENTING=1
-
- # Set default cursor.
- xsetroot -cursor_name left_ptr
-
- picom -b
-
- # Finally start Emacs
- ${pkgs.dbus.dbus-launch} --exit-with-session emacs -mm --fullscreen --internal-border=0 --border-width=0
- '';
- target = ".xinitrc";
- };
- home.packages = with pkgs; [
- boomer
- arandr
- feh
- gtk3
- i3lock-fancy
- xclip
- xorg.xev
- ];
- };
-}
diff --git a/home-manager/homeModules/firefox.nix b/home-manager/homeModules/firefox.nix
deleted file mode 100644
index 743895a..0000000
--- a/home-manager/homeModules/firefox.nix
+++ /dev/null
@@ -1,105 +0,0 @@
-{ pkgs, config, lib, inputs, ... }:
-
-{
- options = {
- firefox.enable = lib.mkEnableOption "enable firefox";
- };
- config = lib.mkIf config.firefox.enable {
- programs.firefox = {
- enable = true;
- package = pkgs.firefox;
- profiles.ShyFox = {
- isDefault = true;
- extensions = {
- packages = with pkgs.nur.repos.rycee.firefox-addons; [
- bitwarden
- ublock-origin
- sponsorblock
- return-youtube-dislikes
- firefox-color
- tampermonkey
- duckduckgo-privacy-essentials
- mal-sync
- sidebery
- ];
-
- force = true;
- # settings = {
- # "{3c078156-979c-498b-8990-85f7987dd929}".settings =
- # builtins.fromJSON (builtins.readFile "${inputs.shimmer.outPath}/sidebery.json");
- # };
- };
-
- preConfig = builtins.readFile "${inputs.betterfox.outPath}/user.js";
- userChrome = builtins.readFile "${inputs.shimmer.outPath}/userChrome.css";
- userContent = builtins.readFile "${inputs.shimmer.outPath}/userContent.css";
-
- settings = {
- "shimmer.remove-winctr-buttons" = true;
- "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
- "svg.context-properties.content.enabled" = true;
- "browser.search.suggest.enabled" = true;
- "captivedetect.canonicalURL" = "http://detectportal.firefox.com/canonical.html";
- "network.captive-portal-service.enabled" = true;
- "network.connectivity-service.enabled" = true;
- "extensions.autoDisableScopes" = 0;
- };
- search = {
- force = true;
- engines = {
- "Brave" = {
- urls = [
- { template = "https://search.brave.com/search?q={searchTerms}"; }
- {
- type = "application/x-suggestions+json";
- template = "https://search.brave.com/api/suggest?q={searchTerms}";
- }
- ];
-
- icon = "https://cdn.search.brave.com/serp/v2/_app/immutable/assets/safari-pinned-tab.539899c7.svg";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!br" ];
- };
- "NixOS Packages" = {
- urls = [{ template = "https://search.nixos.org/packages?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!ns" ];
- };
- "NixOS Options" = {
- urls = [{ template = "https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!no" ];
- };
- "HomeManager" = {
- urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=master"; }];
- icon = "https://github.com/mipmip/home-manager-option-search/blob/main/images/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!hs" ];
- };
- "NixWiki" = {
- urls = [{ template = "https://wiki.nixos.org/w/index.php?search={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!nw" ];
- };
- "Kinopoisk" = {
- urls = [{ template = "https://www.kinopoisk.ru/index.php?kp_query={searchTerms}"; }];
- icon = "https://www.kinopoisk.ru/favicon.ico";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!ks" ];
- };
- "MDN Docs" = {
- urls = [{ template = "https://developer.mozilla.org/en-US/search?q={searchTerms}"; }];
- icon = "https://developer.mozilla.org/favicon-48x48.bc390275e955dacb2e65.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!md" ];
- };
- };
- default = "Brave";
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/fish.nix b/home-manager/homeModules/fish.nix
deleted file mode 100644
index b539e84..0000000
--- a/home-manager/homeModules/fish.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{
- pkgs,
- config,
- lib,
- ...
-}: {
- options = {
- fish.enable = lib.mkEnableOption "enable fish";
- };
- config = lib.mkIf config.fish.enable {
- programs.direnv = {
- enable = true;
- nix-direnv.enable = true;
- };
-
- programs.nix-index.enableFishIntegration = true;
-
- programs.fish = {
- enable = true;
- plugins = [
- {
- name = "pure";
- src = pkgs.fishPlugins.pure.src;
- }
- {
- name = "autopair";
- src = pkgs.fishPlugins.autopair.src;
- }
- ];
- interactiveShellInit = ''
- set fish_greeting
- pokemon-colorscripts -r --no-title
- '';
-
- shellAliases = {
- ls = "ls --hyperlink=auto --color=auto";
- };
- };
- };
-}
diff --git a/home-manager/homeModules/fuzzel.nix b/home-manager/homeModules/fuzzel.nix
deleted file mode 100644
index 7fc8703..0000000
--- a/home-manager/homeModules/fuzzel.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- fuzzel.enable = lib.mkEnableOption "enable fuzzel";
- };
-
- config = lib.mkIf config.fuzzel.enable {
- programs.fuzzel = {
- enable = true;
- settings = {
- colors = {
- background = "1f1d2eff";
- text = "6e6a86ff";
- selection = "908caaff";
- selection-text = "1f1d2eff";
- };
- main = {
- lines = 9;
- terminal = "alacritty -e";
- vertical-pad = 0;
- horizontal-pad = 0;
- };
- border.width = 0;
- };
- };
- };
-}
diff --git a/home-manager/homeModules/hyprland.nix b/home-manager/homeModules/hyprland.nix
deleted file mode 100644
index e99eb4f..0000000
--- a/home-manager/homeModules/hyprland.nix
+++ /dev/null
@@ -1,231 +0,0 @@
-{
- pkgs,
- lib,
- config,
- inputs,
- ...
-}: {
- imports = [
- ./waybar.nix
- ./rofi.nix
- ./mako.nix
- ];
-
- options = {
- hyprland.enable = lib.mkEnableOption "enable hyprland";
- };
-
- config = lib.mkIf config.hyprland.enable {
- waybar.enable = true;
- rofi.enable = true;
- mako.enable = true;
-
- home.packages = with pkgs; [
- swww
- brightnessctl
- grimblast
- cliphist
- polkit_gnome
- kdePackages.xwaylandvideobridge
- wl-clipboard
- libnotify
- socat
- ];
-
- home.sessionVariables.XDG_CURRENT_DESKTOP = "Hyprland";
-
- wayland.windowManager.hyprland = {
- enable = true;
- settings = {
- "$scripts" = "${./attachments/hypr-scripts}";
- "$mainMod" = "SUPER";
- "$terminal" = "alacritty";
-
- exec-once = [
- "emacs --daemon"
- "swww-daemon"
- "swww img ${config.wallpaper}"
- "$scripts/bitwarden-float.sh"
- ];
-
- monitor = [
- "eDP-1,preferred,auto,1.6"
- ",preferred,auto,1,mirror,eDP-1"
- ];
-
- input = {
- kb_layout = "us,ru";
- kb_options = "grp:win_space_toggle";
- touchpad = {
- natural_scroll = "yes";
- disable_while_typing = "no";
- };
- sensitivity = 0.1;
- };
-
- general = {
- gaps_in = 5;
- gaps_out = 15;
- border_size = 3;
- layout = "dwindle";
- allow_tearing = false;
- };
-
- misc = {
- vfr = true;
- };
-
- decoration = {
- rounding = 7;
- blur = {
- enabled = true;
- size = 3;
- passes = 1;
- };
- };
-
- xwayland.force_zero_scaling = true;
- env = [
- "GDK_SCALE,2"
- "XCURSOR_SIZE,32"
- ];
-
- animations = {
- enabled = 1;
- # bezier = "overshot,0.13,0.99,0.29,1.1,";
- animation = [
- "fade,1,4,default"
- "workspaces,1,4,default,fade"
- "windows,1,4,default,popin 95%"
- "windowsMove,0"
- ];
- };
-
- dwindle = {
- pseudotile = "yes";
- preserve_split = "yes";
- };
-
- gesture = [
- "3, horizontal, workspace"
- ];
- misc.force_default_wallpaper = 1;
-
- windowrule = [
- "bordersize 0, floating:0, onworkspace:w[tv1]"
- "rounding 0, floating:0, onworkspace:w[tv1]"
- "bordersize 0, floating:0, onworkspace:f[1]"
- "rounding 0, floating:0, onworkspace:f[1]"
- ];
-
- workspace = [
- "w[tv1], gapsout:0, gapsin:0"
- "f[1], gapsout:0, gapsin:0"
- ];
-
- windowrulev2 = [
- "float, class:^(org.telegram.desktop)$"
- "pin, class:^(org.telegram.desktop)$"
- "size 30% 845, class:^(org.telegram.desktop)$"
- "move 100%-w-25 73, class:^(org.telegram.desktop)$"
- # firefox
- "float, title:(Sharing Indicator)"
- "noborder, title:(Sharing Indicator)"
- "rounding 0, title:(Sharing Indicator)"
- "float, title:(Picture-in-Picture)"
- "pin, title:(Picture-in-Picture)"
- "move 100%-w-21 100%-w-21, title:^(Picture-in-Picture)$"
- "noinitialfocus, title:^(Picture-in-Picture)$"
- "float, title:^(Save File)$"
- "pin, title:^(Save File)$"
- # dragon-drop
- "pin, class:^(dragon-drop)$"
- # torrent
- "float, title:^(Torrent Options)$"
- "pin, title:^(Torrent Options)$"
- # xwaylandvideobridge
- "opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$"
- "noanim,class:^(xwaylandvideobridge)$"
- "noinitialfocus,class:^(xwaylandvideobridge)$"
- "maxsize 1 1,class:^(xwaylandvideobridge)$"
- "noblur,class:^(xwaylandvideobridge)$"
- ];
-
- bind =
- [
- "$mainMod, V, togglefloating, "
- "$mainMod, P, pseudo,"
- "$mainMod, I, togglesplit,"
- "$mainMod, F, fullscreen, 0"
- "$mainMod, M, fullscreen, 1"
- "$mainMod SHIFT, Q, killactive, "
- "$mainMod SHIFT, E, exit,"
-
- # Apps
- "$mainMod, D, exec, pkill rofi || rofi -show-icons -show drun"
- "$mainMod, Q, exec, $terminal"
- "$mainMod, B, exec, zen-beta"
- "$mainMod, T, exec, Telegram"
- "$mainMod, E, exec, emacsclient -c -a emacs"
- "$mainMod CONTROL, E, exec, emacs"
- "$mainMod, T, exec, $scripts/toggle-tg.sh"
- "$mainMod SHIFT, Esc, exec, swww img ${config.wallpaper}"
- ",XF86Favorites, exec, bash $scripts/toggle-vpn.sh"
-
- # Screenshooting
- ", Print, exec, grimblast save screen"
- "ALT, Print, exec, grimblast save active"
- "SHIFT, Print, exec, grimblast save area"
- "CONTROL, Print, exec, grimblast copy screen"
- "ALT_CONTROL, Print, exec, grimblast copy active"
- "CONTROL_SHIFT, Print, exec, grimblast copy area "
-
- # Windows
- "$mainMod, J, movefocus, d"
- "$mainMod, K, movefocus, u"
- "$mainMod, H, movefocus, l"
- "$mainMod, L, movefocus, r"
- "SUPER_SHIFT,J,movewindow,d"
- "SUPER_SHIFT,K,movewindow,u"
- "SUPER_SHIFT,H,movewindow,l"
- "SUPER_SHIFT,L,movewindow,r"
- "$mainMod, mouse_down, workspace, e+1"
- "$mainMod, mouse_up, workspace, e-1"
- ]
- ++ (
- # workspaces
- # binds $mod + [shift +] {1..10} to [move to] workspace {1..10}
- builtins.concatLists (builtins.genList (
- x: let
- ws = let
- c = (x + 1) / 10;
- in
- builtins.toString (x + 1 - (c * 10));
- in [
- "$mainMod, ${ws}, workspace, ${toString (x + 1)}"
- "$mainMod SHIFT, ${ws}, movetoworkspacesilent, ${toString (x + 1)}"
- ]
- )
- 10)
- );
- binde = [
- # Volume
- ",0x1008FF11,exec,wpctl set-volume @DEFAULT_SINK@ 5%-"
- ",0x1008FF13,exec,wpctl set-volume @DEFAULT_SINK@ 5%+"
- ",0x1008FF12,exec,wpctl set-mute @DEFAULT_SINK@ toggle"
- ",XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_SOURCE@ toggle"
- ",XF86TouchpadToggle, exec, python3 $scripts/switch-sink.py"
-
- # Brightness
- ",XF86MonBrightnessUp,exec,brightnessctl s +5%"
- ",XF86MonBrightnessDown,exec,brightnessctl s 5%-"
- ];
-
- bindm = [
- "$mainMod, mouse:272, movewindow"
- "$mainMod, mouse:273, resizewindow"
- ];
- };
- };
- };
-}
diff --git a/home-manager/homeModules/kanata.nix b/home-manager/homeModules/kanata.nix
deleted file mode 100644
index e69de29..0000000
--- a/home-manager/homeModules/kanata.nix
+++ /dev/null
diff --git a/home-manager/homeModules/mako.nix b/home-manager/homeModules/mako.nix
deleted file mode 100644
index 057cd95..0000000
--- a/home-manager/homeModules/mako.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{
- pkgs,
- config,
- lib,
- ...
-}: {
- options = {
- mako.enable = lib.mkEnableOption "enable mako";
- };
-
- config = lib.mkIf config.mako.enable {
- services.mako = {
- enable = true;
- settings = {
- anchor = "bottom-right";
- default-timeout = 5000;
- border-size = 3;
- border-radius = 7;
- };
- };
- };
-}
diff --git a/home-manager/homeModules/niri.nix b/home-manager/homeModules/niri.nix
deleted file mode 100644
index 6ee04cc..0000000
--- a/home-manager/homeModules/niri.nix
+++ /dev/null
@@ -1,258 +0,0 @@
-{
- pkgs,
- config,
- lib,
- inputs,
- ...
-}:
-with lib; let
- cfg = config.niri;
-in {
- imports = [
- ./waybar.nix
- ./rofi.nix
- ./mako.nix
- inputs.niri.homeModules.niri
- inputs.niri.homeModules.stylix
- ];
-
- options = {
- niri = {
- enable = mkEnableOption "enable niri config";
- };
- };
-
- config = mkIf cfg.enable {
- waybar = {
- enable = true;
- windowManager = "niri";
- workspaceIcons = {
- # "1" = "α";
- # "2" = "β";
- # "3" = "γ";
- # "4" = "δ";
- # "5" = "ε";
- # urgent = "λ";
- # default = "ω";
- "internet" = "";
- "discord" = "";
- "chat" = "<b></b>";
-
- "active" = "";
- "default" = "";
- };
- };
- rofi.enable = true;
- mako.enable = true;
-
- home.packages = with pkgs; [
- pkgs.xwayland-satellite
- swww
- brightnessctl
- grimblast
- polkit_gnome
- kdePackages.xwaylandvideobridge
- wl-clipboard
- libnotify
- wl-mirror
- ];
-
- stylix.targets.niri.enable = true;
- programs.niri = {
- enable = true;
-
- settings = {
- input = {
- keyboard.xkb = {
- layout = "us,ru";
- options = "grp:win_space_toggle,compose:ralt,ctrl:nocaps";
- };
- touchpad = {
- tap = true;
- dwt = false;
- dwtp = true;
- natural-scroll = true;
- };
- warp-mouse-to-focus.enable = true;
- focus-follows-mouse = {
- enable = true;
- max-scroll-amount = "25%";
- };
- };
-
- cursor = {
- theme = "Bibata-Modern-Ice";
- size = 24;
- };
-
- layout = {
- gaps = 16;
- center-focused-column = "never";
- preset-column-widths = [
- {proportion = 0.33333;}
- {proportion = 0.5;}
- {proportion = 0.66667;}
- ];
- border = {
- enable = true;
- };
- focus-ring.enable = false;
- };
-
- animations = {
- workspace-switch.enable = false;
- };
-
- # workspaces = {
- # internet = {};
- # code = {};
- # };
-
- window-rules = [
- {
- matches = [
- {
- app-id = "steam";
- title = ''r#"^notificationtoasts_\d+_desktop$"#'';
- }
- ];
- default-floating-position = {
- x = 20;
- y = 10;
- relative-to = "bottom-right";
- };
- }
- ];
-
- spawn-at-startup = [
- {argv = ["swww-daemon"];}
- {argv = ["mako"];}
- ];
-
- prefer-no-csd = true;
-
- binds = with config.lib.niri.actions; let
- scripts = "${./attachments/hypr-scripts}";
- in {
- "Mod+Q".action.spawn = "alacritty";
- "Mod+D".action.spawn = ["sh" "-c" "pkill rofi || rofi -show-icons -show drun"];
- "Mod+B".action.spawn = "zen-beta";
- "Mod+E".action.spawn = ["emacsclient" "-c" "-a" "emacs"];
- "Mod+T".action.spawn = "Telegram";
-
- "XF86AudioRaiseVolume".action.spawn = ["wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.05+"];
- "XF86AudioLowerVolume".action.spawn = ["wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.05-"];
- "XF86AudioMute".action.spawn = ["wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"];
- "XF86AudioMicMute".action.spawn = ["wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"];
-
- "XF86MonBrightnessUp".action.spawn = ["brightnessctl" "s" "+5%"];
- "XF86MonBrightnessDown".action.spawn = ["brightnessctl" "s" "5%-"];
-
- "XF86Favorites".action.spawn = "${scripts}/toggle-vpn.sh";
- "XF86TouchpadToggle".action.spawn = "${scripts}/switch-sink.py";
-
- "Mod+Shift+Slash".action = show-hotkey-overlay;
-
- "Super+Alt+L".action.spawn = "swaylock";
- "Mod+Shift+E".action = quit;
- "Mod+Shift+P".action = power-off-monitors;
- "Mod+Shift+Q".action = close-window;
-
- "Mod+H".action = focus-column-left;
- "Mod+J".action = focus-window-down;
- "Mod+K".action = focus-window-up;
- "Mod+L".action = focus-column-right;
-
- "Mod+Shift+H".action = move-column-left;
- "Mod+Shift+J".action = move-window-down;
- "Mod+Shift+K".action = move-window-up;
- "Mod+Shift+L".action = move-column-right;
-
- "Mod+Home".action = focus-column-first;
- "Mod+End".action = focus-column-last;
-
- "Mod+Ctrl+Home".action = move-column-to-first;
- "Mod+Ctrl+End".action = move-column-to-last;
-
- "Mod+Ctrl+H".action = focus-monitor-left;
- "Mod+Ctrl+J".action = focus-monitor-down;
- "Mod+Ctrl+K".action = focus-monitor-up;
- "Mod+Ctrl+L".action = focus-monitor-right;
-
- "Mod+Shift+Ctrl+H".action = move-column-to-monitor-left;
- "Mod+Shift+Ctrl+J".action = move-column-to-monitor-down;
- "Mod+Shift+Ctrl+K".action = move-column-to-monitor-up;
- "Mod+Shift+Ctrl+L".action = move-column-to-monitor-right;
- "Mod+P" = {
- repeat = false;
- action.spawn-sh = "wl-mirror $(niri msg --json focused-output | jq -r .name)";
- };
-
- "Mod+U".action = focus-workspace-down;
- "Mod+I".action = focus-workspace-up;
-
- "Mod+Ctrl+U".action = move-column-to-workspace-down;
- "Mod+Ctrl+I".action = move-column-to-workspace-up;
-
- "Mod+Shift+U".action = move-workspace-down;
- "Mod+Shift+I".action = move-workspace-down;
-
- "Mod+WheelScrollRight".action = focus-column-right;
- "Mod+WheelScrollLeft".action = focus-column-left;
-
- "Mod+Ctrl+WheelScrollRight".action = move-column-right;
- "Mod+Ctrl+WheelScrollLeft".action = move-column-left;
-
- "Mod+Shift+WheelScrollDown".action = focus-column-right;
- "Mod+Shift+WheelScrollUp".action = focus-column-left;
-
- "Mod+Ctrl+Shift+WheelScrollDown".action = move-column-right;
- "Mod+Ctrl+Shift+WheelScrollUp".action = move-column-left;
-
- "Mod+1".action.focus-workspace = 1;
- "Mod+2".action.focus-workspace = 2;
- "Mod+3".action.focus-workspace = 3;
- "Mod+4".action.focus-workspace = 4;
- "Mod+5".action.focus-workspace = 5;
- "Mod+6".action.focus-workspace = 6;
- "Mod+7".action.focus-workspace = 7;
- "Mod+8".action.focus-workspace = 8;
- "Mod+9".action.focus-workspace = 9;
-
- "Mod+Shift+1".action.move-column-to-workspace = 1;
- "Mod+Shift+2".action.move-column-to-workspace = 2;
- "Mod+Shift+3".action.move-column-to-workspace = 3;
- "Mod+Shift+4".action.move-column-to-workspace = 4;
- "Mod+Shift+5".action.move-column-to-workspace = 5;
- "Mod+Shift+6".action.move-column-to-workspace = 6;
- "Mod+Shift+7".action.move-column-to-workspace = 7;
- "Mod+Shift+8".action.move-column-to-workspace = 8;
- "Mod+Shift+9".action.move-column-to-workspace = 9;
-
- "Mod+Comma".action = consume-window-into-column;
- "Mod+Period".action = expel-window-from-column;
- "Mod+BracketLeft".action = consume-or-expel-window-left;
- "Mod+BracketRight".action = consume-or-expel-window-right;
-
- "Mod+M".action = maximize-column;
- "Mod+F".action = fullscreen-window;
- "Mod+C".action = center-column;
-
- "Mod+R".action = switch-preset-column-width;
- "Mod+Minus".action.set-column-width = "-10%";
- "Mod+Equal".action.set-column-width = "+10%";
- "Mod+Shift+Minus".action.set-window-height = "-10%";
- "Mod+Shift+Equal".action.set-window-height = "+10%";
-
- "Mod+V".action = toggle-window-floating;
-
- "Print".action.screenshot.show-pointer = true;
- "Shift+Print".action.screenshot-screen.write-to-disk = true;
- "Ctrl+Shift+Print".action.screenshot-screen.write-to-disk = false;
- "Alt+Print".action.screenshot-window.write-to-disk = true;
- "Ctrl+Alt+Print".action.screenshot-window.write-to-disk = false;
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/nvim.nix b/home-manager/homeModules/nvim.nix
deleted file mode 100644
index be17e3a..0000000
--- a/home-manager/homeModules/nvim.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- nvim.enable = lib.mkEnableOption "enable nvim";
- };
-}
-
diff --git a/home-manager/homeModules/picom.nix b/home-manager/homeModules/picom.nix
deleted file mode 100644
index af57002..0000000
--- a/home-manager/homeModules/picom.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- picom.enable = lib.mkEnableOption "enable picom";
- };
-
- config = lib.mkIf config.picom.enable {
- services.picom = {
- enable = true;
- settings = {
- fading = true;
- fade-delta=3;
- blur-background = false;
- corner-radius = 8;
- # blur = {
- # method = "dual_kawase";
- # size = 12;
- # deviation = false;
- # strength = 2;
- # kern = "3x3box";
- # };
- backend = "glx";
- vsync = true;
- mark = {
- wmwin-focused = true;
- overdir-focused = true;
- };
- detect = {
- rounded-corners = true;
- client-opacity = true;
- transient = true;
- };
- use-ewmh-active-win = true;
- glx-no-stencil = true;
- use-damage = true;
- };
- wintypes = {
- tooltip = {
- fade = true;
- shadow = true;
- full-shadow = false;
- blur = false;
- focus = true;
- };
- dock = {
- shadow = false;
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/rofi.nix b/home-manager/homeModules/rofi.nix
deleted file mode 100644
index 48434ec..0000000
--- a/home-manager/homeModules/rofi.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{
- pkgs,
- config,
- lib,
- ...
-}: {
- options = {
- rofi.enable = lib.mkEnableOption "enable rofi";
- rofi.package = lib.mkPackageOption pkgs "rofi package" {default = ["rofi"];};
- };
-
- config = lib.mkIf config.rofi.enable {
- programs.rofi = {
- enable = true;
- package = config.rofi.package;
- theme = with config.lib.stylix.colors.withHashtag;
- builtins.toFile "theme.rasi" ''
- * {
- font: "FiraCode Nerd Font Medium 12";
-
- bg0: ${base01};
- bg1: ${base02};
- fg0: ${base04};
-
- accent-color: ${base03};
- urgent-color: #ffffff;
-
- background-color: transparent;
- text-color: @fg0;
-
- margin: 0;
- padding: 0;
- spacing: 0;
- }
-
- ${builtins.readFile ./attachments/rofi-theme.rasi}'';
- cycle = true;
- plugins = with pkgs; [
- rofi-emoji
- rofi-calc
- ];
- extraConfig = {
- kb-row-up = "Up,Ctrl+p";
- kb-row-down = "Down,Ctrl+n";
- };
- };
- };
-}
diff --git a/home-manager/homeModules/stylix.nix b/home-manager/homeModules/stylix.nix
deleted file mode 100644
index 604307d..0000000
--- a/home-manager/homeModules/stylix.nix
+++ /dev/null
@@ -1,74 +0,0 @@
-{ pkgs, config, lib, inputs, ... }:
-
-{
- imports = [
- inputs.stylix.homeModules.stylix
- ];
-
- options = {
- stylixConfig = {
- enable = lib.mkEnableOption "enable stylix";
- theme = lib.mkOption { type = lib.types.str; };
- };
- wallpaper = lib.mkOption { type = with lib.types; oneOf [str path package]; };
- };
- config = lib.mkIf config.stylixConfig.enable {
- wallpaper = with config.lib.stylix.colors.withHashtag;
- pkgs.runCommand "cat.png" {} ''
- pastel=${pkgs.pastel}/bin/pastel
- SHADOWS=$($pastel darken 0.1 '${base05}' | $pastel format hex)
- TAIL=$($pastel lighten 0.1 '${base02}' | $pastel format hex)
- HIGHLIGHTS=$($pastel lighten 0.1 '${base05}' | $pastel format hex)
-
- ${pkgs.imagemagick}/bin/convert ${./attachments/basecat.png} \
- -fill '${base00}' -opaque black \
- -fill '${base05}' -opaque white \
- -fill '${base08}' -opaque blue \
- -fill $SHADOWS -opaque gray \
- -fill '${base02}' -opaque orange \
- -fill $TAIL -opaque green \
- -fill $HIGHLIGHTS -opaque brown \
- $out'';
- stylix = {
- enable = true;
- targets = {
- rofi.enable = false;
- waybar.enable = false;
- firefox.profileNames = [ "ShyFox" ];
- };
-
- polarity = "dark";
-
- base16Scheme = "${pkgs.base16-schemes}/share/themes/${config.stylixConfig.theme}.yaml";
- image = config.wallpaper;
- cursor = {
- package = pkgs.bibata-cursors;
- name = "Bibata-Modern-Ice";
- size = 24;
- };
-
- fonts = {
- sizes.terminal = 11;
- serif = {
- package = pkgs.noto-fonts;
- name = "Noto Serif";
- };
-
- sansSerif = {
- package = pkgs.rubik;
- name = "Rubik";
- };
-
- monospace = {
- package = pkgs.nerd-fonts.fira-code;
- name = "FiraCode Nerd Font";
- };
-
- emoji = {
- package = pkgs.noto-fonts-emoji;
- name = "Noto Color Emoji";
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/sxhkd.nix b/home-manager/homeModules/sxhkd.nix
deleted file mode 100644
index ed20d89..0000000
--- a/home-manager/homeModules/sxhkd.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- sxhkd.enable = lib.mkEnableOption "enable sxhkd";
- };
-
- config = lib.mkIf config.sxhkd.enable {
- services.sxhkd = {
- enable = true;
- keybindings = {
- "{_,shift} + Print" = "xfce4-screenshooter -{r,f}";
- "{_,shift} + control + Print" = "xfce4-screenshooter -{r,f} --save /dev/stdout | xclip -i -selection clipboard -t image/png";
- "super + apostrophe" = "betterlockscreen -l"; # Lockscreen
- "super + grave" = "polybar -r"; # Restart polybar
- "super + q" = "alacritty"; # Open terminal
- "super + d" = "rofi -show-icons -show drun"; # Open app chooser
- "super + shift + d" = "CM_LAUNCHER=rofi clipmenu";
- "super + b" = "zen-beta"; # Open browser
- "super + e" = "emacsclient -c -a 'emacs'"; # Open emacs
- "super + Escape" = "pkill -USR1 -x sxhkd"; # Restart sxhkd
- "super + shift + {e,r}" = "bspc {quit,wm -r}"; # Quit/restart bspwm
- "super + {control,shift} + q" = "bspc node -{k,c}"; # Close/kill window
- "super + m" = "bspc desktop -l next"; # Maximise window
- "super + {t,shift + t,v,f}" = "bspc node -t {tiled,pseudo_tiled,floating,fullscreen}"; # Set window state
- "super + {_,shift + }{h,j,k,l}" = "bspc node -{f,s} {west,south,north,east}"; # Focus window in the given direction
- "super + {Left,Down,Up,Right}" = "bspc node -v {-20 0,0 20,0 -20,20 0}"; # Move a floating window
- "super + s : {h,j,k,l}" = ''STEP=20; SELECTION={1,2,3,4};\
- bspc node -z $(echo "left -$STEP 0,bottom 0 $STEP,top 0 -$STEP,right $STEP 0" | cut -d',' -f$SELECTION) ||\
- bspc node -z $(echo "right -$STEP 0,top 0 $STEP,bottom 0 -$STEP,left $STEP 0" | cut -d',' -f$SELECTION)''; # Better window resize
- "super + bracket{left,right}" = "bspc desktop -f {prev,next}.local"; # Focus next/previos desktop
- "super + {_,shift + }{1-9,0}" = "bspc {desktop -f,node -d} $(bspc query -D -m focused | awk 'NR=={1-9,0}')"; # Focus/send window to the given desktop on the focused monitor
- "super + o" = "bspc node -m last -f"; # Send window to the last used monitor
- "super + ctrl + {1-9}" = "bspc node -o 0.{1-9}"; # Preselect the window ratio
- "super + ctrl + space" = "bspc node -p cancel"; # Cansel the preselected ratio
- "super + n" = "fish ~/.nixfiles/home-manager/home/services/polybar/hide.fish";
- };
- };
- };
-}
diff --git a/home-manager/homeModules/tmux.nix b/home-manager/homeModules/tmux.nix
deleted file mode 100644
index 7d74479..0000000
--- a/home-manager/homeModules/tmux.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ pkgs, lib, config, ... }:
-
-{
- options = {
- tmux.enable = lib.mkEnableOption "enable tmux config";
- };
-
- config = lib.mkIf config.tmux.enable {
- stylix.targets.tmux.enable = true;
- home.packages = with pkgs; [
- fzf
- ];
- programs.tmux = {
- enable = true;
- prefix = "C-x";
- baseIndex = 1;
- historyLimit = 10000;
- extraConfig = ''
- set -g mode-keys vi
- set -g default-terminal "''${TERM}"
- set -sg terminal-overrides ",*:RGB"
-
- set -g pane-border-lines simple
-
- set -g escape-time 0
- set -g renumber-windows on
-
- set -g status-style bg=default,fg=black,bright
- set -g status-left ""
- set -g window-status-format " #W "
- set -g window-status-current-format " #W "
-
- set -g window-status-bell-style "bg=red,nobold"
- set -g window-status-current-style \
- "#{?window_zoomed_flag,bg=yellow,bg=green,nobold}"
-
- bind j next-window
- bind k previous-window
- '';
- plugins = with pkgs.tmuxPlugins; [
- tmux-fzf
- ];
- };
- };
-}
diff --git a/home-manager/homeModules/waybar.nix b/home-manager/homeModules/waybar.nix
deleted file mode 100644
index eb9cd41..0000000
--- a/home-manager/homeModules/waybar.nix
+++ /dev/null
@@ -1,129 +0,0 @@
-{
- pkgs,
- lib,
- config,
- ...
