├── .dir-locals.el ├── .envrc ├── .gitattributes ├── .gitignore ├── README.org ├── apparmor ├── .dir-locals.el ├── abstractions │ ├── freedesktop │ ├── pulse │ ├── pulse-deny │ ├── site │ │ ├── base │ │ └── de │ ├── user-download │ ├── user-tmp │ └── xdg-desktop ├── brave ├── chromium ├── default.nix ├── electricsheep ├── firefox ├── nginx ├── node-webkit ├── pulseaudio ├── skype ├── tunables │ ├── alias │ ├── apparmorfs │ ├── dovecot │ ├── global │ ├── home │ ├── home.d │ │ ├── site.git │ │ └── site.local │ ├── kernelvars │ ├── ntpd │ ├── proc │ ├── securityfs │ ├── sys │ ├── xdg-user-dirs │ └── xdg-user-dirs.d │ │ └── site.local ├── upwork ├── waterfox └── wine ├── containers ├── anki.nix ├── authority.nix ├── certmon.nix ├── hydroxide.nix ├── jellyfin.nix ├── klaus.nix ├── mastodon.nix ├── sandbox.nix ├── search.nix ├── secure.nix └── xmpp.nix ├── default.nix ├── deploy ├── default.nix ├── modules │ ├── deploy.nix │ ├── dns.nix │ ├── options.nix │ ├── public-ip.nix │ ├── secrets.nix │ ├── ssh.nix │ └── vpn │ │ ├── default.nix │ │ └── wireguard.nix └── scripts │ ├── default.nix │ └── switch.sh ├── emacs ├── .dir-locals.el ├── ace-window.nix ├── ahg.nix ├── all-the-icons.nix ├── android-env.nix ├── android-mode.nix ├── aria2.nix ├── auctex-latexmk.nix ├── auctex-lua.nix ├── auctex.nix ├── auth-source.nix ├── avy.nix ├── bitwarden.nix ├── bookmark.nix ├── buffer-move.nix ├── bufler.nix ├── calfw-org.nix ├── calfw.nix ├── cargo.nix ├── cl.nix ├── company-box.nix ├── company-cabal.nix ├── company-terraform.nix ├── company.nix ├── counsel-projectile.nix ├── counsel.nix ├── csharp-mode.nix ├── csproj-mode.nix ├── custom.nix ├── daemons.nix ├── dante.nix ├── dap-mode.nix ├── darcsum.nix ├── dashboard.nix ├── default.nix ├── desktop-environment.nix ├── dired-du.nix ├── direnv.nix ├── disk-usage.nix ├── doc-view.nix ├── doom-modeline.nix ├── doom-themes.nix ├── dotnet.nix ├── eglot.nix ├── el-get.nix ├── elsa.nix ├── emacs-ffi.nix ├── emacsbridge.nix ├── emms-mode-line-cycle.nix ├── emms.nix ├── envrc.nix ├── erc.nix ├── eshell-git-prompt.nix ├── eshell-z.nix ├── eterm-256color.nix ├── evil-collection.nix ├── evil.nix ├── execline.nix ├── explain-pause-mode.nix ├── exwm-config.nix ├── exwm-edit.nix ├── exwm-input.nix ├── exwm-manage.nix ├── exwm-randr.nix ├── exwm-systemtray.nix ├── exwm-workspace.nix ├── exwm-xim.nix ├── exwm.nix ├── fish-completion.nix ├── fix-input.nix ├── flycheck-elsa.nix ├── flycheck-haskell.nix ├── flycheck-jest.nix ├── flycheck-kotlin.nix ├── flycheck-pos-tip.nix ├── flycheck-posframe.nix ├── flycheck-purescript.nix ├── flycheck-rust.nix ├── flycheck.nix ├── flymake.nix ├── forge.nix ├── fsharp-mode.nix ├── fzf.nix ├── general.nix ├── gh-notify.nix ├── git-gutter.nix ├── git-timemachine.nix ├── gnus.nix ├── go-mode.nix ├── haskell-mode.nix ├── hc-zenburn-theme.nix ├── helm.nix ├── helpful.nix ├── hy-mode.nix ├── idle-highlight-mode.nix ├── ivy-clipmenu.nix ├── ivy-hydra.nix ├── ivy-purpose.nix ├── ivy-rich.nix ├── ivy.nix ├── jabber.nix ├── json-mode.nix ├── kotlin-mode.nix ├── latex-extra.nix ├── latex-pretty-symbols.nix ├── latex-preview-pane.nix ├── latex.nix ├── leaf-convert.nix ├── leaf-keywords.nix ├── log4e.nix ├── lsp-haskell.nix ├── lsp-ivy.nix ├── lsp-mode.nix ├── lsp-treemacs.nix ├── lsp-ui.nix ├── lui.nix ├── magit.nix ├── map.nix ├── mastodon.nix ├── material-theme.nix ├── matrix-client.nix ├── md4rd.nix ├── meson-mode.nix ├── minimap.nix ├── multi-vterm.nix ├── nix-buffer.nix ├── nix-mode.nix ├── nix-update.nix ├── nnreddit.nix ├── oauth2.nix ├── omnisharp.nix ├── org-jira.nix ├── org.nix ├── pinentry.nix ├── polymode.nix ├── popwin.nix ├── projectile.nix ├── purescript-mode.nix ├── racket-mode.nix ├── rcirc-color.nix ├── rcirc.nix ├── restclient.nix ├── reverse-im.nix ├── rust-mode.nix ├── s.nix ├── scraps+bufmgmt.el ├── scraps+misc.el ├── scraps+shell.el ├── shackle.nix ├── slime-company.nix ├── slime.nix ├── sln-mode.nix ├── sly.nix ├── smex.nix ├── solarized-theme.nix ├── sql.nix ├── steam.nix ├── straight.nix ├── swiper.nix ├── terraform-doc.nix ├── terraform-mode.nix ├── tex.nix ├── toml-mode.nix ├── tracking.nix ├── tramp.nix ├── transient.nix ├── treemacs-evil.nix ├── treemacs-icons-dired.nix ├── treemacs-magit.nix ├── treemacs-projectile.nix ├── treemacs.nix ├── typescript-mode.nix ├── undo-tree.nix ├── vc-darcs.nix ├── vterm-toggle.nix ├── vterm.nix ├── w3m.nix ├── web-mode.nix ├── webkit.nix ├── webpaste.nix ├── weechat.nix ├── which-key.nix ├── whitespace.nix ├── window-purpose.nix ├── xonsh-mode.nix ├── xterm-color.nix ├── yaml-mode.nix ├── yasnippet.nix └── zenburn-theme.nix ├── flake.lock ├── flake.nix ├── guix └── default.nix ├── hosts ├── NixOS.nix ├── delta │ ├── default.nix │ ├── network.nix │ ├── remote.nix │ └── xserver.nix ├── image │ └── default.nix ├── phi │ └── default.nix └── zeta │ ├── certificate.nix │ ├── default.nix │ └── network.nix ├── lib ├── dag.nix ├── elisp.nix └── utils.nix ├── modules ├── emacs.nix ├── home-manager.nix ├── misc │ ├── attrmods.nix │ ├── flake-ci.nix │ ├── headless.nix │ ├── platform.nix │ └── qemu.nix ├── networking │ ├── namespacing.nix │ ├── nftables.nix │ └── wireguard-mesh.nix ├── nixos.nix ├── programs │ ├── nix-index.nix │ └── weechat.nix ├── security │ └── mitigations.nix ├── services │ ├── gitfs.nix │ ├── grocy.nix │ ├── hydroxide │ │ └── default.nix │ ├── ipfs-cluster │ │ ├── default.json │ │ └── default.nix │ └── nix-index.nix ├── system │ └── machines.nix └── wayland │ ├── swc-launch.nix │ └── swc-servers │ ├── default.nix │ └── velox.nix ├── overlays ├── ankisyncd.nix ├── brig.nix ├── cordless.nix ├── default.nix ├── emacs.nix ├── epsxe.nix ├── git-bug.nix ├── gitfs.nix ├── gpodder.nix ├── hnix.nix ├── ini2json.nix ├── ipfs-cluster.nix ├── nftables.nix ├── nix-bundle.nix ├── nix-index-fix.patch ├── nyxt.nix ├── pointfree-fancy.nix ├── postman.nix ├── swc-debug.nix ├── webkitgtk.nix ├── weechat.nix ├── xf86videointel.nix └── xonsh.nix ├── pkgs ├── applications │ ├── display-managers │ │ └── greetd │ │ │ ├── default.nix │ │ │ └── tuigreet.nix │ ├── editors │ │ └── emacs-modes │ │ │ └── default.nix │ ├── misc │ │ ├── cfcli │ │ │ └── default.nix │ │ └── ipfscat │ │ │ └── default.nix │ ├── networking │ │ ├── mactelnet │ │ │ └── default.nix │ │ ├── mailreaders │ │ │ └── electronmail │ │ │ │ └── default.nix │ │ ├── transmission.patch │ │ └── wold │ │ │ └── default.nix │ ├── version-management │ │ ├── dgit │ │ │ └── default.nix │ │ ├── git-and-tools │ │ │ └── git-pr-mirror │ │ │ │ └── default.nix │ │ ├── git-get │ │ │ └── default.nix │ │ ├── git-remote-ipfs │ │ │ └── default.nix │ │ └── vervis │ │ │ └── default.nix │ └── window-managers │ │ ├── taiwins │ │ └── default.nix │ │ └── velox │ │ ├── default.nix │ │ ├── dmenu.nix │ │ ├── hardcode-screen-order.patch │ │ ├── st.nix │ │ ├── swc.nix │ │ └── wld.nix ├── build-support │ └── fetchdarcs │ │ ├── builder.sh │ │ └── default.nix ├── data │ └── fonts │ │ └── dejavu-nerdfont │ │ └── default.nix ├── default.nix ├── development │ └── dotnet-modules │ │ └── azure-functions-core-tools │ │ └── default.nix ├── os-specific │ └── linux │ │ └── gnome-network-displays │ │ └── default.nix ├── servers │ ├── dendrite │ │ └── default.nix │ ├── twitterpub │ │ └── default.nix │ └── yacy │ │ └── default.nix ├── shells │ └── zsh │ │ └── pure │ │ └── default.nix └── tools │ ├── misc │ ├── fsnoop │ │ └── default.nix │ ├── guix-ns │ │ └── default.nix │ └── shflags │ │ └── default.nix │ └── system │ ├── bottom │ └── default.nix │ └── wgvanity │ └── default.nix ├── profiles ├── bcachefs.nix ├── core.nix ├── develop │ ├── android │ │ └── default.nix │ ├── default.nix │ ├── dotnet │ │ └── default.nix │ ├── fish │ │ └── default.nix │ ├── golang │ │ └── default.nix │ ├── haskell │ │ └── default.nix │ ├── javascript │ │ └── default.nix │ ├── python │ │ ├── default.nix │ │ └── ptconfig.py │ └── tmux │ │ ├── default.nix │ │ ├── tmux.conf │ │ └── tmuxline.conf ├── games │ ├── default.nix │ └── udev.nix ├── graphical │ ├── default.nix │ ├── exwm │ │ └── default.nix │ ├── lxqt │ │ └── default.nix │ ├── xkb │ │ ├── default.nix │ │ └── zz.nix │ └── xmonad │ │ └── default.nix ├── meta │ └── fatal-warnings.nix ├── misc │ ├── adblocking.nix │ ├── default.nix │ ├── disable-mitigations.nix │ ├── odbc.nix │ ├── plex.nix │ ├── restartssh.nix │ ├── stubby.nix │ ├── torrent.nix │ └── udev-nosettle.nix ├── networking │ ├── bluetooth │ │ └── default.nix │ ├── ipfs │ │ └── default.nix │ ├── mdns.nix │ ├── samba │ │ └── default.nix │ ├── tor │ │ └── default.nix │ ├── traefik │ │ └── default.nix │ └── wireguard │ │ └── default.nix ├── postgres │ └── default.nix ├── security │ ├── apparmor │ │ └── default.nix │ ├── selinux │ │ └── default.nix │ └── sudo.nix ├── services │ ├── aria2 │ │ └── default.nix │ ├── guix │ │ └── default.nix │ ├── hydra │ │ └── default.nix │ ├── hydroxide │ │ └── default.nix │ ├── minecraft │ │ └── default.nix │ ├── searx │ │ └── default.nix │ ├── syncthing │ │ └── default.nix │ └── taskserver │ │ └── default.nix ├── sound │ ├── pipewire.nix │ └── pulse.nix ├── virt │ └── default.nix ├── virtualization │ └── anbox │ │ └── default.nix ├── wayland.nix └── weechat.nix ├── shell.nix └── users ├── aion.nix ├── bao.nix ├── browsers ├── firefox │ └── default.nix └── nyxt │ └── default.nix ├── company └── locationextreme │ └── default.nix ├── data └── xkb │ ├── compat │ └── chromebook │ ├── keycodes │ └── chromebook_m │ ├── keymap │ └── cb │ └── symbols │ ├── cb │ ├── chromebook │ ├── chromebook_m │ ├── chromebook_m_ralt │ └── chromebook_ralt ├── editors ├── emacs │ ├── default.nix │ ├── early-init.nix │ └── init.nix └── vim │ └── default.nix ├── leaf.nix ├── media ├── aria2 │ └── default.nix ├── gpodder │ └── default.nix ├── mpv │ └── default.nix ├── radio │ ├── default.nix │ └── streams.nix └── spotify │ └── default.nix ├── nixos.nix ├── root.nix ├── services ├── ckb │ ├── conf.nix │ └── default.nix ├── gnupg │ └── default.nix ├── mpd │ └── default.nix └── velox │ └── default.nix ├── shells ├── fish │ └── default.nix └── xonsh │ ├── default.nix │ └── fish_history.xsh └── utilities ├── darcs └── default.nix ├── git └── default.nix ├── htop └── default.nix ├── ssh └── default.nix └── tmux └── default.nix /.dir-locals.el: -------------------------------------------------------------------------------- 1 | ;;; Directory Local Variables 2 | ;;; For more information see (info "(emacs) Directory Variables") 3 | 4 | ((nil . ( 5 | ;(eval . (set (make-local-variable 'default-directory) 6 | ; (locate-dominating-file buffer-file-name ".dir-locals.el"))) 7 | (compile-command . "env TERM=dumb nix run -vv '.#delta' --show-trace") 8 | (eval . (setq projectile-project-compilation-cmd 9 | "env TERM=dumb nix build --show-trace -vv && ./result && git push")) 10 | ))) 11 | -------------------------------------------------------------------------------- /.envrc: -------------------------------------------------------------------------------- 1 | if [ -f flake.lock ] && [ -f flake.nix ]; then 2 | # reload when these files change 3 | watch_file flake.nix 4 | watch_file flake.lock 5 | # load the flake devShell 6 | if [ ! -d $(direnv_layout_dir) ]; then 7 | mkdir $(direnv_layout_dir) 8 | fi 9 | eval "$(nix --experimental-features 'nix-command flakes' print-dev-env --profile "$(direnv_layout_dir)/flake-profile")" 10 | elif type lorri &>/dev/null; then 11 | echo "direnv: using lorri from PATH ($(type -p lorri))" 12 | eval "$(lorri direnv)" 13 | else 14 | # fall back to using direnv's builtin nix support 15 | # to prevent bootstrapping problems. 16 | use nix 17 | fi 18 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | .gitattributes !filter !diff 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | result-* 2 | result 3 | .direnv/ 4 | .# 5 | .git 6 | -------------------------------------------------------------------------------- /README.org: -------------------------------------------------------------------------------- 1 | flake.nix -------------------------------------------------------------------------------- /apparmor/.dir-locals.el: -------------------------------------------------------------------------------- 1 | ;; -*- mode: emacs-lisp; -*- 2 | ;;; Directory Local Variables 3 | ;;; For more information see (info "(emacs) Directory Variables") 4 | 5 | ((nil . ((mode . nix)))) 6 | -------------------------------------------------------------------------------- /apparmor/abstractions/pulse: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/audio" 3 | 4 | # Started on-demand 5 | /usr/bin/pulseaudio pxrm, 6 | 7 | ## Site-local symlinks 8 | #@{SYS_GIT}/sys/pulse/* r, 9 | #@{SYS_GIT}/sys/asound.conf r, 10 | #@{SYS_GIT}/sys/secure/pulse.cookie rk, 11 | 12 | /tmp/orcexec.* m, 13 | owner /run/user/*/orcexec.* rwkm, 14 | deny owner @{HOME}/orcexec.* m, 15 | '' 16 | -------------------------------------------------------------------------------- /apparmor/abstractions/pulse-deny: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | deny /usr/bin/pulseaudio xrm, 3 | 4 | deny /dev/shm/ r, 5 | deny /run/user/*/pulse/ rw, 6 | deny /usr/share/alsa/alsa.conf r, 7 | deny /dev/snd/* rw, 8 | 9 | deny /tmp/orcexec.* m, 10 | deny /run/user/*/orcexec.* rwkm, 11 | deny @{HOME}/orcexec.* m, 12 | 13 | ## Site-local symlinks 14 | #deny @{SYS_GIT}/sys/pulse/* r, 15 | #deny @{SYS_GIT}/sys/asound.conf r, 16 | #deny @{SYS_GIT}/sys/secure/pulse.cookie r, 17 | '' 18 | -------------------------------------------------------------------------------- /apparmor/abstractions/site/base: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | /etc/machine-id r, 3 | 4 | /sys/devices/system/cpu/ r, 5 | /sys/devices/system/cpu/** r, 6 | 7 | owner @{PROC}/@{pid}/stat r, 8 | owner @{PROC}/@{pid}/cmdline r, 9 | 10 | # compatibility .so files from old packages 11 | /opt/compat/*.so* mr, 12 | 13 | # Blacklist here shouldn't be relied upon for actual deny, only for audit 14 | # private-tmp in wrapper scripts is the proper solution for not sharing stuff there 15 | audit deny /tmp/{ssh,gpg}-*/** rwlkmx, 16 | audit deny /tmp/{u,}screens/** rwlkmx, 17 | audit deny /tmp/tmux-*/** rwlkmx, 18 | audit deny /tmp/emacs*/** rwlkmx, 19 | audit deny /tmp/systemd-*/** rwlkmx, 20 | audit deny /tmp/claws-mail-*/** rwlkmx, 21 | audit deny /tmp/efreetd_* rwlkmx, 22 | '' 23 | -------------------------------------------------------------------------------- /apparmor/abstractions/site/de: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | /etc/pango/*/pango.modules r, 3 | /etc/mailcap r, 4 | #@{SYS_GIT}/app/X/drirc r, 5 | 6 | #owner @{HOME_GIT}/fonts.conf r, 7 | #owner @{HOME_GIT}/app_defaults.list r, 8 | #owner @{HOME_GIT}/gtkrc-2.0 r, 9 | #owner @{HOME_GIT}/gtkrc-3.0 r, 10 | #owner @{HOME_GIT}/gtk-bookmarks-2.0 r, 11 | #owner @{HOME_GIT}/gtk-bookmarks-3.0 r, 12 | #owner @{HOME_GIT}/gtk-3.0.css r, 13 | /usr/share/gtk-2.0/gtkrc r, 14 | /usr/share/gtk-3.0/settings.ini r, 15 | 16 | # Custom GTK3 theme/icon dirs 17 | owner @{HOME}/.themes/ r, 18 | owner @{HOME}/.themes/** r, 19 | owner @{HOME}/.icons/ r, 20 | owner @{HOME}/.icons/** r, 21 | 22 | # Custom xdg icon path, specs and such stuff 23 | owner @{HOME}/.xdg/** r, 24 | #owner @{HOME_GIT}/xdg/** r, 25 | 26 | # Disable gstreamer stuff, not used for anything relevant here 27 | deny /usr/lib/gstreamer-*/gst-plugin-scanner x, 28 | deny owner @{HOME}/.cache/gstreamer-*/ rw, 29 | '' 30 | -------------------------------------------------------------------------------- /apparmor/abstractions/user-download: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | owner @{HOME}/[dD]ownload{,s}/ r, 3 | owner @{HOME}/[dD]ownload{,s}/** rwl, 4 | owner @{HOME}/@{XDG_DESKTOP_DIR}/ r, 5 | owner @{HOME}/@{XDG_DESKTOP_DIR}/* rwl, 6 | owner @{HOME}/@{XDG_DOWNLOAD_DIR}/ r, 7 | owner @{HOME}/@{XDG_DOWNLOAD_DIR}/* rwl, 8 | '' 9 | -------------------------------------------------------------------------------- /apparmor/abstractions/user-tmp: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2002-2009 Novell/SUSE 5 | # Copyright (C) 2009-2010 Canonical Ltd. 6 | # 7 | # This program is free software; you can redistribute it and/or 8 | # modify it under the terms of version 2 of the GNU General Public 9 | # License published by the Free Software Foundation. 10 | # 11 | # ------------------------------------------------------------------ 12 | 13 | # per-user tmp directories 14 | owner @{HOME}/tmp/** rwkl, 15 | owner @{HOME}/tmp/ rw, 16 | 17 | # global tmp directories 18 | owner /var/tmp/** rwkl, 19 | /var/tmp/ rw, 20 | owner /tmp/** rwkl, 21 | /tmp/ rw, 22 | '' 23 | -------------------------------------------------------------------------------- /apparmor/abstractions/xdg-desktop: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # vim:syntax=apparmor 3 | # ------------------------------------------------------------------ 4 | # 5 | # Copyright (C) 2012 Canonical Ltd. 6 | # 7 | # This program is free software; you can redistribute it and/or 8 | # modify it under the terms of version 2 of the GNU General Public 9 | # License published by the Free Software Foundation. 10 | # 11 | # ------------------------------------------------------------------ 12 | 13 | # Entries based on: 14 | # http://standards.freedesktop/basedir-spec/basedir-spec-latest.html 15 | 16 | owner @{HOME}/.cache/ rw, 17 | 18 | owner @{HOME}/.config/ rw, 19 | 20 | owner @{HOME}/.local/ rw, 21 | owner @{HOME}/.local/share/ rw, 22 | 23 | # fallbacks 24 | /usr/share/ r, 25 | /usr/local/share/ r, 26 | '' 27 | -------------------------------------------------------------------------------- /apparmor/electricsheep: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | include 3 | 4 | /usr/bin/electricsheep { 5 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/base" 6 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/X" 7 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/nameservice" 8 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/bash" 9 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/consoles" 10 | include 11 | include 12 | 13 | /usr/bin/bash ix, 14 | /usr/bin/xset ix, 15 | /usr/bin/which ix, 16 | 17 | /usr/share/electricsheep/ r, 18 | /usr/share/electricsheep/** r, 19 | @{HOME}/.electricsheep/ rwk, 20 | @{HOME}/.electricsheep/** rwk, 21 | 22 | network, 23 | } 24 | '' 25 | -------------------------------------------------------------------------------- /apparmor/nginx: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | include 3 | 4 | /usr/bin/nginx { 5 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/base" 6 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/nameservice" 7 | 8 | /etc/nginx/** r, 9 | /etc/ssl/** r, 10 | /etc/core/** r, # site-local config dir 11 | 12 | /run/nginx.pid rwk, 13 | /var/{log,lib,cache}/nginx/** rwmk, 14 | /run/uwsgi/** rw, 15 | 16 | /usr/share/nginx/html r, 17 | /usr/share/nginx/html/** r, 18 | /srv/www r, 19 | /srv/www/** r, 20 | /var/empty r, 21 | /var/empty/** r, 22 | 23 | # Checks for lot of capabilities on start, fails if check is denied 24 | capability dac_read_search dac_override net_bind_service setuid setgid, 25 | /proc/sys/kernel/random/boot_id r, 26 | 27 | network inet tcp, 28 | network inet udp, 29 | network inet icmp, 30 | } 31 | '' 32 | -------------------------------------------------------------------------------- /apparmor/node-webkit: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | include 3 | 4 | /home/*/.nw/nw { 5 | 6 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/base" 7 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/nameservice" 8 | include 9 | include "${pkgs.apparmor-profiles}/etc/apparmor.d/abstractions/X" 10 | include 11 | include 12 | include 13 | 14 | owner @{HOME}/.nw/ r, 15 | owner @{HOME}/.nw/** mr, 16 | owner @{HOME}/.nw/nw ix, 17 | owner @{HOME}/.nw/config/** mrwk, 18 | 19 | owner @{HOME}/.config/node-webkit/ rw, 20 | owner @{HOME}/.config/node-webkit/** rwmk, 21 | 22 | ## planetscape app 23 | / r, 24 | /usr/bin/mtr Ux, 25 | /usr/bin/ss Ux, 26 | 27 | network, 28 | 29 | } 30 | '' 31 | -------------------------------------------------------------------------------- /apparmor/tunables/alias: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2010 Canonical Ltd. 5 | # 6 | # This program is free software; you can redistribute it and/or 7 | # modify it under the terms of version 2 of the GNU General Public 8 | # License published by the Free Software Foundation. 9 | # 10 | # ------------------------------------------------------------------ 11 | 12 | # Alias rules can be used to rewrite paths and are done after variable 13 | # resolution. For example, if '/usr' is on removable media: 14 | # alias /usr/ -> /mnt/usr/, 15 | # 16 | # Or if mysql databases are stored in /home: 17 | # alias /var/lib/mysql/ -> /home/mysql/, 18 | '' 19 | -------------------------------------------------------------------------------- /apparmor/tunables/apparmorfs: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # Copyright (C) 2012 Canonical Ltd. 3 | # 4 | # This program is free software; you can redistribute it and/or 5 | # modify it under the terms of version 2 of the GNU General Public 6 | # License published by the Free Software Foundation. 7 | # 8 | # ------------------------------------------------------------------ 9 | 10 | include 11 | 12 | @{apparmorfs}=@{securityfs}/apparmor/ 13 | '' 14 | -------------------------------------------------------------------------------- /apparmor/tunables/dovecot: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2013 Christian Boltz 5 | # 6 | # This program is free software; you can redistribute it and/or 7 | # modify it under the terms of version 2 of the GNU General Public 8 | # License published by the Free Software Foundation. 9 | # 10 | # ------------------------------------------------------------------ 11 | # vim:ft=apparmor 12 | 13 | # @{DOVECOT_MAILSTORE} is a space-separated list of all directories 14 | # where dovecot is allowed to store and read mails 15 | # 16 | # The default value is quite broad to avoid breaking existing setups. 17 | # Please change @{DOVECOT_MAILSTORE} to (only) contain the directory 18 | # you use, and remove everything else. 19 | 20 | @{DOVECOT_MAILSTORE}=@{HOME}/Maildir/ @{HOME}/mail/ @{HOME}/Mail/ /var/vmail/ /var/mail/ /var/spool/mail/ 21 | 22 | '' 23 | -------------------------------------------------------------------------------- /apparmor/tunables/global: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2006-2009 Novell/SUSE 5 | # Copyright (C) 2010-2014 Canonical Ltd. 6 | # 7 | # This program is free software; you can redistribute it and/or 8 | # modify it under the terms of version 2 of the GNU General Public 9 | # License published by the Free Software Foundation. 10 | # 11 | # ------------------------------------------------------------------ 12 | 13 | # All the tunables definitions that should be available to every profile 14 | # should be included here 15 | 16 | include 17 | include 18 | include 19 | include 20 | include 21 | '' 22 | -------------------------------------------------------------------------------- /apparmor/tunables/home: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2006-2009 Novell/SUSE 5 | # Copyright (C) 2010 Canonical Ltd. 6 | # 7 | # This program is free software; you can redistribute it and/or 8 | # modify it under the terms of version 2 of the GNU General Public 9 | # License published by the Free Software Foundation. 10 | # 11 | # ------------------------------------------------------------------ 12 | 13 | # @{HOME} is a space-separated list of all user home directories. While 14 | # it doesn't refer to a specific home directory (AppArmor doesn't 15 | # enforce discretionary access controls) it can be used as if it did 16 | # refer to a specific home directory 17 | @{HOME}=@{HOMEDIRS}/*/ /root/ 18 | 19 | # @{HOMEDIRS} is a space-separated list of where user home directories 20 | # are stored, for programs that must enumerate all home directories on a 21 | # system. 22 | @{HOMEDIRS}=/home/ 23 | 24 | # Also, include files in tunables/home.d for site-specific adjustments to 25 | # @{HOMEDIRS}. 26 | include 27 | '' 28 | -------------------------------------------------------------------------------- /apparmor/tunables/home.d/site.git: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # "dotfiles" git repo 3 | @{HOME_GIT}=@{HOME}/hatch/cFG/ 4 | 5 | # Have ~/bin path symlinked to a git repo, hence the abstraction 6 | @{HOME_BIN}=@{HOME}/bin/ @{HOME_GIT}/bin/ 7 | 8 | # "system-wide configs" git repo 9 | @{SYS_GIT}=/etc/core/ 10 | '' 11 | -------------------------------------------------------------------------------- /apparmor/tunables/home.d/site.local: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2010 Canonical Ltd. 5 | # This program is free software; you can redistribute it and/or 6 | # modify it under the terms of version 2 of the GNU General Public 7 | # License published by the Free Software Foundation. 