From 018f85d1d3b5033d64722a9ebb9d284a05e979b5 Mon Sep 17 00:00:00 2001 From: Grimmauld Date: Thu, 13 Jun 2024 22:56:30 +0200 Subject: [PATCH] update tooling --- common/hardware/laptop.nix | 5 +++ common/tooling/default.nix | 12 +++--- common/tooling/nix.nix | 1 + common/tooling/security.nix | 10 ++++- common/xdg/mime.nix | 1 + custom/deskwhich/package.nix | 10 ++--- fake_flake.nix | 21 +++------- modules/email.nix | 2 +- nix/sources.json | 36 +++++++++--------- overlays/default.nix | 10 ++--- specific/grimm-nixos-laptop/configuration.nix | 2 +- sway/default.nix | 38 ++++--------------- 12 files changed, 64 insertions(+), 84 deletions(-) diff --git a/common/hardware/laptop.nix b/common/hardware/laptop.nix index 3adeeb9..9d47682 100644 --- a/common/hardware/laptop.nix +++ b/common/hardware/laptop.nix @@ -26,6 +26,10 @@ in wootility ]; + services.udev.packages = with pkgs; [ + yubikey-personalization + ]; + hardware.i2c.enable = true; services.libinput.enable = true; hardware.opentabletdriver.enable = true; @@ -64,6 +68,7 @@ in "usb_storage" "sd_mod" ]; + initrd.systemd.enable = true; loader.systemd-boot.enable = true; # extraModulePackages = [ config.boot.kernelPackages.ddcci-driver ]; kernelModules = [ diff --git a/common/tooling/default.nix b/common/tooling/default.nix index 673c537..7061410 100644 --- a/common/tooling/default.nix +++ b/common/tooling/default.nix @@ -81,6 +81,8 @@ in #keyMode = "vi"; }; + programs.fzf.fuzzyCompletion = true; + environment.sessionVariables = { MANPAGER = "sh -c 'col -bx | ${getExe pkgs.bat} -l man -p'"; MANROFFOPT = "-c"; @@ -93,11 +95,11 @@ in boot.tmp.cleanOnBoot = true; zramSwap.enable = true; - programs.ssh = { - startAgent = true; - enableAskPassword = graphical; - askPassword = mkIf graphical (getExe pkgs.lxqt.lxqt-openssh-askpass); - }; + #programs.ssh = { + # # startAgent = true; + # enableAskPassword = graphical; + # askPassword = mkIf graphical (getExe pkgs.lxqt.lxqt-openssh-askpass); + #}; programs.thefuck.enable = true; programs.starship = { diff --git a/common/tooling/nix.nix b/common/tooling/nix.nix index 46a5a10..2bf91a7 100644 --- a/common/tooling/nix.nix +++ b/common/tooling/nix.nix @@ -13,6 +13,7 @@ nix-search-cli niv vulnix + nix-init ]; environment.sessionVariables = lib.mkIf pkgs.config.allowUnfree { NIXPKGS_ALLOW_UNFREE = "1"; }; diff --git a/common/tooling/security.nix b/common/tooling/security.nix index 3e8a41f..ae9845f 100644 --- a/common/tooling/security.nix +++ b/common/tooling/security.nix @@ -22,8 +22,9 @@ in security.rtkit.enable = true; security.pam.yubico = { - # enable = true; - debug = true; + enable = true; + id = [ "26681512" ]; + # debug = true; mode = "challenge-response"; control = "sufficient"; }; @@ -46,6 +47,10 @@ in vulnix doas-sudo-shim # muscle memory agenix + + yubikey-manager + yubico-pam + yubikey-personalization ]) ++ optionals (tooling.enable && tooling.pass) [ pkgs.pass @@ -60,6 +65,7 @@ in }; pinentryPackage = mkForce (if graphical then pkgs.pinentry-qt else pkgs.pinentry-tty); enable = true; + enableSSHSupport = true; }; }; diff --git a/common/xdg/mime.nix b/common/xdg/mime.nix index 65b3d41..5a31460 100644 --- a/common/xdg/mime.nix +++ b/common/xdg/mime.nix @@ -40,6 +40,7 @@ in deskwhich zathura + gnome-console alacritty imhex libreoffice-qt