-}:
-with lib; let
- cfg = config.waybar;
-in {
- options = {
- waybar = {
- enable = mkEnableOption "enable waybar";
- windowManager = mkOption {
- description = "WM string to use with /workspaces and /language";
- default = "hyprland";
- type = types.str;
- };
- workspaceIcons = mkOption {
- default = {
- "1" = "α";
- "2" = "β";
- "3" = "γ";
- "4" = "δ";
- "5" = "ε";
- urgent = "λ";
- default = "ω";
- };
- };
- };
- };
-
- config = mkIf cfg.enable {
- programs.waybar = {
- enable = true;
- systemd.enable = true;
- style = with config.lib.stylix.colors.withHashtag;
- ''
- @define-color base00 ${base00}; @define-color base01 ${base01}; @define-color base02 ${base02}; @define-color base03 ${base03};
- @define-color base04 ${base04}; @define-color base05 ${base05}; @define-color base06 ${base06}; @define-color base07 ${base07};
-
- @define-color base08 ${base08}; @define-color base09 ${base09}; @define-color base0A ${base0A}; @define-color base0B ${base0B};
- @define-color base0C ${base0C}; @define-color base0D ${base0D}; @define-color base0E ${base0E}; @define-color base0F ${base0F};
- ''
- + builtins.readFile ./attachments/waybar-style.css;
- settings = {
- bar = {
- layer = "top";
- height = 30;
- spacing = 8;
- margin-down = 5;
- modules-left = ["${cfg.windowManager}/workspaces"];
- modules-center = ["clock"];
- modules-right = ["network" "custom/vpn" "memory" "temperature" "backlight" "pulseaudio" "${cfg.windowManager}/language" "tray" "battery"];
- "${cfg.windowManager}/workspaces" = {
- format = "{icon}";
- "format-icons" = cfg.workspaceIcons;
- };
- "${cfg.windowManager}/language" = {
- format = "{} <span font-family='Material Design Icons' rise='-1000' size='medium'>󰌌</span>";
- format-ru = "ru";
- format-en = "en";
- };
- "tray" = {
- spacing = 10;
- };
- "clock" = {
- format = "{:%H:%M 󰅐}";
- tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
- format-alt = "{:%d %h %Y 󰃮}";
- };
- "memory" = {
- format = "{}% ";
- };
- "temperature" = {
- format = "{temperatureC}°C󰔏";
- };
- "backlight" = {
- format = "{percent}% {icon}";
- format-icons = ["󰃞" "󰃟" "󰃠"];
- };
- "battery" = {
- "states" = {
- good = 95;
- warning = 30;
- critical = 15;
- };
- format = "{capacity}% {icon}";
- format-charging = "{capacity}% 󰂄";
- format-plugged = "{capacity}% ";
- format-alt = "{icon}";
- format-icons = ["󱃍" "󰁼" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"];
- };
- "network" = {
- interface = "wlp*";
- format-wifi = "{essid} ({signalStrength}%) 󰤨";
- format-ethernet = "{ipaddr}/{cidr} 󰈀";
- tooltip-format = "{ifname} via {gwaddr} 󰩟";
- format-linked = "{ifname} (No IP) 󰩟";
- format-disconnected = "󰤫";
- };
- "custom/vpn" = {
- format = "{text}";
- exec = "${./attachments/hypr-scripts/toggle-vpn.sh} waybar";
- return-type = "json";
- };
- "pulseaudio" = {
- format = "{volume}% {icon} {format_source}";
- format-bluetooth = "{volume}% <span font-family='Material Design Icons' rise='-2000' font-size='x-large'>󰥰</span> {format_source}";
- format-bluetooth-muted = "󰟎 {format_source}";
- format-muted = "󰝟 {format_source}";
- format-source = "{volume}%󰍬";
- format-source-muted = "󰍭";
-
- "format-icons" = {
- headphone = "󰋋";
- hands-free = "";
- headset = "";
- phone = "";
- portable = "";
- car = "";
- muted-icon = "󰝟";
- default = ["󰕿" "󰖀" "󰕾"];
- };
- };
- };
- };
- };
- };
-}
diff --git a/home-manager/homeModules/zen-browser.nix b/home-manager/homeModules/zen-browser.nix
deleted file mode 100644
index 5de071f..0000000
--- a/home-manager/homeModules/zen-browser.nix
+++ /dev/null
@@ -1,142 +0,0 @@
-{ pkgs, config, lib, inputs, ... }:
-
-{
- imports = [
- inputs.zen-browser.homeModules.beta
- ];
-
- options = {
- zen-browser.enable = lib.mkEnableOption "enable zen-browser";
- };
-
- config = lib.mkIf config.zen-browser.enable {
- stylix.targets.zen-browser.profileNames = [ "ZZZ" ];
- xdg.mimeApps = {
- enable = true;
- associations.added = {
- "x-scheme-handler/http" = "zen-beta.desktop";
- "x-scheme-handler/https" = "zen-beta.desktop";
- "x-scheme-handler/chrome" = "zen-beta.desktop";
- "text/html" = "zen-beta.desktop";
- "application/x-extension-htm" = "zen-beta.desktop";
- "application/x-extension-html" = "zen-beta.desktop";
- "application/x-extension-shtml" = "zen-beta.desktop";
- "application/xhtml+xml" = "zen-beta.desktop";
- "application/x-extension-xhtml" = "zen-beta.desktop";
- "application/x-extension-xht" = "zen-beta.desktop";
- };
-
- defaultApplications = {
- "x-scheme-handler/http" = "zen-beta.desktop";
- "x-scheme-handler/https" = "zen-beta.desktop";
- "x-scheme-handler/chrome" = "zen-beta.desktop";
- "text/html" = "zen-beta.desktop";
- "application/x-extension-htm" = "zen-beta.desktop";
- "application/x-extension-html" = "zen-beta.desktop";
- "application/x-extension-shtml" = "zen-beta.desktop";
- "application/xhtml+xml" = "zen-beta.desktop";
- "application/x-extension-xhtml" = "zen-beta.desktop";
- "application/x-extension-xht" = "zen-beta.desktop";
- "application/pdf" = "zen-beta.desktop";
- };
- };
-
- programs.zen-browser = {
- enable = true;
- policies = {
- AutofillAddressEnabled = false;
- AutofillCreditCardEnabled = false;
- DisableAppUpdate = true;
- DisableFeedbackCommands = true;
- DisableFirefoxStudies = true;
- DisableTelemetry = true;
- DontCheckDefaultBrowser = true;
- NoDefaultBookmarks = true;
- OfferToSaveLogins = false;
- };
-
- profiles.ZZZ = {
- isDefault = true;
- extensions = {
- packages = with pkgs.nur.repos.rycee.firefox-addons; [
- bitwarden
- ublock-origin
- sponsorblock
- return-youtube-dislikes
- firefox-color
- tampermonkey
- duckduckgo-privacy-essentials
- mal-sync
- sidebery
- ];
-
- force = true;
- };
-
- settings = {
- "svg.context-properties.content.enabled" = true;
- "browser.search.suggest.enabled" = true;
- "extensions.autoDisableScopes" = 0;
- "zen.view.grey-out-inactive-windows" = false;
- "zen.view.experimental-no-window-controls" = true;
- };
-
- search = {
- force = true;
- engines = {
- "Brave" = {
- urls = [
- { template = "https://search.brave.com/search?q={searchTerms}"; }
- {
- type = "application/x-suggestions+json";
- template = "https://search.brave.com/api/suggest?q={searchTerms}";
- }
- ];
-
- icon = "https://cdn.search.brave.com/serp/v2/_app/immutable/assets/safari-pinned-tab.539899c7.svg";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!br" ];
- };
- "NixOS Packages" = {
- urls = [{ template = "https://search.nixos.org/packages?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!ns" ];
- };
- "NixOS Options" = {
- urls = [{ template = "https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!no" ];
- };
- "HomeManager" = {
- urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=master"; }];
- icon = "https://github.com/mipmip/home-manager-option-search/blob/main/images/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!hs" ];
- };
- "NixWiki" = {
- urls = [{ template = "https://wiki.nixos.org/w/index.php?search={searchTerms}"; }];
- icon = "https://nixos.org/favicon.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!nw" ];
- };
- "Kinopoisk" = {
- urls = [{ template = "https://www.kinopoisk.ru/index.php?kp_query={searchTerms}"; }];
- icon = "https://www.kinopoisk.ru/favicon.ico";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!ks" ];
- };
- "MDN Docs" = {
- urls = [{ template = "https://developer.mozilla.org/en-US/search?q={searchTerms}"; }];
- icon = "https://developer.mozilla.org/favicon-48x48.bc390275e955dacb2e65.png";
- updateInterval = 24 * 60 * 60 * 1000;
- definedAliases = [ "!md" ];
- };
- };
- default = "Brave";
- };
- };
- };
- };
-}
diff --git a/home-manager/laptop.nix b/home-manager/laptop.nix
deleted file mode 100644
index 11c6c5b..0000000
--- a/home-manager/laptop.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{
- imports = [
- ./homeModules/niri.nix
- ./homeModules/hyprland.nix
- ./general.nix
- ];
-
- niri.enable = true;
-}
diff --git a/home-manager/pc.nix b/home-manager/pc.nix
deleted file mode 100644
index ce7323b..0000000
--- a/home-manager/pc.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ pkgs, ... }:
-
-{
- imports = [
- ./general.nix
- ./homeModules/bspwm.nix
- ];
-
- bspwm.enable = true;
- emacs.package = pkgs.emacs30;
-}
diff --git a/modules/.direnv/bin/nix-direnv-reload b/modules/.direnv/bin/nix-direnv-reload
new file mode 100755
index 0000000..a5a6d73
--- /dev/null
+++ b/modules/.direnv/bin/nix-direnv-reload
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+set -e
+if [[ ! -d "/home/jerpo/nixfiles-v2/modules" ]]; then
+ echo "Cannot find source directory; Did you move it?"
+ echo "(Looking for "/home/jerpo/nixfiles-v2/modules")"
+ echo 'Cannot force reload with this script - use "direnv reload" manually and then try again'
+ exit 1
+fi
+
+# rebuild the cache forcefully
+_nix_direnv_force_reload=1 direnv exec "/home/jerpo/nixfiles-v2/modules" true
+
+# Update the mtime for .envrc.
+# This will cause direnv to reload again - but without re-building.
+touch "/home/jerpo/nixfiles-v2/modules/.envrc"
+
+# Also update the timestamp of whatever profile_rc we have.
+# This makes sure that we know we are up to date.
+touch -r "/home/jerpo/nixfiles-v2/modules/.envrc" "/home/jerpo/nixfiles-v2/modules/.direnv"/*.rc
diff --git a/modules/deploy.nix b/modules/deploy.nix
new file mode 100644
index 0000000..14e3315
--- /dev/null
+++ b/modules/deploy.nix
@@ -0,0 +1,49 @@
+{
+ inputs,
+ self,
+ withSystem,
+ config,
+ ...
+}: {
+ perSystem = {
+ pkgs,
+ self',
+ system,
+ ...
+ }: let
+ deployPkgs = import inputs.nixpkgs {
+ inherit system;
+ overlays = [
+ inputs.deploy-rs.overlays.default
+ (self: super: {
+ deploy-rs = {
+ inherit (pkgs) deploy-rs;
+ lib = super.deploy-rs.lib;
+ };
+ })
+ ];
+ };
+ in {
+ _module.args = {
+ inherit deployPkgs;
+ };
+ };
+ flake.deploy.nodes = {
+ ltrr-block = {
+ hostname = "ltrr-block";
+ profiles.system = {
+ user = "root";
+ path = withSystem "x86_64-linux" ({deployPkgs, ...}: deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.ltrr-block);
+ };
+ sshUser = "root";
+ };
+ ltrr-cloud = {
+ hostname = "kcu.su";
+ profiles.system = {
+ user = "root";
+ path = withSystem "x86_64-linux" ({deployPkgs, ...}: deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.ltrr-cloud);
+ };
+ sshUser = "root";
+ };
+ };
+}
diff --git a/modules/flake-parts.nix b/modules/flake-parts.nix
new file mode 100644
index 0000000..2a7df32
--- /dev/null
+++ b/modules/flake-parts.nix
@@ -0,0 +1,16 @@
+{inputs, ...}: {
+ imports = [
+ inputs.home-manager.flakeModules.home-manager
+ inputs.disko.flakeModules.default
+ inputs.agenix-rekey.flakeModule
+ ];
+
+ config = {
+ systems = [
+ "aarch64-darwin"
+ "aarch64-linux"
+ "x86_64-darwin"
+ "x86_64-linux"
+ ];
+ };
+}
diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix
deleted file mode 100644
index 753ad58..0000000
--- a/modules/home-manager/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
-# These should be stuff you would like to share with others, not your personal configurations.
-{ inputs, ... }:
-{
- # List your module files here
- # my-module = import ./my-module.nix;
-}
diff --git a/modules/homeModules/alacritty.nix b/modules/homeModules/alacritty.nix
new file mode 100644
index 0000000..3fcce6c
--- /dev/null
+++ b/modules/homeModules/alacritty.nix
@@ -0,0 +1,29 @@
+{inputs, ...}: {
+ flake.homeModules.alacritty = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ alacritty.enable = lib.mkEnableOption "enable alacritty";
+ };
+
+ config = lib.mkIf config.alacritty.enable {
+ programs.alacritty = {
+ enable = true;
+ settings = {
+ cursor = {
+ style = "Beam";
+ thickness = 0.25;
+ };
+ window = {
+ padding = {
+ x = 10;
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/home-manager/homeModules/attachments/basecat.aseprite b/modules/homeModules/attachments/basecat.aseprite
index 16caffd..16caffd 100644
--- a/home-manager/homeModules/attachments/basecat.aseprite
+++ b/modules/homeModules/attachments/basecat.aseprite
Binary files differ
diff --git a/home-manager/homeModules/attachments/basecat.png b/modules/homeModules/attachments/basecat.png
index d202c64..d202c64 100644
--- a/home-manager/homeModules/attachments/basecat.png
+++ b/modules/homeModules/attachments/basecat.png
Binary files differ
diff --git a/home-manager/homeModules/attachments/cat.png b/modules/homeModules/attachments/cat.png
index 5657a78..5657a78 100644
--- a/home-manager/homeModules/attachments/cat.png
+++ b/modules/homeModules/attachments/cat.png
Binary files differ
diff --git a/home-manager/homeModules/attachments/hypr-scripts/bitwarden-float.sh b/modules/homeModules/attachments/hypr-scripts/bitwarden-float.sh
index 7edd5f2..7edd5f2 100755
--- a/home-manager/homeModules/attachments/hypr-scripts/bitwarden-float.sh
+++ b/modules/homeModules/attachments/hypr-scripts/bitwarden-float.sh
diff --git a/home-manager/homeModules/attachments/hypr-scripts/hshot.sh b/modules/homeModules/attachments/hypr-scripts/hshot.sh
index 0d02b9c..0d02b9c 100755
--- a/home-manager/homeModules/attachments/hypr-scripts/hshot.sh
+++ b/modules/homeModules/attachments/hypr-scripts/hshot.sh
diff --git a/home-manager/homeModules/attachments/hypr-scripts/switch-sink.py b/modules/homeModules/attachments/hypr-scripts/switch-sink.py
index aa7eec1..aa7eec1 100755
--- a/home-manager/homeModules/attachments/hypr-scripts/switch-sink.py
+++ b/modules/homeModules/attachments/hypr-scripts/switch-sink.py
diff --git a/home-manager/homeModules/attachments/hypr-scripts/toggle-tg.sh b/modules/homeModules/attachments/hypr-scripts/toggle-tg.sh
index 44ed52d..44ed52d 100755
--- a/home-manager/homeModules/attachments/hypr-scripts/toggle-tg.sh
+++ b/modules/homeModules/attachments/hypr-scripts/toggle-tg.sh
diff --git a/home-manager/homeModules/attachments/hypr-scripts/toggle-vpn.sh b/modules/homeModules/attachments/hypr-scripts/toggle-vpn.sh
index 8775f39..8775f39 100755
--- a/home-manager/homeModules/attachments/hypr-scripts/toggle-vpn.sh
+++ b/modules/homeModules/attachments/hypr-scripts/toggle-vpn.sh
diff --git a/home-manager/homeModules/attachments/rofi-theme.rasi b/modules/homeModules/attachments/rofi-theme.rasi
index bba4f6c..bba4f6c 100644
--- a/home-manager/homeModules/attachments/rofi-theme.rasi
+++ b/modules/homeModules/attachments/rofi-theme.rasi
diff --git a/home-manager/homeModules/attachments/waybar-style.css b/modules/homeModules/attachments/waybar-style.css
index 214c779..214c779 100644
--- a/home-manager/homeModules/attachments/waybar-style.css
+++ b/modules/homeModules/attachments/waybar-style.css
diff --git a/modules/homeModules/bspwm.nix b/modules/homeModules/bspwm.nix
new file mode 100644
index 0000000..33b077b
--- /dev/null
+++ b/modules/homeModules/bspwm.nix
@@ -0,0 +1,68 @@
+{inputs, ...}: {
+ flake.homeModules.bspwm = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ imports = [
+ ./picom.nix
+ ./dunst.nix
+ ./sxhkd.nix
+ ];
+
+ options.customs = {
+ bspwm.enable = lib.mkEnableOption "enable bspwm";
+ };
+
+ config = lib.mkIf config.customs.bspwm.enable {
+ picom.enable = true;
+ dunst.enable = true;
+ sxhkd.enable = true;
+
+ rofi = {
+ enable = true;
+ package = pkgs.rofi;
+ };
+
+ xsession.windowManager.bspwm = {
+ enable = true;
+
+ monitors = let
+ workspaces = [
+ "α"
+ "β"
+ "γ"
+ "δ"
+ "ε"
+ ];
+ in {
+ "^1" = workspaces;
+ # "^2" = workspaces;
+ };
+
+ settings = {
+ # focused_border_color = "#908caa";
+ # normal_border_color = "#363a4f";
+ # presel_feedback_color = "#752f20";
+ border_width = 3;
+ window_gap = 12;
+ focus_follows_pointer = true;
+ split_ratio = 0.5;
+ };
+
+ startupPrograms = [
+ "sxhkd"
+ "picom -b"
+ "emacs --daemon"
+ "feh --bg-fill ${config.wallpaper}"
+ ];
+ };
+ home.packages = with pkgs; [
+ feh
+ betterlockscreen
+ xfce.xfce4-screenshooter
+ ];
+ };
+ };
+}
diff --git a/modules/homeModules/dunst.nix b/modules/homeModules/dunst.nix
new file mode 100644
index 0000000..c95f1e3
--- /dev/null
+++ b/modules/homeModules/dunst.nix
@@ -0,0 +1,25 @@
+{inputs, ...}: {
+ flake.homeModules.dunst = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ dunst.enable = lib.mkEnableOption "enable dunst";
+ };
+ config = lib.mkIf config.customs.dunst.enable {
+ home.packages = [pkgs.libnotify];
+ services.dunst = {
+ enable = true;
+ settings = {
+ global = {
+ origin = "bottom-right";
+ notification_limit = 5;
+ progress_bar = true;
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/home-manager/homeModules/emacs/aliases b/modules/homeModules/emacs/aliases
index 87e9ae2..c6d56c9 100644
--- a/home-manager/homeModules/emacs/aliases
+++ b/modules/homeModules/emacs/aliases
@@ -1,4 +1,4 @@
-alias ntemplate nix flake init --template github:the-nix-way/dev-templates#$1
-alias ff find-file $1
-alias hr home-manager switch --flake /home/jerpo/nixfiles
alias nr sudo nixos-rebuild switch --flake /home/jerpo/nixfiles#ltrr-mini
+alias hr home-manager switch --flake /home/jerpo/nixfiles
+alias ff find-file $1
+alias ntemplate nix flake init --template github:the-nix-way/dev-templates#$1
diff --git a/modules/homeModules/emacs/default.nix b/modules/homeModules/emacs/default.nix
new file mode 100644
index 0000000..b57a25a
--- /dev/null
+++ b/modules/homeModules/emacs/default.nix
@@ -0,0 +1,49 @@
+{inputs, ...}: {
+ flake.homeModules.emacs = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: let
+ mkMutableSymlink = config.lib.meta.mkMutableSymlink;
+ in {
+ options.customs = {
+ emacs.enable = lib.mkEnableOption "enable emacs";
+ emacs.package = lib.mkPackageOption pkgs "emacs package" {default = ["emacs30-pgtk"];};
+ };
+ config = lib.mkIf config.emacs.enable {
+ home.sessionVariables.EDITOR = "emacsclient -a emacs";
+ home.packages = with pkgs;
+ with python311Packages; [
+ # required dependencies
+ ripgrep
+ fd
+ tree-sitter
+ emacs-all-the-icons-fonts
+ libappindicator
+ poppler-utils
+ nixd
+ alejandra
+ sqlite
+ ];
+
+ programs.emacs = {
+ enable = true;
+ package = config.emacs.package;
+ extraPackages = epkgs:
+ with epkgs; [
+ treesit-grammars.with-all-grammars
+ mu4e
+ ];
+ };
+
+ xdg.configFile = {
+ "emacs/early-init.el".source = mkMutableSymlink ./early-init.el;
+ "emacs/init.el".source = mkMutableSymlink ./init.el;
+ "emacs/elpaca.el".source = mkMutableSymlink ./elpaca.el;
+ "emacs/etc/tempel/templates.eld".source = mkMutableSymlink ./templates.eld;
+ "emacs/etc/eshell/aliases".source = mkMutableSymlink ./aliases;
+ };
+ };
+ };
+}
diff --git a/home-manager/homeModules/emacs/early-init.el b/modules/homeModules/emacs/early-init.el
index c6334f5..c6334f5 100644
--- a/home-manager/homeModules/emacs/early-init.el
+++ b/modules/homeModules/emacs/early-init.el
diff --git a/home-manager/homeModules/emacs/elpaca.el b/modules/homeModules/emacs/elpaca.el
index 4e1230f..4e1230f 100644
--- a/home-manager/homeModules/emacs/elpaca.el
+++ b/modules/homeModules/emacs/elpaca.el
diff --git a/home-manager/homeModules/emacs/init.el b/modules/homeModules/emacs/init.el
index 9a3053c..9a3053c 100644
--- a/home-manager/homeModules/emacs/init.el
+++ b/modules/homeModules/emacs/init.el
diff --git a/home-manager/homeModules/emacs/templates.eld b/modules/homeModules/emacs/templates.eld
index 138888f..138888f 100644
--- a/home-manager/homeModules/emacs/templates.eld
+++ b/modules/homeModules/emacs/templates.eld
diff --git a/modules/homeModules/exwm.nix b/modules/homeModules/exwm.nix
new file mode 100644
index 0000000..ccc7dbf
--- /dev/null
+++ b/modules/homeModules/exwm.nix
@@ -0,0 +1,71 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.homeModules.exwm = {
+ lib,
+ pkgs,
+ config,
+ ...
+ }: {
+ modules = [
+ self.homeModules.picom
+ self.homeModules.dunst
+ ];
+
+ options.customs = {
+ exwm.enable = lib.mkEnableOption " enable exwm";
+ };
+
+ config = lib.mkIf config.exwm.enable {
+ customs.picom.enable = true;
+ customs.dunst.enable = true;
+
+ programs.emacs = {
+ extraPackages = epkgs: with epkgs; [exwm];
+ extraConfig = ''
+ (setq exwm--my-scripts "${./attachments/hypr-scripts}")
+ '';
+ };
+ services = {
+ # Screenshotting.
+ flameshot.enable = true;
+
+ # Screen locking.
+ screen-locker = {
+ enable = true;
+ lockCmd = "${pkgs.i3lock-fancy}/bin/i3lock-fancy -p -t ''";
+ inactiveInterval = 20;
+ };
+ };
+ home.file.xinitrc = {
+ text = ''
+ # Disable access control for the current user.
+ xhost +SI:localuser:$USER
+
+ # Make Java applications aware this is a non-reparenting window manager.