8 | # 9 | # ------------------------------------------------------------------ 10 | 11 | # The following is a space-separated list of where additional user home 12 | # directories are stored, each must have a trailing '/'. Directories added 13 | # here are appended to @{HOMEDIRS}. See tunables/home for details. Eg: 14 | #@{HOMEDIRS}+=/srv/nfs/home/ /mnt/home/ 15 | '' 16 | -------------------------------------------------------------------------------- /apparmor/tunables/kernelvars: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # Copyright (C) 2012 Canonical Ltd. 3 | # 4 | # This program is free software; you can redistribute it and/or 5 | # modify it under the terms of version 2 of the GNU General Public 6 | # License published by the Free Software Foundation. 7 | # 8 | # ------------------------------------------------------------------ 9 | 10 | # This file should contain declarations to kernel vars or variables 11 | # that will become kernel vars at some point 12 | 13 | # until kernel vars are implemented 14 | # and until the parser supports nested groupings like 15 | # @{pid}=[1-9]{[0-9]{[0-9]{[0-9]{[0-9]{[0-9],},},},},} 16 | # use 17 | @{pid}={[1-9],[1-9][0-9],[1-9][0-9][0-9],[1-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9]} 18 | 19 | #same pattern as @{pid} for now 20 | @{tid}=@{pid} 21 | 22 | #A pattern for pids that can appear 23 | @{pids}=@{pid} 24 | '' 25 | -------------------------------------------------------------------------------- /apparmor/tunables/ntpd: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # Last Modified: Thu Aug 2 14:37:03 2007 3 | # ------------------------------------------------------------------ 4 | # 5 | # Copyright (C) 2002-2005 Novell/SUSE 6 | # 7 | # This program is free software; you can redistribute it and/or 8 | # modify it under the terms of version 2 of the GNU General Public 9 | # License published by the Free Software Foundation. 10 | # 11 | # ------------------------------------------------------------------ 12 | 13 | #Add your ntpd devices here eg. if you have a DCF clock 14 | # @{NTPD_DEVICE}=/dev/ttyS* 15 | @{NTPD_DEVICE}="/dev/tty10" 16 | '' 17 | -------------------------------------------------------------------------------- /apparmor/tunables/proc: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2006 Novell/SUSE 5 | # 6 | # This program is free software; you can redistribute it and/or 7 | # modify it under the terms of version 2 of the GNU General Public 8 | # License published by the Free Software Foundation. 9 | # 10 | # ------------------------------------------------------------------ 11 | 12 | # @{PROC} is the location where procfs is mounted. 13 | @{PROC}=/proc/ 14 | '' 15 | -------------------------------------------------------------------------------- /apparmor/tunables/securityfs: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # Copyright (C) 2012 Canonical Ltd. 3 | # 4 | # This program is free software; you can redistribute it and/or 5 | # modify it under the terms of version 2 of the GNU General Public 6 | # License published by the Free Software Foundation. 7 | # 8 | # ------------------------------------------------------------------ 9 | 10 | include 11 | 12 | # @{securityfs} is the location where securityfs is mounted. 13 | @{securityfs}=@{sys}/kernel/security/ 14 | '' 15 | -------------------------------------------------------------------------------- /apparmor/tunables/sys: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # Copyright (C) 2012 Canonical Ltd. 3 | # 4 | # This program is free software; you can redistribute it and/or 5 | # modify it under the terms of version 2 of the GNU General Public 6 | # License published by the Free Software Foundation. 7 | # 8 | # ------------------------------------------------------------------ 9 | 10 | # @{sys} is the location where sysfs is mounted. 11 | @{sys}=/sys/ 12 | '' 13 | -------------------------------------------------------------------------------- /apparmor/tunables/xdg-user-dirs: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2014 Canonical Ltd. 5 | # 6 | # This program is free software; you can redistribute it and/or 7 | # modify it under the terms of version 2 of the GNU General Public 8 | # License published by the Free Software Foundation. 9 | # 10 | # ------------------------------------------------------------------ 11 | 12 | # Define the common set of XDG user directories (usually defined in 13 | # /etc/xdg/user-dirs.defaults) 14 | @{XDG_DESKTOP_DIR}="Desktop" 15 | @{XDG_DOWNLOAD_DIR}="Downloads" 16 | @{XDG_TEMPLATES_DIR}="Templates" 17 | @{XDG_PUBLICSHARE_DIR}="Public" 18 | @{XDG_DOCUMENTS_DIR}="Documents" 19 | @{XDG_MUSIC_DIR}="Music" 20 | @{XDG_PICTURES_DIR}="Pictures" 21 | @{XDG_VIDEOS_DIR}="Videos" 22 | 23 | # Also, include files in tunables/xdg-user-dirs.d for site-specific adjustments 24 | # to the various XDG directories 25 | include 26 | '' 27 | -------------------------------------------------------------------------------- /apparmor/tunables/xdg-user-dirs.d/site.local: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: '' 2 | # ------------------------------------------------------------------ 3 | # 4 | # Copyright (C) 2014 Canonical Ltd. 5 | # This program is free software; you can redistribute it and/or 6 | # modify it under the terms of version 2 of the GNU General Public 7 | # License published by the Free Software Foundation. 8 | # 9 | # ------------------------------------------------------------------ 10 | 11 | # The following may be used to add additional entries such as for 12 | # translations. See tunables/xdg-user-dirs for details. Eg: 13 | #@{XDG_MUSIC_DIR}+="Musique" 14 | 15 | #@{XDG_DESKTOP_DIR}+="" 16 | #@{XDG_DOWNLOAD_DIR}+="" 17 | #@{XDG_TEMPLATES_DIR}+="" 18 | #@{XDG_PUBLICSHARE_DIR}+="" 19 | #@{XDG_DOCUMENTS_DIR}+="" 20 | #@{XDG_MUSIC_DIR}+="" 21 | #@{XDG_PICTURES_DIR}+="" 22 | #@{XDG_VIDEOS_DIR}+="" 23 | '' 24 | -------------------------------------------------------------------------------- /containers/anki.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | let 4 | hostAddress = "10.9.0.1"; 5 | localAddress = "10.9.0.2"; 6 | in { 7 | containers.anki = 8 | { 9 | autoStart = true; 10 | enableTun = true; 11 | privateNetwork = true; 12 | inherit hostAddress localAddress; 13 | 14 | config = 15 | { config, stdenv, ... }: 16 | 17 | { 18 | nixpkgs.pkgs = pkgs; 19 | 20 | environment.systemPackages = with pkgs; [ 21 | ankisyncd 22 | ]; 23 | 24 | services.ankisyncd = { 25 | enable = true; 26 | host = localAddress; 27 | openFirewall = false; 28 | port = 27701; 29 | }; 30 | }; 31 | }; 32 | } 33 | -------------------------------------------------------------------------------- /containers/authority.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ step-cli ]; 5 | 6 | containers.authority = { 7 | autoStart = true; 8 | enableTun = true; 9 | privateNetwork = true; 10 | hostAddress = "10.4.0.1"; 11 | localAddress = "10.4.0.2"; 12 | config = 13 | { config, ... }: 14 | { 15 | environment.systemPackages = with pkgs; [ step-cli step-ca ]; 16 | 17 | systemd.services.step-ca = { 18 | description = "Step CA Daemon"; 19 | script = with pkgs; ''${systemd}/bin/systemd-ask-password --timeout=3600 --no-tty 'CA Password:' | ${step-ca}/bin/step-ca config/ca.json --password-file /dev/stdin''; 20 | serviceConfig = { 21 | WorkingDirectory = "/var/lib/step/"; 22 | Restart = "always"; 23 | }; 24 | wantedBy = [ "multi-user.target" ]; 25 | }; 26 | 27 | networking.firewall.enable = false; 28 | }; 29 | bindMounts = { 30 | "/var/lib/step" = { 31 | hostPath = "/var/lib/step"; 32 | isReadOnly = false; 33 | }; 34 | "/run/systemd/ask-password" = { 35 | hostPath = "/run/systemd/ask-password"; 36 | isReadOnly = false; 37 | }; 38 | "/run/systemd/ask-password-block" = { 39 | hostPath = "/run/systemd/ask-password-block"; 40 | isReadOnly = false; 41 | }; 42 | }; 43 | }; 44 | } 45 | -------------------------------------------------------------------------------- /containers/hydroxide.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, usr, ... }: 2 | 3 | let 4 | hostAddress = "10.8.0.1"; 5 | localAddress = "10.8.0.2"; 6 | in { 7 | containers.hydroxide = 8 | { 9 | autoStart = true; 10 | enableTun = true; 11 | privateNetwork = true; 12 | inherit hostAddress localAddress; 13 | 14 | config = 15 | { config, stdenv, ... }: 16 | 17 | { 18 | _module.args = { inherit usr; }; 19 | 20 | imports = [ 21 | ../modules/services/hydroxide 22 | ../profiles/services/hydroxide 23 | ]; 24 | 25 | nixpkgs.pkgs = pkgs; 26 | 27 | environment.systemPackages = with pkgs; [ 28 | hydroxide 29 | ]; 30 | 31 | services.hydroxide.host = localAddress; 32 | }; 33 | }; 34 | } 35 | -------------------------------------------------------------------------------- /containers/klaus.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, domains, ... }: 2 | 3 | let 4 | klaus = pkgs.klaus.overrideAttrs (v: { 5 | propagatedBuildInputs = v.propagatedBuildInputs ++ [ 6 | pkgs.python3.pkgs.python-ctags3 7 | ]; 8 | }); 9 | in { 10 | environment.systemPackages = [ 11 | klaus 12 | ]; 13 | 14 | isolation.scopes.klaus = { 15 | nixos = { ... }: { 16 | networking.firewall.enable = false; 17 | 18 | environment.systemPackages = (with pkgs; [ 19 | yq yj jq git darcs pijul subversion mercurial 20 | ]) ++ [ klaus ]; 21 | 22 | systemd.services.klaus = { 23 | path = [ pkgs.git pkgs.ctags ]; 24 | environment = { 25 | PORT = "3000"; 26 | HOST = "0.0.0.0"; 27 | DOMAIN = "dev.${domains.home}"; 28 | CTAGS = "tags-and-branches"; 29 | PATHS = lib.concatMapStringsSep " " (n: "/srv/${n}") [ 30 | "nixrc" 31 | ]; 32 | }; 33 | serviceConfig = { 34 | ExecStart = "${klaus}/bin/klaus --host $HOST --port $PORT --site-name $DOMAIN --ctags $CTAGS --smarthttp $PATHS"; 35 | }; 36 | wantedBy = [ "default.target" ]; 37 | }; 38 | }; 39 | }; 40 | 41 | containers.klaus = { 42 | bindMounts = { 43 | "/srv" = { 44 | hostPath = "/srv/git"; 45 | isReadOnly = false; 46 | }; 47 | "/etc/ssh" = { 48 | hostPath = "/etc/ssh"; 49 | isReadOnly = true; 50 | }; 51 | }; 52 | }; 53 | 54 | systemd.tmpfiles.rules = [ 55 | "d /srv/git 1777 root root -" 56 | ]; 57 | } 58 | -------------------------------------------------------------------------------- /containers/sandbox.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | systemd.nspawn.sandbox = { 5 | aliases = [ "sandbox" ]; 6 | execConfig = { 7 | Boot = true; 8 | }; 9 | filesConfig = { 10 | BindReadOnly = [ 11 | "/home:/var/home/lower" 12 | "/etc/sandbox/fstab:/etc/fstab" 13 | "/etc/sandbox/hostname:/etc/hostname" 14 | ]; 15 | Bind = [ "/srv" ]; 16 | }; 17 | networkConfig = { 18 | VirtualEthernet = true; 19 | }; 20 | wantedBy = [ 21 | "multi-user.target" 22 | ]; 23 | requiredBy = [ 24 | "network-link-ve-sandbox.service" 25 | ]; 26 | }; 27 | systemd.units."network-link-ve-sandbox.service".requiredBy = [ 28 | "systemd-nspawn@sandbox.service" 29 | ]; 30 | networking.interfaces.ve-sandbox = { 31 | useDHCP = true; 32 | ipv4 = { 33 | addresses = [ 34 | { address = "10.1.0.1"; prefixLength = 32; } 35 | ]; 36 | routes = [ 37 | { address = "10.1.0.2"; prefixLength = 32; options = { src = "10.1.0.1"; }; } 38 | ]; 39 | }; 40 | }; 41 | environment.etc.sandbox-fstab = { 42 | target = "sandbox/fstab"; 43 | text = '' 44 | # 45 | tmpfs /var/home tmpfs rw,nosuid,noatime,size=512m 0 0 46 | overlayfs /home overlay rw,lowerdir=/var/home/lower,upperdir=/var/home/upper,workdir=/var/home/work 0 0 47 | /srv/sync/Sources /usr/local/src none rw,bind 0 0 48 | ''; 49 | }; 50 | } 51 | -------------------------------------------------------------------------------- /containers/search.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | containers.search = 5 | { 6 | autoStart = true; 7 | enableTun = true; 8 | privateNetwork = true; 9 | hostAddress = "10.5.0.1"; 10 | localAddress = "10.5.0.2"; 11 | config = 12 | { config, stdenv, ... }: 13 | 14 | { 15 | systemd.services.yacy = 16 | with pkgs; { 17 | description = "Yacy P2P Search Engine"; 18 | after = [ "network.target" ]; 19 | path = [ 20 | which 21 | getopt 22 | openjdk 23 | ]; 24 | environment = { 25 | YACY_DATA_PATH = "${pkgs.yacy}/yacy"; 26 | YACY_PARENT_DATA_PATH = "${pkgs.yacy}/yacy"; 27 | }; 28 | serviceConfig = { 29 | WorkingDirectory = "${pkgs.yacy}/yacy"; 30 | TimeoutStopSec = "50"; 31 | RestartSec = "3"; 32 | }; 33 | script = "set -x; . ${pkgs.yacy}/yacy/env.sh; ${pkgs.openjdk}/bin/java $JAVA_ARGS -classpath $CLASSPATH net.yacy.yacy"; 34 | preStop = "set -x; . ${pkgs.yacy}/yacy/env.sh; ${pkgs.openjdk}/bin/java $JAVA_ARGS -cp $CLASSPATH net.yacy.yacy -shutdown"; 35 | wantedBy = [ "multi-user.target" ]; 36 | }; 37 | 38 | networking.firewall.enable = false; 39 | }; 40 | bindMounts = { 41 | "/var/lib/yacy" = { 42 | hostPath = "/var/lib/yacy"; 43 | isReadOnly = false; 44 | }; 45 | }; 46 | }; 47 | } 48 | -------------------------------------------------------------------------------- /containers/secure.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | containers.secure = { 5 | autoStart = true; 6 | enableTun = true; 7 | privateNetwork = true; 8 | hostAddress = "10.2.0.1"; 9 | localAddress = "10.2.0.2"; 10 | config = 11 | { config, ... }: 12 | { 13 | }; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /default.nix: -------------------------------------------------------------------------------- 1 | { system ? builtins.currentSystem, ... }: 2 | 3 | let 4 | lock = builtins.fromJSON (builtins.readFile ./flake.lock); 5 | locked-state = lock.nodes.flake-compat.locked; 6 | flake-compat = import (fetchTarball ( 7 | if builtins.pathExists ./flake.lock && builtins.hasAttr "flake-compat" lock.nodes 8 | then { 9 | url = "https://github.com/edolstra/flake-compat/archive/${locked-state.rev}.tar.gz"; 10 | hash = locked-state.narHash; 11 | } 12 | else https://github.com/edolstra/flake-compat/archive/master.tar.gz)); 13 | flake = flake-compat { src = ./.; }; 14 | self = if builtins ? getFlake then builtins.getFlake (toString ./.) else flake.defaultNix; 15 | hostname = with builtins; head (split "\n" (readFile /etc/hostname)); 16 | maybe = c: let result = builtins.tryEval c; in if result.success then result.value else {}; 17 | in rec { inherit flake-compat flake lock; inherit self; inputs = self.passthru.inputs // { inherit self; }; } 18 | // maybe self // maybe (self.passthru or {}) 19 | // maybe self.defaultPackage.${system} 20 | // maybe self.defaultPackage.${system}.config.nodes 21 | // maybe self.defaultPackage.${system}.config.nodes.${hostname}.configuration 22 | // maybe { 23 | inherit (self.defaultPackage.${system}.config.nodes.${hostname}.configuration._pkgs) pkgs lib; 24 | options = rec { 25 | deploy = self.defaultPackage.x86_64-linux.options; 26 | nodes = deploy.nodes.type.getSubOptions []; 27 | nixos = nodes.configuration.type.getSubOptions []; 28 | home = nixos.home-manager.users.type.getSubOptions []; 29 | }; 30 | } 31 | -------------------------------------------------------------------------------- /deploy/default.nix: -------------------------------------------------------------------------------- 1 | nixusArgs: conf: let 2 | inherit (nixusArgs) nixpkgs; 3 | 4 | extendLib = super: 5 | let 6 | lib = super.extend (import ../lib/dag.nix); 7 | self = if nixusArgs ? libOverlay 8 | then lib.extend nixusArgs.libOverlay 9 | else lib; 10 | in self; 11 | 12 | nixusPkgs = import nixpkgs { 13 | config = {}; 14 | overlays = [ 15 | (self: super: { lib = extendLib super.lib; }) 16 | ]; 17 | system = nixusArgs.deploySystem or builtins.currentSystem; 18 | }; 19 | 20 | result = nixusPkgs.lib.evalModules { 21 | modules = [ 22 | modules/options.nix 23 | modules/deploy.nix 24 | modules/secrets.nix 25 | modules/ssh.nix 26 | modules/public-ip.nix 27 | modules/dns.nix 28 | modules/vpn 29 | conf 30 | # Not naming it pkgs to avoid confusion and trouble for overriding scopes 31 | { 32 | _module.args.nixus = { 33 | pkgs = nixusPkgs; 34 | inherit extendLib; 35 | }; 36 | _module.args.pkgs = throw "You're trying to access the pkgs argument from a Nixus module, use the nixus argument instead and use nixus.pkgs from that."; 37 | } 38 | ]; 39 | }; 40 | in result 41 | -------------------------------------------------------------------------------- /deploy/modules/public-ip.nix: -------------------------------------------------------------------------------- 1 | { lib, ... }: 2 | let 3 | inherit (lib) types; 4 | in { 5 | 6 | options.defaults = lib.mkOption { 7 | type = types.submodule { 8 | options.configuration = lib.mkOption { 9 | type = types.submoduleWith { 10 | modules = [({ options, ... }: { 11 | options.networking.public = { 12 | 13 | ipv4 = lib.mkOption { 14 | type = types.str; 15 | description = "Default public IPv4 address."; 16 | }; 17 | hasIpv4 = lib.mkOption { 18 | type = types.bool; 19 | readOnly = true; 20 | default = options.networking.public.ipv4.isDefined; 21 | description = "Whether this node has a public ipv4 address."; 22 | }; 23 | 24 | ipv6 = lib.mkOption { 25 | type = types.str; 26 | description = "Default public IPv6 address."; 27 | }; 28 | hasIpv6 = lib.mkOption { 29 | type = types.bool; 30 | readOnly = true; 31 | default = options.networking.public.ipv6.isDefined; 32 | description = "Whether this node has a public ipv6 address."; 33 | }; 34 | 35 | }; 36 | })]; 37 | }; 38 | }; 39 | }; 40 | }; 41 | 42 | } 43 | -------------------------------------------------------------------------------- /emacs/.dir-locals.el: -------------------------------------------------------------------------------- 1 | ;;; Directory Local Variables 2 | ;;; For more information see (info "(emacs) Directory Variables") 3 | 4 | ((nix-mode . ((mode . nix-dsquoted-emacslisp)))) 5 | -------------------------------------------------------------------------------- /emacs/ace-window.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ace-window = { 5 | enable = false; 6 | demand = true; 7 | bind = { 8 | "M-m" = "ace-window"; # deprecating 9 | "s-m" = "ace-window"; # usurped from switch-window 10 | }; 11 | config = '' 12 | (setq aw-keys '(?a ?s ?d ?f ?g ?h ?j ?k ?l) 13 | aw-dispatch-always t 14 | aw-scope 'global 15 | aw-minibuffer-flag t) 16 | (ace-window-display-mode) 17 | (exwm-input-set-key (kbd "s-m") 'ace-window) 18 | (exwm-input--update-global-prefix-keys) 19 | ''; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /emacs/ahg.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ahg = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/all-the-icons.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.all-the-icons = { 5 | demand = true; 6 | systemDeps = with pkgs; [ emacs-all-the-icons-fonts ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/android-env.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.android-env = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/android-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.android-mode = { 5 | demand = true; 6 | config = '' 7 | (setq-default adb-host "192.168.0.3") 8 | (defun adb-connect (host) 9 | "Connect ADB Daemon to HOST." 10 | (interactive (list (read-string (format "Android Device Host [%s]: " adb-host) nil nil adb-host))) 11 | (let ((adb (android-tool-path "adb"))) 12 | (with-temp-buffer 13 | (let ((exit-code (call-process adb nil (current-buffer) nil "connect" host))) 14 | (progn 15 | (goto-char (point-max)) 16 | (delete-backward-char 1) 17 | (message "%s: %s" adb (buffer-string))) 18 | (when (= exit-code 0) 19 | (setq adb-host host)))))) 20 | ''; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /emacs/aria2.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.aria2 = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/auctex-latexmk.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.auctex-latexmk = { 5 | demand = true; 6 | after = [ "auctex" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/auctex-lua.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.auctex-lua = { 5 | demand = true; 6 | after = [ "auctex" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/auctex.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.auctex = { 5 | demand = true; 6 | after = [ "tex" "latex" ]; 7 | config = '' 8 | (TeX-global-PDF-mode t) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/auth-source.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.auth-source = { 5 | demand = true; 6 | name = "pass"; 7 | config = '' 8 | (require 'auth-source-pass) 9 | (setq auth-sources '(;default 10 | ;"secrets:session" 11 | ;"secrets:Login" 12 | password-store 13 | "~/.authinfo" 14 | "~/.authinfo.gpg")) 15 | ''; 16 | systemDeps = with pkgs; [ pass ]; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /emacs/avy.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.avy = { 5 | demand = true; 6 | bind = { 7 | "C-=" = "avy-goto-char"; 8 | }; 9 | config = '' 10 | (setq avy-background t) 11 | ''; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /emacs/bitwarden.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, domains, ... }: 2 | 3 | { 4 | emacs.loader.bitwarden = { 5 | config = '' 6 | (setenv "BW_SESSION" 7 | (let ((secret (plist-get 8 | (nth 0 (auth-source-search :host "bitwarden-session")) 9 | :secret))) 10 | (if (functionp secret) (funcall secret) secret))) 11 | (setq bitwarden-user "me@${domains.home}") 12 | (setq bitwarden-automatic-unlock (lambda () (read-passwd "Bitwarden Password: "))) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/bookmark.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, domains, ... }: 2 | 3 | { 4 | emacs.loader.bookmark = { 5 | demand = true; 6 | package = lib.const null; 7 | config = '' 8 | (defun bookmark-save-advice (&rest r) 9 | (let ((save-silently t)) 10 | (bookmark-save))) 11 | (advice-add 'bookmark-set :after #'bookmark-save-advice) 12 | ''; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /emacs/buffer-move.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.buffer-move = { 5 | demand = true; 6 | after = [ "exwm-input" ]; 7 | config = '' 8 | (progn 9 | (exwm-input-set-key (kbd "") #'buf-move-up) 10 | (exwm-input-set-key (kbd "") #'buf-move-down) 11 | (exwm-input-set-key (kbd "") #'buf-move-left) 12 | (exwm-input-set-key (kbd "") #'buf-move-right)) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/bufler.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.bufler = { 5 | demand = true; 6 | config = '' 7 | (if (boundp 'bufler-vc-remote) 8 | (setq bufler-vc-remote nil) 9 | (setq bufler-columns (remove "VC" bufler-columns))) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/calfw-org.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.calfw-org = { 5 | demand = true; 6 | after = [ "org" "calfw" ]; 7 | config = '' 8 | (setq calendar-week-start-day 1) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/calfw.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.calfw = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/cargo.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.cargo = { 5 | demand = true; 6 | after = [ "rust-mode" ]; 7 | hook = [ 8 | { rust-mode-hook = "cargo-minor-mode"; } 9 | ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/cl.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.cl = { 5 | package = lib.const null; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/company-box.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.company-box = { 5 | demand = true; 6 | after = [ "company" ]; 7 | hook = [ 8 | { company-mode-hook = "company-box-mode"; } 9 | ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/company-cabal.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.company-cabal = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/company-terraform.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.company-terraform = { 5 | demand = true; 6 | after = [ "terraform-mode" "company" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/company.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.company = { 5 | demand = true; 6 | diminish = [ "company-mode" ]; 7 | hook = [ 8 | { prog-mode-hook = "company-mode"; } 9 | ]; 10 | config = '' 11 | (setq company-tooltip-align-annotations t 12 | company-minimum-prefix-length 1) 13 | ;(setq +lsp-company-backend 'company-capf) 14 | ''; 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /emacs/counsel-projectile.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.counsel-projectile = { 5 | demand = true; 6 | after = [ "projectile" "counsel" ]; 7 | config = '' 8 | (counsel-projectile-mode t) 9 | (setq ivy-initial-inputs-alist nil) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/counsel.