diff --git a/custom/deskwhich/package.nix b/custom/deskwhich/package.nix index af1ed4e..a11e683 100644 --- a/custom/deskwhich/package.nix +++ b/custom/deskwhich/package.nix @@ -8,14 +8,14 @@ rustPlatform.buildRustPackage { version = "unstable-2024-04-30"; src = fetchFromGitea { - domain = "codeberg.org"; - owner = "axtlos"; + domain = "git.grimmauld.de"; + owner = "grimmauld"; repo = "deskwhich"; - rev = "cbe8a0cdf4bdbb26faecb028e79ad6c409376051"; - hash = "sha256-c0Q0oYIB/1eutV7tkqYXvDMw8A7YsT+5+CmmwbGvcNk="; + rev = "ed412216666a6a22918e57c5dd1fde3855eb0f5f"; + hash = "sha256-uSXxUehZY1Sp08X3khSQtQc8AT00jJTAsQ+OfTTTkss="; }; - cargoHash = "sha256-fBC3UBf9oLswlR6Kgw3nSwjqAtn7VQGzvbUJaYnOid4="; + cargoHash = "sha256-x0ARqeMdmnjMF0o2oZlxHnUUj9hEdqg4a+Z/WYax2Co="; meta = { description = "tool to find the path of desktop entries"; diff --git a/fake_flake.nix b/fake_flake.nix index d4ee59c..7220149 100644 --- a/fake_flake.nix +++ b/fake_flake.nix @@ -36,12 +36,12 @@ let ]; # enable ccache for lix if ccache is enabled - enable_lix_ccache = true; + # enable_lix_ccache = true; in { imports = [ "${nivSources.agenix}/modules/age.nix" - "${nivSources.nixos-mailserver}/default.nix" + # "${nivSources.nixos-mailserver}/default.nix" "${nivSources.nixos-matrix-modules}/module.nix" # fixme: ideally we'd not rely on the flake syntax to load the module @@ -65,8 +65,8 @@ in documentation.doc.enable = false; - nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; - programs.ccache.enable = true; + # nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; + # programs.ccache.enable = true; environment.systemPackages = let @@ -114,18 +114,7 @@ in unpatched; overlays = [ - (import ( - if enable_lix_ccache then - "${ - applyPatches { - name = "lix-overlay-ccache"; - src = nivSources.lix-module; - patches = [ ./patches/lix-ccache.patch ]; - } - }/overlay.nix" - else - "${nivSources.lix-module}/overlay.nix" - ) { lix = nivSources.lix-pkg; }) + (import "${nivSources.lix-module}/overlay.nix" { lix = nivSources.lix-pkg; }) (final: prev: { agenix = final.callPackage "${nivSources.agenix}/pkgs/agenix.nix" { }; }) ]; }; diff --git a/modules/email.nix b/modules/email.nix index b3835a8..9889fd7 100644 --- a/modules/email.nix +++ b/modules/email.nix @@ -7,7 +7,7 @@ in # services.dovecot2.sieve.extensions = [ "fileinto" ]; # sives break without this for some reason mailserver = { enable = true; - fqdn = vhosts.mail_host.host; + # fqdn = vhosts.mail_host.host; domains = [ domain ]; # A list of all login accounts. To create the password hashes, use diff --git a/nix/sources.json b/nix/sources.json index f043bde..1d7f324 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -17,10 +17,10 @@ "homepage": "", "owner": "nix-community", "repo": "authentik-nix", - "rev": "e9ae3992d542972d787adf2b200a7489ca83aa91", - "sha256": "08ppl68pmz6042cxa3j7fjpz6r6ym3dmp8h40c5q3bx3a77zwm94", + "rev": "1942bdac27c337559ca16ddb7fca5c9ffb686e5b", + "sha256": "15xrzv6i0wkj3qrxpscgnq2kgc6xbjp26lhhlmvjgiv4bqm2q1dv", "type": "tarball", - "url": "https://github.com/nix-community/authentik-nix/archive/e9ae3992d542972d787adf2b200a7489ca83aa91.tar.gz", + "url": "https://github.com/nix-community/authentik-nix/archive/1942bdac27c337559ca16ddb7fca5c9ffb686e5b.