+ export _JAVA_AWT_WM_NONREPARENTING=1
+
+ # Set default cursor.
+ xsetroot -cursor_name left_ptr
+
+ picom -b
+
+ # Finally start Emacs
+ ${pkgs.dbus.dbus-launch} --exit-with-session emacs -mm --fullscreen --internal-border=0 --border-width=0
+ '';
+ target = ".xinitrc";
+ };
+ home.packages = with pkgs; [
+ boomer
+ arandr
+ feh
+ gtk3
+ i3lock-fancy
+ xclip
+ xorg.xev
+ ];
+ };
+ };
+}
diff --git a/modules/homeModules/firefox.nix b/modules/homeModules/firefox.nix
new file mode 100644
index 0000000..d92b50d
--- /dev/null
+++ b/modules/homeModules/firefox.nix
@@ -0,0 +1,111 @@
+{inputs, ...}: {
+ flake.homeModules.firefox = {
+ pkgs,
+ config,
+ lib,
+ inputs,
+ ...
+ }: {
+ options.customs = {
+ firefox.enable = lib.mkEnableOption "enable firefox";
+ };
+ config = lib.mkIf config.firefox.enable {
+ programs.firefox = {
+ enable = true;
+ package = pkgs.firefox;
+ profiles.ShyFox = {
+ isDefault = true;
+ extensions = {
+ packages = with pkgs.nur.repos.rycee.firefox-addons; [
+ bitwarden
+ ublock-origin
+ sponsorblock
+ return-youtube-dislikes
+ firefox-color
+ tampermonkey
+ duckduckgo-privacy-essentials
+ mal-sync
+ sidebery
+ ];
+
+ force = true;
+ # settings = {
+ # "{3c078156-979c-498b-8990-85f7987dd929}".settings =
+ # builtins.fromJSON (builtins.readFile "${inputs.shimmer.outPath}/sidebery.json");
+ # };
+ };
+
+ preConfig = builtins.readFile "${inputs.betterfox.outPath}/user.js";
+ userChrome = builtins.readFile "${inputs.shimmer.outPath}/userChrome.css";
+ userContent = builtins.readFile "${inputs.shimmer.outPath}/userContent.css";
+
+ settings = {
+ "shimmer.remove-winctr-buttons" = true;
+ "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
+ "svg.context-properties.content.enabled" = true;
+ "browser.search.suggest.enabled" = true;
+ "captivedetect.canonicalURL" = "http://detectportal.firefox.com/canonical.html";
+ "network.captive-portal-service.enabled" = true;
+ "network.connectivity-service.enabled" = true;
+ "extensions.autoDisableScopes" = 0;
+ };
+ search = {
+ force = true;
+ engines = {
+ "Brave" = {
+ urls = [
+ {template = "https://search.brave.com/search?q={searchTerms}";}
+ {
+ type = "application/x-suggestions+json";
+ template = "https://search.brave.com/api/suggest?q={searchTerms}";
+ }
+ ];
+
+ icon = "https://cdn.search.brave.com/serp/v2/_app/immutable/assets/safari-pinned-tab.539899c7.svg";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!br"];
+ };
+ "NixOS Packages" = {
+ urls = [{template = "https://search.nixos.org/packages?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!ns"];
+ };
+ "NixOS Options" = {
+ urls = [{template = "https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!no"];
+ };
+ "HomeManager" = {
+ urls = [{template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=master";}];
+ icon = "https://github.com/mipmip/home-manager-option-search/blob/main/images/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!hs"];
+ };
+ "NixWiki" = {
+ urls = [{template = "https://wiki.nixos.org/w/index.php?search={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!nw"];
+ };
+ "Kinopoisk" = {
+ urls = [{template = "https://www.kinopoisk.ru/index.php?kp_query={searchTerms}";}];
+ icon = "https://www.kinopoisk.ru/favicon.ico";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!ks"];
+ };
+ "MDN Docs" = {
+ urls = [{template = "https://developer.mozilla.org/en-US/search?q={searchTerms}";}];
+ icon = "https://developer.mozilla.org/favicon-48x48.bc390275e955dacb2e65.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!md"];
+ };
+ };
+ default = "Brave";
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/fish.nix b/modules/homeModules/fish.nix
new file mode 100644
index 0000000..1876da5
--- /dev/null
+++ b/modules/homeModules/fish.nix
@@ -0,0 +1,42 @@
+{inputs, ...}: {
+ flake.homeModules.fish = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ fish.enable = lib.mkEnableOption "enable fish";
+ };
+ config = lib.mkIf config.customs.fish.enable {
+ programs.direnv = {
+ enable = true;
+ nix-direnv.enable = true;
+ };
+
+ programs.nix-index.enableFishIntegration = true;
+
+ programs.fish = {
+ enable = true;
+ plugins = [
+ {
+ name = "pure";
+ src = pkgs.fishPlugins.pure.src;
+ }
+ {
+ name = "autopair";
+ src = pkgs.fishPlugins.autopair.src;
+ }
+ ];
+ interactiveShellInit = ''
+ set fish_greeting
+ pokemon-colorscripts -r --no-title
+ '';
+
+ shellAliases = {
+ ls = "ls --hyperlink=auto --color=auto";
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/fuzzel.nix b/modules/homeModules/fuzzel.nix
new file mode 100644
index 0000000..b8af295
--- /dev/null
+++ b/modules/homeModules/fuzzel.nix
@@ -0,0 +1,33 @@
+{inputs, ...}: {
+ flake.homeModules.fuzzel = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ fuzzel.enable = lib.mkEnableOption "enable fuzzel";
+ };
+
+ config = lib.mkIf config.customs.fuzzel.enable {
+ programs.fuzzel = {
+ enable = true;
+ settings = {
+ colors = {
+ background = "1f1d2eff";
+ text = "6e6a86ff";
+ selection = "908caaff";
+ selection-text = "1f1d2eff";
+ };
+ main = {
+ lines = 9;
+ terminal = "alacritty -e";
+ vertical-pad = 0;
+ horizontal-pad = 0;
+ };
+ border.width = 0;
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/hyprland.nix b/modules/homeModules/hyprland.nix
new file mode 100644
index 0000000..e6455e3
--- /dev/null
+++ b/modules/homeModules/hyprland.nix
@@ -0,0 +1,236 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.homeModules.hyprland = {
+ pkgs,
+ lib,
+ config,
+ inputs,
+ ...
+ }: {
+ modules = [
+ self.homeModules.waybar
+ self.homeModules.rofi
+ self.homeModules.mako
+ ];
+
+ options.customs = {
+ hyprland.enable = lib.mkEnableOption "enable hyprland";
+ };
+
+ config = lib.mkIf config.customs.hyprland.enable {
+ waybar.enable = true;
+ rofi.enable = true;
+ mako.enable = true;
+
+ home.packages = with pkgs; [
+ swww
+ brightnessctl
+ grimblast
+ cliphist
+ polkit_gnome
+ wl-clipboard
+ libnotify
+ socat
+ ];
+
+ home.sessionVariables.XDG_CURRENT_DESKTOP = "Hyprland";
+
+ wayland.windowManager.hyprland = {
+ enable = true;
+ settings = {
+ "$scripts" = "${./attachments/hypr-scripts}";
+ "$mainMod" = "SUPER";
+ "$terminal" = "alacritty";
+
+ exec-once = [
+ "emacs --daemon"
+ "swww-daemon"
+ "swww img ${config.wallpaper}"
+ "$scripts/bitwarden-float.sh"
+ ];
+
+ monitor = [
+ "eDP-1,preferred,auto,1.6"
+ ",preferred,auto,1,mirror,eDP-1"
+ ];
+
+ input = {
+ kb_layout = "us,ru";
+ kb_options = "grp:win_space_toggle";
+ touchpad = {
+ natural_scroll = "yes";
+ disable_while_typing = "no";
+ };
+ sensitivity = 0.1;
+ };
+
+ general = {
+ gaps_in = 5;
+ gaps_out = 15;
+ border_size = 3;
+ layout = "dwindle";
+ allow_tearing = false;
+ };
+
+ misc = {
+ vfr = true;
+ };
+
+ decoration = {
+ rounding = 7;
+ blur = {
+ enabled = true;
+ size = 3;
+ passes = 1;
+ };
+ };
+
+ xwayland.force_zero_scaling = true;
+ env = [
+ "GDK_SCALE,2"
+ "XCURSOR_SIZE,32"
+ ];
+
+ animations = {
+ enabled = 1;
+ # bezier = "overshot,0.13,0.99,0.29,1.1,";
+ animation = [
+ "fade,1,4,default"
+ "workspaces,1,4,default,fade"
+ "windows,1,4,default,popin 95%"
+ "windowsMove,0"
+ ];
+ };
+
+ dwindle = {
+ pseudotile = "yes";
+ preserve_split = "yes";
+ };
+
+ gesture = [
+ "3, horizontal, workspace"
+ ];
+ misc.force_default_wallpaper = 1;
+
+ windowrule = [
+ "bordersize 0, floating:0, onworkspace:w[tv1]"
+ "rounding 0, floating:0, onworkspace:w[tv1]"
+ "bordersize 0, floating:0, onworkspace:f[1]"
+ "rounding 0, floating:0, onworkspace:f[1]"
+ ];
+
+ workspace = [
+ "w[tv1], gapsout:0, gapsin:0"
+ "f[1], gapsout:0, gapsin:0"
+ ];
+
+ windowrulev2 = [
+ "float, class:^(org.telegram.desktop)$"
+ "pin, class:^(org.telegram.desktop)$"
+ "size 30% 845, class:^(org.telegram.desktop)$"
+ "move 100%-w-25 73, class:^(org.telegram.desktop)$"
+ # firefox
+ "float, title:(Sharing Indicator)"
+ "noborder, title:(Sharing Indicator)"
+ "rounding 0, title:(Sharing Indicator)"
+ "float, title:(Picture-in-Picture)"
+ "pin, title:(Picture-in-Picture)"
+ "move 100%-w-21 100%-w-21, title:^(Picture-in-Picture)$"
+ "noinitialfocus, title:^(Picture-in-Picture)$"
+ "float, title:^(Save File)$"
+ "pin, title:^(Save File)$"
+ # dragon-drop
+ "pin, class:^(dragon-drop)$"
+ # torrent
+ "float, title:^(Torrent Options)$"
+ "pin, title:^(Torrent Options)$"
+ # xwaylandvideobridge
+ "opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$"
+ "noanim,class:^(xwaylandvideobridge)$"
+ "noinitialfocus,class:^(xwaylandvideobridge)$"
+ "maxsize 1 1,class:^(xwaylandvideobridge)$"
+ "noblur,class:^(xwaylandvideobridge)$"
+ ];
+
+ bind =
+ [
+ "$mainMod, V, togglefloating, "
+ "$mainMod, P, pseudo,"
+ "$mainMod, I, togglesplit,"
+ "$mainMod, F, fullscreen, 0"
+ "$mainMod, M, fullscreen, 1"
+ "$mainMod SHIFT, Q, killactive, "
+ "$mainMod SHIFT, E, exit,"
+
+ # Apps
+ "$mainMod, D, exec, pkill rofi || rofi -show-icons -show drun"
+ "$mainMod, Q, exec, $terminal"
+ "$mainMod, B, exec, zen-beta"
+ "$mainMod, T, exec, Telegram"
+ "$mainMod, E, exec, emacsclient -c -a emacs"
+ "$mainMod CONTROL, E, exec, emacs"
+ "$mainMod, T, exec, $scripts/toggle-tg.sh"
+ "$mainMod SHIFT, Esc, exec, swww img ${config.wallpaper}"
+ ",XF86Favorites, exec, bash $scripts/toggle-vpn.sh"
+
+ # Screenshooting
+ ", Print, exec, grimblast save screen"
+ "ALT, Print, exec, grimblast save active"
+ "SHIFT, Print, exec, grimblast save area"
+ "CONTROL, Print, exec, grimblast copy screen"
+ "ALT_CONTROL, Print, exec, grimblast copy active"
+ "CONTROL_SHIFT, Print, exec, grimblast copy area "
+
+ # Windows
+ "$mainMod, J, movefocus, d"
+ "$mainMod, K, movefocus, u"
+ "$mainMod, H, movefocus, l"
+ "$mainMod, L, movefocus, r"
+ "SUPER_SHIFT,J,movewindow,d"
+ "SUPER_SHIFT,K,movewindow,u"
+ "SUPER_SHIFT,H,movewindow,l"
+ "SUPER_SHIFT,L,movewindow,r"
+ "$mainMod, mouse_down, workspace, e+1"
+ "$mainMod, mouse_up, workspace, e-1"
+ ]
+ ++ (
+ # workspaces
+ # binds $mod + [shift +] {1..10} to [move to] workspace {1..10}
+ builtins.concatLists (builtins.genList (
+ x: let
+ ws = let
+ c = (x + 1) / 10;
+ in
+ builtins.toString (x + 1 - (c * 10));
+ in [
+ "$mainMod, ${ws}, workspace, ${toString (x + 1)}"
+ "$mainMod SHIFT, ${ws}, movetoworkspacesilent, ${toString (x + 1)}"
+ ]
+ )
+ 10)
+ );
+ binde = [
+ # Volume
+ ",0x1008FF11,exec,wpctl set-volume @DEFAULT_SINK@ 5%-"
+ ",0x1008FF13,exec,wpctl set-volume @DEFAULT_SINK@ 5%+"
+ ",0x1008FF12,exec,wpctl set-mute @DEFAULT_SINK@ toggle"
+ ",XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_SOURCE@ toggle"
+ ",XF86TouchpadToggle, exec, python3 $scripts/switch-sink.py"
+
+ # Brightness
+ ",XF86MonBrightnessUp,exec,brightnessctl s +5%"
+ ",XF86MonBrightnessDown,exec,brightnessctl s 5%-"
+ ];
+
+ bindm = [
+ "$mainMod, mouse:272, movewindow"
+ "$mainMod, mouse:273, resizewindow"
+ ];
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/mako.nix b/modules/homeModules/mako.nix
new file mode 100644
index 0000000..d9f9ae2
--- /dev/null
+++ b/modules/homeModules/mako.nix
@@ -0,0 +1,24 @@
+{inputs, ...}: {
+ flake.homeModules.mako = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ mako.enable = lib.mkEnableOption "enable mako";
+ };
+
+ config = lib.mkIf config.customs.mako.enable {
+ services.mako = {
+ enable = true;
+ settings = {
+ anchor = "bottom-right";
+ default-timeout = 5000;
+ border-size = 3;
+ border-radius = 7;
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/niri.nix b/modules/homeModules/niri.nix
new file mode 100644
index 0000000..4317da7
--- /dev/null
+++ b/modules/homeModules/niri.nix
@@ -0,0 +1,264 @@
+{inputs, ...}: {
+ flake.homeModules.niri = {
+ pkgs,
+ config,
+ lib,
+ inputs,
+ ...
+ }:
+ with lib; let
+ cfg = config.niri.customs;
+ in {
+ imports = [
+ ./waybar.nix
+ ./rofi.nix
+ ./mako.nix
+ inputs.niri.homeModules.niri
+ inputs.niri.homeModules.stylix
+ ];
+
+ options.customs = {
+ niri = {
+ enable = mkEnableOption "enable niri config";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ waybar = {
+ enable = true;
+ windowManager = "niri";
+ workspaceIcons = {
+ # "1" = "α";
+ # "2" = "β";
+ # "3" = "γ";
+ # "4" = "δ";
+ # "5" = "ε";
+ # urgent = "λ";
+ # default = "ω";
+ "internet" = "";
+ "discord" = "";
+ "chat" = "<b></b>";
+
+ "active" = "";
+ "default" = "";
+ };
+ };
+ rofi.enable = true;
+ mako.enable = true;
+
+ home.packages = with pkgs; [
+ pkgs.xwayland-satellite
+ swww
+ brightnessctl
+ grimblast
+ polkit_gnome
+ wl-clipboard
+ libnotify
+ wl-mirror
+ playerctl
+ ];
+
+ stylix.targets.niri.enable = true;
+ programs.niri = {
+ enable = true;
+
+ settings = {
+ input = {
+ keyboard.xkb = {
+ layout = "us,ru";
+ options = "grp:win_space_toggle,compose:ralt,ctrl:nocaps";
+ };
+ touchpad = {
+ tap = true;
+ dwt = false;
+ dwtp = true;
+ natural-scroll = true;
+ };
+ warp-mouse-to-focus.enable = true;
+ focus-follows-mouse = {
+ enable = true;
+ max-scroll-amount = "25%";
+ };
+ };
+
+ cursor = {
+ theme = "Bibata-Modern-Ice";
+ size = 24;
+ };
+
+ layout = {
+ gaps = 16;
+ center-focused-column = "never";
+ preset-column-widths = [
+ {proportion = 0.33333;}
+ {proportion = 0.5;}
+ {proportion = 0.66667;}
+ ];
+ border = {
+ enable = true;
+ };
+ focus-ring.enable = false;
+ };
+
+ animations = {
+ workspace-switch.enable = false;
+ };
+
+ # workspaces = {
+ # internet = {};
+ # code = {};
+ # };
+
+ window-rules = [
+ {
+ matches = [
+ {
+ app-id = "steam";
+ title = ''r#"^notificationtoasts_\d+_desktop$"#'';
+ }
+ ];
+ default-floating-position = {
+ x = 20;
+ y = 10;
+ relative-to = "bottom-right";
+ };
+ }
+ ];
+
+ spawn-at-startup = [
+ {argv = ["swww-daemon"];}
+ {argv = ["mako"];}
+ {argv = ["swww img ${config.wallpaper}"];}
+ ];
+
+ prefer-no-csd = true;
+
+ binds = with config.lib.niri.actions; let
+ scripts = "${./attachments/hypr-scripts}";
+ in {
+ "Mod+Q".action.spawn = "alacritty";
+ "Mod+D".action.spawn = ["sh" "-c" "pkill rofi || rofi -show-icons -show drun"];
+ "Mod+B".action.spawn = "zen-beta";
+ "Mod+E".action.spawn = ["emacsclient" "-c" "-a" "emacs"];
+ "Mod+T".action.spawn = "Telegram";
+
+ "XF86AudioRaiseVolume".action.spawn = ["wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.05+"];
+ "XF86AudioLowerVolume".action.spawn = ["wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.05-"];
+ "XF86AudioMute".action.spawn = ["wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"];
+ "XF86AudioMicMute".action.spawn = ["wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"];
+
+ "XF86MonBrightnessUp".action.spawn = ["brightnessctl" "s" "+5%"];
+ "XF86MonBrightnessDown".action.spawn = ["brightnessctl" "s" "5%-"];
+
+ "XF86Favorites".action.spawn = "${scripts}/toggle-vpn.sh";
+ "XF86TouchpadToggle".action.spawn = "${scripts}/switch-sink.py";
+
+ "XF86AudioPlay".action.spawn = ["playerctl" "play-pause"];
+
+ "Mod+Shift+Slash".action = show-hotkey-overlay;
+
+ "Mod+Alt+L".action.spawn = "swaylock";
+ "Mod+Shift+E".action = quit;
+ "Mod+Shift+P".action = power-off-monitors;
+ "Mod+Shift+Q".action = close-window;
+
+ "Mod+H".action = focus-column-left;
+ "Mod+J".action = focus-window-down;
+ "Mod+K".action = focus-window-up;
+ "Mod+L".action = focus-column-right;
+
+ "Mod+Shift+H".action = move-column-left;
+ "Mod+Shift+J".action = move-window-down;
+ "Mod+Shift+K".action = move-window-up;
+ "Mod+Shift+L".action = move-column-right;
+
+ "Mod+Home".action = focus-column-first;
+ "Mod+End".action = focus-column-last;
+
+ "Mod+Ctrl+Home".action = move-column-to-first;
+ "Mod+Ctrl+End".action = move-column-to-last;
+
+ "Mod+Ctrl+H".action = focus-monitor-left;
+ "Mod+Ctrl+J".action = focus-monitor-down;
+ "Mod+Ctrl+K".action = focus-monitor-up;
+ "Mod+Ctrl+L".action = focus-monitor-right;
+
+ "Mod+Shift+Ctrl+H".action = move-column-to-monitor-left;
+ "Mod+Shift+Ctrl+J".action = move-column-to-monitor-down;
+ "Mod+Shift+Ctrl+K".action = move-column-to-monitor-up;
+ "Mod+Shift+Ctrl+L".action = move-column-to-monitor-right;
+ "Mod+P" = {
+ repeat = false;
+ action.spawn-sh = "wl-mirror $(niri msg --json focused-output | jq -r .name)";
+ };
+
+ "Mod+U".action = focus-workspace-down;
+ "Mod+I".action = focus-workspace-up;
+
+ "Mod+Ctrl+U".action = move-column-to-workspace-down;
+ "Mod+Ctrl+I".action = move-column-to-workspace-up;
+
+ "Mod+Shift+U".action = move-workspace-down;
+ "Mod+Shift+I".action = move-workspace-down;
+
+ "Mod+WheelScrollRight".action = focus-column-right;
+ "Mod+WheelScrollLeft".action = focus-column-left;
+
+ "Mod+Ctrl+WheelScrollRight".action = move-column-right;
+ "Mod+Ctrl+WheelScrollLeft".action = move-column-left;
+
+ "Mod+Shift+WheelScrollDown".action = focus-column-right;
+ "Mod+Shift+WheelScrollUp".action = focus-column-left;
+
+ "Mod+Ctrl+Shift+WheelScrollDown".action = move-column-right;
+ "Mod+Ctrl+Shift+WheelScrollUp".action = move-column-left;
+
+ "Mod+1".action.focus-workspace = 1;
+ "Mod+2".action.focus-workspace = 2;
+ "Mod+3".action.focus-workspace = 3;
+ "Mod+4".action.focus-workspace = 4;
+ "Mod+5".action.focus-workspace = 5;
+ "Mod+6".action.focus-workspace = 6;
+ "Mod+7".action.focus-workspace = 7;
+ "Mod+8".action.focus-workspace = 8;
+ "Mod+9".action.focus-workspace = 9;
+
+ "Mod+Shift+1".action.move-column-to-workspace = 1;
+ "Mod+Shift+2".action.move-column-to-workspace = 2;
+ "Mod+Shift+3".action.move-column-to-workspace = 3;
+ "Mod+Shift+4".action.move-column-to-workspace = 4;
+ "Mod+Shift+5".action.move-column-to-workspace = 5;
+ "Mod+Shift+6".action.move-column-to-workspace = 6;
+ "Mod+Shift+7".action.move-column-to-workspace = 7;
+ "Mod+Shift+8".action.move-column-to-workspace = 8;
+ "Mod+Shift+9".action.move-column-to-workspace = 9;
+
+ "Mod+Comma".action = consume-window-into-column;
+ "Mod+Period".action = expel-window-from-column;
+ "Mod+BracketLeft".action = consume-or-expel-window-left;
+ "Mod+BracketRight".action = consume-or-expel-window-right;
+
+ "Mod+M".action = maximize-column;
+ "Mod+F".action = fullscreen-window;
+ "Mod+C".action = center-column;
+
+ "Mod+R".action = switch-preset-column-width;
+ "Mod+Minus".action.set-column-width = "-10%";
+ "Mod+Equal".action.set-column-width = "+10%";
+ "Mod+Shift+Minus".action.set-window-height = "-10%";
+ "Mod+Shift+Equal".action.set-window-height = "+10%";
+
+ "Mod+V".action = toggle-window-floating;
+ "Mod+Ctrl+V".action = switch-focus-between-floating-and-tiling;
+
+ "Print".action.screenshot.show-pointer = true;
+ "Shift+Print".action.screenshot-screen.write-to-disk = true;
+ "Ctrl+Shift+Print".action.screenshot-screen.write-to-disk = false;
+ "Alt+Print".action.screenshot-window.write-to-disk = true;
+ "Ctrl+Alt+Print".action.screenshot-window.write-to-disk = false;
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/nvim.nix b/modules/homeModules/nvim.nix
new file mode 100644
index 0000000..cd93f2d
--- /dev/null
+++ b/modules/homeModules/nvim.nix
@@ -0,0 +1,12 @@
+{inputs, ...}: {
+ flake.homeModules.nvim = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ nvim.enable = lib.mkEnableOption "enable nvim";
+ };
+ };
+}
diff --git a/modules/homeModules/picom.nix b/modules/homeModules/picom.nix
new file mode 100644
index 0000000..a7835eb
--- /dev/null
+++ b/modules/homeModules/picom.nix
@@ -0,0 +1,57 @@
+{inputs, ...}: {
+ flake.homeModules.picom = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ picom.enable = lib.mkEnableOption "enable picom";
+ };
+
+ config = lib.mkIf config.customs.picom.enable {
+ services.picom = {
+ enable = true;
+ settings = {
+ fading = true;
+ fade-delta = 3;
+ blur-background = false;
+ corner-radius = 8;
+ # blur = {
+ # method = "dual_kawase";
+ # size = 12;
+ # deviation = false;
+ # strength = 2;
+ # kern = "3x3box";
+ # };
+ backend = "glx";
+ vsync = true;
+ mark = {
+ wmwin-focused = true;
+ overdir-focused = true;
+ };
+ detect = {
+ rounded-corners = true;
+ client-opacity = true;
+ transient = true;
+ };
+ use-ewmh-active-win = true;
+ glx-no-stencil = true;
+ use-damage = true;
+ };
+ wintypes = {
+ tooltip = {
+ fade = true;
+ shadow = true;
+ full-shadow = false;
+ blur = false;
+ focus = true;
+ };
+ dock = {
+ shadow = false;
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/rofi.nix b/modules/homeModules/rofi.nix
new file mode 100644
index 0000000..735dc77
--- /dev/null
+++ b/modules/homeModules/rofi.nix
@@ -0,0 +1,50 @@
+{inputs, ...}: {
+ flake.homeModules.rofi = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ rofi.enable = lib.mkEnableOption "enable rofi";
+ rofi.package = lib.mkPackageOption pkgs "rofi package" {default = ["rofi"];};
+ };
+
+ config = lib.mkIf config.customs.rofi.enable {
+ programs.rofi = {
+ enable = true;
+ package = config.customs.rofi.package;
+ theme = with config.lib.stylix.colors.withHashtag;
+ builtins.toFile "theme.rasi" ''
+ * {
+ font: "FiraCode Nerd Font Medium 12";
+
+ bg0: ${base01};
+ bg1: ${base02};
+ fg0: ${base04};
+
+ accent-color: ${base03};
+ urgent-color: #ffffff;
+
+ background-color: transparent;
+ text-color: @fg0;
+
+ margin: 0;
+ padding: 0;
+ spacing: 0;
+ }
+
+ ${builtins.readFile ./attachments/rofi-theme.rasi}'';
+ cycle = true;
+ plugins = with pkgs; [
+ rofi-emoji
+ rofi-calc
+ ];
+ extraConfig = {
+ kb-row-up = "Up,Ctrl+p";
+ kb-row-down = "Down,Ctrl+n";
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/stylix.nix b/modules/homeModules/stylix.nix
new file mode 100644
index 0000000..1a28fe9
--- /dev/null
+++ b/modules/homeModules/stylix.nix
@@ -0,0 +1,80 @@
+{inputs, ...}: {
+ flake.homeModules.stylixConfig = {
+ pkgs,
+ config,
+ lib,
+ inputs,
+ ...