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.counsel = { 5 | demand = true; 6 | after = [ "ivy" ]; 7 | bind = { 8 | "M-x" = "counsel-M-x"; 9 | "C-x M-f" = "counsel-recentf"; 10 | #"C-y" = "counsel-yank-pop"; 11 | }; 12 | config = '' 13 | (counsel-mode 1) 14 | (setq ivy-initial-inputs-alist nil) 15 | (recentf-mode 1) 16 | (setq recentf-max-menu-items 64) 17 | (setq recentf-max-saved-items 64) 18 | (run-at-time nil (* 5 60) 'recentf-save-list) 19 | 20 | (defun suppress-messages (func &rest args) 21 | (let ((save-silently t)) 22 | (apply func args)) 23 | (message nil)) 24 | (advice-add 'recentf-save-list :around #'suppress-messages) 25 | ''; 26 | systemDeps = with pkgs; [ ag ]; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /emacs/csharp-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.csharp-mode = { 5 | demand = true; 6 | package = epkgs: epkgs.csharp-mode.overrideAttrs (_: { 7 | postInstall = '' 8 | find $out -iname '*.elc' -delete 9 | ''; 10 | }); 11 | require = [ "cc-bytecomp" "csharp-mode" "cc-bytecomp" ]; 12 | hook = [ 13 | { csharp-mode-hook = "omnisharp-mode"; } 14 | ]; 15 | config = '' 16 | (setq lsp-csharp-server-path "${pkgs.omnisharp-roslyn}/bin/omnisharp") 17 | 18 | (defun bqv/csharp-mode-setup () 19 | (setq indent-tabs-mode nil 20 | c-syntactic-indentation t) 21 | (c-set-style "ellemtel") 22 | (setq c-basic-offset 4 23 | truncate-lines t 24 | tab-width 4 25 | evil-shift-width 4)) 26 | 27 | (add-hook 'csharp-mode-hook #'bqv/csharp-mode-setup) 28 | 29 | (defun csharp-repl () 30 | (interactive) 31 | (comint-run "${pkgs.mono}/bin/csharp")) 32 | ''; 33 | }; 34 | } 35 | -------------------------------------------------------------------------------- /emacs/csproj-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.csproj-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/daemons.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.daemons = { 5 | demand = true; 6 | config = '' 7 | (setq daemons-always-sudo t) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/dante.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.dante = { 5 | demand = true; 6 | after = [ "haskell-mode" ]; 7 | hook = [ 8 | { haskell-mode-hook = "dante-mode"; } 9 | ]; 10 | config = '' 11 | (add-to-list 'haskell-mode-hook #'dante-mode) 12 | (defun dante-setup-flake () 13 | (interactive) 14 | (setq dante-repl-command-line '( 15 | "nix" "develop" "--impure" "-c" "cabal" "v1-repl" 16 | (or dante-target (dante-package-name) #1="") 17 | "--builddir=dist/dante"))) 18 | ''; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /emacs/dap-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.dap-mode = { 5 | demand = true; 6 | after = [ "lsp-mode" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/darcsum.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.darcsum = { 5 | demand = true; 6 | systemDeps = with pkgs; [ darcs ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/dashboard.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.dashboard = { 5 | demand = true; 6 | config = '' 7 | (dashboard-setup-startup-hook) 8 | (setq dashboard-center-content t) 9 | (setq initial-buffer-choice (lambda () (get-buffer "*dashboard*"))) 10 | (setq dashboard-items '((recents . 10) 11 | (bookmarks . 10) 12 | (projects . 10) 13 | (agenda . 10))) 14 | (defun config-goto-error (package) 15 | (with-current-buffer (find-file user-init-file) 16 | (goto-char (point-min)) (search-forward package) (recenter))) 17 | (defun dashboard-init-errors (list-size) 18 | (dashboard-insert-section "Config Errors:" 19 | (config-errors) 20 | list-size 21 | "e" 22 | `(lambda (&rest ignore) (config-goto-error (car ',el))) 23 | (concat (car el) " :: " (cadr el)))) 24 | (add-to-list 'dashboard-item-generators '(errors . dashboard-init-errors)) 25 | (add-to-list 'dashboard-items '(errors) t) 26 | ''; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /emacs/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | { 4 | imports = lib.filter (p: lib.hasSuffix ".nix" p && builtins.baseNameOf p != "default.nix") 5 | (lib.mapAttrsToList (file: _: ./. + "/${file}") # strings to paths 6 | (lib.filterAttrs (f: _: f != ".dir-locals.el") # remove bad files 7 | (builtins.readDir ./.))); # enumerate folder 8 | 9 | emacs.loader.scraps = { 10 | package = lib.const null; 11 | script = epkgs: '' 12 | (defun bqv/load-scraps () 13 | ${builtins.readFile ./scraps+bufmgmt.el} 14 | ${builtins.readFile ./scraps+misc.el} 15 | ${builtins.readFile ./scraps+shell.el} 16 | t) 17 | (add-to-list 'emacs-startup-hook #'bqv/load-scraps) 18 | ''; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /emacs/desktop-environment.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.desktop-environment = { 5 | demand = true; 6 | after = [ "exwm-input" ]; 7 | config = '' 8 | (setq desktop-environment-volume-get-command "amixer -c0 get Master") 9 | (setq desktop-environment-volume-set-command "amixer -c0 set Master %s") 10 | (setq desktop-environment-volume-toggle-command "amixer -c0 set Master toggle") 11 | (define-key desktop-environment-mode-map (kbd "<269025043>") #'desktop-environment-volume-increment) ; mouse v-up 12 | (define-key desktop-environment-mode-map (kbd "S-<269025043>") #'desktop-environment-volume-increment-slowly) 13 | (define-key desktop-environment-mode-map (kbd "<269025041>") #'desktop-environment-volume-decrement) ; mouse v-down 14 | (define-key desktop-environment-mode-map (kbd "S-<269025041>") #'desktop-environment-volume-decrement-slowly) 15 | (define-key desktop-environment-mode-map (kbd "<269025073>") #'emms-pause) ; headset btn 16 | 17 | (desktop-environment-mode) 18 | ''; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /emacs/dired-du.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.dired-du = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/direnv.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.direnv = { 5 | enable = false; 6 | demand = true; 7 | config = '' 8 | (direnv-mode 1) 9 | (defcustom bqv/direnv-enabled-hosts nil 10 | "List of remote hosts to use Direnv on. 11 | Each host must have `direnv' executable accessible in the default environment." 12 | :type '(repeat string) 13 | :group 'bqv) 14 | 15 | (defun bqv/advice-filter@tramp-sh-handle-start-file-process (args) 16 | "Enable Direnv for hosts in `my-direnv-enabled-hosts'." 17 | (with-parsed-tramp-file-name (expand-file-name default-directory) nil 18 | (if (member host bqv/direnv-enabled-hosts) 19 | (pcase-let ((`(,name ,buffer ,program . ,args) args)) 20 | `(,name 21 | ,buffer 22 | "direnv" 23 | "exec" 24 | ,localname 25 | ,program 26 | ,@args)) 27 | args))) 28 | 29 | (with-eval-after-load "tramp-sh" 30 | (advice-add 'tramp-sh-handle-start-file-process 31 | :filter-args #'bqv/advice-filter@tramp-sh-handle-start-file-process)) 32 | ''; 33 | systemDeps = with pkgs; [ direnv ]; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /emacs/disk-usage.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.disk-usage = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/doc-view.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.doc-view = { 5 | package = lib.const null; 6 | config = '' 7 | (add-hook 'doc-view-mode-hook 8 | (lambda () 9 | (define-key doc-view-mode-map [wheel-down] 'doc-view-next-line-or-next-page) 10 | (define-key doc-view-mode-map [double-wheel-down] 11 | (lambda () 12 | (interactive) 13 | (doc-view-next-line-or-next-page 2))) 14 | (define-key doc-view-mode-map [triple-wheel-down] 15 | (lambda () 16 | (interactive) 17 | (doc-view-next-line-or-next-page 3))) 18 | (define-key doc-view-mode-map [wheel-up] 'doc-view-previous-line-or-previous-page) 19 | (define-key doc-view-mode-map [double-wheel-up] 20 | (lambda () 21 | (interactive) 22 | (doc-view-previous-line-or-previous-page 2))) 23 | (define-key doc-view-mode-map [triple-wheel-up] 24 | (lambda () 25 | (interactive) 26 | (doc-view-previous-line-or-previous-page 3)))) 27 | t) 28 | ''; 29 | }; 30 | } 31 | -------------------------------------------------------------------------------- /emacs/doom-modeline.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.doom-modeline = { 5 | demand = true; 6 | after = [ "doom-themes" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/doom-themes.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.doom-themes = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/dotnet.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.dotnet = { 5 | demand = true; 6 | after = [ "csharp-mode" ]; 7 | hook = [ 8 | { csharp-mode-hook = "dotnet-mode"; } 9 | ]; 10 | systemDeps = with pkgs; with dotnetCorePackages; [ 11 | (combinePackages [ 12 | sdk_2_1 sdk_3_0 sdk_3_1 13 | ]) azure-cli 14 | ]; 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /emacs/eglot.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.eglot = { 5 | demand = true; 6 | commands = [ "eglot" "eglot-ensure" ]; 7 | config = '' 8 | (define-key eglot-mode-map (kbd "C-c e r") 'eglot-rename) 9 | (define-key eglot-mode-map (kbd "C-c e f") 'eglot-format) 10 | (define-key eglot-mode-map (kbd "C-c e h") 'eglot-help-at-point) 11 | (add-to-list 'eglot-server-programs 12 | `(csharp-mode . ("omnisharp" "-lsp"))) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/el-get.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.el-get = { 5 | demand = true; 6 | config = '' 7 | (defvar bootstrap-version) 8 | (let ((bootstrap-file 9 | (expand-file-name "straight/repos/straight.el/bootstrap.el" user-emacs-directory)) 10 | (bootstrap-version 5)) 11 | (delete-directory (expand-file-name "straight/build" user-emacs-directory) t) 12 | (unless (file-exists-p bootstrap-file) 13 | (with-current-buffer 14 | (url-retrieve-synchronously 15 | "https://raw.githubusercontent.com/raxod502/straight.el/develop/install.el" 16 | 'silent 'inhibit-cookies) 17 | (goto-char (point-max)) 18 | (eval-print-last-sexp))) 19 | (load bootstrap-file nil 'nomessage)) 20 | ''; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /emacs/elsa.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.elsa = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/emacs-ffi.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.emacs-ffi = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/emacsbridge.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.emacsbridge = { 5 | demand = true; 6 | require = [ "emacsbridge-rpc" "alert-emacsbridge" ]; 7 | config = '' 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/emms-mode-line-cycle.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.emms-mode-line-cycle = { 5 | demand = true; 6 | after = [ "emms" ]; 7 | config = '' 8 | nil 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/emms.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.emms = { 5 | demand = true; 6 | require = [ "emms" "emms-player-mpd" ]; 7 | config = '' 8 | (require 'emms-setup nil t) 9 | (emms-minimalistic) ;(emms-all) 10 | (emms-default-players) 11 | (emms-player-mpd-connect) 12 | (push 'emms-player-mpd emms-player-list) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/envrc.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.envrc = { 5 | demand = true; 6 | config = '' 7 | (envrc-global-mode) 8 | (define-key envrc-mode-map (kbd "C-c e") 'envrc-command-map) 9 | (define-key envrc-command-map (kbd "R") 'envrc-reload-all) 10 | ''; 11 | systemDeps = with pkgs; [ direnv ]; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /emacs/eshell-git-prompt.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.eshell-git-prompt = { 5 | demand = true; 6 | config = '' 7 | (eshell-git-prompt-powerline) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/eshell-z.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.eshell-z = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/eterm-256color.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.eterm-256color = { 5 | demand = true; 6 | config = '' 7 | (add-hook 'term-mode-hook #'eterm-256color-mode) 8 | (setenv "TMUX" "off") 9 | (with-demoted-errors (dolist (buffer (buffer-list)) 10 | (with-current-buffer buffer 11 | (setenv "TMUX" "off")))) 12 | (defun bqv/nixos-switch () 13 | (interactive) 14 | (bqv/exwm-sudo-exec "nixos-rebuild switch --show-trace")) 15 | (defun bqv/nixos-dry-switch () 16 | (interactive) 17 | (bqv/exwm-sudo-exec "nixos-rebuild dry-activate --show-trace")) 18 | ''; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /emacs/evil-collection.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.evil-collection = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/execline.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.execline = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/explain-pause-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.explain-pause-mode = { 5 | demand = true; 6 | package = epkgs: epkgs.explain-pause-mode.overrideAttrs (_: { 7 | postInstall = '' 8 | find $out -iname '*.elc' -delete 9 | ''; 10 | }); 11 | require = [ "explain-pause-mode" ]; 12 | config = '' 13 | ;(explain-pause-mode) 14 | ;(setq explain-pause-logging-default-log-location "/dev/log") 15 | ;(add-hook 'after-init-hook #'explain-pause-log-to-socket) 16 | ''; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /emacs/exwm-config.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-config = { 5 | after = [ "exwm" ]; 6 | package = epkgs: epkgs.exwm; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/exwm-edit.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-edit = { 5 | demand = true; 6 | after = [ "exwm" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/exwm-manage.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-manage = { 5 | demand = true; 6 | after = [ "exwm" ]; 7 | package = epkgs: epkgs.exwm; 8 | config = '' 9 | (progn 10 | ;; https://github.com/ch11ng/exwm/issues/574 11 | (add-to-list 'exwm-manage-configurations 12 | '((equal exwm-class-name "Slack") 13 | managed t)) 14 | (add-to-list 'exwm-manage-configurations 15 | '((equal exwm-class-name "Riot") 16 | workspace 0)) 17 | (add-to-list 'exwm-manage-configurations 18 | '((or (equal exwm-instance-name "qutebrowser") 19 | (equal exwm-class-name "Firefox")) 20 | workspace 2))) 21 | ''; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /emacs/exwm-systemtray.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-systemtray = { 5 | after = [ "exwm" ]; 6 | package = epkgs: epkgs.exwm; 7 | config = '' 8 | (progn 9 | (exwm-systemtray-enable)) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/exwm-workspace.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-workspace = { 5 | after = [ "exwm" ]; 6 | package = epkgs: epkgs.exwm; 7 | config = '' 8 | (progn 9 | (setq exwm-workspace-number 4) 10 | (setq exwm-workspace-show-all-buffers t) 11 | (setq exwm-layout-show-all-buffers t) 12 | (setq exwm-workspace-minibuffer-position 'top) 13 | (defun bqv/exwm-minibuffer-advice (old-function &rest args) 14 | (cl-flet ((rawdisplay 15 | (str) 16 | (replace-regexp-in-string "\\.0$" "" str))) 17 | (if (ignore-errors 18 | (string-equal 19 | (rawdisplay (slot-value exwm--connection 'display)) 20 | (rawdisplay (frame-parameter (selected-frame) 'display)))) 21 | (apply old-function args))))) 22 | (advice-add 'exwm-workspace--on-minibuffer-setup 23 | :around 'bqv/exwm-minibuffer-advice) 24 | ''; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /emacs/exwm-xim.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.exwm-xim = { 5 | demand = true; 6 | after = [ "exwm" ]; 7 | package = epkgs: epkgs.exwm; 8 | config = '' 9 | (exwm-xim-enable) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/fish-completion.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.fish-completion = { 5 | demand = true; 6 | config = '' 7 | (global-fish-completion-mode) 8 | ''; 9 | systemDeps = with pkgs; [ fish ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/fix-input.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.fix-input = { 5 | demand = true; 6 | config = '' 7 | ;; ensure wayland xkb 8 | (when (eq window-system 'pgtk) 9 | (pgtk-use-im-context t)) 10 | 11 | ;; update british ime 12 | (with-temp-buffer 13 | (activate-input-method "british") 14 | (let ((quail-current-package (assoc "british" quail-package-alist))) 15 | (quail-define-rules ((append . t)) 16 | ("\"" ["@"]) 17 | ("@" ["\""])))) 18 | 19 | ;; reverse compose british with ims 20 | (fix-input "british" "programmer-dvorak" "uk-programmer-dvorak") 21 | (fix-input "british" "english-dvorak" "uk-dvorak") 22 | (fix-input "british" "TeX" "uk-TeX") 23 | 24 | ;; merge imes for great success (ideally...) 25 | (with-temp-buffer 26 | (activate-input-method "uk-programmer-dvorak") 27 | (activate-input-method "TeX") 28 | (let ((pkg (copy-tree (quail-package "uk-programmer-dvorak")))) 29 | (setcar pkg "uk-tex-programmer-dvorak") 30 | (setcar (cdr pkg) "\\DVP@") 31 | (setcar (nth 2 pkg) (append (cdr (nth 2 (quail-package "uk-programmer-dvorak"))) 32 | (cdr (nth 2 (quail-package "TeX"))))) 33 | (quail-add-package pkg)) 34 | (register-input-method "uk-tex-programmer-dvorak" "UTF-8" 'quail-use-package "\\DVP@")) 35 | 36 | ;; res ipsa loquitur 37 | (setq default-input-method "uk-programmer-dvorak") 38 | ''; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /emacs/flycheck-elsa.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-elsa = { 5 | demand = true; 6 | after = [ "elsa" "flycheck" ]; 7 | config = '' 8 | (flycheck-elsa-setup) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/flycheck-haskell.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-haskell = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/flycheck-jest.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-jest = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/flycheck-kotlin.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-kotlin = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/flycheck-pos-tip.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-pos-tip = { 5 | demand = true; 6 | after = [ "flycheck" ]; 7 | config = '' 8 | (flycheck-pos-tip-mode) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/flycheck-posframe.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-posframe = { 5 | demand = true; 6 | after = [ "flycheck" "lsp-mode" ]; 7 | hook = [ 8 | # { flycheck-mode-hook = "flycheck-posframe-mode"; } 9 | ]; 10 | config = '' 11 | (defun turn-off-lsp-ui (&rest r) 12 | (lsp-ui-mode -1)) 13 | (add-to-list 'lsp-mode-hook #'turn-off-lsp-ui) 14 | ''; 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /emacs/flycheck-purescript.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-purescript = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/flycheck-rust.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck-rust = { 5 | demand = true; 6 | config = '' 7 | (add-hook 'flycheck-mode-hook #'flycheck-rust-setup) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/flycheck.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flycheck = { 5 | demand = true; 6 | hook = [ 7 | { prog-mode-hook = "flycheck-mode"; } 8 | ]; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/flymake.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.flymake = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/forge.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.forge = { 5 | demand = true; 6 | after = [ "magit" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/fsharp-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.fsharp-mode = { 5 | enable = false; 6 | demand = true; 7 | hook = [ 8 | { fsharp-mode-hook = "dotnet-mode"; } 9 | ]; 10 | config = '' 11 | (defun project-try-vc (d) nil) ; Disable project.el because bugs 12 | ''; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /emacs/fzf.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.fzf = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/general.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.general = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/gh-notify.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.gh-notify = { 5 | demand = true; 6 | after = [ "magit" "forge" ]; 7 | config = '' 8 | (with-eval-after-load 'evil 9 | (add-to-list 'evil-emacs-state-modes 'gh-notify-mode)) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/git-gutter.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.git-gutter = { 5 | demand = true; 6 | diminish = [ "git-gutter-mode" ]; 7 | config = '' 8 | (global-git-gutter-mode 't) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/git-timemachine.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.git-timemachine = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/gnus.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.gnus = { 5 | demand = true; 6 | package = lib.const null; 7 | config = '' 8 | nil 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/go-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.go-mode = { 5 | demand = true; 6 | config = '' 7 | (add-hook 'go-mode-hook (lambda () (setq tab-width 2))) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/haskell-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.haskell-mode = { 5 | demand = true; 6 | require = [ "haskell" "haskell-doc" ]; 7 | after = [ ]; 8 | config = '' 9 | (add-to-list 'auto-mode-alist '("\\.tpl" . mhtml-mode)) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/hc-zenburn-theme.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.hc-zenburn-theme = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/helm.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.helm = { 5 | demand = true; 6 | config = '' 7 | nil 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/helpful.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.helpful = { 5 | demand = true; 6 | config = '' 7 | ;; Note that the built-in `describe-function' includes both functions 8 | ;; and macros. `helpful-function' is functions only, so we provide 9 | ;; `helpful-callable' as a drop-in replacement. 10 | (global-set-key (kbd "C-h f") #'helpful-callable) 11 | 12 | (global-set-key (kbd "C-h v") #'helpful-variable) 13 | (global-set-key (kbd "C-h k") #'helpful-key) 14 | 15 | ;; Lookup the current symbol at point. C-c C-d is a common keybinding 16 | ;; for this in lisp modes. 17 | (global-set-key (kbd "C-c C-d") #'helpful-at-point) 18 | 19 | ;; Look up *F*unctions (excludes macros). 20 | ;; 21 | ;; By default, C-h F is bound to `Info-goto-emacs-command-node'. Helpful 22 | ;; already links to the manual, if a function is referenced there. 23 | (global-set-key (kbd "C-h F") #'helpful-function) 24 | 25 | ;; Look up *C*ommands. 26 | ;; 27 | ;; By default, C-h C is bound to describe `describe-coding-system'. I 28 | ;; don't find this very useful, but it's frequently useful to only 29 | ;; look at interactive functions. 30 | (global-set-key (kbd "C-h C") #'helpful-command) 31 | 32 | (setq counsel-describe-function-function #'helpful-callable) 33 | (setq counsel-describe-variable-function #'helpful-variable) 34 | 35 | (with-eval-after-load 'evil 36 | (add-to-list 'evil-emacs-state-modes 'helpful-mode)) 37 | ''; 38 | }; 39 | } 40 | -------------------------------------------------------------------------------- /emacs/hy-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.hy-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/idle-highlight-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.idle-highlight-mode = { 5 | demand = true; 6 | config = '' 7 | (add-hook 'prog-mode-hook 'idle-highlight-mode) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/ivy-clipmenu.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ivy-clipmenu = { 5 | demand = true; 6 | after = [ "ivy" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/ivy-hydra.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ivy-hydra = { 5 | demand = true; 6 | after = [ "ivy" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/ivy-purpose.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ivy-purpose = { 5 | demand = true; 6 | after = [ "ivy" "window-purpose" "bufler" ]; 7 | config = '' 8 | (ivy-purpose-setup) 9 | ;(define-key purpose-mode-map "C-x b" nil) 10 | (define-purpose-prefix-overload purpose-switch-buffer-overload 11 | `(,(if (boundp 'bufler-vc-remote) 12 | 'bufler-switch-buffer 13 | 'ivy-purpose-switch-buffer-without-purpose) 14 | ivy-switch-buffer 15 | ivy-purpose-switch-buffer-with-some-purpose)) 16 | ''; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /emacs/ivy-rich.