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "chaotic": { @@ -29,10 +29,10 @@ "homepage": "https://nyx.chaotic.cx", "owner": "chaotic-cx", "repo": "nyx", - "rev": "a6f43e450d97eece8757e6cb6136f4cd4f141a3b", - "sha256": "1l38vn7hahnl5x0m8kk4x1rqiig1divhja8cs9iqq466h7q1prdv", + "rev": "798d56d819cd7d46ba9202afe81040887ac868ef", + "sha256": "1b1nish8zhc6mxp07rw874sqsf8212gg4srwyknd7fidn9gsk5jr", "type": "tarball", - "url": "https://github.com/chaotic-cx/nyx/archive/a6f43e450d97eece8757e6cb6136f4cd4f141a3b.tar.gz", + "url": "https://github.com/chaotic-cx/nyx/archive/798d56d819cd7d46ba9202afe81040887ac868ef.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "glibc-eac": { @@ -41,28 +41,28 @@ "homepage": "", "owner": "Frogging-Family", "repo": "glibc-eac", - "rev": "6a2ddcacfa9a16a2b33e3a70cd73e0f7937b8b94", - "sha256": "0p1b3a7ynbg63vl0lrqzf6w19grbxi4dmqch07p1fll7xhvl80km", + "rev": "1dc68d1d0c6105035c659f1eb574191d67ab1b7e", + "sha256": "1jsi4g8324kxpx28wh3i65476djryj65v4zs0x9cv8jqamqvnhay", "type": "tarball", - "url": "https://github.com/Frogging-Family/glibc-eac/archive/6a2ddcacfa9a16a2b33e3a70cd73e0f7937b8b94.tar.gz", + "url": "https://github.com/Frogging-Family/glibc-eac/archive/1dc68d1d0c6105035c659f1eb574191d67ab1b7e.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "lix-module": { "branch": "main", "repo": "https://git.lix.systems/lix-project/nixos-module.git", - "rev": "38f31ee7c1a60adae58833789dd855c128b056c6", + "rev": "4e25f1ab68f2270f9cff59216056c21073db0164", "type": "git" }, "lix-pkg": { "branch": "main", "repo": "https://git.lix.systems/lix-project/lix.git", - "rev": "71b32bb87cd48dbbd672c8ca6b041ed36f3bae11", + "rev": "8a3d063a494c4b8c767190a5ce3e4075a75f9d07", "type": "git" }, "nixos-mailserver": { "branch": "master", "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git", - "rev": "41059fc548088e49e3ddb3a2b4faeb5de018e60f", + "rev": "29916981e7b3b5782dc5085ad18490113f8ff63b", "type": "git" }, "nixos-matrix-modules": { @@ -71,10 +71,10 @@ "homepage": null, "owner": "dali99", "repo": "nixos-matrix-modules", - "rev": "6c9b67974b839740e2a738958512c7a704481157", - "sha256": "0v8z37yhmbdq2y9l3wz6vscg402x4xvms8sajnl0fcmbvka56jmk", + "rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456", + "sha256": "10q5is4fkmiqqfrmvvv92qkfv1iizariklbvazx00n9qvi2qlp1h", "type": "tarball", - "url": "https://github.com/dali99/nixos-matrix-modules/archive/6c9b67974b839740e2a738958512c7a704481157.tar.gz", + "url": "https://github.com/dali99/nixos-matrix-modules/archive/d7dc42c9bbb155c5e4aa2f0985d0df75ce978456.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "nixpkgs": { @@ -83,10 +83,10 @@ "homepage": null, "owner": "NixOS", "repo": "nixpkgs", - "rev": "bfb7a882678e518398ce9a31a881538679f6f092", - "sha256": "0zyny8h62hqfix4mrk6nf3qdvmhs49v9pkrnq80q28ji4j2qhd73", + "rev": "57d6973abba7ea108bac64ae7629e7431e0199b6", + "sha256": "1sx6ijjj0cic06khxb13iaihqadwm8drixy9rw32xapdvj6x92pm", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/bfb7a882678e518398ce9a31a881538679f6f092.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/57d6973abba7ea108bac64ae7629e7431e0199b6.