+ }: {
+ imports = [
+ inputs.stylix.homeModules.stylix
+ ];
+
+ options.customs = {
+ stylixConfig = {
+ enable = lib.mkEnableOption "enable stylix";
+ theme = lib.mkOption {type = lib.types.str;};
+ };
+ wallpaper = lib.mkOption {type = with lib.types; oneOf [str path package];};
+ };
+ config = lib.mkIf config.customs.stylixConfig.enable {
+ wallpaper = with config.lib.stylix.colors.withHashtag;
+ pkgs.runCommand "cat.png" {} ''
+ pastel=${pkgs.pastel}/bin/pastel
+ SHADOWS=$($pastel darken 0.1 '${base05}' | $pastel format hex)
+ TAIL=$($pastel lighten 0.1 '${base02}' | $pastel format hex)
+ HIGHLIGHTS=$($pastel lighten 0.1 '${base05}' | $pastel format hex)
+
+ ${pkgs.imagemagick}/bin/convert ${./attachments/basecat.png} \
+ -fill '${base00}' -opaque black \
+ -fill '${base05}' -opaque white \
+ -fill '${base08}' -opaque blue \
+ -fill $SHADOWS -opaque gray \
+ -fill '${base02}' -opaque orange \
+ -fill $TAIL -opaque green \
+ -fill $HIGHLIGHTS -opaque brown \
+ $out'';
+ stylix = {
+ enable = true;
+ targets = {
+ rofi.enable = false;
+ waybar.enable = false;
+ firefox.profileNames = ["ShyFox"];
+ };
+
+ polarity = "dark";
+
+ base16Scheme = "${pkgs.base16-schemes}/share/themes/${config.customs.stylixConfig.theme}.yaml";
+ image = config.wallpaper;
+ cursor = {
+ package = pkgs.bibata-cursors;
+ name = "Bibata-Modern-Ice";
+ size = 24;
+ };
+
+ fonts = {
+ sizes.terminal = 11;
+ serif = {
+ package = pkgs.noto-fonts;
+ name = "Noto Serif";
+ };
+
+ sansSerif = {
+ package = pkgs.rubik;
+ name = "Rubik";
+ };
+
+ monospace = {
+ package = pkgs.nerd-fonts.fira-code;
+ name = "FiraCode Nerd Font";
+ };
+
+ emoji = {
+ package = pkgs.noto-fonts-color-emoji;
+ name = "Noto Color Emoji";
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/sxhkd.nix b/modules/homeModules/sxhkd.nix
new file mode 100644
index 0000000..2172599
--- /dev/null
+++ b/modules/homeModules/sxhkd.nix
@@ -0,0 +1,45 @@
+{inputs, ...}: {
+ flake.homeModules.sxhkd = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }: {
+ options.customs = {
+ sxhkd.enable = lib.mkEnableOption "enable sxhkd";
+ };
+
+ config = lib.mkIf config.customs.sxhkd.enable {
+ services.sxhkd = {
+ enable = true;
+ keybindings = {
+ "{_,shift} + Print" = "xfce4-screenshooter -{r,f}";
+ "{_,shift} + control + Print" = "xfce4-screenshooter -{r,f} --save /dev/stdout | xclip -i -selection clipboard -t image/png";
+ "super + apostrophe" = "betterlockscreen -l"; # Lockscreen
+ "super + grave" = "polybar -r"; # Restart polybar
+ "super + q" = "alacritty"; # Open terminal
+ "super + d" = "rofi -show-icons -show drun"; # Open app chooser
+ "super + shift + d" = "CM_LAUNCHER=rofi clipmenu";
+ "super + b" = "zen-beta"; # Open browser
+ "super + e" = "emacsclient -c -a 'emacs'"; # Open emacs
+ "super + Escape" = "pkill -USR1 -x sxhkd"; # Restart sxhkd
+ "super + shift + {e,r}" = "bspc {quit,wm -r}"; # Quit/restart bspwm
+ "super + {control,shift} + q" = "bspc node -{k,c}"; # Close/kill window
+ "super + m" = "bspc desktop -l next"; # Maximise window
+ "super + {t,shift + t,v,f}" = "bspc node -t {tiled,pseudo_tiled,floating,fullscreen}"; # Set window state
+ "super + {_,shift + }{h,j,k,l}" = "bspc node -{f,s} {west,south,north,east}"; # Focus window in the given direction
+ "super + {Left,Down,Up,Right}" = "bspc node -v {-20 0,0 20,0 -20,20 0}"; # Move a floating window
+ "super + s : {h,j,k,l}" = '' STEP=20; SELECTION={1,2,3,4};\
+ bspc node -z $(echo "left -$STEP 0,bottom 0 $STEP,top 0 -$STEP,right $STEP 0" | cut -d',' -f$SELECTION) ||\
+ bspc node -z $(echo "right -$STEP 0,top 0 $STEP,bottom 0 -$STEP,left $STEP 0" | cut -d',' -f$SELECTION)''; # Better window resize
+ "super + bracket{left,right}" = "bspc desktop -f {prev,next}.local"; # Focus next/previos desktop
+ "super + {_,shift + }{1-9,0}" = "bspc {desktop -f,node -d} $(bspc query -D -m focused | awk 'NR=={1-9,0}')"; # Focus/send window to the given desktop on the focused monitor
+ "super + o" = "bspc node -m last -f"; # Send window to the last used monitor
+ "super + ctrl + {1-9}" = "bspc node -o 0.{1-9}"; # Preselect the window ratio
+ "super + ctrl + space" = "bspc node -p cancel"; # Cansel the preselected ratio
+ "super + n" = "fish ~/.nixfiles/home-manager/home/services/polybar/hide.fish";
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/tmux.nix b/modules/homeModules/tmux.nix
new file mode 100644
index 0000000..97f85dc
--- /dev/null
+++ b/modules/homeModules/tmux.nix
@@ -0,0 +1,50 @@
+{inputs, ...}: {
+ flake.homeModules.tmux = {
+ pkgs,
+ lib,
+ config,
+ ...
+ }: {
+ options.customs = {
+ tmux.enable = lib.mkEnableOption "enable tmux config";
+ };
+
+ config = lib.mkIf config.customs.tmux.enable {
+ stylix.targets.tmux.enable = true;
+ home.packages = with pkgs; [
+ fzf
+ ];
+ programs.tmux = {
+ enable = true;
+ prefix = "C-x";
+ baseIndex = 1;
+ historyLimit = 10000;
+ extraConfig = ''
+ set -g mode-keys vi
+ set -g default-terminal "''${TERM}"
+ set -sg terminal-overrides ",*:RGB"
+
+ set -g pane-border-lines simple
+
+ set -g escape-time 0
+ set -g renumber-windows on
+
+ set -g status-style bg=default,fg=black,bright
+ set -g status-left ""
+ set -g window-status-format " #W "
+ set -g window-status-current-format " #W "
+
+ set -g window-status-bell-style "bg=red,nobold"
+ set -g window-status-current-style \
+ "#{?window_zoomed_flag,bg=yellow,bg=green,nobold}"
+
+ bind j next-window
+ bind k previous-window
+ '';
+ plugins = with pkgs.tmuxPlugins; [
+ tmux-fzf
+ ];
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/waybar.nix b/modules/homeModules/waybar.nix
new file mode 100644
index 0000000..b1f6dce
--- /dev/null
+++ b/modules/homeModules/waybar.nix
@@ -0,0 +1,131 @@
+{inputs, ...}: {
+ flake.homeModules.waybar = {
+ pkgs,
+ lib,
+ config,
+ ...
+ }:
+ with lib; let
+ cfg = config.customs.waybar;
+ in {
+ options.customs = {
+ waybar = {
+ enable = mkEnableOption "enable waybar";
+ windowManager = mkOption {
+ description = "WM string to use with /workspaces and /language";
+ default = "hyprland";
+ type = types.str;
+ };
+ workspaceIcons = mkOption {
+ default = {
+ "1" = "α";
+ "2" = "β";
+ "3" = "γ";
+ "4" = "δ";
+ "5" = "ε";
+ urgent = "λ";
+ default = "ω";
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ programs.waybar = {
+ enable = true;
+ systemd.enable = true;
+ style = with config.lib.stylix.colors.withHashtag;
+ ''
+ @define-color base00 ${base00}; @define-color base01 ${base01}; @define-color base02 ${base02}; @define-color base03 ${base03};
+ @define-color base04 ${base04}; @define-color base05 ${base05}; @define-color base06 ${base06}; @define-color base07 ${base07};
+
+ @define-color base08 ${base08}; @define-color base09 ${base09}; @define-color base0A ${base0A}; @define-color base0B ${base0B};
+ @define-color base0C ${base0C}; @define-color base0D ${base0D}; @define-color base0E ${base0E}; @define-color base0F ${base0F};
+ ''
+ + builtins.readFile ./attachments/waybar-style.css;
+ settings = {
+ bar = {
+ layer = "top";
+ height = 30;
+ spacing = 8;
+ margin-down = 5;
+ modules-left = ["${cfg.windowManager}/workspaces"];
+ modules-center = ["clock"];
+ modules-right = ["network" "custom/vpn" "memory" "temperature" "backlight" "pulseaudio" "${cfg.windowManager}/language" "tray" "battery"];
+ "${cfg.windowManager}/workspaces" = {
+ format = "{icon}";
+ "format-icons" = cfg.workspaceIcons;
+ };
+ "${cfg.windowManager}/language" = {
+ format = "{} <span font-family='Material Design Icons' rise='-1000' size='medium'>󰌌</span>";
+ format-ru = "ru";
+ format-en = "en";
+ };
+ "tray" = {
+ spacing = 10;
+ };
+ "clock" = {
+ format = "{:%H:%M 󰅐}";
+ tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
+ format-alt = "{:%d %h %Y 󰃮}";
+ };
+ "memory" = {
+ format = "{}% ";
+ };
+ "temperature" = {
+ format = "{temperatureC}°C󰔏";
+ };
+ "backlight" = {
+ format = "{percent}% {icon}";
+ format-icons = ["󰃞" "󰃟" "󰃠"];
+ };
+ "battery" = {
+ "states" = {
+ good = 95;
+ warning = 30;
+ critical = 15;
+ };
+ format = "{capacity}% {icon}";
+ format-charging = "{capacity}% 󰂄";
+ format-plugged = "{capacity}% ";
+ format-alt = "{icon}";
+ format-icons = ["󱃍" "󰁼" "󰁼" "󰁽" "󰁾" "󰁿" "󰂀" "󰂁" "󰂂" "󰁹"];
+ };
+ "network" = {
+ interface = "wlp*";
+ format-wifi = "{essid} ({signalStrength}%) 󰤨";
+ format-ethernet = "{ipaddr}/{cidr} 󰈀";
+ tooltip-format = "{ifname} via {gwaddr} 󰩟";
+ format-linked = "{ifname} (No IP) 󰩟";
+ format-disconnected = "󰤫";
+ };
+ "custom/vpn" = {
+ format = "{text}";
+ exec = "${./attachments/hypr-scripts/toggle-vpn.sh} waybar";
+ return-type = "json";
+ };
+ "pulseaudio" = {
+ format = "{volume}% {icon} {format_source}";
+ format-bluetooth = "{volume}% <span font-family='Material Design Icons' rise='-2000' font-size='x-large'>󰥰</span> {format_source}";
+ format-bluetooth-muted = "󰟎 {format_source}";
+ format-muted = "󰝟 {format_source}";
+ format-source = "{volume}%󰍬";
+ format-source-muted = "󰍭";
+
+ "format-icons" = {
+ headphone = "󰋋";
+ hands-free = "";
+ headset = "";
+ phone = "";
+ portable = "";
+ car = "";
+ muted-icon = "󰝟";
+ default = ["󰕿" "󰖀" "󰕾"];
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/homeModules/zen-browser.nix b/modules/homeModules/zen-browser.nix
new file mode 100644
index 0000000..ae073ab
--- /dev/null
+++ b/modules/homeModules/zen-browser.nix
@@ -0,0 +1,151 @@
+{inputs, ...}: {
+ flake.homeModules.zen-browser = {
+ pkgs,
+ config,
+ lib,
+ inputs,
+ ...
+ }: {
+ imports = [
+ inputs.zen-browser.homeModules.beta
+ ];
+
+ options.customs = {
+ zen-browser.enable = lib.mkEnableOption "enable zen-browser";
+ };
+
+ config = lib.mkIf config.customs.zen-browser.enable {
+ stylix.targets.zen-browser.profileNames = ["ZZZ"];
+ xdg.mimeApps = {
+ enable = true;
+ associations.added = {
+ "x-scheme-handler/http" = "zen-beta.desktop";
+ "x-scheme-handler/https" = "zen-beta.desktop";
+ "x-scheme-handler/chrome" = "zen-beta.desktop";
+ "text/html" = "zen-beta.desktop";
+ "application/x-extension-htm" = "zen-beta.desktop";
+ "application/x-extension-html" = "zen-beta.desktop";
+ "application/x-extension-shtml" = "zen-beta.desktop";
+ "application/xhtml+xml" = "zen-beta.desktop";
+ "application/x-extension-xhtml" = "zen-beta.desktop";
+ "application/x-extension-xht" = "zen-beta.desktop";
+ };
+
+ defaultApplications = {
+ "x-scheme-handler/http" = "zen-beta.desktop";
+ "x-scheme-handler/https" = "zen-beta.desktop";
+ "x-scheme-handler/chrome" = "zen-beta.desktop";
+ "text/html" = "zen-beta.desktop";
+ "application/x-extension-htm" = "zen-beta.desktop";
+ "application/x-extension-html" = "zen-beta.desktop";
+ "application/x-extension-shtml" = "zen-beta.desktop";
+ "application/xhtml+xml" = "zen-beta.desktop";
+ "application/x-extension-xhtml" = "zen-beta.desktop";
+ "application/x-extension-xht" = "zen-beta.desktop";
+ "application/pdf" = "zen-beta.desktop";
+ };
+ };
+
+ programs.zen-browser = {
+ enable = true;
+ policies = {
+ AutofillAddressEnabled = false;
+ AutofillCreditCardEnabled = false;
+ DisableAppUpdate = true;
+ DisableFeedbackCommands = true;
+ DisableFirefoxStudies = true;
+ DisableTelemetry = true;
+ DontCheckDefaultBrowser = true;
+ NoDefaultBookmarks = true;
+ OfferToSaveLogins = false;
+ Certificates = {
+ ImportEnterpriseRoots = true;
+ };
+ };
+
+ profiles.ZZZ = {
+ isDefault = true;
+ extensions = {
+ packages = with pkgs.nur.repos.rycee.firefox-addons; [
+ bitwarden
+ ublock-origin
+ sponsorblock
+ return-youtube-dislikes
+ firefox-color
+ tampermonkey
+ duckduckgo-privacy-essentials
+ mal-sync
+ sidebery
+ ];
+
+ force = true;
+ };
+
+ settings = {
+ "svg.context-properties.content.enabled" = true;
+ "browser.search.suggest.enabled" = true;
+ "extensions.autoDisableScopes" = 0;
+ "zen.view.grey-out-inactive-windows" = false;
+ "zen.view.experimental-no-window-controls" = true;
+ };
+
+ search = {
+ force = true;
+ engines = {
+ "Brave" = {
+ urls = [
+ {template = "https://search.brave.com/search?q={searchTerms}";}
+ {
+ type = "application/x-suggestions+json";
+ template = "https://search.brave.com/api/suggest?q={searchTerms}";
+ }
+ ];
+
+ icon = "https://cdn.search.brave.com/serp/v2/_app/immutable/assets/safari-pinned-tab.539899c7.svg";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!br"];
+ };
+ "NixOS Packages" = {
+ urls = [{template = "https://search.nixos.org/packages?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!ns"];
+ };
+ "NixOS Options" = {
+ urls = [{template = "https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!no"];
+ };
+ "HomeManager" = {
+ urls = [{template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=master";}];
+ icon = "https://github.com/mipmip/home-manager-option-search/blob/main/images/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!hs"];
+ };
+ "NixWiki" = {
+ urls = [{template = "https://wiki.nixos.org/w/index.php?search={searchTerms}";}];
+ icon = "https://nixos.org/favicon.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!nw"];
+ };
+ "Kinopoisk" = {
+ urls = [{template = "https://www.kinopoisk.ru/index.php?kp_query={searchTerms}";}];
+ icon = "https://www.kinopoisk.ru/favicon.ico";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!ks"];
+ };
+ "MDN Docs" = {
+ urls = [{template = "https://developer.mozilla.org/en-US/search?q={searchTerms}";}];
+ icon = "https://developer.mozilla.org/favicon-48x48.bc390275e955dacb2e65.png";
+ updateInterval = 24 * 60 * 60 * 1000;
+ definedAliases = ["!md"];
+ };
+ };
+ default = "Brave";
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/hosts/ltrr-block/age.nix b/modules/hosts/ltrr-block/age.nix
new file mode 100644
index 0000000..e22263b
--- /dev/null
+++ b/modules/hosts/ltrr-block/age.nix
@@ -0,0 +1,10 @@
+{inputs, ...}: {
+ flake.nixosModules.ltrr-block = {
+ age.rekey = {
+ hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINe2bfzslwh9DwNXopmaiRKVNQMIQNuMlP/jJCDrwSbc";
+ masterIdentities = ["/home/jerpo/.config/age/keys.txt"];
+ storageMode = "local";
+ localStorageDir = ./. + "/secrets/rekeyed";
+ };
+ };
+}
diff --git a/modules/hosts/ltrr-block/configuration.nix b/modules/hosts/ltrr-block/configuration.nix
new file mode 100644
index 0000000..5ee4711
--- /dev/null
+++ b/modules/hosts/ltrr-block/configuration.nix
@@ -0,0 +1,467 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.nixosConfigurations.ltrr-block = inputs.nixpkgs-stable.lib.nixosSystem {
+ modules = [
+ self.nixosModules.ltrr-block
+ ];
+ };
+
+ flake.nixosModules.ltrr-block = {
+ modulesPath,
+ pkgs,
+ config,
+ ...
+ }: let
+ domain = "kcu.su";
+ in {
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ (modulesPath + "/profiles/qemu-guest.nix")
+
+ self.nixosModules.nginxProxy
+ self.nixosModules.directories
+ self.nixosModules.booklore
+ self.nixosModules.watcharr
+
+ inputs.disko.nixosModules.disko
+ self.diskoConfigurations.ltrr-block
+
+ inputs.agenix.nixosModules.default
+ inputs.agenix-rekey.nixosModules.default
+ ];
+
+ nixpkgs = {
+ config.allowUnfree = true;
+ overlays = [
+ self.overlays.unstable-packages
+ ];
+ };
+
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+
+ services.openssh = {
+ enable = true;
+ settings.PasswordAuthentication = false;
+ };
+
+ environment.systemPackages = with pkgs; [
+ curl
+ gitMinimal
+ ];
+
+ users.users = {
+ root = {
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
+ ];
+ };
+ };
+
+ users.users.mc = {
+ isNormalUser = true;
+ packages = with pkgs; [
+ steamcmd
+ tmux
+ steam-run
+ ];
+ };
+
+ users.users.files = {
+ isNormalUser = true;
+ group = "files";
+ uid = 1000;
+ linger = true;
+ extraGroups = [
+ "music"
+ "images"
+ ];
+ };
+
+ users.groups.music = {
+ gid = 991;
+ };
+
+ createPaths."/srv/files" = {
+ owner = "files";
+ permissions = "0770";
+ group = "files";
+ subPaths = {
+ "music".group = "music";
+ "images".group = "images";
+ };
+ };
+
+ networking.hostName = "ltrr-block";
+ networking.firewall = {
+ allowedTCPPorts = [80 5030 2049 25565];
+ allowedUDPPorts = [51820 16261 16262];
+ };
+
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "notspl3g+acme@duck.com";
+ };
+
+ nginxProxy = {
+ enable = true;
+ domain = domain;
+
+ recommendedProxySettings = false;
+ subdomains = {
+ "slskd" = {
+ proxyPass = "http://127.0.0.1:${toString config.services.slskd.settings.web.port}";
+ proxyWebsockets = true;
+ };
+ "immich" = {
+ proxyPass = "http://localhost:${toString config.services.immich.port}";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ extraConfig = ''
+ client_max_body_size 50000M;
+ proxy_read_timeout 600s;
+ proxy_send_timeout 600s;
+ send_timeout 600s;
+ '';
+ };
+
+ "music".proxyPass = "http://127.0.0.1:5692";
+ "navidrome".proxyPass = "http://127.0.0.1:4533";
+ "files".proxyPass = "http://127.0.0.1:${toString config.services.filebrowser.settings.port}";
+ "track".proxyPass = "http://127.0.0.1:7093";
+ "tube".proxyPass = "http://127.0.0.1:5410";
+ "torrents".proxyPass = "http://127.0.0.1:7317";
+ "jellyfin".proxyPass = "http://127.0.0.1:8096";
+ "lidarr" = {
+ proxyPass = "http://127.0.0.1:8686";
+ proxyWebsockets = true;
+ };
+
+ "prowlarr".proxyPass = "http://127.0.0.1:9696";
+ "shelfmark".proxyPass = "http://127.0.0.1:8084";
+ };
+ };
+
+ age.secrets.wg-priv-key = {
+ rekeyFile = ./secrets/wg-priv.key.age;
+ };
+
+ networking.wg-quick = {
+ interfaces.wg0 = {
+ address = ["10.1.1.2/32"];
+ listenPort = 51820;
+
+ privateKeyFile = config.age.secrets.wg-priv-key.path;
+
+ peers = [
+ {
+ endpoint = "${domain}:51820";
+ publicKey = "1RwEOL8br97Mujhz3fkfYKcxUFNHYAmt5JbWTbR3ihE=";
+ allowedIPs = ["10.1.1.1/32"];
+ persistentKeepalive = 25;
+ }
+ ];
+ };
+ };
+
+ services.tailscale.enable = true;
+
+ users.users.filebrowser.extraGroups = ["music" "images"];
+ systemd.services.filebrowser.serviceConfig.SupplementaryGroups = ["music" "images"];
+ services.filebrowser = {
+ enable = true;
+ group = "files";
+ settings = {
+ root = "/srv/files";
+ port = 9337;
+ };
+ };
+
+ systemd.tmpfiles.rules = [
+ "d /srv/files/slskd 0770 slskd music"
+ "d /opt/traggo/data"
+ "d /var/lib/traggo"
+ ];
+ users.users.slskd.extraGroups = ["files"];
+ age.secrets.slskd-env = {
+ rekeyFile = ./secrets/slskd.env.age;
+ };
+ systemd.services.slskd.serviceConfig.UMask = 0002;
+ services.slskd = {
+ enable = true;
+ environmentFile = config.age.secrets.slskd-env.path;
+ group = "music";
+ settings = {
+ shares = {
+ directories = ["/srv/files/music"];
+ filters = ["explo"];
+ };
+ directories.downloads = "/srv/files/slskd";
+ permissions.file.mode = 770;
+ web.authentication.api_keys = {
+ arr = {
+ key = "mahChufaeweipemeeheexaoDahchohZi";
+ cidr = "127.0.0.1/32";
+ };
+ };
+ };
+ openFirewall = true;
+ domain = null;
+ };
+
+ users.users.jellyfin.extraGroups = ["files"];
+ services.jellyfin = {
+ enable = true;
+ };
+
+ createPaths."/srv/files/torrents" = {
+ owner = "files";
+ group = "files";
+ permissions = "0770";
+ subPaths = {
+ "incomplete" = {};
+ "completed" = {};
+ };
+ };
+
+ users.users.lidarr.extraGroups = ["files"];
+ services.lidarr = {
+ enable = true;
+ group = "music";
+ };
+
+ services.prowlarr = {
+ enable = true;
+ };
+
+ services.qbittorrent = {
+ enable = true;
+ user = "files";
+ group = "files";
+ webuiPort = 7317;
+ serverConfig = {
+ Preferences = {
+ WebUI = {
+ Enabled = "true";
+ Username = "spl3g";
+ Password_PBKDF2 = "@ByteArray(drq4VxxcJLLK0Bma9mxUeg==:47J+BVdVlmpJt0Hb9LqiAj6rTK3ZlFPvy00PdGPtmeXO7SslNg/4Uej7Vmwn3+oFPuE1q/9tm1z1UogfopREUQ==)";
+ };
+ Downloads = {
+ SavePath = "/srv/files/torrents/complete/";
+ TempPathEnabled = "true";
+ TempPath = "/srv/files/torrents/incomplete/";
+ };
+ };
+ };
+ };
+
+ createPaths."/var/lib/soularr" = {
+ owner = "slskd";
+ group = "slskd";
+ permissions = "0770";
+ };
+ age.secrets.soularr-config = {
+ rekeyFile = ./secrets/soularr.conf.age;
+ owner = "slskd";
+ group = "music";
+ };
+ virtualisation.oci-containers.containers.soularr = {
+ image = "mrusse08/soularr:latest";
+ environment = {
+ TZ = "Asia/Yekaterinburg";
+ SCRIPT_INTERVAL = "300";
+ };
+ # slskd:music
+ user = "991:991";
+ volumes = [
+ "/srv/files/slskd:/downloads"
+ "/var/lib/soularr:/data"
+ "${config.age.secrets.soularr-config.path}:/data/config.ini"
+ ];
+ networks = [
+ "host"
+ ];
+ };
+
+ createPaths."/srv/files/explo" = {
+ owner = "files";
+ group = "music";
+ permissions = "0770";
+ };
+ age.secrets.explo-env = {
+ rekeyFile = ./secrets/explo.env.age;
+ owner = "files";
+ group = "music";
+ };
+ # TODO: write a module for explo
+ virtualisation.oci-containers.containers.explo = {
+ image = "ghcr.io/lumepart/explo:latest";
+ volumes = [
+ "${config.age.secrets.explo-env.path}:/opt/explo/.env"
+ "/srv/files/explo:/data/"
+ "/srv/files/slskd:/slskd/"
+ ];
+ environment = {
+ EXECUTE_ON_START = "true";
+ };
+ networks = [
+ "host"
+ ];
+ # files:music
+ extraOptions = [
+ "--uidmap=0:1000:1"
+ "--gidmap=0:991:1"
+ "--uidmap=1:100000:65535"
+ "--gidmap=1:100000:65535"
+ ];
+ };
+
+ age.secrets.navidrome-env = {
+ rekeyFile = ./secrets/navidrome.env.age;
+ };
+ users.users.navidrome.extraGroups = ["files" "music"];
+ systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = ["/srv/files/explo"];
+ services.navidrome = {
+ enable = true;
+ package = pkgs.unstable.navidrome;
+ settings = {
+ BaseUrl = "https://navidrome.${domain}";
+ MusicFolder = "/srv/files/music";
+ PlaylistsPath = "playlists";
+ Scanner.PurgeMissing = "always";
+ EnableSharing = true;
+ };
+ environmentFile = config.age.secrets.navidrome-env.path;
+ };
+
+ age.secrets.xray-config = {
+ rekeyFile = ./secrets/xray.json.age;
+ };
+ services.xray = {
+ enable = true;
+ settingsFile = config.age.secrets.xray-config.path;
+ };
+
+ services.invidious = {
+ enable = true;
+ address = "127.0.0.1";
+ port = 5410;
+ domain = "tube.${domain}";
+ settings = {
+ http_proxy = {
+ host = "127.0.0.1";
+ port = 10801;
+ user = "";
+ password = "";
+ };
+ };
+ };
+
+ virtualisation.oci-containers.backend = "podman";
+ virtualisation.oci-containers.containers.aonsoku = {
+ image = "ghcr.io/victoralvesf/aonsoku:latest";
+ ports = [
+ "127.0.0.1:5692:8080"
+ ];
+ environment = {
+ SERVER_URL = "https://navidrome.${domain}";
+ HIDE_SERVER = "true";
+ };
+ };
+
+ users.groups.books = {
+ gid = 1001;
+ };
+ createPaths."/srv/files/books" = {
+ owner = "files";
+ group = "books";
+ permissions = "0770";
+ subPaths = {
+ "/library" = {};
+ "/bookdrop" = {};
+ };
+ };
+
+ createPaths."/var/lib/cwa" = {
+ owner = "files";
+ group = "books";
+ permissions = "0750";
+ };
+
+ # age.secrets.cwa-env = {
+ # rekeyFile = ./secrets/cwa.env.age;
+ # };
+ # virtualisation.oci-containers.containers.cwa = {
+ # image = "ghcr.io/crocodilestick/calibre-web-automated:latest";
+ # environmentFiles = [
+ # config.age.secrets.cwa-env.path
+ # ];
+ # environment = {
+ # TZ = "Europe/Moscow";
+ # PUID = "1000";
+ # PGID = "1001";
+ # };
+ # ports = [
+ # "127.0.0.1:8083:8083"
+ # ];
+ # volumes = [
+ # "/srv/files/books:/calibre-library"
+ # "/srv/files/books/injest:/cwa-book-ingest"
+ # "/var/lib/cwa:/config"
+ # ];
+ # };
+
+ createPaths."/var/lib/shelfmark" = {
+ owner = "files";
+ group = "books";
+ permissions = "0750";
+ };
+
+ virtualisation.oci-containers.containers.shelfmark = {
+ image = "ghcr.io/calibrain/shelfmark:latest";
+ environment = {
+ PUID = "1000";
+ PGID = "1001";
+ };
+
+ ports = [
+ "127.0.0.1:8084:8084"
+ ];
+
+ volumes = [
+ "/srv/files/books/injest:/books"
+ "/var/lib/shelfmark:/config"
+ ];
+ networks = [
+ "host"
+ ];
+ };
+ services.booklore = {
+ enable = true;
+ subdomain = "books";
+ uid = "1000";
+ gid = "1001";
+ settings = {
+ timezone = "Europe/Yekaterinburg";
+ booksDir = "/srv/files/books/library";
+ bookdropDir = "/srv/files/books/injest";
+ };
+ };
+
+ services.watcharr = {
+ enable = true;
+ subdomain = "watched";
+ };
+
+ services.immich = {
+ enable = true;
+ };
+
+ system.stateVersion = "24.05";
+ };
+}
diff --git a/modules/hosts/ltrr-block/disk-config.nix b/modules/hosts/ltrr-block/disk-config.nix
new file mode 100644
index 0000000..52c5070
--- /dev/null
+++ b/modules/hosts/ltrr-block/disk-config.nix
@@ -0,0 +1,39 @@
+{
+ flake.diskoConfigurations.ltrr-block = {
+ disko.devices = {
+ disk = {
+ main = {
+ device = "/dev/sdb";
+ type = "disk";
+ content = {
+ type = "gpt";
+ partitions = {
+ boot = {
+ size = "1M";
+ type = "EF02";
+ };
+ ESP = {
+ size = "1G";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ mountOptions = ["umask=0077"];
+ };
+ };
+ root = {
+ size = "100%";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/hosts/ltrr-block/hardware-configuration.nix b/modules/hosts/ltrr-block/hardware-configuration.nix
new file mode 100644
index 0000000..ed72c61
--- /dev/null
+++ b/modules/hosts/ltrr-block/hardware-configuration.nix
@@ -0,0 +1,32 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+ flake.nixosModules.ltrr-block = {
+ config,
+ lib,
+ pkgs,
+ modulesPath,
+ ...