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ivy-rich = { 5 | demand = true; 6 | after = [ "ivy" "counsel" ]; 7 | config = '' 8 | (defvar ivy-mode nil) 9 | (defvar counsel-mode nil) 10 | (defvar counsel-projectile-mode nil) 11 | 12 | (defun maybe-restart-counsel-projectile () 13 | (when counsel-projectile-mode 14 | (counsel-projectile-mode nil)) 15 | (counsel-projectile-mode t)) 16 | 17 | (add-hook 'ivy-mode-hook 'ivy-rich-mode) 18 | (add-hook 'ivy-rich-mode-hook 'maybe-restart-counsel-projectile) 19 | (ivy-rich-mode ivy-mode) 20 | 21 | (setq ivy-rich-project-root-cache-mode t) 22 | (setq ivy-rich-path-style 'abbrev) 23 | ''; 24 | }; 25 | emacs.loader.all-the-icons-ivy = { 26 | demand = true; 27 | after = [ "ivy" "all-the-icons" ]; 28 | }; 29 | emacs.loader.all-the-icons-ivy-rich = { 30 | demand = true; 31 | after = [ "ivy-rich" "all-the-icons" ]; 32 | config = '' 33 | (add-hook 'ivy-mode-hook 'all-the-icons-ivy-rich-mode) 34 | (add-hook 'all-the-icons-ivy-rich-mode-hook 'maybe-restart-counsel-projectile) 35 | (all-the-icons-ivy-rich-mode ivy-mode) 36 | ''; 37 | }; 38 | } 39 | -------------------------------------------------------------------------------- /emacs/ivy.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.ivy = { 5 | demand = true; 6 | diminish = [ "ivy-mode" ]; 7 | config = '' 8 | ;(defun ivy-rich-switch-buffer-transformer (arg) 9 | ; ; Compatibility hack 10 | ; arg) 11 | (setq-default ivy-initial-inputs-alist nil) 12 | (setq ivy-re-builders-alist '((t . ivy--regex-ignore-order))) 13 | (ivy-mode t) 14 | (add-hook 'after-init-hook 15 | (lambda (&rest r) 16 | (setq ivy-initial-inputs-alist nil))) 17 | ''; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /emacs/jabber.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.jabber = { 5 | demand = true; 6 | package = epkgs: if true then (builtins.trace "emacs.jabber: build fails" pkgs.emacs.pkgs.jabber) else (epkgs.trivialBuild rec { 7 | pname = "jabber"; 8 | version = lib.substring 0 7 (src.rev or src.outputHash); 9 | src = pkgs.fetchzip { 10 | url = "https://gitlab.com/cnngimenez/emacs-jabber/-/archive/lexical-binding/emacs-jabber-lexical-binding.tar.gz"; 11 | sha256 = "Fnrk3DIbbJUx+y4kwoJU0DSBvVBmMghk8dEZtLTGths="; 12 | }; 13 | buildInputs = with epkgs; [ 14 | srv fsm literate-elisp 15 | ]; 16 | }); 17 | config = '' 18 | nil 19 | ''; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /emacs/json-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.json-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/kotlin-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.kotlin-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/latex-extra.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.latex-extra = { 5 | demand = true; 6 | after = [ "tex" "latex" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/latex-pretty-symbols.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.latex-pretty-symbols = { 5 | demand = true; 6 | after = [ "tex" "latex" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/latex-preview-pane.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.latex-preview-pane = { 5 | demand = true; 6 | after = [ "tex" "latex" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/latex.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.latex = { 5 | package = lib.const null; 6 | mode = { 7 | "\"\\\\.tex\\\\'\"" = "latex-mode"; 8 | }; 9 | config = '' 10 | (add-hook 'doc-view-mode-hook 'auto-revert-mode) 11 | (add-hook 'LaTeX-mode-hook 'latex-preview-pane-mode) 12 | (add-hook 'LaTeX-mode-hook 13 | (lambda () 14 | (visual-line-mode t) 15 | (turn-on-reftex)) 16 | t) 17 | (setq pdf-latex-command "lualatex") 18 | (setq-default TeX-command-default "LaTeX" 19 | TeX-PDF-mode t 20 | Tex-engine 'lualatex) 21 | ''; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /emacs/leaf-convert.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.leaf-convert = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/leaf-keywords.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.leaf-keywords = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/log4e.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.log4e = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/lsp-haskell.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lsp-haskell = { 5 | demand = true; 6 | after = [ "lsp-mode" "haskell-mode" ]; 7 | hook = [ 8 | { haskell-mode-hook = "lsp"; } 9 | ]; 10 | config = '' 11 | (add-to-list 'haskell-mode-hook #'lsp) 12 | ;(add-to-list 'after-init-hook (lambda (&rest r) (add-to-list 'haskell-mode-hook 'lsp))) 13 | ;(setq lsp-haskell-server-path "${pkgs.haskellPackages.ghcide}/bin/ghcide") 14 | ;(setq lsp-haskell-server-args nil) 15 | (setq lsp-haskell-process-path-hie "ghcide") 16 | (setq lsp-haskell-process-args-hie nil) 17 | ''; 18 | }; 19 | } 20 | -------------------------------------------------------------------------------- /emacs/lsp-ivy.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lsp-ivy = { 5 | demand = true; 6 | after = [ "ivy" "lsp-mode" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/lsp-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lsp-mode = { 5 | demand = true; 6 | package = epkgs: epkgs.lsp-mode.overrideAttrs (_: { 7 | postInstall = '' 8 | cd $out/share/emacs/site-lisp/elpa/* 9 | mkdir snippets 10 | ''; 11 | }); 12 | commands = [ "lsp" ]; 13 | config = '' 14 | ;(setq lsp-log-io t) 15 | ''; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /emacs/lsp-treemacs.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lsp-treemacs = { 5 | demand = true; 6 | after = [ "treemacs" "lsp-mode" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/lsp-ui.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lsp-ui = { 5 | demand = true; 6 | after = [ "lsp-mode" ]; 7 | config = '' 8 | (setq lsp-ui-doc-show-with-cursor t) ; disable for zero sluggishness 9 | (setq lsp-ui-doc-delay 2) ; get's rid of most of the sluggishness 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/lui.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.lui = { 5 | demand = true; 6 | package = epkgs: [ epkgs.circe ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/map.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.map = { 5 | package = lib.const null; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/mastodon.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, domains, ... }: 2 | 3 | { 4 | emacs.loader.mastodon = { 5 | demand = true; 6 | config = '' 7 | (setq mastodon-instance-url "https://u.${domains.srvc}") 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/material-theme.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.material-theme = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/matrix-client.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.matrix-client = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/md4rd.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.md4rd = { 5 | demand = true; 6 | config = '' 7 | (defalias #'reddit #'md4rd) 8 | (defalias #'reddit-mode #'md4rd-mode) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/meson-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.meson-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/minimap.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.minimap = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/multi-vterm.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.multi-vterm = { 5 | demand = true; 6 | after = [ "vterm" ]; 7 | config = '' 8 | (define-key vterm-mode-map (kbd "C-x ") #'multi-vterm-next) 9 | (define-key vterm-mode-map (kbd "C-x t") #'multi-vterm) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/nix-buffer.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.nix-buffer = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/nix-update.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.nix-update = { 5 | demand = true; 6 | after = [ "nix-mode" ]; 7 | systemDeps = with pkgs; [ nix-prefetch-git ]; 8 | }; 9 | } 10 | -------------------------------------------------------------------------------- /emacs/nnreddit.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.nnreddit = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/oauth2.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.oauth2 = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/omnisharp.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | let 4 | inherit (pkgs) omnisharp-roslyn; 5 | in { 6 | emacs.loader.omnisharp = { 7 | demand = true; 8 | hook = [ 9 | { csharp-mode-hook = "omnisharp-mode"; } 10 | { csharp-mode-hook = "company-mode"; } 11 | { csharp-mode-hook = "flycheck-mode"; } 12 | ]; 13 | config = '' 14 | (setq omnisharp-server-executable-path "${omnisharp-roslyn}/bin/omnisharp") 15 | (eval-after-load 'company 16 | '(add-to-list 'company-backends 'company-omnisharp)) 17 | ''; 18 | systemDeps = [ omnisharp-roslyn ]; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /emacs/org-jira.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.org-jira = { 5 | demand = true; 6 | after = [ "org" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/org.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.org = { 5 | demand = true; 6 | config = '' 7 | (global-set-key "\C-cl" 'org-store-link) 8 | (global-set-key "\C-ca" 'org-agenda) 9 | (global-set-key "\C-cc" 'org-capture) 10 | (global-set-key "\C-cb" 'org-switchb) 11 | (setq bookmark-save-flag t) 12 | (setq org-log-done 'time) 13 | (setq org-log-done 'note) 14 | ;(setq org-directory "~/var/org/" 15 | ; org-agenda-files (list org-directory)) 16 | (defmacro .org (name &rest ignored) 17 | `,(expand-file-name (concat name ".org") org-directory)) 18 | (setq org-clock-idle-time 15) 19 | 20 | ;; Show lot of clocking history so it's easy to pick items off the `C-c I` list 21 | (setq org-clock-history-length 23) 22 | 23 | (defun bqv/org-clock-in () 24 | (interactive) 25 | (org-clock-in '(4))) 26 | 27 | (global-set-key (kbd "C-c I") #'bqv/org-clock-in) 28 | (global-set-key (kbd "C-c O") #'org-clock-out) 29 | 30 | ;; Resume clocking task when emacs is restarted 31 | (org-clock-persistence-insinuate) 32 | ;; Save the running clock and all clock history when exiting Emacs, load it on startup 33 | (setq org-clock-persist t) 34 | ;; Resume clocking task on clock-in if the clock is open 35 | (setq org-clock-in-resume t) 36 | ''; 37 | }; 38 | } 39 | -------------------------------------------------------------------------------- /emacs/pinentry.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.pinentry = { 5 | demand = true; 6 | after = [ "exwm" ]; 7 | config = '' 8 | (progn 9 | ;; Use gpg as ssh agent (for this to work in shells, also set the 10 | ;; ENV var in $HOME/.profile or similar). 11 | (setenv "SSH_AUTH_SOCK" 12 | (string-trim 13 | (shell-command-to-string "gpgconf --list-dirs agent-ssh-socket")))) 14 | (progn 15 | (pinentry-start) 16 | 17 | (defun bqv/pinentry-restart () 18 | "Kill and restart gpg-agent and pinentry." 19 | (interactive) 20 | (delete-process "pinentry") 21 | (shell-command "gpgconf --kill gpg-agent") 22 | (pinentry-start) 23 | (message "gpg-agent and pinentry restarted successfully."))) 24 | ''; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /emacs/popwin.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, hosts, ... }: 2 | 3 | { 4 | emacs.loader.popwin = { 5 | demand = true; 6 | config = '' 7 | (global-set-key (kbd "C-c w") popwin:keymap) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/projectile.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.projectile = { 5 | demand = true; 6 | diminish = [ "projectile-mode" ]; 7 | config = '' 8 | (setq projectile-completion-system 'ivy) 9 | (define-key projectile-mode-map (kbd "C-c p") 'projectile-command-map) 10 | (setq projectile-enable-caching t) 11 | (projectile-mode t) 12 | (setq compilation-buffer-name-function 13 | (lambda (mode) 14 | (concat "*" (downcase mode) ": " (projectile-project-name) "*"))) 15 | (put 'projectile-project-compilation-cmd 'safe-local-variable 16 | (lambda (a) (and (stringp a) (or (not (boundp 'compilation-read-command)) 17 | compilation-read-command)))) 18 | (global-set-key (kbd "C-c C-f") 'recompile) 19 | ''; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /emacs/purescript-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.purescript-mode = { 5 | demand = true; 6 | after = [ "lsp-mode" ]; 7 | hook = [ 8 | { purescript-mode-hook = "lsp"; } 9 | ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/racket-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.racket-mode = { 5 | demand = true; 6 | config = '' 7 | (setq scheme-program-name "racket") 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/rcirc-color.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.rcirc-color = { 5 | demand = true; 6 | after = [ "rcirc" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/rcirc.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.rcirc = { 5 | demand = true; 6 | package = lib.const null; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/restclient.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.restclient = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/reverse-im.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.reverse-im = { 5 | demand = true; 6 | config = '' 7 | (setq reverse-im-input-methods '("british")); 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/rust-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.rust-mode = { 5 | demand = true; 6 | after = [ "lsp-mode" ]; 7 | hook = [ 8 | { rust-mode-hook = "lsp"; } 9 | ]; 10 | systemDeps = with pkgs; [ rls rust-analyzer ]; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/s.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.s = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/scraps+bufmgmt.el: -------------------------------------------------------------------------------- 1 | (defun advice-list (sym) 2 | "Get advice set for SYM." 3 | (let ((l nil)) 4 | (advice-mapc (lambda (a &rest ignored) 5 | (push a l)) 6 | sym) 7 | l)) 8 | 9 | (defmacro do-buffers (&rest exprs) 10 | "Do EXPRS for every buffer." 11 | `(dolist (buf (buffer-list)) 12 | (with-current-buffer buf ,@exprs))) 13 | 14 | (defun setenv-global (key value) 15 | "Set KEY to VALUE in every buffer." 16 | (do-buffers (setenv key value))) 17 | -------------------------------------------------------------------------------- /emacs/scraps+misc.el: -------------------------------------------------------------------------------- 1 | ;; source: http://steve.yegge.googlepages.com/my-dot-emacs-file 2 | (defun rename-file-and-buffer (new-name) 3 | "Renames both current buffer and file it's visiting to NEW-NAME." 4 | (interactive "sNew name: ") 5 | (let ((name (buffer-name)) 6 | (filename (buffer-file-name))) 7 | (if (not filename) 8 | (message "Buffer '%s' is not visiting a file!" name) 9 | (if (get-buffer new-name) 10 | (message "A buffer named '%s' already exists!" new-name) 11 | (progn 12 | (rename-file filename new-name 1) 13 | (rename-buffer new-name) 14 | (set-visited-file-name new-name) 15 | (set-buffer-modified-p nil)))))) 16 | -------------------------------------------------------------------------------- /emacs/scraps+shell.el: -------------------------------------------------------------------------------- 1 | (setq explicit-shell-file-name (executable-find "bash")) 2 | (setq shell-file-name (executable-find "bash")) 3 | (setq async-shell-command-buffer 'confirm-rename-buffer) 4 | (setq async-shell-command-display-buffer nil) 5 | 6 | (do-buffers (setenv "PAGER" "cat")) ; depends: ace-window-config 7 | 8 | (defun comint-sudo-run (program) 9 | "Run sudo PROGRAM in a Comint buffer and switch to it. 10 | See `comint-run'." 11 | (declare (interactive-only make-comint)) 12 | (interactive "sRun program: ") 13 | (let ((name (file-name-nondirectory program))) 14 | (switch-to-buffer (make-comint name "sudo" nil program)) 15 | (run-hooks (intern-soft (concat "comint-" name "-hook"))))) 16 | 17 | (defun shell-region (start end) 18 | "execute region in an inferior shell" 19 | (interactive "r") 20 | (shell-command (buffer-substring-no-properties start end))) 21 | (global-set-key (kbd "C-x !") #'shell-region) 22 | 23 | (defun async-shell-region (start end) 24 | "execute region in an inferior shell" 25 | (interactive "r") 26 | (async-shell-command (buffer-substring-no-properties start end))) 27 | (global-set-key (kbd "C-x &") #'async-shell-region) 28 | 29 | (provide 'scraps+shell) 30 | ;;; scraps+shell.el ends here 31 | -------------------------------------------------------------------------------- /emacs/shackle.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.shackle = { 5 | demand = true; 6 | config = '' 7 | (shackle-mode t) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/slime-company.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.slime-company = { 5 | demand = true; 6 | after = [ "slime" "company" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/slime.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.slime = { 5 | demand = true; 6 | config = '' 7 | (setq slime-auto-connect 'always) 8 | (setq slime-enable-evaluate-in-emacs t) 9 | 10 | (defun nyxt/repl () 11 | (interactive) 12 | (slime-connect "localhost" 4005 nil (interactive-p))) 13 | 14 | (defun nyxt/push (text) 15 | (interactive "sText: ") 16 | (slime-eval `(containers:insert-item (nyxt:clipboard-ring nyxt::*browser*) ,text))) 17 | 18 | (defun nyxt/pull () 19 | (interactive) 20 | (unless (slime-eval '(containers:empty-p (nyxt:clipboard-ring nyxt-user::*browser*))) 21 | (let ((s (slime-eval '(containers:first-item (nyxt:clipboard-ring nyxt-user::*browser*))))) 22 | (when s 23 | (kill-new s))))) 24 | 25 | (defun nyxt/select-uri () 26 | (interactive) 27 | (let* ((uris (slime-eval 28 | (quote 29 | (cl:mapcar 30 | (cl:lambda (buffer) (quri:render-uri (nyxt:url buffer))) 31 | (nyxt:buffer-list)) 32 | ))) 33 | (uri (completing-read "Nyxt URIs: " uris))) 34 | (kill-new uri) 35 | (message "Copied: %s" uri))) 36 | ''; 37 | }; 38 | } 39 | -------------------------------------------------------------------------------- /emacs/sln-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.sln-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/sly.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.sly = { 5 | demand = true; 6 | require = []; 7 | config = '' 8 | nil 9 | ''; 10 | }; 11 | emacs.loader.sly-quicklisp = { 12 | demand = true; 13 | after = [ "sly" ]; 14 | config = '' 15 | nil 16 | ''; 17 | }; 18 | emacs.loader.sly-asdf = { 19 | demand = true; 20 | after = [ "sly" ]; 21 | config = '' 22 | nil 23 | ''; 24 | }; 25 | emacs.loader.sly-named-readtables = { 26 | demand = true; 27 | after = [ "sly" ]; 28 | config = '' 29 | nil 30 | ''; 31 | }; 32 | emacs.loader.sly-macrostep = { 33 | demand = true; 34 | after = [ "sly" ]; 35 | config = '' 36 | nil 37 | ''; 38 | }; 39 | } 40 | -------------------------------------------------------------------------------- /emacs/smex.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.smex = { 5 | demand = true; 6 | config = '' 7 | (smex-initialize) 8 | (global-set-key (kbd "C-c C-c M-x") 'smex) 9 | (global-set-key (kbd "C-M-x") 'smex-major-mode-commands) 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/solarized-theme.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.solarized-theme = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/sql.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, flake, ... }: 2 | 3 | { 4 | emacs.loader.sql = let 5 | src = flake.inputs.sqlcmdline; 6 | python = pkgs.python3.withPackages (py: [ 7 | py.pyodbc 8 | py.docopt 9 | ]); 10 | sqlcmdline = pkgs.writeShellScript "sqlcmdline" '' 11 | exec -a sqlcmdline ${python}/bin/python ${src}/sqlcmdline.py --driver '${pkgs.unixODBCDrivers.msodbcsql17.fancyName}' $@ 12 | ''; 13 | in { 14 | demand = true; 15 | package = lib.const null; 16 | config = '' 17 | (with-eval-after-load 'sql-mssql 18 | (plist-put (alist-get 'ms sql-product-alist) :prompt-cont-regexp "^[0-9]*>") 19 | 20 | (setq sql-ms-options nil) 21 | (setq sql-ms-programs "${sqlcmdline}")) 22 | ''; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /emacs/steam.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.steam = { 5 | demand = true; 6 | config = let 7 | creds = usr.secrets.steam.credentials; 8 | in '' 9 | (setq steam-username "${creds.user}") 10 | ''; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /emacs/straight.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.straight = { 5 | demand = true; 6 | commands = [ "straight-use-package" ]; 7 | package = epkgs: epkgs.trivialBuild rec { 8 | pname = "straight"; 9 | version = src.shortRev; 10 | src = pkgs.withSources.emacs-straight; 11 | buildInputs = [ pkgs.git ]; 12 | }; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /emacs/swiper.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.swiper = { 5 | demand = true; 6 | after = [ "ivy" ]; 7 | bind = { 8 | "M-s" = "swiper"; 9 | }; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/terraform-doc.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.terraform-doc = { 5 | demand = true; 6 | after = [ "terraform-mode" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/terraform-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.terraform-mode = { 5 | demand = true; 6 | systemDeps = with pkgs; [ 7 | terraform-full 8 | terracognita 9 | ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/tex.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.tex = { 5 | demand = true; 6 | package = lib.const null; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/toml-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.toml-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/tracking.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.tracking = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/tramp.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.tramp = { 5 | demand = true; 6 | package = lib.const null; 7 | config = '' 8 | (require 'tramp) 9 | ;(add-to-list 'tramp-remote-path "/run/current-system/sw/bin") 10 | (add-to-list 'tramp-remote-path "/run/wrappers/bin") 11 | (add-to-list 'tramp-remote-path 'tramp-own-remote-path) 12 | ''; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /emacs/treemacs-evil.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.treemacs-evil = { 5 | demand = true; 6 | after = [ "treemacs" "evil" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/treemacs-icons-dired.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.treemacs-icons-dired = { 5 | demand = true; 6 | after = [ "treemacs" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/treemacs-magit.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.treemacs-magit = { 5 | demand = true; 6 | after = [ "treemacs" "magit" ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/treemacs-projectile.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.treemacs-projectile = { 5 | demand = true; 6 | after = [ "treemacs" "projectile" ]; 7 | config = '' 8 | (defun bqv/treemacs-open () 9 | (unless (equalp (treemacs-current-visibility) 'visible) 10 | (with-selected-window (selected-window) 11 | (treemacs)))) 12 | (add-hook 'projectile-after-switch-project-hook 'bqv/treemacs-open) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/treemacs.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.treemacs = { 5 | demand = true; 6 | bind = { 7 | "" = "treemacs"; 8 | }; 9 | config = '' 10 | (require 'electric) 11 | (defun electric-indent-local-mode (&rest r) nil) 12 | ''; 13 | }; 14 | } 15 | -------------------------------------------------------------------------------- /emacs/typescript-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.typescript-mode = { 5 | demand = true; 6 | after = [ "lsp-mode" ]; 7 | hook = [ 8 | { typescript-mode-hook = "lsp"; } 9 | ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/undo-tree.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.undo-tree = { 5 | demand = true; 6 | after = [ "evil" ]; 7 | config = '' 8 | (global-undo-tree-mode t) 9 | (evil-set-undo-system 'undo-tree) 10 | (setq undo-tree-enable-undo-in-region nil) 11 | (setq undo-tree-visualizer-diff t) 12 | (setq undo-tree-visualizer-timestamps t) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/vc-darcs.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.vc-darcs = { 5 | demand = true; 6 | systemDeps = with pkgs; [ darcs ]; 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /emacs/vterm-toggle.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.vterm-toggle = { 5 | demand = true; 6 | config = '' 7 | (setq vterm-toggle-reset-window-configration-after-exit nil) 8 | ''; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/vterm.