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "ranger_udisk_menu": { diff --git a/overlays/default.nix b/overlays/default.nix index ad8efb4..b3488c9 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -5,10 +5,10 @@ ... }: { - programs.ccache.packageNames = [ - "agenix" - "mcontrolcenter" - ]; + #programs.ccache.packageNames = [ + # "agenix" + # "mcontrolcenter" + #]; nixpkgs.overlays = map @@ -32,7 +32,7 @@ ./deskwhich.nix ./tlpui.nix ./mcontrolcenter.nix - ./ccache-wrapper.nix + # ./ccache-wrapper.nix ./searchclip.nix ./confwhich.nix ./rfindup.nix diff --git a/specific/grimm-nixos-laptop/configuration.nix b/specific/grimm-nixos-laptop/configuration.nix index cc853f6..b251737 100644 --- a/specific/grimm-nixos-laptop/configuration.nix +++ b/specific/grimm-nixos-laptop/configuration.nix @@ -52,7 +52,7 @@ system.stateVersion = "23.05"; - nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ]; + # nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ]; nix.settings.trusted-public-keys = [ "nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo=" diff --git a/sway/default.nix b/sway/default.nix index 7014d76..ff2949b 100644 --- a/sway/default.nix +++ b/sway/default.nix @@ -55,8 +55,8 @@ "$mod+d" = "exec $menu"; "$mod+Shift+d" = "exec $menu_run"; "$mod+Shift+s" = ''exec ${getExe grim} -g "$(${getExe slurp} -d)" - | wl-copy''; - "$mod+Return" = "exec ${getExe xdg-terminal-exec} xonsh"; - "$mod+Shift+Return" = "exec ${getExe xdg-terminal-exec}"; + "$mod+Shift+Return" = "exec ${getExe xdg-terminal-exec} xonsh"; + "$mod+Return" = "exec ${getExe xdg-terminal-exec}"; "$mod+Shift+q" = "kill"; "$mod+Shift+c" = "reload"; "$mod+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -B 'Yes, exit sway' 'swaymsg exit'"; @@ -82,34 +82,7 @@ "$mod+Shift+Down" = "move down"; "$mod+Shift+Up" = "move up"; "$mod+Shift+Right" = "move right"; - # - # Workspaces: - # - # Switch to workspace - "$mod+1" = "workspace number 1"; - "$mod+2" = "workspace number 2"; - "$mod+3" = "workspace number 3"; - "$mod+4" = "workspace number 4"; - "$mod+5" = "workspace number 5"; - "$mod+6" = "workspace number 6"; - "$mod+7" = "workspace number 7"; - "$mod+8" = "workspace number 8"; - "$mod+9" = "workspace number 9"; - "$mod+0" = "workspace number 10"; - # Move focused container to workspace - "$mod+Shift+1" = "move container to workspace number 1"; - "$mod+Shift+2" = "move container to workspace number 2"; - "$mod+Shift+3" = "move container to workspace number 3"; - "$mod+Shift+4" = "move container to workspace number 4"; - "$mod+Shift+5" = "move container to workspace number 5"; - "$mod+Shift+6" = "move container to workspace number 6"; - "$mod+Shift+7" = "move container to workspace number 7"; - "$mod+Shift+8" = "move container to workspace number 8"; - "$mod+Shift+9" = "move container to workspace number 9"; - "$mod+Shift+0" = "move container to workspace number 10"; - # Note: workspaces can have any name you want, not just numbers. - # We just use 1-10 as the default. - # + # Layout stuff: # # You can "split" the current object of your focus with @@ -181,7 +154,10 @@ in "exec ${getExe open}"; # XF86Bluetooth = "exec blueman-manager"; - }; + } // (let inherit (builtins) toString; in lib.mergeAttrsList (map (n: { + "$mod+${toString n}" = "workspace number ${toString n}"; + "$mod+Shift+${toString n}" = "move container to workspace number ${toString n}"; + }) (lib.range 0 9))); autolaunch = with pkgs; [ # fixme: absolute paths "blueman-applet"