+ }: {
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = ["ehci_pci" "ata_piix" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
+ boot.initrd.kernelModules = [];
+ boot.kernelModules = [];
+ boot.extraModulePackages = [];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+ # networking.interfaces.enp0s29u1u3.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ };
+}
diff --git a/modules/hosts/ltrr-block/secrets/cwa.env.age b/modules/hosts/ltrr-block/secrets/cwa.env.age
new file mode 100644
index 0000000..25e9486
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/cwa.env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/explo.env.age b/modules/hosts/ltrr-block/secrets/explo.env.age
new file mode 100644
index 0000000..1c0f605
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/explo.env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/navidrome.env.age b/modules/hosts/ltrr-block/secrets/navidrome.env.age
new file mode 100644
index 0000000..5a6b99d
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/navidrome.env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/1c8822a2f185737c765ae9a5ce0d3879-soularr-config.age b/modules/hosts/ltrr-block/secrets/rekeyed/1c8822a2f185737c765ae9a5ce0d3879-soularr-config.age
new file mode 100644
index 0000000..608846d
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/1c8822a2f185737c765ae9a5ce0d3879-soularr-config.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/550a141b44c76106807b541c1987996b-wg-priv-key.age b/modules/hosts/ltrr-block/secrets/rekeyed/550a141b44c76106807b541c1987996b-wg-priv-key.age
new file mode 100644
index 0000000..52a14bd
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/550a141b44c76106807b541c1987996b-wg-priv-key.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 ptoveQ ulI09UBOLtapH3caDEteDd52zftMg/7xb9XT2N643A4
+JxzMCCqoLhPIuF7uas7xs1FhX3oqwm11a4r7mV56aiw
+-> pXy7_[-grease H=# dQnNDe%G ] o
+bT0nTM57IpqunS1CNyc/DXpM3f5L3n1887I++YtmrFZQEiU5liKv8Kr+aUD6lK7N
+S44U1Z0Y3VmTeWbN1iV0f5KMk2ZIFXtdjf1kw5JGfFWWVoGXJAxQuQ
+--- 522Kc0bJO1nPQ7bKfYj2+dNqArZpWbwGHRQCLnjbspI
+vν1PʾPMqkI6!vj/)/OZhGxnUš9cL \ No newline at end of file
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/9288d02fd4269798567444d076247538-explo-env.age b/modules/hosts/ltrr-block/secrets/rekeyed/9288d02fd4269798567444d076247538-explo-env.age
new file mode 100644
index 0000000..c11aa4a
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/9288d02fd4269798567444d076247538-explo-env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/939083f61f3167ef5aff27bdba700e8e-xray-config.age b/modules/hosts/ltrr-block/secrets/rekeyed/939083f61f3167ef5aff27bdba700e8e-xray-config.age
new file mode 100644
index 0000000..7cba65e
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/939083f61f3167ef5aff27bdba700e8e-xray-config.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/d5f4d0c5c7b3217d008be68e8ad757e8-navidrome-env.age b/modules/hosts/ltrr-block/secrets/rekeyed/d5f4d0c5c7b3217d008be68e8ad757e8-navidrome-env.age
new file mode 100644
index 0000000..954c2bb
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/d5f4d0c5c7b3217d008be68e8ad757e8-navidrome-env.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 ptoveQ OduiFfXpTXdPiFhmwROVjOSFSPSE8ViVFKpDKbkU4GA
+SOtXYB7vqxYAdiZ81YkQJPU+EBljy8q/5xfUwkQE9FA
+-> GPDe-grease
+tK3q1L/lU2oMO9AzA2cfa5OE36z3x2YCGAu5SVyajQ
+--- Y//hhULEy1uzl/p289AiDRGKFuR4GufSVa48rrgD8Ck
+&o$)ʓ\StkಚJ+J=}a8~ҪCY*O@%:<x !V8eOȁnOwmMԊߔ`m-V,8y TDFjM 2߃U \ No newline at end of file
diff --git a/modules/hosts/ltrr-block/secrets/rekeyed/e9669da1b38fb37ba09edf8fdeafc4de-slskd-env.age b/modules/hosts/ltrr-block/secrets/rekeyed/e9669da1b38fb37ba09edf8fdeafc4de-slskd-env.age
new file mode 100644
index 0000000..37adc46
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/rekeyed/e9669da1b38fb37ba09edf8fdeafc4de-slskd-env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/slskd.env.age b/modules/hosts/ltrr-block/secrets/slskd.env.age
new file mode 100644
index 0000000..1744660
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/slskd.env.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/soularr.conf.age b/modules/hosts/ltrr-block/secrets/soularr.conf.age
new file mode 100644
index 0000000..d02e1c7
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/soularr.conf.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/transmission-settings.json.age b/modules/hosts/ltrr-block/secrets/transmission-settings.json.age
new file mode 100644
index 0000000..f9811c4
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/transmission-settings.json.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> X25519 OUnJLswhrEjV/CylaDqKGX/VqhxhepjCt458Gk0wBgE
+AN2//RRPB5aF+UMSF7ezSXza3t1dr6AGuTGhVzkDitM
+-> 2f#v;H-grease dJa
+ErP6N46d+W72CKSHEbgxzWSiCjN7VM0unjwAE/LWLXt+GNUGEN3I+DaPTWf46v05
+EA
+--- URehB3fPuN8jXQoFfe2YZTyT6gZVs44slp/F7pXBYXM
+=T̈` AMwƗ{ #荂w֬5Ԫ@A܇91{,k{B͆HfSn^;Lew`W41K>hfY \ No newline at end of file
diff --git a/modules/hosts/ltrr-block/secrets/wg-priv.key.age b/modules/hosts/ltrr-block/secrets/wg-priv.key.age
new file mode 100644
index 0000000..7ea39e9
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/wg-priv.key.age
Binary files differ
diff --git a/modules/hosts/ltrr-block/secrets/xray.json.age b/modules/hosts/ltrr-block/secrets/xray.json.age
new file mode 100644
index 0000000..f50d67b
--- /dev/null
+++ b/modules/hosts/ltrr-block/secrets/xray.json.age
Binary files differ
diff --git a/modules/hosts/ltrr-cloud/age.nix b/modules/hosts/ltrr-cloud/age.nix
new file mode 100644
index 0000000..80232d7
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/age.nix
@@ -0,0 +1,10 @@
+{inputs, ...}: {
+ flake.nixosModules.ltrr-cloud = {
+ age.rekey = {
+ hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGkmaIw2J4H6lWDVnopnUKQuQMJuQf5VMoC1/YwCuhAb";
+ masterIdentities = ["/home/jerpo/.config/age/keys.txt"];
+ storageMode = "local";
+ localStorageDir = ./. + "/secrets/rekeyed";
+ };
+ };
+}
diff --git a/modules/hosts/ltrr-cloud/configuration.nix b/modules/hosts/ltrr-cloud/configuration.nix
new file mode 100644
index 0000000..34a74e0
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/configuration.nix
@@ -0,0 +1,345 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.nixosConfigurations.ltrr-cloud = inputs.nixpkgs-stable.lib.nixosSystem {
+ modules = [
+ self.nixosModules.ltrr-cloud
+ ];
+ };
+
+ flake.nixosModules.ltrr-cloud = {
+ modulesPath,
+ config,
+ lib,
+ pkgs,
+ ...
+ }: let
+ domain = "kcu.su";
+ in {
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ (modulesPath + "/profiles/qemu-guest.nix")
+ "${inputs.nixpkgs}/nixos/modules/services/networking/headscale.nix"
+
+ self.nixosModules.nginxProxy
+ self.nixosModules.directories
+
+ inputs.disko.nixosModules.disko
+ self.diskoConfigurations.ltrr-cloud
+
+ inputs.agenix.nixosModules.default
+ inputs.agenix-rekey.nixosModules.default
+ ];
+ nixpkgs.hostPlatform = "x86_64-linux";
+
+ disabledModules = ["services/networking/headscale.nix"];
+
+ nixpkgs.overlays = [
+ self.overlays.unstable-packages
+ ];
+
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+
+ networking = {
+ interfaces.ens3 = {
+ ipv4.addresses = [
+ {
+ address = "194.156.117.206";
+ prefixLength = 32;
+ }
+ ];
+ };
+ defaultGateway = {
+ address = "100.100.1.1";
+ interface = "ens3";
+ };
+ };
+
+ networking.nameservers = ["8.8.8.8" "1.1.1.1"];
+
+ networking.useDHCP = lib.mkDefault false;
+
+ networking.hostName = "ltrr-cloud";
+
+ services.openssh = {
+ enable = true;
+ };
+
+ environment.systemPackages = map lib.lowPrio [
+ pkgs.curl
+ pkgs.gitMinimal
+ ];
+
+ users.users = {
+ root = {
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
+ ];
+ };
+ };
+
+ swapDevices = [
+ {
+ device = "/var/lib/swapfile";
+ size = 2 * 1024;
+ }
+ ];
+
+ networking.nat = {
+ enable = true;
+ externalInterface = "ens3";
+ internalInterfaces = ["wg0"];
+ };
+
+ age.secrets.wg-priv-key = {
+ rekeyFile = ./secrets/wg-priv.key.age;
+ };
+ networking.wg-quick = {
+ interfaces.wg0 = {
+ address = ["10.1.1.1/32"];
+ listenPort = 51820;
+
+ privateKeyFile = config.age.secrets.wg-priv-key.path;
+
+ preUp = ''
+ sysctl -w net.ipv4.ip_forward=1
+ # 16261
+ iptables -t nat -I PREROUTING 1 -i ens3 -p udp --dport 16261 -j DNAT --to-destination 10.1.1.2:16261
+ iptables -A FORWARD -p udp -d 10.1.1.2 --dport 16261 -j ACCEPT
+ iptables -t nat -A POSTROUTING -o wg0 -p udp --dport 16261 -d 10.1.1.2 -j MASQUERADE
+
+ # 16262
+ iptables -t nat -I PREROUTING 1 -i ens3 -p udp --dport 16262 -j DNAT --to-destination 10.1.1.2:16262
+ iptables -A FORWARD -p udp -d 10.1.1.2 --dport 16262 -j ACCEPT
+ iptables -t nat -A POSTROUTING -o wg0 -p udp --dport 16262 -d 10.1.1.2 -j MASQUERADE
+ '';
+ postDown = ''
+ # 16261
+ iptables -t nat -D PREROUTING -i ens3 -p udp --dport 16261 -j DNAT --to-destination 10.1.1.2:16261
+ iptables -D FORWARD -p udp -d 10.1.1.2 --dport 16261 -j ACCEPT
+ iptables -t nat -D POSTROUTING -o wg0 -p udp --dport 16261 -d 10.1.1.2 -j MASQUERADE
+
+ # 16262
+ iptables -t nat -D PREROUTING -i ens3 -p udp --dport 16262 -j DNAT --to-destination 10.1.1.2:16262
+ iptables -D FORWARD -p udp -d 10.1.1.2 --dport 16262 -j ACCEPT
+ iptables -t nat -D POSTROUTING -o wg0 -p udp --dport 16262 -d 10.1.1.2 -j MASQUERADE
+ '';
+
+ peers = [
+ {
+ allowedIPs = ["10.1.1.2/32"];
+ publicKey = "kzXzxJu1AdcRI5UwtGOrN6WuTZYqJo++PYRrXdOu/lY=";
+ persistentKeepalive = 25;
+ }
+ ];
+ };
+ };
+
+ networking.firewall.allowedTCPPorts = [80 443 25565];
+ networking.firewall.allowedUDPPorts = [51820 16261 16262];
+
+ services.fail2ban = {
+ enable = true;
+ ignoreIP = [
+ "10.0.0.0/8"
+ ];
+ bantime = "24h";
+ bantime-increment = {
+ enable = true;
+ multipliers = "1 2 4 8 16 32 64";
+ maxtime = "168h";
+ overalljails = true;
+ };
+
+ jails = {
+ nginx-http-auth.settings = {
+ enabled = true;
+ port = "http,https";
+ logpath = "/var/log/nginx/*.log";
+ backend = "auto";
+ };
+ nginx-botsearch.settings = {
+ enabled = true;
+ port = "http,https";
+ logpath = "/var/log/nginx/*.log";
+ backend = "auto";
+ };
+ nginx-bad-request.settings = {
+ enabled = true;
+ port = "http,https";
+ logpath = "/var/log/nginx/*.log";
+ backend = "auto";
+ };
+ };
+ };
+
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "notspl3g+acme@duck.com";
+ };
+
+ nginxProxy = {
+ enable = true;
+ acme.enable = true;
+
+ inherit domain;
+ subdomains = {
+ "headscale" = {
+ proxyPass = "http://127.0.0.1:8768";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ "uptime" = {
+ proxyPass = "http://127.0.0.1:8762";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ "monitor" = {
+ proxyPass = "http://127.0.0.1:8090";
+ };
+ "auth".proxyPass = "http://127.0.0.1:9091";
+ };
+
+ extraVirtualHosts = {
+ "kcu.su" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/apple" = {
+ root = "/var/www";
+ };
+ locations."/" = {
+ return = 444;
+ };
+ };
+
+ "_".locations = {
+ "/" = {
+ return = 444;
+ };
+ };
+ };
+
+ home = let
+ homeConfig = self.nixosConfigurations.ltrr-block.config;
+ in {
+ subdomains = homeConfig.nginxProxy.subdomains;
+ url = "http://10.1.1.2";
+ };
+ };
+
+ age.secrets.authelia-jwt = {
+ rekeyFile = ./secrets/authelia-jwt.key.age;
+ owner = "authelia-kcu";
+ group = "authelia-kcu";
+ };
+ age.secrets.authelia-storage = {
+ rekeyFile = ./secrets/authelia-storage.key.age;
+ owner = "authelia-kcu";
+ group = "authelia-kcu";
+ };
+ services.authelia.instances.kcu = {
+ enable = true;
+ secrets = {
+ jwtSecretFile = config.age.secrets.authelia-jwt.path;
+ storageEncryptionKeyFile = config.age.secrets.authelia-storage.path;
+ };
+ settings = {
+ authentication_backend = {
+ file = {
+ path = "/var/lib/authelia-kcu/users_database.yml";
+ };
+ };
+
+ storage = {
+ local = {};
+ };
+
+ access_control = {
+ default_policy = "deny";
+ rules = [
+ {
+ domain = ["auth.${domain}"];
+ policy = "bypass";
+ }
+ {
+ domain = ["*.${domain}"];
+ policy = "one_factor";
+ }
+ ];
+ };
+
+ session = {
+ name = "authelia_session";
+ expiration = "12h";
+ inactivity = "45m";
+ cookies = [
+ {
+ inherit domain;
+ authelia_url = "https://auth.kcu.su";
+ }
+ ];
+ };
+
+ storage = {
+ local = {
+ path = "/var/lib/authelia-kcu/db.sqlite3";
+ };
+ };
+
+ notifier = {
+ disable_startup_check = false;
+ filesystem = {
+ filename = "/var/lib/authelia-kcu/notification.txt";
+ };
+ };
+ };
+ };
+
+ services.headscale = {
+ enable = true;
+ package = pkgs.headscale;
+ port = 8768;
+ settings = {
+ server_url = "https://headscale.${domain}:443";
+ dns = {
+ base_domain = "ts.net";
+ nameservers.global = ["8.8.8.8"];
+ magicdns = true;
+ };
+ };
+ };
+
+ createPaths = {
+ "/var/lib/uptime-kuma" = {
+ owner = "root";
+ group = "root";
+ };
+ };
+ virtualisation.oci-containers.backend = "podman";
+ virtualisation.oci-containers.containers = {
+ "uptime-kuma" = {
+ image = "louislam/uptime-kuma:2";
+ volumes = [
+ "/var/lib/uptime-kuma:/app/data"
+ ];
+ ports = [
+ "127.0.0.1:8762:3001"
+ ];
+ capabilities = {
+ NET_RAW = true;
+ };
+ };
+ };
+
+ services.beszel.hub = {
+ enable = true;
+ };
+
+ system.stateVersion = "24.05";
+ };
+}
diff --git a/nixos/server/disk-config.nix b/modules/hosts/ltrr-cloud/disk-config.nix
index 2495ada..f7abadd 100644
--- a/nixos/server/disk-config.nix
+++ b/modules/hosts/ltrr-cloud/disk-config.nix
@@ -1,32 +1,51 @@
{
- disko.devices = {
- disk = {
- main = {
- device = "/dev/sdb";
+ flake.diskoConfigurations.ltrr-cloud = {
+ disko.devices = {
+ disk.disk1 = {
+ device = "/dev/vda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
+ name = "boot";
size = "1M";
type = "EF02";
};
- ESP = {
- size = "1G";
+ esp = {
+ name = "ESP";
+ size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
};
};
root = {
+ name = "root";
size = "100%";
content = {
+ type = "lvm_pv";
+ vg = "pool";
+ };
+ };
+ };
+ };
+ };
+ lvm_vg = {
+ pool = {
+ type = "lvm_vg";
+ lvs = {
+ root = {
+ size = "100%FREE";
+ content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
+ mountOptions = [
+ "defaults"
+ ];
};
};
};
diff --git a/modules/hosts/ltrr-cloud/secrets/authelia-jwt.key.age b/modules/hosts/ltrr-cloud/secrets/authelia-jwt.key.age
new file mode 100644
index 0000000..ecad260
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/authelia-jwt.key.age
Binary files differ
diff --git a/modules/hosts/ltrr-cloud/secrets/authelia-storage.key.age b/modules/hosts/ltrr-cloud/secrets/authelia-storage.key.age
new file mode 100644
index 0000000..22e9eb5
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/authelia-storage.key.age
Binary files differ
diff --git a/modules/hosts/ltrr-cloud/secrets/rekeyed/97c2df6cc789b9e8ced5811bfa43d3f8-authelia-jwt.age b/modules/hosts/ltrr-cloud/secrets/rekeyed/97c2df6cc789b9e8ced5811bfa43d3f8-authelia-jwt.age
new file mode 100644
index 0000000..3fdbf7c
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/rekeyed/97c2df6cc789b9e8ced5811bfa43d3f8-authelia-jwt.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 +W/xBg sJTHHtkYrmAQbKR8ZOdR9K/reO0qeKTL4gsx34pysiY
+iTmPnK/LRYZIgEuq/xtLiQyDMML6hFPO262OdIq8UD8
+-> orB|s|Kd-grease K7 l7hC&yL A^ 6,
+MoHcwp57sM2RWYOYAk8LihPGhPSrmZkUpd3X4eJODfsqfEuJys9ZhKVyr4l4FwzN
+NsQJcBuH1//fXe/P
+--- gku/aoba9gRLFf1wD6rrwogur0EYGovRAybhyr3CLco
+ĩ,y yLۘXP1d(5Xvst6D}S 8ҹ03.XDLQsUEgK4<w [u3BxN'9}z $wF Ŧ^z!lg ńØ $qjP \ No newline at end of file
diff --git a/modules/hosts/ltrr-cloud/secrets/rekeyed/98c1b723eb9ef4334c5a90c456a33743-wg-priv-key.age b/modules/hosts/ltrr-cloud/secrets/rekeyed/98c1b723eb9ef4334c5a90c456a33743-wg-priv-key.age
new file mode 100644
index 0000000..5605e81
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/rekeyed/98c1b723eb9ef4334c5a90c456a33743-wg-priv-key.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 +W/xBg HvzCOTiwRSUSNLxgsyBbhWOU7JdVeA0OLMTnHTAXlgE
+v4G1Z3E2H0zzbamMppALx25HeS5rSfM+bJmrbUM+jgs
+-> 6hkBDp}-grease ^w s#u_m8> 1?':qM
+IAyx+VQq7VnSNf2SfqusH0eXFffH
+--- L9C8w8DV9hstoTBd39/zve9OJt4v/vFpIDbRcxUWIeI
+W:l{2u%:Vy/> .H u+AtLȲN ޼뺃 \ No newline at end of file
diff --git a/modules/hosts/ltrr-cloud/secrets/rekeyed/ab2826e18d1b8ee845f01ac87f5dd6ea-authelia-storage.age b/modules/hosts/ltrr-cloud/secrets/rekeyed/ab2826e18d1b8ee845f01ac87f5dd6ea-authelia-storage.age
new file mode 100644
index 0000000..ff31a34
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/rekeyed/ab2826e18d1b8ee845f01ac87f5dd6ea-authelia-storage.age
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 +W/xBg vxOWjAe9E2wVCDSYjJ4FzTb6OJof4BME/a0B2/m7zl8
+2jTCWcg7koRgIOUi2QDKFimbE/Gq+F0CAYmkaBmT51g
+-> eI}jc#W-grease $l&5 718 6%B>X
+miZ+OEV0SD7oYl1tqYpVFzxGhQIvMjDTQ4xRwA8Cu8BNghAwbv2vROant8sjWSsv
+WKkljj4/RH2EU1f0y0b2fIbhF8I
+--- X06G5WHTNau24I+ZT20SebQvbxP7S9zrjbk0FFIPyOE
+L\_@DD=*o>YEak",ś2،Iwb(p4Y' Paj&4-J!lkLV[X"2mqVᷩPNëz"9'I۲*5Z2~zYܸ2 \ No newline at end of file
diff --git a/modules/hosts/ltrr-cloud/secrets/wg-priv.key.age b/modules/hosts/ltrr-cloud/secrets/wg-priv.key.age
new file mode 100644
index 0000000..cd52bb3
--- /dev/null
+++ b/modules/hosts/ltrr-cloud/secrets/wg-priv.key.age
Binary files differ
diff --git a/modules/hosts/ltrr-mask/configuration.nix b/modules/hosts/ltrr-mask/configuration.nix
new file mode 100644
index 0000000..3656016
--- /dev/null
+++ b/modules/hosts/ltrr-mask/configuration.nix
@@ -0,0 +1,125 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.nixosConfigurations.ltrr-mask = inputs.nixpkgs-stable.lib.nixosSystem {
+ modules = [
+ self.nixosModules.ltrr-mask
+ ];
+ };
+
+ flake.nixosModules.ltrr-mask = {
+ modulesPath,
+ config,
+ lib,
+ pkgs,
+ ...
+ }: let
+ domain = "kcu.su";
+ in {
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ (modulesPath + "/profiles/qemu-guest.nix")
+
+ inputs.disko.nixosModules.disko
+ self.diskoConfigurations.ltrr-mask
+
+ self.nixosModules.nginxProxy
+ ];
+ nixpkgs.hostPlatform = "x86_64-linux";
+
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+
+ networking.firewall.allowedTCPPorts = [
+ # http
+ # 80
+ # 443
+
+ # xray
+ 4876
+ 57625
+ 39701
+ 39482
+ ];
+
+ networking.domain = domain;
+ networking.hostName = "ltrr-vpn";
+ networking = {
+ interfaces.ens3 = {
+ ipv4.addresses = [
+ {
+ address = "64.188.126.186";
+ prefixLength = 32;
+ }
+ ];
+ };
+ defaultGateway = {
+ address = "100.64.0.1";
+ interface = "ens3";
+ };
+ };
+
+ networking.useDHCP = lib.mkDefault false;
+
+ networking.nameservers = ["8.8.8.8" "1.1.1.1"];
+
+ services.openssh = {
+ enable = true;
+ settings.PasswordAuthentication = false;
+ };
+
+ environment.systemPackages = map lib.lowPrio [
+ pkgs.curl
+ pkgs.gitMinimal
+ ];
+
+ users.users = {
+ root = {
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuQVHIGm2bfvhW16ZI/4hDK2X8W+ADbPLXwzKZIYXZL user@LAPTOP-72FMD6D0"
+ ];
+ };
+ };
+
+ nginxProxy = {
+ enable = false;
+ acme.enable = true;
+
+ inherit domain;
+ subdomains = {
+ "xray" = {
+ proxyPass = "http://127.0.0.1:2053";
+
+ extraConfig = "
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header Range $http_range;
+ proxy_set_header If-Range $http_if_range;
+ proxy_redirect off;
+ ";
+ recommendedProxySettings = false;
+ };
+ };
+ };
+
+ virtualisation.oci-containers = {
+ backend = "docker";
+ containers.xui = {
+ image = "ghcr.io/mhsanaei/3x-ui:latest";
+ ports = ["4876:2053" "57625:57625" "39701:39701"];
+ volumes = [
+ "/root/x-ui:/etc/x-ui"
+ ];
+ };
+ };
+
+ system.stateVersion = "24.05";
+ };
+}
diff --git a/modules/hosts/ltrr-mask/disk-config.nix b/modules/hosts/ltrr-mask/disk-config.nix
new file mode 100644
index 0000000..e772466
--- /dev/null
+++ b/modules/hosts/ltrr-mask/disk-config.nix
@@ -0,0 +1,56 @@
+{lib, ...}: {
+ flake.diskoConfigurations.ltrr-mask = {
+ disko.devices = {
+ disk.disk1 = {
+ device = lib.mkDefault "/dev/vda";
+ type = "disk";
+ content = {
+ type = "gpt";
+ partitions = {
+ boot = {
+ name = "boot";
+ size = "1M";
+ type = "EF02";
+ };
+ esp = {
+ name = "ESP";
+ size = "500M";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ };
+ };
+ root = {
+ name = "root";
+ size = "100%";
+ content = {
+ type = "lvm_pv";
+ vg = "pool";
+ };
+ };
+ };
+ };
+ };
+ lvm_vg = {
+ pool = {
+ type = "lvm_vg";
+ lvs = {
+ root = {
+ size = "100%FREE";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ mountOptions = [
+ "defaults"
+ ];
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
deleted file mode 100644
index bec6184..0000000
--- a/modules/nixos/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
-# These should be stuff you would like to share with others, not your personal configurations.