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, hosts, ... }: 2 | 3 | { 4 | emacs.loader.vterm = { 5 | demand = true; 6 | config = '' 7 | (setq vterm-shell "${pkgs.xonsh.pname}") 8 | (setq vterm-kill-buffer-on-exit t) 9 | (defun vterm-shell-command (command) 10 | (let ((vterm-shell command)) 11 | (vterm "*Vterm Shell Command*"))) 12 | (defun bqv/nested-emacs () 13 | (interactive) 14 | (vterm-shell-command "*nested-emacs*")) 15 | 16 | (defun vterm-run (with-sudo executable) 17 | "Launch EXE in a vterm buffer, possibly WITH-SUDO." 18 | ;(interactive (list (completing-read "Command" (mapcar #'file-name-base (executables-list))))) 19 | (let* ((buffer-name (concat "*" executable "*")) 20 | (canonical-name (assoc executable (executables-list) 21 | '(lambda (exe) (= (file-name-base exe) ))))) 22 | (assert (not (null executable))) 23 | (let ((vterm-shell (if with-sudo 24 | (concat "sudo " executable) 25 | executable))) 26 | (vterm buffer-name)))) 27 | (defun htop (&optional with-sudo) 28 | (interactive "P") 29 | (vterm-run with-sudo "htop")) 30 | (defun tuir (&optional with-sudo) 31 | (interactive "P") 32 | (vterm-run with-sudo "tuir")) 33 | ''; 34 | systemDeps = with pkgs; [ cmake libtool libvterm ]; 35 | }; 36 | } 37 | -------------------------------------------------------------------------------- /emacs/w3m.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.w3m = { 5 | demand = true; 6 | package = _: pkgs.emacs.pkgs.w3m; # breaks if native 7 | config = '' 8 | (setq w3m-display-inline-images t) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/web-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.web-mode = { 5 | demand = true; 6 | mode = { 7 | "\"\\\\.cshtml\\\\'\"" = "web-mode"; 8 | }; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /emacs/webpaste.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.webpaste = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/which-key.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.which-key = { 5 | demand = true; 6 | diminish = [ "which-key-mode" ]; 7 | config = '' 8 | (add-hook 'after-init-hook 'which-key-mode) 9 | ''; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /emacs/whitespace.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.whitespace = { 5 | demand = true; 6 | package = lib.const null; 7 | config = '' 8 | (add-hook 'prog-mode-hook 'whitespace-mode) 9 | (delq 'lines whitespace-style) 10 | (add-to-list 'whitespace-style 'lines-tail) 11 | ''; 12 | }; 13 | } 14 | -------------------------------------------------------------------------------- /emacs/window-purpose.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.window-purpose = { 5 | demand = true; 6 | config = '' 7 | (add-to-list 'purpose-user-mode-purposes '(weechat-mode . chat)) 8 | (add-to-list 'purpose-user-name-purposes '("qutebrowser" . web)) 9 | (add-to-list 'purpose-user-regexp-purposes '("^termite.*" . terminal)) 10 | (setq purpose-use-default-configuration t) 11 | (purpose-compile-user-configuration) 12 | (purpose-mode) 13 | ''; 14 | }; 15 | } 16 | -------------------------------------------------------------------------------- /emacs/xonsh-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.xonsh-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/yaml-mode.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.yaml-mode = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/yasnippet.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.yasnippet = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /emacs/zenburn-theme.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, pkgs, ... }: 2 | 3 | { 4 | emacs.loader.zenburn-theme = { 5 | demand = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /hosts/NixOS.nix: -------------------------------------------------------------------------------- 1 | { 2 | ### root password is empty by default ### 3 | imports = [ ../users/nixos.nix ../users/root.nix ]; 4 | 5 | boot.loader.systemd-boot.enable = true; 6 | boot.loader.efi.canTouchEfiVariables = true; 7 | 8 | networking.networkmanager.enable = true; 9 | } 10 | -------------------------------------------------------------------------------- /hosts/image/default.nix: -------------------------------------------------------------------------------- 1 | { modulesPath, ... }: { 2 | imports = [ 3 | # passwd is nixos by default 4 | ../../users/nixos.nix 5 | # passwd is empty by default 6 | ../../users/root.nix 7 | "${modulesPath}/installer/cd-dvd/iso-image.nix" 8 | ]; 9 | 10 | isoImage.makeEfiBootable = true; 11 | isoImage.makeUsbBootable = true; 12 | networking.networkmanager.enable = true; 13 | } 14 | -------------------------------------------------------------------------------- /hosts/zeta/certificate.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, domains, ... }: 2 | 3 | let 4 | inherit (lib) genAttrs const nameValuePair; 5 | 6 | email = "ssl+${config.networking.hostName}@${domains.home}"; 7 | mkCertFor = domain: rec { 8 | inherit email; 9 | #inherit domain; 10 | #directory = "/var/lib/acme/${domain}/"; 11 | extraDomainNames = [ "*.${domain}" ]; 12 | group = "keys"; 13 | 14 | dnsProvider = "cloudflare"; 15 | credentialsFile = "/etc/ssl/${dnsProvider}"; 16 | dnsPropagationCheck = true; 17 | }; 18 | in { 19 | security.acme = { 20 | certs = genAttrs (builtins.attrValues domains) mkCertFor; 21 | }; 22 | 23 | systemd.services.traefik.serviceConfig = lib.mkIf config.services.traefik.enable { 24 | SupplementaryGroups = "keys"; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /lib/elisp.nix: -------------------------------------------------------------------------------- 1 | { lib, pkgs }: 2 | 3 | { 4 | writeFile = let 5 | formatted = code: code; # TODO: this 6 | in { name, description, lexical-binding ? true, text, ... }: (pkgs.writeText "${name}.el" '' 7 | ;;; ${name}.el --- ${description} ${if ! lexical-binding then "" 8 | else "-*- lexical-binding: t -*-"} 9 | ;;; Commentary: 10 | ;;; Generated by Nix 11 | 12 | ;;; Code: 13 | ${formatted text} 14 | 15 | ;;; ${name}.el ends here 16 | ;; Local Variables: 17 | ;; indent-tabs-mode: nil 18 | ;; End: 19 | '').overrideAttrs (_: { 20 | preferLocalBuild = true; 21 | allowSubstitutes = false; 22 | }); 23 | } 24 | -------------------------------------------------------------------------------- /lib/utils.nix: -------------------------------------------------------------------------------- 1 | { lib, ... }: 2 | 3 | let 4 | inherit (builtins) attrNames isAttrs readDir; 5 | inherit (lib) filterAttrs hasSuffix mapAttrs' nameValuePair removeSuffix; 6 | in rec { 7 | # mapFilterAttrs :: 8 | # (name -> value -> bool ) 9 | # (name -> value -> { name = any; value = any; }) 10 | # attrs 11 | mapFilterAttrs = seive: f: attrs: filterAttrs seive (mapAttrs' f attrs); 12 | 13 | recImport = { dir, _import ? base: import "${dir}/${base}.nix" }: 14 | mapFilterAttrs (_: v: v != null) (n: v: 15 | if n != "default.nix" 16 | && ((hasSuffix ".nix" n && v == "regular" && false) || v == "directory") 17 | 18 | then 19 | let name = n; in nameValuePair (name) (_import name) 20 | 21 | else 22 | nameValuePair ("") (null)) (readDir dir); 23 | } 24 | -------------------------------------------------------------------------------- /modules/home-manager.nix: -------------------------------------------------------------------------------- 1 | [ 2 | ./emacs.nix 3 | ./misc/platform.nix 4 | ./misc/attrmods.nix 5 | ] 6 | -------------------------------------------------------------------------------- /modules/misc/attrmods.nix: -------------------------------------------------------------------------------- 1 | args@{ config, options, lib, ... }: 2 | 3 | let 4 | # Slightly flimsy but means I don't need two files for this. 5 | nixos = ! home-manager; 6 | home-manager = args ? nixosConfig; 7 | in { 8 | options = builtins.foldl' (a: b: a // b) {} [ 9 | (if home-manager then { 10 | 11 | home-manager.users = lib.mkOption { 12 | type = with lib.types; attrsOf (submoduleWith { 13 | inherit specialArgs; 14 | modules = [{ 15 | options.home.packagesAttrs = lib.mkOption { 16 | type = lib.types.attrs; 17 | description = "Attrset based mirror of home.packages"; 18 | }; 19 | config.home.packagesAttrs = lib.mkOverride 100 (lib.zipAttrs 20 | (map (p: { ${if p ? pname then p.pname else p.name} = p; }) 21 | config.home.packages)); 22 | }]; 23 | }); 24 | }; 25 | 26 | } else {}) 27 | (if nixos then { 28 | 29 | environment.systemPackagesAttrs = lib.mkOption { 30 | type = lib.types.attrs; 31 | description = "Attrset based mirror of environment.systemPackages"; 32 | }; 33 | 34 | } else {}) 35 | ]; 36 | config = if nixos then { 37 | 38 | environment.systemPackagesAttrs = lib.mkOverride 100 (lib.zipAttrs 39 | (map (p: { ${if p ? pname then p.pname else p.name} = p; }) 40 | config.environment.systemPackages)); 41 | 42 | } else {}; 43 | } 44 | -------------------------------------------------------------------------------- /modules/misc/flake-ci.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | { 4 | options = { 5 | services.flake-ci.enable = lib.mkEnableOption "Flake CI"; 6 | }; 7 | config = lib.mkIf config.services.flake-ci.enable { 8 | systemd.services.flake-ci = { 9 | enable = true; 10 | description = "Flake CI"; 11 | path = [ pkgs.nixUnstable ]; 12 | serviceConfig.Type = "oneshot"; 13 | serviceConfig.User = config.users.users.bao.name; 14 | serviceConfig.WorkingDirectory = "/srv/git/github.com/bqv/nixrc"; 15 | serviceConfig.ExecStart = "nix develop -c forecast master small"; 16 | }; 17 | systemd.timers.flake-ci = { 18 | enable = true; 19 | description = "Flake CI timer"; 20 | timerConfig = { 21 | OnCalendar = "hourly"; 22 | Unit = "flake-ci.service"; 23 | }; 24 | wantedBy = [ "timers.target" ]; 25 | }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /modules/misc/headless.nix: -------------------------------------------------------------------------------- 1 | { config, lib, options, ... }: 2 | 3 | { 4 | options = { 5 | headless = lib.mkOption { 6 | type = lib.types.bool; 7 | description = "Is a headless machine"; 8 | }; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /modules/misc/platform.nix: -------------------------------------------------------------------------------- 1 | { lib, ... }: 2 | 3 | { 4 | options = { 5 | platform = lib.mkOption { 6 | type = lib.types.str; 7 | description = "Target platform"; 8 | }; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /modules/nixos.nix: -------------------------------------------------------------------------------- 1 | [ 2 | ./programs/nix-index.nix 3 | ./programs/weechat.nix 4 | ./services/nix-index.nix 5 | ./services/gitfs.nix 6 | ./services/hydroxide/default.nix 7 | ./services/ipfs-cluster/default.nix 8 | ./services/grocy.nix 9 | ./security/mitigations.nix 10 | ./system/machines.nix 11 | ./networking/nftables.nix 12 | ./networking/wireguard-mesh.nix 13 | ./networking/namespacing.nix 14 | ./wayland/swc-launch.nix 15 | ./misc/attrmods.nix 16 | ./misc/flake-ci.nix 17 | ./misc/headless.nix 18 | ./misc/platform.nix 19 | ./misc/qemu.nix 20 | ] 21 | -------------------------------------------------------------------------------- /modules/programs/nix-index.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | let 4 | cfg = config.programs.nix-index; 5 | in { 6 | options.programs.nix-index = { 7 | enable = lib.mkOption { 8 | type = lib.types.bool; 9 | default = false; 10 | description = "Whether to enable nix-index and it's command-not-found helper."; 11 | }; 12 | 13 | package = lib.mkOption { 14 | type = lib.types.package; 15 | default = pkgs.nix-index; 16 | defaultText = "pkgs.nix-index"; 17 | description = "This option specifies the nix-index package to use."; 18 | }; 19 | }; 20 | 21 | config = lib.mkIf cfg.enable { 22 | environment.systemPackages = [ cfg.package ]; 23 | 24 | environment.interactiveShellInit = "source ${cfg.package}/etc/profile.d/command-not-found.sh"; 25 | 26 | programs.command-not-found.enable = false; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /modules/services/grocy.nix: -------------------------------------------------------------------------------- 1 | { config, lib, domains, ... }: 2 | 3 | { 4 | config = lib.mkIf config.services.grocy.enable { 5 | services.grocy = { 6 | nginx.enableSSL = false; 7 | hostName = "grocy.${domains.home}"; 8 | settings = { 9 | currency = "GBP"; 10 | culture = "en_GB"; 11 | calendar.firstDayOfWeek = 1; 12 | calendar.showWeekNumber = true; 13 | }; 14 | }; 15 | services.nginx.virtualHosts.${config.services.grocy.hostName}.listen = [{ 16 | addr = "[::]"; 17 | port = 8789; 18 | ssl = false; 19 | }{ 20 | addr = "0.0.0.0"; 21 | port = 8789; 22 | ssl = false; 23 | }]; 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /modules/services/nix-index.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; 4 | 5 | let 6 | cfg = config.services.nix-index; 7 | 8 | package = config.programs.nix-index.package; 9 | 10 | renderTimer = desc: boot: active: cal: { 11 | description = "${desc}"; 12 | wantedBy = [ "timers.target" ]; 13 | timerConfig = lib.optionalAttrs (boot != "") { OnBootSec = "${boot}"; } 14 | // lib.optionalAttrs (active != "") { OnUnitActiveSec = "${active}"; } 15 | // lib.optionalAttrs (cal != "") { OnCalendar = "${cal}"; }; 16 | }; 17 | in 18 | 19 | { 20 | options.services.nix-index = { 21 | enable = mkOption { 22 | type = types.bool; 23 | default = false; 24 | description = "Whether to enable nix-index and it's command-not-found helper."; 25 | }; 26 | }; 27 | 28 | config = mkIf cfg.enable { 29 | 30 | programs.nix-index.enable = mkDefault true; 31 | 32 | systemd.user.services."nix-update-index" = { 33 | description = "Update nix packages metadata index"; 34 | serviceConfig = { 35 | Type = "oneshot"; 36 | ExecStartPre = builtins.trace 37 | "${config.networking.hostName} - nix-update-index.timer: suspended cause it breaks my net" 38 | "false"; 39 | ExecStart = "${package}/bin/nix-index"; 40 | StandardOutput = "journal"; 41 | StandardError = "journal"; 42 | }; 43 | }; 44 | 45 | systemd.user.timers."nix-update-index" = 46 | renderTimer "Update nix packages metadata index" "1h" "12h" ""; 47 | 48 | }; 49 | } 50 | -------------------------------------------------------------------------------- /modules/wayland/swc-servers/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; 4 | 5 | let 6 | cfg = config.services.swc-launch.server; 7 | in 8 | 9 | { 10 | imports = [ 11 | ./velox.nix 12 | ]; 13 | 14 | options = { 15 | services.swc-launch.server = { 16 | #name = mkOption { 17 | # type = types.str; 18 | # default = null; 19 | # example = "velox"; 20 | # description = "libswc server to be launched"; 21 | #}; 22 | active_server = mkOption { 23 | type = types.str; 24 | internal = true; 25 | default = null; 26 | description = '' 27 | The libswc server to be used (i.e. the server that was enabled). Only 28 | one libswc server can be active at a time. 29 | ''; 30 | }; 31 | available_servers = mkOption { 32 | type = types.listOf types.str; 33 | internal = true; 34 | default = []; 35 | description = '' 36 | The list of libswc servers that have been enabled. 37 | ''; 38 | }; 39 | }; 40 | }; 41 | 42 | config = { 43 | # Determine the server to be used. Must only be one server active. 44 | services.swc-launch.server.active_server = 45 | let 46 | enabled_servers = 47 | map (s: "${s.name}") ( 48 | filter (s: s.server.enable == true) ( 49 | map (s: { name = "${s}"; server = cfg.${s}; }) cfg.available_servers 50 | )); 51 | in 52 | if length enabled_servers == 1 then 53 | head enabled_servers 54 | else if length enabled_servers > 1 then 55 | throw "Only one libswc server can be enabled at a time." 56 | else null; 57 | }; 58 | } 59 | -------------------------------------------------------------------------------- /modules/wayland/swc-servers/velox.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; 4 | 5 | let cfg = config.services.swc-launch.server.velox; 6 | in { 7 | options = { 8 | services.swc-launch.server.velox = { 9 | enable = mkOption { 10 | default = false; 11 | description = "Enable the Velox compositor."; 12 | }; 13 | command = mkOption { 14 | internal = true; 15 | type = types.str; 16 | description = "Velox compositor command."; 17 | }; 18 | }; 19 | }; 20 | 21 | config = mkIf cfg.enable { 22 | environment.systemPackages = with pkgs; [ velox ]; 23 | 24 | services.swc-launch.server = { available_servers = [ "velox" ]; }; 25 | services.swc-launch.server.velox = { command = "${pkgs.velox}/bin/velox"; }; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /overlays/ankisyncd.nix: -------------------------------------------------------------------------------- 1 | inputs@{ anki-sync, ... }: final: prev: { 2 | # Nixpkgs version uses tsudoko's repo, which is woefully out of date 3 | ankisyncd = prev.ankisyncd.overrideAttrs (_: { 4 | src = inputs.anki-sync; 5 | }); 6 | } 7 | -------------------------------------------------------------------------------- /overlays/brig.nix: -------------------------------------------------------------------------------- 1 | inputs@{ brig, ... }: final: prev: { 2 | brig = if final.lib.versionAtLeast prev.brig.version "0.5.0" 3 | then builtins.trace "pkgs.brig: overlay expired" prev.brig 4 | else (with prev.brig; final.buildGoModule { 5 | name = "brig-${inputs.brig.lastModifiedDate}"; 6 | inherit pname doCheck meta; 7 | version = inputs.brig.shortRev; 8 | src = inputs.brig; 9 | vendorSha256 = "9kVTRRQWJq3gMsIqrsJobOZTucF2beDiHwXOA1LaAOQ="; 10 | }); 11 | } 12 | -------------------------------------------------------------------------------- /overlays/cordless.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | cordless = prev.buildGoModule { 3 | src = prev.fetchFromGitHub { 4 | owner = "bios-marcel"; 5 | repo = "cordless"; 6 | rev = "2d5a3c39eb9d2fdd934c3cb5c3c7ebfc2f5c6761"; 7 | sha256 = "1k78jna4aqvai94hg021khl9d4lmkgxgdqrr32k8vwfm48310f8i"; 8 | }; 9 | vendorSha256 = "XnwTqd19q+hOJZsfnFExiPDbg4pzV1Z9A6cq/jhcVgU="; 10 | inherit (prev.cordless) pname version meta; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /overlays/default.nix: -------------------------------------------------------------------------------- 1 | inputs@{ self, ... }: final: prev: { 2 | flake = self; 3 | } // import ../pkgs final prev 4 | -------------------------------------------------------------------------------- /overlays/epsxe.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | epsxe = final.epsxe.overrideAttrs ({ installPhase, ... }: { 3 | installPhase = let 4 | bios = final.fetchurl { 5 | url = "https://ps1emulator.com/SCPH1001.BIN"; 6 | hash = "sha256-ca+U0eR6aMEej9ufg2gEBgFRSkKlo5nNpIx9O/8emdM="; 7 | }; 8 | in installPhase + '' 9 | mkdir -p $out/share/bios/ 10 | ln -s ${bios} $out/share/bios/scph1001.bin 11 | ''; 12 | }); 13 | } 14 | -------------------------------------------------------------------------------- /overlays/git-bug.nix: -------------------------------------------------------------------------------- 1 | inputs@{ git-bug, ... }: final: prev: { 2 | git-bug = if final.lib.versionAtLeast prev.git-bug.version "0.7.3" 3 | then builtins.trace "pkgs.git-bug: overlay expired" prev.git-bug 4 | else (with prev.git-bug; final.buildGoModule { 5 | name = "git-bug-${inputs.git-bug.lastModifiedDate}"; 6 | inherit pname doCheck meta; 7 | version = inputs.git-bug.shortRev; 8 | src = inputs.git-bug; 9 | vendorSha256 = "9Ywa4yBFFsMahZMoiJ8LU0OFiChjYz2i6gO6cjR1nXQ="; 10 | }); 11 | } 12 | -------------------------------------------------------------------------------- /overlays/gitfs.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | gitfs = prev.gitfs.overrideAttrs (drv: { 3 | doInstallCheck = true; 4 | installCheckPhase = "$out/bin/gitfs --help"; 5 | installCheckInputs = [ final.cacert ]; 6 | patchPhase = drv.patchPhase + '' 7 | sed -i 's/from pygit2.remote import RemoteCallbacks/from pygit2.callbacks import RemoteCallbacks/' gitfs/mounter.py 8 | ''; 9 | }); 10 | } 11 | -------------------------------------------------------------------------------- /overlays/gpodder.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | normalize = prev.normalize.overrideAttrs (super: { 3 | postInstall = "ln -s $out/bin/normalize $out/bin/normalize-audio"; 4 | }); 5 | gpodder = prev.gpodder.overrideAttrs (super: { 6 | propagatedBuildInputs = super.propagatedBuildInputs ++ (with final.python3Packages; [ mutagen ]); 7 | }); 8 | } 9 | -------------------------------------------------------------------------------- /overlays/hnix.nix: -------------------------------------------------------------------------------- 1 | inputs@{ hnix-overlay, ... }: final: prev: { 2 | hnix = let 3 | inherit (final) haskellPackages haskell; 4 | in haskell.lib.overrideSrc (haskellPackages.override { 5 | overrides = self: super: { 6 | hnix-store-core = self.hnix-store-core_0_4_0_0; 7 | hnix-store-remote = haskell.lib.unmarkBroken super.hnix-store-remote; 8 | hnix = haskell.lib.addBuildDepend super.hnix self.hnix-store-remote; 9 | }; 10 | }).hnix { 11 | src = final.runCommand "hnix-src" { 12 | cnix = final.fetchFromGitHub { 13 | owner = "haskell-nix"; 14 | repo = "nix"; 15 | rev = "61e816217bfdfffd39c130c7cd24f07e640098fc"; 16 | sha256 = "19d0r6vllr36s7a62g6dqfx698xl3sg1fymh5mf8vkvj572v4z27"; 17 | # date = 2019-10-10T15:03:46+02:00; 18 | }; 19 | hnix = inputs.hnix-overlay; 20 | } '' 21 | cp -rv $hnix $out 22 | chmod a+w $out/data/nix 23 | cp -rv $cnix/corepkgs $out/data/nix/ 24 | ''; 25 | }; 26 | } 27 | -------------------------------------------------------------------------------- /overlays/ini2json.nix: -------------------------------------------------------------------------------- 1 | inputs@{ ini2json, ... }: final: prev: rec { 2 | ini2json = final.stdenv.mkDerivation { 3 | name = "ini2json"; 4 | src = inputs.ini2json; 5 | nativeBuildInputs = [ final.cmake ]; 6 | passthru = { inherit callINI; }; 7 | }; 8 | 9 | # Uses IFD because why the heck not 10 | callINI = iniFile: builtins.fromJSON (builtins.readFile ( 11 | final.runCommand "${iniFile}.json" { 12 | ini = builtins.readFile iniFile; 13 | buildInputs = [ ini2json ]; 14 | passAsFile = [ "ini" ]; 15 | } '' 16 | ln -s $iniPath $out.ini 17 | ini2json $out.ini > $out 18 | '' 19 | )); 20 | } 21 | -------------------------------------------------------------------------------- /overlays/ipfs-cluster.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | ipfs-cluster = if final.lib.versionAtLeast prev.ipfs-cluster.version "0.13.1" 3 | then builtins.trace "pkgs.ipfs-cluster: overlay expired" prev.ipfs-cluster 4 | else (with prev.ipfs-cluster; final.buildGoModule { 5 | inherit pname version doCheck meta; 6 | src = final.fetchgit { 7 | url = src.meta.homepage; 8 | rev = "c78f7839a2d5645806e01bfbf7af862600f8fbc4"; 9 | sha256 = "c9amvmxU+3P14NygJK2hTNR+lTdFK7eEj1eoqv2FTDs="; 10 | }; 11 | vendorSha256 = "bejsbVMp5HnfUgG6pETK8Beeiax+BItVQh57sgmFbik="; 12 | }); 13 | } 14 | -------------------------------------------------------------------------------- /overlays/nftables.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | iptables = final.iptables-nftables-compat; 3 | } 4 | -------------------------------------------------------------------------------- /overlays/nix-bundle.nix: -------------------------------------------------------------------------------- 1 | inputs@{ ... }: final: prev: { 2 | nix-bundle = prev.nix-bundle.override { 3 | nix = prev.nixFlakes; 4 | }; 5 | } 6 | -------------------------------------------------------------------------------- /overlays/nix-index-fix.patch: -------------------------------------------------------------------------------- 1 | diff --git a/src/hydra.rs b/src/hydra.rs 2 | index 1cde305..21d7b06 100644 3 | --- a/src/hydra.rs 4 | +++ b/src/hydra.rs 5 | @@ -342,8 +342,8 @@ impl Fetcher { 6 | &'a self, 7 | path: &StorePath, 8 | ) -> Box, Error = Error> + 'a> { 9 | - let url_xz = format!("{}/{}.ls.xz", self.cache_url, path.hash()); 10 | - let url_generic = format!("{}/{}.ls", self.cache_url, path.hash()); 11 | + let url_xz = format!("{}/{}-{}.ls.xz", self.cache_url, path.hash(), path.name()); 12 | + let url_generic = format!("{}/{}-{}.ls", self.cache_url, path.hash(), path.name()); 13 | let name = format!("{}.json", path.hash()); 14 | 15 | let fetched = self.fetch(url_generic, None).and_then( 16 | -------------------------------------------------------------------------------- /overlays/pointfree-fancy.nix: -------------------------------------------------------------------------------- 1 | inputs@{ rel2009, ... }: final: prev: { 2 | inherit (inputs.rel2009.legacyPackages.${final.system}.haskellPackages) pointfree-fancy; 3 | } 4 | -------------------------------------------------------------------------------- /overlays/postman.nix: -------------------------------------------------------------------------------- 1 | inputs@{ rel2003, ... }: final: prev: { 2 | postman = (final.symlinkJoin { 3 | name = "postman"; 4 | paths = [ 5 | (final.writeScriptBin "postman-x11" '' 6 | #!${final.execline}/bin/execlineb -S0 7 | export DISPLAY :0 8 | exec -a postman 9 | ${inputs.rel2003.postman}/bin/postman 10 | '') 11 | inputs.rel2003.postman 12 | ]; 13 | }).overrideAttrs (_: { inherit (inputs.rel2003.postman) meta; }); 14 | } 15 | -------------------------------------------------------------------------------- /overlays/swc-debug.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: rec { 2 | swc = prev.velox.swc.overrideAttrs (o: { 3 | separateDebugInfo = true; 4 | }); 5 | velox = prev.velox.overrideAttrs (o: { 6 | passthru = o.passthru // { 7 | inherit swc; 8 | }; 9 | separateDebugInfo = true; 10 | }); 11 | } 12 | -------------------------------------------------------------------------------- /overlays/webkitgtk.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | webkitgtk-eme = prev.webkitgtk.overrideAttrs (super: { 3 | buildInputs = super.buildInputs ++ (with final; [ 4 | libgpgerror 5 | ]); 6 | cmakeFlags = super.cmakeFlags ++ [ 7 | "-DENABLE_ENCRYPTED_MEDIA=ON" 8 | ]; 9 | }); 10 | } 11 | -------------------------------------------------------------------------------- /overlays/weechat.nix: -------------------------------------------------------------------------------- 1 | inputs@{ matrix-nio, weechat-matrix, ... }: final: prev: let 2 | lib = final.lib; 3 | matrix-nio = prev.python3Packages.matrix-nio.overrideAttrs (super: rec { 4 | # version = src.shortRev; 5 | # src = inputs.matrix-nio; 6 | # patches = [ 7 | # (final.fetchpatch { 8 | # url = "https://github.com/bqv/matrix-nio/commit/fd66d5d5e2c33120b27c2af44022b18521ee8b43.patch"; 9 | # sha256 = "170q7apgxhj9wzaqw23ax7apc8sjrnq27689zi5yvwyg3ic3x99w"; 10 | # }) 11 | # ]; 12 | }); 13 | weechat-matrix = prev.weechatScripts.weechat-matrix.overrideAttrs (super: rec { 14 | version = src.shortRev; 15 | src = inputs.weechat-matrix; 16 | }); 17 | in { 18 | weechatScripts = prev.weechatScripts // { 19 | weechat-matrix = weechat-matrix.override { 20 | inherit matrix-nio; 21 | }; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /overlays/xf86videointel.nix: -------------------------------------------------------------------------------- 1 | inputs@{...}: final: prev: { 2 | xorg = prev.xorg // prev.xorg.overrideScope' (self: super: rec { 3 | xf86videointel = super.xf86videointel.overrideAttrs (drv: { 4 | buildInputs = drv.buildInputs ++ [ self.libXv ]; 5 | }); 6 | }); 7 | } 8 | -------------------------------------------------------------------------------- /overlays/xonsh.nix: -------------------------------------------------------------------------------- 1 | inputs@{ ... }: final: prev: let 2 | super = { 3 | inherit (prev.xonsh) overridePythonAttrs propagatedBuildInputs; 4 | }; 5 | pythonOverrides = self: super: { 6 | prompt_toolkit = super.prompt_toolkit.overridePythonAttrs (_: rec { 7 | version = "3.0.11"; 8 | src = self.fetchPypi { 9 | pname = "prompt_toolkit"; 10 | inherit version; 11 | sha256 = "3IPmNosO3ZzqvhegVfLiL27ZW5qjnb1Z0LTzWFvf6e0="; 12 | }; 13 | }); 14 | }; 15 | python = let 16 | py = prev.lib.findFirst (p: p.pname == "python3") null super.propagatedBuildInputs; 17 | in if prev.lib.versionAtLeast py.pkgs.prompt_toolkit.version "3.0.11" 18 | then py else py.pkgs.python.override { 19 | self = python; 20 | packageOverrides = pythonOverrides; 21 | }; 22 | in with final.xontribs; rec { 23 | xonsh = super.overridePythonAttrs (o: rec { 24 | doCheck = false; 25 | propagatedBuildInputs = [ 26 | python.pkgs.ply 27 | python.pkgs.prompt_toolkit 28 | 29 | python.pkgs.nixpkgs 30 | python.pkgs.pip 31 | apt-tabcomplete 32 | autoxsh 33 | avox 34 | base16-shell 35 | direnv 36 | #docker-tabcomplete 37 | fzf-widgets 38 | #hist-navigator 39 | histcpy 40 | #kitty 41 | output-search 42 | pipeliner 43 | powerline 44 | prompt-bar 45 | prompt-vi-mode 46 | pure 47 | pyenv 48 | readable-traceback 49 | schedule 50 | scrapy-tabcomplete 51 | #ssh-agent 52 | vox-tabcomplete 53 | xo 54 | z 55 | ]; 56 | }); 57 | } 58 | -------------------------------------------------------------------------------- /pkgs/applications/display-managers/greetd/default.nix: -------------------------------------------------------------------------------- 1 | { lib, callPackage, naersk, fetchgit, pam, ... }: 2 | 3 | naersk.buildPackage rec { 4 | name = "greetd"; 5 | version = "0.6.1"; 6 | 7 | src = fetchgit { 8 | url = "https://git.sr.ht/~kennylevinsen/greetd"; 9 | rev = version; 10 | sha256 = "Jeb9GkR2OQ5j3xYNU0N64xPb2jDXkkeTb+UlyRGPOYo="; 11 | }; 12 | 13 | buildInputs = [ 14 | pam 15 | ]; 16 | 17 | passthru = { 18 | tuigreet = callPackage ./tuigreet.nix {}; 19 | }; 20 | } 21 | -------------------------------------------------------------------------------- /pkgs/applications/display-managers/greetd/tuigreet.nix: -------------------------------------------------------------------------------- 1 | { lib, naersk, fetchgit, pam, ... }: 2 | 3 | naersk.buildPackage rec { 4 | name = "greetd"; 5 | version = "0.1.1"; 6 | 7 | src = fetchgit { 8 | url = "https://github.com/apognu/tuigreet"; 9 | rev = version; 10 | sha256 = "lTa6q55tJv+FqnYcpfjxgViWd2/5HfpIk6XoX5uRKms="; 11 | }; 12 | 13 | buildInputs = [ 14 | ]; 15 | } 16 | -------------------------------------------------------------------------------- /pkgs/applications/misc/cfcli/default.nix: -------------------------------------------------------------------------------- 1 | { lib, mkYarnPackage, withSources }: 2 | 3 | let 4 | pkg = mkYarnPackage rec { 5 | src = withSources.cloudflare-cli; 6 | 7 | meta = { 8 | description = nodeinfo.description; 9 | homepage = nodeinfo.homepage; 10 | license = lib.licenses.mit; 11 | platforms = lib.platforms.all; 12 | }; 13 | }; 14 | nodeinfo = builtins.fromJSON (builtins.readFile pkg.packageJSON); 15 | in pkg 16 | -------------------------------------------------------------------------------- /pkgs/applications/networking/mactelnet/default.nix: -------------------------------------------------------------------------------- 1 | { lib, withSources, stdenv, autoreconfHook, ... }: 2 | 3 | stdenv.mkDerivation rec { 4 | name = "mactelnet"; 5 | src = withSources.mactelnet; 6 | version = src.shortRev; 7 | 8 | postPatch = "sed -i '/chown/d' config/Makefile.am"; 9 | 10 | nativeBuildInputs = [ autoreconfHook ]; 11 | 12 | buildPhase = "make all"; 13 | installPhase = '' 14 | make install; mv $out/etc/mactelnetd.users{,.sample}; ln -s /etc/mactelnetd.users $out/etc/mactelnetd.users 15 | ''; 16 | } 17 | -------------------------------------------------------------------------------- /pkgs/applications/networking/mailreaders/electronmail/default.nix: -------------------------------------------------------------------------------- 1 | { appimageTools, fetchurl, lib, gsettings-desktop-schemas, gtk3, makeDesktopItem, system }: 2 | 3 | let 4 | pname = "electronmail"; 5 | version = "4.4.2"; 6 | desktopItem = makeDesktopItem { 7 | name = "ElectronMail"; 8 | exec = "electron-mail"; 9 | type = "Application"; 10 | desktopName = "ElectronMail"; 11 | }; 12 | in appimageTools.wrapType2 rec { 13 | name = "${pname}-${version}"; 14 | src = fetchurl { 15 | url = "https://github.com/vladimiry/${pname}/releases/download/v${version}/electron-mail-${version}-linux-x86_64.AppImage"; 16 | sha256 = "1zl0sybzc86wqxgpiqa3hsdmb3nw9jskbps3j336v024zmzv2ih1"; 17 | }; 18 | 19 | #profile = '' 20 | # export LC_ALL=C.UTF-8 21 | # export XDG_DATA_DIRS=${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}:${gtk3}/share/gsettings-schemas/${gtk3.name}:$XDG_DATA_DIRS 22 | #''; 23 | 24 | multiPkgs = null; # no 32bit needed 25 | extraPkgs = appimageTools.defaultFhsEnvArgs.multiPkgs; 26 | extraInstallCommands = '' 27 | mkdir -p $out/share/applications 28 | ln -s ${desktopItem}/share/applications/* $out/share/applications 29 | mv $out/bin/{${name},${pname}} 30 | ''; 31 | 32 | meta = with lib; { 33 | description = "Unofficial ProtonMail Desktop App"; 34 | homepage = "https://github.com/vladimiry/ElectronMail/"; 35 | license = licenses.mit; 36 | maintainers = with maintainers; [ ]; 37 | platforms = [ "x86_64-linux" ]; 38 | broken = system != "x86_64-linux"; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /pkgs/applications/networking/transmission.patch: -------------------------------------------------------------------------------- 1 | diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix 2 | index 717c18d367f01..7bec073e26f71 100644 3 | --- a/nixos/modules/services/torrent/transmission.nix 4 | +++ b/nixos/modules/services/torrent/transmission.nix 5 | @@ -397,8 +397,8 @@ in 6 | mr ${getLib pkgs.openssl}/lib/libcrypto*.so*, 7 | mr ${getLib pkgs.openssl}/lib/libssl*.so*, 8 | mr ${getLib pkgs.systemd}/lib/libsystemd*.so*, 9 | - mr ${getLib pkgs.utillinuxMinimal.out}/lib/libblkid.so*, 10 | - mr ${getLib pkgs.utillinuxMinimal.out}/lib/libmount.so*, 11 | - mr ${getLib pkgs.utillinuxMinimal.out}/lib/libuuid.so*, 12 | + mr ${getLib pkgs.util-linuxMinimal.out}/lib/libblkid.so*, 13 | + mr ${getLib pkgs.util-linuxMinimal.out}/lib/libmount.so*, 14 | + mr ${getLib pkgs.util-linuxMinimal.out}/lib/libuuid.so*, 15 | mr ${getLib pkgs.xz}/lib/liblzma*.so*, 16 | mr ${getLib pkgs.zlib}/lib/libz*.so*, 17 | -------------------------------------------------------------------------------- /pkgs/applications/networking/wold/default.nix: -------------------------------------------------------------------------------- 1 | { lib, withSources, stdenv, ... }: 2 | 3 | stdenv.mkDerivation rec { 4 | name = "wold"; 5 | src = withSources.wold; 6 | version = src.shortRev; 7 | 8 | buildPhase = "make all"; 9 | installPhase = '' 10 | make install PREFIX=$out 11 | ''; 12 | } 13 | -------------------------------------------------------------------------------- /pkgs/applications/version-management/dgit/default.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, buildGoModule, makeWrapper, 2 | loglevel ? "" }: 3 | 4 | buildGoModule rec { 5 | pname = "dgit"; 6 | version = "0.0.14-alpha"; 7 | vendorSha256 = "0wg3wl6aws0wl02czzzlss7ffhl8h2zxchws2dlph0mk3c3vgppq"; 8 | 9 | src = withSources.dgit; 10 | 11 | nativeBuildInputs = [ makeWrapper ]; 12 | postInstall = '' 13 | mkdir -p $out/bin 14 | makeWrapper $out/bin/dgit $out/bin/git-remote-dgit \ 15 | --add-flags remote-helper --set DGIT_LOG_LEVEL $loglevel 16 | ''; 17 | 18 | meta = with lib; { 19 | description = "Decentralized git ownership and storage."; 20 | homepage = https://dgit.dev/; 21 | license = licenses.mit; 22 | platforms = platforms.unix; 23 | broken = true; # I don't even understand how this went so wrong 24 | }; 25 | } 26 | -------------------------------------------------------------------------------- /pkgs/applications/version-management/git-and-tools/git-pr-mirror/default.nix: -------------------------------------------------------------------------------- 1 | { lib, buildGoModule, withSources }: 2 | 3 | buildGoModule rec { 4 | pname = "git-pull-request-mirror-unstable"; 5 | version = src.shortRev; 6 | 7 | vendorSha256 = "0789v1r6my256pncs0105yji28ifchj6ppfiy8gavglgclq3cgvn"; 8 | 9 | src = withSources.git-pullrequest; 10 | 11 | postInstall = '' 12 | for bin in $out/bin/*; do 13 | mv $bin $out/bin/git-pr-$(basename $bin) 14 | done 15 | ''; 16 | 17 | meta = with lib; { 18 | description = "Mirror Github Pull Requests into the git-pull-request-mirror formats"; 19 | homepage = "https://github.com/google/git-pull-request-mirror"; 20 | license = licenses.asl20; 21 | platforms = platforms.all; 22 | maintainers = [ ]; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /pkgs/applications/version-management/git-get/default.nix: -------------------------------------------------------------------------------- 1 | { lib, buildGoModule, withSources, makeWrapper }: 2 | 3 | buildGoModule rec { 4 | pname = "git-get"; 5 | version = src.shortRev; 6 | vendorSha256 = "05k6w4knk7fdjm9qm272nlrk47rzjr18g0fp4j57f5ncq26cxr8b"; 7 | 8 | src = withSources.git-get; 9 | 10 | nativeBuildInputs = [ makeWrapper ]; 11 | postInstall = '' 12 | mkdir -p $out/bin 13 | wrapProgram $out/bin/get 14 | wrapProgram $out/bin/list 15 | mv $out/bin/get $out/bin/git-get 16 | mv $out/bin/list $out/bin/git-list 17 | ''; 18 | 19 | doCheck = false; 20 | 21 | meta = with lib; { 22 | platforms = platforms.unix; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /pkgs/applications/version-management/git-remote-ipfs/default.nix: -------------------------------------------------------------------------------- 1 | { lib, buildGoModule, withSources, makeWrapper, git }: 2 | 3 | buildGoModule rec { 4 | pname = "git-remote-ipfs"; 5 | version = src.shortRev; 6 | vendorSha256 = "hkenInaS6PFnu/Z0oz32Y4B4BmM5+l5AB2/K1f/LxqA="; 7 | 8 | src = withSources.git-remote-ipfs; 9 | 10 | doCheck = false; 11 | checkInputs = [ 12 | git 13 | ]; 14 | 15 | postInstall = '' 16 | ln -s $out/bin/git-remote-ipfs $out/bin/git-remote-ipns 17 | ''; 18 | 19 | meta = with lib; { 20 | platforms = platforms.unix; 21 | }; 22 | } 23 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/taiwins/default.nix: -------------------------------------------------------------------------------- 1 | { stdenv, lib, fetchgit, pkgs }: 2 | 3 | stdenv.mkDerivation { 4 | name = "taiwins"; 5 | src = fetchgit { 6 | url = "https://github.com/taiwins/taiwins"; 7 | rev = "722503b9eed47a8cc2dd53dd0b5b03d2f0a50c3f"; 8 | sha256 = "l1DKuH8Q2Mp3NAFqe7weHPeXwh1Ux9eJ+f4gLE0qmNA="; 9 | fetchSubmodules = true; 10 | }; 11 | nativeBuildInputs = with pkgs; [ 12 | meson pkgconfig libxkbcommon wayland cairo cmake udev librsvg 13 | wayland-protocols lua5_3 dbus libdrm libinput mesa pam ninja pixman 14 | xorg.xcbutil xorg.libxcb xorg.xcbutilwm xorg.xcbutilerrors 15 | ]; 16 | CFLAGS = [ 17 | "-Wno-error=unused-result" 18 | "-Wno-error=maybe-uninitialized" 19 | "-Wno-error=stringop-overflow=" 20 | ]; 21 | } 22 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/velox/dmenu.nix: -------------------------------------------------------------------------------- 1 | { stdenv, lib, withSources, swc, wld, wayland, libxkbcommon, pixman, fontconfig }: 2 | 3 | stdenv.mkDerivation rec { 4 | name = "dmenu-velox-${version}"; 5 | version = src.shortRev; 6 | 7 | src = withSources.dmenu; 8 | 9 | buildInputs = [ swc wld wayland libxkbcommon pixman fontconfig ]; 10 | 11 | postPatch = '' 12 | sed -ri -e 's!\<(dmenu|dmenu_path)\>!'"$out/bin"'/&!g' dmenu_run 13 | ''; 14 | 15 | preConfigure = [ 16 | ''sed -i "s@PREFIX = /usr/local@PREFIX = $out@g; s@/usr/share/swc@${swc}/share/swc@g" config.mk'' 17 | ]; 18 | 19 | preFixup = '' 20 | # Patch dmenu scripts to use binaries with -wl suffix. 21 | for i in dmenu_path dmenu_run; do 22 | sed -i 's!'"$out/bin/"'dmenu\b!&-wl!g' $out/bin/$i 23 | sed -i 's!'"$out/bin/"'dmenu_path\b!&-wl!g' $out/bin/$i 24 | done 25 | # Rename all executables with the -wl suffix. 26 | for i in dmenu dmenu_path dmenu_run stest; do 27 | mv $out/bin/$i $out/bin/$i-wl 28 | done 29 | ''; 30 | 31 | enableParallelBuilding = true; 32 | 33 | meta = { 34 | description = "A generic, highly customizable, and efficient menu for the X Window System"; 35 | homepage = https://tools.suckless.org/dmenu; 36 | license = lib.licenses.mit; 37 | maintainers = with lib.maintainers; [ ]; 38 | platforms = with lib.platforms; all; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/velox/hardcode-screen-order.patch: -------------------------------------------------------------------------------- 1 | diff --git a/libswc/screen.c b/libswc/screen.c 2 | index fd1c361..b353e39 100644 3 | --- a/libswc/screen.c 4 | +++ b/libswc/screen.c 5 | @@ -132,6 +132,22 @@ screen_new(uint32_t crtc, struct output *output, struct plane *cursor_plane) 6 | wl_list_insert(&screen->outputs, &output->link); 7 | wl_list_init(&screen->modifiers); 8 | 9 | + int y = wl_list_length(&swc.screens); 10 | + switch (y) 11 | + { 12 | + case 0: 13 | + x = 0000; 14 | + break; 15 | + case 1: 16 | + x = 3840; 17 | + break; 18 | + case 2: 19 | + x = 1920; 20 | + break; 21 | + default: 22 | + break; 23 | + }; 24 | + DEBUG("Putting screen %d (%d) at %d\n", screen->id, y, x); 25 | view_move(&screen->planes.primary.view, x, 0); 26 | screen->base.geometry = screen->planes.primary.view.geometry; 27 | screen->base.usable_geometry = screen->base.geometry; 28 | -- 29 | 2.27.0 30 | 31 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/velox/st.nix: -------------------------------------------------------------------------------- 1 | { stdenv, lib, withSources, pkgconfig, writeText 2 | , ncurses, wayland, wayland-protocols, wld, libxkbcommon, fontconfig, pixman 3 | , conf, patches }: 4 | 5 | stdenv.mkDerivation rec { 6 | name = "st-velox-${version}"; 7 | version = src.shortRev; 8 | 9 | src = withSources.st-wl; 10 | 11 | inherit patches; 12 | 13 | configFile = lib.optionalString (conf!=null) (writeText "config.def.h" conf); 14 | preBuild = lib.optionalString (conf!=null) "cp ${configFile} config.def.h"; 15 | 16 | nativeBuildInputs = [ pkgconfig ]; 17 | buildInputs = [ ncurses wayland wayland-protocols wld libxkbcommon fontconfig pixman ]; 18 | 19 | NIX_LDFLAGS = "-lfontconfig"; 20 | 21 | installPhase = '' 22 | TERMINFO=$out/share/terminfo make install PREFIX=$out 23 | ''; 24 | 25 | preFixup = '' 26 | mv $out/bin/st $out/bin/st-wl 27 | ''; 28 | 29 | enableParallelBuilding = true; 30 | 31 | meta = with lib; { 32 | homepage = https://st.suckless.org/; 33 | license = licenses.mit; 34 | maintainers = with maintainers; [ ]; 35 | platforms = with platforms; linux; 36 | }; 37 | } 38 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/velox/swc.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, pkgconfig, makeWrapper 2 | , wld, wayland, wayland-protocols, fontconfig, pixman, libdrm, libinput, libevdev, libxkbcommon, libxcb, xcbutilwm 3 | }: 4 | 5 | stdenv.mkDerivation rec { 6 | name = "swc-${version}"; 7 | version = src.shortRev; 8 | 9 | src = withSources.swc; 10 | 11 | patches = [ 12 | #./hardcode-screen-order.patch # committed 13 | ]; 14 | 15 | nativeBuildInputs = [ pkgconfig makeWrapper ]; 16 | 17 | buildInputs = [ wld wayland wayland-protocols fontconfig pixman libdrm libinput libevdev libxkbcommon libxcb xcbutilwm ]; 18 | 19 | prePatch = '' 20 | substituteInPlace launch/local.mk --replace 4755 755 21 | ''; 22 | 23 | makeFlags = "PREFIX=$(out) ENABLE_XWAYLAND=1"; 24 | installPhase = "PREFIX=$out make install"; 25 | 26 | enableParallelBuilding = true; 27 | 28 | meta = { 29 | description = "A library for making a simple Wayland compositor"; 30 | homepage = src.meta.homepage; 31 | license = lib.licenses.mit; 32 | platforms = lib.platforms.linux; 33 | maintainers = with lib.maintainers; [ ]; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /pkgs/applications/window-managers/velox/wld.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, pkgconfig 2 | , wayland, fontconfig, pixman, freetype, libdrm 3 | }: 4 | 5 | stdenv.mkDerivation rec { 6 | name = "wld-${version}"; 7 | version = src.shortRev; 8 | 9 | src = withSources.wld; 10 | 11 | nativeBuildInputs = [ pkgconfig ]; 12 | 13 | buildInputs = [ wayland fontconfig pixman freetype libdrm ]; 14 | 15 | makeFlags = "PREFIX=$(out)"; 16 | installPhase = "PREFIX=$out make install"; 17 | 18 | enableParallelBuilding = true; 19 | 20 | meta = { 21 | description = "A primitive drawing library targeted at Wayland"; 22 | homepage = src.meta.homepage; 23 | license = lib.licenses.mit; 24 | platforms = lib.platforms.linux; 25 | maintainers = with lib.maintainers; [ ]; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /pkgs/build-support/fetchdarcs/builder.sh: -------------------------------------------------------------------------------- 1 | source $stdenv/setup 2 | 3 | tagtext="" 4 | tagflags="" 5 | if test -n "$rev"; then 6 | tagtext="(tag $rev) " 7 | tagflags="--tag=$rev" 8 | elif test -n "$patch"; then 9 | tagtext="(patch $patch) " 10 | tagflags="--to-hash=$patch" 11 | elif test -n "$context"; then 12 | tagtext="(context) " 13 | tagflags="--context=$context" 14 | fi 15 | 16 | header "getting $url $partial ${tagtext} into $out" 17 | 18 | darcs get --lazy $tagflags "$url" "$out" 19 | (cd "$out" && darcs changes --last=1) 20 | # remove metadata, because it can change 21 | rm -rf "$out/_darcs" 22 | 23 | stopNest 24 | -------------------------------------------------------------------------------- /pkgs/build-support/fetchdarcs/default.nix: -------------------------------------------------------------------------------- 1 | { stdenvNoCC, darcs, cacert }: 2 | 3 | { url, rev ? null, patch ? null, context ? null, md5 ? "", sha256 ? "" }: 4 | 5 | if md5 != "" then 6 | throw "fetchdarcs does not support md5 anymore, please use sha256" 7 | else 8 | stdenvNoCC.mkDerivation { 9 | name = "fetchdarcs"; 10 | builder = ./builder.sh; 11 | nativeBuildInputs = [cacert darcs]; 12 | 13 | outputHashAlgo = "sha256"; 14 | outputHashMode = "recursive"; 15 | outputHash = sha256; 16 | 17 | inherit url rev context; 18 | } 19 | -------------------------------------------------------------------------------- /pkgs/data/fonts/dejavu-nerdfont/default.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, fetchzip }: 2 | 3 | stdenv.mkDerivation rec { 4 | name = "dejavu-nerdfont-${version}"; 5 | version = "2.0.0"; 6 | 7 | src = fetchzip { 8 | url = 9 | "https://github.com/ryanoasis/nerd-fonts/releases/download/v${version}/DejaVuSansMono.zip"; 10 | hash = "sha256-yMvKzt5CKpK1bThT25lqSyRvZRCFvo6HHbTj+ripdCo="; 11 | stripRoot = false; 12 | }; 13 | buildCommand = '' 14 | install --target $out/share/fonts/opentype -D $src/*Mono.ttf 15 | ''; 16 | 17 | meta = with lib; { 18 | description = "Nerdfont version of DejaVu"; 19 | homepage = "https://github.com/ryanoasis/nerd-fonts"; 20 | license = licenses.mit; 21 | maintainers = [ maintainers.nrdxp ]; 22 | inherit version; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /pkgs/development/dotnet-modules/azure-functions-core-tools/default.nix: -------------------------------------------------------------------------------- 1 | { lib, system, stdenv, fetchzip, writeShellScriptBin, dotnetCorePackages }: 2 | 3 | let 4 | sdk = dotnetCorePackages.sdk_3_1; 5 | 6 | src = fetchzip { 7 | url = "https://github.com/Azure/azure-functions-core-tools/releases/download/3.0.2630/Azure.Functions.Cli.no-runtime.3.0.2630.zip"; 8 | sha256 = "1qhc18yfk0hyhmgldzqig48ha3h5d59i9hakkfhk0lab5az0khy3"; 9 | stripRoot = false; 10 | }; 11 | 12 | wrapper = writeShellScriptBin "func" '' 13 | exec ${sdk}/bin/dotnet exec ${src}/func.dll $@ 14 | ''; 15 | in wrapper.overrideAttrs (_: rec { 16 | pname = "azure-functions-core-tools"; 17 | version = "3.0.2630"; 18 | name = "${pname}-${version}"; 19 | 20 | meta = { 21 | broken = system != "x86_64-linux"; 22 | }; 23 | }) 24 | -------------------------------------------------------------------------------- /pkgs/os-specific/linux/gnome-network-displays/default.nix: -------------------------------------------------------------------------------- 1 | { stdenv, withSources, meson, ninja, pkg-config, wrapGAppsHook, writeText, python3 2 | , gtk3, glib, gsettings-desktop-schemas, gst_all_1, networkmanager, libpulseaudio, desktop-file-utils }: 3 | 4 | stdenv.mkDerivation rec { 5 | pname = "gnome-network-displays"; 6 | version = src.shortRev; 7 | 8 | src = withSources.gnome-network-displays; 9 | 10 | nativeBuildInputs = [ meson ninja pkg-config wrapGAppsHook ]; 11 | buildInputs = [ gtk3 glib gsettings-desktop-schemas networkmanager libpulseaudio python3 desktop-file-utils ] 12 | ++ (with gst_all_1; [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-bad gst-rtsp-server ]); 13 | 14 | NIX_CFLAGS_COMPILE = "-I${glib.dev}/include/gio-unix-2.0"; 15 | postPatch = '' 16 | chmod +x build-aux/meson/postinstall.py 17 | patchShebangs build-aux/meson/postinstall.py 18 | ''; 19 | } 20 | -------------------------------------------------------------------------------- /pkgs/servers/dendrite/default.nix: -------------------------------------------------------------------------------- 1 | { buildGoModule, withSources, lib }: 2 | 3 | buildGoModule rec { 4 | name = "dendrite"; 5 | version = src.shortRev; 6 | 7 | src = withSources.dendrite; 8 | 9 | vendorSha256 = "CDCgp693pM+83ATPzmE35utYvQPb5sFal0xN5oasKSg="; 10 | 11 | passthru.config = "${src}/dendrite-config.yaml"; 12 | } 13 | -------------------------------------------------------------------------------- /pkgs/servers/twitterpub/default.nix: -------------------------------------------------------------------------------- 1 | { buildGoModule, withSources, lib }: 2 | 3 | buildGoModule rec { 4 | pname = "twitterpub"; 5 | version = src.shortRev; 6 | 7 | vendorSha256 = "XuQhbS9iLNrW6aSanPdJFJO07JbJ7/QPUlGiYo0WZoE="; 8 | 9 | src = withSources.twitterpub; 10 | } 11 | -------------------------------------------------------------------------------- /pkgs/shells/zsh/pure/default.