-
-{
- # List your module files here
- # my-module = import ./my-module.nix;
-}
diff --git a/modules/nixosModules/booklore.nix b/modules/nixosModules/booklore.nix
new file mode 100644
index 0000000..3eeb3b9
--- /dev/null
+++ b/modules/nixosModules/booklore.nix
@@ -0,0 +1,176 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.nixosModules.booklore = {
+ config,
+ lib,
+ pkgs,
+ ...
+ }:
+ with lib; let
+ cfg = config.services.booklore;
+ in {
+ options = {
+ services.booklore = {
+ enable = mkEnableOption "Enable booklore service";
+ subdomain = mkOption {
+ type = types.str;
+ description = ''
+ Subdomain to use for nginx.
+ '';
+ };
+ uid = mkOption {
+ type = types.str;
+ description = ''
+ UID for the container user.
+ '';
+ };
+ gid = mkOption {
+ type = types.str;
+ description = ''
+ GID for the container user.
+ '';
+ };
+ settings = {
+ timezone = mkOption {
+ type = types.str;
+ description = ''
+ Timezone string;
+ '';
+ };
+ dataDir = mkOption {
+ type = types.path;
+ description = ''
+ Booklore data directory.
+ '';
+ default = "/var/lib/booklore";
+ };
+ bookdropDir = mkOption {
+ type = types.path;
+ description = ''
+ Directory where booklore will injest books. It is not created automatically, you should create it with the sufficient permissions for the uid and gid you provided.
+ '';
+ };
+ booksDir = mkOption {
+ type = types.path;
+ description = ''
+ Directory where booklore will store books. It is not created automatically, you should create it with the sufficient permissions for the uid and gid you provided.
+ '';
+ };
+ };
+ database = {
+ name = mkOption {
+ type = types.str;
+ default = "booklore";
+ };
+ user = mkOption {
+ type = types.str;
+ default = "files";
+ };
+ password = mkOption {
+ type = types.str;
+ default = "booklore";
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ createPaths = {
+ "${cfg.settings.dataDir}" = {
+ owner = cfg.uid;
+ group = cfg.gid;
+ permissions = "0750";
+ };
+ };
+ nginxProxy = {
+ enable = true;
+ subdomains = {
+ "${cfg.subdomain}" = {
+ proxyPass = "http://127.0.0.1:6060";
+ proxyWebsockets = true;
+ };
+ };
+ };
+
+ virtualisation.oci-containers.containers.booklore = {
+ image = "booklore/booklore:latest";
+ environment = {
+ USER_ID = cfg.uid;
+ GROUP_ID = cfg.gid;
+ TZ = cfg.settings.timezone;
+
+ DATABASE_URL = "jdbc:mariadb://mariadb-booklore:3306/${cfg.database.name}";
+ DATABASE_USERNAME = cfg.database.user;
+ DATABASE_PASSWORD = cfg.database.password;
+ };
+ ports = [
+ "127.0.0.1:6060:6060"
+ ];
+ volumes = [
+ "${cfg.settings.dataDir}:/app/data"
+ "${cfg.settings.booksDir}:/books"
+ "${cfg.settings.bookdropDir}:/bookdrop"
+ ];
+ dependsOn = [
+ "mariadb-booklore"
+ ];
+ networks = [
+ "booklore_default"
+ ];
+ };
+ systemd.services."podman-booklore" = {
+ serviceConfig = {
+ Restart = lib.mkOverride 90 "always";
+ };
+ after = [
+ "podman-network-booklore_default.service"
+ ];
+ requires = [
+ "podman-network-booklore_default.service"
+ ];
+ };
+
+ virtualisation.oci-containers.containers.mariadb-booklore = {
+ image = "lscr.io/linuxserver/mariadb:11.4.5";
+ environment = {
+ PUID = "1000";
+ PGID = "1000";
+ TZ = cfg.settings.timezone;
+ MYSQL_DATABASE = cfg.database.name;
+ MYSQL_USER = cfg.database.user;
+ MYSQL_PASSWORD = cfg.database.password;
+ };
+ networks = [
+ "booklore_default"
+ ];
+ };
+
+ systemd.services."podman-mariadb-booklore" = {
+ serviceConfig = {
+ Restart = lib.mkOverride 90 "always";
+ };
+ after = [
+ "podman-network-booklore_default.service"
+ ];
+ requires = [
+ "podman-network-booklore_default.service"
+ ];
+ };
+
+ systemd.services."podman-network-booklore_default" = {
+ path = [pkgs.podman];
+ serviceConfig = {
+ Type = "oneshot";
+ RemainAfterExit = true;
+ ExecStop = "podman network rm -f booklore_default";
+ };
+ script = ''
+ podman network inspect booklore_default || podman network create booklore_default
+ '';
+ };
+ };
+ };
+}
diff --git a/modules/nixosModules/directories.nix b/modules/nixosModules/directories.nix
new file mode 100644
index 0000000..6a1426f
--- /dev/null
+++ b/modules/nixosModules/directories.nix
@@ -0,0 +1,90 @@
+{inputs, ...}: {
+ flake.nixosModules.directories = {
+ config,
+ lib,
+ ...
+ }:
+ with lib; let
+ cfg = config.createPaths;
+ pathAttrsToListRec = pathsAttrSet: parentPath: parentConfig:
+ lib.flatten (lib.mapAttrsToList (path: config: let
+ filteredConfig = lib.filterAttrs (n: v: v != null) (builtins.removeAttrs config ["subPaths"]);
+ out =
+ {
+ path =
+ if parentPath == ""
+ then path
+ else parentPath + "/" + path;
+ }
+ // parentConfig // filteredConfig;
+ in
+ if config ? subPaths
+ then [out] ++ (pathAttrsToListRec config.subPaths path filteredConfig)
+ else [out])
+ pathsAttrSet);
+ pathConfig = {
+ options = {
+ group = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ };
+ owner = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ };
+ permissions = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ };
+ subPaths = mkOption {
+ type = types.attrsOf (types.submodule pathConfig);
+ default = {};
+ };
+ };
+ };
+ pathList = pathAttrsToListRec cfg "" {};
+ in rec {
+ options = {
+ createPaths = mkOption {
+ type = types.attrsOf (types.submodule {
+ options = {
+ group = mkOption {
+ type = types.str;
+ };
+ owner = mkOption {
+ type = types.str;
+ };
+ permissions = mkOption {
+ type = types.str;
+ default = "0740";
+ };
+ subPaths = mkOption {
+ type = types.attrsOf (types.submodule pathConfig);
+ default = {};
+ description = ''
+ SubPaths to create using systemd tmpfiles.
+ '';
+ };
+ };
+ });
+ default = {};
+ description = ''
+ Paths to create using systemd tmpfiles.
+ '';
+ };
+ };
+
+ config = mkIf (cfg != {}) {
+ systemd.tmpfiles.rules =
+ map
+ (dir: "d ${dir.path} ${dir.permissions} ${dir.owner} ${dir.group}")
+ pathList;
+
+ users = let
+ extraGroups = map (path: path.group) pathList;
+ in {
+ groups = genAttrs extraGroups (group: {});
+ };
+ };
+ };
+}
diff --git a/modules/nixosModules/gonic.nix b/modules/nixosModules/gonic.nix
new file mode 100644
index 0000000..0f1907a
--- /dev/null
+++ b/modules/nixosModules/gonic.nix
@@ -0,0 +1,114 @@
+{inputs, ...}: {
+ flake.nixosModules.gonic = {
+ config,
+ lib,
+ pkgs,
+ ...
+ }:
+ with lib; let
+ cfg = config.gonic;
+ in {
+ options = {
+ gonic = {
+ enable = mkEnableOption "enable gonic configuration";
+
+ listenAddr = mkOption {
+ type = types.str;
+ default = "127.0.0.1:4747";
+ description = ''
+ Address that gonic will listen on.
+ '';
+ };
+
+ extraGroups = mkOption {
+ type = types.listOf (types.str);
+ default = [];
+ description = ''
+ Additional groups for gonic.
+ '';
+ };
+
+ musicPaths = mkOption {
+ type = types.listOf (types.str);
+ description = ''
+ Directories with music in it.
+ '';
+ };
+
+ podcastsPath = mkOption {
+ type = types.str;
+ default = "${cfg.stateDir}/podcasts";
+ description = ''
+ Directory for podcasts.
+ '';
+ };
+
+ playlistsPath = mkOption {
+ type = types.str;
+ default = "${cfg.stateDir}/playlists";
+ description = ''
+ Directory for playlists.
+ '';
+ };
+
+ stateDir = mkOption {
+ type = types.str;
+ default = "/var/lib/gonic";
+ description = ''
+ A directory where gonic will keep their files.
+ '';
+ };
+
+ settings = mkOption {
+ default = {};
+ description = ''
+ Additional gonic settings
+ '';
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ systemd.services.gonic.serviceConfig = {
+ DynamicUser = lib.mkForce false;
+ User = "gonic";
+ Group = "gonic";
+ SupplementaryGroups = cfg.extraGroups;
+ ReadWritePaths = [
+ cfg.podcastsPath
+ cfg.playlistsPath
+ ];
+ };
+
+ users = {
+ groups = {
+ gonic = {};
+ };
+
+ users.gonic = {
+ isSystemUser = true;
+ group = "gonic";
+ };
+ };
+
+ systemd.tmpfiles.rules = [
+ "d ${cfg.stateDir} 0755 gonic gonic"
+ "d ${cfg.podcastsPath} 0755 gonic gonic"
+ "d ${cfg.playlistsPath} 0755 gonic gonic"
+ ];
+
+ services.gonic = {
+ enable = true;
+ settings =
+ {
+ listen-addr = cfg.listenAddr;
+ music-path = cfg.musicPaths;
+ playlists-path = [cfg.playlistsPath];
+ podcast-path = [cfg.podcastsPath];
+ db-path = ["${cfg.stateDir}/gonic.db"];
+ }
+ // cfg.settings;
+ };
+ };
+ };
+}
diff --git a/modules/nixosModules/nfs.nix b/modules/nixosModules/nfs.nix
new file mode 100644
index 0000000..3f53cc6
--- /dev/null
+++ b/modules/nixosModules/nfs.nix
@@ -0,0 +1,118 @@
+{inputs, ...}: {
+ flake.nixosModules.nfs = {
+ config,
+ lib,
+ ...
+ }:
+ with lib; let
+ cfg = config.nfs;
+ in {
+ options = {
+ nfs.server = mkOption {
+ description = ''
+ NFS server configuration.
+ '';
+ default = {enable = false;};
+ type = types.submodule {
+ options = {
+ enable = mkEnableOption "Enable nfs server";
+ exportsPath = mkOption {
+ type = types.str;
+ default = "/export";
+ description = ''
+ A path to the dir, where exports will be binded.
+ '';
+ };
+
+ defaultExportIps = mkOption {
+ type = types.listOf (types.str);
+ description = ''
+ A list of ip addresses, that will be used as default in exportDirs
+ '';
+ };
+
+ defaultExportParams = mkOption {
+ type = types.str;
+ default = "rw,nohide,insecure,no_subtree_check";
+ description = ''
+ Params, that will be used as default in exportDirs
+ '';
+ };
+
+ exportDirs = mkOption {
+ description = ''
+ A list of directories to export.
+ '';
+ type = types.listOf (types.submodule {
+ options = {
+ path = mkOption {
+ type = types.str;
+ description = ''
+ A path to the directory to export.
+ '';
+ };
+ exportPath = mkOption {
+ type = types.str;
+ default = "";
+ description = ''
+ A path that will be binded to the export directory in the exportsPath.
+ '';
+ };
+ ips = mkOption {
+ type = types.listOf (types.str);
+ default = cfg.server.defaultExportIps;
+ description = ''
+ A list of ip addresses to export the dir to.
+ '';
+ };
+ params = mkOption {
+ type = types.str;
+ default = cfg.server.defaultExportParams;
+ description = ''
+ Params for the ip addresses.
+ '';
+ };
+ };
+ });
+ };
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.server.enable {
+ services.nfs.server = {
+ enable = true;
+ exports =
+ "${cfg.server.exportsPath} ${concatMapStrings (ip: "${ip}(rw,fsid=0,no_subtree_check) ") cfg.server.defaultExportIps}\n"
+ + concatMapStrings
+ (dir: let
+ ips = concatMapStrings (ip: "${ip}(${dir.params}) ") dir.ips;
+ exportPath =
+ if dir.exportPath != ""
+ then dir.exportPath
+ else baseNameOf dir.path;
+ in "${cfg.server.exportsPath}/${exportPath} ${ips}\n")
+ cfg.server.exportDirs;
+ };
+
+ systemd.tmpfiles.rules = [
+ "d ${cfg.server.exportsPath} 0744 nobody nogroup"
+ ];
+
+ fileSystems = listToAttrs (map (exportDir: let
+ exportPath =
+ if exportDir.exportPath != ""
+ then exportDir.exportPath
+ else baseNameOf exportDir.path;
+ fullExportPath = "${cfg.server.exportsPath}/${exportPath}";
+ in {
+ name = fullExportPath;
+ value = {
+ device = exportDir.path;
+ options = ["bind"];
+ };
+ }) cfg.server.exportDirs);
+ };
+ };
+}
diff --git a/modules/nixosModules/nginxProxy.nix b/modules/nixosModules/nginxProxy.nix
new file mode 100644
index 0000000..36fdc59
--- /dev/null
+++ b/modules/nixosModules/nginxProxy.nix
@@ -0,0 +1,217 @@
+{inputs, ...}: {
+ flake.nixosModules.nginxProxy = {
+ pkgs,
+ config,
+ lib,
+ ...
+ }:
+ with lib; let
+ vhostOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/vhost-options.nix");
+ locationOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/location-options.nix");
+ nginxOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/default.nix");
+
+ autheliaAuth = url: ''
+ auth_request /internal/authelia/authz;
+ auth_request_set $redirection_url $upstream_http_location;
+ error_page 401 =302 $redirection_url;
+
+ auth_request_set $user $upstream_http_remote_user;
+ auth_request_set $groups $upstream_http_remote_groups;
+ auth_request_set $email $upstream_http_remote_email;
+ auth_request_set $name $upstream_http_remote_name;
+
+ proxy_set_header Remote-User $user;
+ proxy_set_header Remote-Groups $groups;
+ proxy_set_header Remote-Email $email;
+ proxy_set_header Remote-Name $name;
+ '';
+
+ autheliaLocation = url: ''
+ internal;
+ set $upstream_authelia ${url}/api/authz/auth-request;
+ proxy_pass $upstream_authelia;
+
+ ## Headers
+ ## The headers starting with X-* are required.
+ proxy_set_header X-Original-Method $request_method;
+ proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_set_header Content-Length "";
+ proxy_set_header Connection "";
+
+ ## Basic Proxy Configuration
+ proxy_pass_request_body off;
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead
+ proxy_redirect http:// $scheme://;
+ proxy_http_version 1.1;
+ proxy_cache_bypass $cookie_session;
+ proxy_no_cache $cookie_session;
+ proxy_buffers 4 32k;
+ client_body_buffer_size 128k;
+
+ ## Advanced Proxy Configuration
+ send_timeout 5m;
+ proxy_read_timeout 240;
+ proxy_send_timeout 240;
+ proxy_connect_timeout 240;
+ '';
+
+ cfg = config.nginxProxy;
+ in {
+ options.nginxProxy = {
+ enable = mkEnableOption "Enable nginxProxy";
+
+ domain = mkOption {
+ type = types.str;
+ description = ''
+ Domain to use with subdomains
+ '';
+ };
+
+ recommendedProxySettings = mkOption {
+ type = types.bool;
+ default = true;
+ description = ''
+ Enables global recommended proxy settings
+ '';
+ };
+
+ subdomains = mkOption {
+ type = types.attrsOf (types.submodule (locationOptions {inherit config lib;}));
+ description = ''
+ Subdomains with nginx virtualHosts configuration
+ '';
+ };
+
+ extraVirtualHosts = mkOption {
+ type = types.attrsOf (types.submodule (vhostOptions {inherit config lib;}));
+ default = {};
+ };
+
+ home = {
+ virtualHosts = mkOption {
+ type = types.attrsOf (types.submodule (vhostOptions {inherit config lib;}));
+ default = {};
+ description = ''
+ Virtual hosts from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
+ Make sure that the connection between the two is secure.
+ '';
+ };
+
+ subdomains = mkOption {
+ type = types.attrsOf (types.submodule (locationOptions {inherit config lib;}));
+ default = {};
+ description = ''
+ Subdomains from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
+ Make sure that the connection between the two is secure.
+ '';
+ };
+
+ domain = mkOption {
+ type = types.str;
+ default = cfg.domain;
+ description = ''
+ Home domain, if no domain provided, the current will be used;
+ '';
+ };
+
+ url = mkOption {
+ type = types.str;
+ default = "";
+ description = ''
+ Url that requests would be passed to;
+ '';
+ };
+
+ authelia = mkOption {
+ type = types.submodule {
+ options = {
+ enable = mkOption {
+ type = types.bool;
+ default = true;
+ };
+ publicUrl = mkOption {
+ type = types.str;
+ default = "https://auth.${cfg.domain}/";
+ };
+ localUrl = mkOption {
+ type = types.str;
+ default = "http://127.0.0.1:9091";
+ };
+ };
+ };
+ default = {};
+ };
+ };
+
+ acme = {
+ enable = mkEnableOption "enable acme certs";
+ email = mkOption {
+ type = types.str;
+ default = "notspl3g+acme@duck.com";
+ };
+ };
+
+ extraConfig = mkOption {
+ type = types.attrsOf (types.submodule nginxOptions);
+ default = {};
+ description = ''
+ Extra nginx config.
+ '';
+ };
+ };
+
+ config = mkIf cfg.enable {
+ security.acme = mkIf cfg.acme.enable {
+ acceptTerms = true;
+ defaults.email = cfg.acme.email;
+ };
+
+ users.groups.nginx = mkIf cfg.acme.enable {};
+ users.users.nginx = mkIf cfg.acme.enable {
+ group = "nginx";
+ extraGroups = ["acme"];
+ isSystemUser = true;
+ };
+ services.nginx = let
+ ssl = {
+ forceSSL = cfg.acme.enable;
+ enableACME = cfg.acme.enable;
+ };
+
+ makeVhosts = domain: subdomains:
+ lib.concatMapAttrs
+ (name: value: {${name + "." + domain} = {locations."/" = value;} // ssl;})
+ subdomains;
+
+ homeRoutes = homeVirtualHosts: homeUrl:
+ builtins.mapAttrs
+ (name: value:
+ {
+ locations."/" =
+ value.locations."/"
+ // {
+ proxyPass = homeUrl;
+ recommendedProxySettings = true;
+ extraConfig = value.locations."/".extraConfig + (autheliaAuth cfg.home.authelia.publicUrl);
+ };
+ locations."/internal/authelia/authz" = mkIf cfg.home.authelia.enable {
+ extraConfig = autheliaLocation cfg.home.authelia.localUrl;
+ };
+ }
+ // ssl)
+ homeVirtualHosts;
+
+ vhosts = makeVhosts cfg.domain cfg.subdomains;
+ homeVhosts = homeRoutes ((makeVhosts (cfg.home.domain) cfg.home.subdomains) // cfg.home.virtualHosts) cfg.home.url;
+ in
+ {
+ enable = true;
+ recommendedProxySettings = cfg.recommendedProxySettings;
+
+ virtualHosts = vhosts // homeVhosts // cfg.extraVirtualHosts;
+ }
+ // cfg.extraConfig;
+ };
+ };
+}
diff --git a/modules/nixosModules/watcharr.nix b/modules/nixosModules/watcharr.nix
new file mode 100644
index 0000000..2263e4f
--- /dev/null
+++ b/modules/nixosModules/watcharr.nix
@@ -0,0 +1,74 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.nixosModules.watcharr = {
+ config,
+ lib,
+ pkgs,
+ ...
+ }:
+ with lib; let
+ cfg = config.services.watcharr;
+ port = builtins.toString cfg.settings.port;
+ in {
+ options = {
+ services.watcharr = {
+ enable = mkEnableOption "Enable watcharr service";
+ subdomain = mkOption {
+ type = types.str;
+ description = ''
+ Subdomain to use for nginx.
+ '';
+ };
+ settings = {
+ dataDir = mkOption {
+ type = types.path;
+ description = ''
+ Watcharr data directory.
+ '';
+ default = "/var/lib/watcharr";
+ };
+ port = mkOption {
+ type = types.port;
+ default = 3080;
+ description = ''
+ Port to use.
+ '';
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ createPaths = {
+ "${cfg.settings.dataDir}" = {
+ owner = "root";
+ group = "root";
+ permissions = "0750";
+ };
+ };
+
+ nginxProxy = {
+ enable = true;
+ subdomains = {
+ "${cfg.subdomain}" = {
+ proxyPass = "http://127.0.0.1:${port}";
+ proxyWebsockets = true;
+ };
+ };
+ };
+
+ virtualisation.oci-containers.containers.watcharr = {
+ image = "ghcr.io/sbondco/watcharr:latest";
+ ports = [
+ "127.0.0.1${port}:3080"
+ ];
+ volumes = [
+ "${cfg.settings.dataDir}:/data"
+ ];
+ };
+ };
+ };
+}
diff --git a/modules/overlays.nix b/modules/overlays.nix
new file mode 100644
index 0000000..fc4327f
--- /dev/null
+++ b/modules/overlays.nix
@@ -0,0 +1,30 @@
+{
+ inputs,
+ self,
+ ...
+}: {
+ flake.overlays = {
+ truly-unstable-packages = final: _prev: {
+ unstable = import inputs.nixpkgs-small {
+ system = final.system;
+ config.allowUnfree = true;
+ };
+ };
+
+ unstable-packages = final: _prev: {
+ unstable = import inputs.nixpkgs {
+ system = final.system;
+ config.allowUnfree = true;
+ };
+ };
+
+ stable-packages = final: _prev: {
+ stable = import inputs.nixpkgs-stable {
+ system = final.system;
+ config.allowUnfree = true;
+ };
+ };
+
+ # additions = final: _prev: import self.packages {pkgs = final;};
+ };
+}
diff --git a/modules/pkgs/explo/default.nix b/modules/pkgs/explo/default.nix
new file mode 100644
index 0000000..77fcc39
--- /dev/null
+++ b/modules/pkgs/explo/default.nix
@@ -0,0 +1,28 @@
+let
+ explo = {
+ lib,
+ buildGoModule,
+ fetchFromGitHub,
+ jellyfin-ffmpeg,
+ yt-dlp,
+ }:
+ buildGoModule rec {
+ pname = "explo";
+ version = "0.11.5";
+
+ src = fetchFromGitHub {
+ owner = "LumePart";
+ repo = "Explo";
+ rev = "v${version}";
+ sha256 = "sha256-A3ikFH0/C/dat1pf7t1Gp6bfitmbPHK+RKVzqsLzjc0=";
+ };
+
+ buildInputs = [jellyfin-ffmpeg yt-dlp];
+
+ vendorHash = "sha256-jTvxv0cyE/+BNkrajIj8E3xlftq+PCtGbmz+P3IuMFw=";
+ };
+in {
+ perSystem = {pkgs, ...}: {
+ packages.explo = pkgs.callPackage explo {};
+ };
+}
diff --git a/modules/shell.nix b/modules/shell.nix
new file mode 100644
index 0000000..d3131bf
--- /dev/null
+++ b/modules/shell.nix
@@ -0,0 +1,14 @@
+{
+ perSystem = {
+ pkgs,
+ config,
+ ...
+ }: {
+ devShells.default = pkgs.mkShell {
+ packages = with pkgs; [
+ config.agenix-rekey.package
+ deploy-rs
+ ];
+ };
+ };
+}
diff --git a/nixos/general.nix b/nixos/general.nix
deleted file mode 100644
index cc400d2..0000000
--- a/nixos/general.nix
+++ /dev/null
@@ -1,149 +0,0 @@
-{
- inputs,
- outputs,
- lib,
- config,
- pkgs,
- ...
-}: {
- imports = [
- ./nixosModules
- ];
-
- nixpkgs = {
- overlays = [
- outputs.overlays.additions
- outputs.overlays.modifications
- outputs.overlays.truly-unstable-packages
- ];
- config = {
- allowUnfree = true;
- };
- };
-
- nix = {
- # This will add each flake input as a registry
- # To make nix3 commands consistent with your flake
- registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
-
- # This will additionally add your inputs to the system's legacy channels
- # Making legacy nix commands consistent as well, awesome!
- nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
-
- gc = {
- automatic = true;
- dates = "weekly";
- };
-
- settings = {
- # Enable flakes and new 'nix' command
- experimental-features = "nix-command flakes";
- # Deduplicate and optimize nix store
- auto-optimise-store = true;
-
- trusted-users = ["root" "@wheel"];
- };
- };
-
- # from nixosModules
- disks.enable = true;
- user.enable = true;
- # greetd.enable = true;
- ly.enable = true;
- stylixConfig.enable = true;
- kanata.enable = true;
-
- networking = {
- networkmanager = {
- enable = true;
- };
- nftables.enable = true;
- hosts = {
- "127.0.0.1" = ["v2raya.local"];
- };
- };
-
- virtualisation.containers.enable = true;
- virtualisation.podman = {
- enable = true;
- dockerCompat = true;
- dockerSocket.enable = true;
- defaultNetwork.settings.dns_enabled = true;
- };
-
- services.postgresql = {
- enable = true;
- };
-
- boot.loader = {
- systemd-boot.enable = true;
- efi.canTouchEfiVariables = true;
- };
-
- security.rtkit.enable = true;
- security.polkit.enable = true;
-
- services.pipewire = {
- enable = true;
- audio.enable = true;
- wireplumber.enable = true;
- alsa.enable = true;
- pulse.enable = true;
- jack.enable = true;
- };
-
- programs.gamemode = {
- enable = true;
- settings = {
- gpu.apply_gpu_optimizations = "accept-responsibility";
- };
- };
-
- services.udev.packages = with pkgs; [platformio-core.udev];
-
- environment.systemPackages = with pkgs; [
- neovim
- git
- nh
- home-manager
- docker-compose
- ];
-
- services.v2raya = {
- enable = true;
- cliPackage = pkgs.xray;
- };
-
- services.tailscale.enable = true;
-
- fonts = {
- packages = with pkgs; [
- # icon fonts
- material-design-icons
-
- # normal fonts
- noto-fonts
- noto-fonts-cjk-sans
- noto-fonts-emoji
- rubik
-
- # code font
- nerd-fonts.fira-code
- ];
-
- enableDefaultPackages = false;
-
- # user defined fonts
- # the reason there's Noto Color Emoji everywhere is to override DejaVu's
- # B&W emojis that would sometimes show instead of some Color emojis
- fontconfig.defaultFonts = {
- serif = ["Noto Serif" "Noto Color Emoji"];
- sansSerif = ["Noto Sans" "Noto Color Emoji"];
- monospace = ["Sauce Code Pro Nerd Font"];
- emoji = ["Noto Color Emoji"];
- };
- };
-
- programs.dconf.enable = true;
- i18n.defaultLocale = "en_US.UTF-8";
-}
diff --git a/nixos/laptop/configuration.nix b/nixos/laptop/configuration.nix
deleted file mode 100644
index 302d305..0000000
--- a/nixos/laptop/configuration.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{pkgs, ...}: {
- # You can import other NixOS modules here
- imports = [
- # If you want to use modules your own flake exports (from modules/nixos):
- # outputs.nixosModules.example
-
- # Or modules from other flakes (such as nixos-hardware):
- # inputs.hardware.nixosModules.common-cpu-amd
- # inputs.hardware.nixosModules.common-ssd
-
- ../general.nix
- ./hardware-configuration.nix
- ../nixosModules/powerbutton.nix
- ../nixosModules/docker.nix
- ../nixosModules/greetd.nix
- ./disk-config.nix
- ];
-
- # from nixosModules
- pbutton.disable = true;
- greetd.command = "Hyprland";
-
- programs.gamescope = {
- enable = true;
- capSysNice = false;
- };
-
- time.timeZone = "Europe/Moscow";
- networking.hostName = "ltrr-mini";
- networking.hosts = {
- "127.0.0.1" = ["mr.local" "local.oneln.ru"];
- "127.0.0.3" = ["local-api.oneln.ru"];
- };
-
- programs.adb.enable = true;
- services.udev.packages = [
- pkgs.android-udev-rules
- ];
-
- # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
- system.stateVersion = "23.05";
-}
diff --git a/nixos/laptop/disk-config.nix b/nixos/laptop/disk-config.nix
deleted file mode 100644
index 825a147..0000000
--- a/nixos/laptop/disk-config.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- disko.devices = {
- disk = {
- main = {
- device = "/dev/nvme0n1";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- boot = {
- size = "1M";
- type = "EF02";
- };
- ESP = {
- size = "1G";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- root = {
- size = "100%";
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- };
- };
- };
- };
- };
- };
- };
-}
diff --git a/nixos/laptop/hardware-configuration.nix b/nixos/laptop/hardware-configuration.nix
deleted file mode 100644
index e63527d..0000000
--- a/nixos/laptop/hardware-configuration.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
- config,
- lib,
- pkgs,
- modulesPath,
- ...