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, openssl, pkgconfig, rustPlatform }: 2 | 3 | stdenv.mkDerivation rec { 4 | name = "pure-${version}"; 5 | version = srcs.shortRev; 6 | 7 | srcs = withSources.zsh-pure; 8 | 9 | buildPhase = "true"; 10 | 11 | installPhase = '' 12 | mkdir -p $out/share/zsh/plugins/pure 13 | cp -r ./ $out/share/zsh/plugins/pure 14 | ''; 15 | 16 | meta = with lib; { 17 | description = "Pretty, minimal and fast ZSH prompt"; 18 | homepage = "https://github.com/sindresorhus/pure"; 19 | maintainers = [ maintainers.nrdxp ]; 20 | license = licenses.mit; 21 | inherit version; 22 | }; 23 | } 24 | -------------------------------------------------------------------------------- /pkgs/tools/misc/fsnoop/default.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, linuxHeaders, fetchurl }: 2 | 3 | let 4 | headers = 5 | (linuxHeaders.overrideAttrs (old: let version = "5.1.21"; in { 6 | inherit version; 7 | src = fetchurl { 8 | url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; 9 | sha256 = "1xj1wfhjz2s5a8j6zx3fsd7rrrkvw5waszzylf2gn3ag6615yjan"; 10 | }; 11 | # We don't need the patches for compiling fsnoop, and as of writing, 12 | # they don't work for the newer kernel version we need. 13 | patches = []; 14 | })); 15 | in 16 | 17 | stdenv.mkDerivation rec { 18 | pname = "fsnoop"; 19 | rev = "e05bfc949838e094161360ce5a046cdaa097d39a"; 20 | version = "git-${src.shortRev}"; 21 | 22 | src = withSources.fsnoop; 23 | 24 | buildInputs = [ 25 | # TODO: Remove the override when `linuxHeaders` is a version >= 5.1 to 26 | # have `FAN_CREATE`; as of writing, it is 4.19 even on NixOS 20.03. 27 | headers 28 | ]; 29 | 30 | installPhase = '' 31 | mkdir -p $out/bin/ 32 | cp ./fsnoop $out/bin/ 33 | ''; 34 | 35 | meta = with lib; { 36 | description = "Dumps all filesystem events for a specific mount using the Linux fanotify interface"; 37 | homepage = https://github.com/jeffwalter/fsnoop; 38 | license = licenses.mit; 39 | maintainers = [ maintainers.nh2 ]; 40 | platforms = platforms.linux; 41 | }; 42 | } 43 | -------------------------------------------------------------------------------- /pkgs/tools/misc/shflags/default.nix: -------------------------------------------------------------------------------- 1 | { lib, stdenv, withSources, runtimeShell, getopt }: 2 | 3 | stdenv.mkDerivation rec { 4 | pname = "shflags"; 5 | version = src.shortRev; 6 | 7 | src = withSources.shflags; 8 | 9 | buildInputs = [ getopt ]; 10 | 11 | doCheck = true; 12 | checkPhase = '' 13 | ./test_runner -s ${runtimeShell} 14 | ''; 15 | 16 | installPhase = '' 17 | install -D -m 755 ./shflags $out 18 | ''; 19 | 20 | meta = with lib; { 21 | description = "A port of the Google gflags library for Unix shell"; 22 | homepage = https://github.com/kward/shflags; 23 | license = licenses.asl20; 24 | maintainers = [ maintainers.bqv ]; 25 | platforms = platforms.unix; 26 | }; 27 | } 28 | -------------------------------------------------------------------------------- /pkgs/tools/system/bottom/default.nix: -------------------------------------------------------------------------------- 1 | { naersk, flake }: 2 | 3 | naersk.buildPackage rec { 4 | name = "bottom"; 5 | version = flake.inputs.bottom.shortRev; 6 | 7 | src = flake.inputs.bottom; 8 | } 9 | -------------------------------------------------------------------------------- /pkgs/tools/system/wgvanity/default.nix: -------------------------------------------------------------------------------- 1 | { naersk, withSources }: 2 | 3 | naersk.buildPackage rec { 4 | pname = "wireguard-vanity"; 5 | src = withSources.wgvanity; 6 | version = src.shortRev; 7 | } 8 | -------------------------------------------------------------------------------- /profiles/bcachefs.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | { 4 | disabledModules = [ "tasks/filesystems/zfs.nix" ]; 5 | 6 | environment.systemPackages = [ pkgs.bcachefs-tools ]; 7 | 8 | boot.supportedFilesystems = [ "bcachefs" ]; 9 | 10 | boot.kernelPackages = lib.mkForce pkgs.linuxPackages_testing_bcachefs; 11 | boot.kernelPatches = [{ 12 | name = "bcachefs-acl"; 13 | patch = null; 14 | extraConfig = '' 15 | BCACHEFS_POSIX_ACL y 16 | ''; 17 | } { 18 | name = "bcachefs-debug"; 19 | patch = null; 20 | extraConfig = '' 21 | BCACHEFS_DEBUG y 22 | ''; 23 | }]; 24 | } 25 | -------------------------------------------------------------------------------- /profiles/develop/android/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | androidenv.androidPkgs_9_0.androidsdk 6 | androidenv.androidPkgs_9_0.platform-tools 7 | jre (pkgs.lowPrio graalvm8-ce) (pkgs.lowPrio e2fsprogs) 8 | jadx apktool 9 | ]; 10 | } 11 | -------------------------------------------------------------------------------- /profiles/develop/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | imports = [ ./fish ./tmux ./haskell ./python ./dotnet ./android ./javascript ./golang ]; 5 | 6 | environment.shellAliases = { 7 | # v = "$EDITOR"; 8 | }; 9 | 10 | environment.sessionVariables = { 11 | PAGER = "less"; 12 | LESS = "-iFJMRWX -z-4 -x4"; 13 | LESSOPEN = "|${pkgs.lesspipe}/bin/lesspipe.sh %s"; 14 | EDITOR = "vim"; 15 | VISUAL = "vim"; 16 | }; 17 | 18 | environment.systemPackages = with pkgs; [ 19 | bat 20 | cfcli 21 | clang 22 | dstat 23 | exa 24 | execline 25 | file 26 | git 27 | htop 28 | iotop 29 | less 30 | lsof 31 | ltrace 32 | mercurial 33 | ncdu 34 | nethogs 35 | nix-diff 36 | nix-top 37 | nload 38 | page 39 | pass 40 | pciutils 41 | pijul 42 | psmisc 43 | strace 44 | socat 45 | subversion 46 | tig 47 | tokei 48 | vim 49 | wget 50 | ]; 51 | 52 | fonts = { 53 | fonts = [ pkgs.dejavu_nerdfont ]; 54 | fontconfig.defaultFonts.monospace = 55 | [ "DejaVu Sans Mono Nerd Font Complete Mono" ]; 56 | }; 57 | 58 | documentation.dev.enable = true; 59 | 60 | programs.thefuck.enable = true; 61 | programs.firejail.enable = true; 62 | programs.mtr.enable = true; 63 | } 64 | -------------------------------------------------------------------------------- /profiles/develop/dotnet/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | (with dotnetCorePackages; combinePackages [ 6 | sdk_2_1 sdk_3_0 sdk_3_1 7 | ]) 8 | mono (lowPrio msbuild) 9 | azure-cli 10 | dotnetPackages.azure-functions-core-tools 11 | #jetbrains.rider 12 | ]; 13 | } 14 | -------------------------------------------------------------------------------- /profiles/develop/fish/default.nix: -------------------------------------------------------------------------------- 1 | { lib, pkgs, ... }: 2 | 3 | { 4 | users.defaultUserShell = pkgs.zsh; 5 | 6 | environment = { 7 | sessionVariables = { 8 | BAT_PAGER = "less"; 9 | }; 10 | 11 | shellAliases = { 12 | cat = "${pkgs.bat}/bin/bat"; 13 | 14 | df = "df -h"; 15 | du = "du -h"; 16 | 17 | ls = "exa"; 18 | l = "ls -lhg --git"; 19 | la = "l -a"; 20 | t = "l -T"; 21 | ta = "la -T"; 22 | 23 | ps = "${pkgs.procs}/bin/procs"; 24 | }; 25 | 26 | systemPackages = with pkgs; [ 27 | any-nix-shell 28 | bat 29 | bzip2 30 | direnv 31 | exa 32 | gitAndTools.hub 33 | gzip 34 | lrzip 35 | p7zip 36 | procs 37 | skim 38 | unrar 39 | unzip 40 | xz 41 | ]; 42 | }; 43 | 44 | programs.fish = { 45 | enable = true; 46 | promptInit = '' 47 | any-nix-shell fish --info-right | source 48 | ''; 49 | }; 50 | } 51 | -------------------------------------------------------------------------------- /profiles/develop/golang/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | go 6 | ]; 7 | } 8 | -------------------------------------------------------------------------------- /profiles/develop/haskell/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | cabal-install 6 | stack 7 | ghc haskellPackages.ghcide 8 | cabal2nix 9 | haskellPackages.hoogle 10 | haskellPackages.pointfree-fancy 11 | ]; 12 | } 13 | -------------------------------------------------------------------------------- /profiles/develop/javascript/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | nodejs 6 | nodePackages.http-server 7 | ]; 8 | } 9 | -------------------------------------------------------------------------------- /profiles/develop/python/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, flake, ... }: 2 | 3 | { 4 | environment.systemPackages = let 5 | packages = pythonPackages: 6 | with pythonPackages; let 7 | nixpkgs = builtins.trace "python.nixpkgs pinned to nixpkgs/stable" 8 | flake.inputs.rel2003.legacyPackages.${pkgs.system}.python3Packages.nixpkgs; 9 | in [ 10 | nixpkgs 11 | numpy 12 | pandas 13 | ptpython 14 | pygments 15 | requests 16 | scipy 17 | virtualenv 18 | ]; 19 | 20 | python = pkgs.python3.withPackages packages; 21 | in [ python pkgs.hy ]; 22 | 23 | environment.sessionVariables = { 24 | PYTHONSTARTUP = let 25 | startup = pkgs.writers.writePython3 "ptpython.py" { 26 | libraries = with pkgs.python3.pkgs; [ ptpython ]; 27 | } '' 28 | from __future__ import unicode_literals 29 | 30 | from pygments.token import Token 31 | 32 | from ptpython.layout import CompletionVisualisation 33 | 34 | import sys 35 | 36 | ${builtins.readFile ./ptconfig.py} 37 | 38 | try: 39 | from ptpython.repl import embed 40 | except ImportError: 41 | print("ptpython is not available: falling back to standard prompt") 42 | else: 43 | sys.exit(embed(globals(), locals(), configure=configure)) 44 | ''; 45 | in "${startup}"; 46 | }; 47 | } 48 | -------------------------------------------------------------------------------- /profiles/develop/tmux/default.nix: -------------------------------------------------------------------------------- 1 | { lib, pkgs, ... }: 2 | let 3 | inherit (builtins) readFile concatStringsSep; 4 | 5 | inherit (lib) removePrefix; 6 | 7 | pluginConf = plugins: 8 | concatStringsSep "\n\n" (map (plugin: 9 | let name = removePrefix "tmuxplugin-" plugin.name; 10 | in "run-shell ${plugin}/share/tmux-plugins/${name}/${name}.tmux") 11 | plugins); 12 | 13 | plugins = with pkgs.tmuxPlugins; [ 14 | copycat 15 | open 16 | resurrect 17 | yank 18 | vim-tmux-navigator 19 | ]; 20 | in { 21 | environment.shellAliases = { tx = "tmux new-session -A -s $USER"; }; 22 | 23 | programs.tmux = { 24 | enable = true; 25 | aggressiveResize = true; 26 | escapeTime = 10; 27 | historyLimit = 5000; 28 | keyMode = "vi"; 29 | shortcut = "a"; 30 | terminal = "tmux-256color"; 31 | baseIndex = 1; 32 | extraConfig = '' 33 | ${readFile ./tmuxline.conf} 34 | 35 | ${readFile ./tmux.conf} 36 | 37 | ${pluginConf plugins} 38 | ''; 39 | }; 40 | } 41 | -------------------------------------------------------------------------------- /profiles/develop/tmux/tmuxline.conf: -------------------------------------------------------------------------------- 1 | # statusbar configuration 2 | set -g status-justify "left" 3 | set -g status "on" 4 | set -g status-style "none" 5 | set -g message-command-style bg="colour31" 6 | set -g status-left-length "100" 7 | set -g pane-active-border-style fg="colour254" 8 | set -g status-bg "colour234" 9 | set -g message-command-style fg="colour231" 10 | set -g pane-border-style fg="colour240" 11 | set -g message-style bg="colour31" 12 | set -g status-left-style "none" 13 | set -g status-right-style "none" 14 | set -g status-right-length "100" 15 | set -g message-style fg="colour231" 16 | setw -g window-status-style fg="colour250" 17 | setw -g window-status-style "none" 18 | setw -g window-status-activity-style bg="colour234" 19 | setw -g window-status-activity-style "none" 20 | setw -g window-status-activity-style fg="colour250" 21 | setw -g window-status-separator "" 22 | setw -g window-status-style bg="colour234" 23 | set -g status-left "#[fg=colour16,bg=colour254,bold] #S #[fg=colour254,bg=colour234,nobold,nounderscore,noitalics]" 24 | set -g status-right "#[fg=colour236,bg=colour234,nobold,nounderscore,noitalics]#[fg=colour247,bg=colour236] %l:%M%p #[fg=colour252,bg=colour236,nobold,nounderscore,noitalics]#[fg=colour235,bg=colour252] #h " 25 | setw -g window-status-format "#[fg=colour244,bg=colour234] #I #[fg=colour250,bg=colour234] #W " 26 | setw -g window-status-current-format "#[fg=colour234,bg=colour31,nobold,nounderscore,noitalics]#[fg=colour117,bg=colour31] #I #[fg=colour231,bg=colour31,bold] #W #[fg=colour31,bg=colour234,nobold,nounderscore,noitalics]" 27 | -------------------------------------------------------------------------------- /profiles/games/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: { 2 | imports = [ ../graphical ./udev.nix ]; 3 | environment.systemPackages = with pkgs; [ retroarchBare steam steam-run ]; 4 | 5 | # fps games on laptop need this 6 | services.xserver.libinput.touchpad.disableWhileTyping = false; 7 | 8 | # 32-bit support needed for steam 9 | hardware.opengl.driSupport32Bit = true; 10 | hardware.pulseaudio.support32Bit = true; 11 | 12 | # better for steam proton games 13 | systemd.extraConfig = "DefaultLimitNOFILE=1048576"; 14 | 15 | # improve wine performance 16 | environment.sessionVariables = { WINEDEBUG = "-all"; }; 17 | } 18 | -------------------------------------------------------------------------------- /profiles/graphical/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | imports = [ 5 | ./xkb 6 | ./exwm 7 | #./xmonad 8 | ./lxqt 9 | #./qutebrowser 10 | ../develop 11 | ]; 12 | 13 | environment.systemPackages = with pkgs; [ 14 | xorg.xinit velox 15 | ]; 16 | 17 | hardware.opengl.enable = true; 18 | hardware.opengl.driSupport = true; 19 | hardware.pulseaudio.enable = lib.mkDefault true; 20 | 21 | services.gnome = { 22 | glib-networking.enable = true; 23 | }; 24 | services.xserver = { 25 | enable = true; 26 | 27 | displayManager = { 28 | sddm = { 29 | enable = true; 30 | theme = "chili"; 31 | settings.X11.UserAuthFile = ".local/share/sddm/Xauthority"; 32 | }; 33 | setupCommands = '' 34 | export XDG_RUNTIME_DIR=/run/user/$(id --user) 35 | export DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id --user)/bus 36 | 37 | xrandr \ 38 | --output DisplayPort-1 --mode 1920x1080 --pos 0x270 --auto \ 39 | --output HDMI-A-1 --mode 1920x1080 --pos 1920x0 --scale 1.0x1.0 \ 40 | --output HDMI-A-0 --mode 1920x1080 --pos 4320x270 --auto \ 41 | --output DVI-D-0 --mode 1920x1080 --pos 6240x270 --auto 42 | ''; # Scale was at 1.25 previously 43 | autoLogin = { 44 | enable = true; 45 | user = "bao"; 46 | }; 47 | #defaultSession = "none+exwm"; 48 | defaultSession = "none+awesome"; 49 | }; 50 | windowManager.openbox.enable = true; 51 | windowManager.awesome.enable = true; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /profiles/graphical/exwm/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | services.xserver = { 5 | windowManager.session = lib.singleton { 6 | name = "exwm"; 7 | start = '' 8 | ${pkgs.emacsPgtkGcc}/bin/emacs 9 | ''; 10 | }; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /profiles/graphical/lxqt/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = [ pkgs.lxappearance ]; 5 | 6 | services.xserver = { 7 | desktopManager = { 8 | lxqt.enable = true; 9 | }; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /profiles/graphical/xkb/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | services.xserver = { 5 | extraLayouts = { 6 | zz = import ./zz.nix { inherit pkgs; }; 7 | }; 8 | 9 | layout = "gb,zz"; 10 | xkbModel = "pc105"; 11 | xkbOptions = lib.concatStringsSep "," [ 12 | "terminate:ctrl_alt_bksp" # kill xserver 13 | "keypad:pointerkeys" # mousekeys! 14 | "keypad:hex" # add hex keys to level3 numpad 15 | #"ctrl:nocaps" # capslock is just another ctrl 16 | "caps:ctrl_modifier" # capslock is just another ctrl 17 | "lv3:ralt_switch_multikey" # altgr is level3, shift+altgr is compose 18 | "lv5:rwin_switch_lock" 19 | "kpdl:semi" # semicolon on numpad delete level3 20 | "numpad:shift3" # shift chooses numpad level3 21 | "grp:alts_toggle" # alt+altgr switches layout 22 | ]; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /profiles/graphical/xmonad/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | environment.systemPackages = with pkgs; [ 5 | dmenu xmobar taffybar 6 | maim rofi 7 | ]; 8 | services.xserver = { 9 | windowManager = { 10 | xmonad.enable = true; 11 | xmonad.enableContribAndExtras = true; 12 | xmonad.extraPackages = hpkgs: [ 13 | hpkgs.taffybar 14 | hpkgs.xmobar 15 | ]; 16 | }; 17 | }; 18 | } 19 | -------------------------------------------------------------------------------- /profiles/meta/fatal-warnings.nix: -------------------------------------------------------------------------------- 1 | { config, ... }: { 2 | assertions = builtins.map (w: { 3 | assertion = false; 4 | message = w; 5 | }) config.warnings; 6 | } 7 | -------------------------------------------------------------------------------- /profiles/misc/adblocking.nix: -------------------------------------------------------------------------------- 1 | { pkgs, flake, ... }: 2 | 3 | let 4 | inherit (builtins) concatStringsSep readFile; 5 | 6 | hosts = pkgs.stdenv.mkDerivation { 7 | name = "hosts"; 8 | 9 | src = flake.inputs.spotify-adblock; 10 | 11 | nativeBuildInputs = [ pkgs.gnugrep ]; 12 | 13 | installPhase = '' 14 | mkdir -p $out/etc 15 | 16 | # filter whitelist 17 | grep -Ev '(${whitelist})' hosts > $out/etc/hosts 18 | 19 | # filter blacklist 20 | cat << EOF >> $out/etc/hosts 21 | ${blacklist} 22 | EOF 23 | ''; 24 | }; 25 | 26 | whitelist = concatStringsSep "|" [ ".*pirate(bay|proxy).*" ]; 27 | 28 | blacklist = concatStringsSep '' 29 | 30 | 0.0.0.0 '' [ 31 | "# auto-generated: must be first" 32 | 33 | ]; 34 | 35 | in { 36 | networking.extraHosts = readFile "${hosts}/etc/hosts"; 37 | 38 | system.extraDependencies = [ hosts ]; # Pin IFD 39 | } 40 | -------------------------------------------------------------------------------- /profiles/misc/default.nix: -------------------------------------------------------------------------------- 1 | { ... }: { imports = [ ./stubby.nix ./adblocking.nix ]; } 2 | -------------------------------------------------------------------------------- /profiles/misc/disable-mitigations.nix: -------------------------------------------------------------------------------- 1 | { ... }: { 2 | # Disable mitigations for performance gains. 3 | security.mitigations = { 4 | disable = true; 5 | acceptRisk = true; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /profiles/misc/odbc.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | environment.unixODBCDrivers = with pkgs.unixODBCDrivers; [ 5 | msodbcsql17 6 | ]; 7 | environment.systemPackages = with pkgs; [ 8 | unixODBC 9 | ]; 10 | } 11 | -------------------------------------------------------------------------------- /profiles/misc/plex.nix: -------------------------------------------------------------------------------- 1 | { ... }: { 2 | services.plex = { 3 | enable = true; 4 | dataDir = "/srv/plex"; 5 | group = "media"; 6 | openFirewall = true; 7 | }; 8 | 9 | users.groups.media.members = [ "plex" ]; 10 | } 11 | -------------------------------------------------------------------------------- /profiles/misc/restartssh.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | let 4 | cfg = config.services.openssh; 5 | in { 6 | options.services.openssh.restartPeriod = lib.mkOption { 7 | type = with lib.types; nullOr str; 8 | default = null; 9 | }; 10 | config = { 11 | # Bit meta but helps ensure sshd is bound to all addresses always 12 | systemd.services.restart-openssh.serviceConfig.Type = "oneshot"; 13 | systemd.services.restart-openssh.serviceConfig.ExecStart = if cfg.startWhenNeeded 14 | then "systemctl restart sshd.socket" 15 | else "systemctl restart sshd.service"; 16 | systemd.timers.restart-openssh = lib.mkIf (cfg.restartPeriod != null) { 17 | timerConfig = { 18 | OnCalendar = cfg.restartPeriod; 19 | Unit = "restart-openssh.service"; 20 | }; 21 | wantedBy = [ "timers.target" ]; 22 | }; 23 | }; 24 | } 25 | -------------------------------------------------------------------------------- /profiles/misc/stubby.nix: -------------------------------------------------------------------------------- 1 | { ... }: { 2 | services.stubby = { 3 | enable = true; 4 | upstreamServers = '' 5 | - address_data: 1.1.1.1 6 | tls_port: 853 7 | tls_auth_name: "cloudflare-dns.com" 8 | - address_data: 1.0.0.1 9 | tls_port: 853 10 | tls_auth_name: "cloudflare-dns.com" 11 | ''; 12 | }; 13 | 14 | environment.etc = { 15 | "resolv.conf" = { 16 | text = '' 17 | options edns0 18 | nameserver 127.0.0.1 19 | ''; 20 | mode = "444"; 21 | }; 22 | }; 23 | 24 | networking = { 25 | networkmanager.dns = "none"; 26 | resolvconf.dnsExtensionMechanism = false; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /profiles/misc/torrent.nix: -------------------------------------------------------------------------------- 1 | { config, lib, ... }: 2 | let 3 | inherit (config.services.qbittorrent) port; 4 | inherit (lib) mkAfter; 5 | in { 6 | services.qbittorrent = { 7 | enable = true; 8 | group = "media"; 9 | openFirewall = true; 10 | }; 11 | 12 | users.groups.media.members = [ "qbittorrent" ]; 13 | 14 | environment.etc."xdg/qutebrowser/config.py".text = mkAfter '' 15 | c.url.searchengines['to'] = 'https://torrentz2.eu/search?f={}' 16 | 17 | config.bind(',t', """hint all spawn curl -X POST\ 18 | -F "urls={hint-url}"\ 19 | -F "sequentialDownload=true"\ 20 | http://localhost:${toString port}/api/v2/torrents/add""" 21 | ) 22 | ''; 23 | } 24 | -------------------------------------------------------------------------------- /profiles/misc/udev-nosettle.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: { 2 | # Disable `systemd-udev-settle` - it's required and just adds 1s to boot time. 3 | # See nixpkgs#25311. 4 | systemd.services.systemd-udev-settle.serviceConfig.ExecStart = [ 5 | "" 6 | "${pkgs.coreutils}/bin/true" 7 | ]; 8 | } 9 | -------------------------------------------------------------------------------- /profiles/networking/bluetooth/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | hardware.bluetooth.enable = true; 5 | 6 | # Enable bluetooth daemon. 7 | services.blueman.enable = true; 8 | } 9 | -------------------------------------------------------------------------------- /profiles/networking/mdns.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | services.avahi.enable = true; 5 | services.avahi.nssmdns = true; 6 | services.avahi.reflector = true; 7 | services.avahi.allowPointToPoint = true; 8 | services.avahi.ipv4 = true; 9 | services.avahi.ipv6 = true; 10 | services.avahi.publish.enable = true; 11 | services.avahi.publish.addresses = true; 12 | } 13 | -------------------------------------------------------------------------------- /profiles/networking/tor/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, usr, ... }: 2 | 3 | { 4 | services.tor = { 5 | enable = true; 6 | client.enable = true; 7 | client.dns.enable = true; 8 | client.transparentProxy.enable = true; 9 | client.socksListenAddress = { addr = "0.0.0.0"; port = 9050; }; 10 | controlSocket.enable = true; 11 | relay.enable = true; 12 | relay.role = "relay"; 13 | settings = let inherit (usr.secrets) domains; in { 14 | Address = domains.srvc; 15 | ContactInfo = "tor+${domains.srvc}@${domains.home}"; 16 | Nickname = config.networking.hostName; 17 | ORPort = 143; 18 | ControlPort = [ 9051 ]; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /profiles/postgres/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: { 2 | services.postgresql = { 3 | enable = true; 4 | dataDir = "/srv/postgres"; 5 | package = pkgs.postgresql_12; 6 | }; 7 | } 8 | 9 | -------------------------------------------------------------------------------- /profiles/security/apparmor/default.nix: -------------------------------------------------------------------------------- 1 | args@{ config, pkgs, lib, ... }: 2 | 3 | let 4 | local = import ../../../apparmor args; 5 | 6 | initScript = pkgs.writeShellScript "aa-init" '' 7 | enabled_conf=/etc/apparmor/enabled.conf 8 | profiles_dir=/etc/apparmor.d 9 | profiles_sysfs=/sys/kernel/security/apparmor/profiles 10 | cache_dir=/var/lib/apparmor 11 | err=0 12 | 13 | mkdir -p -m700 "$cache_dir" 14 | chown root: "$cache_dir" 15 | chmod 700 "$cache_dir" 16 | cache=( --cache-loc "$cache_dir" --write-cache ) 17 | 18 | cd "$profiles_dir" 19 | while read p 20 | do apparmor_parser "''${cache[@]}" -r "$p" >&2 || err=1 21 | done < "$enabled_conf" 22 | 23 | if [[ -e "$profiles_sysfs" ]]; then 24 | enforce=() 25 | while read bin 26 | do enforce=( ''${enforce[@]} $(bash -c "ls -1d $bin" 2>/dev/null) ) # bash is for wildcards 27 | done < <(awk '!/\s+\(enforce\)$/ {print $1}' "$profiles_sysfs") 28 | for p in "''${enforce[@]}"; do aa-enforce "$p" >/dev/null; done 29 | 30 | awk '!/\s+\(enforce\)$/ {exit 1}' "$profiles_sysfs" \ 31 | || { echo >&2 "ERROR: non-enforced profiles are detected"; exit 1; } 32 | fi 33 | 34 | exit $err 35 | ''; 36 | in { 37 | security.apparmor.policies = builtins.mapAttrs (n: p: { 38 | profile = p; 39 | }) local.policies; 40 | security.apparmor.includes = local.includes; 41 | } 42 | -------------------------------------------------------------------------------- /profiles/security/sudo.nix: -------------------------------------------------------------------------------- 1 | { ... }: { 2 | security.sudo = { 3 | enable = true; 4 | wheelNeedsPassword = false; 5 | }; 6 | security.doas = { 7 | enable = true; 8 | wheelNeedsPassword = false; 9 | }; 10 | } 11 | -------------------------------------------------------------------------------- /profiles/services/aria2/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | services.aria2.enable = true; 5 | services.aria2.downloadDir = "/srv/aria"; 6 | } 7 | -------------------------------------------------------------------------------- /profiles/services/hydra/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, domains, ... }: 2 | 3 | let 4 | cfg = config.services.hydra; 5 | in { 6 | disabledModules = [ 7 | "services/continuous-integration/hydra/default.nix" 8 | ]; 9 | 10 | options.services.hydra.enable = lib.mkEnableOption "Hydra services"; 11 | 12 | config.services.hydra-dev = lib.mkIf cfg.enable { 13 | enable = true; 14 | package = pkgs.hydra.overrideAttrs (drv: { 15 | postUnpack = '' 16 | sed -i 's/restrictEval = true/restrictEval = false/' source/src/hydra-eval-jobs/hydra-eval-jobs.cc 17 | ''; 18 | }); 19 | listenHost = "0.0.0.0"; 20 | port = 9999; 21 | minimumDiskFree = 20; # in GB 22 | minimumDiskFreeEvaluator = 5; 23 | hydraURL = "https://hydra.${domains.home}"; 24 | notificationSender = "hydra@${domains.home}"; 25 | logo = null; 26 | useSubstitutes = true; 27 | extraConfig = '' 28 | using_frontend_proxy 1 29 | max_output_size = 4294967296 30 | evaluator_initial_heap_size = 4294967296 31 | ''; 32 | }; 33 | 34 | config.nix.allowedUsers = lib.mkIf cfg.enable [ "@hydra" ]; 35 | } 36 | -------------------------------------------------------------------------------- /profiles/services/hydroxide/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, usr, ... }: 2 | 3 | { 4 | services.hydroxide = { 5 | enable = true; 6 | userauths = lib.mapAttrs (_: u: u.auth) (usr.secrets.hydroxide.auth); 7 | }; 8 | } 9 | -------------------------------------------------------------------------------- /profiles/services/minecraft/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | nixpkgs.config.allowUnfree = true; 5 | 6 | services.minecraft-server.enable = true; 7 | services.minecraft-server.openFirewall = true; 8 | services.minecraft-server.eula = true; 9 | services.minecraft-server.package = with pkgs; 10 | minecraft-server.overrideAttrs (super: rec { 11 | version = "1.7.5"; 12 | src = fetchurl { 13 | url = "http://s3.amazonaws.com/Minecraft.Download/versions/${version}/minecraft_server.${version}.jar"; 14 | sha256 = "1r22fn9k4650lzx87nsc4kz04mf00762xh05acxjn49jxqxf3afa"; 15 | }; 16 | }); 17 | } 18 | -------------------------------------------------------------------------------- /profiles/services/searx/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | let 4 | cfg = config.services.searx; 5 | in lib.mkIf cfg.enable { 6 | services.searx.settings = { 7 | general.debug = false; # breaks at runtime otherwise, somehow 8 | search.safe_search = 0; 9 | search.autocomplete = "qwant"; 10 | search.default_lang = "en-GB"; 11 | server.bind_address = "0.0.0.0"; 12 | server.secret_key = "87dd9e896bdb4b7cac32fd7f90867f87"; 13 | server.image_proxy = false; 14 | server.default_locale = "en"; 15 | ui.default_theme = "oscar"; 16 | ui.theme_args.oscar_style = "logicodev-dark"; 17 | engines = lib.mapAttrsToList (name: value: { 18 | inherit name; 19 | } // value) { 20 | "bitbucket".disabled = false; 21 | "ccc-tv".disabled = false; 22 | "ddg definitions".disabled = false; 23 | "erowid".disabled = false; 24 | "duckduckgo".disabled = false; 25 | "duckduckgo images".disabled = false; 26 | "fdroid".disabled = false; 27 | "gitlab".disabled = false; 28 | "google play apps".disabled = false; 29 | "nyaa".disabled = false; 30 | "openrepos".disabled = false; 31 | "qwant".disabled = false; 32 | "reddit".disabled = false; 33 | "searchcode code".disabled = false; 34 | "framalibre".disabled = false; 35 | "wikibooks".disabled = false; 36 | "wikinews".disabled = false; 37 | "wikiquote".disabled = false; 38 | "wikisource".disabled = false; 39 | "wiktionary".disabled = false; 40 | }; 41 | }; 42 | } 43 | -------------------------------------------------------------------------------- /profiles/services/syncthing/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | services.syncthing.enable = true; 5 | services.syncthing.openDefaultPorts = true; 6 | #services.syncthing.declarative = { 7 | # folders = { 8 | # }; 9 | # devices = { 10 | # }; 11 | #}; 12 | } 13 | -------------------------------------------------------------------------------- /profiles/services/taskserver/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, domains, ... }: 2 | 3 | { 4 | services.taskserver = { 5 | enable = true; 6 | fqdn = "todo.${domains.home}"; 7 | listenHost = "::"; 8 | organisations.alpha.users = [ 9 | "frony" "kani" 10 | ]; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /profiles/sound/pipewire.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | hardware.pulseaudio.enable = lib.mkForce false; 5 | services.jack.jackd.enable = lib.mkForce false; 6 | 7 | services.pipewire = { 8 | enable = true; 9 | alsa.enable = true; 10 | jack.enable = true; 11 | pulse.enable = true; 12 | media-session.config.bluez-monitor = { 13 | bluez5.msbc-support = true; 14 | bluez5.sbc-xq-support = true; 15 | }; 16 | }; 17 | 18 | xdg.portal = { 19 | enable = true; 20 | gtkUsePortal = true; 21 | extraPortals = [ 22 | pkgs.xdg-desktop-portal-gtk 23 | ]; 24 | }; 25 | 26 | environment.systemPackages = with pkgs; [ 27 | # ALSA Tools 28 | # ------ 29 | alsaUtils 30 | 31 | # PulseAudio control 32 | # ------------------ 33 | ncpamixer 34 | pavucontrol 35 | pulseeffects-pw 36 | lxqt.pavucontrol-qt 37 | pasystray 38 | ]; 39 | } 40 | -------------------------------------------------------------------------------- /profiles/virt/default.nix: -------------------------------------------------------------------------------- 1 | { pkgs, ... }: { 2 | virtualisation.libvirtd = { 3 | enable = true; 4 | qemuRunAsRoot = false; 5 | }; 6 | 7 | # you'll need to add your user to 'libvirtd' group to use virt-manager 8 | environment.systemPackages = with pkgs; [ virt-manager ]; 9 | 10 | nixpkgs.overlays = let 11 | overlay = final: prev: { 12 | 13 | # Patch libvirt to use ebtables-legacy 14 | libvirt = if prev.libvirt.version <= "5.4.0" && prev.ebtables.version 15 | > "2.0.10-4" then 16 | prev.libvirt.overrideAttrs 17 | (oldAttrs: { EBTABLES_PATH = "${final.ebtables}/bin/ebtables-legacy"; }) 18 | else 19 | prev.libvirt; 20 | }; 21 | in [ overlay ]; 22 | } 23 | 24 | -------------------------------------------------------------------------------- /profiles/virtualization/anbox/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | { 4 | config = lib.mkIf config.virtualisation.anbox.enable { 5 | boot.kernelPatches = [{ 6 | name = "ashmem-binder"; 7 | patch = null; 8 | extraConfig = '' 9 | ASHMEM y 10 | ANDROID y 11 | ANDROID_BINDER_IPC y 12 | ANDROID_BINDERFS y 13 | ANDROID_BINDER_DEVICES binder,hwbinder,vndbinder 14 | ''; 15 | }]; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | (import (fetchTarball https://github.com/edolstra/flake-compat/archive/master.tar.gz) { 2 | src = builtins.fetchGit ./.; 3 | }).shellNix 4 | -------------------------------------------------------------------------------- /users/browsers/firefox/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.programs.firefox; 5 | in { 6 | config = mkIf cfg.enable { 7 | #programs.firefox.package = pkgs.firefox;#builtins.trace "pkgs.firefox: broken?" pkgs.hello; 8 | }; 9 | } 10 | -------------------------------------------------------------------------------- /users/company/locationextreme/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | { 4 | home.packages = with pkgs; [ 5 | teams 6 | ]; 7 | } 8 | -------------------------------------------------------------------------------- /users/data/xkb/compat/chromebook: -------------------------------------------------------------------------------- 1 | // Overlay1_Enable is a latch key for overlay1 2 | 3 | default partial xkb_compatibility "overlay" { 4 | interpret Overlay1_Enable+AnyOfOrNone(all) { 5 | action= SetControls(controls=Overlay1); 6 | }; 7 | }; 8 | -------------------------------------------------------------------------------- /users/data/xkb/keycodes/chromebook_m: -------------------------------------------------------------------------------- 1 | default xkb_keycodes "media" { 2 | = 166; // Back > F1 3 | = 167; // Forward > F2 4 | = 181; // Refresh > F3 5 | = 160; // Video next > F4 6 | = 235; // Video mode > F5 7 | = 232; // Brightness Down > F6 8 | = 233; // Brightness Up > F7 9 | = 250; // 250 > F8 10 | = 251; // 251 > F9 11 | = 252; // 252 > F10 12 | 13 | = 67; // F1 > Back 14 | = 68; // F2 > Forward 15 | = 69; // F3 > Reload 16 | = 70; // F4 > Video next? [Fullscreen] 17 | = 71; // F5 > Video mode [Display Settings] 18 | = 72; // F6 > Brightness Down 19 | = 73; // F7 > Brightness Up 20 | = 74; // F8 > Mute 21 | = 75; // F9 > Volume Down 22 | = 76; // F10 > Volume Up 23 | # Volume rocker for convertible models 24 | = 122; 25 | = 123; 26 | 27 | }; 28 | -------------------------------------------------------------------------------- /users/data/xkb/keymap/cb: -------------------------------------------------------------------------------- 1 | xkb_keymap { 2 | xkb_keycodes { include "evdev+aliases(qwerty)" }; 3 | xkb_types { include "complete" }; 4 | xkb_compat { include "complete+chromebook(overlay)" }; 5 | xkb_symbols { include "pc+gb+inet(evdev)+level3(ralt_switch)+cb(swap_super_ctrl)+chromebook_ralt" }; 6 | xkb_geometry { include "pc(pc104)" }; 7 | }; 8 | -------------------------------------------------------------------------------- /users/data/xkb/symbols/cb: -------------------------------------------------------------------------------- 1 | partial modifier_keys 2 | xkb_symbols "swap_super_ctrl" { 3 | replace key { [ Super_L ] }; 4 | replace key { [ Control_L ] }; 5 | }; 6 | -------------------------------------------------------------------------------- /users/data/xkb/symbols/chromebook_m_ralt: -------------------------------------------------------------------------------- 1 | // This mapping assumes that inet(evdev) will also be sourced 2 | partial 3 | xkb_symbols "overlay" { 4 | key { [ Overlay1_Enable ], overlay1= }; 5 | 6 | key { overlay1= }; 7 | 8 | key { overlay1= }; 9 | key { overlay1= }; 10 | key { overlay1= }; 11 | key { overlay1= }; 12 | 13 | key { overlay1= }; 14 | key { overlay1= }; 15 | key { overlay1= }; 16 | key { overlay1= }; 17 | key { overlay1= }; 18 | key { overlay1= }; 19 | key { overlay1= }; 20 | key { overlay1= }; 21 | key { overlay1= }; 22 | key { overlay1= }; 23 | 24 | # Volume rocker for convertibles 25 | key { [ XF86AudioLowerVolume ] }; 26 | key { [ XF86AudioRaiseVolume ] }; 27 | 28 | key { overlay1= }; 29 | key { overlay1= }; 30 | key { overlay1= }; 31 | key { overlay1= }; 32 | key { overlay1= }; 33 | key { overlay1= }; 34 | key { overlay1= }; 35 | key { overlay1= }; 36 | key { overlay1= }; 37 | key { overlay1= }; 38 | key { overlay1= }; 39 | key { overlay1= }; 40 | key { overlay1= }; // KEY_KBDILLUMTOGGLE 41 | key { overlay1= }; // KEY_KBDILLUMDOWN 42 | key { overlay1= }; // KEY_KBDILLUMUP 43 | key { overlay1= }; 44 | 45 | key { overlay1= }; 46 | }; 47 | -------------------------------------------------------------------------------- /users/data/xkb/symbols/chromebook_ralt: -------------------------------------------------------------------------------- 1 | // This mapping assumes that inet(evdev) will also be sourced 2 | partial 3 | xkb_symbols "overlay" { 4 | key { [ Overlay1_Enable ], overlay1= }; 5 | 6 | key { overlay1= }; 7 | 8 | key { overlay1= }; 9 | key { overlay1= }; 10 | key { overlay1= }; 11 | key { overlay1= }; 12 | 13 | key { overlay1= }; 14 | key { overlay1= }; 15 | key { overlay1= }; 16 | key { overlay1= }; 17 | key { overlay1= }; 18 | key { overlay1= }; // XF86MonBrightnessDown 19 | key { overlay1= }; // XF86MonBrightnessUp 20 | key { overlay1= }; 21 | key { overlay1= }; 22 | key { overlay1= }; 23 | 24 | key { overlay1= }; 25 | key { overlay1= }; 26 | key { overlay1= }; 27 | key { overlay1= }; 28 | key { overlay1= }; 29 | key { overlay1= }; 30 | key { overlay1= }; 31 | key { overlay1= }; 32 | key { overlay1= }; 33 | key { overlay1= }; 34 | key { overlay1= }; 35 | key { overlay1= }; 36 | key { overlay1= }; // KEY_KBDILLUMTOGGLE 37 | key { overlay1= }; // KEY_KBDILLUMDOWN 38 | key { overlay1= }; // KEY_KBDILLUMUP 39 | key { overlay1= }; 40 | 41 | key { overlay1= }; 42 | }; 43 | -------------------------------------------------------------------------------- /users/editors/emacs/early-init.nix: -------------------------------------------------------------------------------- 1 | { config, lib, usr, ... }: 2 | 3 | usr.elisp.writeFile { 4 | name = "early-init"; 5 | description = "Executed before initialization."; 6 | text = let 7 | secrets = usr.secrets.emacs.user; 8 | in '' 9 | (setq debug-on-error t) 10 | 11 | (progn ; user 12 | (setq user-full-name "${secrets.user-full-name}") 13 | (setq user-mail-address "${secrets.user-mail-address}")) 14 | 15 | (progn ; performance 16 | (setq gc-cons-threshold 50000000) 17 | (setq large-file-warning-threshold 100000000)) 18 | 19 | (progn ; debug 20 | (define-key special-event-map [sigusr1] 'keyboard-quit) 21 | (define-key special-event-map [sigusr2] 'keyboard-escape-quit)) 22 | ''; 23 | } 24 | -------------------------------------------------------------------------------- /users/editors/vim/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.programs.neovim; 5 | in { 6 | config = mkIf cfg.enable rec { 7 | programs.neovim = { 8 | viAlias = true; 9 | vimAlias = true; 10 | withPython3 = true; 11 | withRuby = true; 12 | withNodeJs = true; 13 | plugins = with pkgs.vimPlugins; [ 14 | vim-one # theme 15 | 16 | vim-nix # nix language 17 | ]; 18 | extraConfig = '' 19 | colorscheme one 20 | 21 | set inccommand=nosplit " previews 22 | set nohlsearch " unpersist highlights 23 | set number " line numbering 24 | set shell=bash " read syntax 25 | ''; 26 | }; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /users/media/aria2/default.nix: -------------------------------------------------------------------------------- 1 | { nixosConfig, config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.programs.aria2p; 5 | in { 6 | options = { 7 | programs.aria2p = { 8 | enable = mkEnableOption "Enable aria2p"; 9 | }; 10 | }; 11 | 12 | config = mkIf cfg.enable { 13 | home.packages = with pkgs; [ 14 | pkgs.python3Packages.aria2p 15 | ]; 16 | 17 | emacs.loader.aria2 = { 18 | enable = lib.mkDefault false; 19 | config = '' 20 | (setq aria2-rcp-secret "${nixosConfig.services.aria2.rpcSecret}") 21 | ''; 22 | }; 23 | 24 | xdg.configFile."aria2/aria2.conf".text = '' 25 | dir=/srv/aria 26 | continue=true 27 | bt-save-metadata=true 28 | file-allocation=prealloc 29 | seed-ratio=0 30 | enable-dht=true 31 | enable-dht6=true 32 | enable-peer-exchange=true 33 | ''; 34 | }; 35 | } 36 | -------------------------------------------------------------------------------- /users/media/gpodder/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.programs.gpodder; 5 | in { 6 | options = { 7 | programs.gpodder = { 8 | enable = mkEnableOption "Enable gpodder"; 9 | }; 10 | }; 11 | 12 | config = mkIf cfg.enable { 13 | home.packages = with pkgs; [ 14 | (pkgs.hiPrio (pkgs.writeShellScriptBin "gpodder" '' 15 | export GPODDER_HOME=${config.home.sessionVariables.GPODDER_HOME} 16 | exec ${gpodder}/bin/gpodder 17 | '')) 18 | gpodder mutagen normalize 19 | ]; 20 | 21 | home.sessionVariables.GPODDER_HOME = "/srv/pod"; 22 | }; 23 | } 24 | 25 | 26 | -------------------------------------------------------------------------------- /users/media/mpv/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.programs.mpv; 5 | in { 6 | config = mkIf cfg.enable { 7 | programs.mpv.config = { 8 | vo = "gpu"; 9 | gpu-context = "wayland"; 10 | }; 11 | }; 12 | } 13 | -------------------------------------------------------------------------------- /users/media/radio/streams.nix: -------------------------------------------------------------------------------- 1 | { 2 | absolute = ''http://edge-bauerabsolute-14-gos1.sharp-stream.com/absoluteradio.mp3''; 3 | bbc1 = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio1_mf_p''; 4 | bbc1xtra = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio1xtra_mf_p''; 5 | bbc2 = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio2_mf_p''; 6 | bbc3 = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio3_mf_p''; 7 | bbc4extra = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio4extra_mf_p''; 8 | bbc4fm = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio4fm_mf_p''; 9 | bbc4lw = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio4lw_mf_p''; 10 | bbc5live = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio5live_mf_p''; 11 | bbc6music = ''http://bbcmedia.ic.llnwd.net/stream/bbcmedia_radio6music_mf_p''; 12 | lbc = ''http://media-ice.musicradio.com:80/LBCUKMP3Low''; 13 | britcom1 = ''http://149.255.59.164:8132/stream''; 14 | britcom2 = ''http://149.255.59.164:8078/stream''; 15 | rokbc2 = ''http://149.255.59.164:8009/stream''; 16 | lofi = ''http://www.youtube.com/watch?v=5qap5aO4i9A''; 17 | } 18 | -------------------------------------------------------------------------------- /users/media/spotify/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, usr, ... }: 2 | 3 | with lib; let 4 | cfg = config.services.spotifyd; 5 | in { 6 | config = mkIf cfg.enable { 7 | home.packages = with pkgs; [ 8 | spotify 9 | ncspot 10 | spotify-tui 11 | ]; 12 | 13 | services.spotifyd.settings = { 14 | global = usr.secrets.spotify.credentials; 15 | }; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /users/nixos.nix: -------------------------------------------------------------------------------- 1 | { 2 | imports = [ ../profiles/develop ]; 3 | 4 | users.users.nixos = { 5 | uid = 1000; 6 | password = "nixos"; 7 | description = "default"; 8 | isNormalUser = true; 9 | extraGroups = [ "wheel" ]; 10 | }; 11 | } 12 | -------------------------------------------------------------------------------- /users/root.nix: -------------------------------------------------------------------------------- 1 | { usr, ... }: 2 | 3 | { 4 | users.users.root = { 5 | } // usr.secrets.root.password; 6 | 7 | home-manager.users.root = { 8 | imports = [ 9 | ./shells/fish 10 | ./utilities/htop 11 | ]; 12 | 13 | programs.home-manager.enable = true; 14 | programs.fish.enable = true; 15 | programs.htop.enable = true; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /users/services/ckb/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.services.ckb; 5 | in { 6 | options.services.ckb.enable = lib.mkEnableOption "the ckb-next application"; 7 | 8 | config = mkIf cfg.enable rec { 9 | xdg.configFile."ckb-next/ckb-next.conf" = { 10 | text = import ./conf.nix { inherit lib; }; 11 | }; 12 | systemd.user.services.ckb-next = { 13 | Service = { 14 | ExecStart = "${pkgs.ckb-next}/bin/ckb-next --platform vnc:port=5995"; 15 | }; 16 | Install = { 17 | WantedBy = [ "default.target" ]; 18 | }; 19 | }; 20 | }; 21 | } 22 | -------------------------------------------------------------------------------- /users/services/gnupg/default.nix: -------------------------------------------------------------------------------- 1 | { nixosConfig, config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.services.gpg-agent; 5 | in { 6 | config = mkIf cfg.enable { 7 | home.packages = with pkgs; [ 8 | gnupg 9 | ]; 10 | 11 | home.extraProfileCommands = '' 12 | export GPG_TTY=$(tty) 13 | if [[ -n "$SSH_CONNECTION" ]] ;then 14 | export PINENTRY_USER_DATA="USE_CURSES=1" 15 | fi 16 | ''; 17 | 18 | programs.gpg.enable = true; 19 | 20 | services.gpg-agent = { 21 | defaultCacheTtl = 600; 22 | defaultCacheTtlSsh = 0; 23 | maxCacheTtl = 7200; 24 | enableExtraSocket = true; 25 | enableSshSupport = true; 26 | sshKeys = [ "C425D701DBB41091CAC74AB2A7476FC5237EDBC7" ]; 27 | extraConfig = '' 28 | allow-emacs-pinentry 29 | allow-preset-passphrase 30 | '' + (builtins.trace "${nixosConfig.networking.hostName} - gpg-agent: disabled scdaemon due to weird behaviour" '' 31 | disable-scdaemon 32 | ''); 33 | verbose = true; 34 | pinentryFlavor = "gnome3"; 35 | }; 36 | }; 37 | } 38 | -------------------------------------------------------------------------------- /users/services/mpd/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | 3 | with lib; let 4 | cfg = config.services.mpd; 5 | in { 6 | config = mkIf cfg.enable { 7 | home.packages = with pkgs; [ 8 | mpc_cli mpg123 9 | ]; 10 | 11 | services.mpd = { 12 | musicDirectory = config.xdg.userDirs.music; 13 | network.listenAddress = "any"; 14 | }; 15 | }; 16 | } 17 | -------------------------------------------------------------------------------- /users/shells/xonsh/fish_history.xsh: -------------------------------------------------------------------------------- 1 | def import_fish_history(): 2 | import os 3 | FISH_HIST = "~/.local/share/fish/fish_history" 4 | fish_history = os.path.expanduser(FISH_HIST) 5 | 6 | from collections import OrderedDict 7 | cmds = OrderedDict() 8 | with open(fish_history) as fr: 9 | command = None 10 | timestamp = None 11 | for line in fr.read().splitlines(): 12 | if line.startswith("-"): 13 | cmds[command] = timestamp 14 | _, cmd = line.split("cmd:") 15 | command = cmd.strip() 16 | elif "when:" in line: 17 | _, ts = line.split("when:") 18 | timestamp = int(ts.strip()) 19 | cmds[command] = timestamp 20 | print(len(cmds)) 21 | 22 | from xonsh.history.main import construct_history 23 | hist = construct_history( 24 | gc=False, 25 | # exlictily set buffersize to prevent slowing down to… 26 | # …a crawl because of excessive flushing 27 | buffersize=len(cmds) 28 | ) 29 | 30 | for line in cmds.items(): 31 | command = line[0] 32 | timestamp = line[1] 33 | if command is not None: 34 | command = command.replace(r'\\n', '\n') 35 | hist.append({'inp': command, 'rtn': 0, 'ts': (timestamp, timestamp+1)}) 36 | print(hist.info()['filename']) 37 | hist.flush() 38 | -------------------------------------------------------------------------------- /users/utilities/darcs/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, domains, ... }: 2 | 3 | with lib; { 4 | config = { 5 | home.packages = with pkgs; [ darcs ]; 6 | }; 7 | } 8 | -------------------------------------------------------------------------------- /users/utilities/htop/default.nix: -------------------------------------------------------------------------------- 1 | { config, lib, pkgs, ... }: 2 | with lib; 3 | 4 | let 5 | cfg = config.programs.htop; 6 | in { 7 | config = mkIf cfg.enable { 8 | programs.htop = { 9 | settings = { 10 | header_margin = false; 11 | left_meters = [ "LeftCPUs2" "Memory" "Swap" "Hostname" ]; 12 | right_meters = [ "RightCPUs2" "Tasks" "LoadAverage" "Uptime" ]; 13 | 14 | tree_view = true; 15 | show_program_path = false; 16 | 17 | 18 | fields = [ 19 | "PID" 20 | "USER" 21 | "NICE" 22 | "STATE" 23 | "PRIORITY" 24 | "PERCENT_CPU" 25 | "M_RESIDENT" 26 | "PERCENT_MEM" 27 | "IO_RATE" 28 | "STARTTIME" 29 | "COMM" 30 | ]; 31 | 32 | hide_threads = false; 33 | hide_kernel_threads = false; 34 | hide_userland_threads = true; 35 | }; 36 | }; 37 | }; 38 | } 39 | -------------------------------------------------------------------------------- /users/utilities/tmux/default.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, lib, ... }: 2 | 3 | { 4 | config.programs.tmux = lib.mkIf config.programs.tmux.enable { 5 | aggressiveResize = true; 6 | escapeTime = 10; 7 | extraConfig = with builtins; '' 8 | ${readFile ../../../profiles/develop/tmux/tmuxline.conf} 9 | 10 | ${readFile ../../../profiles/develop/tmux/tmux.conf} 11 | ''; 12 | historyLimit = 5000; 13 | keyMode = "vi"; 14 | shortcut = "q"; 15 | baseIndex = 1; 16 | plugins = with pkgs.tmuxPlugins; [ 17 | copycat 18 | open 19 | resurrect 20 | yank 21 | vim-tmux-navigator 22 | ]; 23 | }; 24 | } 25 | --------------------------------------------------------------------------------