-}: {
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
- ];
-
- boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci"];
- boot.initrd.kernelModules = [];
- boot.kernelModules = ["kvm-amd"];
- # boot.kernelParams = ["amdgpu.sg_display=0" "amdgpu.dcdebugmask=0x10"];
- boot.kernelParams = [];
- boot.extraModulePackages = [];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
- # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-
- hardware.graphics = {
- enable = true;
- enable32Bit = true;
- };
- hardware.amdgpu.initrd.enable = true;
-
- hardware.bluetooth.enable = true;
-}
diff --git a/nixos/nixosModules/default.nix b/nixos/nixosModules/default.nix
deleted file mode 100644
index b6e02b4..0000000
--- a/nixos/nixosModules/default.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{
- imports = [
- ./user.nix
- ./disks.nix
- ./docker.nix
- ./greetd.nix
- ./stylix.nix
- ./powerbutton.nix
- ./printing.nix
- ./kanata.nix
- ./ly.nix
- ];
-}
diff --git a/nixos/nixosModules/disks.nix b/nixos/nixosModules/disks.nix
deleted file mode 100644
index e7a374a..0000000
--- a/nixos/nixosModules/disks.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- disks.enable = lib.mkEnableOption "auto disk mount";
- };
- config = lib.mkIf config.disks.enable {
- services = {
- devmon.enable = true;
- gvfs.enable = true;
- udisks2 = {
- enable = true;
- mountOnMedia = true;
- };
- };
- };
-}
diff --git a/nixos/nixosModules/docker.nix b/nixos/nixosModules/docker.nix
deleted file mode 100644
index 0536d7e..0000000
--- a/nixos/nixosModules/docker.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- docker.enable = lib.mkEnableOption "enable docker";
- };
- config = lib.mkIf config.docker.enable {
- virtualisation.docker = {
- enable = true;
- liveRestore = true;
- daemon.settings = {
- bip = "172.20.0.1/16";
- default-address-pools = [{
- base = "172.20.0.0/8";
- size = 16;
- }];
- };
- };
- };
-}
diff --git a/nixos/nixosModules/exwm.nix b/nixos/nixosModules/exwm.nix
deleted file mode 100644
index 84ed9c1..0000000
--- a/nixos/nixosModules/exwm.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ config, lib, ... }:
-
-{
- options = {
- exwm.enable = lib.mkEnableOption "enable exwm";
- };
-
- config = lib.mkIf config.exwm.enable {
- services.xserver = {
- enable = true;
- updateDbusEnvironment = true;
- xkb = {
- layout = "us,ru";
- options = "grp:win_space_toggle";
- };
-
- displayManager.startx.enable = true;
- };
-
- services.libinput = {
- enable = true;
- touchpad = {
- naturalScrolling = true;
- disableWhileTyping = true;
- };
- };
- # Hide the cursor when typing.
- services.xbanish.enable = true;
- };
-}
diff --git a/nixos/nixosModules/greetd.nix b/nixos/nixosModules/greetd.nix
deleted file mode 100644
index 305510f..0000000
--- a/nixos/nixosModules/greetd.nix
+++ /dev/null
@@ -1,24 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- greetd = {
- enable = lib.mkEnableOption "enable greetd";
- command = lib.mkOption { type = lib.types.str; };
- };
- };
- config = lib.mkIf config.greetd.enable {
- services.greetd = {
- enable = true;
- settings = {
- terminal = {
- vt = "next";
- };
- default_session = {
- command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -r --asterisks --user-menu -c ${config.greetd.command}";
- user = "jerpo";
- };
- };
- };
- };
-}
diff --git a/nixos/nixosModules/kanata.nix b/nixos/nixosModules/kanata.nix
deleted file mode 100644
index e6578f6..0000000
--- a/nixos/nixosModules/kanata.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, lib, ... }:
-
-{
- options = {
- kanata.enable = lib.mkEnableOption "enable kanata";
- };
-
- config = lib.mkIf config.kanata.enable {
- services.kanata = {
- enable = true;
- keyboards = {
- board = {
- config = ''
- (defsrc
- caps)
- (defalias
- caps lctrl)
- (deflayer base
- @caps)
- '';
- };
- };
- };
- };
-}
diff --git a/nixos/nixosModules/ly.nix b/nixos/nixosModules/ly.nix
deleted file mode 100644
index c126493..0000000
--- a/nixos/nixosModules/ly.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ config, lib, ... }:
-
-{
- options = {
- ly.enable = lib.mkEnableOption "enable ly desktop manager";
- };
-
- config = lib.mkIf config.ly.enable {
- services.displayManager.ly = {
- enable = true;
- settings = {
- save = true;
- };
- };
- };
-}
diff --git a/nixos/nixosModules/powerbutton.nix b/nixos/nixosModules/powerbutton.nix
deleted file mode 100644
index 92ad60c..0000000
--- a/nixos/nixosModules/powerbutton.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- pbutton.disable = lib.mkEnableOption "enable pbutton";
- };
- config = lib.mkIf config.pbutton.disable {
- services.logind.settings.Login = {
- HandlePowerKey = "ignore";
- HandleLidSwitch = "suspend";
- HandleLidSwitchExternalPower = "suspend";
- };
- };
-}
diff --git a/nixos/nixosModules/printing.nix b/nixos/nixosModules/printing.nix
deleted file mode 100644
index 610e335..0000000
--- a/nixos/nixosModules/printing.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- printing.enable = lib.mkEnableOption "enable printing";
- };
- config = lib.mkIf config.printing.enable {
- hardware.sane = {
- enable = true;
- extraBackends = [ pkgs.hplipWithPlugin ];
- };
- services = {
- printing.enable = true;
- printing.drivers = [ pkgs.hplipWithPlugin ];
- avahi = {
- enable = true;
- nssmdns4 = true;
- openFirewall = true;
- };
- };
- };
-}
diff --git a/nixos/nixosModules/stylix.nix b/nixos/nixosModules/stylix.nix
deleted file mode 100644
index 5969c4d..0000000
--- a/nixos/nixosModules/stylix.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ config, lib, inputs, outputs, ... }:
-
-{
- imports = [
- inputs.stylix.nixosModules.stylix
- ];
-
- options = {
- stylixConfig.enable = lib.mkEnableOption "enable stylix";
- };
- config = lib.mkIf config.stylixConfig.enable {
- stylix = with outputs.homeConfigurations."jerpo@ltrr-mini".config.stylix; {
- enable = true;
- image = image;
- base16Scheme = base16Scheme;
- autoEnable = false;
- targets.console.enable = true;
- fonts = with fonts; {
- serif = serif;
- sansSerif = sansSerif;
- monospace = monospace;
- emoji = emoji;
- };
- };
- };
-}
diff --git a/nixos/nixosModules/user.nix b/nixos/nixosModules/user.nix
deleted file mode 100644
index 2cfd597..0000000
--- a/nixos/nixosModules/user.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ pkgs, config, lib, ... }:
-
-{
- options = {
- user.enable = lib.mkEnableOption "default user configuration";
- };
- config = lib.mkIf config.user.enable {
- programs.fish.enable = true;
- users.users = {
- jerpo = {
- isNormalUser = true;
- shell = pkgs.fish;
- extraGroups = [ "networkmanager" "wheel" "docker" "libvirtd" "input" "adbusers" "dialout" "uinput" "podman" ];
- };
- };
-
- };
-}
diff --git a/nixos/pc/configuration.nix b/nixos/pc/configuration.nix
deleted file mode 100644
index 02a87e5..0000000
--- a/nixos/pc/configuration.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ pkgs, ... }: {
- imports = [
- ../general.nix
- ./hardware-configuration.nix
- ../nixosModules/printing.nix
- ../nixosModules/greetd.nix
- ];
-
- time.timeZone = "Asia/Yekaterinburg";
- networking.hostName = "ltrr";
-
-
- programs.adb.enable = true;
- services.udev.packages = [
- pkgs.android-udev-rules
- ];
-
- services.xserver = {
- enable = true;
- displayManager.startx.enable = true;
- };
-
- services.openssh.enable = true;
- security.polkit = {
- enable = true;
- };
- environment.systemPackages = with pkgs; [
- lxqt.lxqt-policykit
- ];
-
- greetd.command = "startx";
-
- system.stateVersion = "24.11";
-}
-
-
diff --git a/nixos/pc/configuration.nix~ b/nixos/pc/configuration.nix~
deleted file mode 100644
index b6fa0a7..0000000
--- a/nixos/pc/configuration.nix~
+++ /dev/null
@@ -1,12 +0,0 @@
-{ inputs, outputs, lib, config, pkgs, ... }: {
- imports = [
- ../general.nix
- inputs.home-manager.nixosModules.home-manager
- ];
-
- time.timeZone = "Europe/Yekaterinburg";
-
- services.xserver = {
- enable = true;
- };
-}
diff --git a/nixos/pc/hardware-configuration.nix b/nixos/pc/hardware-configuration.nix
deleted file mode 100644
index fd9ebda..0000000
--- a/nixos/pc/hardware-configuration.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
-
- boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ata_piix" "usbhid" "usb_storage" "sd_mod" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/2560c5f6-6891-49b1-bc2d-6129b588da28";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/39A8-FADA";
- fsType = "vfat";
- };
-
- swapDevices =
- [ { device = "/dev/disk/by-uuid/73feafe1-b069-41b0-b004-2f84dbbc3b51"; }
- ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
- hardware.graphics = {
- enable = true;
- enable32Bit = true;
- };
-
- # nvidia drivers
- services.xserver.videoDrivers = [ "nvidia" ];
- hardware.nvidia = {
- modesetting.enable = true;
- nvidiaSettings = true;
- open = false;
- };
-}
diff --git a/nixos/server/configuration.nix b/nixos/server/configuration.nix
deleted file mode 100644
index 3ae272c..0000000
--- a/nixos/server/configuration.nix
+++ /dev/null
@@ -1,242 +0,0 @@
-{
- modulesPath,
- lib,
- pkgs,
- config,
- inputs,
- outputs,
- ...
-}: let
- domain = "kcu.su";
-in {
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
- (modulesPath + "/profiles/qemu-guest.nix")
- "${inputs.nixpkgs}/nixos/modules/services/web-apps/filebrowser.nix"
- ./disk-config.nix
- ../serverModules/nginx.nix
- ../serverModules/directories.nix
- ];
-
- nixpkgs = {
- overlays = [
- outputs.overlays.unstable-packages
- ];
- config.allowUnfree = true;
- };
-
- sops = {
- defaultSopsFile = ../../secrets/ltrr-home/secrets.yaml;
- defaultSopsFormat = "yaml";
- age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
- };
-
- boot.loader.grub = {
- efiSupport = true;
- efiInstallAsRemovable = true;
- };
-
- services.openssh = {
- enable = true;
- settings.PasswordAuthentication = false;
- };
-
- environment.systemPackages = with pkgs; [
- curl
- gitMinimal
- beets
- ];
-
- users.users = {
- root = {
- openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
- ];
- };
- };
-
- users.files = {
- isNormalUser = true;
- group = "files";
- extraGroups = [
- "music"
- "images"
- ];
- };
- createPaths = {
- "/srv/files" = {
- owner = "files";
- permissions = "0770";
- group = "files";
- subPaths = {
- "music".group = "music";
- "images".group = "images";
- };
- };
- };
-
- networking.hostName = "ltrr-home";
- networking.firewall = {
- allowedTCPPorts = [80 5030 2049];
- allowedUDPPorts = [51820];
- };
-
- security.acme = {
- acceptTerms = true;
- defaults.email = "notspl3g+acme@duck.com";
- };
-
- nginx = {
- enable = true;
- domain = domain;
-
- recommendedProxySettings = false;
- subdomains = {
- "slskd" = {
- proxyPass = "http://127.0.0.1:${toString config.services.slskd.settings.web.port}";
- proxyWebsockets = true;
- };
- "immich" = {
- proxyPass = "http://localhost:${toString config.services.immich.port}";
- proxyWebsockets = true;
- recommendedProxySettings = true;
- extraConfig = ''
- client_max_body_size 50000M;
- proxy_read_timeout 600s;
- proxy_send_timeout 600s;
- send_timeout 600s;
- '';
- };
-
- "music".proxyPass = "http://127.0.0.1:5692";
- "navidrome".proxyPass = "http://127.0.0.1:4533";
- "files".proxyPass = "http://127.0.0.1:${toString config.services.filebrowser.settings.port}";
- "track".proxyPass = "http://127.0.0.1:7093";
- "tube".proxyPass = "http://127.0.0.1:5410";
- };
- };
-
- sops.secrets.wg-private-key = {
- restartUnits = ["wg-quick-wg0.service"];
- };
- networking.wg-quick = {
- interfaces.wg0 = {
- address = ["10.1.1.2/32"];
- listenPort = 51820;
-
- privateKeyFile = config.sops.secrets.wg-private-key.path;
-
- peers = [
- {
- endpoint = "${domain}:51820";
- publicKey = "1RwEOL8br97Mujhz3fkfYKcxUFNHYAmt5JbWTbR3ihE=";
- allowedIPs = ["10.1.1.1/32"];
- persistentKeepalive = 25;
- }
- ];
- };
- };
-
- services.tailscale.enable = true;
-
- users.users.filebrowser.extraGroups = ["music" "images"];
- systemd.services.filebrowser.serviceConfig.SupplementaryGroups = ["music" "images"];
- services.filebrowser = {
- enable = true;
- group = "files";
- settings = {
- root = "/srv/files";
- port = 9337;
- };
- };
-
- systemd.tmpfiles.rules = [
- "d /srv/files/slskd 0740 slskd music"
- "d /opt/traggo/data"
- "d /var/lib/traggo"
- ];
- users.users.slskd.extraGroups = ["files"];
- services.slskd = {
- enable = true;
- environmentFile = "/var/lib/slskd/env";
- group = "music";
- settings = {
- shares.directories = ["/srv/files/music"];
- directories.downloads = "/srv/files/slskd";
- };
- openFirewall = true;
- domain = null;
- };
-
- sops.secrets.navidrome-env = {
- restartUnits = ["navidrome.service"];
- };
- users.users.navidrome.extraGroups = ["files" "music"];
- services.navidrome = {
- enable = true;
- package = pkgs.unstable.navidrome;
- settings = {
- BaseUrl = "https://navidrome.${domain}";
- MusicFolder = "/srv/files/music";
- PlaylistsPath = "playlists";
- Scanner.PurgeMissing = "always";
- EnableSharing = true;
- };
- environmentFile = config.sops.secrets.navidrome-env.path;
- };
-
- sops.secrets.xray-config = {
- restartUnits = ["xray.service"];
- };
- services.xray = {
- enable = true;
- settingsFile = config.sops.secrets.xray-config.path;
- };
-
- services.invidious = {
- enable = true;
- address = "127.0.0.1";
- port = 5410;
- domain = "tube.${domain}";
- settings = {
- http_proxy = {
- host = "127.0.0.1";
- port = 10801;
- user = "";
- password = "";
- };
- };
- };
-
- virtualisation.oci-containers.backend = "podman";
- virtualisation.oci-containers.containers = {
- aonsoku = {
- image = "ghcr.io/victoralvesf/aonsoku:latest";
- ports = [
- "127.0.0.1:5692:8080"
- ];
- environment = {
- SERVER_URL = "https://navidrome.${domain}";
- HIDE_SERVER = "true";
- };
- };
-
- traggo = {
- image = "traggo/server";
- ports = [
- "127.0.0.1:7093:3030"
- ];
- environmentFiles = ["/var/lib/traggo/env"];
- workdir = "/opt/traggo/";
- volumes = [
- "/opt/traggo/data:/opt/traggo/data"
- ];
- };
- };
-
- services.immich = {
- enable = true;
- };
-
- system.stateVersion = "24.05";
-}
diff --git a/nixos/server/hardware-configuration.nix b/nixos/server/hardware-configuration.nix
deleted file mode 100644
index 926b7d7..0000000
--- a/nixos/server/hardware-configuration.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
-
- boot.initrd.availableKernelModules = [ "ehci_pci" "ata_piix" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ ];
- boot.extraModulePackages = [ ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
- # networking.interfaces.enp0s29u1u3.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/nixos/serverModules/directories.nix b/nixos/serverModules/directories.nix
deleted file mode 100644
index f5c769f..0000000
--- a/nixos/serverModules/directories.nix
+++ /dev/null
@@ -1,90 +0,0 @@
-{
- config,
- lib,
- ...
-}:
-with lib; let
- cfg = config.createPaths;
- pathAttrsToListRec = pathsAttrSet: parentPath: parentConfig:
- lib.flatten (lib.mapAttrsToList (path: config: let
- filteredConfig = lib.filterAttrs (n: v: v != null) (builtins.removeAttrs config ["subPaths"]);
- out =
- {
- path =
- if parentPath == ""
- then path
- else parentPath + "/" + path;
- }
- // parentConfig // filteredConfig;
- in
- if config ? subPaths
- then [out] ++ (pathAttrsToListRec config.subPaths path filteredConfig)
- else [out])
- pathsAttrSet);
- pathConfig = {
- options = {
- group = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- owner = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- permissions = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- subPaths = mkOption {
- type = types.attrsOf (types.submodule pathConfig);
- default = {};
- };
- };
- };
- pathList = pathAttrsToListRec cfg "" {};
-in rec {
- options = {
- createPaths = mkOption {
- type = types.attrsOf (types.submodule {
- options = {
- group = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- owner = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- permissions = mkOption {
- type = types.nullOr types.str;
- default = null;
- };
- subPaths = mkOption {
- type = types.attrsOf (types.submodule pathConfig);
- default = {};
- description = ''
- SubPaths to create using systemd tmpfiles.
- '';
- };
- };
- });
- default = {};
- description = ''
- Paths to create using systemd tmpfiles.
- '';
- };
- };
-
- config = mkIf (cfg != {}) {
- systemd.tmpfiles.rules =
- map
- (dir: "d ${dir.path} ${dir.permissions} ${dir.owner} ${dir.group}")
- pathList;
-
- users = let
- extraGroups = map (path: path.group) pathList;
- in {
- groups = genAttrs extraGroups (group: {});
- };
- };
-}
diff --git a/nixos/serverModules/gonic.nix b/nixos/serverModules/gonic.nix
deleted file mode 100644
index 6bdf984..0000000
--- a/nixos/serverModules/gonic.nix
+++ /dev/null
@@ -1,95 +0,0 @@
-{ config, lib, pkgs, ... }:
-with lib;
-let
- cfg = config.gonic;
-in
-{
- options = {
- gonic = {
- enable = mkEnableOption "enable gonic configuration";
-
- listenAddr = mkOption {
- type = types.str;
- default = "127.0.0.1:4747";
- description = ''
- Address that gonic will listen on.
- '';
- };
-
- extraGroups = mkOption {
- type = types.listOf (types.str);
- default = [];
- description = ''
- Additional groups for gonic.
- '';
- };
-
- musicPaths = mkOption {
- type = types.listOf (types.str);
- description = ''
- Directories with music in it.
- '';
- };
-
- podcastsPath = mkOption {
- type = types.str;
- default = "${cfg.stateDir}/podcasts";
- description = ''
- Directory for podcasts.
- '';
- };
-
- playlistsPath = mkOption {
- type = types.str;
- default = "${cfg.stateDir}/playlists";
- description = ''
- Directory for playlists.
- '';
- };
-
- stateDir = mkOption {
- type = types.str;
- default = "/var/lib/gonic";
- description = ''
- A directory where gonic will keep their files.
- '';
- };
-
- settings = mkOption {
- default = {};
- description = ''
- Additional gonic settings
- '';
- };
- };
- };
-
- config = mkIf cfg.enable {
- nixpkgs.overlays = [
- (final: prev: {
- ffmpeg = prev.ffmpeg-headless;
- })
- ];
-
- systemd.services.gonic.serviceConfig = {
- SupplementaryGroups = cfg.extraGroups;
- };
-
- systemd.tmpfiles.rules = [
- "d ${cfg.stateDir} 0755 nobody nogroup"
- "d ${cfg.podcastsPath} 0755 nobody nogroup"
- "d ${cfg.playlistsPath} 0755 nobody nogroup"
- ];
-
- services.gonic = {
- enable = true;
- settings = {
- listen-addr = cfg.listenAddr;
- music-path = cfg.musicPaths;
- playlists-path = [cfg.podcastsPath];
- podcast-path = [cfg.playlistsPath];
- db-path = ["${cfg.stateDir}/gonic.db"];
- } // cfg.settings;
- };
- };
-}
diff --git a/nixos/serverModules/nfs.nix b/nixos/serverModules/nfs.nix
deleted file mode 100644
index f8186b6..0000000
--- a/nixos/serverModules/nfs.nix
+++ /dev/null
@@ -1,112 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
- cfg = config.nfs;
-in
-{
- options = {
- nfs.server = mkOption {
- description = ''
- NFS server configuration.
- '';
- default = { enable = false; };
- type = types.submodule {
- options = {
- enable = mkEnableOption "Enable nfs server";
- exportsPath = mkOption {
- type = types.str;
- default = "/export";
- description = ''
- A path to the dir, where exports will be binded.
- '';
- };
-
- defaultExportIps = mkOption {
- type = types.listOf (types.str);
- description = ''
- A list of ip addresses, that will be used as default in exportDirs
- '';
- };
-
- defaultExportParams = mkOption {
- type = types.str;
- default = "rw,nohide,insecure,no_subtree_check";
- description = ''
- Params, that will be used as default in exportDirs
- '';
- };
-
- exportDirs = mkOption {
- description = ''
- A list of directories to export.
- '';
- type = types.listOf (types.submodule {
- options = {
- path = mkOption {
- type = types.str;
- description = ''
- A path to the directory to export.
- '';
- };
- exportPath = mkOption {
- type = types.str;
- default = "";
- description = ''
- A path that will be binded to the export directory in the exportsPath.
- '';
- };
- ips = mkOption {
- type = types.listOf (types.str);
- default = cfg.server.defaultExportIps;
- description = ''
- A list of ip addresses to export the dir to.
- '';
- };
- params = mkOption {
- type = types.str;
- default = cfg.server.defaultExportParams;
- description = ''
- Params for the ip addresses.
- '';
- };
- };
- });
- };
- };
- };
- };
- };
-
- config = mkIf cfg.server.enable {
- services.nfs.server = {
- enable = true;
- exports = "${cfg.server.exportsPath} ${concatMapStrings (ip: "${ip}(rw,fsid=0,no_subtree_check) ") cfg.server.defaultExportIps}\n"
- + concatMapStrings
- (dir:
- let
- ips = concatMapStrings (ip: "${ip}(${dir.params}) ") dir.ips;
- exportPath = if dir.exportPath != "" then dir.exportPath else
- baseNameOf dir.path;
- in "${cfg.server.exportsPath}/${exportPath} ${ips}\n")
- cfg.server.exportDirs;
- };
-
- systemd.tmpfiles.rules = [
- "d ${cfg.server.exportsPath} 0744 nobody nogroup"
- ];
-
- fileSystems = listToAttrs (map (exportDir:
- let
- exportPath = if exportDir.exportPath != "" then exportDir.exportPath else
- baseNameOf exportDir.path;
- fullExportPath = "${cfg.server.exportsPath}/${exportPath}";
- in
- {
- name = fullExportPath;
- value = {
- device = exportDir.path;
- options = ["bind"];
- };
- }) cfg.server.exportDirs);
- };
-}
diff --git a/nixos/serverModules/nginx.nix b/nixos/serverModules/nginx.nix
deleted file mode 100644
index 9e249d9..0000000
--- a/nixos/serverModules/nginx.nix
+++ /dev/null
@@ -1,136 +0,0 @@
-{ pkgs, config, lib, ... }:
-with lib;
-let
- vhostOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/vhost-options.nix");
- locationOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/location-options.nix");
- nginxOptions = import (pkgs.path + "/nixos/modules/services/web-servers/nginx/default.nix");
- cfg = config.nginx;
-in
-{
- options.nginx = {
- enable = mkEnableOption "Enable nginx";
-
- domain = mkOption {
- type = types.str;
- description = ''
- Domain to use with subdomains
- '';
- };
-
- recommendedProxySettings = mkOption {
- type = types.bool;
- default = true;
- description = ''
- Enables global recommended proxy settings
- '';
- };
-
- subdomains = mkOption {
- type = types.attrsOf (types.submodule (locationOptions { inherit config lib; }));
- description = ''
- Subdomains with nginx virtualHosts configuration
- '';
- };
-
- extraVirtualHosts = mkOption {
- type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; }));
- default = {};
- };
-
- home = {
- virtualHosts = mkOption {
- type = types.attrsOf (types.submodule (vhostOptions { inherit config lib; }));
- default = {};
- description = ''
- Virtual hosts from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
- Make sure that the connection between the two is secure.
- '';
- };
-
- subdomains = mkOption {
- type = types.attrsOf (types.submodule (locationOptions { inherit config lib; }));
- default = {};
- description = ''
- Subdomains from another nginx configuration, that will be used to decrypt ssl and forward traffic to another server.
- Make sure that the connection between the two is secure.
- '';
- };
-
- domain = mkOption {
- type = types.str;
- default = cfg.domain;
- description = ''
- Home domain, if no domain provided, the current will be used;
- '';
- };
-
- url = mkOption {
- type = types.str;
- default = "";
- description = ''
- Url that requests would be passed to;
- '';
- };
- };
-
- acme = {
- enable = mkEnableOption "enable acme certs";
- email = mkOption {
- type = types.str;
- default = "notspl3g+acme@duck.com";
- };
- };
-
- extraConfig = mkOption {
- type = types.attrsOf (types.submodule nginxOptions);
- default = {};
- description = ''
- Extra nginx config.
- '';
- };
- };
-
- config = mkIf cfg.enable {
- security.acme = mkIf cfg.acme.enable {
- acceptTerms = true;
- defaults.email = cfg.acme.email;
- };
-
- users.groups.nginx = mkIf cfg.acme.enable {};
- users.users.nginx = mkIf cfg.acme.enable {
- group = "nginx";
- extraGroups = [ "acme" ];
- isSystemUser = true;
- };
- services.nginx =
- let
- ssl = {
- forceSSL = cfg.acme.enable;
- enableACME = cfg.acme.enable;
- };
-
- makeVhosts = (domain: subdomains:
- lib.concatMapAttrs
- (name: value: { ${name + "." + domain} = { locations."/" = value; } // ssl; })
- subdomains);
-
- homeRoutes = (homeVirtualHosts: homeUrl:
- builtins.mapAttrs
- (name: value: {
- locations."/" = value.locations."/" // {
- proxyPass = homeUrl;
- recommendedProxySettings = true;
- };
- } // ssl)
- homeVirtualHosts);
-
- vhosts = (makeVhosts cfg.domain cfg.subdomains);
- homeVhosts = (homeRoutes ((makeVhosts (cfg.home.domain) cfg.home.subdomains) // cfg.home.virtualHosts) cfg.home.url);
- in {
- enable = true;
- recommendedProxySettings = cfg.recommendedProxySettings;
-
- virtualHosts = vhosts // homeVhosts // cfg.extraVirtualHosts;
- } // cfg.extraConfig;
- };
-}
diff --git a/nixos/tw/configuration.nix b/nixos/tw/configuration.nix
deleted file mode 100644
index 4078ba1..0000000
--- a/nixos/tw/configuration.nix
+++ /dev/null
@@ -1,159 +0,0 @@
-{
- modulesPath,
- config,
- lib,
- pkgs,
- outputs,
- inputs,
- ...
-}: let
- domain = "kcu.su";
-in {
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
- (modulesPath + "/profiles/qemu-guest.nix")
- "${inputs.nixpkgs}/nixos/modules/services/networking/headscale.nix" # replacing the options with ones for a newer version
- ./disk-config.nix
- ../serverModules/nginx.nix
- ];
-
- disabledModules = ["services/networking/headscale.nix"];
-
- nixpkgs.overlays = [
- outputs.overlays.unstable-packages
- ];
-
- sops = {
- defaultSopsFile = ../../secrets/ltrr-tw/secrets.yaml;
- defaultSopsFormat = "yaml";
- age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
- };
-
- boot.loader.grub = {
- efiSupport = true;
- efiInstallAsRemovable = true;
- };
-
- networking = {
- interfaces.ens3 = {
- ipv4.addresses = [
- {
- address = "77.232.139.132";
- prefixLength = 24;
- }
- ];
- };
- defaultGateway = {
- address = "77.232.139.1";
- interface = "ens3";
- };
- };
-
- networking.nameservers = ["8.8.8.8" "1.1.1.1"];
-
- networking.useDHCP = lib.mkDefault false;
-
- networking.hostName = "ltrr-tw";
-
- services.openssh = {
- enable = true;
- };
-
- environment.systemPackages = map lib.lowPrio [
- pkgs.curl
- pkgs.gitMinimal
- ];
-
- users.users = {
- root = {
- openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
- ];
- };
- };
-
- swapDevices = [
- {
- device = "/var/lib/swapfile";
- size = 2 * 1024;
- }
- ];
-
- networking.nat = {
- enable = true;
- externalInterface = "ens3";
- internalInterfaces = ["wg0"];
- };
-
- sops.secrets.wg-private-key = {};
- networking.wg-quick = {
- interfaces.wg0 = {
- address = ["10.1.1.1/32"];
- listenPort = 51820;
-
- privateKeyFile = config.sops.secrets.wg-private-key.path;
-
- preUp = "sysctl -w net.ipv4.ip_forward=1";
-
- peers = [
- {
- allowedIPs = ["10.1.1.2/32"];
- publicKey = "kzXzxJu1AdcRI5UwtGOrN6WuTZYqJo++PYRrXdOu/lY=";
- persistentKeepalive = 25;
- }
- ];
- };
- };
-
- networking.firewall.allowedTCPPorts = [80 443];
- networking.firewall.allowedUDPPorts = [51820];
-
- security.acme = {
- acceptTerms = true;
- defaults.email = "notspl3g+acme@duck.com";
- };
-
- nginx = {
- enable = true;
- acme.enable = true;
-
- inherit domain;
- subdomains = {
- "headscale" = {
- proxyPass = "http://127.0.0.1:8768";
- proxyWebsockets = true;
- recommendedProxySettings = true;
- };
- };
-
- extraVirtualHosts = {
- "_" = {
- locations."/" = {
- return = 444;
- };
- };
- };
-
- home = let
- homeConfig = import ../server/configuration.nix {inherit modulesPath config lib pkgs;};
- in {
- subdomains = homeConfig.nginx.subdomains;
- url = "http://10.1.1.2";
- };
- };
-
- services.headscale = {
- enable = true;
- package = pkgs.unstable.headscale;
- port = 8768;
- settings = {
- server_url = "https://headscale.${domain}:443";
- dns = {
- base_domain = "tailnet.${domain}";
- nameservers.global = ["8.8.8.8"];
- };
- };
- };
-
- system.stateVersion = "24.05";
-}
diff --git a/nixos/tw/disk-config.nix b/nixos/tw/disk-config.nix
deleted file mode 100644
index 1641339..0000000
--- a/nixos/tw/disk-config.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ lib, ... }:
-{
- disko.devices = {
- disk.disk1 = {
- device = lib.mkDefault "/dev/sda";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- boot = {
- name = "boot";
- size = "1M";
- type = "EF02";
- };
- esp = {
- name = "ESP";
- size = "500M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- };
- };
- root = {
- name = "root";
- size = "100%";
- content = {
- type = "lvm_pv";
- vg = "pool";
- };
- };
- };
- };
- };
- lvm_vg = {
- pool = {
- type = "lvm_vg";
- lvs = {
- root = {
- size = "100%FREE";
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- mountOptions = [
- "defaults"
- ];
- };
- };
- };
- };
- };
- };
-}
diff --git a/nixos/vpn/configuration.nix b/nixos/vpn/configuration.nix
deleted file mode 100644
index d7d794a..0000000
--- a/nixos/vpn/configuration.nix
+++ /dev/null
@@ -1,118 +0,0 @@
-{
- modulesPath,
- config,
- lib,
- pkgs,
- ...
-}: let
- domain = "kcu.su";
-in {
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
- (modulesPath + "/profiles/qemu-guest.nix")
- ./disk-config.nix
- ../serverModules/nginx.nix
- ../serverModules/files.nix
- ../serverModules/gonic.nix
- ];
-
- boot.loader.grub = {
- efiSupport = true;
- efiInstallAsRemovable = true;
- };
-
- networking.firewall.allowedTCPPorts = [
- # http
- 80
- 443
- # xray
- 57625
- ];
-
- networking.domain = domain;
- networking.hostName = "ltrr-vpn";
- networking = {
- interfaces.ens3 = {
- ipv4.addresses = [
- {
- address = "64.188.126.186";
- prefixLength = 32;
- }
- ];
- };
- defaultGateway = {
- address = "100.64.0.1";
- interface = "ens3";
- };
- };
-
- networking.useDHCP = lib.mkDefault false;
-
- networking.nameservers = ["8.8.8.8" "1.1.1.1"];
-
- services.openssh = {
- enable = true;
- settings.PasswordAuthentication = false;
- };
-
- environment.systemPackages = map lib.lowPrio [
- pkgs.curl
- pkgs.gitMinimal
- ];
-
- users.users = {
- root = {
- openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuQVHIGm2bfvhW16ZI/4hDK2X8W+ADbPLXwzKZIYXZL user@LAPTOP-72FMD6D0"
- ];
- };
- };
-
- nginx = {
- enable = true;
- acme.enable = true;
-
- inherit domain;
- subdomains = {
- "xray" = {
- proxyPass = "http://127.0.0.1:2053";
-
- extraConfig = "
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header Range $http_range;
- proxy_set_header If-Range $http_if_range;
- proxy_redirect off;
- ";
- recommendedProxySettings = false;
- };
-
- "musicbrainz" = {
- proxyPass = "https://musicbrainz.org";
- recommendedProxySettings = false;
- extraConfig = "
- proxy_set_header Host musicbrainz.org;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- ";
- };
- };
- };
-
- virtualisation.oci-containers = {
- backend = "docker";
- containers.xui = {
- image = "ghcr.io/mhsanaei/3x-ui:latest";
- ports = ["127.0.0.1:2053:2053" "57625:57625"];
- volumes = [
- "/root/x-ui:/etc/x-ui"
- ];
- };
- };
-
- system.stateVersion = "24.05";
-}
diff --git a/nixos/vpn/disk-config.nix b/nixos/vpn/disk-config.nix
deleted file mode 100644
index a51111a..0000000
--- a/nixos/vpn/disk-config.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ lib, ... }:
-{
- disko.devices = {
- disk.disk1 = {
- device = lib.mkDefault "/dev/vda";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- boot = {
- name = "boot";
- size = "1M";
- type = "EF02";
- };
- esp = {
- name = "ESP";
- size = "500M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- };
- };
- root = {
- name = "root";
- size = "100%";
- content = {
- type = "lvm_pv";
- vg = "pool";
- };
- };
- };
- };
- };
- lvm_vg = {
- pool = {
- type = "lvm_vg";
- lvs = {
- root = {
- size = "100%FREE";
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- mountOptions = [
- "defaults"
- ];
- };
- };
- };
- };
- };
- };
-}
diff --git a/nixpkgs.nix b/nixpkgs.nix
deleted file mode 100644
index 041de40..0000000
--- a/nixpkgs.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-# A nixpkgs instance that is grabbed from the pinned nixpkgs commit in the lock file
-# This is useful to avoid using channels when using legacy nix commands
-let lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked;
-in
-import (fetchTarball {
- url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz";
- sha256 = lock.narHash;
-})
diff --git a/overlays/default.nix b/overlays/default.nix
deleted file mode 100644
index cb0f4e4..0000000
--- a/overlays/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-# This file defines overlays
-{inputs, ...}: {
- # This one brings our custom packages from the 'pkgs' directory
- additions = final: _prev: import ../pkgs {pkgs = final;};
-
- # This one contains whatever you want to overlay
- # You can change versions, add patches, set compilation flags, anything really.
- # https://nixos.wiki/wiki/Overlays
- modifications = final: prev: {
- # example = prev.example.overrideAttrs (oldAttrs: rec {
- # ...
- # });
- };
-
- truly-unstable-packages = final: _prev: {
- unstable = import inputs.nixpkgs-small {
- system = final.system;
- config.allowUnfree = true;
- };
- };
-
- unstable-packages = final: _prev: {
- unstable = import inputs.nixpkgs {
- system = final.system;
- config.allowUnfree = true;
- };
- };
-}
diff --git a/pkgs/boomer/default.nix b/pkgs/boomer/default.nix
deleted file mode 100644
index 885de27..0000000
--- a/pkgs/boomer/default.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ lib, stdenv, fetchgit, makeWrapper, nim, libX11, libXrandr, libGL }:
-
-let
-
- x11-nim = fetchgit {
- url = "https://github.com/nim-lang/x11";
- rev = "b7bae7dffa4e3f12370d5a18209359422ae8bedd";
- sha256 = "1j3kyp0vf2jl20c67gcm759jnfskdf0wc4ajrdbvfxias285c5sb";
- };
-
- opengl-nim = fetchgit {
- url = "https://github.com/nim-lang/opengl";
- rev = "a6fb649e5bd94d8420d4a11287092a4dc3e922b4";
- sha256 = "0w62lfrdms2vb24kd4jnypwmqvdk5x9my1dinnqdq82yl4nz6d0s";
- };
-
-in stdenv.mkDerivation rec {
-
- pname = "boomer";
- version = "cc0f5311193da8361ee782a421d6bc4ad8541cf3";
-
- src = fetchgit {
- url = "https://github.com/tsoding/boomer";
- rev = version;
- sha256 = "sha256-3yg0nuJE0Rrw13VEQ/CjjjPN5G4ytssgiesdXwlHaF8=";
- };
-
- buildInputs = [ nim libX11 libXrandr libGL makeWrapper ];
-
- buildPhase = ''
- runHook preBuild
- HOME=$TMPDIR
- nim -p:${x11-nim}/ -p:${opengl-nim}/src c -d:release src/boomer.nim
- runHook postBuild
- '';
-
- installPhase = ''
- runHook preInstall
- install -Dt $out/bin src/boomer
- runHook postInstall
- '';
-
- fixupPhase = ''
- runHook preFixup
- patchelf --set-rpath ${lib.makeLibraryPath [ stdenv.cc.cc libX11 libXrandr libGL ]} $out/bin/boomer
- wrapProgram "$out/bin/boomer" --set LIBGL_ALWAYS_SOFTWARE 1
- runHook postFixup
- '';
-
- meta = with lib; {
- license = licenses.mit;
- platforms = platforms.linux;
- homepage = "https://github.com/tsoding/boomer";
- };
-}
diff --git a/pkgs/default.nix b/pkgs/default.nix
deleted file mode 100644
index ae395f7..0000000
--- a/pkgs/default.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ pkgs }: {
- tgs2png = pkgs.callPackage ./tgs2png { };
- pokemon-colorscripts = pkgs.callPackage ./pokemon-colorscripts { };
- spoofdpi = pkgs.callPackage ./spoofdpi { };
- boomer = pkgs.callPackage ./boomer/default.nix { nim = pkgs.nim-1_0; };
-}
diff --git a/pkgs/pokemon-colorscripts/default.nix b/pkgs/pokemon-colorscripts/default.nix
deleted file mode 100644
index 6fa8e28..0000000
--- a/pkgs/pokemon-colorscripts/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ lib, stdenv, fetchFromGitLab, python3 }:
-
-stdenv.mkDerivation rec {
- pname = "pokemon-colorscripts";
- version = "r108.3dc0b2e";
- src = fetchFromGitLab {
- owner = "phoneybadger";
- repo = "${pname}";
- rev = "0483c85b93362637bdd0632056ff986c07f30868";
- sha256 = "1c5pi7y87ng6qa3k287fq66spdl3ynckvxf86srd9fy2h4ljlgdf";
- };
- buildInputs = [ python3 ];
- preInstall = ''
- rm -rf "$out/usr/local/opt/${pname}"
- mkdir -p "$out/usr/local/opt/${pname}/colorscripts/regular"
- mkdir -p "$out/usr/local/opt/${pname}/colorscripts/shiny"
- mkdir -p "$out/bin"
- install -Dm644 colorscripts/small/regular/* -t "$out/usr/local/opt/${pname}/colorscripts/small/regular"
- install -Dm644 colorscripts/small/shiny/* -t "$out/usr/local/opt/${pname}/colorscripts/small/shiny"
- install -Dm644 colorscripts/large/regular/* -t "$out/usr/local/opt/${pname}/colorscripts/large/regular"
- install -Dm644 colorscripts/large/shiny/* -t "$out/usr/local/opt/${pname}/colorscripts/large/shiny"
- install -Dm644 pokemon.json "$out/usr/local/opt/${pname}/pokemon.json"
- install -Dm755 pokemon-colorscripts.py "$out/usr/local/opt/${pname}/pokemon-colorscripts.py"
- install -Dm644 LICENSE.txt "$out/usr/share/licenses/${pname}/LICENSE"
- install -Dm644 README.md "$out/usr/share/doc/${pname}/README.md"
- install -Dm644 pokemon-colorscripts.1 "$out/usr/local/man/man1/pokemon-colorscripts.1"
- ln -sf $out/usr/local/opt/${pname}/pokemon-colorscripts.py $out/bin/pokemon-colorscripts
-'';
-}
diff --git a/pkgs/spoofdpi/default.nix b/pkgs/spoofdpi/default.nix
deleted file mode 100644
index 8c4a412..0000000
--- a/pkgs/spoofdpi/default.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ lib
-, buildGoModule
-, fetchFromGitHub
-}:
-
-buildGoModule rec {
- pname = "spoofdpi";
- version = "0.10.6";
-
- src = fetchFromGitHub {
- owner = "xvzc";
- repo = "SpoofDPI";
- rev = "v${version}";
- sha256 = "sha256-DsyUxeVLJHnNZM92z4DEJPIy0HWD9WXBJ+HordPSYMg=";
- };
-
- vendorHash = "sha256-kmp+8MMV1AHaSvLnvYL17USuv7xa3NnsCyCbqq9TvYE=";
-}
diff --git a/pkgs/tgs2png/default.nix b/pkgs/tgs2png/default.nix
deleted file mode 100644
index c17f50c..0000000
--- a/pkgs/tgs2png/default.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-{ lib
-, stdenv
-, fetchFromGitHub
-, rlottie
-, libpng
-, cmake
-, pkg-config
-}:
-
-stdenv.mkDerivation {
- name = "tgs2png";
- src = fetchFromGitHub {
- owner = "zevlg";
- repo = "tgs2png";
- rev = "25c15b7c2ca3b1a580a383d9d3cb13bf8531d04a";
- sha256 = "0camvzapkfvr9v0nkk96n26rdmw0g8wbpv41i5l03j6bzdgm4myl";
- };
- nativeBuildInputs = [ cmake pkg-config ];
- buildInputs = [
- rlottie
- libpng
- ];
- buildPhase = ''
- cmake
- make
- '';
- installPhase = ''
- mkdir -p $out/bin
- cp tgs2png $out/bin
- '';
-}
-
diff --git a/secrets/ltrr-home/secrets.yaml b/secrets/ltrr-home/secrets.yaml
deleted file mode 100644
index 772e618..0000000
--- a/secrets/ltrr-home/secrets.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-wg-private-key: ENC[AES256_GCM,data:sdpaHC18e08Oz+LsBIYLYZSZ2Iddh6bqOdtsWGuC2CbekxOim9lNcULz8iA=,iv:Ws9iquADwL5E/NwtSc1MddMA4pkhltb0ImM4XPP/Q0Y=,tag:SZT52ISlbmjP7M+NXt61QQ==,type:str]
-navidrome-env: ENC[AES256_GCM,data:uSmxSLZjZf+agUBkDLsOPVTSbZUMtNSARFtvD6bBfvS9Xx1gusvbmxVyk/TDbaOgsMySuHIiS3YxAL25SZzqXmB2dIhRB9HkmVk+FczgZVgWiT/BcAvLFTji+Mp47fX+W5E6SJJunX5zkM2Ux2SsUuFWrNaO6J5SU9te,iv:pyhz9d2kyP6yFK0LQt78/dIoNCoAwlAymncA6fxvOBc=,tag:u0qwrI2/0p8ylC4L3gEeww==,type:str]
-xray-config: ENC[AES256_GCM,data:I+odpDSy7PwalYCkWUOesU8FZVo5/6EnJ20xSqiIBbae87uTkxtMaAE5BVyR56FlLmf4V4vowFT5IYR92t1qgoRyORYV60ILqk+Z0N0ptV/eulbLHP78unpw7k/9dZTBJCCXNJIWmKhUZZhZFYc18PtR3ntIOvXLqha5OlakAhHpUTwnoJnaJUWMki11xcHVLgjn3nI4ocb7kyiQbv3eGFPsKKkie+Ip/vdBvjds++GdrS7JydCosKFANKf4Uip/kf96J3EfY52uEheByqpTnotErB9W4Kz1tnxVHHTDu6dsDA8ViRdwUINMP5b6oD/fNAYcetD4WX4RYzGI+SBAmyilQ6406d7+DcenAJIPzDEECR0+PTCg8xPbnoAyU6sZkw4eqQwP/JriHM1kJBx84pWHnKVguDkawmmsGGIHKAtYZQjvOVre4XQsTBtN0EB+R7Wq+Zqoz93FdW5fMdvxfNX78lbtPg9huuzsxn/d/ksLsUdvbde0e1C5/Kda8muktWHEyJwkpf7P1XsN/TYJdN8OvT0T35uZhnVPyz53rCTxKyQ8AjhGJ3F2U8va4Ul6JXhcJssdCQq/fZGq4Zcpsy9D4m/SBJnvINVru9b8D75cqW1xOl1J1+ZFukH/DGNlPncSfb0SRYiJ5VaKBGEzqb7ej1G2vz1Ouemr6pcQEqcIyExBf3wD4yhqHoETso+eaIlclwR3HtHWmKUo+Fp3CUF35G7wuHegs782fcaoG8ZvihBc7bvrliaKZwTObfAKa0J2M6iE90GVa/iu6rGTK2PQ/ZU7T4NDuU16SbTLs2uxOYrRdU0jkJXkMIA9KY5/BQs9IlXaDqUIRu7dne/UBoKj/sG41S5VRVzGM1e2keZNno8JZe9rfv1lQpFg/SQh0mnrDrQJjK8C1PiU+RgfhLrKfI6rh3qzXG1S6YSIUN0yP4a7LjBbxv9PHKMTm9Ajm6BK8IlZApLRV9bsg6kAukzar/nx5iKSyC/5D4nSqesqH6wOdip2U36cnM7CQeK9AOF4U7nMaNYQDF9qa6Wkh+ogE+jNpb+Tkw9xsO56z6NiI2IIam7sa9PjiN9V1Q8GCVGDXRjwrxF84b8rwfuzkUhlGDsCaON7GThX/fbMkRhjxP2iDBX1B5LRLawfUVkmxCobpxs7muKK9criO7w+190Ix0lJJQqUTO4QTg11dVq7Ib3VnFBt/K1I5DPuBpnFyWvsDBdQF0/cSWrpfWS0tzET73+nDpZ8sIZvf9ZVlD7iZAFn1iYpglEiwokOt/LQEPo8LtdtJSy0cTwDeIo8FaMiG0H6Gmc3ZSdxqLVqd82fMApzwwzwfy8XZPPLwY2X477710/2M/1VTeniTPOIw/R/pQ/p0AuODrP5M3Ptr3Aheei2tMWtL1Wyj10nTOB1y7FZLRpyzPn1uUzwe/ziOCeCJ8U5GrQ9GD9g4aHP5qh+JcH1Q/RowvCTd8EGbb0gPLkCz0odbR6WHrZAAYOMHQYxr6pom4bHG7TkN++Pw/XUlAqD3jw3AL3KGBLzsjU61YR5LogoGWyDOh4hFG9dzWh7lm13U/wAV0fNZwEHXlTZMeSxFsWOzTiBl5SMwQygVq7xGHF/z1n0xL/J5DLoTjU/kv65Fs8dwrFDMQCbC2haCmlGzOcSn+NKeXQ31cLf0yGJ6FuzcMDhXKGF+F0REDxgXLBMDxbXx/E6DEdqCT8r0gO6LYuBpeyOc3aSExCAW/HxSBGnBXAlfQJW4+547+HmuHHh8aZ+GJqRtdpoIV2jttxt9jNQ1pX60OaKhTv2mAdW3roARbqumxS5aiiTl9VLYrRK4LOfjxYuxGisB24CzTNlC8CgV/mk776Yp20RZN2nSos8iHX/73wfiKy4dvu97x80LZCm9ovI7QiHDNjW8NJFLEFEiDjKspr+JzoFjdkaKy7t0Xg3gQ==,iv:xHBCUsokOlGc3LrPYWJo+IYMl/c+d3uL5+AKlqC+hBs=,tag:Q0xcRgo/zOWAZfYchOpWkA==,type:str]
-sops:
- age:
- - recipient: age1xkajd8seprw2an4uczmq0xjjk0xxctvsst68hgkm0lr4dteucy3snarfhv
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxVloyancvQ0FhM2cyODlS
- WWNOK1p2NUtPbzVPVnVxb2xrQzlvNHQvM2tBCjFvTExvMXlvNXcwdDdJNFpJVlVz
- WjhOMmFURkNJN05mSGlzWFVybzZaRjAKLS0tIHJqeVFzM3pKU0huY0lIUkIydEZj
- QkZaRG1MWW8yd3VsaHBLZXFIWG5tN2cKsZMOXNstkfTH5dzmF2/4p2KzXYGKIZ4f
- NEo4WMbScgV8GvBGeMIAI/NqZ7s8kTAjWL1sCBuLMSZ4sHd7CjZ5Gg==
- -----END AGE ENCRYPTED FILE-----
- - recipient: age1v76swwd0j8c7tzq3av9tftr0mjnmtu36n7h0enwxxzzu38a7uctqvasjw3
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPMnRYQzYyNENrU3d4ckJI
- RGVwcHFSNE9TRklSWGllQ1NJYTgwdUF6VmpvCjBDdW5YVEFsWG5jd3BaQ1RRRTBQ
- ZldVUXhiZzVOUFFpN09KTlhKOXc0R3MKLS0tIDR4ZFRIVHd0UFhtbmVXQUFyYlNr
- Ry9LNVg0WHc3U1ExTjh0RGZNL2Y5YkUKqdXJkCSbzCgU0I8t0XvwemvShXFrcK84
- UX53xU2JQgomcugaHaL/RJPtLes3Rz23CS59kOOnPEq/YJ5iWXbwgA==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-10-26T17:58:47Z"
- mac: ENC[AES256_GCM,data:vVkU0YVz9O0+tMtUgDUTLGZUrEqtx9eqetkSkfr2ELO09cmIbh2ZFejAjvEOrVVYVzvb1vNoajpY8YU/re4Jsbsq7BJKlXfYAV60zHXZrjJzgiLPuLe0gY2MVDR92+CJ8qG/BbLydKkcPVVleqoyHnQojNv5RSaK1/trYY/tCUw=,iv:TyotXMqncO3jgkIGDAtQlRVNCwMf9SqTgWW2EB0/r+A=,tag:KiiAh1OiGFIeUpcCmR9rSg==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/secrets/ltrr-tw/secrets.yaml b/secrets/ltrr-tw/secrets.yaml
deleted file mode 100644
index eeef2cb..0000000
--- a/secrets/ltrr-tw/secrets.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-wg-private-key: ENC[AES256_GCM,data:gAeNl8I/+g+NtDlRMXdMibgDvOdnwdiVdVs8rXLgkG2rCg83gKKn4M8/Ka0=,iv:nhVpi0aW7FmDYp/bKulg8GFJu5wiiMygVXFcKNYii+4=,tag:tWQLZYRc/kPvmJBVYXj3Zg==,type:str]
-crowdsec-enroll-key: ENC[AES256_GCM,data:0ywsFjtioikO1gNxj+vfL3m/+o9PgGeGkg==,iv:4Ki5GRCR6cnnfOY5rIYPQo2GH6rOs3pP8s1cHLKYRIc=,tag:tdL7sS5QItOeI6oJSm5EVw==,type:str]
-sops:
- age:
- - recipient: age1xkajd8seprw2an4uczmq0xjjk0xxctvsst68hgkm0lr4dteucy3snarfhv
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtbjRvYnFwRy9nLzAwR0Zo
- R1JrTDllaUpGWlArV2FZU2FyejdRbVM5ZFJNCk02MTVlalU5MTlRaVhvRkk1RVIw
- TVdOakUrL1dKYWxhUVpHMXFJSnBEQ1UKLS0tIDhsbGh2Y3FhbnJmaTBLU0poMG50
- STZvYVFnenhqY1VZclRqVmtEKzJNeGsKMLWjoASJhjtqgS/6/At2WfRDV+woq0+/
- 5Q4ANduNVoLWzKxDDVefWIfDoXm0izKTsRFjBFq0zejRxr9LkBUGIA==
- -----END AGE ENCRYPTED FILE-----
- - recipient: age1v55frla7fzursrvuxhznx9kztvlkxasaw98cu5rl5ysktrw8rfwqtfw3ju
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdVNCVUp5ZmJCRWxGaFlI
- RGxCTzdENHRtYVF3YUtXNVZxbGJYZVMydHhRCnFFT3NsVUNWR2l3dmNpQ3lwSVN3
- SGgxM3hkM05YbTVoci8vNXp1cFlLSk0KLS0tIEdwU1ZCUDVmTFRWUUN2MEFrVERF
- UWl5MWwxa2hSTStKakFxb0Q3dDZRWFkKPYPjH4B2gz7vBqAhmc+CkovXOU4qiYu9
- bdTVAwk5ijzLaS5G5Gho0ITW7dfnmg98QrFHoEMJ0qG2riUb3edB2Q==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-10-26T17:47:43Z"
- mac: ENC[AES256_GCM,data:iRT1/brxnXuwjfMI0C7tFgeMPJ6wwYgjXVnQqRpo4+efQ+5Hg1BvK8porykLIvNwoiNBpN5OLdIcq4bMaDmEN+uZB4rVokb43kAizah4etKiJ2yeX1oysyU8FwLtspRFlSq21csYdsDiyJ6HBCCUdSL3kB+8FLLcbXyKXTLENUQ=,iv:BphhRBshJ6c15wNw095oJ0cNrZgR1LHWZ1LI1taNNXo=,tag:8v547gAU99pAu0IO6tK/7A==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.10.2
diff --git a/shell.nix b/shell.nix
deleted file mode 100644
index 7c86085..0000000
--- a/shell.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-# Shell for bootstrapping flake-enabled nix and home-manager
-# You can enter it through 'nix develop' or (legacy) 'nix-shell'
-{pkgs ? (import ./nixpkgs.nix) {}}: {
- default = pkgs.mkShell {
- # Enable experimental features without having to specify the argument
- NIX_CONFIG = "experimental-features = nix-command flakes";
- nativeBuildInputs = with pkgs; [nix home-manager git neovim sops ssh-to-age];
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-24 02:13:27 +0000